Rock Europe OÜ (“we” or “our”) has developed an Anti-Money Laundering and counter terrorism financing Policy (“AML/CTF Program”) for our digital virtual currencies exchange, available at https://incryptous.com, in an effort to maintain the highest possible compliance with applicable laws and regulations relating to anti-money laundering in Estonian and the European Union and other countries where we conduct business. This includes, but is not limited to: Establishing robust internal policies, procedures and controls that combat any attempted use of Incryptous for illegal or illicit purposes and that are designed to ensure our customers basic protections under consumer protection laws; Maintaining comprehensive records of orders and other transfers; Executing Know Your Customer (“KYC”) procedures on all customers; Performing regular, independent audits of our AML/CTF Program; Following record retention requirements; and Implementing a formal and ongoing compliance training program for all new and existing employees. POLICIES AND PROCEDURES Our AML/CTF Program has been reviewed and approved by our Board of Managers (the “Board”). Our AML/CTF Program is regularly reviewed and, if necessary, revised in an effort to comply with applicable rules, regulations and policies. INTERNAL CONTROLS We have developed robust internal policies, procedures, and controls designed to comply with applicable AML/CTF laws and regulations, as well as other reporting requirements. TRAINING All of our employees and officers receive ongoing broad-based AML/CTF training, as well as position-specific training. They must repeat this training at least once every twelve (12) months to ensure they are knowledgeable and in compliance with all pertinent laws and regulations. New employees receive training within thirty (30) days of their start date. All documentation related to compliance training including materials, tests, results, attendance and date are maintained. In addition, our compliance training program is updated as necessary to reflect current laws and regulations. COMPLIANCE Our compliance team is responsible for developing and enforcing the policies and procedures of our AML/CTF Program. CUSTOMER IDENTIFICATION The KYC process is an important part of our AML/CTF Program, and helps us detect suspicious activity in a timely manner and prevent fraud. ACCOUNT OPENING PROCESS In order to open an account and use Incryptous, your identity must be verified, authenticated, and checked against governmental watchlists,. Failure to complete any of these steps will result in your inability to use Rock Europe OÜ. Individual customer — Prior to opening an account for an individual customer, we attempt to collect, verify, and authenticate the following information: Email address; Mobile phone number; Full legal name; Tax ID Number; Date of birth (“DOB”); Occupation; Proof of identity (e.g., driver’s license, passport); Home address (not a mailing address or P.O. Box); and Additional information or documentation at the discretion of our Compliance Team, such as utility bills or bank account statements. If you successfully meet and complete our KYC requirements and do not appear on any government watchlist, then we will provide you with account opening agreements electronically. Corporate customer — Prior to opening an account for an corporate customer, we attempt to collect, verify, and authenticate the following information: Company’s legal name; Registered company number; Full legal name (of all account signatories and beneficial owners); Email address (of all account signatories); Mobile phone number (of all account signatories); Address (principal place of business and/or other physical location); Proof of legal existence (e.g., state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument or other comparable legal documents as applicable); Contract information of owners, principals, and executive management (as applicable); Proof of identity (e.g., driver’s license, passport or government-issued ID) for each individual beneficial owner that owns 25% or more, as well as all account signatories; and Identifying information for each entity beneficial owner that owns 25% or more (see individual customer information collected above for more details). If your institution successfully meets and completes our KYB requirements and neither it nor any of its owners, principals, executive, or managers appear any governmental watchlist, we will provide you with account opening agreements electronically. SUSPICIOUS ACTIVITY / CURRENCY TRANSACTION REPORTS We may freeze or suspend your account, as well as report to applicable authorities, if we know, suspect or have reason to suspect suspicious activities have occurred on Rock Europe OÜ. A suspicious transaction is often one that is inconsistent with a customer’s known and legitimate business, personal activities or personal means. We leverage our compliance department, which performs transaction monitoring to help identify unusual patterns of customer activity. Our compliance team reviews and investigates suspicious activity to determine if sufficient information has been collected to justify any action from our side. RECORDS KEEPING All records are retained for five (5) years and are readily available upon official request by an applicable examiner, regulator, or law enforcement agency.