Anti-Money Laundering & KYC Policy

Secure Capital Group Ltd ("the Company") is committed to the highest standards of Anti-Money Laundering ("AML") and Counter-Terrorist Financing ("CTF") compliance. This policy establishes the framework, procedures, and controls designed to prevent the Company, its operations, and its business relationships from being used for money laundering, terrorist financing, or other financial crimes.

The purpose of this AML/KYC Policy is to ensure that the Company complies with all applicable laws and regulations of the United Arab Emirates, including but not limited to UAE Federal Decree-Law No. 20 of 2018 on Anti-Money Laundering and Countering the Financing of Terrorism and Illegal Organisations, and Cabinet Decision No. 10 of 2019 Concerning the Implementing Regulation thereof.

This policy applies to all operations, activities, and business relationships of Secure Capital Group Ltd, including but not limited to proprietary trading operations, counterparty interactions, service provider engagements, and any other business dealings conducted by or on behalf of the Company.

All personnel, officers, directors, and any third parties acting on behalf of the Company are required to comply with this policy. The policy extends to all jurisdictions in which the Company operates or maintains business relationships.

The Company's AML/CFT framework is built upon the following legislative and regulatory instruments:

• UAE Federal Decree-Law No. 20 of 2018 on Anti-Money Laundering and Countering the Financing of Terrorism and Illegal Organisations
• Cabinet Decision No. 10 of 2019 Concerning the Implementing Regulation of Decree-Law No. 20 of 2018
• Innovation City Authority Rules and Regulations, and any guidance or directives issued by the licensing authority from time to time

The Company conducts Customer Due Diligence on all counterparties, service providers, and business associates prior to establishing any business relationship. CDD measures include, but are not limited to:

• Verification of identity using valid government-issued identification documents (passport, national ID card, or equivalent)
• Verification of residential or business address through utility bills, bank statements, or official correspondence dated within the last three months
• Determination and verification of source of funds and source of wealth where applicable
• Identification of the beneficial owner(s) and the ownership and control structure of legal entities
• Assessment of the purpose and intended nature of the business relationship

The Company shall not establish or continue a business relationship if it is unable to satisfactorily complete CDD procedures.

Enhanced Due Diligence measures are applied in situations presenting a higher risk of money laundering or terrorist financing, including but not limited to:

• Counterparties identified as Politically Exposed Persons (PEPs), their family members, or close associates
• Counterparties from or operating in high-risk jurisdictions as identified by the Financial Action Task Force (FATF) or other authoritative bodies
• Unusually complex transaction patterns or those with no apparent economic or lawful purpose
• Counterparties with complex or opaque ownership structures that may obscure the identity of the beneficial owner
• Any other circumstances where the Company's risk assessment indicates an elevated level of risk

The Company utilises SumSub (sumsub.com), a leading identity verification and compliance platform, to conduct its KYC verification process. The verification process includes the following steps:

• Government-issued identity document verification — the counterparty is required to submit a clear photograph or scan of a valid passport, national identity card, or equivalent government-issued identification document
• Selfie verification with liveness detection — the counterparty is required to take a live selfie photograph, which is compared against the submitted identity document using biometric matching technology with liveness detection to prevent spoofing
• Compliance questionnaire — the counterparty completes a structured questionnaire designed to collect information on the nature of the business relationship, source of funds, and other compliance-relevant data
• PEP and sanctions screening — automatic screening of the counterparty against global PEP databases, sanctions lists, and adverse media sources

Verification results are reviewed and approved by the Company's compliance function. The Company reserves the right to request additional documentation or information at any time during or after the verification process.

The Company maintains ongoing monitoring of all business relationships and transactions to detect and report suspicious activity. Ongoing monitoring measures include:

• Continuous monitoring of transactions to identify patterns that are unusual, inconsistent with the known profile of the counterparty, or potentially indicative of money laundering or terrorist financing
• Periodic review of counterparty information and risk profiles to ensure that CDD records remain current and accurate
• Re-screening of counterparties against updated sanctions lists and PEP databases on a regular basis
• Escalation of any identified anomalies or concerns to the Money Laundering Reporting Officer (MLRO) for further investigation

Where the Company identifies or suspects that a transaction, attempted transaction, or business relationship may involve the proceeds of crime, money laundering, or terrorist financing, the following procedures apply:

• The matter is reported internally to the MLRO without delay, with all relevant supporting information and documentation
• The MLRO evaluates the report, conducts any additional inquiry deemed necessary, and determines whether a Suspicious Activity Report (SAR) or Suspicious Transaction Report (STR) should be filed with the UAE Financial Intelligence Unit (FIU)
• Where the MLRO determines that a SAR/STR is warranted, the report is filed with the FIU in accordance with the prescribed format and timelines
• The Company does not inform the counterparty or any other person that a SAR/STR has been or may be filed ("tipping off" prohibition)

All SARs/STRs and related documentation are maintained in strict confidence and are accessible only to authorised personnel.

The Company screens all counterparties, transactions, and business relationships against the following sanctions lists:

• United Arab Emirates sanctions lists issued by the UAE authorities
• United Nations Security Council Consolidated List
• United States Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons List (SDN List)
• European Union Consolidated List of persons, groups, and entities subject to EU financial sanctions
• United Kingdom Sanctions List maintained by the UK Office of Financial Sanctions Implementation (OFSI)

The Company does not engage in any dealings, directly or indirectly, with persons, entities, or jurisdictions subject to sanctions. Prohibited territories include, but are not limited to: Iran, North Korea, Cuba, Crimea, Kherson, Zaporizhzhia, Donetsk, and Luhansk.

Politically Exposed Persons (PEPs) are defined as individuals who hold or have held prominent public functions, including but not limited to heads of state or government, senior politicians, senior government officials, judicial or military officials, senior executives of state-owned corporations, and senior officials of political parties. The definition extends to family members and known close associates of such persons.

• All counterparties are screened against global PEP databases as part of the initial CDD process and on an ongoing basis
• Where a counterparty is identified as a PEP, Enhanced Due Diligence measures are automatically applied, including senior management approval of the business relationship
• The source of wealth and source of funds of PEPs are subject to additional scrutiny and verification

The Company reserves the right to decline or terminate a business relationship with a PEP where the risk cannot be adequately mitigated.

The Company maintains comprehensive records of all CDD documentation, transaction records, correspondence, and compliance-related materials. Records are retained for a minimum period of five (5) years from the date of the last transaction or the termination of the business relationship, whichever is later. Specific record-keeping obligations include:

• Copies of all identification and verification documents collected during the CDD and EDD processes
• Records of all transactions conducted within the business relationship, including dates, amounts, currencies, and counterparty details
• Internal reports, assessments, and decisions made by the MLRO and compliance function
• All SARs/STRs filed with the FIU and related correspondence

The Company has designated a Money Laundering Reporting Officer (MLRO) who is responsible for overseeing the implementation and effectiveness of the AML/CFT framework. The MLRO's responsibilities include:

• Receiving, evaluating, and filing internal suspicious activity reports and SARs/STRs with the FIU
• Ensuring that the Company's AML/CFT policies, procedures, and controls are up to date, adequate, and effectively implemented
• Liaising with regulatory authorities, the FIU, and other competent bodies on all AML/CFT-related matters
• Organising and overseeing AML/CFT training programmes for all Company personnel
• Conducting periodic reviews and risk assessments of the Company's AML/CFT framework and recommending enhancements where necessary

The Company provides regular AML/CFT training to all personnel to ensure awareness of their obligations under this policy and applicable law. Training covers the following areas:

• The legal and regulatory framework governing AML/CFT in the United Arab Emirates
• The Company's internal AML/CFT policies, procedures, and controls
• How to identify and report suspicious transactions and activities
• The consequences of non-compliance with AML/CFT requirements, including criminal and administrative penalties

This policy is reviewed at least annually by the MLRO and senior management to ensure that it remains current, effective, and aligned with applicable laws, regulations, and industry best practices.

The policy may also be reviewed and updated on an ad hoc basis in response to changes in legislation, regulatory guidance, or the Company's risk profile.

For any questions or concerns relating to this AML/KYC Policy, please contact the Money Laundering Reporting Officer (MLRO) at contact@securecapitalgroup.ltd.