Anti-Money Laundering (AML) Policy

1. Introduction

UCard is committed to preventing money laundering and terrorist financing activities. This Anti-Money Laundering (AML) Policy outlines our procedures and controls to ensure compliance with applicable laws and regulations and international standards for virtual asset service providers.

This policy applies to all UCard services, including virtual crypto card creation, transaction processing, and cryptocurrency handling. All users are required to comply with these AML requirements as a condition of service access.

2. Legal Framework

UCard operates in compliance with:

Applicable local and international anti-money laundering and counter-terrorism financing laws
Local financial services regulations and licensing requirements
Financial Action Task Force (FATF) Recommendations
Virtual Asset Service Provider (VASP) regulations
International sanctions and embargo requirements

3. Customer Due Diligence (CDD)

3.1 Identity Verification Requirements

All customers must complete mandatory identity verification before accessing UCard services:

Individual Customers:

Government-issued photo identification (passport, national ID, driver’s license)
Proof of address (utility bill, bank statement, government document - issued within 90 days)
Verification of crypto wallet ownership
Source of funds documentation for large transactions

Business Customers:

Business registration documents
Beneficial ownership information
Authorized representative identification
Financial statements or business records

3.2 Enhanced Due Diligence (EDD)

Enhanced verification is required for:

High-value transactions exceeding USD 10,000 equivalent
Customers from high-risk jurisdictions
Politically Exposed Persons (PEPs) and their associates
Unusual or suspicious transaction patterns
Complex ownership structures

3.3 Ongoing Monitoring

We continuously monitor customer activities for:

Transaction patterns inconsistent with customer profile
Rapid succession of large transactions
Attempts to avoid reporting thresholds
Transactions involving high-risk jurisdictions
Use of mixing or privacy-enhanced cryptocurrencies

4. Prohibited Activities and Restricted Customers

4.1 Prohibited Activities

UCard services may not be used for:

Money laundering or terrorist financing
Sanctions evasion or embargo violations
Fraud, theft, or other criminal activities
Transactions involving illegal goods or services
Gambling or unlicensed gaming activities
Adult entertainment or escort services
Arms, weapons, or controlled substances
Pyramid schemes or multi-level marketing

4.2 Restricted Customers

We do not provide services to:

Individuals or entities on sanctions lists (OFAC, UN, EU, and other applicable sanctions regimes)
Residents of high-risk or prohibited jurisdictions
Unlicensed money service businesses
Shell banks or unlicensed financial institutions
Customers who fail to complete identity verification
Persons under 18 years of age

5. Transaction Monitoring and Reporting

5.1 Automated Monitoring

Our systems continuously monitor for:

Transactions exceeding USD 3,000 equivalent
Cumulative transactions exceeding USD 10,000 in 30 days
Unusual transaction patterns or frequencies
Transactions involving high-risk crypto addresses
Cross-border transactions to high-risk jurisdictions

5.2 Suspicious Activity Reporting

We report suspicious activities to relevant authorities including:

Local Financial Intelligence Unit (FIU)
Local financial regulators and supervisory authorities
International law enforcement agencies as required

Indicators of suspicious activity include:

Structuring transactions to avoid reporting thresholds
Frequent deposits followed by immediate withdrawals
Transactions with no apparent economic purpose
Use of multiple accounts or cards for single transactions
Attempts to obscure transaction trails

5.3 Record Keeping

We maintain comprehensive records for minimum periods:

Customer identification records: 5 years after account closure
Transaction records: 5 years after transaction completion
Suspicious activity reports: 5 years after filing
Correspondence and communications: 5 years

6. Sanctions Compliance

6.1 Sanctions Screening

All customers and transactions are screened against:

OFAC Specially Designated Nationals (SDN) List
UN Consolidated Sanctions List
EU Consolidated Sanctions List
Local sanctions lists where applicable
Other relevant international sanctions regimes

6.2 Blocked Transactions

Transactions involving sanctioned persons or entities are:

Immediately blocked and prevented from processing
Reported to appropriate authorities within 24 hours
Funds frozen pending regulatory guidance
Customer access suspended pending investigation

7. Risk Assessment

7.1 Customer Risk Categories

Low Risk:

Verified individuals from low-risk jurisdictions
Small, regular transaction patterns
Established customers with transaction history
Transparent source of funds

Medium Risk:

Customers from moderate-risk jurisdictions
Business customers with clear beneficial ownership
Occasional large transactions with documentation
Use of privacy coins in small amounts

High Risk:

Customers from high-risk jurisdictions
Complex business structures
PEPs and their associates
Frequent large transactions
Unclear source of funds

7.2 Ongoing Risk Assessment

Customer risk profiles are reviewed:

Annually for all active customers
Upon significant transaction pattern changes
When new risk indicators are identified
Following regulatory guidance updates

8. Training and Compliance

8.1 Staff Training

All personnel receive mandatory training on:

AML/CFT legal requirements
Customer identification procedures
Suspicious activity recognition
Sanctions compliance
Record keeping requirements

8.2 Compliance Officer

Our designated AML Compliance Officer is responsible for:

Implementing and updating AML procedures
Monitoring compliance effectiveness
Liaising with regulatory authorities
Training staff and maintaining awareness
Investigating suspicious activities

9. Technology and Security

9.1 Blockchain Analysis

We employ advanced blockchain analytics to:

Trace cryptocurrency transaction histories
Identify high-risk addresses and wallets
Detect mixing and tumbling activities
Monitor for sanctions violations
Assess transaction legitimacy

9.2 Data Security

All AML-related data is protected through:

End-to-end encryption
Secure data storage
Access controls and audit trails
Regular security assessments
Incident response procedures

10. Customer Obligations

Customers must:

Provide accurate and current information
Promptly update account information changes
Respond to additional verification requests
Comply with transaction limits and restrictions
Report suspicious activities to UCard

Failure to comply may result in:

Account suspension or termination
Transaction blocking
Reporting to authorities
Legal action as appropriate

11. Regulatory Cooperation

UCard cooperates fully with:

Regulatory examinations and audits
Law enforcement investigations
Information requests from authorities
International cooperation efforts
Industry best practice initiatives

12. Policy Updates

This AML Policy is reviewed and updated:

At least annually
Following regulatory changes
After significant risk assessments
Based on operational experience
In response to emerging threats

Users will be notified of material policy changes through email and platform announcements.

13. Contact Information

For AML-related inquiries or to report suspicious activities:

Email: compliance@ucard.one
AML Compliance Officer: aml@ucard.one

Emergency Reporting: Available 24/7 through secure customer portal

This AML Policy is effective as of the date of publication and supersedes all previous versions. UCard reserves the right to modify this policy at any time to ensure continued compliance with applicable laws and regulations.

Last Updated: August 30, 2025
Next Review Date: August 30, 2026