AML Policy-en

AML/CFT Compliance Policy for XWallet

Effective date:
10.04.2026
Date of last revision:
10.04.2026
Approved:
XWallet LLC

Table of Contents

Purpose and Scope
Risk-Based Approach
KYC / Customer Due Diligence
Transaction Monitoring and Reporting
Sanctions Screening and Prohibited Relationships
Recordkeeping and Data Retention

1. Purpose and Scope

This AML/CFT Policy sets out the measures taken by X Wallet (hereinafter referred to as the Company) to prevent money laundering and terrorist financing in the provision of its services.

Definitions: For the purposes of this policy, the term "AML/CFT" means combating money laundering and terrorist financing. "FATF" means the Financial Action Task Force, an international standard-setting body in the field of AML/CFT. "KYC" (Know Your Customer) and "CDD" (Customer Due Diligence) refer to customer identification and verification processes. "EDD" (Enhanced Due Diligence) refers to additional measures for higher-risk cases. “PEP” stands for Politically Exposed Person, typically an individual in a prominent public position and therefore posing a higher risk. “STR” stands for Suspicious Transaction Report, a report filed with authorities regarding suspicious activity.

2. Risk-Based Approach

X Wallet applies a risk-based approach (RBA) to AML/CFT compliance in accordance with FATF guidance. This means that resources and controls are allocated proportionately to the level of identified risk: higher-risk clients or activities are subject to enhanced scrutiny, while lower-risk cases are subject to appropriate but proportionate measures. Key elements of a risk-based approach include:

a) Enterprise-wide risk assessment: X Wallet conducts and documents a comprehensive risk assessment of its products, services, client types, geographic regions, and transaction methods. This assessment identifies the inherent money laundering or terrorist financing risks the business may face. Factors such as cryptocurrency usage, cross-border transactions, customer residency in higher-risk regions, and new product features are assessed. The risk assessment will be updated periodically (at least annually or whenever there are significant changes in the business, regulatory, or legal environment) to ensure emerging risks are addressed.

b) Risk Mitigation: Based on the identified risks, X Wallet implements controls to mitigate them. In higher-risk areas (e.g. customers from jurisdictions with a high risk of corruption or terrorism, or transactions involving large amounts or cryptocurrencies with enhanced anonymity), more stringent controls are applied, such as Enhanced Due Diligence, tighter monitoring, or transaction limits. In lower-risk scenarios, simplified measures permitted by law may be applied, however, X Wallet will always implement the minimum AML/CFT requirements for all customers. The rationale for the risk classification and the corresponding controls are documented as part of the compliance program.

c) Ongoing Review: The effectiveness of the risk-based measures is regularly reviewed. X Wallet's compliance team will monitor trends in suspicious activity reports, audit results, and changes in risk factors to adjust controls as necessary. The risk assessment and control system will be reviewed by senior management and updated to ensure they remain effective and compliant with any new FATF guidance or changes in local regulations.

3. Customer Due Diligence (KYC/CDD)

X Wallet will implement robust Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures to verify the identity of all users and assess their risk profile. Anonymous accounts or transactions are prohibited.
The following measures describe how X Wallet conducts CDD:

a) Customer Identification and Verification:

All new users must undergo KYC verification upon registration. Users must provide accurate and current personal information, including, at a minimum, email address and phone number.

Upon reaching the $100 daily threshold or $1,000 in transactions in any period, the user must provide additional accurate and current personal information, including, at a minimum, their full name and government-issued photo identification (e.g., passport, national ID card, or driver's license), depending on the jurisdiction. X Wallet uses trusted third-party sources to verify the authenticity of the documents and information provided.

b) Enhanced Verification (EDD): X Wallet applies Enhanced Verification to customers or situations that pose a higher risk.

EDD is required, for example, for:

When the transaction amount (or cumulative series of transactions) exceeds $10,000

Customers identified as Politically Exposed Persons (PEPs) or family members of PEPs, as well as other individuals with whom PEPs are closely related (due to increased corruption risk).

Clients residing in or transacting with high-risk jurisdictions (countries with known high levels of corruption, organized crime, sanctions, or terrorist financing risk, as determined by the FATF or local authorities).

Accounts with unusual or complex ownership structures that may obscure beneficial owners.

Clients with high transaction volume or value (e.g., those expected to handle significantly larger amounts than typical clients).

Any matter that raises suspicions or concerns based on standard due diligence (e.g., conflicting information, negative news about the individual, etc.).

In relation to EDD, X Wallet will take additional measures, including, but not limited to, the following:

Obtaining information regarding the source of funds and wealth of the client (e.g., requesting documents or explanations regarding how the client obtained the funds used in the account, such as salary, business income, inheritance, etc.).

Requiring additional identity verification or verifying additional documents (e.g., ID, bank statements, or business documents, if applicable).

Enhanced background checks: conducting a more extensive open source search or media search of an individual or company to identify any involvement in illegal activity or reputational issues.

Senior management approval for the onboarding or continuation of the client (in the case of PEP and other high-risk cases, the compliance officer must escalate the decision to a senior manager or designated compliance committee for approval).

More frequent transaction monitoring (setting lower alert thresholds or conducting more frequent reviews of the client's account activity).

X Wallet documents all Enhanced Verification steps taken and retains evidence gathered in accordance with additional information received. The rationale for the decision to establish or maintain a relationship with a customer must be recorded.

If any aspect of the customer's information raises questions (e.g., difficulties in verifying an identity document or inconsistencies in the data provided), the compliance team will request further clarification before granting full access to services. X Wallet may set initial account limits (e.g., on transaction size or withdrawals) until the KYC procedure is fully completed and any doubts are resolved. If the user cannot be properly identified or refuses to provide the required information, the account will not be activated (or restrictions will be imposed on it), and X Wallet may consider terminating the relationship in accordance with legal requirements (including any obligation to report attempts at anonymization).

In the event that, as a result of enhanced verification, X Wallet decides to refuse a transaction and return the funds to the sending address, a flat fee of 6 (six) USDT may be deducted from the refund amount for processing the refund and covering associated transaction/network costs. By initiating the transaction, the User agrees that this fee may be applied in such cases.

c) Right to Request Additional Information: At any time, particularly if the user’s activity changes or appears inconsistent with the information provided, X Wallet may request updated or additional information in accordance with KYC procedures. In particular, in the case of large, unusual transactions or deposits, the Company reserves the right to request clarifications or supporting documents from users before processing the transaction. For example, if a user makes a very large deposit that does not match their known profile, X Wallet may require an explanation of the purpose of the transaction and the origin of the funds. Such requests are part of our standard risk controls and are in accordance with our user agreements. Users are expected to comply with such requests promptly; Failure to provide requested information or documents may result in suspension or termination of the Account. X Wallet's Terms of Use expressly permit such requests and enforcement actions to ensure compliance with AML/CFT procedures. This measure protects both the user and the company by ensuring that suspicious funds do not enter the system unchecked.

d) Simplified Due Diligence (SDD), where permitted: In limited cases, if the customer or transaction is considered low risk and if permitted by applicable law.
By law, X Wallet may apply simplified due diligence. This may mean collecting less information or performing less extensive identity verification. However, simplified measures will never conflict with the KYC requirements of any jurisdiction. In practice, X Wallet applies standard due diligence measures to most users, unless a specific low-risk use case (e.g., a small e-wallet for low-value payments with low transaction limits) is identified and documented. Any use of SDD must be justified by a risk assessment and approved by the compliance officer, and will not be applied if there is any suspicion of money laundering/terrorist financing or if the Company has reasonable grounds to believe that the customer may be classified as higher risk.

e) Ongoing verification and updates: Customer due diligence is not a one-time event upon registration. X Wallet will conduct ongoing due diligence throughout the duration of the relationship with the customer. This includes:

Monitoring transactions (see Section 4) to ensure they match the stated client profile and source of funds. Any discrepancies may require re-verification or updating of client information.

Periodic updating of client information: For active clients, the company may ask the client to review and update KYC data at certain intervals depending on the client's risk level (e.g., annually for high-risk clients, every 2-3 years for medium-risk clients, etc.). If existing identification documents have expired, the client must provide current documents.

Reassessing the client's risk level when new information becomes available (e.g., if a low-risk client begins making large transactions, their risk rating may be increased and enhanced measures may be applied).

Ensuring that any new products or services the client uses are covered by appropriate due diligence.

If at any time a client refuses to comply with CDD/EDD requests, provides false information, or is found to be engaged in illegal activity, X Wallet will terminate the relationship and, if necessary, file a report with the relevant authorities. All CDD information (identification data, risk assessments, supporting documents, records of requests made, etc.) will be securely stored as described in Section 6 (Data Retention).

4. Transaction Monitoring and Reporting

a) Transaction Monitoring System:

X Wallet utilizes a transaction monitoring system to continuously monitor client transactions to detect and investigate unusual or potentially suspicious activity in real-time or near real-time. This monitoring applies to all transactions conducted through the X Wallet platform, including cryptocurrency deposits, withdrawals, exchanges, and any fiat currency transactions, if any. Key components of our transaction monitoring include:

b) Automated Monitoring and Alerts: The company implements automated rules and scripts in its monitoring software to flag transactions that fall outside expected norms. The system is tuned to customer risk profiles; for example, a transfer that may be routine for one customer may be flagged as unusual for another if it exceeds that customer's typical transaction size or frequency. Scenarios/criteria that trigger alerts MAY include:

Transactions that do not match a known customer profile—for example, a sudden large transfer or deposit that differs significantly from the customer's past activity.

Large transactions exceeding certain thresholds. These thresholds can be set by the compliance team and can be absolute (e.g., any single transfer over $10,000) and/or relative (e.g., a 100% increase in transaction volume compared to the previous month for a given user). Thresholds take into account all applicable regulatory reporting levels in each jurisdiction and can be adjusted based on risk appetite.

Structuring or smurfing – multiple small transactions that add up to a large amount (possibly an attempt to circumvent reporting thresholds). For example, if a user makes multiple deposits within a short period of time that fall below the limit, the system will aggregate and flag this pattern.

Rapid deposits and withdrawals – for example, a user deposits cryptocurrency and immediately withdraws it to an external address, especially if this is done repeatedly (may indicate redistribution of illicit funds through the platform).

Multiple accounts or recipients – A single user sends funds to multiple different wallet addresses or accounts in a manner that is not typical for personal use. Similarly, if multiple users transfer funds to the same destination account, this may indicate a money mule network or money laundering scheme.

Use of services or assets that provide enhanced anonymity – for example, if X Wallet detects interaction with mixing/shuffling services or the use of coins or privacy protocols (if supported), such transactions will be subject to increased scrutiny due to the increased risk of money laundering.

Any transaction associated with a compromised or blacklisted address – X Wallet uses blockchain analysis tools (for cryptocurrencies) to check whether the incoming or outgoing crypto address is associated with illicit activity (e.g., dark web markets, ransomware, sanctioned organizations, or scams). If a match is found with such addresses or high-risk clusters, the transaction is immediately flagged.

Real-time/Timely Review: When the monitoring system generates an alert, a compliance specialist or analyst from the compliance team reviews the alert in a timely manner. This review includes examining the transaction details, the client profile, and their past activity. At this stage, the compliance team may also use external resources such as blockchain analyzers, open-source analytics, or request additional information from the client (see the "Enhanced Review" section above) if necessary to understand the nature of the transaction. Each alert is documented, indicating the outcome of the review (either resolved as a false positive/normal activity or upgraded to suspicious).

Calibration and Tuning: Transaction monitoring rules will be regularly calibrated to ensure their effectiveness and not be overly burdensome (balancing the risk of false positives with the detection of true risks). Calibration involves adjusting the thresholds or sensitivity of rules based on experience, newly identified patterns, and regulatory guidance. For example, if too many low-level alerts that pose no risk are generated, the threshold may be raised to focus on more significant cases. Conversely, if suspicious activity is detected that is not covered by any rule, that scenario should be supplemented or tightened. The X Wallet compliance team is required to review alert templates at least once a year and after any major incident to refine the monitoring system.

Know Your Transaction (KYT): KYT procedures are applied in conjunction with KYC. This means that for certain transactions, the system and compliance officers can take action to understand the "story" behind the transaction.

Transaction Limits and Monitoring: As an additional precaution, X Wallet may implement internal limits on transaction size or volume based on risk. For example, new users or users who have not been fully verified may have lower transaction limits. High-risk customers may have stricter limits or pre-approval requirements for large fund movements. These controls serve both as preventative measures and as a trigger for review; if a user requests to increase limits or conduct an extraordinary transaction, this should trigger a compliance review or management approval. X Wallet reserves the right to delay or temporarily block any transaction that triggers a warning until sufficient verification is completed and the requested clarification is received. This is done to ensure that suspicious transactions are not executed without proper verification.

Suspicious Transaction Definition Criteria. X Wallet defines suspicious transactions as those that may indicate potential money laundering, terrorist financing, or other financial crimes. While it is impossible to list every scenario, the compliance program includes criteria and warning signs to help identify suspicious activity. Common signs of suspicious transactions include:

Large or rapid movement of funds: Transactions that are unusually large for the user, or a rapid series of transactions in a short period of time (especially involving new accounts or accounts that have previously been inactive). Example: A user who typically makes transactions equivalent to $1,000 per month, then suddenly sends $50,000 in one day to an external wallet.

Structuring patterns: Multiple small transactions that appear designed to avoid exceeding reporting thresholds or attract attention. For example, depositing $9,900 worth of cryptocurrency ten times within a week (for a total of $99,000) instead of a single deposit of $99,000. This may indicate intentional bypass of automated thresholds.

Use of mixers or obfuscation tools: If the user's funds are observed coming from or being sent to known mixing services, or the user uses methods of breaking transactions into many small parts to different addresses (in addition to normal blockchain usage), this suggests an attempt to obscure the source or destination of the funds.

Connection to Illegal Activity: Blockchain analysis or external analytics reveal that the user's funds are linked to known stolen funds, ransomware addresses, darknet markets, addresses associated with scams, or any identified terrorist financing channels.

Customer Behavior Red Flags: Beyond transaction data, if a user provides evasive or inconsistent answers to routine transaction questions or refuses to provide information when asked about the source of funds, this behavior itself is a red flag that may raise suspicions about their transactions.

Multiple Account Linkage: Multiple Account Linkage: Finding that the same person is operating multiple accounts under different names (or that a group of users appears to coordinate their transactions) can be suspicious, indicating possible account splitting or the creation of mule accounts.

The above criteria can be integrated into X Wallet's monitoring program. If one or more red flags are detected, the relevant transaction(s) are flagged for review. It's important to note that a flagged transaction is not automatically considered illegitimate; it is an indication that further investigation is required. The compliance team uses these criteria as a guide to systematically determine which alerts or cases require the filing of an STR. The criteria are regularly reviewed in accordance with the latest typologies published by the FATF and local regulators, ensuring our understanding of suspicious behavior remains current.

c) Detecting and reporting suspicious activity. X Wallet has clear procedures in place to identify suspicious activity internally and report it to the appropriate authorities in accordance with legal requirements. All employees and relevant contractors must follow a strict reporting chain to ensure that potential issues are promptly resolved:

Internal Detection (Reporting to Compliance): If any employee (e.g., customer support or a fraud analyst) notices anything suspicious about a user's behavior or transactions, they must immediately notify the compliance officer or anti-money laundering team. This can be done through a form or an internal reporting system. The report must contain detailed information about the customer and the activity that raised concerns. X Wallet maintains a culture in which employees can freely and, if desired, confidentially report suspicions without fear of retaliation. The identity of employees reporting suspicions must be protected to the fullest extent possible.

Compliance Review: Upon receipt of an internal report or alert from the monitoring system, the compliance officer (or designated anti-money laundering analyst) promptly conducts an investigation. This includes reviewing the client's profile and all associated transactions, gathering any missing information (which may include contacting the client for clarification), and, if necessary, consulting external databases (e.g., negative news, sanctions lists, blockchain analytics). The compliance team determines whether the activity is justifiable/explainable or suspicious. If the activity can be explained (e.g., the user has provided a plausible and verifiable explanation for a large deposit, such as an asset sale), the compliance team documents the rationale and removes the alert. If the activity cannot be reasonably explained or still contains indicators of illegal behavior, the compliance specialist will escalate the information to external authorities.

Cooperation with the Pension Fund: X Wallet will comply we will comply with any directives or requests from Financial Intelligence Units (FIUs) or similar government agencies, or law enforcement agencies. This may include freezing assets, providing additional transaction records, or other measures required by law. Internally, the compliance officer will assess whether the relationship with the client should be terminated to avoid further risk. In many cases, an account may be suspended or closed after consultation with legal counsel and consideration of law enforcement feedback (to ensure we do not inadvertently interfere with a larger investigation). Each case will be assessed individually.

5. Sanctions Screening and Prohibited Relationships

a) X Wallet will not establish or continue business relationships with any person or entity that:

Is located in a country or region subject to broad sanctions prohibiting the provision of services (e.g., countries subject to a comprehensive embargo, if any, consistent with X Wallet's legal obligations).

Are known to be associated with terrorist organizations or activities (as determined by reviewing terrorist organization lists and law enforcement information).

Refuse to provide sufficient information to determine whether they are sanctioned or pose a high risk.

b) If, after registration, any existing customer is found to meet the above criteria (due to updates to lists or newly discovered information), X Wallet will immediately freeze the account, refrain from making any further transactions, and follow legal instructions, which may include contacting authorities and ultimately terminating the relationship.

6.Record keeping and Data Retention

X Wallet maintains full records of customer information and financial activity to assist in any future investigations and to demonstrate compliance. All records will be stored securely and confidentially.

The key record-keeping rules include:

a) Client Identification Records: All data obtained during KYC/CDD, including copies of identity documents, verification certificates, proof of address, and risk assessment documentation for each client, will be securely stored (digitally encrypted, with access control). These records will be retained for at least five years after the client relationship is terminated. If a client's account is closed or they cease using the service, the five-year period begins on the date of closure. In practice, X Wallet may retain such records longer if permitted by law and if deemed necessary to protect the Company (for example, if an investigation is ongoing), but will not retain personal data indefinitely without cause. Upon expiration of the retention period, personal data will be securely destroyed, for example by deletion or anonymization, unless further retention is required by law.

b) Transaction Records: For each transaction processed by X Wallet, the following information will be recorded and stored: date/time, amount, and currency/cryptoasset, details of the sending and receiving parties (such as account IDs or crypto addresses, as well as any associated user IDs in our system), and any notes or notes describing the purpose of the transaction (if provided). In addition, any investigation related to the transaction will be recorded and linked to it. These transaction records will also be retained for at least five years from the date the transaction occurred. They will be stored in formats that are easily retrievable and can be provided to authorities in a timely manner upon legal request.

c) Data Protection and Security: All records containing personal data or sensitive information are protected by X Wallet's data protection protocols. Digital records are stored in secure, encrypted databases, and access is limited to authorized personnel (e.g., compliance, senior management, and, where necessary, IT security). We comply with data protection laws to ensure the confidentiality of customer data. Physical records (if any) are stored in a locked vault with controlled access. We adhere to data protection regulations to ensure the confidentiality of customer data. Access to AML/CFT records is restricted to those who need it for compliance or legal purposes, as well as upon formal request from competent authorities.

d) Provision to Authorities: In the event of a lawful request or during a regulatory review/audit, X Wallet can promptly obtain and provide the necessary records. All customer and transaction records are stored in this manner, to ensure their availability and searchability (for example, records are indexed by client ID and date). The Compliance Officer is responsible for coordinating responses to any requests for information from regulators or law enforcement agencies. We maintain records of what information has been disclosed and to whom, ensuring transparency and accountability in such information sharing.