Anti-Money Laundering and Know Your Customer (AML / KYC) Policy

Our Commitment

Baysart MMC (referred to as "we", "the provider" or "Baysart") treats the prevention of money laundering (ML) and the financing of terrorism (TF) as a foundational principle of its operations. We are committed to ensuring that our services are not used for laundering the proceeds of crime, financing terrorism, or any other unlawful purpose.

We commit to comply with the following laws of the Republic of Azerbaijan and the regulations adopted under them, as well as with standards aligned to the recommendations of the Financial Action Task Force (FATF):

• The Law of the Republic of Azerbaijan on Combating the Legalisation of Criminally Obtained Funds or Other Property and the Financing of Terrorism (AML/CFT law);
• The applicable legislation on targeted financial sanctions;
• The Law of the Republic of Azerbaijan on Currency Regulation;
• A risk-based approach and international standards aligned with the 40 Recommendations of the FATF.

Customer Due Diligence (CDD)

We operate a Customer Due Diligence (CDD) programme based on a risk-based approach. The risk level of each customer and transaction is assessed, and the depth of due diligence measures is calibrated to that risk level.

Identity verification is carried out through the Identity Verification Provider. Verification is performed at two tiers:

• Tier 1 (liveness): The baseline check required to open an account; it includes a liveness check confirming that the user is a real, living person.
• Tier 2 (full identity): Full identity document verification; required to use the fiat (manat) on-/off-ramp or any service where the Identity Verification Provider touches money.
• Minimum information collected: full name, date of birth, nationality, residential address and a valid identity document.
• Customer information is kept current, and re-verification (re-CDD) may be performed where risk changes.

Enhanced Due Diligence (EDD)

Where elevated risk is identified, we apply Enhanced Due Diligence (EDD) measures. EDD is triggered by factors including, but not limited to, the following:

• Politically Exposed Persons (PEPs), their family members and close associates;
• Customers and transactions connected to high-risk or FATF-monitored jurisdictions;
• Large, unusual or complex transactions with no apparent economic rationale;
• Transaction behaviour inconsistent with the customer's profile or expected activity.
• EDD measures include establishing source-of-funds and source-of-wealth and requiring additional supporting documentation.

Screening

As part of preparing for authorisation (licensing), the provider is implementing the following screening controls. Once operational, these controls will be applied both at onboarding and on an ongoing basis throughout the relationship:

Until authorisation is obtained, some of the controls described here are still under development and may not yet be fully operational today.

• Sanctions screening: against OFAC, EU, UN, UK and local sanctions lists;
• PEP screening: identification of Politically Exposed Persons;
• Adverse-media screening: checks of open sources for criminal or reputational risk information;
• Wallet-address risk screening: assessment of blockchain addresses for links to criminal, sanctioned or high-risk sources;
• Once operational, inbound funds from high-risk or sanctioned sources may be quarantined, frozen or rejected.

Transaction Monitoring

We are implementing and strengthening automated behavioural monitoring of transactions for red flags of suspicious behaviour — including structuring, velocity, volume inconsistent with the customer profile and other anomalies; these controls may not yet be fully live.

In addition, the following programmatically enforced limits are already in force and are applied on a mandatory basis:

• Per-transaction limit: ₼25,000;
• Per-identity daily limit: ₼100,000;
• System-wide daily limit: ₼1,000,000;
• Minimum transaction amount: ₼1.
• Activity that exceeds, approaches, or attempts to artificially split these limits is flagged for further review.

Travel Rule

We commit to collect and transmit the required originator and beneficiary information on transfers above the applicable threshold. This is aligned with the FATF Travel Rule standard.

For transfers above the established threshold to or from self-hosted (customer-controlled) wallets, we may require proof of ownership of that wallet.

Prohibition of Market Abuse

Insider use and market manipulation are strictly prohibited. Users must refrain from trading on the basis of material non-public information, placing false or misleading orders intended to influence prices, and any other activity that undermines market integrity.

Where such activity is identified, we reserve the right to suspend transactions, restrict accounts and report to the competent authorities.

Suspicious Activity Reporting

Where a suspicious transaction or activity is identified, the provider will file suspicious activity reports with the financial-monitoring authority Financial Monitoring Service of the Republic of Azerbaijan as required by applicable law, and is establishing the process to do so.

Tipping-off is strictly prohibited. We will not inform a customer or any third party that a suspicious activity report has been, or may be, filed.

Recordkeeping

All records and documents relating to customer verification, transactions and ML/TF matters are retained for the period required by law, but in any event for at least 5 (five) years following the end of the customer relationship or the execution of the transaction.

Cooperation with Authorities

We cooperate fully with competent state authorities, courts and regulators, and we execute lawfully issued requests, including for the provision of information, the freezing of funds or the blocking of transactions, in accordance with applicable law.