Anti-Money Laundering Policy

Effective Date: February 9, 2026

Softgate Sp. z o.o. (“Softgate”, “we”, “us”, “our”) is committed to complying with all applicable Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) laws and regulations, including EU Directives on AML/CTF and Polish legislation (including the Act on Counteracting Money Laundering and Terrorist Financing, as amended). This policy outlines the procedures, responsibilities, and measures Softgate applies to prevent the use of its services for illegal activities, including money laundering, terrorist financing, and other financial crimes.

1. Scope and Purpose

This AML Policy applies to:

· All services provided by Softgate, including IT services, payment processing, and cryptocurrency transactions;

· All clients, counterparties, and business partners of Softgate;

· All employees, contractors, interns, volunteers, and other representatives acting on behalf of Softgate.

The purpose of this policy is to ensure:

· Compliance with EU and Polish AML/CTF laws;

· Prevention of the use of Softgate services for money laundering, terrorist financing, fraud, corruption, or other illegal activity;

· Protection of Softgate and its clients against financial crime.

2. Key Definitions

· Money Laundering (ML): The process of concealing the origin of funds obtained illegally through financial transactions to make them appear legitimate.

· Terrorist Financing (TF): Providing or collecting funds for terrorist purposes, regardless of the origin of funds.

· Customer Due Diligence (CDD): Verification of client identity and assessment of risk to prevent ML/TF.

· Enhanced Due Diligence (EDD): Additional measures applied to higher-risk clients or transactions.

· Politically Exposed Persons (PEPs): Individuals with prominent public functions, their family members, or close associates, posing higher risk for ML/TF.

· Beneficial Owner: The natural person(s) who ultimately owns or controls a client or the funds being processed.

3. Customer Identification and Verification

Softgate performs CDD for all clients and counterparties as required by law. This includes:

1. Verification of identity

· For individuals: valid government-issued ID or passport, selfie or liveness check;

· For legal entities: company registration documents, verification of directors and beneficial owners;

2. Verification of the source of funds, including cryptocurrency holdings, to confirm legitimacy;

3. Ongoing monitoring of transactions to detect suspicious activity.

CDD may be enhanced if:

· The client is a PEP;

· Transactions are unusually large, complex, or atypical;

· Transactions involve high-risk jurisdictions;

· Regulatory requirements mandate additional measures.

4. Transaction Monitoring

Softgate applies automated and manual monitoring to all transactions, including crypto payments:

· Transactions inconsistent with the client profile, unusually large, or from high-risk regions are flagged;

· Suspicious transactions may be temporarily suspended pending investigation;

· Transactions linked to illegal activity may be frozen and reported to authorities.

5. Record-Keeping

Softgate maintains records of:

· Client identification documents;

· Transaction details;

· Risk assessments and internal decisions.

Records are retained for at least five (5) years after the end of the business relationship or completion of the transaction, in line with EU and Polish regulations.

6. Reporting Suspicious Activity

Employees must report suspicious transactions internally to the Compliance Officer.

Softgate will file reports to the Financial Intelligence Unit (GIIF) or other competent authorities as required by law.

7. Sanctions Compliance and High-Risk Jurisdictions

· Softgate will not engage with individuals or entities listed on EU, UN, or other internationally recognized sanctions lists.

· Transactions involving high-risk jurisdictions may require EDD or may be refused.

8. Risk Assessment and Compliance

Softgate conducts risk assessments of:

· Client type and history;

· Jurisdiction of operation;

· Type, size, and frequency of transactions.

The Compliance Officer ensures:

· Internal AML/CTF procedures are followed;

· Staff are trained regularly on AML/CTF laws, cryptocurrency risks, and detection of suspicious activity.

9. Employee Responsibilities and Training

All employees must:

· Comply with this AML Policy;

· Complete regular AML/CTF training;

· Report suspicious activity promptly;

· Follow procedures for onboarding, verification, and transaction monitoring.

10. Third-Party Service Providers

Softgate may appoint certified third-party providers to conduct:

· KYC/AML verification;

· Document authentication;

· Transaction monitoring.

All providers must comply with Softgate’s Privacy Policy and applicable data protection laws.

11. Data Protection

Client documentation and transaction records are stored securely and in compliance with GDPR and Polish personal data protection law.

Data will only be disclosed to competent authorities upon official request.

12. Liability

Softgate:

· Is not liable for illegal use of its services by clients;

· May refuse or terminate services to clients suspected of ML/TF;

· Implements best-effort controls, but cannot guarantee detection of all suspicious activity.

13. Policy Review and Updates

· This AML Policy is reviewed annually or more frequently if regulations change;

· All updates will be communicated internally and posted publicly on Softgate’s website.

14. Contact for AML Inquiries

Softgate Sp. z o.o.

ul. Hoża 86/210

00-682 Warsaw

Poland

Email: hello@softgate.info

Phone: +48 459 568 527