GradientXChange Anti-Money Laundering and Know Your Business Policy

(hereinafter referred to as the “AML/KYB Policy”)

Introduction

The purpose of this AML/KYB Policy is to prevent GradientXChange from being involved, directly or indirectly, in any illegal or illicit activities through the use of its aggregator platform.

In line with international and domestic regulatory obligations, GradientXChange implements internal procedures and controls to mitigate risks associated with money laundering, terrorist financing, human and drug trafficking, proliferation of weapons, corruption, and bribery. This includes taking appropriate action in response to any suspicious activity reported or identified from businesses utilizing its services.

This AML/KYB Policy addresses the following areas:

  • Business verification and due diligence (KYB)
  • Monitoring of business activities and transactions
  • Role and responsibilities of the Compliance Officer
  • Risk assessment and management

1. Business Verification Procedures (KYB)

GradientXChange does not directly collect KYC information from individual end users. Instead, it performs Know Your Business (KYB) checks for companies and platforms integrating its API or widget.

KYB procedures may involve:

  • Collecting valid corporate documentation, such as registration certificates, corporate identification, and beneficial ownership details
  • Identifying directors, ultimate beneficial owners (UBOs), and checking for Politically Exposed Person (PEP) status
  • Screening against international sanctions, watchlists, and other restricted entities

GradientXChange reserves the right to request updated documentation or additional information from a business partner if any unusual or high-risk activity is detected.

All business data collected will be handled securely and in accordance with GradientXChange’s Privacy Policy and applicable regulatory requirements.

2. Monitoring of Business Activities and Transactions

GradientXChange monitors the businesses using its services to ensure compliance with AML/KYB requirements, even though it does not directly onboard end users or process their transactions.

Monitoring measures may include:

  • Reviewing aggregated transaction activity and reporting from integrated platforms
  • Screening businesses against recognized blacklists and sanctions
  • Investigating any unusual or potentially suspicious behavior reported by partners or detected through internal analysis
  • Maintaining internal records of investigations and follow-ups

Any irregularities or suspected violations are escalated to the Compliance Officer for further evaluation and, if necessary, reporting to relevant regulatory authorities.

3. Compliance Officer

The Compliance Officer is authorized to enforce adherence to the AML/KYB Policy and is responsible for:

  • Verifying the identity and legitimacy of businesses integrating with GradientXChange
  • Monitoring business activity for unusual or high-risk patterns
  • Advising the Board on regulatory changes and compliance obligations
  • Developing and maintaining the AML/KYB compliance program
  • Ensuring staff are trained in AML/KYB procedures and requirements
  • Reviewing flagged cases and deciding whether escalation to authorities is required
  • Periodically reviewing and updating the AML/KYB Policy and risk assessment framework

4. Risk Assessment and Management

GradientXChange employs a risk-based approach to evaluate the businesses that utilize its platform. Risk factors considered include:

  • Type of business and industry sector
  • Location and jurisdiction of operations
  • Volume, frequency, and nature of transactions conducted via integrated services
  • Ownership structure and governance of the business

Businesses assessed as high-risk, such as those with unclear ownership, unusually large or frequent transaction patterns, or operations in higher-risk jurisdictions, will undergo enhanced due diligence.

GradientXChange retains the right to:

  • Decline onboarding of businesses that fail to meet KYB requirements
  • Apply restrictions or limitations while verifying business information
  • Suspend or terminate integration if suspicious activity is detected
  • Report non-compliant or high-risk businesses to the appropriate authorities