AML/KYC POLICY

Trast LLC (“Company,” “we,” “us,” or “our”) is committed to preventing money laundering, terrorist financing, fraud, and other illegal activities. This AML/KYC Policy outlines our procedures to comply with applicable anti-money laundering and counter-terrorist financing (CFT) regulations, as well as to protect our business and customers from exploitation by criminals.

1. PURPOSE & SCOPE

Purpose

• To establish a robust framework that detects, prevents, and reports any potential money laundering, terrorist financing, or other illicit activities.
• To ensure compliance with all applicable local and international AML/CFT regulations, including (where relevant) the Bank Secrecy Act (BSA), the USA PATRIOT Act, EU AML Directives, and Financial Action Task Force (FATF) recommendations.

Scope

• This Policy applies to all Trast LLC employees, contractors, consultants, agents, and affiliated entities.
• It covers all services and operations, including our token offering, digital asset transactions, and user onboarding processes.

2. DEFINITIONS

• Money Laundering: The process of making illicitly obtained funds appear legitimate by concealing their origin, nature, or ownership.
• Terrorist Financing: The act of providing financial support to terrorist individuals, groups, or organizations.
• KYC (Know Your Customer): The process of verifying the identity of customers and understanding their activities to assess the risk of illicit behavior.
• CDD (Customer Due Diligence): A set of measures to verify a customer's identity and evaluate the potential risk they pose.
• EDD (Enhanced Due Diligence): A more stringent set of checks for high-risk customers or transactions.

3. LEGAL & REGULATORY FRAMEWORK

Trast LLC complies with the following (as applicable to our operations and jurisdictions):

• Bank Secrecy Act (BSA) and related U.S. regulations.
• FATF (Financial Action Task Force) Recommendations.
• EU AML Directives (e.g., 5AMLD, 6AMLD) for operations or customers within the European Union.
• Local AML/CFT laws and regulations in the jurisdictions where we operate or serve customers.

We also monitor updates to AML/CFT laws to ensure ongoing compliance.

4. RESPONSIBILITIES & GOVERNANCE

Compliance Officer

• We designate a Compliance Officer responsible for overseeing AML/KYC compliance.
• Duties include developing policies, training staff, monitoring transactions, and filing suspicious activity reports (SARs) as required.

Management Oversight

• Senior management is responsible for providing resources and support to ensure effective implementation of this Policy.
• The Compliance Officer regularly reports to management on AML/KYC matters.

Employee Obligations

• All employees must be familiar with this Policy and attend mandatory AML/KYC training.
• Employees must promptly report any suspicious activities or potential violations to the Compliance Officer.

5. CUSTOMER DUE DILIGENCE (CDD)

Initial Onboarding

• KYC Verification: We collect and verify basic customer information, such as full legal name, date of birth, nationality, residential address, and government-issued identification.
• Risk Assessment: Each new customer is assigned a risk level (low, medium, or high) based on factors like geographic location, transaction volume, and business nature.
• Sanctions Screening: We screen customers against sanction lists (e.g., OFAC, UN, EU) and politically exposed persons (PEPs) lists.

Ongoing Monitoring

• Transaction Monitoring: We continuously monitor user transactions to detect unusual or suspicious patterns (e.g., sudden large transfers, repeated high-value transactions).
• Periodic Reviews: Customers may be re-assessed periodically to ensure their risk profiles remain accurate.

Enhanced Due Diligence (EDD)

• Required for high-risk customers, such as PEPs or those in high-risk jurisdictions.
• May involve requesting additional documentation (e.g., proof of funds, detailed business information), increased transaction scrutiny, and more frequent reviews.

6. RISK-BASED APPROACH

Risk Factors

• Geographical Risk: Countries with high corruption, weak AML regulations, or on FATF's high-risk list.
• Customer Risk: Individuals with complex corporate structures, negative media, or unusual business activities.
• Service/Transaction Risk: Large, rapid transactions or those that lack an apparent economic purpose.

Risk Mitigation Measures

• Stricter Verification: Collect more documentation and cross-verify information.
• Transaction Limits: Impose lower thresholds or enhanced monitoring for high-risk users.
• Refusal or Termination: If a user presents unacceptable risk or fails to comply with KYC, we may refuse or terminate the relationship.

7. TOOLS & TECHNOLOGIES

To combat unwanted or malicious activities, Trast LLC employs a range of tools:

Identity Verification Platforms

• We partner with reputable third-party providers for document checks, biometric verification, and sanction screening.

Transaction Monitoring Software

• Automated systems flag suspicious transactions based on rules and machine learning algorithms.
• Alerts are reviewed by the Compliance Officer, who may request more information from the customer.

Blockchain Analysis

• For crypto transactions, we may use blockchain analytics services to identify high-risk wallets, detect patterns of illicit activity, and trace funds.

Security Measures

• We utilize multi-factor authentication, encryption, and other cybersecurity protocols to protect user data and platform integrity.

8. SUSPICIOUS ACTIVITY REPORTING

Detection of Suspicious Activity

• Employees and automated systems are trained and configured to identify red flags (e.g., inconsistent transaction behavior, attempts to circumvent KYC).

Reporting Process

• When suspicious activity is detected, a report is sent to the Compliance Officer for review.
• If deemed necessary, the Compliance Officer files a Suspicious Activity Report (SAR) with the relevant authority (e.g., FinCEN in the U.S.) in accordance with legal requirements.

Confidentiality

• The existence of an SAR or any details about it must not be disclosed to the subject of the report or any unauthorized parties.

9. TRAINING & AWARENESS

Employee Training

• All employees receive regular AML/KYC training covering relevant regulations, red flags, and reporting procedures.
• Training is updated periodically to reflect changes in regulations or risk environments.

Record-Keeping

• We maintain records of all AML/KYC training sessions, including participant attendance and training materials.

10. RECORD RETENTION

• We keep KYC records, transaction data, and related documentation for at least five (5) years or longer if required by local regulations.
• Records include copies of identification documents, transaction histories, and any correspondence related to suspicious activity.

11. PRIVACY & DATA PROTECTION

Compliance with Privacy Laws

• We process personal data in line with the GDPR and other applicable data protection laws.
• Refer to our Privacy Policy for detailed information on how we collect, store, and protect personal data.

Confidentiality

• We ensure that personal data collected for AML/KYC purposes is only used for lawful compliance activities.
• Access to AML/KYC records is restricted to authorized personnel who require it for their duties.

12. PENALTIES & SANCTIONS

• Employees or contractors who fail to comply with this Policy or relevant AML/CFT regulations may face disciplinary action, including termination.
• We may also report non-compliance to relevant authorities if required.

13. POLICY REVIEW & UPDATES

• The Compliance Officer reviews this AML/KYC Policy at least annually or whenever there are significant regulatory changes.
• Any updates will be communicated to all employees and relevant stakeholders.

14. CONTACT INFORMATION

If you have questions or concerns about this AML/KYC Policy, or if you wish to report suspicious activities, please contact:

Trast LLC
contact@trast.space