ANTI-MONEY LAUNDERING (AML) POLICY

Policy Statement

DMCasinos ("the Company") is fully committed to the highest standards of anti-money laundering (AML) and counter-terrorist financing (CTF) compliance. This policy establishes our framework to prevent the Company and its online gambling operations from being used to facilitate money laundering or terrorist financing, in line with the regulations of the Curaçao Gaming Control Board (GCB), the Financial Intelligence Unit (FIU) Curaçao, and international best practices.

Purpose

This policy aims to:

• Prevent and detect potential money laundering or terrorist financing activities
• Ensure full compliance with legal and regulatory obligations under Curaçao law
• Protect the Company, its customers, and its reputation from abuse by criminal elements
• Establish a structured framework for risk assessment, customer due diligence, monitoring, and reporting

Audience

This policy applies to:

• All Company employees
• Third-party service providers
• Affiliates and subcontractors involved in customer-facing or compliance functions

Definitions

• Money Laundering (ML): The process of disguising the origins of illegally obtained money
• Terrorist Financing (TF): The act of providing financial support to terrorists or terrorist organizations
• CDD (Customer Due Diligence): A process of verifying the identity of customers
• EDD (Enhanced Due Diligence): Additional scrutiny of high-risk customers
• FIU: Financial Intelligence Unit Curaçao, responsible for receiving and analyzing suspicious transaction reports
• PEP (Politically Exposed Person): An individual with a prominent public function, requiring enhanced scrutiny

Policy Implementation

• Approving Official(s): Chief Compliance Officer (CCO)
• Responsible Office: Compliance Department
• Effective Date: 12/5/2025
• Next Review Date: 11/5/2026

Business Risk Assessment

A comprehensive Business Risk Assessment (BRA) is conducted annually to:

• Identify and evaluate ML/TF risks related to products, services, delivery channels, and geographic locations
• Ensure policies and procedures are tailored to address these risks
• Assess the potential misuse of online casino offerings for illegal purposes

Customer Risk Assessment (CRA)

Each customer is subject to an individual CRA at onboarding to determine their risk profile. Factors include:

• Geographic risk (High-risk jurisdictions subject to FATF, i.e. Iran, Myanmar)
• Customer behavior (means used for deposits/withdrawals, sum of amounts deposited/amount per transaction, betting activity, contact with customer service, response regarding verification process)
• Source of funds (annual income, inheritance, sale of property)
• Method of payment (e.g., crypto vs. fiat, e-wallets, cash methods)

Customer Acceptance Policy (CAP)

Based on CRA outcomes, the CAP ensures:

• High-risk customers undergo EDD
• PEPs and sanctioned individuals are rejected or escalated. Daily checks regarding registrations are conducted. Once an individual is proven to be a PEP, the account is immediately blocked, all betting/casino activity is canceled and the amount deposited is refunded back on the payment method used for depositing
• Sanctions screening is mandatory prior to account activation. DMCasinos uses external software/sources such as LexaScan (https://lexascan.com/) & EU Sanctions List (http://www.sanctionsmap.eu/#/main) to prevent registration/financial activity by sanctioned individuals

Customer Due Diligence (CDD)

CDD measures include:

• Collection of full name, address, DOB, ID document, proof of address
• PEP and sanctions screening through automated tools. Daily checks in all registrations to prevent registration by PEPs. These checks may include external software/sources such as OFAC (https://ofac.treasury.gov/sanctions-list-search-tool)
• Freezing of funds and notification to FIU Curaçao when suspicious activity is identified

Ongoing Monitoring

Continuous monitoring includes:

• Behavioral pattern analysis
• Transaction thresholds and alerts - proactive monitoring for users proceeding to numerous deposits below the company's applied threshold (2000EUR/transaction) to avoid triggering the CDD procedure. The system flags user as suspicious, the account is immediately frozen, KYC documentation is requested and a notification is sent to the MLRO. The account remains frozen until user provides requested documents
• Login/IP consistency checks
• Unusual withdrawal/deposit behaviors - Account Take Over cases (ATO) where account credentials have been sold to a third person. Usually, deposit & betting pattern change, along with payment method. The account is immediately flagged as suspicious, and extra KYC is required including selfie holding ID/passport, and updated certified official documents issued by public institutions/services

Reliance on Third Parties

The Company may rely on licensed third-party providers for CDD, under the condition that:

• Providers meet Curaçao standards
• Responsibility for compliance remains with the Company
• Oversight and audit procedures are in place

Reporting of Unusual Transactions

All suspicious or unusual transactions are reported to FIU Curaçao through:

• Immediate internal escalation
• Detailed documentation
• Timely SAR/STR (Suspicious Activity/Transaction Report) submission

AML Compliance Program

The AML Program is designed to:

• Be proportionate to risk level
• Align with Curaçao laws and FATF recommendations
• Include account freezing and reporting mechanisms
• Ensure regular training and compliance reviews

Compliance and Consequences of Non-Compliance

Non-compliance may result in:

• Disciplinary actions, including termination
• Regulatory penalties or revocation of license
• Legal prosecution under Curaçao law
• Reputational damage

Related Information

• Curaçao National Ordinance on the Reporting of Unusual Transactions (NORUT)
• FIU Guidelines
• Curaçao eGaming AML Handbook
• Internal CDD/EDD procedure manuals