AML/KYC (Anti-Money Laundering and Customer Identification) Policy

---

1. General provisions

1.1. This Anti-Money Laundering and Customer Identification Policy (hereinafter referred to as the “AML/KYC Policy”) was developed by the Limited Liability Company “Great Stone” (hereinafter referred to as the “Company”), the owner of the OZTA IT service, in order to manage legal, reputational and compliance risks when providing services through the OZTA service.

1.2. The company is not a bank, payment organization or other financial intermediary entity and applies AML/KYC measures to the extent necessary for:

• compliance with the requirements of the legislation of the Kyrgyz Republic;
• fulfillment of contractual obligations to clients and partners;
• fulfilling the requirements of payment, banking and other counterparties;
• preventing the use of the service for illegal purposes.

1.3. The company applies a risk-based approach (Risk-Based Approach), taking into account the nature of services, customer behavior and geography of operations.

1.4. This Policy applies to relationships arising within the use of the OZTA service, and is an integral part of the Company’s Public Offer and is applied in conjunction with the Payment Terms and Sanctions Policy posted in the OZTA service.

---

2. Terms and definitions

The terms are used in the meaning established by the legislation of the Kyrgyz Republic, FATF recommendations, as well as the Company’s user documents.

---

3. Company obligations

3.1. The company has the right:

• request from Clients information and documents necessary for identification;
• refuse to provide services or suspend them if it is impossible to comply with AML/KYC requirements;
• carry out verification of Clients using open sources and, if necessary and accessible, specialized databases.

3.2. The company undertakes:

• apply procedures for identifying and verifying Clients to the extent appropriate to their risk profile;
• ensure the confidentiality of the information received;
• interact with authorized bodies exclusively in cases and in the manner expressly provided for by applicable law.

---

4. Customer identification (KYC)

4.1. The scope and depth of Client identification are determined by the Company individually, taking into account:

• type of Client (individual/legal entity);
• the nature of the services provided;
• volume and regularity of use of the service;
• identified risk factors.

4.2. The company has the right to use:

• basic verification (CDD);
• enhanced verification (EDD);
• simplified verification (SDD) - in cases permitted by law.

---

5. Monitoring service usage

5.1. The Company monitors the use of the OZTA service, including the actions of Clients related to the execution of orders and the use of the platform’s functionality.

5.2. The Company has the right to suspend the provision of services or the execution of the Client’s order if it detects:

• inconsistency with the stated purpose of using the service;
• signs of abuse of the service;
• factors of increased compliance risk.

---

6. Suspicious situations

6.1. If circumstances are identified that may indicate illegal use of the service, the Company has the right to:

• suspend the provision of services;
• request additional information and documents;
• terminate business relations with the Client.

Upon termination of a business relationship, the return of unused target funds is carried out in the manner established by the Cancellation Policy and the Company's Refund Policy, posted on the OZTA service.

6.2. Interaction with government authorities is carried out only on the basis of legal requirements and within the framework of applicable legislation.

---

7. Information storage

7.1. Documents and information received within the framework of this Policy are stored no less than the period established by the legislation of the Kyrgyz Republic, and in compliance with confidentiality requirements.

---

8. Personal data

8.1. The processing of personal data is carried out in accordance with the Company’s Privacy Policy posted on the OZTA service.

---

9. Limitation of liability

9.1. The Company is not responsible for the Client's losses arising from the refusal or suspension of the provision of services under this Policy.

---

10. Final provisions

10.1. The company has the right to make changes to this Policy by publishing a new version in the OZTA service.

10.2. Using the service after the publication of a new edition means the Client agrees with the changes.