Aml & Kyc Policy

Policy Statement

K1 Game is committed to preventing the use of its services for money laundering, the financing of terrorism, and the proliferation of weapons of mass destruction. This AML and KYC Policy establishes the governing principles, requirements, and procedures that K1 Game applies to detect, prevent, and report such activities. The Policy applies to all employees, contractors, and associated entities involved in the provision of gaming services under the Company’s license, and to third parties engaged in onboarding, payments, or related activities on behalf of K1 Game.

Purpose

The purpose of this Policy is to implement a risk‑based AML/CFT framework that enables effective identification, assessment, and mitigation of financial crime risks. It prescribes internal controls, risk assessments, customer due diligence procedures, ongoing monitoring, and reporting mechanisms designed to protect the integrity of K1 Game’s operations and to comply with applicable laws and regulatory expectations.

Scope and Audience

This Policy governs all customer access and activity within K1 Game and extends to all personnel, including permanent and temporary staff, management, the Compliance Officer, contractors, agents, and any third parties performing AML/CFT duties or processing payments. The Board retains ultimate oversight of the AML/KYC program and ensures that it remains current and effective.

Definitions

  • Money Laundering (ML): The process of concealing the illicit origin of funds by introducing them into the financial system in a manner that disguises their origin, including the stages of placement, layering, and integration.
  • Terrorist Financing (TF): The provision or collection of funds, directly or indirectly, intended for the support of terrorist acts, organizations, or individuals, regardless of the funds’ origin.
  • Proliferation Financing (PF): The provision of funds or financial services used for the development or transfer of weapons of mass destruction in violation of international obligations.
  • Customer Due Diligence (CDD): The process of identifying and verifying the customer, understanding the purpose and nature of the business relationship, and ongoing monitoring to ensure consistency with the customer’s risk profile.
  • Enhanced Due Diligence (EDD): Additional verification and scrutiny applied in higher‑risk scenarios, including when dealing with PEPs or customers from high‑risk jurisdictions.
  • Politically Exposed Person (PEP): An individual who holds or has held a prominent public function, together with their immediate family and close associates, who may present elevated ML/TF risk.
  • Sanctions Screening: The process of screening customers and transactions against international and national sanctions lists to prevent prohibited relationships.
  • Beneficial Owner: The natural person who ultimately owns or controls a customer or the person on whose behalf a transaction is conducted, including individuals with substantial ownership or control in legal entities.
  • Unusual Transaction Report (UTR): A report submitted to the competent financial intelligence unit when a transaction is deemed suspicious or unusual under objective or subjective indicators.
  • Risk‑Based Approach (RBA): A strategic framework in which resources, controls, and procedures are allocated proportionally to the risk level presented by the customer, product, service, or transaction.

Regulatory Compliance

K1 Game complies with the AML/CFT laws applicable in the relevant jurisdiction and operates under the supervision of the competent regulatory authority. The Policy is reviewed at least annually and updated to reflect regulatory developments, risk assessments, and advisory guidance. The Company maintains documentation and controls sufficient to demonstrate compliance upon regulatory request.

Governance and Oversight

The Board designates a Compliance Officer responsible for implementing and enforcing this Policy. The Compliance Department maintains records, conducts periodic reviews, and coordinates reporting to the regulator and the financial intelligence unit as required by law. All material changes to the Policy are approved by the Board and documented with rationale.

Risk‑Based Approach

The Company applies a risk‑based framework to tailor controls to the risk profile of customers, products, channels, and jurisdictions. The framework comprises the following components.

  • 5.1 Business Risk Assessment (BRA): A documented assessment identifying ML/TF/PF risks arising from the business model, products, payment methods, and geographic exposure. The BRA informs policy design, control selection, and resource allocation. The BRA is reviewed annually or upon material changes and is approved by the Board.
  • 5.2 Customer Risk Assessment (CRA): On onboarding or prior to occasional transactions, the Company assesses each customer’s ML/TF/PF risk using defined factors, assigns a risk rating, and determines the corresponding level of CDD and monitoring. The CRA is updated as material information changes and is maintained by the Compliance Department.
  • 5.3 Customer Acceptance Policy (CAP): The rules for establishing and maintaining business relationships based on assessed risk. CAP requires appropriate sanctions and PEP screening, specifies acceptance thresholds, and sets conditions for ongoing relationship management. Where risks are unacceptable, relationships are declined or terminated with documented justification. CAP is approved by the Board and reviewed annually.
  • 5.4 Customer Due Diligence (CDD): A robust, risk‑based program to verify identity, understand the purpose of the relationship, and monitor activity. Triggers for CDD include transactions equal to or above four thousand (local currency) or suspicious activity, as well as when data quality is in doubt. CDD measures include collection of identifying information, verification through government‑issued documents, address verification, and, where appropriate, supplementary methods such as biometric checks, video verification, IP/geolocation checks, and device fingerprinting. Customer risk profiles are dynamic and are reassessed on significant events or changes in behavior.
  • 5.5 Enhanced Due Diligence (EDD): In higher‑risk situations, EDD procedures are applied, including expanded verification, source of funds checks, more frequent monitoring, and elevated reporting requirements.

Ongoing Monitoring and Reporting

K1 Game conducts ongoing monitoring of customer activity to detect abnormal patterns, including large, rapid, or unusual transaction flows, transactions involving high‑risk jurisdictions, or behavior inconsistent with the customer’s profile. Suspected ML/TF/PF activity must be reported to the competent financial intelligence unit as an Unusual Transaction Report. Where required by law, the Company will escalate matters to appropriate authorities. The Company will avoid tipping off customers if such disclosure could impede an investigation.

Sanctions and PEP Screening

All customers are screened before onboarding and on an ongoing basis against applicable sanctions lists and PEP databases. If a customer is identified as a PEP or subject to sanctions, the relationship may proceed only with senior management approval and after verification of the source of wealth and source of funds, together with the application of enhanced due diligence and ongoing monitoring.

Freezing of Funds and Reporting

If a customer’s activity reaches the defined threshold and required documentation is not provided within 30 days, the account is suspended, deposits and withdrawals are blocked, and any funds are returned to the source absent evidence of legitimate activity. In cases of suspected ML/TF, the matter is reported to the competent financial intelligence unit and, where appropriate, to the public prosecutor in accordance with applicable law.

Documentation and Record Keeping

K1 Game maintains records of customer identification, transactions, risk assessments, and related decision‑making for a minimum period of five years or longer if required by law. Records are retained securely, access is controlled, and data protection requirements are observed.

Training and Awareness

All employees receive ongoing AML/KYC training tailored to their role, covering identification and verification procedures, escalation and reporting protocols, and data protection. Training frequency is determined by risk level and regulatory expectations, with updates issued for material changes in procedures or regulation.

Third‑Party Obligations

All third‑party service providers engaged by K1 Game must comply with AML/KYC policies and provide information and reports as required by law. Third parties are subject to due diligence, ongoing oversight, and contractual provisions governing data protection and reporting obligations.

Review and Update

The Policy is reviewed at least annually, or sooner in response to regulatory changes, risk assessment outcomes, or operational developments. Material updates require board approval, and the Compliance Officer is responsible for dissemination and staff training regarding changes.