Lantern Finance Logo

Lantern Finance, Inc. Anti-Money Laundering Policy

Last adopted or revised by the Company: 6/18/2025
1. Overview. This Anti-Money Laundering Policy (the "Policy" or the "AML Policy") sets forth the approach that Lantern Finance, Inc. (the "Company") utilizes to address compliance with U.S. anti-money laundering, trade and economic sanction laws. The Company has determined that it is a Money Services Business ("MSB") and is therefore subject to applicable provisions of the Bank Secrecy Act ("BSA" ) as well as certain state regulations. The Company is registered with the Financial Crimes Enforcement Network ("FinCEN"). The Company is also subject to regulations and laws administered by the Office of Foreign Assets Control ("OFAC").
Money laundering is the process by which criminals conceal the existence, nature or source of their illegal funds and disguise such funds to make them appear legitimate. Financiers of terrorism and other organized illicit activities follow similar processes.
The compliance goal of the Company is to protect its business from being used to facilitate money laundering, terrorist financing and related crime through the use of either digital assets or fiat currency, to the extent possible and as applicable. Any involvement in money laundering and terrorist financing activity could result in potential civil and criminal penalties and forfeiture of assets. It is the responsibility of every Company employee to understand and comply with this Policy. Questions about this Policy should be directed to the Compliance Officer (as defined below). Failure to comply with the specific provisions of the BSA, federal money laundering statutes, counter-terrorism laws and related criminal statutes can result in substantial civil and criminal penalties to the Company and to individual employees. Failure of an employee to comply with any such legal requirements will subject the employee to disciplinary action, which may include termination of employment, as well as possible civil and criminal penalties by law enforcement and regulators if the employee knew or should have known that funds processed by or through the Company stemmed from financial crime or other illicit activities.
2. APPLICABILITY. This Policy applies to the Company and its employees' MSB-related activities, whether conducted by the Company's own employees, its agents or affiliates.
3. SCOPE.
  1. AML Policy
    1. Elements. The Policy contains the following elements:
      1. A list of the AML Policy elements for compliance with the identified applicable laws, rules and regulations;
      2. An individual designated by the Company's Board of Directors (the "Board") who is responsible for the Company's compliance with the Policy, the Company's AML program, and BSA laws and regulations applicable to the Company as an MSB (the "Compliance Officer");
      3. A set of controls intended to ensure ongoing compliance with the Policy;
      4. Risk-based policies and procedures for identifying and verifying the identity of customers through a Know Your Customer ("KYC") program;
      5. Company employee training on this Policy;
      6. Independent testing of the AML Policy.
      7. Risk-based policies that seek to ensure, to the extent possible, that the Company does not engage in transactions that are out of compliance with OFAC regulations;
    2. Board Approval. The following must be addressed and/or approved by the Company's Board, as applicable, each year:
      1. This Policy (which shall be provided along with a summary of any changes made since the previous Board approval);
      2. Any compliance issues identified by the Company or its employees or contractors related to the Policy since the previous Board approval; and
  2. Designation and Authority of the Compliance Officer. The Compliance Officer is responsible for ensuring that the Company adequately executes the Policy. The Company may outsource some of its compliance activities related to the Policy to vendors, but ultimately remains responsible for compliance with the Policy and the BSA. The roles and responsibilities of the Compliance Officer are set forth below. All Company personnel shall understand their obligations under the Policy and work with the Compliance Officer as appropriate. Any Company employee who does not act in compliance with applicable elements of this Policy may be disciplined or terminated by the Company.
  3. Internal Controls.
    1. Know Your Customer. As a registered MSB, the Company is required to have in place risk-based policies and procedures to identify and verify the identity of its customers, i.e., to maintain a KYC program (the "KYC Policy"). The KYC Policy must be commensurate with the size, scale, complexity, and risks associated with the Company's business activities and may include the following components:
      1. Identification and Verification. The Company maintains risk-based procedures as appropriate for implementing its KYC Policy in order for the Company to form a reasonable belief that it knows the true identity of (i) its customers; (ii) any individuals or entities that, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, own twenty five percent (25%) or more of the equity interests of its customers, or any lower threshold required by current FinCEN regulations ("Beneficial Owners"); and (iii) any individuals with significant responsibility to control its customers, including but not limited to executive officers, senior managers, or other individuals who perform such functions ("Control Persons").
        KYC-related procedures are based on the Company's assessment of its relevant risks, including those presented by the various types of accounts offered, the various methods of opening accounts, the various types of identifying information available, and the Company's size, location, and customer base. The Company may leverage third-party resources, including identity verification service providers, for elements of its KYC program and related processes. Nevertheless, the Company remains at all times responsible for compliance with its obligations as an MSB and any such third-party service providers shall operate in accordance with the Company's KYC Policy.
      2. KYC Requirements for Individuals. As applicable, the Company obtains the following information for individuals as part of its KYC Policy:
        1. Name;
        2. Date of birth;
        3. Address (or permanent residence including country of origin or citizenship if the individual is foreign); and
        4. Government-issued identification number.
      3. KYC Requirements for Legal Entities. As applicable, the Company obtains the following information for legal entities as part of its KYC Policy:
        1. Name;
        2. Address of principal place of business, local office, or other physical location;
        3. Federal Employer Identification Number ("EIN"), or evidence of application of taxpayer identification number, as applicable. In certain scenarios, the legal entity may have a tax identification number that is an individual's Social Security Number or individual Taxpayer Identification Number ("TIN"); and
        4. Founding and formation documents governing the legal entity.
      4. Customer Verification. The Company may seek to verify the identity of individuals without requiring a government issued photo ID. However, if such methods fail, or if the Company otherwise determines it is appropriate, the Company may require a government issued photo ID in order to complete the verification process. In verifying the identity of a legal entity, the Company may require information from Control Persons and Beneficial Owners. The Company may assess each entity or individual initially and use such assessment to designate an appropriate risk level - which could subject the entity or individual to increased diligence as necessary.
      5. Action Regarding Lack of Verification. In relevant circumstances, if the Company is not able to form a reasonable belief as to the customer's identity, the Company may take appropriate action such as:
        1. Alter the terms, if any, under which the customer may use the applicable services or account prior to a successful verification; and
        2. Not provide services to the customer or close the customer's account if repeated and/or supplemental verification attempts have failed.
      6. SAR Reports. If necessary, the Company may file Suspicious Activity Reports ("SARs") (see Suspicious Activity Reporting Requirements section below for more detail) in connection with a failure to successfully complete customer verification in accordance with the KYC Policy.
      7. Recordkeeping. Any information provided to the Company pursuant to its verification of customer identity, such as the document relied upon for "Customer Verification" (described above), identity information regarding a Control Person or Beneficial Owner of an applicable legal entity, an overview of methods and measures undertaken for "Customer Verification", and a description of any material issues raised during such process, will be maintained in the Company's records for a period of five years after the date the account is closed or seven years after the record is made, whichever is later.
    2. BSA/AML & Sanctions Risk Assessment. On a periodic basis the Company may conduct a BSA/AML & OFAC Risk Assessment in which it analyzes risks posed by (i) its customers; and (ii) its products and services, including assessment of internal and external metrics.
    3. Transaction Monitoring & Investigations.
      1. Suspicious Activity. The Company's SAR procedures explicitly include detection and reporting of activities aligned with FinCEN's National AML/CFT Priorities, including but not limited to corruption, cybercrime (including ransomware and dark web virtual currency activity), terrorist financing, fraud, activities involving transnational criminal organizations, narcotics trafficking, human trafficking, and proliferation financing. The Company will conduct post-event monitoring of transactions and investigations of transactions that are out of the ordinary. The Company will communicate with any necessary third-party service providers related to its AML program to the extent reasonably practicable and necessary to investigate potential criminal activity, in accordance with its obligations under the BSA. Company employees must be alert to activity that might be indicative of possible structuring or other violations of the BSA, money laundering, terrorist financing or other criminal activity, or otherwise appears to be "suspicious." If an employee discovers activity that he or she knows or suspects is involved in a possible violation of law, the information must be immediately referred to the Compliance Officer. In each case, the Compliance Officer will evaluate the matter and take appropriate action.
      2. Unusual Activity. It is the Company's policy to identify unusual transactions, examine all available facts and conduct further research as necessary to reach one of two conclusions: (1) that the transaction is highly unusual but not suspicious because there is a reasonable explanation for the activity; or (2) that the transaction is suspicious because it is highly unusual and the Company knows of no reasonable explanation for the transaction after examining all available facts, including the background and possible purpose of the transaction. Unusual activity may include an increase in the number of transactions involving a particular individual or legal entity in a given day. When reviewing or monitoring transactions and other activity, no single factor may be decisive, and no single factor may be sufficient to provide a basis to conclude that money laundering, terrorist financing, structuring or other "suspicious" activity has occurred or may be occurring. The determination that specific activity is "suspicious" must be based on consideration of all relevant information, especially the size, frequency and nature of transactions and the norm for transactions conducted by the customer. A single factor, however, may signal that a transaction is unusual and possibly “suspicious” and that further inquiry should be made.
    4. Customer Risk Assessment.
      1. Individual Customers. Among the characteristics that the Company will consider in completing a Customer Risk Assessment are (i) those that are specific to and intractable of the customer such as that customer's address, age, and generalized location information (including an analysis, if applicable, against the Financial Action Task Force list of jurisdictions with AML deficiencies), the means by which the customer's applicable funds were acquired, and the information found on the customer's government issued identification documents; and (ii) those characteristics of the customer's interaction with the Company which indicate the level of risk that the customer may pose in connection with its transactions such as the country of origin of such transaction, the size of the customer's transactions in relation to the Company and the on-chain digital asset transactions known to have originated from the customer which interact with addresses generally believed to be "high risk". Further, Customers engaging in activities involving cryptocurrency mixers, tumblers, or privacy-enhanced coins (privacy coins) will be classified as high-risk. The Company will apply enhanced due diligence, including heightened identity verification, detailed blockchain analysis to trace transaction origins, rigorous verification of source of funds, and frequent monitoring. Compliance Officer approval is required for onboarding or continuing relationships involving these activities. The Company will further monitor any customer risks related to public or governmental alerts stemming from trade surveillance as well as any known SAR filings related to the customer.
      2. Institutional Customers. In addition to the steps taken with regard to "Individual Customers", various data may be analyzed in assessing potential legal entity customers such as the location of such customer (both legal and operational), the characteristics of the customer's business activities including both the products and services offered by the customer and the relevance of such characteristics to the customer's decision to establish an account with, or otherwise obtains services from, the Company.
    5. Suspicious Activity Reporting Requirements. The BSA requires that an MSBs file a SAR if a transaction is conducted or attempted by, at, or through the MSB that involves or aggregates funds or other assets of at least $2,000 and the MSB knows, suspects or has reason to suspect that the transaction (or a pattern of transactions of which the transaction is a part) is suspicious. Each MSB must file a SAR on the MSB SAR form. The SAR must be filed no later than thirty (30) days after the date of the initial detection by the MSB of facts that may constitute the basis for filing a SAR. The Company will file SARs electronically.
      Examples of activities that may be "suspicious" include, but are by no means limited to, transactions:
      • Involving funds derived from illegal activity or intended or conducted in order to hide or disguise funds or assets derived from illegal activity (including, without limitation, the ownership, nature, source, location or control of such funds or assets) as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation;
      • Designed to evade the requirements of the BSA, whether through structuring or other means;
      • That serves no business or apparent lawful purpose, while the reporting business (i.e., the Company) knows of no reasonable explanation for the transaction after examining all available facts, including the background and possible purpose of the transaction; or
      • Involving the use of the MSB to facilitate criminal activity.
      Not all of these types of activities are necessarily likely to be relevant to the Company. Note, however, a transaction may be voluntarily reported if it meets any of the regulatory criteria for a "suspicious" transaction even if the transaction falls below the mandatory reporting threshold.
      Transactions designed to evade the BSA, such as by structuring, are also suspicious.
      1. Structuring. A person engages in structuring if that person, acting alone, or in conjunction with, or on behalf of, other persons, conducts or attempts to conduct one or more transactions, in any amount, at one or more financial institutions, on one or more days, in any manner, for the purpose of evading a BSA reporting or recordkeeping requirement.
        The phrase "in any manner" includes, but is not limited to, the breaking down of a single sum or sums below the recordkeeping or reporting threshold (e.g., more than $10,000 for "Currency Transaction Reports", $3,000 or more for the "Wire Transfer Rule" under 31 CFR 1010.410(e)) or conducting a series of transactions below the relevant threshold ($10,000 or $3,000). The transaction or transactions do not have to exceed the relevant threshold at any single financial institution (or single MSB or MSB location) on any one date to constitute structuring.
        There are three components commonly associated with Money Laundering that criminals use to mask their illegal money:
        • Placement: Physically placing criminal proceeds into the financial system. Often times, this is the most difficult aspect of money laundering for criminals.
        • Layering: Separating the proceeds of criminal activity from their origins through "layers" of financial transactions.
        • Integration: Moving the proceeds of crime into a "final" form that provides an apparently legitimate explanation for the illegally obtained funds.
      2. Evasion Other Than Structuring. Persons intent on evading the BSA often use methods other than or in addition to structuring. A common method is to assume a false identity. To effectively operate under a false identity, legitimate identification may be altered or counterfeit identification used when conducting financial transactions.
      3. No Business or Apparent Lawful Purpose (Unusual Activity). An unusual transaction is a transaction that does not fit a norm of expected behavior. A transaction may be unusual because it is inconsistent with what is known about a particular customer or it is inconsistent with a pattern of behavior previously established by a particular customer. A transaction may be unusual because it varies from the norm of behavior for a particular group of customers or because it varies from transactions conducted in a particular geographic area or region. It may be unusual because it varies from a normal business practice locally or generally.
    6. Willful Blindness. In the context of detection and reporting of suspicious activity, if the Company knows that a transaction or pattern of transactions appears to have been completed in a manner designed to avoid a BSA requirement, yet the Company deliberately refuses to ask questions or inquire further because it wants to remain ignorant, and thus fails to report the transaction(s) as suspicious, the Company will be deemed to have knowledge of the "suspicious" transactions for purposes for determining that a violation of the SAR requirement has occurred.
    7. SAR-Related Compliance Matters.
      1. Prohibition Against SAR Disclosure. If the Company files a SAR, it is prohibited from disclosing to any person involved in the reported transaction or transactions that a SAR has been filed. The Company may not disclose a SAR, or any information that would reveal the existence of a SAR, except in limited circumstances as set forth herein. The prohibition extends to every Company officer and employee, and all employees must be made aware of their regulatory obligations with regard to this prohibition. If the Company receives a subpoena or other request to disclose a SAR or the information contained in a SAR, the Company, including any of its officers, employees and agents (if applicable), must decline to produce the SAR or to provide any information contained in a SAR except where such disclosure is requested by FinCEN or by an appropriate law enforcement or supervisory agency. The Company will notify FinCEN of any request made for a SAR or information contained in a SAR and of any response provided to such request.
        The prohibition against SAR disclosures does not prohibit the disclosure of: (1) A SAR, or any information that would reveal the existence of a SAR, to FinCEN or any Federal, State, or local law enforcement agency, or any Federal regulatory authority that examines the Company for compliance with the BSA, or any state regulatory authority administering a state law that requires the Company to comply with the BSA or otherwise authorizes the state authority to ensure that the Company complies with the BSA; or (2) The underlying facts, transactions, and documents upon which a SAR is based, including but not limited to, disclosures to another financial institution, or any director, officer, employee, or agent of a financial institution, for the preparation of a joint SAR.
      2. Civil Immunity for Filing SAR. If the Company files a SAR, the Company and its officers and employees are protected from civil liability for any information reported in the SAR.
      3. SAR Filing - Subjective Evaluation. The decision whether to file a SAR is made by the Compliance Officer. If an employee discovers activity that he or she knows or suspects is involved in a possible violation of law, the information immediately must be referred to the Compliance Officer (or his or her designee). In each case, the Compliance Officer will evaluate the matter and take appropriate action. A log is maintained by the Company of all details and corrections, if any, of the unusual activity. SAR supporting documentation will be identified as such and maintained by the Company.
        4. It is the policy of the Company to prepare and file accurate and complete SARs. A copy of each SAR filed, plus originals of all supporting documentation, will be retained by the Company for a period of five (5) years from the date of filing of the SAR. Extreme caution must be used when dealing with anybody who might ask questions about the SAR requirement or other BSA reporting or recordkeeping requirements. If any entity or individual asks questions about SARs or about other BSA reporting or recordkeeping requirements, the person will be referred to the Compliance Officer.
    8. Information Sharing. The Company has abided by the applicable registration rules under Section 314(b) and subsequently is entitled to request and receive information from other registered U.S. financial institutions.
    9. Interactions with Law Enforcement. Government personnel may engage in informal communications with the Company. In addition, the Company may receive formal written legal communications such as subpoenas, summonses, and warrants.
      Law enforcement and other government personnel will often contact an MSB as a courtesy and sometimes to narrow the scope of a subpoena or summons to be issued. A government representative may ask that records, documents or other information be produced without the benefit of a subpoena, summons, or other legal process. To protect the Company, the Company requires formal legal process such as a subpoena, prior to production or disclosure of records, documents and other specific information.
      If the Company is served with a subpoena, summons, search warrant, or other legal process, or if a government agent otherwise requests information or documents involving the BSA, money laundering or terrorist activity, the Compliance Officer must be contacted. Only the Compliance Officer is authorized to respond to legal process, legal notices, or other inquiries received from law enforcement or other government authorities or otherwise communicate with law enforcement officials or with other government authorities with respect to criminal and other legal matters related to the BSA, the money laundering and anti-terrorism statutes, and related criminal matters.
    10. Currency Transaction Reports (“CTRs”). The Company does not receive, transmit or otherwise handle on behalf of customers any currency (i.e., coin and paper money of the United States or of any other country that is designated as legal tender and that circulates and is customarily used and accepted as a medium of exchange in the country of issuance). See §1010.310-314, §1010.306, & §1020.315. Therefore the Company is not subject to the requirements relating to filing CTRs. If the Company contemplates any changes to its activities that may involve receiving, transmitting or otherwise handling currency, the Company will evaluate whether CTR requirements may apply and update this AML policy and any applicable procedures accordingly.
    11. Reports of Transportation of Currency or Monetary Instruments. The Company does not engage in the transportation of currency or monetary instruments. For the avoidance of doubt, monetary instruments do not include virtual currencies. See §1010.340 & §1010.306. Therefore the Company is not subject to the requirements relating to filing such reports. If the Company contemplates any changes to its activities that may involve transportation of currency or monetary instruments, the Company will evaluate whether requirements relating to such reports may apply and update this AML policy and any applicable procedures accordingly.
    12. BSA Recordkeeping Requirements.
      1. The Funds Transfer Rule and Funds Travel Rule. The Company complies with the Funds Transfer and Travel Rules for all transactions equal to or exceeding $3,000 (or equivalent in CVC). The Funds Transfer Rule, 31 CFR 1010.410(e), and the Funds Travel Rule, 31 CFR 1010.410(f), together require that an MSB, such as the Company, that accepts fund transfer instructions ("transmittal order"): (i) capture certain identifying and other information about the person placing the transmittal order (the "transmitter"),the person to whom the proceeds of the transmittal order are to be paid (the "recipient"), the transfer, and the financial institution(s) processing the transfer; (ii) verify the identity of the transmitter and the recipient; and (iii) send certain information to the next financial institution processing the transfer. The rule applies to certain transfers in the amount of $3,000 or more, but does not apply to electronic fund transfers as defined in section 903(7) of theElectronic Fund Transfer Act(15 U.S.C. 1693a(7))and certain other related types of funds transfers. FinCEN has interpreted these requirements to apply to a transmittal order involving virtual currency because it is an instruction to pay a “determinable amount of money” that qualifies as a transmittal of funds. Therefore, according to FinCEN, “a transmittal of funds of $3,000 or more (or its equivalent in CVC) may trigger certain requirements on [an MSB] as either the financial institution for the transmittor or recipient, or as an intermediary financial institution.” See FIN-2019-G001, Application of FinCEN's Regulations to Certain Business Models Involving Convertible Virtual Currencies (May 9, 2019) at 11.
      2. Other BSA Recordkeeping Requirements. Additional types of records retained by the Company may include, if applicable Section 314(a) Requests, inquiries from law enforcement and other government officials and information sharing.
    13. OFAC Reporting. The primary focus of this policy is BSA/AML compliance. However, the Company also takes seriously its obligations relating to sanctions programs administered by OFAC. Under OFAC guidelines, although a sanctions compliance program is not required, the existence of a risk-based OFAC compliance program is used by OFAC in determining whether to seek civil penalties and/or criminal penalties for even inadvertent lapses of the sanctions program—the statutes administered by OFAC generally impose liability on U.S. persons for conducting prohibited transactions even without specific intent to violate the law. For this reason, and because it is consistent with the Company's policy of compliance with all laws and regulations designed to ensure that the Company is not utilized as a conduit for illicit activity, the Company has instituted an OFAC Compliance Program which adheres to the following policies:
      1. Global Adherence. As a U.S. company, the Company adheres to OFAC sanctions on a global basis.
      2. Sanctions Lists. The sanctions laws enforced by OFAC bar engaging in trade or financial transactions with certain specified countries and/or "specially designated nationals" ("SDN"). As part of its enforcement efforts, OFAC publishes a list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific (the "SDN List"). Their assets are blocked and U.S. persons are generally prohibited from dealing with them. The SDN List is frequently updated. There is no predetermined timetable, but names are added or removed as necessary and appropriate. In addition to the SDNs List, OFAC maintains a Consolidated Sanctions List identifying all other non-SDN sanctions (together with the SDN List, the"OFAC Lists"). These lists may include Foreign Sanctions Evaders ("FSE") and Sectoral Sanctions Identifications ("SSI"). The Company complies with all obligations under the OFAC Lists.
      3. Country Sanctions Programs. OFAC administers both selective and comprehensive sanctions programs against specific countries. Comprehensive country sanctions programs broadly prohibit or restrict all types of transactions and financial dealings with the given country. Selective country sanctions programs target specific entities or persons and prohibit or restrict only specific types of transactions or financial dealings with the given country. The Company complies with all obligations under the Country Sanctions Programs.
      4. Screening. The Company explicitly integrates OFAC's virtual currency sanctions compliance measures. Cryptocurrency wallet addresses will be routinely screened against OFAC virtual currency identifiers. Positive matches will immediately trigger asset blocking, transaction freezing, and mandatory reporting to OFAC. The Company's onboarding procedures provide for the screening of customers against the sanctions lists, including all identified Control Persons and Beneficial Owners. Company personnel and Company AML Parties are expected to immediately escalate to the Compliance Officer any positive hits from screening customers against the OFAC and sanctions lists during account opening or from periodic or fiat transaction screening.
      5. Blocking and Reporting. For positive OFAC hits, the Compliance Officer must take appropriate action which may include refusing to open an account, immediately imposing an across-the-board prohibition against transfers or dealings of any kind with regard to the property (referred to as "blocking" or "freezing"), and reporting blocked assets to OFAC. The Company must report blocked assets to OFAC within 10 days of the placement of the block. Any blocked assets held by the Company as of June 30 must be reported to OFAC by September 30 onForm TD F 90-22.50.Blocked assets may be released by the Company only upon authorization from OFAC.
      6. Self-Disclosure. If the Company personnel or a Company AML Party becomes aware of any prior transfer of assets from the Company account by a customer on an OFAC List, such information must be immediately escalated to the Compliance Officer. The Compliance Officer is responsible for determining whether an OFAC sanction violation has occurred and for reporting such violation to OFAC in a letter with any supporting documentation. OFAC considers self-disclosure a mitigating factor in civil penalty proceedings and reviews the totality of the circumstances surrounding any violation, including the quality of the Company's OFAC compliance program.
  4. Compliance Monitoring.
    1. New Products. Whenever a new product or service is introduced by the Company, the Company will assess the applicable potential money laundering implications including those specific to the jurisdictions in which the Company and its customers are operating or engaging with regard to any applicable transaction.
    2. Internal Controls Monitoring. The Company and the Compliance Officer will ensure its AML Policy is complied with on an ongoing basis including via any necessary analysis of systems and controls and will remediate such compliance efforts and policies where necessary. These processes which shall undergo assessment by the Company and the Compliance Officer include the recordkeeping policies of the Company with regard to its AML Policy, the extent to which OFAC screening occurs, and the extent to which transactions are properly monitored in compliance with the AML Policy.
    3. Confidential Reporting of Violations. Any employee of the Company who notices a failure of the Company to comply with this Policy or would like to address any other relevant AML issue, may report such failure to comply directly or anonymously to the Compliance Officer. The Compliance Officer further ensures that this mechanism is well publicized to all employees and will take all necessary steps to ensure reports of potential violations remain anonymous and confidential. Regardless of whether a report is made anonymously, the Company has zero tolerance for retaliation against an employee for reporting a potential violation of this AML Policy. Any employee who retaliates in this fashion will be subject to disciplinary action up to and including termination.
  5. Training. Under this AML Policy, all employees of the Company, as well as all members of the Board, must undergo AML Policy training within 30 days of joining the Company or of the initial implementation of this AML Policy, whichever is later. Employees who fail to comply with such training may be subject to certain disciplinary action by the Company.
    The Company's training program for the AML Policy ensures familiarity with the Policy, including ensuring each employee has the capacity to identify suspicious or unusual activity that must be reported, and is aware of the applicable anti-money laundering laws and regulations. Employees must be aware of the severity and importance of such rules, and the seriousness with which the Company takes its AML compliance. The Compliance Officer will be responsible for attendance at such trainings and for overseeing the development of the training program such that it conveys the core requirements of employees under this AML Policy.
  6. Independent Testing. It is the Company's policy to provide for independent testing of its compliance program consistent with the BSA requirements for MSBs. Accordingly, an independent review of this AML Policy will be conducted at the direction of Executive Management (as defined below) approximately once per year. The audit/review will be conducted by a person who is both independent and has the experience and skill to conduct a thorough and effective independent review. The reviewer may be a Company employee but in no event may the reviewer be an employee who has specific compliance responsibility, such as the Compliance Officer, nor an employee who reports to the Compliance Officer.
    The reviewer shall develop an internal control questionnaire and audit work program which describes in detail the testing to be performed to meet each audit objective. A written report summarizing results of the independent review and management's corrective action will be issued to the Company's Compliance Officer and Board of Directors.
    Set forth below is a description of the points that will be covered in the annual independent review, focusing on areas that deal with BSA reporting and recordkeeping and OFAC compliance:
    • The overall integrity and effectiveness of the AML Policy, including programs, policies, procedures, and processes;
    • BSA/AML risk assessment;
    • BSA reporting and recordkeeping requirements;
    • Personnel adherence to the MSB's BSA/AML policies, procedures, and processes;
    • Adequacy of training.
    Records of all final reports of the independent review of the AML Policy shall be retained by the Compliance Officer for a period of five (5) years.
4. ROLES AND ACCOUNTABILITIES. The AML Policy is broadly applicable to the Company's employees, transactions and its range of business activities, regardless of whether such activities are actually conducted by the Company directly or through third party service providers. Responsibilities under this AML Policy fall to the Compliance Officer, the Company's executive officers ("Executive Management"), the Board, as well as the Company's employees.
  1. Compliance Officer. The Compliance Officer has primary responsibility for implementing and maintaining the AML Policy, as well as ensuring it is reviewed and, if necessary, updated regularly with regulatory changes or independent testing results. The Compliance Officer will assess the staffing needs relative to the AML Policy implementation and operation and will ensure that it is updated as the Company's products and services are modified and as new products and service are added. The Compliance Officer's implementation of the AML Policy will include presenting such Policy to the Board for annual approval, determining how to handle accounts with positive OFAC hits, making SAR decisions, overseeing any third party contractors who are conducting activities under this AML Policy, providing guidance with regard to the AML Policy to key staff when called upon in Company meetings or asked directly, assisting in managing applicable regulatory relationships, alerting the Board and Executive Management to any AML Policy related issues as they materialize, following the development of any new applicable laws and regulations to the AML Policy, and monitoring the Policy and related procedures such that any corrective action may be appropriately and timely taken by the Company. These duties are delegable by the Compliance Officer where appropriate.
  2. Executive Management. Executive Management must promote compliance with the AML Policy throughout the Company, monitor and take action when necessary as any AML Policy or related issues arise, review any compliance reports relating to the AML Policy, and review the results of the independent testing of the Policy, as well as attend to any other issues that arise, or are brought to Executive Management's attention by the Compliance Officer, the Board or any regulator as such issues pertain to the AML Policy.
  3. Board. The Board (or, if delegated, a committee of the Board), must oversee the effectiveness of the AML Policy. Such oversight includes the initial designation and subsequent reaffirmation of the Compliance Officer, the AML Policy, and any related policies or members of Executive Management. It is vital that the Board foster a culture of compliance with the AML Policy, such that the Executive Management and the Company's employees understand their own compliance responsibilities.
    The Board must oversee the annual independent testing of the Policy, and must consider any AML Policy compliance issues and applicable corrective action, if any, that is escalated to the Board. The Board also maintains primary responsibility for reviewing any regulatory feedback including letters or examination feedback related to the Policy.
  4. Company AML Personnel. Company AML employees must be aware of their responsibilities under the AML Policy, and must complete the applicable training on a timely basis. Such employees must be aware of their particular and specific responsibilities under the Policy including their responsibility to inform the Compliance Officer of any changes in the Company's products and services which may impact the Company's money laundering risks, and any other applicable risks under this AML Policy. Such employees also have the responsibility under this Policy and under the law, where applicable, to provide records created in the course of their duties that may be applicable to this AML Policy to the Compliance Officer upon request, and to any applicable regulatory authority as required under the law.
5. CONTACT FOR QUESTIONS. Any employee with a question should contact Prince Jindal, at [email protected] for questions regarding the AML Policy.
Senior management has approved this AML compliance program in writing as reasonably designed to achieve and monitor our firm's ongoing compliance with the requirements of the BSA and the implementing regulations under it. This approval is indicated by the signature below.
Name: Jung Won Kim
Title: CEO
Lantern Finance