Compliance

1. Introduction

At AuroraEx Limited ("AuroraEx," "we," "our," or "us"), we are committed to maintaining the highest standards of regulatory compliance and ethical business practices. This Compliance Policy outlines our approach to compliance with applicable laws, regulations, and industry standards.

We believe that a strong compliance culture is essential for building trust with our clients, partners, and regulators. Our compliance framework is designed to identify, assess, and mitigate risks associated with our business activities, while ensuring that we meet our legal and regulatory obligations.

2. Regulatory Framework

AuroraEx operates within a complex regulatory environment that varies by jurisdiction. We are committed to complying with all applicable laws and regulations in the jurisdictions where we operate, including but not limited to:

• Financial services regulations
• Anti-money laundering (AML) and counter-terrorism financing (CTF) laws
• Data protection and privacy laws
• Consumer protection laws
• Securities and investment laws
• Tax laws and reporting requirements

We maintain appropriate licenses and registrations as required by law and cooperate fully with regulatory authorities in all jurisdictions where we operate.

3. Anti-Money Laundering (AML) Policy

AuroraEx is committed to preventing money laundering and terrorist financing through our platform. Our AML policy includes the following key components:

3.1 Customer Due Diligence (CDD)

We conduct appropriate customer due diligence before establishing a business relationship with any client. This includes:

• Verifying the identity of clients using reliable, independent source documents, data, or information
• Identifying beneficial owners of legal entities
• Understanding the nature and purpose of the business relationship
• Conducting ongoing monitoring of the business relationship and transactions

3.2 Enhanced Due Diligence (EDD)

We apply enhanced due diligence measures for higher-risk clients, including:

• Politically exposed persons (PEPs)
• Clients from high-risk jurisdictions
• Clients with complex ownership structures
• Clients engaged in high-risk business activities

3.3 Transaction Monitoring

We monitor client transactions on an ongoing basis to detect suspicious activities. Our transaction monitoring system is designed to identify:

• Unusual transaction patterns
• Transactions that deviate from the client's profile
• Transactions with high-risk jurisdictions
• Structured transactions designed to evade reporting requirements
• Transactions that may be related to money laundering, terrorist financing, or other illegal activities

3.4 Suspicious Activity Reporting

We report suspicious activities to the appropriate authorities as required by law. Our employees are trained to identify and report suspicious activities, and we have established clear procedures for internal reporting and escalation.

4. Know Your Customer (KYC) Procedures

Our KYC procedures are designed to ensure that we know the identity of our clients and understand their financial activities. These procedures include:

4.1 Identity Verification

We verify the identity of our clients using reliable, independent source documents, data, or information. This may include:

• Government-issued identification documents (e.g., passport, driver's license, national ID)
• Proof of address (e.g., utility bills, bank statements)
• Biometric verification (where applicable)
• Electronic verification through trusted third-party providers

4.2 Business Entity Verification

For business entities, we collect and verify additional information, including:

• Certificate of incorporation or equivalent document
• Memorandum and articles of association
• Board resolution authorizing the opening of the account
• Identification of directors, officers, and beneficial owners
• Business activity and source of funds

4.3 Ongoing Monitoring

We conduct ongoing monitoring of our client relationships to ensure that the information we hold is accurate and up-to-date. This includes:

• Periodic review of client information
• Updating client information when changes occur
• Monitoring transactions for consistency with the client's profile
• Reassessing the client's risk profile as needed

5. Risk-Based Approach

We apply a risk-based approach to compliance, allocating our resources based on the level of risk associated with different clients, products, services, and jurisdictions. This approach allows us to focus our efforts on areas of higher risk while maintaining appropriate controls across all aspects of our business.

Our risk assessment methodology considers various factors, including:

• Client risk (e.g., occupation, source of wealth, PEP status)
• Product and service risk (e.g., complexity, liquidity, anonymity)
• Geographic risk (e.g., high-risk jurisdictions, sanctions)
• Channel risk (e.g., non-face-to-face relationships, third-party involvement)

Based on this assessment, we apply appropriate risk mitigation measures, including enhanced due diligence, transaction monitoring, and other controls as needed.

6. Sanctions Compliance

AuroraEx is committed to complying with all applicable sanctions regimes, including those imposed by the United Nations, the European Union, the United States, and other relevant jurisdictions. Our sanctions compliance program includes:

• Screening clients against sanctions lists during onboarding and on an ongoing basis
• Monitoring transactions for potential sanctions violations
• Blocking transactions involving sanctioned individuals, entities, or jurisdictions
• Reporting potential sanctions violations to the appropriate authorities
• Training employees on sanctions compliance

7. Data Protection and Privacy

We are committed to protecting the privacy and security of our clients' personal information. Our data protection and privacy practices comply with applicable laws and regulations, including the General Data Protection Regulation (GDPR) where applicable.

For more information about how we collect, use, and protect personal information, please refer to our Privacy Policy.

8. Employee Training and Awareness

We provide regular training to our employees on compliance matters, including:

• AML and CTF requirements
• KYC procedures
• Sanctions compliance
• Data protection and privacy
• Ethical business practices
• Whistleblowing procedures

All employees are required to complete compliance training appropriate to their role and responsibilities. We maintain records of training completion and regularly assess the effectiveness of our training programs.

9. Record Keeping

We maintain records of all client information, transactions, and compliance activities as required by law. Our record-keeping practices ensure that we can demonstrate compliance with our legal and regulatory obligations and respond to requests from regulatory authorities in a timely manner.

Records are maintained in a secure manner that protects confidentiality while ensuring accessibility for authorized personnel and regulatory authorities as needed.

10. Compliance Governance

Our compliance governance structure includes:

• A dedicated Compliance Officer responsible for overseeing our compliance program
• Regular compliance reporting to senior management and the Board of Directors
• Independent compliance reviews and audits
• Clear policies and procedures for compliance-related matters
• A culture of compliance that starts at the top and extends throughout the organization

11. Whistleblowing

We encourage employees, clients, and other stakeholders to report any concerns about potential violations of laws, regulations, or our internal policies. Our whistleblowing policy provides protection for individuals who report concerns in good faith, and we have established clear procedures for investigating and addressing reported concerns.

12. Contact Information

If you have any questions or concerns about our compliance policies or practices, please contact our Compliance Department at:

AuroraEx Limited
123 Trading Street, Financial District
New York, NY 10005
Email: [email protected]