Aml & Kyc Policy

Introduction

Goat Spins maintains a strict Anti-Money Laundering (AML) and Know-Your-Customer (KYC) program designed to prevent misuse of our platform for money laundering, terrorist financing, or other illicit activities. This policy applies to all Goat Spins users, transactions, and business relationships and governs on-boarding, ongoing monitoring, and escalation procedures in compliance with applicable laws and international standards.

Scope and Application

This policy covers: (a) customer due diligence and verification, (b) ongoing monitoring of user activity, (c) screening against sanctions and high-risk indicators, (d) reporting of suspicious activity, (e) record keeping, and (f) employee training. It applies to all Goat Spins staff, contractors, and third-party service providers acting on our behalf.

Policy Objectives

• Prevent Goat Spins services from being used for money laundering, terrorist financing, or related crimes.
• Comply with applicable AML/CTF laws and regulations relevant to our operations.
• Implement a risk-based approach to identify and mitigate ML/TF risks.
• Maintain effective KYC procedures and ongoing due diligence aligned with customer risk profiles.
• Monitor, report, and escalate suspicious activity to the appropriate authorities when required.
• Provide ongoing training to personnel to ensure awareness and adherence to AML/CTF obligations.

Governance and Oversight

The Goat Spins Board retains ultimate responsibility for AML/CTF compliance. We appoint a designated AML/CTF lead (the AML Officer) responsible for day-to-day implementation, oversight, and management of this policy. The AML Officer ensures adequate resources, independent authority, and timely reporting to senior management on compliance matters.

Definitions

• Money Laundering (ML): The process of concealing the illicit origin of funds or assets through a sequence of transactions intended to conceal, disguise, or integrate the proceeds of crime.
• Terrorist Financing (TF): The provision or collection of funds, by any means, with the intention that they should be used, in whole or in part, to support terrorist acts or organizations.

Customer Identification and Verification (KYC)

We apply a risk-based CDD framework, commencing at account registration and continuing through ongoing monitoring. Verification is conducted using reliable and independent sources and may involve third-party screening for sanctions and PEP status.

• CDD (Basic Verification): All users must provide and verify essential identifiers prior to enabling full service usage, including legal name, date of birth, residential address, contact details, and a valid means of payment. For cryptocurrency activity, wallet addresses used for deposits and withdrawals will be recorded.
• Documentation: Acceptable documents include government-issued photo ID, proof of address, and any other information required to establish identity and residency. Verification may be supplemented by external databases or reputable verification services.
• Data Use: Information collected is used solely to verify identity, assess risk, and comply with AML/CTF obligations, and is processed in accordance with applicable data protection laws.

Enhanced Due Diligence

EDD is applied for higher-risk scenarios, including but not limited to:

• Politically Exposed Persons (PEPs) or associates;
• User from or transacting with high-risk jurisdictions;
• Unusually large or complex transaction patterns with no clear economic purpose;
• Red flags identified by the MLRO or monitoring systems.

EDD measures may include additional identity verification, source-of-funds and source-of-wealth substantiation, expanded transaction monitoring, and management approval to commence or continue a business relationship.

Ongoing Monitoring

We perform ongoing, risk-based monitoring of user activity and transactions. Data maintained for KYC purposes is periodically reviewed and updated, with heightened monitoring for high-risk accounts. The monitoring program includes automated screening and manual review where appropriate, with procedures to escalate to the AML Officer for further analysis.

Restricted Jurisdictions and Screening

Goat Spins screens against applicable sanctions lists and restricted jurisdictions. Access from or transactions with high-risk or sanctioned jurisdictions may be blocked or subject to enhanced due diligence. We also screen for adverse associations and comply with all applicable international sanctions regimes.

Transaction Monitoring and Sanctions Screening

Our platform employs a combined automated and manual monitoring approach. Key components include:

• Sanctions screening of users and counterparties against relevant lists.
• Blockchain analytics for cryptocurrency activity to assess risk profiles of wallet addresses and detect links to illicit activity.
• Monitoring for unusual or patterns inconsistent with a user’s known profile or expected behavior.
• Detection of attempts to obfuscate origin or destination of funds, including use of mixers or rapid movement of assets.
• Trigger-based EDD or re-verification for withdrawals above defined thresholds or tied to high-risk activity.

Red Flag Indicators

• Inconsistent or incomplete KYC information; use of multiple accounts without legitimate purpose;
• Unusual deposit or withdrawal patterns or timing not aligned with gameplay activity;
• Deposits to/from crypto wallets associated with illicit activity; structuring attempts to avoid limits;
• Reluctance to provide SoF/SoW or source of funds lacking legitimate explanation;
• Use of VPNs or other tools to obscure location in contravention of policy.

Account Acceptance, Suspension, and Termination

We may refuse or suspend a user’s account or terminate existing relationships for reasons including, but not limited to, failure to provide satisfactory identification, falsified documents, negative findings in screening, PEP-related risk that cannot be adequately mitigated, or suspicion of ML/TF activity. We may also restrict access from restricted or high-risk jurisdictions as part of compliance measures.

Record Keeping and Data Retention

We retain AML/CTF records for not less than five (5) years after the end of the business relationship or the final transaction, or longer if required by applicable law. Records include identification documents, verification results, transaction details, correspondence related to AML/CTF matters, internal investigation files, and training records. Records are stored securely and made available to competent authorities upon legitimate request in accordance with data protection laws.

Reporting Suspicious Activity

Any employee who identifies or suspects potential ML/TF must promptly report to the AML Officer. The AML Officer will investigate internal reports and, if warranted, file a Suspicious Activity Report (SAR) with the competent Financial Intelligence Unit or other authorities in accordance with applicable law. We will not disclose to the customer that a SAR has been filed, and we will cooperate with law enforcement and regulatory authorities as required, subject to legal constraints.

Training and Awareness

Goat Spins provides ongoing AML/CTF training to all relevant personnel. Training covers applicable laws and regulations, internal procedures, red-flag indicators, KYC and due diligence requirements, reporting processes, and record-keeping obligations. Training is conducted at least annually and updated as regulatory changes occur.

Policy Review and Updates

This AML/CTF policy is a living document. We review and update it at least annually or more frequently when regulatory changes, updates to risk assessments, or significant business changes necessitate revisions. Significant amendments require approval by the AML Officer and senior management.

Compliance with Data Protection

All handling of personal data for AML/CTF purposes complies with applicable data protection laws and Goat Spins’ Privacy Policy. Personal data is processed solely for identity verification, risk assessment, monitoring, reporting, and regulatory compliance.