Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) Policy and Know Your Customer (KYC) Policy

Dragon Incorporation (BVI) Ltd (“Dragon Incorporation”) has put in place an Anti-Money Laundering /Counter-Terrorist Financing Policy and a Know Your Customer Policy (collectively, the “AML Policies”). The Policies are revisited periodically and amended from time to time based on prevailing industry standards and international regulations designed to facilitate the prevention of illicit activity including money laundering and terrorist financing. All senior management and employees of the Dragon Incorporation are required to acknowledge and be familiar with the Policies.

The Policies are designed to lay down a framework to:

a. prevent Dragon Incorporation from being used, intentionally or unintentionally, by criminal elements for money laundering or financing terrorist activities;

b. enable Dragon Incorporation to know/understand its customers, clientele, contributors, business associates, and other contacts with which Dragon Incorporation has any financial dealings with (collectively, “Dealing Entities”) and their financial background and source of funds better, which in turn would help it to manage its risks prudently;

c. put in place appropriate controls for detection and reporting of suspicious activities in accordance with applicable laws, procedures and regulatory guidelines; and

d. equip employees of Dragon Incorporation with the necessary training and measures to deal with matters concerning KYC/AML procedures and reporting obligations.

THE POLICIES

RISK-BASED APPROACH

Dragon Incorporation shall adopt and maintain a Risk-Based Approach (“RBA”) towards assessing and containing the money laundering and terrorist financing risks to Dragon Incorporation arising any transactions it has with Dealing Entities. The guidelines are as follows:

a. Before entering into any transaction or proposed transaction, necessary checks shall be conducted in line with the RBA so as to ensure that the identity of the Dealing Entities or persons associated with the entities does not match with any person with known criminal background or with banned entities such as individual terrorists or terrorist organizations.

b. For the purpose of risk categorization of Dealing Entities, the relevant information shall be obtained from the Dealing Entities at or before the time of entering into the transaction or commencement of business relationship.

c. The risk categorization process for different types of Dealing Entities may take into account the background of the Dealing Entities, nature of business activity, location of Dealing Entities / activity and profile of purchasers of Dragon Coin (“DRG”), country of origin, sources of funds, mode of payments, volume of turnover, social and financial background.

d. The outcome of the risk categorization process shall be decided based on the relevant information provided by the Dealing Entities at the time of commencement of business relationship.

e. Enhanced due diligence would be required for higher risk Dealing Entities, especially those for whom the sources of funds are not clear, or for transactions of higher value and frequency, which shall be determined by Dragon Incorporation at its sole and absolute discretion.

f. Dragon Incorporation must be able to satisfy the competent authorities that due diligence was observed based on the risk profile of the Dealing Entities in compliance with the relevant legislations in place.

g. If Dragon Incorporation deems necessary, Dragon Incorporation may appoint a Third-Party KYC/AML specialist screening firm to ensure compliance with prevailing regulations and Dragon Incorporation policies. Dragon Incorporation must be satisfied that such third party is adequately regulated, supervised or monitored, and has measures in place for compliance with Dealing Entities due diligence and record-keeping requirements in line with the requirements and obligations under the applicable regulations, and that the third party is not based in a country or jurisdiction assessed as high-risk.

1. DURING THE DRG TOKEN GENERATION EVENT (TGE)/WHITELISTING:
a. Establishing and maintaining risk-based due diligence, identification, verification and KYC procedures, including enhanced due diligence for those Dealing Entities presenting higher risk, such as Politically Exposed Persons (“PEPs”).
b. Dragon Incorporation should not allow the opening or maintenance of any anonymous whitelist accounts in fictitious name or account on behalf of other persons whose identity has not been disclosed or cannot be verified.
c. The maintenance of appropriate records for the minimum prescribed periods.

2. INTERNAL CONTROLS
a. Dragon Incorporation will develop and implement internal controls for the purpose of ensuring that all of its operations comply with AML legal requirements and that all required reports are made on a timely basis. Some of those internal controls are listed within this document and may include, but are not limited to, the Customer Identification Program, the Suspicious Activity Reporting system, and the required reports on the Policies’ effectiveness to the Board, all of which are set out in the remainder of this Policies.

3. CUSTOMER IDENTIFICATION PROGRAM
a. The Customer Identification Program is to be carried out at the following stages: (i) while establishing a business relationship; (ii) before or during the carrying out of any financial transaction; and (iii) when there is any doubt about the authenticity/veracity or the adequacy of the previously obtained Dealing Entities’ identification data.
b. Dragon Incorporation will (i) require Dealing Entities to provide proof of identification; and (ii) not under any circumstances permit any transaction above 0.5 BTC or its other cryptocurrency or fiat currency equivalent to be made with incomplete account-opening or background and identity verification information.
c. When there shall be any suspicion of money laundering or terrorism financing activities, or where there shall be any doubt about the adequacy or veracity of previously obtained Dealing Entities’ identification data, the due diligence measures shall be reviewed, including verifying again the identity of the Participant and obtaining information regarding the purpose and intended nature of the business relationship with Dragon Incorporation.

4. PROOF OF IDENTIFICATION:
a. For natural persons, sufficient identification data shall be obtained to verify:

  • Full name
  • Date of birth
  • Nationality/ Citizenship
  • Country of birth
  • City or town of birth "Government-issued identification number (where applicable): i.e. national identity number or Passport number"
  • Gender
  • Residential address
    • Verification of address is required by obtaining a copy of acceptable address proof document (one or more, at the discretion of Dragon Incorporation) issued in the 3 months prior to establishing an account. The document must carry the Participant's name and address.
  • Permanent address (if different from residential)
  • Correspondence address (if different from residential)
  • Identification and Verification of authorized agents (e.g. any power of attorney of the account)

b. For other legal entities, sufficient documentation shall be obtained to verify:

  • Name
  • Government-issued identity documents (for connected parties)
  • Address proof document for connected parties (issued within 3 months date received)
  • Certificate of Incorporation/ or Certificate of Registration
  • Company Search Report/ or Certificate of Incumbency (COI)
  • M&AA/ Constitution/ Articles of Incorporation/ By-Laws
  • Organization chart for ownership structure
  • The standing of any person purporting to act on behalf of the legal entity
  • The ownership and control structure of the legal entity, and to determine who are the natural persons who ultimately control the legal entity
  • The Identification Data of the natural persons who ultimately control the legal entity (see above)
  • List of key controllers
  • Trust Deed (If any)
  • If partial Trust Deed is provided, this should include the front page of the initial trust deed and the last pages of the latest Deed, which should contain the following information;
  • Appointment of current Trustees,
  • Full name of the Trust and Trading As Name, and
  • Trustees' signature (If any)
  • Declaration of Trust (If any)
  • Foundation Charter (If any)
  • Declaration of Foundation (If any)

c. For other legal entities, sufficient documentation may (at Dragon Incorporation’s determination) be obtained to verify:

  • Latest Annual Report
  • Partnership agreement (Full)
  • Partnership agreement (Partial) or Latest Annual Report
  • Evidence from reliable public sources e.g. extract of latest listed stock register, indicating that the Participant is listed on a stock exchange in a FATF member country

5. VERIFICATION

  • a. Documents used for whitelisting of an account must be verified prior to the acceptance of the account into the whitelist. Verification of identity may require multi-factor authentication, layered security and other controls to ensure a meaningful user identity confirmation process based on account size or other factors.
  • b. The following are examples of verification methods Dragon Incorporation may use but is not an exhaustive list of the documents that Dragon Incorporation may request:
    • Obtaining proof of address, such as a copy of a utility bill or bank statement from the account holder.
    • Comparing the identifying information with information available from a trusted third-party source, such as a credit report from a consumer-reporting agency.
    • Analyzing whether there is logical consistency between the identifying information provided, such as the Dealing Entities’ name, street address, postal code, telephone number, date of birth, and social security number (logical verification).
    • Utilizing knowledge-based challenge questions.
    • Utilizing complex device identification (such as “digital fingerprints” or IP geo-location checks).
    • Obtaining a notarized or certified true copy of an individual’s birth certificate for valid identification.

6. SUSPICIOUS TRANSACTION AND ACTIVITY REPORTS

  • a. For the purpose of the Policies, a “Suspicious Transaction” means a transaction or attempted transaction, which to a person acting in good faith:
    • gives rise to a reasonable ground of suspicion that it may involve proceeds of criminal or other illicit activity, regardless of the value involved;
    • appears to be made in circumstances of unusual or unjustified complexity;
    • appears to have no economic rationale or bona fide purpose; and
    • gives rise to a reasonable ground of suspicion that it may involve financing of the activities relating to terrorism.
  • b. Ongoing monitoring is an essential element of effective implementation. Dragon Incorporation will diligently monitor transactions for Suspicious Transactions and other suspicious activity in relation to the sale of its DRG.
  • c. Internal controls will be implemented so that a monitoring system is in place to reasonably detect such activity as it occurs. When a suspicious activity is detected, Dragon Incorporation’s senior management will make the decision as to whether the transaction meets the definition of suspicious transaction or activity and whether any filings with law enforcement authorities should be filed. Dragon Incorporation reserves the right to report suspicious transactions or activity to law enforcement authorities at its sole discretion.
  • d. Dragon Incorporation will maintain a copy of the filing as well as all backup documentation. The fact that a filing has been made is confidential. No one, other than those involved in the investigation and reporting should be told of its existence. In no event should the parties involved in the suspicious activity be told of the filing. Dragon Incorporation may inform Dragon Incorporation’s Board of the filing and the underlying transaction.

7. MAINTAINING RECORDS

  • a. Reasonable procedures for maintaining records of the information used to verify a person’s name, address and other identifying information submitted for the purposes of participating in the sale of the DRG are required under this Policy. The following are required steps in the record keeping process:
    • Dragon Incorporation is required to maintain a record of identifying information provided by the Dealing Entities.
    • Where Dragon Incorporation relies upon a document to verify identity, Dragon Incorporation must maintain a copy of the document that Dragon Incorporation relied on that clearly evidences the type of document and any identifying information it may contain.
    • Dragon Incorporation must also record the methods and result of any additional measures undertaken to verify the identity of the Dealing Entities.
    • Dragon Incorporation must record the resolution of any discrepancy in the identifying information obtained.
    • All transaction and identification records will be maintained for as long as reasonably necessary for the purpose of conducting the TGE and to comply with applicable regulations.
  • b. All information collected from the Participants will be subject to Dragon Incorporation’s privacy policy, which is announced from time-to-time.

8. POST DRG TOKEN GENERATION EVENT AND ON AN ON-GOING BASIS:

  • a. Establishing and maintaining the Policies towards assessing and managing the money and terrorist financing risks to Dragon Incorporation.
  • b. Establishing and maintaining risk-based Dealing Entities due diligence, identification, verification and KYC procedures, including enhanced due diligence for those Dealing Entities presenting higher risk, such as Politically Exposed Persons (PEPs).
  • c. Procedures for reporting suspicious fraudulent use of identification documents to the relevant law enforcement authorities as appropriate.
  • d. The maintenance of appropriate records for reasonable period of time.
  • e. Providing appropriate management information and reporting to senior management of Dragon Incorporation's compliance with the requirements of the Policies.
  • f. Dragon Incorporation may require purchasers of the DRG to provide additional information or documentation to fulfil our legal obligations and where it deems appropriate refuse any Participant or transaction that is suspected of being related to financial crime.