KYC & AML POLICY

  1. Purpose and Background

This Know Your Customer (KYC) and Anti-Money Laundering (AML) Policy (the Policy) sets out the internal controls, procedures, and governance framework adopted by Tradelytic FZCO, trading as Traderscale (the Company), for the prevention and detection of money laundering, terrorist financing, fraud, and other financial crime.

The Company is committed to conducting its business in accordance with applicable laws and regulations of the United Arab Emirates, relevant international standards, and recognised industry best practices. This Policy reflects that commitment and forms part of the Company’s broader compliance and risk management framework.

 

  1. Scope of Application

This Policy applies to:

  • All customers and prospective customers of the Company;
  • All directors, officers, employees, contractors, and representatives of the Company; and
  • All products and services offered under the Traderscale brand, including trading challenges and related evaluations.

 

  1. Regulatory and Industry Standards

The Company’s AML and KYC framework has been developed with reference to, and is intended to be consistent with:

  • Applicable UAE AML/CFT legislation and regulatory guidance;
  • The recommendations of the Financial Action Task Force (FATF);
  • International standards relating to the prevention of financial crime.

 

  1. Risk-Based Approach

The Company applies a risk-based approach to AML and KYC compliance, whereby the nature and extent of due diligence and monitoring measures are proportionate to the level of risk presented by a customer, transaction, or activity.

In assessing risk, the Company considers factors including, but not limited to:

  • Customer jurisdiction and geographic exposure;
  • Customer behaviour and trading activity;
  • Transaction patterns and platform usage;
  • Source of funds and other relevant risk indicators.

Higher-risk relationships are subject to enhanced scrutiny and, where appropriate, enhanced due diligence measures.

 

  1. Customer Onboarding and Verification

5.1 Account Registration and Challenge Participation

Customers may register an account with the Company and purchase a trading challenge. At this stage, access is limited to participation in the challenge environment only.

Full KYC verification is not required at initial registration; however, the Company retains the right to request identity information or restrict access at any time where risk indicators are identified.

 

5.2 Mandatory KYC Trigger

Completion of KYC verification is mandatory where a customer:

  • Successfully completes a challenge phase; and
  • Becomes eligible to progress to a subsequent stage, including eligibility for a funded account, payout, or equivalent arrangement.

No progression beyond this point is permitted until KYC verification has been successfully completed and approved.

 

5.3 Identity Verification Provider

The Company relies on a third-party identity verification provider, Veriff, to conduct customer identity checks.

Veriff performs a combination of automated and manual verification measures, which may include:

  • Verification of government-issued identification documents;
  • Biometric and liveness checks;
  • Identity authenticity and fraud screening;
  • Screening against sanctions lists, politically exposed persons (PEP) lists, and other relevant watchlists, where applicable.

 

  1. Customer Information Collected

As part of the KYC process, the Company (directly or via its verification provider) may collect and verify the following information:

  • Full legal name;
  • Date of birth;
  • Nationality;
  • Residential address;
  • Details of a valid government-issued identification document;
  • Biometric or photographic verification.

The Company limits data collection to information that is necessary for compliance and risk management purposes.

 

  1. Prohibited and Restricted Jurisdictions

The Company does not establish or maintain relationships with customers who are resident in, or otherwise connected to:

  • Jurisdictions subject to international sanctions;
  • Jurisdictions identified as high-risk by FATF or other competent authorities.

Jurisdictional risk assessments are reviewed periodically and updated as required.

 

  1. Ongoing Monitoring

The Company conducts ongoing monitoring of customer activity throughout the business relationship. Monitoring measures may include:

  • Review of trading behaviour and platform usage;
  • Identification of activity inconsistent with a customer’s profile;
  • Detection of potentially abusive, fraudulent, or manipulative conduct.

Where risk indicators arise, the Company may request additional information, apply restrictions, or escalate the matter for further review.

 

  1. Enhanced Due Diligence

Enhanced Due Diligence (EDD) measures may be applied where a customer or activity presents a higher level of risk. Circumstances warranting EDD may include:

  • Links to higher-risk jurisdictions;
  • Adverse information or screening results;
  • Unusual or unexplained activity.

EDD measures may include the collection of additional documentation, source of funds information, and manual compliance review.

 

  1. Suspicious Activity and Escalation

The Company maintains internal procedures for the identification, escalation, and management of suspicious activity.

Where appropriate, the Company may take actions including:

  • Restricting or suspending accounts;
  • Terminating the customer relationship;
  • Making reports to relevant authorities in accordance with applicable legal requirements.

 

  1. Record Retention

The Company retains KYC and AML-related records, including verification data and risk assessments, for a minimum period of five (5) years following the end of the customer relationship, or longer where required by applicable law.

 

  1. Data Protection and Confidentiality

All personal data collected for AML and KYC purposes is:

  • Processed lawfully and securely;
  • Accessed only by authorised personnel;
  • Protected in accordance with applicable data protection requirements.

Third-party service providers are required to maintain appropriate security and confidentiality standards.

 

  1. Governance and Oversight

13.1 Compliance Oversight

Overall responsibility for AML and KYC compliance rests with senior management and the appointed Compliance Officer or Director.

13.2 Staff Responsibilities

All relevant personnel are required to:

  • Comply with this Policy and related procedures;
  • Complete AML and KYC training as required;
  • Promptly escalate any concerns or red flags.

 

  1. Training

The Company provides periodic AML and KYC training to ensure that relevant personnel remain aware of regulatory obligations, emerging risks, and internal procedures.

 

  1. Review and Updates

This Policy is reviewed at least annually and updated as necessary to reflect regulatory developments, changes in business activities, or identified risk factors.

 

  1. Approval

This Policy has been approved by senior management of Tradelytic FZCO and is effective from the date of adoption.

 

Approved by: Senior ManagementEntity: Tradelytic FZCO (trading as Traderscale)Effective Date: 23/1/26