KNOW YOUR CUSTOMER (KYC), CUSTOMER DUE DILIGENCE (CDD) AND COMPLIANCE POLICY

1. This Know Your Customer (KYC), Customer Due Diligence (CDD) and Compliance Policy (“Policy”) sets out the standards, procedures, and controls adopted by Moonex LLC (“Moonex” or “the Company”) to identify and verify customers, assess and manage money laundering and terrorist financing risks, and ensure compliance with applicable AML/CFT laws and regulatory requirements.
2. This Policy is intended to be read in conjunction with Moonex’s AML–CFT Policy and forms an integral part of the Company’s overall compliance framework.

1. This Policy is aligned with and guided by:
   1. Financial Action Task Force (FATF) Recommendations;
   2. Applicable AML/CFT laws, rules, and regulatory guidance in jurisdictions where Moonex operates or offers services;
   3. Government of India Notification dated 7 March 2023 (where applicable);
   4. Guidelines and directions issued by FIU-IND to Virtual Digital Asset Service Providers (where applicable);
   5. Other applicable international standards and best practices.
2. Moonex acknowledges that regulatory expectations may vary across jurisdictions and commits to complying with the stricter requirement where overlapping obligations apply.

1. This Policy applies to:
   1. All customers (individuals and legal entities);
   2. All business lines, products, and services of Moonex;
   3. All employees, officers, consultants, and contractors involved in onboarding, compliance, operations, and customer support;
   4. Third-party service providers engaged for KYC, screening, or compliance-related functions.

1. Board and Senior Management
   1. The Board of Directors and senior management are responsible for:
      1. Approving this Policy and overseeing its effective implementation;
      2. Ensuring adequate staffing, systems, and resources for KYC/CDD compliance;
      3. Reviewing compliance reports and risk indicators on a periodic basis.

 

2. Designated Director
   1. The Designated Director has overall responsibility for ensuring adherence to AML/CFT and KYC obligations and for supporting regulatory engagement.

 

3. Principal Officer
   1. The Principal Officer is responsible for:
      1. Day-to-day implementation of this Policy;
      2. Supervising customer onboarding and ongoing due diligence;
      3. Reviewing escalations and determining further action, including STR filings;
      4. Acting as the primary liaison with FIU-IND and other competent authorities, where applicable.

1. Moonex adopts a risk-based approach (RBA) to KYC and customer monitoring.
2. Customer risk assessments consider:
   1. Customer type (individual, corporate, intermediary);
   2. Geographic risk (country of residence, incorporation, or operation);
   3. Product and service risk (spot trading, derivatives, staking, wallets);
   4. Transaction behaviour and volume;
   5. Delivery channel risk (non-face-to-face onboarding).
3. Risk ratings (low, medium, high) are assigned at onboarding and reviewed periodically or upon trigger events.

1. Individual Customers
   1. At a minimum, Moonex obtains and verifies:
      1. Full legal name;
      2. Date of birth;
      3. Nationality;
      4. Residential address;
      5. Government-issued identification document;
   2. Liveness or video verification, where applicable.
   3. Verification is conducted using reliable, independent sources or regulated third-party verification tools.

 

2. Legal Entity Customers
   1. For legal entities, Moonex obtains and verifies:
      1. Legal name, registration number, and registered address;
      2. Constitutional documents;
      3. Details of directors and authorised signatories;
      4. Nature of business and expected activity;
      5. Identification and verification of Ultimate Beneficial Owners (UBOs).

1. Moonex identifies and verifies the natural person(s) who ultimately own or control a legal entity customer.
2. Where no individual meets the prescribed ownership threshold, Moonex identifies persons exercising effective control or senior managing officials.
3. UBO information is periodically reviewed and updated.

1. Moonex conducts ongoing due diligence throughout the business relationship, including:
   1. Periodic KYC refresh based on risk category;
   2. Review of transaction behaviour against expected activity;
   3. Event-driven reviews triggered by changes in customer profile, unusual activity, or adverse information.

1. Enhanced Due Diligence measures are applied to higher-risk customers and scenarios, including:
   1. Politically Exposed Persons (PEPs);
   2. Customers from high-risk or sanctioned jurisdictions;
   3. High-value or complex transactions;
   4. Unusual or opaque ownership structures.

 

2. EDD measures may include:
   1. Additional identity or business documentation;
   2. Source of funds and source of wealth verification;
   3. Senior management approval;
   4. Increased monitoring frequency.

1. Moonex screens customers, UBOs, and transactions against:
   1. United Nations Security Council (UNSC) sanctions list;
   2. Applicable national and international sanctions list;
   3. Politically Exposed Persons (PEP) databases.
2. Screening is conducted at onboarding and on an ongoing basis. Matches are reviewed, escalated, and acted upon in accordance with internal procedures and applicable law.

1. Moonex employs a combination of automated systems and manual reviews to identify suspicious activity.
   1. Alerts are generated based on behavioural patterns, typologies, and risk indicators;
   2. Alerts are reviewed by trained compliance personnel;
   3. Where suspicion is confirmed, the matter is escalated to the Principal Officer.
2. Suspicious Transaction Reports (STRs) are filed with the relevant Financial Intelligence Unit within prescribed timelines, as applicable. Suspicion is not dependent on transaction value thresholds.

1. Moonex maintains records relating to:
   1. Customer identification and verification;
   2. Account files and business correspondence;
   3. Transaction records and monitoring outputs;
   4. STRs and internal compliance decisions.
2. Records are retained for a minimum period of five (5) years from the date of transaction or cessation of the business relationship, or longer where required by applicable law.

1. All relevant employees receive AML/CFT and KYC training at induction and periodically thereafter;
2. Specialised training is provided to compliance staff;
3. Training completion is documented and monitored.

1. Periodic internal reviews of KYC/CDD controls are conducted;
2. Independent audits may be undertaken, where required;
3. Identified gaps or deficiencies are remediated in a timely manner.

1. All customer information collected under this Policy is treated as confidential and is used solely for compliance and lawful business purposes, subject to applicable data protection laws and Moonex’s Privacy Policy.

1. Employee breaches of this Policy may result in disciplinary action;
2. Customer non-compliance may result in restrictions, suspension, or termination of services, subject to applicable law.

1. This Policy is reviewed periodically and updated to reflect changes in laws, regulations, business operations, or risk assessments.

For and on behalf of Moonex LLC

Authorised Signatory

_______________

Designated Director – Mr. Srinivaskumar Misro

Date: __________
Place: __________