These rules of procedure for the prevention of money laundering and terrorist financing and for the application of international sanctions (hereinafter - the “KYC/AML Policy”) have been drafted in accordance with the general requirements and provisions of § 14 of the Money Laundering and Terrorist Financing Prevention Act (hereinafter the AML/CFT Act) and § 13 (6) the International Sanctions Act, in addition to the provisions of the advisory guidelines established by the Financial Supervision Authority on November 26, 2018.

The KYC/AML Policy represents a rigorous effort and a continuous commitment by the management board of Zichain OÜ (Zichain) towards creating an appropriate framework and strategy to effectively prevent the misuse of Zichain Finance and its services for ML and TF.

Zichain OÜ is responsible for assessing ML and TF risks and ensuring appropriate implementation of risk-sensitive policies and procedures within the business.

Zichain OÜ applies the customer due diligence measures in order to properly manage and mitigate the risk of money laundering and terrorist financing. According to customer due diligence, Zichain OÜ establishes its own verification procedures within the standards of anti-money laundering and “Know Your Customer” frameworks.

Zichain shall identify the customer and, where appropriate, its representative, and keep the following data about the person and, where relevant, its representative: full name; personal identification code; citizenship; date and place of birth; place of residence or seat and tax residency; gender; declaration confirming whether the natural person is acting on behalf of third parties or whether they are the beneficial owner; profession and field of activity; purpose and nature of creating a business relationship; PEP status.

Identification and verification of a natural person’s identity are carried out on the basis of an identity document. Identification is performed by the employees of Zichain who are in direct contact with the customer. Documents used for identification have to include a user name, photo or facial image, signature or signature image and date of birth or personal identification code and should be one of the following: identity card; residence card; passport; diplomatic passport; driving licence.

In identifying a legal entity, the following must be determined: Business name; Register code; Location and place of business; Information about the legal form and legal capacity of the person; Names of the members of the management board and directors and their powers in representing the legal person; Telecommunications data; Data of the representatives; Existence of PEPs; Actual beneficial owners.

A legal entity is identified based on a registry card, registration certificate or equivalent legal document.

The Compliance Officer is the person, duly authorized by Zichain OÜ and approved by the Estonian Financial Intelligence Unit. The tasks of the Compliance Officer are the organization of the collection and analysis of information referring to unusual transactions or transactions or circumstances suspected of ML or TF, which have become evident through the activities of Zichain; reporting to the Financial Intelligence Unit in the event of suspicion of ML or TF; periodic submission of written statements on compliance with the requirements arising from the AML/CFT Act to the management board of Zichain; performance of other duties and obligations related to compliance with the requirements of the AML/CFT Act.

The customers are known not only by verifying their identity (who they are) but, more importantly, by analyzing their transactional patterns (what they do). Zichain OÜ relies on data analysis as a risk-assessment and suspicion detection tool. Zichain OÜ performs a variety of compliance-related tasks, including capturing data, filtering, record-keeping, investigation management, and reporting.

The monitoring of business relationships includes at least the following:

• checking transactions in business relationships to ensure that transactions are in accordance with Zichain's knowledge of the customer, its activities and risk profile;
• regular updating of the relevant documents, data or information collected during the application of CDD measures;
• identification of the source of wealth and source of funds used in the transaction;
• customers who change deposit tier during the course of the business relationship; transaction amounts (whether deposits or withdrawals) shall be taken into consideration for the risk profile and CDD of the customer;
• increased focus on business transactions, customer activities and circumstances that point to criminal activities, ML or TF, or which are likely to be linked to ML or TF, including complex, high value and unusual transactions and transaction patterns that do not have a reasonable or visible economic impact or for a legitimate purpose or which is not specific to a particular business specification, including the nature, causes and background of these transactions, as well as other information for understanding the content of the transactions;
• paying more attention to a business relationship or transaction if the customer comes from a high-risk country or is the national of that country or its place of residence, or the payment service provider of the payee is located in that country or territory.

The above list is not exhaustive and the Compliance Officer will regularly monitor the customers’ transactions in order to define whether such transactions are to be reported and treated as suspicious or are to be treated as bona fide.

Zichain is responsible for assessing ML and TF risks and ensuring appropriate implementation of risk-sensitive policies and procedures within the business.

The management board of Zichain, together with the Compliance Officer and, if necessary, other employees who in their daily work are exposed to the mitigation of the risks of combating ML and TF, will prepare a risk assessment for identifying, assessing and analyzing the risks associated with ML and TF.

When drawing up a risk assessment and when determining the customer’s risk profile, Zichain shall take into account at least the following risk categories:

• Customer risk;
• Risk related to the country or geographic regions or jurisdictions;
• Risk associated with products, services or transactions;
• Risk associated with communication or brokerage channels between Zichain and customers or transmission channels for products, services or transactions.

Every customer is assessed for the risk they pose to Zichain and is assigned a rating (low/medium/high). This rating is provided at the onboarding stage and may be updated with every customer interaction. The reviews are done by the Compliance Officer with the help of the information of the third-party providers. Both the customer’s transactional behavior, as well as, activity behavior is monitored for deviations from the initial customer risk rating.

Zichain considers not only the financial crime risk related to the customer and the customer’s source of wealth, but also the legal frameworks and their effectiveness, as well as the political environment in the countries where the customer resides and his/her country of citizenship and/or nationality.

Zichain carries out a jurisdiction risk assessment by scoring 243 jurisdictions according to the recommendations by several international bodies. Zichain OÜ wishes to avoid business relations if the person or transaction is known to have a connection with the following countries or territories (as of 28.05.2019): USA, Japan, Cambodia, Botswana, Ethiopia, Ghana, Pakistan, Sri Lanka, Trinidad and Tobago, Tunisia, Iran, Syria, Democratic People’s Republic of Korea, Yemen.

Zichain OÜ creates opportunities for the people and builds trust between them worldwide. Zichain OÜ is committed to conducting business in accordance with the highest ethical, professional and legal standards. The public, Zichain OÜ’s partners and Users’ have the right to expect that professional, competent and trustworthy people are employed by Zichain OÜ.

Zichain OÜ will comply with applicable legislation. In line with applicable legislation Zichain OÜ has a ‘zero tolerance’ policy towards fraud, corruption, collusion, money laundering, financing of terrorism and other criminal conduct (jointly “Prohibited Conduct”) and will thoroughly investigate and seek to take disciplinary and/or legal action against those who perpetrate, are involved in, or assist with fraudulent or other improper actions in all Zichain OÜ activity and related transactions.

Zichain OÜ will provide adequate and appropriate resources to implement the Anti-Fraud Policy and will ensure it is communicated and understood.

The Anti-Fraud Policy has been drafted to comply with the current applicable local and international legislation, including, but not limited to applicable EU legislation. Adherence to the Anti-Fraud Policy Zichain OÜ will ensure compliance with all relevant legislation and internal policies.

• A. Fraud: any act or omission, including a misrepresentation that knowingly or recklessly misleads, or attempts to mislead, a party to obtain a financial or other benefit or to avoid an obligation.
• B. Corruption: offering, giving, receiving, or soliciting, directly or indirectly, anything of value to influence improperly the action of another party.
• C. Collusion: arrangement between two or more parties designed to achieve an improper purpose, including influencing improperly the actions of another party.
• D. Money laundering or ML means the concealment or disguise of the true nature, source, location, disposition, movement, right of ownership or other rights related to property derived from criminal activity or property obtained instead of such property. This term also includes the conversion, transfer, acquisition, possession or use of property derived from criminal activity or property obtained instead of such property for the purpose of concealing or disguising the illicit origin of the property or of assisting a person who is involved in criminal activity to evade the legal consequences of his or her action. ML is also participation in the aforementioned activities, association with such activities, attempts to commit an act, and aiding and abetting or encouraging or advising. ML also means a situation whereby the criminal activity that generated the property to be laundered was carried out in the territory of another state.
• E. Terrorist financing or TF means the allocation or collection of funds for the planning or commission of acts deemed to be terrorism (Penal Code Chapter 15, Section 3) or terrorist organisations, or knowing that these funds are used for the aforementioned purpose.
• F. Criminal conduct: conduct, which constitutes an offence in any part of the world or would constitute an offence in any part of the world if it occurred there.

In pursuance of the Anti-Fraud Policy, Prohibited Conduct includes fraud, corruption, collusion, money laundering, financing of terrorism and other criminal conduct defined as follows:

Zichain OÜ performs a customer due diligence (CDD) and an ongoing monitoring of business relationships with Users and their transactions in order to detect possible compliance or integrity concern. Such due diligence is performed in accordance with the requirements of the money laundering and terrorist financing activities regulations, pursuant to the terms of KYC. In view of the Anti-Fraud Policy Zichain OÜ is responsible for:

• ensuring efficient and effective systems, procedures and internal controls are in place to enable the prevention and detection of Prohibited Conduct;
• ensuring the Anti-Fraud Commissioner identifies Prohibited Conduct risks in their areas of business and that all systems, procedures and internal controls are properly implemented and enforced;
• ensuring all members of the operational anti-fraud department have a duty to report any internal and external suspicions or incidents of Prohibited Conduct;
• reviewing continuously its systems, procedures and internal controls through risk management processes and audit arrangements;
• reporting any suspicions regarding Prohibited Conduct to the relevant state authorities.

Zichain OÜ and, in particular, the Head of Compliance, is the first line of detection, investigation and protection in preventing Prohibited Conduct through the Users and transactions appraisal process. The Head of Compliance will be responsible for the proper fulfillment of the Anti-Fraud Policy.

(a) Authority. The Head of Compliance shall be responsible for:

• receiving reports of alleged or suspected Prohibited Conduct involving Zichain OÜ, its Users and/or related transactions;
• investigating such matters and cooperating directly with AML Officers in order to facilitate the investigations;
• reporting its findings to the Zichain OÜ management and relevant authorities, as well as any other third party on a need-to-know basis.

For situations requiring an urgent response, the Head of Compliance may take any necessary measures required for the investigation, notably to preserve evidence.

(b) Independence. The Head of Compliance shall have full authority to open, pursue, close and report on any investigation on Prohibited Conduct within its remit without prior notice to, the consent of, or interference from any other person or entity.

(c) Professional Standards. All Prohibited Conduct investigations conducted by the Head of Compliance shall be fair and impartial, with due regard to the rights of the Users and persons or entities involved. The presumption of innocence applies to those alleged to have engaged in misconduct. Those involved in the Prohibited Conduct investigation (be those under investigation or those conducting the investigation) should be aware of their rights and obligations and ensure they are fully respected.

(d) Cooperation. All Users are required to cooperate with Zichain OÜ and the Head of Compliance promptly, fully, efficiently and in the manner specified by Zichain OÜ, including by answering relevant questions and complying with requests for information and records.

(e) Confidentiality. In accordance with Zichain OÜ internal rules on access to information, all information and documents collected and generated during a Prohibited Conduct investigation, not already in the public domain, shall be kept strictly confidential. The confidentiality of the information collected will be respected both in the interests of those concerned and the integrity of the investigation.

In particular, during the Prohibited Conduct investigation the confidentiality will be respected in so far as it would not be contrary to the interests of the investigation.

Zichain OÜ shall disclose such information and documents only to those persons or entities authorized to receive them or otherwise on a need-to-know basis.

Zichain OÜ will review the Anti-Fraud Policy to reflect new legal and regulatory developments and ensure good practice. I WARRANT AND GUARANTEE THAT I HAVE NO INTENTION TO COMMIT ANY OF PROHIBITED CONDUCT ACTS DESCRIBED HEREIN; FURTHERMORE, I CONSENT TO ANY CHECKS DUE TO INVESTIGATION UNDER THE ANTI-FRAUD POLICY AND I AGREE TO COOPERATE FULLY AND PROMPTLY WITH THE HEAD OF COMPLIANCE WITHIN SUCH INVESTIGATION.

Zichain OÜ guarantees to its User the right for refund, in case if such User is not satisfied with the quality of the provided Services. Furthermore, Zichain OÜ declares that its User has the right to change his/her mind in case if the User’s Account was already funded and to request his/her Funds to be returned.

• This Refund Policy concerns exclusively Transaction fees and Users’ Funds.
• Zichain OÜ undertakes to make its best effort to assist the Users in case of any disputes related to purchased digital assets.
• Refunds and Returns in excess of the original amount is prohibited.

The User who has paid for the Zichain OÜ Services, i.e. paid a transaction fee or has funded his account may request a Refund or Return in accordance with the Eligibility Criteria as further set out herein.

Refund/Return will only be considered where the User fully complies with the Eligibility Criteria. Where the User fails to meet any of the Eligibility Criteria, Zichain OÜ shall have the right, in its sole discretion, to decline the User’s request for a Refund/Return.

In order to apply for a Refund/Return, the User must request and complete a Refund Form/Return Form and send the respective form to the Zichain OÜ support address - support@zichange.io

To prevent Prohibited Conduct, all payments and information related to Refund/Return may be verified by Zichain OÜ. In such case, Zichain OÜ may request the User to provide certain documents, including, but not limited to, identification documents, copy of the User’s Payment Card and Invoice or/and any other prove of the fact that disputed payment was made. In case if the User fails to provide appropriate documents or information within three (3) days upon the Zichain OÜ request or in case of any doubts as to authenticity of provided documents, Zichain OÜ shall be entitled to decline the User’s Refund/Return request Zichain OÜ shall process the User’s Refund Form/Return Form as soon as is reasonably practicable. Response times will vary depending on stated reasons for the request. In any case, Zichain OÜ shall notify the User on the outcome of the request in accordance with the timescales set out herein. Refund/Return request will only be approved or declined after meticulous verification made by Zichain OÜ. NOTE: Submission of Refund Form/Return Form does not guarantee that the User’s request will be satisfied.

Refunds are not possible for all transactions where customer is purchasing Digital Assets. However, in case customer changed his mind and would like to return purchased Digital Assets Zichain OÜ would be able to buy it back based on current market rate minus the service fee for the transaction. In other words, customer can exchange purchased Digital Assets for any existing Payment Method (i.e. Credit Card payment or Bank Transfer).

The reason for such policy is the fact that price of Digital Assets changes constantly thus the value of purchased Digital Assets on the moment of refund will be different.

Refunds are possible during 30 days from the exchange operation. Zichain OÜ will charge customer the one time refund fee of 5% of the transacted amount plus any additional service fees incurred by sending customer via original payment method.

Zichain OÜ expects the User to contact it using Zichain OÜ contact details to resolve any problem or issue related to his/her payments, before the User makes any Chargeback request. This Section does not affect any rights and/or claims, which the User may have against the bank/financial institution. Zichain OÜ will investigate any Chargeback requests made by the User and in response will inform the User’s Issuing Bank whether any Service or Transaction has been cancelled.

Zichain OÜ reserves the right to suspend User's account and lock User's Funds during the chargeback investigation procedure.

Any charges, which arise upon processing Refund/Return, shall be borne solely by the User. Such charges will be deducted from the final amount of Refund/Return. This Refund Policy will be amended from time to time if there is any change in the legislation. Terms and conditions of the Refund Policy are subject to change by BaGuk

Finance OÜ and in the case of any amendments, Zichain OÜ will make an appropriate announcement. The changes will apply after Zichain OÜ has given notice.

In case if the User does not wish to accept the revised Refund Policy, he/she should not continue to use Zichain OÜ Services. If the User continues to use the Services after the date on which the change comes into effect, his/her use of the Services to be bound by the new Refund Policy.

All payments on our site are managed through Internet acquiring services. You can pay for your purchases with Visa or MasterCard bank cards. Payment service provider processing center page opens the moment you’ve selected your purchase items. Enter your bank card information. 3D Secure protocol provides additional security layer to support cardholder authentication. If you bank works with this technology, you will be redirected to its server for additional identification details. Please, contact your card issuing bank for the rules and methods of additional identification.

Payment service provider processing center secures and processes your bank card data with PCI DSS 3.0 security standard. SSL encryption technology is applied for sending the information to the payment gateway. The payment gateway forwards the transaction details to the closed banking networks of highest security levels. Payment service provider will not pass your bank card information to third parties. 3D Secure protocol is used for additional cardholder authentication.

Please, contact Customer Support Service at support@zichange.io with any payment processing questions.

Your personal information (name, address, telephone, e-mail, credit card number) is confidential and is not to be disclosed. Your credit card data are encrypted and are not saved on our Web-server.

Online payment processing security is guaranteed by Payment service provider. All bank card transactions are processed in strict compliance with requirements of VISA International, MasterCard and other payment systems. Special online payment security technologies are used for information transferring. Data are processed by processing company’s secure servers of latest technology.

Zichain OÜ expects the User to contact it using Zichain OÜ contact details to resolve any problem or issue related to his/her payments, before the User makes any Chargeback request. This Section does not affect any rights and/or claims, which the User may have against the bank/financial institution. Zichain OÜ will investigate any Chargeback requests made by the User and in response will inform the User’s Issuing Bank whether any Service or Transaction has been cancelled.

Zichain OÜ reserves the right to suspend User's account and lock User's Funds during the chargeback investigation procedure.

Any charges, which arise upon processing Refund/Return, shall be borne solely by the User. Such charges will be deducted from the final amount of Refund/Return. This Refund Policy will be amended from time to time if there is any change in the legislation. Terms and conditions of the Refund Policy are subject to change by BaGuk

Finance OÜ and in the case of any amendments, Zichain OÜ will make an appropriate announcement. The changes will apply after Zichain OÜ has given notice.

In case if the User does not wish to accept the revised Refund Policy, he/she should not continue to use Zichain OÜ Services. If the User continues to use the Services after the date on which the change comes into effect, his/her use of the Services to be bound by the new Refund Policy.