Anti-Money Laundering, Counter-Terrorism Financing, and International Sanctions Policy

Entered into force on February 21, 2026.

On-chain voting result: association.dao.eth/transaction-hash

1. General Provisions and Principles

1.1. Subject: This Anti-Money Laundering, Counter-Terrorism Financing, and International Sanctions Policy (hereinafter the “Policy”) establishes the principles and obligations of the New Epoch Association (hereinafter the “Association”) aimed at counteracting money laundering (hereinafter “AML”), terrorism financing (hereinafter “CTF”), and ensuring compliance with international sanctions regimes.

1.2. Legal Compliance: The Association strives to comply with applicable international law and national AML/CTF and sanctions regulations, to the extent possible within a decentralized autonomous association framework.

1.3. Applicable Law: This Policy is governed by substantive Swiss law. Lex Cryptographica (protocol code) applies subsidiarily.

2. Risk-Based Approach and KYC/KYB

2.1. Risk-Based Approach Principle: The Association applies a risk-based approach recognizing the decentralized and open nature of its community. Accordingly, identification procedures (KYC/KYB) apply only to transactions and persons posing the highest regulatory risks.

2.2. Mandatory Identification: Identification procedures are mandatory in the following cases:

2.2.1. Authorized Representatives: All persons appointed to any Authorized Representative position must undergo KYC procedures.

2.2.2. Large Grants: All persons or organizations receiving Grants whose total value exceeds the equivalent of 10,000 USD within any 12-month period must undergo KYC or KYB procedures.

2.3. Exceptions: KYC/KYB procedures are not required for ordinary holders of Formation Tokens (“FT”) or Governance Tokens (“GT”), whose participation is limited to token holding, voting, or receipt of minor rewards below the threshold specified in 2.2.2 of this Policy.

3. Decentralized Compliance and Qualified Confirmation

3.1. Verification Duty: The obligation to initiate AML/Sanctions screening and due diligence concerning all counterparties (Grant recipients and external contractors) receiving funds from the Funds lies with trusted addresses participating in the Qualified Confirmation mechanism.

3.2. Confirmation Procedure: Qualified Confirmation required to activate an Executive Act (including but not limited to Fund disbursements) is the legal attestation by each Qualified Verifier (“Verifier”) who signed that they conducted counterparty verification in accordance with this Policy.

3.3. Personal Accountability: Each Verifier bears personal responsibility for compliance with procedures stipulated in their Mandate Agreement when issuing cryptographic signatures.

4. Counteraction Procedures

4.1. Authorized Representatives’ Duties:

4.1.1. Transaction Analysis: Authorized Representatives (appointed under the Executive Act) must conduct reasonable and necessary analysis of transactions and user behavior if required for fulfilling the Grant and Intellectual Property Agreement, contract compliance, or upon reasonable suspicion of illegal activity including AML/CTF violations.

4.1.2. Response Measures: Upon reasonable suspicion, Authorized Representatives must promptly notify the Association community of the need for measures which may include refusal to conclude agreements, transaction cancellation, initiation of on-chain voting to block addresses, or other actions compliant with applicable law.

4.2. Sanctions Lists: The Association commits not to direct Grants or enter agreements with persons listed on international sanctions lists including but not limited to United Nations, US, EU, Switzerland, and other applicable jurisdictions.

4.3. Reasonable Suspicion Criteria: For purposes of this Policy, reasonable suspicion arises when objective evaluation of facts indicates a transaction, counterparty, or asset may be linked to illegal activities, money laundering, tax evasion, sanctions violations, or sources incompatible with the Association’s stated mission. This includes but is not limited to:

4.3.1. Red Flags: Use of cryptocurrency mixers/obfuscators (e.g., Tornado Cash), transactions with addresses linked to darknet, extortion, phishing attacks, or persons/entities listed by FATF (gray/black lists) or high-risk AML/CTF jurisdictions.

4.3.2. Enhanced Due Diligence: Occurrence of any 4.3.1 criteria initiates Enhanced Due Diligence procedures requiring additional documentation and source-of-funds analysis by Verifiers and Authorized Representatives.

5. Countering International Sanctions

5.1. Prohibition of Transactions with Sanctioned Entities: Any transactions, contracts, or interactions, direct or indirect, with natural or legal persons, organizations, or territories subject to international sanctions are strictly prohibited, including but not limited to the following lists:

5.1.1. OFAC (Office of Foreign Assets Control, USA).

5.1.2. European Union Consolidated List.

5.1.3. UN Security Council Sanctions List.

5.1.4. Swiss State Secretariat for Economic Affairs (SECO).

5.2. Legal Risk Assessment Duty: Verifiers must use provided Compliance Check Reports to conduct due diligence and legal risk assessments per the Due Diligence Regulation regarding:

5.2.1. On-chain addresses of all appointed Authorized Representatives.

5.2.2. On-chain addresses of all Grant recipients.

5.3. Blocking and Reporting: On detection of matches or reasonable suspicion of sanctions violations, the Authorized Representative must immediately:

5.3.1. Block or suspend the relevant transaction or contract execution.

5.3.2. File a suspicious activity report for Association review.

5.3.3. Where required, prepare and submit a suspicious activity report to the Swiss Money Laundering Reporting Office (MROS) and, if mandated by law, other relevant regulators, regardless of on-chain voting.

6. Record-Keeping and Confidentiality

6.1. Data Storage: All Personally Identifiable Data (“PID”) obtained via KYC/KYB procedures shall be collected and stored exclusively by an external Data Processor. The Data Processor ensures encrypted storage and retention as required by Swiss law. Authorized Representatives and Verifiers do not collect or locally store raw PID.

6.2. Data Security: Collected PID is stored in encrypted, isolated repositories with restricted access in strict accordance with the Association’s Privacy Policy and applicable data protection laws (including Swiss nDSG and where applicable GDPR).

6.3. Access Restriction: Raw PID access is strictly limited to authorized personnel of the appointed Data Processor. Authorized Representatives and Verifiers receive only verification results (e.g., “Verification Passed/Failed”) and Compliance Check Reports from the Data Processor. Access to raw PID by the Governance Operator is allowed only upon motivated written request in security incident investigations or official regulator inquiries.

7. Violations and Consequences

7.1. Gross Violation: Non-compliance with this Policy by an Authorized Representative, including intentional concealment of information, constitutes a gross breach of duty and may result in termination of their authority via on-chain voting.

7.2. Consequences: Gross violation may lead to:

7.2.1. Immediate termination of the Mandate Agreement via on-chain voting.

7.2.2. Denial of indemnity provision under the Indemnity Agreement.

7.2.3. Civil or criminal liability under applicable law.

8. Limitation of Liability

8.1. Liability Limitation: The user acknowledges that despite the Association’s efforts to comply with applicable laws, the Association, its members, and Authorized Representatives bear no liability for damages caused by third parties violating AML/CTF legislation or sanctions regimes.

8.2. Cooperation: Upon lawful requests for information from competent state authorities, the Association may initiate on-chain voting to consider cooperation possibilities, provided such does not conflict with decentralization principles and applicable law.

9. Entry into Force and Amendments

9.1. Entry into Force: This Policy enters into force simultaneously with the effective date and time of the Governance Resolution.

9.2. Amendments: Any amendments to this Policy may only be made by Voting with Qualified Confirmation in accordance with provisions established in the Governance Resolution.

9.3. Notification: Continued use of the website, software, and Association Tokens after publication of amendments constitutes user agreement with the updated Policy.