1. Purpose and Scope

Resolva Solutions Limited (RC 9031012), a company incorporated under the laws of the Federal Republic of Nigeria.

Money laundering, terrorist financing, and proliferation financing constitute serious financial crimes with far-reaching economic, financial, and national security implications. Money laundering typically involves the concealment, disguise, conversion, transfer, or acquisition of proceeds derived from predicate offences, including but not limited to corruption, fraud, drug trafficking, tax evasion, market abuse, and other profit-motivated criminal conduct. Terrorist and proliferation financing may occur regardless of the source of funds and are intended to support terrorist activities or the proliferation of weapons of mass destruction (WMD) and related materials.

This AML/CFT/CPF Policy sets out Resolva’s framework for identifying, assessing, mitigating, and managing the risks of money laundering, terrorist financing, and proliferation financing associated with its products, services, customers, delivery channels, and geographic exposure. It further establishes Resolva’s commitment to preventing the misuse of its platform for the financing of the proliferation of weapons of mass destruction, in line with United Nations Security Council Resolutions, Financial Action Task Force (FATF) Recommendations, and applicable Nigerian laws and regulations.

This Policy applies to all Resolva business activities, including customer onboarding and due diligence, wallet operations, off-ramp and remittance services, escrow arrangements, and cross-border virtual asset transactions. It is binding on all directors, officers, employees, agents, affiliates, and third-party service providers acting on behalf of Resolva. Proliferation financing risk is explicitly incorporated into Resolva’s enterprise-wide risk assessment and risk management framework, consistent with Nigeria’s AML/CFT/CPF legal and regulatory obligations.

An effective AML/CFT/CPF compliance programme is fundamental to mitigating the risks posed by illicit financial activity, maintaining the integrity and stability of the financial system, and preserving Resolva’s corporate integrity, reputation, and operational soundness.

As a regulated financial technology company, Resolva adopts a risk-based approach to AML/CFT/CPF compliance and has implemented proportionate policies, internal controls, procedures, and governance arrangements designed to ensure ongoing compliance with applicable laws and regulatory expectations, and to detect, deter, and report suspicious or prohibited activities.

Scope

This Policy applies to all employees, contractors, agents, and business units of Resolva, including subsidiaries and operations across all jurisdictions where the company operates. It covers all products and services, including wallet services, and crypto-to-fiat off-ramp services.

Our Key Principles:

• Compliance Culture: Zero tolerance for money laundering, terrorism financing, or proliferation financing.
• Risk-Based Approach: Controls and procedures are proportionate to risk.
• Customer Due Diligence (CDD/KYC): All customers must be identified, verified, and risk-rated.
• Ongoing Monitoring: Continuous transaction surveillance and review.
• Reporting Obligations: Mandatory reporting to Nigerian Financial Intelligence Unit (NFIU).
• Recordkeeping: Maintain all relevant compliance documentation for at least five years.
• Training & Awareness: Mandatory initial and periodic AML–CFT–CPF training for all staff.
• Independent Review: Annual audit and independent evaluation of compliance framework.

2. Overview of Anti-Money Laundering, Counter-Terrorist Financing, and Counter-Proliferation Financing

Resolva is required to establish, implement, and maintain an effective Anti-Money Laundering, Counter-Terrorist Financing, and Counter-Proliferation Financing (AML/CFT/CPF) compliance programme that is proportionate to the nature, scale, complexity, and risk profile of its business activities. The programme is designed to prevent, detect, and report the misuse of Resolva’s products and services for money laundering, terrorist financing, and proliferation financing purposes.

Resolva’s AML/CFT/CPF framework is developed and implemented in accordance with applicable laws and regulations of the Federal Republic of Nigeria, relevant directives and guidance issued by competent authorities, and international standards, including the Financial Action Task Force (FATF) Recommendations and the requirements of the Inter-Governmental Action Group against Money Laundering in West Africa (GIABA), of which Nigeria is a member. These standards are binding on Resolva and form the minimum benchmark for its compliance obligations.

In furtherance of these obligations, Resolva, through its Board of Directors and senior management, shall adopt and approve a comprehensive AML/CFT/CPF Policy and Procedures framework, supported by internal controls and governance arrangements appropriate to its risk exposure. The Board of Directors retains ultimate responsibility for oversight of the AML/CFT/CPF programme and for ensuring that adequate resources, authority, and independence are provided to the compliance function.

2.1 AML/CFT/CPF Compliance Officer

Resolva shall designate a suitably qualified and experienced AML/CFT/CPF Compliance Officer with sufficient authority, independence, and access to information to effectively discharge their responsibilities. The Compliance Officer shall be responsible for the day-to-day implementation and effectiveness of Resolva’s AML/CFT/CPF programme, including monitoring compliance with internal policies and regulatory obligations, overseeing customer due diligence and transaction monitoring processes, and serving as the primary point of contact with regulators and law enforcement agencies.

The Compliance Officer shall also be responsible for reviewing and updating the AML/CFT/CPF Policy and Procedures to reflect changes in law, regulation, risk profile, or business activities, and for ensuring that employees, agents, and relevant third parties receive appropriate and timely AML/CFT/CPF training.

2.2 Ongoing Employee Training

Resolva shall implement a continuous AML/CFT/CPF training programme tailored to the roles and responsibilities of its employees, agents, and relevant service providers. Training shall be provided at onboarding and on a periodic basis thereafter, and shall address applicable legal obligations, internal policies and procedures, emerging risks, and red flag indicators relevant to Resolva’s products and services. Training may be delivered internally or through suitably qualified third-party training providers, and completion records shall be maintained for regulatory and audit purposes.

2.3 Independent Audit and Testing

Resolva shall establish an independent audit and testing function to assess the adequacy and effectiveness of its AML/CFT/CPF programme. Independent testing shall evaluate compliance with applicable laws, regulations, internal policies, and procedures, including the effectiveness of governance arrangements, risk assessments, customer due diligence measures, transaction monitoring systems, and training programmes.

The scope and frequency of independent testing shall be commensurate with the level of AML/CFT/CPF risk associated with Resolva’s business model, products, services, and customer base. Such testing may be conducted by an external third party or by an internal officer or function that is operationally independent from the AML/CFT/CPF Compliance Officer. Findings and recommendations arising from independent testing shall be documented, reported to senior management and the Board, and remediated in a timely manner.

3. AML–CFT–CPF Procedures Manual

The objective of Know Your Customer (KYC) procedures is to enable Resolva to identify, verify, and understand its customers, assess associated money laundering, terrorist financing, and proliferation financing risks, and apply appropriate risk-based controls before establishing a business relationship or executing transactions.

3.1 Customer Due Diligence (KYC) Procedures

The objective of Know Your Customer (KYC) procedures is to enable Resolva to identify, verify, and understand its customers, assess associated money laundering, terrorist financing, and proliferation financing risks, and apply appropriate risk-based controls before establishing a business relationship or executing transactions.

3.2 Scope of Application

Our KYC measures apply to (a) all new customers prior to onboarding; (b) existing customers on a risk-sensitive and periodic review basis; and (c) occasional or one-off transactions where required by law, regulation, or risk assessment.

3.3 Customer Identification and Verification (CDD)

3.3.1 Individual Customers

At onboarding, Resolva shall obtain and verify, at a minimum:

• Full legal name
• Date and place of birth
• Nationality
• Residential address
• Bank Verification Number (BVN)
• Valid government-issued identification
• Contact details

Verification shall be conducted using reliable tools, independent source documents, data, or information.

3.4 Legal Persons and Arrangements

Resolva shall obtain and verify:

• Legal name and registration number
• Certificate of incorporation or registration
• Bank Verification Number (BVN)
• Registered and principal business address
• Nature of business and ownership structure
• Identification of directors and authorised signatories
• Identification and verification of beneficial owners (natural persons owning or controlling 5% or more, or exercising control)

3.5 Purpose and Intended Nature of the Relationship

Resolva shall obtain sufficient information to understand (a) the purpose of the business relationship; (b) the expected nature, volume, and frequency of transactions; and (c) the source of funds and, where applicable, source of wealth. This information shall be documented and used as a baseline for ongoing monitoring.

3.6 Customer Risk Assessment and Risk Rating

Each customer shall be risk-rated at onboarding using Resolva’s Customer Risk Rating Matrix, taking into account:

• Customer type and profile
• Geographic exposure
• Product and service usage
• Transaction behaviour
• PEP status and adverse media

Customers shall be classified as Low, Medium, or High risk. Risk ratings must be approved in accordance with internal escalation thresholds.

3.7 Enhanced Due Diligence (EDD)

Enhanced Due Diligence shall be applied to high-risk customers, including but not limited to:

• Politically Exposed Persons (PEPs) and their close associates
• Customers from high-risk or sanctioned jurisdictions
• Customers involved in complex or unusually large transactions
• Customers using privacy-enhancing technologies or high-risk virtual asset typologies
• EDD measures may include:

(i) Senior management approval before onboarding

(ii) Additional identification and verification documentation

(iii) Enhanced transaction monitoring

(iv) More frequent periodic reviews

3.8 Sanctions, PEP, and Adverse Media Screening

All customers shall be screened at onboarding and on an ongoing basis against:

• Nigeria Sanction List
• United Nations sanctions lists
• Applicable international and domestic sanctions regimes
• Politically Exposed Persons databases
• Adverse media and negative news sources

Positive matches shall be escalated to Compliance for review and decision-making before onboarding or transaction execution.

3.9 Ongoing Monitoring and Periodic Review

Resolva shall conduct ongoing monitoring of customer activity to ensure that transactions are consistent with the customer’s risk profile, stated purpose, and expected behaviour. Customer information and risk ratings shall be reviewed:

1. 1. Periodically, based on risk level;
2. 2. Upon trigger events (e.g., change in ownership, transaction behaviour, or geography); and
3. 3.When new ML/TF/PF risks are identified.

3.10 Prohibition on Anonymous or Fictitious Accounts

Resolva shall not establish or maintain anonymous accounts, accounts in fictitious names, or relationships where customer identity cannot be adequately verified.

3.11 Failure to Complete KYC

Where KYC or EDD requirements cannot be satisfactorily completed:

1. 1. The business relationship shall not be established or shall be terminated;
2. 2. Transactions shall not be executed; and
3. 3. Consideration shall be given to filing a Suspicious Transaction Report (STR), where appropriate.

3.12 Recordkeeping

All KYC records, verification documents, risk assessments, and screening results shall be retained for a minimum of five (5) years after the end of the business relationship or completion of the transaction, in accordance with applicable laws and regulations.

3.13 Enterprise-Wide Risk Assessment (EWRA) – Resolva

To identify and prioritize AML–CFT–CPF risks across all business lines.

3.13.1 Risk Assessment Components:

3.14 Detecting Red Flags

Red flags indicative of potential money laundering, terrorist financing, or proliferation financing include, but are not limited to, situations where a client demonstrates unusual concern about Resolva’s compliance or reporting obligations, refuses or is reluctant to provide required information relating to identity, source of funds, or source of wealth, or submits documentation that appears false, misleading, inconsistent, or suspicious.

Suspicion may also arise where a client is unable or unwilling to clearly explain the nature of their business or economic activity, provides information that is materially inconsistent with their known profile, or conducts transactions that are disproportionate to their declared income, assets, or legitimate business operations.

Additional red flags include unexplained or unusually large or early transactions, particularly where cash, cash equivalents, or virtual assets are structured or layered to evade reporting thresholds or documentation requirements, or where transactions are deliberately routed through multiple virtual asset service providers within short timeframes without a clear commercial rationale.

Heightened risk may be present where a client or associated person is linked to adverse media, criminal, civil, or regulatory actions, uses shell companies or complex ownership structures lacking economic substance, or seeks to obscure the origin, destination, or ownership of virtual assets through obfuscation or layering techniques.

Proliferation financing concerns may arise where clients are connected to sectors associated with dual-use goods or sensitive industries, including nuclear, defence, biotechnology, or aerospace, or where there is sudden or unexplained interest in goods, services, or transactions with potential weapons-related or dual-use applications.

Examples of suspicious activity include:

• Sudden high-value deposits or withdrawals inconsistent with profile
• Frequent transactions just below reporting thresholds
• Use of anonymous wallets or privacy-focused coins
• Refusal to provide documentation
• Transactions with sanctioned entities

4. Governance and Review

4.1 Policy Review

Resolva shall conduct a formal review of its AML–CFT–CPF Policy and Procedures at least annually, or more frequently where significant changes occur in law, regulation, business model, products, services, or risk profile. The review shall assess the adequacy, effectiveness, and relevance of policies and procedures in mitigating money laundering, terrorist financing, and proliferation financing risks. Any amendments must be approved by the Board of Directors and communicated to all relevant employees, agents, and third-party service providers.

4.2 Independent Audit and Testing

Resolva shall implement an independent audit function to evaluate compliance with its AML–CFT–CPF policies and procedures. Independent testing shall assess the effectiveness of governance arrangements, risk assessments, customer due diligence, transaction monitoring, reporting, and employee training. Audits shall be conducted by qualified personnel who are operationally independent from the Compliance Officer and business lines under review. The scope, methodology, and frequency of audits shall be risk-based, documented, and approved by senior management or the Board. Findings, recommendations, and remediation actions shall be reported to the Board, and corrective measures shall be tracked to completion.

4.3 Training Oversight and Records

Resolva shall maintain a comprehensive training programme that is risk-sensitive and role-specific. All employees, directors, officers, agents, and relevant third-party service providers must complete mandatory AML–CFT–CPF training during onboarding and participate in periodic refresher sessions. Training records, including attendance, completion dates, and content covered, shall be maintained and made available for regulatory review and internal audit purposes. Compliance with training requirements shall be monitored regularly.

4.4 Incident Reporting and Escalation

All compliance breaches, suspicious transactions, or control failures must be documented immediately and reported through the designated internal escalation channels. The Compliance Officer shall assess, investigate, and determine the appropriate response, including reporting to regulatory authorities where required by law. A formal record of each incident, investigation, and resolution must be maintained. Lessons learned shall inform policy updates, staff training, and enhancements to internal controls.

4.5 Continuous Improvement and Board Oversight

The Board of Directors retains ultimate responsibility for overseeing the AML–CFT–CPF framework. Governance mechanisms shall ensure that risk assessments, audits, policy reviews, training, and incident reporting collectively support continuous improvement and sustained regulatory compliance. Any significant compliance gaps, high-risk findings, or emerging threats must be promptly escalated to the Board for review and action.

5. Board of Directors AML/CFT/CPF Attestation

The Board of Directors of Resolva hereby confirms that it has reviewed, approved, and adopted this AML/CFT/CPF Compliance Policy and related procedures. The Board affirms that the Policy is reasonably designed to prevent, detect, and report money laundering, terrorist financing, and proliferation financing risks, and to ensure Resolva’s ongoing compliance with the requirements of the Nigerian Financial Intelligence Unit (NFIU) and all other applicable laws, regulations, and supervisory directives.

The Board acknowledges its ultimate responsibility for oversight of Resolva’s AML/CFT/CPF framework and confirms that adequate governance arrangements, resources, systems, and controls have been established to support effective implementation. The Board further confirms that a suitably qualified Compliance Officer has been appointed with sufficient authority, independence, and access to information to discharge their responsibilities effectively.

Each Director affirms their individual and collective responsibility to promote a culture of compliance, ensure timely remediation of identified deficiencies, and support ongoing risk-based enhancements to the AML/CFT/CPF programme.