1. AML Policy Scope and Objectives
Small Screen Casinos LTD. (the "Company") has no tolerance for money laundering, the financing of terrorism or any other form of illicit activity, and is committed to implementing policies, procedures and controls shaped by the best industry practices and the most effective anti-money laundering standards applied. These rules apply to, without exception, all employees of the Company, its Board members, officers, contractors, and consultants. The purpose of this document is to provide the Company’s partners, clients, vendors, contractors, employees, regulators, law enforcement and other concerned stakeholders with a high-level overview of the Company’s AML compliance regime elements and procedures. By no means this document shall not be read as an entire set of all policies, procedures and controls in place implemented by the Company for prevention of money laundering, financing of terrorism and other forms of illicit activity. As part of its continuous improvement implementations, Small Screen Casinos LTD. is dedicated to putting in place the necessary steps needed to ensure that all employees, full-time or contractual, participate actively in preventing any of the Company’s services and/or outlets for the sole or partial purpose of money laundering and/or the financing of terrorist undertakings. Money Laundering (ML) and the use of legal or illegal monies for the purpose of terrorist financing have become ever growing threats. Small Screen Casinos LTD. is fully committed to playing its role in assisting the international fight against such organized crime and terrorism. The Company has therefore incorporated the following Anti‐Money Laundering and Terrorist Financing Policy (“Policy") as part of its internal process. The Company has applied this Policy to all its employees and adheres to the highest of the industry’s best practices in its mission to prevent any possible criminal activity through money laundering. The Company’s AML program is designed to be compliant with applicable legislation, regulations and directives which include but not limited to, among others, and with the following:

• Directive 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering.
• EU Regulation 2015/847 on information accompanying transfer of funds.
• L188(I)2007 – Prevention and Suppression of Money Laundering Activities Law as amended up to March 17th, 2021
• Various EU Regulations imposing sanctions or restrictive measures against persons and embargo on certain goods and technology, including all dual-use goods.
• European Business Law of 18 September 2017 on the prevention of money laundering limitation of the use of cash.
• FATF Recommendations for International Standards on combating Money Laundering and the financing of terrorism and proliferation (AML/CFT)

The Company understands money laundering as:

1. the conversion or transfer of funds, knowing that such funds are derived from criminal activity or from an act of participation in such activity, for the purpose of concealing or disguising the illicit origin of the funds or of assisting any person who is involved in the commission of such an activity to evade the legal consequences of that person’s action;
2. the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, or ownership of, property, knowing that such funds are derived from criminal activity or from an act of participation in such an activity;
3. the acquisition, possession or use of funds, knowing, at the time of receipt, that such funds were derived from criminal activity or from an act of participation in such an activity;
4. participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions referred to in points (a), (b) and (c).

The Company understands Terrorist financing as:
Funds provided to fund terrorist activities, from a legal standpoint it means the provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out any of the offences. Terrorist activity has as its main objective to intimidate a population or compel a government to do something. This is done by intentionally killing, seriously harming or endangering a person, causing substantial property damage that is likely to seriously harm people or by seriously interfering with or disrupting essential services, facilities or systems.

Distribution of the AML Policy
This AML Policy has been drafted by the Compliance Officer and has been reviewed and approved by the Executive Management Team. The Policy will be distributed to all staff (frontline, leads, managers and owners) and will be redistributed when updated. The Compliance Officer is responsible for providing a report to the Executive Management team for review once every twelve (12) months to determine the effectiveness of the Policy and related operational procedures, and shall provide recommendations to management as to proposed operational or policy enhancements. The Executive Management team shall review the content of this Policy for necessary updates not less frequently than once every twelve (12) months. Recommendations and feedback will be given to the Compliance Officer. With the exception of directives from relevant authorities, any proposed amendments to the Policy require the review and approval of the Compliance Officer, the Executive Management team and legal counsel.

2. Compliance Officer – Money Laundering Officer
The management board of the Company shall maintain with the company a Compliance Officer, who acts as a contact person with Regulators and performs AML/CTF duties and obligations of the Company. A Compliance Officer reports directly to the management board and has the competence, means and access to relevant information across all the structural units of the Company. Only a person who has the education, professional suitability, the abilities, personal qualities, experience and impeccable reputation required for performance of the duties listed below may be appointed as a Compliance Officer.

Reporting Structure and Independence
The Compliance Officer holds no other position within the organization or any affiliated company or supplier and operates independently from all other functions within the organization to ensure that actual or perceived conflicts of interest do not occur. Subject to oversight by the Board, the Compliance officer has the authority to act independently from other functions within the organization to fulfill the below noted roles and responsibilities. The Compliance Officer has the full and public support of the executive management team in executing his duties. All staff are required to assist the Compliance Officer in fulfilling the role duties. Duties and Responsibilities of the Compliance Officer/MLRO

The Money Laundering Officer "MLRO" or in simple terms the Compliance Officer is in charge of financial regulations and personal data compliance requirements, making sure the company’s AML policy corresponds to the international system. Furthermore, the MLRO is responsible for oversight and management of all compliance related functions within the Company and within its affected suppliers, including the protocols described in this Policy. Compliance Officer/MLRO duties include (but not limited to) the following:

• Ensure that procedures are in place to ensure compliance with all applicable legislation, regulations and all associated guidelines, codes of practice and Company policies and procedures;
• Report to the CEO and inform Senior Management the result(s) of any corrective action taken;
• Attend regular Compliance Meetings with selected Senior Management, prepare an agenda therefor, and to take, circulate and maintain the minutes thereof;
• Update and maintain any compliance‐related policies, including this AML Policy;
• Plan and co‐ordinate training activity for all departments to include key regulatory areas including the significance of regulatory compliance as a whole, ID and age verification, fraud, anti‐money laundering, and problem gambling;
• Be the point of contact with the involved Regulator(s);
• Investigate and report any breaches of the applicable laws, regulations, guidelines, codes of practice and company policies and procedures to Senior Management and, as appropriate, to the Regulator;
• Consult with staff representatives and attend staff meetings on compliance topics;
• Manage regular reviews of Company’s internal control system to ensure that it accurately reflects the then current operation of the business – and report any discrepancies/oddities to relevant senior management.
• Look after records of high-risk clients and report suspicious activities, if any.
• Assist with the implementation of the Anti-Money Laundering policy.
• Arrange for inspections from third-party organizations and eliminate mistakes in the program, if any.

3. Company Policy and Commitment
The Company will ensure it has appropriate policies and procedures in place to complement this AML policy, in compliance with applicable regulations and recommendations from International and European approved organizations, bodies, directives and monitoring of adherence to those policies. Staff members will be trained for all relevant AML processes, awareness and procedures in accordance with the latest regulatory evolutions and will actively participate in preventing the services of the Company from being exploited by criminals for money laundering or terrorist financing purposes.

The objectives of this and related policies are:

• Ensuring the Company is compliant with all applicable laws, statutory instruments of regulation;
• Protecting the Company and its staff as individuals from the risks associated with breaches of the law, sanctions, regulations and supervisory requirements;
• Preserving and protecting the Company’s reputation against the risk of reputational damage presented by implication in money laundering and terrorist financing activities;
• Making a positive contribution to the fight against crime and terrorism.

4. Screening and Monitoring
AML screening is performed to fulfil three main objectives.

• Establishing an Accurate Risk Assessment
• Avoid violating Sanctions
• Protect the company and its stakeholders from Regulatory Fines

Account Screening
Account - Name Screening is one of the methods used for risk assessment of existing or potential customers of organizations under the AML obligation. Upon a customer’s account opening process, a preliminary screening both automated and manual will be conducted to identify potentially linked or other suspect account activities compared to the customer profile. The main purpose of the company is to control their existing and potential customers in sanctions, PEP, banned lists, wanted lists, and adverse media data to obstruct false positives and false negatives by classifying their customers according to their risk levels and also for the company to be protected from regulatory penalties as well as to avoid violating various sanctions. As risk levels of customers change over time the company would regularly check the risk level of their existing customers with screening. The company will be maintaining an updated record of customers by performing online verification on them. All AML procedures, policies and controls are regularly reviewed and updated to ensure that they take into consideration new risks that may arise. Such screening searches for potentially suspect elements, include the following,

• Accounts that may depict similar information;
• Two or more accounts utilizing the same email address upon creation;
• Customer has more than one account;
• Customer who originates from High Risk or Sanctioned countries
• Any other suspicious information / activity identified or suspected by the Fraud or Financial Services teams.

In the event that any of the foregoing screening identifies potential issues, the Financial Services team is notified automatically and will investigate and will enforce applicable business and regulatory rules accordingly. Such business rules may result in a variety of potential risk mitigation steps, including closure of account, escalation to the Fraud Department for enhanced diligence, limitation of deposit or withdrawal methods, imposition of deposit limits, etc.
Enhanced Due Diligence (EDD)
In certain cases, there is the possibility certain customer relationships and large transactions demonstrate higher AML or fraud risks to the Company. In such instances and in addition to its regular customer due diligence protocols, the Company shall carry out Enhanced Due Diligence (“EDD") for further risk investigation. Risky customers and transactions pose a greater risk and cannot be detected by Customer Due Diligence (“CDD") procedures. In this case, EDD procedures will be applied in order to create a Higher Identity assurance by taking the customer identity and addressing and evaluating the customer’s risk category. During the enhanced due diligence process, the Company will take additional required steps in order to aid the identification of a potential customer, including (but not limited to) personal and financial background. This may involve obtaining additional evidence in verifying the individual in question. This may include obtaining evidence to verify particular aspects of the customer’s identity and verified confirmation in order to establish the source of funds of the customer. The Company’s Fraud Department will have access to a variety of tools through suppliers and databases which are used to verify submitted documentation (e.g. Drivers Licenses, and Passports).

The circumstances that may trigger additional concern and may require Enhanced Due Diligence (EDD) are noted below:

• The customer or potential customer is situated in a country of territory that does not apply to the Company’s geographical market.
• The customer or potential customer is situated in a country blacklisted or a country supporting terrorist activities.
• The customer or potential customer is or appears to be a Politically Exposed Person or close spouse or family member (outlined below).
• Any other circumstances as Company reasonably perceives to be a High Risk of Money Laundering or Terrorist Financing.

Under the above circumstances different documents may be requested from the Customer as well as third party sources for Enhanced Due Diligence purposes. The company associates solely with trusted and approved Providers and Partners whom all have effective AML policies in place as to prevent the large majority of suspicious deposits from taking place without proper execution of KYC procedures onto the potential customer.

Politically Exposed Person "PEP" Definition and Screening

Politically Exposed Persons ("PEP") (as well as their families and persons known to be close associates, as described below) are required to be subject to enhanced scrutiny by the company. This is because international standards issued by the Financial Action Task Force recognize ("FATF") that a PEP may be in a position to abuse their public office for private gain and a PEP may use the financial system to launder the proceeds of this abuse of office.

PEP means a natural person who is or who has been entrusted with prominent public functions including:

1. Head of State;
2. Head of government;
3. Minister and deputy or assistant minister;
4. a member of parliament or of a similar legislative body;
5. a member of a governing body of a political party;
6. a member of a supreme court;
7. a member of a court of auditors or of the board of a central bank;
8. an ambassador, a chargé d’affaires and a high-ranking officer in the armed forces;
9. a member of an administrative, management or supervisory body of a State-owned enterprise;
10. a director, deputy director and member of the board or equivalent function of an international organisation,

PEPs do not include middle-ranking or more junior officials. Family member of a PEP means the spouse, or a person considered to be equivalent to a spouse, of a PEP; a child and their spouse, or a person considered to be equivalent to a spouse, of a PEP; or a parent of a PEP. Person known to be close associate of a PEP means a natural person who is known to be in close business relations with a PEP. If an account is identified as a potential match to a PEP list, the account shall be immediately frozen pending escalation and review from the Fraud Department. The Compliance Officer will be immediately notified and a further assessment will be made. Enhanced due diligence measures will be applied which involve not only available customer-submitted information but checks of existing PEP lists and a range of news sources, including online and traditional media outlets. The Compliance Officer will reach out to the appropriate department and offer his/her recommendations regarding the account.
Sanctions Screening

Dealing with persons against which imposed international sanctions poses a great risk to the Company, its Directors, Officers and Owners. The Company will perform sanction screening of its customers on the same matching rules, as for PEP screening.

The Company will perform screening, at minimum, against the following sanctions lists:

• UN Sanctions;
• EU Sanctions;
• Sanctions administered by the Office of Financial Sanctions Implementation ("OFSI-UK")
• Sanctions administered by the Office of Foreign Assets Control ("OFAC-US");
• Sanctions imposed under the International Sanction Act.

All matches (true hits) will be escalated to a Compliance Officer for further action and processing.
Suspicious Activity Monitoring

Where the Company identifies an activity or facts whose characteristics refer to the use of criminal proceeds or terrorist financing or other criminal offences or an attempt thereof or with regard to which the Company suspects or knows that it constitutes money laundering or terrorist financing or the commission of another criminal offence, a Compliance Officer of the Company must report it to relevant Financial Crimes Unit immediately, but not later than within two working days (48 hours) after identifying the activity or facts or after getting the suspicion. The Company and all its employees, officers and directors are prohibited to inform a person, its beneficial owner, representative or third party about a report submitted on them to the Financial Crimes Unit, or an intention to submit such a report as well as about the commencement of criminal proceedings.

Reporting

If for any reason the Company reasonably suspects that a customer and/or an account might be involved in any form of activity that amounts or is connected with money laundering, the Company will immediately inform the required and appropriate external authorities. If the Company believes that there is some degree of suspiciousness after a transaction has taken place and after an internal investigation confirms as such – the Company will freeze the account and will inform the relevant authorities immediately and disclose all the necessary information at the company’s possession required by law to do so. The Compliance officer or an authorized staff will report the activity through the appropriate AML reporting form and submit it to the Regulator or any other competent officer. Additional reporting procedures are put in place in order to mitigate the Company’s exposure to various forms of money laundering and sanctions. These consist of in-house and third-party reporting/monitoring tools that run daily and weekly. Furthermore, AML reporting procedures such as Suspicious Activity Reporting (“SARs") and Significant Transaction Reports ("STRs") will be conducted and submitted when necessary to the Regulators and also to the appropriate law enforcements should this be required.

Ongoing Training and Development

The Compliance Officer shall ensure that Company’s employees are fully aware of their legal obligations under the AML/CTF regime, by introducing a complete employees’ education and training program. The timing and content of the training provided is determined according to the needs of the Company. The frequency of the training can vary depending on to the amendments of legal and/or regulatory requirements, employees’ duties as well as any other changes in the business model. The training program aims at educating the Company’s employees on the latest developments in the prevention of money laundering and terrorist financing, including the practical methods and trends used for this purpose.

The Compliance Officer/MLRO will supply the appropriate AML training (which may consist of in-class, video conference, literature, and seminars) in order to provide the involved staff, update on the guidelines and direction on:

• The process in reporting suspicious activity;
• Risk Management practices;
• Identification and Verification Procedures;
• Suspicious transaction identification and reporting;
• Record Keeping;
• The type of activity that should be considered significant and critical in detecting possible money laundering – these may be given in reading materials;
• Distinguishing specific incidences that may require cause for re-assessment of a risk-based approached;

The Company consistently implements monitoring processes with the addition of potentially new and future products and/or services it provides to its customers; Implementations and assessments are put in place (and adjusted if required) in order to mitigate any possible risk of money laundering or terrorist financing where the use of new products and/or services may be vulnerable to. These include but not limited to the following,

• Analysis of transactions over specific periods;
• Analysis of new services/products used by the customer;
• Applying limits to activities on new products/services used by the customer for a given time;
• Requests for justification of noticeable irregular activity from the customer.

5. Account and Identity Verification Requirements

Account – Identity Verification
As an identity verification measure, the company must identify and verify its customers to flag potentially risky users and monitor for suspicious activity. Verification processes are designed to help reduce the risks of illicit activity by identifying customers and verifying that this identity is correct. Doing so, suspicious characters and potentially high-risk users can be flagged and monitored, or banned. Identity theft is a big problem in online gambling. Users can fraudulently obtain credit card details and use these payment methods to enter games using someone else’s funds. Similarly, users can submit fraudulent documents, playing under other people’s identity to avoid the repercussions from terrible losses. Perhaps one of the most damaging forms of fraud for online gambling is multiple account fraud, where users create fake accounts to play and violate the company’s bonus policy. The procedure forms must be an integral mechanism for protecting the company from malicious actors and financial crime as well as ensuring that the company is complying with AML regulations. In order to effectively meet counter the abovementioned issues, the company has implemented an Identity and Account Verification process for all of the users/customers in order to ensure and confirm that the details of the users and customers registered are accurate and correspond to the particular individual and also to confirm that the payment details and methods used are not stolen or used by someone else, which is to create the general framework for the fight against money laundering and financing terrorism.

Verification Process

Upon the creation of a new account every customer will need to enter his/her personal details such as name, address, age, payment method, confirm acceptance of the Terms and Conditions of the company’s site(s) and that access to minors under the age of 18 is prohibited. When the account is created and full Identity verification must be performed or requested, the following details need to be provided:

1. Full Name as it appears on the passport (photo and cover page), driver’s license, or national ID card.
2. Nationality as it appears on the passport or national ID card
3. Gender
4. Date of Birth
5. Full Address – recent utility bill, bank statement or council tax bill
6. Contact Details
7. Payment Method
   • Credit Cards – Pictures of the front and back sides of your credit/debit card(s). Only the first six and last four digits of your card number should be visible with the remaining digits and CVV/CVC code on the back to be covered. In case your card has signature field that needs to be signed.
   • Ewallets – Proof of Ownership of the wallet.
   • Crypto – Proof of Ownership of the wallet and its respective currencies used to fund the account.

Full Account verification/re-verification will also be required in the following circumstances:

• If there is a request from a player for a change of Account Details.
• If the address of a user’s first deposit method does not match the address used when registering the account.
• If there is a change in the pattern of deposits or withdrawals or there is a pending withdrawal.
• When a name matches or is similar to that of someone with a history of criminal activity or a PEP.
• When a name matches or is similar to that of someone with a suspected duplicate account.
• When a user deposits or requests to withdraw above the nominated threshold which is set to €2000 (two thousand Euros) or any currency equivalent. This can be either one withdrawal, or cumulatively.

Furthermore, when a user deposits or requests to withdraw €5000 (five thousand Euros) or more the user will be requested to declare and submit evidence of his source of wealth (SOW).
Examples of SOW include but are not limited to the following:

• Employment history
• Payslips
• Tax declaration
• Bank Statements
• Inheritance Funds
• Investments or Profits from Business Operations

It is critical that the origin and legitimacy of that wealth is clearly understood. If an employee of the company cannot determine the legitimacy of the wealth additional evidence and / or information may be requested. An email will be sent to customers guiding them through the procedure and requesting additional evidence. Performing Account verifications sometimes can be a timely process and can vary according individual circumstances.

6. Risk Assessment
The Company has established a Customer’s Acceptance Policy in order to perform an accurate and complete risk assessment when accepting customer. The Policy aims to effectively monitor the Company’s customers and to enhance compliance of the Company with the policies and regulatory requirements pertaining to Client acceptance policy. In order to deal with the different risks and different regions the company will categorize every nation in three different regions of risk.

Region one: Low Risk
For every nation and region the Account – ID verification process will be required as described in section 5 above.

Region two: Medium Risk
For every nation from region two the ID - Account verification will be required at a lower deposit and/or withdrawal amount. Specifically, ID-Account verification process will be triggered after depositing or withdrawing €1000 (one thousand Euros). For any deposit and/or withdrawal of €2500 (two thousand five hundred Euros), the user will be requested to declare and submit evidence of source of wealth (SOW). Users from a low risk region that change/deposit crypto currency(ies) in any other FIAT currency will be treated like user/customers from a medium risk region.

Region three: High Risk
Regions of High Risk will be banned and users will not be allowed to deposit funds. High Risk regions will be regularly updated to keep up with the changing environment of a fast-changing world.

Enterprise-wide risk assessment
As part of its risk-based approach, the company has conducted an AML "Enterprise-wide risk assessment" (EWRA) to identify and understand related risks specific to the company. The AML risk policy is determined after identifying and documenting the risks inherent to its business lines such as the services the websites offer. The Users to whom services are offered, transactions performed by these Users, delivery channels used by the bank, the geographic locations of the bank’s operations, customers and transactions and other qualitative and emerging risks. The identification of AML risk categories is based on the company’s understanding of regulatory requirements, regulatory expectations and industry guidance. Additional safety measures are taken to take care of the additional risks the internet brings with it. The EWRA is yearly reassessed.

Money Laundering Risk Assessment
The crucial purpose of Money Laundering Risk Assessment is to identify the general and specific money laundering risks that the company is facing, determining how these risks are mitigated by the company’s AML program controls and establishing the residual risk.

As a result, the Company is aiming to:

• Identify gaps or opportunities for improvement in its AML policies, procedures and processes;
• AML compliance programme aligns with its risk profile;
• Develop risk mitigation strategies including applicable internal controls and therefore lower its business line residual risk exposure;
• Awareness of the key risks, control gaps and remediation efforts;
• Assist senior management with strategic decisions in relation to commercial exits and disposals;
• Assist management in ensuring that resources and priorities are aligned with its risks;

7. Know Your Customer (KYC)
Formal Identification of users and customers on registration and entry into commercial relations is a mandatory requirement for increasing security and protection against fraud. The Company requires this procedure as it forms part and parcel of gambling responsibly along with fraud and financial crime prevention and required by the applicable legislation. Upon the registration of a new account, the Company will check that users are over 18 years of age and verify the identification details of those users, (a process called Know Your Customer 'KYC').

Identification Procedure
A copy of the users passport, ID card or driving license, each shown alongside a handwritten note mentioning six random generated numbers. Also, a second picture with the face of the user/customer may be required. The user/customer may blur out every information, besides date of birth, nationality, gender, first name, second name and the picture in order to secure their privacy. All four corners of the ID and/or passport must be visible in the same image and all details have to be clearly readable, besides the aforementioned details. We might ask for all details if necessary. An employee may also carry out additional checks if necessary, based on the circumstances.

Proof of Address
Verifications of Proof of address will be done via electronic checks for which we use a variety of databases. Each customer must provide a recent utility bill (mobile bills excluded), bank statement or tax bill issued within the last three months, or an official document issued by the government that verifies the permanent residence of the user. To make the approval process efficient, please make sure the document sent is of clear resolution, preferably in pdf format and all four corners of the document are visible, and all text is readable. An employee may do additional checks if necessary, based on the situation.

8. Management of Compliance and AML Policies
It is the Company’s policy to monitor its compliance program with legal and regulatory AML/CFT requirements. The Policy will be reviewed annually and amendments added accordingly, when new products or regulations are introduced. The effectiveness of the Company’s AML/CFT program is regularly evaluated to ensure it remains current and is aligned with business activities, regulatory developments, industry standards and best practices. By doing so, the Company adheres to all applicable laws and regulatory requirements in the jurisdictions in which it operates.

9. Data Retention
The Company must retain the documents and information which served for identification and verification of clients, no less than five years after termination of the business relationship, unless otherwise required by law. The Company is allowed to process personal data gathered upon registration of an account with our company only for the purpose of preventing money laundering and terrorist financing and the data must not be additionally processed in a manner that does not meet the purpose, for instance, for marketing purposes.

10. Cooperation and Exchange of Information
The Company cooperates with supervisory and law enforcement authorities in preventing money laundering and terrorist financing, thereby communicating information available to the Company and replying to queries within a reasonable time, following the duties, obligations and restrictions arising from legislation.