Anti-Money Laundering and Counter-Terrorism Financing Policy (AML/CFT)

Last updated: January 2026

Table of Contents

ARTICLE 1 - OBJECT, SCOPE AND STRATEGIC OBJECTIVES OF THE AML/CFT POLICY

1.1 General context and strategic importance

The fight against money laundering and terrorism financing constitutes a major challenge for the stability of the global financial system, consumer protection, and the credibility of financial institutions. As a fintech providing international payment services and Mobile Money transfers, Rollo Technologies LLC ('Rollo') operates in an environment exposed to risks of service misuse for illicit purposes.

This Anti-Money Laundering and Counter-Terrorism Financing Policy (hereinafter the 'AML/CFT Policy') reflects Rollo's firm commitment to prevent, detect, and report any activity likely to constitute money laundering, terrorism financing, or any other related financial offense.

Rollo considers AML/CFT compliance not only as a regulatory obligation but as a fundamental pillar of the trust granted by users, partner banks, payment networks, investors, and supervisory authorities.

1.2 Purpose of the AML/CFT Policy

This Policy aims to comprehensively define:

  • the guiding principles applicable to the fight against money laundering and terrorism financing;
  • the organizational and operational framework implemented by Rollo;
  • the obligations of users, employees, and partners;
  • the mechanisms for prevention, detection, monitoring, and reporting of suspicious operations;
  • the procedures for cooperation with competent authorities and financial partners.

This Policy constitutes the reference AML/CFT foundation of Rollo and applies to all services, products, distribution channels, and jurisdictions in which the Company operates.

1.3 Scope and applicability

The AML/CFT Policy applies without restriction:

  • to all services offered by Rollo, including accounts, international payments, Mobile Money transfers, and payment links;
  • to all financial transactions, whether domestic or cross-border;
  • to all users, clients, partners, and beneficial owners;
  • to all employees, managers, service providers, and subcontractors of Rollo.

It also covers interactions with partner banks, payment service providers, KYC/KYB providers, and regulatory authorities.

1.4 Strategic objectives of the policy

The main objectives of the AML/CFT Policy are as follows:

  • prevent the use of Rollo services for money laundering or terrorism financing purposes;
  • identify and assess AML/CFT risks associated with clients, products, transactions, and geographical areas;
  • implement proportionate controls based on a risk-based approach;
  • detect and analyze suspicious operations in a timely manner;
  • ensure compliant and diligent reporting of suspicious activities to competent authorities;
  • protect the reputation, financial soundness, and regulatory compliance of Rollo.

1.5 Rollo's commitment and management responsibility

Rollo's management commits to fully support the effective implementation of this AML/CFT Policy by allocating necessary human, technical, and financial resources. It promotes a culture of compliance and ethics at all levels of the organization.

The AML/CFT Policy is integrated with Rollo's other compliance policies, including the Privacy Policy, Terms of Use, and Transaction Security Policy.

1.6 Evolutive nature and enforceability

This Policy may be updated to account for changes in laws, regulations, international standards, Rollo's activities, and risk typologies.

It is enforceable against all concerned parties upon publication and constitutes a reference document during internal and external audits and exchanges with supervisory authorities.

ARTICLE 2 - DEFINITIONS, AML/CFT TERMINOLOGY AND KEY CONCEPTS

Money laundering
any act aimed at concealing or disguising the illicit origin of funds to give them a legitimate appearance.
Terrorism financing
provision or collection of funds, directly or indirectly, intended to be used to commit terrorist acts.
Client
any natural or legal person using Rollo's services.
Beneficial owner (UBO)
any natural person who ultimately owns or controls a client or on whose behalf a transaction is conducted.
Suspicious operation
any transaction or behavior presenting indications of money laundering or terrorism financing.

2.1 General definitions

For the purposes of this AML/CFT Policy, the following terms shall be interpreted in accordance with international standards and applicable regulations:

2.2 Regulatory and financial terminology

The terminology used in this Policy aligns with FATF recommendations, practices of international financial institutions, and requirements of competent supervisory authorities.

ARTICLE 3 - APPLICABLE REGULATORY AND NORMATIVE FRAMEWORK

Rollo conducts its activities in compliance with applicable AML/CFT laws and regulations in the jurisdictions where it operates. To this end, the Company aligns itself notably with:

  • the recommendations of the Financial Action Task Force (FATF);
  • applicable local and regional regulations;
  • contractual requirements of partner banks and payment networks.

The AML/CFT Policy constitutes a compliance foundation intended to evolve according to regulatory changes.

ARTICLE 4 - AML/CFT GOVERNANCE AND INTERNAL RESPONSIBILITIES

Rollo has established a clear and structured AML/CFT governance, integrated into the overall company governance. The responsibility for AML/CFT compliance is held at the highest level of management.

Roles and responsibilities are distributed between management, compliance teams, technical teams, and all employees, each being required to strictly follow AML/CFT procedures.

ARTICLE 5 - RISK-BASED APPROACH

Rollo applies a risk-based approach to identify, assess, and prioritize money laundering and terrorism financing risks.

Due diligence, control, and monitoring measures are proportionate to the identified risk level for each client, product, transaction, or geographical area.

This approach enables efficient allocation of resources and continuous adaptation to evolving risk typologies.

ARTICLE 6 - GENERAL PRINCIPLES OF KNOW YOUR CUSTOMER (KYC)

Rollo applies strict Know Your Customer (KYC) principles to identify, verify, and understand the identity of any person using its services. KYC constitutes the first operational pillar of the fight against money laundering and terrorism financing.

Rollo's KYC procedures are based on collecting accurate, complete, and verifiable information, analyzing the client's profile, assessing associated risks, and regularly updating data. No business relationship can be established or maintained without prior KYC validation.

ARTICLE 7 - KYC FOR INDIVIDUALS

For individuals, Rollo implements identity verification procedures including, without limitation:

  • collection of identification data (name, surname, date and place of birth);
  • verification of valid official documents;
  • authenticity and consistency checks of information;
  • biometric verification mechanisms when required.

The level of due diligence applied varies according to the client's risk profile, the nature of services used, and the concerned jurisdiction.

ARTICLE 8 - KYB FOR BUSINESSES AND LEGAL ENTITIES

Businesses and legal entities are subject to Know Your Business (KYB) procedures. These procedures aim to verify the legal existence of the entity, the legitimacy of its activities, and the identity of controlling persons.

KYB includes notably the collection of constitutive documents, identification of managers, analysis of conducted activities, and assessment of specific risks related to the business sector.

ARTICLE 9 - IDENTIFICATION OF BENEFICIAL OWNERS (UBO)

Rollo identifies and verifies the beneficial owners (UBO) of any legal entity or legal structure using its services.

UBO identification aims to determine the natural persons who exercise direct or indirect control over the entity, to prevent the use of opaque structures for illicit purposes.

ARTICLE 10 - UPDATE, PERIODIC REVIEW AND ENHANCEMENT OF KYC/KYB

KYC/KYB information is subject to periodic reviews to ensure its accuracy and timeliness. Review frequency is determined based on the risk level associated with the client.

Rollo reserves the right to request at any time additional information or documents and to apply enhanced due diligence measures when increased risks are identified.

ARTICLE 11 - AML/CFT RISK TYPOLOGY

Rollo identifies, documents, and updates a comprehensive typology of money laundering and terrorism financing risks likely to affect its activities. This typology constitutes the basis for risk assessment and implementation of proportionate due diligence measures.

Risk categories include notably: client risks, geographical risks, product and service risks, transactional risks, and distribution channel risks.

ARTICLE 12 - CLIENT RISK ASSESSMENT AND SCORING

Rollo applies client risk assessment and scoring mechanisms to classify users according to their AML/CFT risk level. This scoring takes into account various factors, including identity, declared activity, transactional history, location, and sanction list check results.

The risk score determines the applicable due diligence level, KYC/KYB review frequency, and transactional monitoring thresholds.

ARTICLE 13 - TRANSACTIONAL RISK ASSESSMENT

Transactions processed by Rollo are subject to continuous transactional risk assessment. This assessment is based on analysis of amounts, frequency, unusual patterns, counterparties, and channels used.

Transactions presenting atypical characteristics or inconsistent with the client's profile may be subject to enhanced controls, delayed, or blocked preventively.

ARTICLE 14 - GEOGRAPHICAL RISKS, HIGH-RISK COUNTRIES AND SANCTIONS

Rollo considers geographical risks related to jurisdictions where its clients or counterparties operate. Countries identified as high-risk, subject to sanctions, or listed on watchlists are subject to enhanced due diligence measures.

Rollo applies sanctions, embargo, and politically exposed persons (PEP) list screening controls in accordance with regulatory and contractual requirements.

ARTICLE 15 - PRODUCTS, SERVICES AND HIGH-RISK CHANNELS

Certain products, services, or distribution channels may present a higher AML/CFT risk level. Rollo identifies notably as sensitive: cross-border payments, rapid Mobile Money withdrawals, and high-value transactions.

Specific measures are implemented for these services, including limits, enhanced controls, and increased monitoring.

ARTICLE 16 - CONTINUOUS TRANSACTION MONITORING

Rollo implements a continuous transaction monitoring system covering all financial flows processed through its services. This monitoring aims to detect in real-time or retrospectively any activity likely to present money laundering or terrorism financing risks.

The system relies on a combination of automated rules, dynamic thresholds, behavioral analyses, and, when necessary, manual reviews conducted by compliance teams.

ARTICLE 17 - DETECTION OF SUSPICIOUS OPERATIONS

Rollo defines and maintains precise criteria allowing the identification of suspicious operations, including notably transactions unusual by their amount, frequency, complexity, or inconsistency with the client's profile.

When an operation is identified as potentially suspicious, it undergoes an in-depth analysis to determine whether it should be classified as an AML/CFT alert and processed according to internal procedures.

ARTICLE 18 - AML SCENARIOS, ALERTS AND PROCESSING

Rollo uses predefined and evolving AML/CFT scenarios to generate alerts in case of risky behaviors or transactional patterns. These scenarios may include rapid and repeated transfers, split operations, circular flows, or interactions with high-risk zones.

Generated alerts are examined by compliance teams within timelines compatible with regulatory requirements, and give rise to appropriate actions.

ARTICLE 19 - FREEZING, BLOCKING AND RESTRICTIONS OF OPERATIONS

In case of confirmed suspicion or high AML/CFT risk, Rollo reserves the right to temporarily freeze funds, block certain transactions, or restrict access to services, in accordance with applicable laws and contractual obligations.

These measures are implemented proportionately and documented, and may be maintained until the completion of internal analyses or receipt of instructions from competent authorities.

ARTICLE 20 - DOCUMENTATION, TRACEABILITY AND AML DATA RETENTION

Rollo ensures complete documentation and traceability of all AML/CFT actions, including generated alerts, conducted analyses, taken decisions, and applied measures.

AML/CFT data and documents are retained for a duration compliant with legal and regulatory requirements, and are made available to competent authorities upon request.

ARTICLE 21 - REPORTING OF SUSPICIOUS OPERATIONS (STR/SAR)

Rollo has established formalized procedures for reporting suspicious operations (Suspicious Transaction Report / Suspicious Activity Report - STR/SAR) in accordance with applicable laws and regulations.

Reporting decisions are made by authorized compliance functions, based on factual, documented, and traceable elements. Reports are made within required timelines and through official channels provided by authorities.

ARTICLE 22 - COOPERATION WITH AUTHORITIES AND FINANCIAL PARTNERS

Rollo fully cooperates with competent regulatory, judicial, and administrative authorities, as well as with its banking and financial partners, in the context of preventing and fighting money laundering and terrorism financing.

This cooperation may include transmission of relevant information, response to legal requests, participation in investigations, and application of measures imposed by authorities, in compliance with applicable laws.

ARTICLE 23 - CONFIDENTIALITY, PROFESSIONAL SECRECY AND NON-DISCLOSURE

Information relating to AML/CFT analyses, alerts, internal investigations, and suspicious operation reports is covered by strict confidentiality and professional secrecy obligations.

It is strictly prohibited to inform a client or third party of the existence of an AML/CFT analysis or report ('tipping-off'), unless otherwise provided by law.

ARTICLE 24 - DATA RETENTION AND AML/CFT ARCHIVING

Rollo retains data, documents, and records relating to AML/CFT procedures, including KYC/KYB information, transactional histories, risk analyses, and reports, for a duration compliant with legal and regulatory requirements.

Archived data is protected against any unauthorized access, alteration, or destruction, and is made available to competent authorities upon legitimate request.

ARTICLE 25 - MANAGEMENT OF INTERNAL AML/CFT INVESTIGATIONS

Rollo implements internal AML/CFT investigation procedures aimed at analyzing complex alerts, high-risk behaviors, or incidents involving serious suspicions.

These investigations are conducted independently, documented, and proportionately, and may give rise to corrective, disciplinary measures, or external reporting when required.

ARTICLE 26 - INTERNAL AML/CFT CONTROLS

Rollo establishes a permanent system of internal AML/CFT controls aimed at verifying the effectiveness, consistency, and compliance of implemented procedures.

Internal controls are conducted regularly and documented. Control results give rise to internal reports, identification of potential gaps, and implementation of corrective action plans.

ARTICLE 27 - INTERNAL AND EXTERNAL AML AUDITS

Rollo conducts internal AML/CFT audits and, when required, external audits performed by specialized firms or at the request of partner banks or competent authorities.

Audits aim to assess the overall compliance of the AML/CFT system, control effectiveness, procedure quality, and adequacy of allocated resources.

ARTICLE 28 - AML/CFT TRAINING AND AWARENESS

Rollo considers staff training as an essential pillar of the AML/CFT system's effectiveness. All concerned employees benefit from regular training adapted to their functions.

Training covers notably regulatory obligations, money laundering and terrorism financing typologies, internal procedures, warning signs, and individual responsibilities.

ARTICLE 29 - DISCIPLINARY SANCTIONS AND CORRECTIVE MEASURES

Any breach of AML/CFT obligations, any serious negligence, or any intentional violation of internal procedures may give rise to disciplinary sanctions.

Sanctions may include warnings, disciplinary measures, suspension, or termination of contractual relationships, without prejudice to civil or criminal proceedings that may be initiated.

ARTICLE 30 - UPDATE, ENFORCEABILITY AND EFFECTIVENESS OF THE AML/CFT POLICY

This AML/CFT Policy may be modified at any time to account for changes in laws, regulations, international standards, Rollo's activities, and risk typologies.

Any updated version is published on the website www.rollo.money and becomes enforceable from its publication date. Continued use of Rollo services implies acceptance of the AML/CFT Policy in its current version.

The AML/CFT Policy takes effect upon its publication.

Rollo Technologies LLC. All rights reserved.