Anti-Money Laundering & Counter-Terrorist Financing Policy

Entity: Wellin Capital Co., Ltd
Product: Cashai platform
Effective Date: 1 January 2025
Version: 1.0

1. Policy Objective

Wellin Capital (“the Company”) is committed to preventing the misuse of the Cashai platform for:

• Money Laundering

• Terrorist Financing

• Fraud, corruption and proceeds of crime

This policy defines the minimum AML/CFT standards applicable to all Cashai operations globally.

2. Regulatory Basis

This policy is established in accordance with:

• FATF 40 Recommendations

• Bank of Thailand AML/CFT Regulations

• United Nations Sanctions Regime

• OFAC SDN & Sectoral Lists

• EU AMLD 5 & 6

• MAS PS-N01 AML Guidelines

3. AML Governance

Position
Responsibility
Board of Directors
Ultimate AML accountability
AML Compliance Officer (AMLCO)
Daily AML control & reporting
Risk Committee
Risk framework approval
Operations Team
KYC, monitoring, escalation
Internal Audit
Annual AML assessment

4. Risk-Based Approach

Cashai applies a risk scoring model across:

• Customer type

• Geography

• Transaction behavior

• Loan pattern frequency

• Device & IP intelligence

5. Customer Due Diligence (CDD)

Mandatory onboarding data:

• Full legal name

• National ID / Passport

• Facial recognition & liveness check

• Proof of address

• Source of income declaration

All customers must pass identity verification before any loan disbursement.

6. Enhanced Due Diligence (EDD)

EDD is mandatory for:

• Politically Exposed Persons (PEPs)

• High-risk jurisdictions

• Complex repayment structures

• Repeated early settlement behavior

EDD includes:

• Additional document verification

• Source of wealth analysis

• Senior management approval

7. Sanctions & Watchlist Screening

Cashai screens all customers against:

• UN Sanctions

• OFAC SDN

• EU Consolidated Lists

• Domestic AML Blacklists

Screening is performed:

• At onboarding

• Prior to every loan payout

• Daily batch re-screening

8. Transaction Monitoring

Automated monitoring flags:

Risk Indicator
Example
Structuring
Artificial splitting of repayments
Velocity
Excessive loan cycling
Geography anomaly
IP mismatch with KYC
Financial inconsistency
Repayment beyond declared income

9. Suspicious Transaction Reporting

Suspicious activity must be escalated to AMLCO within 24 hours.

The AMLCO files STRs to the competent authority within statutory timelines.

10. Record Keeping

All AML records are retained for 10 years including:

• KYC files

• Transaction logs

• STR filings

• Audit reports

11. Training

• Mandatory AML training annually

• Quarterly high-risk scenario drills

• Induction AML training for all new hires

12. Independent Review

• Annual internal AML audit

• Biennial external compliance review

13. Disciplinary Action

Any breach of this policy may result in:

• Immediate suspension

• Termination

• Referral to law enforcement

Position	Responsibility
Board of Directors	Ultimate AML accountability
AML Compliance Officer (AMLCO)	Daily AML control & reporting
Risk Committee	Risk framework approval
Operations Team	KYC, monitoring, escalation
Internal Audit	Annual AML assessment

Risk Indicator	Example
Structuring	Artificial splitting of repayments
Velocity	Excessive loan cycling
Geography anomaly	IP mismatch with KYC
Financial inconsistency	Repayment beyond declared income