Anti-Money Laundering Policy

ZASHX Inc. ("ZASHX," "we," "us," or "our") is committed to the highest standards of Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) compliance. This policy outlines our commitment to preventing the use of our services for money laundering, terrorist financing, or other illicit activities. As a registered Money Services Business (MSB) with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), we are subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated regulations. This AML/CTF Policy applies to all ZASHX employees, officers, directors, contractors, and agents involved in the provision of money transfer services.

ZASHX operates under the following regulatory framework: Canadian Regulations: • Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) • Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) • FINTRAC guidance and directives International Standards: • Financial Action Task Force (FATF) Recommendations • Wolfsberg Group AML Principles Registration: ZASHX is registered with FINTRAC as a Money Services Business (MSB). Our registration can be verified on the FINTRAC MSB registry. We maintain our registration in good standing and comply with all reporting obligations and regulatory requirements.

ZASHX adopts a risk-based approach to AML/CTF compliance, which includes: Risk Assessment: • Regular assessment of money laundering and terrorist financing risks • Evaluation of risks associated with customers, products, delivery channels, and geographic areas • Documentation and periodic review of risk assessments Risk Mitigation: • Enhanced due diligence for higher-risk customers and transactions • Ongoing monitoring proportionate to risk level • Regular review and updating of risk indicators Risk Categories: • Low Risk: Verified customers with consistent transaction patterns within normal parameters • Medium Risk: Customers with some higher-risk indicators requiring enhanced monitoring • High Risk: Customers in high-risk jurisdictions, PEPs, or with unusual transaction patterns

Before establishing a business relationship, ZASHX verifies the identity of all customers: Individual Customers: • Full legal name • Date of birth • Current residential address • Valid government-issued photo identification • Additional documentation as required Identification Documents Accepted: • Canadian passport • Canadian driver's license • Provincial/territorial ID card • Permanent Resident Card • Other government-issued photo ID Verification Methods: • Document verification using advanced technology • Third-party identity verification services • Database checks and validation • In-person verification when required We do not establish business relationships with anonymous or fictitious persons.

ZASHX performs Customer Due Diligence on all customers: Standard Due Diligence: • Verification of customer identity • Understanding the nature and purpose of the business relationship • Collection of occupation and source of funds information • Ongoing monitoring of transactions Enhanced Due Diligence (EDD): Applied to higher-risk customers, including: • Politically Exposed Persons (PEPs) and their associates • Customers from high-risk jurisdictions • Customers with unusual transaction patterns • High-value or frequent transactions • Customers identified through screening EDD measures include: • Senior management approval for business relationships • Enhanced source of funds verification • More frequent reviews and monitoring • Additional documentation requirements

ZASHX has procedures to identify and manage relationships with PEPs: Definition: A PEP is a person who holds or has held a prominent public position, including: • Heads of state or government • Senior politicians and government officials • Senior judicial officials • Senior military officers • Senior executives of state-owned corporations • Important political party officials Categories: • Foreign PEPs: Hold positions in foreign governments • Domestic PEPs: Hold positions in Canadian government • International Organization PEPs: Hold positions in international organizations • Family Members and Close Associates of PEPs Requirements: • Screening of all customers against PEP databases • Enhanced due diligence for all PEP relationships • Senior management approval required • Enhanced ongoing monitoring • Determination of source of wealth and funds

ZASHX maintains robust transaction monitoring systems: Automated Monitoring: • Real-time transaction screening • Pattern detection and analysis • Threshold-based alerts • Behavioral analytics Manual Review: • Investigation of alerts by trained compliance staff • Assessment of unusual or suspicious patterns • Documentation of findings and decisions Monitoring Indicators: • Transactions inconsistent with customer profile • Unusual transaction patterns or frequencies • Transactions involving high-risk jurisdictions • Structuring or attempts to avoid reporting thresholds • Rapid movement of funds • Third-party transactions without clear explanation All suspicious activities are escalated for further review and potential reporting.

ZASHX screens all customers and transactions against sanctions lists: Screening Lists: • United Nations Security Council Consolidated List • OFAC Specially Designated Nationals (SDN) List • Canadian Consolidated Autonomous Sanctions List • European Union Sanctions List • Other applicable sanctions lists Screening Process: • Real-time screening of all transactions • Screening at customer onboarding • Periodic re-screening of existing customers • Investigation of potential matches Prohibited Activities: We do not conduct transactions with: • Sanctioned individuals or entities • Sanctioned countries or regions • Parties acting on behalf of sanctioned persons

ZASHX fulfills all reporting obligations to FINTRAC: Suspicious Transaction Reports (STRs): • Filed when there are reasonable grounds to suspect money laundering or terrorist financing • Submitted within 30 days of detection • Include all relevant transaction and customer information Large Cash Transaction Reports (LCTRs): • Filed for cash transactions of $10,000 CAD or more • Submitted within 15 days Electronic Funds Transfer Reports (EFTRs): • Filed for international electronic funds transfers of $10,000 CAD or more • Submitted within 5 business days Terrorist Property Reports: • Filed immediately upon discovery of property owned by a terrorist or terrorist group • Submitted without delay All reports are filed through FINTRAC's secure reporting system.

ZASHX maintains comprehensive records as required by regulations: Records Retained: • Customer identification and verification records • Transaction records and receipts • Account files and business correspondence • Risk assessments and due diligence documentation • Training records • Internal reports and investigations Retention Period: • Minimum 5 years from the date of the transaction or the end of the business relationship • Records stored securely with appropriate access controls • Records available for regulatory examination upon request Record Format: • Records may be kept in electronic or paper format • Must be readily retrievable and reproducible

ZASHX provides comprehensive AML/CTF training: Training Program: • Initial training for all new employees • Annual refresher training • Role-specific training for compliance staff • Updates when regulations or policies change Training Content: • Overview of money laundering and terrorist financing • Regulatory requirements and obligations • Customer identification and due diligence • Recognizing suspicious activities • Reporting procedures • Consequences of non-compliance Training Records: • Documentation of all training completed • Assessment of training effectiveness • Records retained for regulatory purposes

ZASHX has appointed a Chief Compliance Officer responsible for: Responsibilities: • Oversight of the AML/CTF compliance program • Implementation and maintenance of policies and procedures • Ensuring regulatory reporting obligations are met • Liaison with FINTRAC and other regulatory bodies • Reporting to senior management and the Board • Managing compliance staff and resources Authority: • Direct access to senior management and the Board • Authority to halt suspicious transactions • Independence in carrying out compliance duties • Access to all relevant information and systems The Compliance Officer can be contacted at: compliance@zashx.com

ZASHX conducts regular independent reviews of its AML/CTF program: Review Frequency: • Comprehensive review at least every two years • More frequent reviews if significant changes occur Review Scope: • Effectiveness of policies and procedures • Adequacy of risk assessments • Quality of transaction monitoring • Compliance with regulatory requirements • Training program effectiveness Review Process: • Conducted by qualified independent parties • Findings reported to senior management • Remediation of identified deficiencies • Documentation of review and actions taken

Failure to comply with AML/CTF requirements can result in: For ZASHX: • Administrative monetary penalties from FINTRAC • Criminal prosecution • Revocation of MSB registration • Reputational damage For Employees: • Disciplinary action up to and including termination • Personal liability and penalties • Criminal prosecution in serious cases For Customers: • Account suspension or termination • Reporting to authorities • Legal action ZASHX takes all compliance matters seriously and investigates all potential violations thoroughly.

For questions about this AML Policy or to report suspicious activities: Chief Compliance Officer ZASHX Inc. 231 Oak Park Blvd, Suite 301 Oakville, ON L6H 7S8 Canada Email: compliance@zashx.com Phone: +1 (289) 203 5222 To report suspicious activities anonymously, please use our confidential reporting channel. For regulatory information: FINTRAC: www.fintrac-canafe.gc.ca FINTRAC Contact Centre: 1-866-346-8722