Pagosa Oil AML Policy

Pagosa Oil is a platform represented by PAGOSA OIL

PAGOSA OIL Number: 443 Main St. Peckville, PA 18452, USA

Wallet services provided by company OpenXcell LLC in accordance with country USA regulation.

Pagosa Oil Activity Program for Prevention of Legalization of Proceeds from Criminal Activity and Protection against Terrorist Financing.

This Program is intended for persons who are responsible (the “Mandated Employee”) within the Company for identification of new and existing Customers and monitoring of their activities.

The Manager of the Company, or an Authorized Person and his/her deputy are responsible for compliance with and updates to the Program. This Program covers:The manner in which customer due diligence is implemented;Overview of forms of unusual business transactions according to the subject matter of operations of the obliged person;Method of risk assessment and management under Article 20a of the Act; assessment procedure as to whether the transaction being prepared or executed is unusual;Procedure following the discovery of an unusual business transaction to its immediate reporting to the Financial Intelligence Unit, including procedure and responsibilities of employees who assess such unusual business transaction;Procedure for postponing an unusual business transaction under Article 16 of the Act;Procedure for keeping data under Article 19 of the Act;

Appointment of a person and his/her deputy responsible for protection against legalization and providing reporting of unusual business transactions and ongoing contact with the Financial Intelligence Unit;The manner of protection for an employee who detects unusual business transactions;Content and schedule of special training for employees who may encounter an unusual business transaction in the course of the performance of their work; the manner in which control of compliance with this Program is carried out and responsibilities arising out of this Act for an obliged person;List of risky and unsupported activities, persons and entities, and countriesArticle IDefinition of Basic TermsUnder the current legislation valid and effective in the territory of the Slovak Republic the following definitions apply:

1. Dirty money Refers to money from crime, respectively any assets obtained through crime (profits, proceeds, proceeds from crime, assets of a non-financial nature valued in money, such as intellectual property, etc.). The process of transforming these illegal financial and non-financial resources into legal resources (creating the impression of a legal acquisition of assets) is called “money laundering”.

2. Legalization, or “money laundering” is understood to be a deliberate act consisting in:

Conversion of nature of property or transfer of property, knowing that the property originates from criminal activity or involvement in criminal activity,with the aim of concealing or disguising the illicit origin of the property or with the aim to assist a person involved in the commission of such criminal activity to avoid the legal consequences of his/her conduct;Concealment or disguising of the origin or nature of property, the location or movement of property, the ownership or another title to the property, knowing that the property originates from criminal activity or involvement in criminal activity;Acquisition, possession, use and handling of property, knowing that the property originates from criminal activity or involvement in criminal activity,Involvement in an action under letters a) through c), even in the form of association, assistance, instigation and incitement, as well as in attempting such action;i.e. act whose aim is to conceal the existence of property originating from criminal activity or to conceal its illicit origin and its further use as if the origin of such property was legitimate. It is irrelevant whether such property generating activity was carried out in the territory of the Slovak Republic or in the territory of any other country.

3. Terrorist financing is understood to be the provision or collection of funds with the intention to use them or knowing that they are to be used, in whole or in part, to commit:

The criminal offence of establishing, contriving or supporting a terrorist group or the criminal offence of terrorism,The criminal offence of theft, the criminal offence of extortion or the criminal offence of counterfeiting or altering a public document, official stamp, official seal, official sign and official mark, or instigating, aiding or inciting a person to commit such criminal offence or to attempt it with the aim to commit a criminal offence of establishing, contriving and supporting a terrorist group or the criminal offence of terrorism;Financing of everyday needs of a person where it is reasonable to assume that such person intends to commit or has committed the criminal offence of terrorism and some other forms of participation in terrorism;Criminal offences under international agreements that were ratified and published in a manner consistent with law and by which the Slovak Republic is bound.Terrorist financing is prohibited.

For Pagosa Oil as an obliged entity, as well as its employees, directors, and chief clerks, it is important to know that with respect to legalization and financing of terrorism the reporting duty of Pagosa Oil under the Act occurs at the moment when a transaction “indicates” that its execution may lead to legalization or to terrorist financing, i.e. it is not required to have knowledge of actual legalization or terrorist financing.

4. Politically Exposed Person:

A natural person who is or was entrusted with a prominent public function and does not have permanent residence in the Slovak Republic during performance of his/her prominent public function and for the period of one year after termination of such performance, namely a head of state, prime minister, deputy prime minister, minister, head of a government agency, state secretary or a similar deputy of a minister, member of Parliament, judge of the Supreme Court, judge of the Constitutional Court or other high-level judicial bodies the decisions of which are not subject to further appeal except for special cases, member of the court of auditors or of the central bank board, ambassador, chargé d ́affaires, high-ranking military officer, member of an executive body, supervisory body or auditing body of a state enterprise or a stateowned company, or a person holding a similar post in the institutions of the European Union or international organizations, or a member of a statutory body of a political party, or a political party;

A natural person who is:The spouse or a person having a status equivalent to the spouse of a person referred to in paragraph 1) above;

A child, son-in-law or daughter-in-law of a person referred to in paragraph 1) above or a person having a status similar to such son-in-law or daughter-in-law referred to in paragraph 1) above, or a parent of a person referred to in paragraph 1) above;A natural person known to be the beneficial owner ofThe same customer or to be in control of the same customer as a person referred to in paragraph 1) above or operates a business together with a person referred to in paragraph 1) above, orA customer established for the benefit of a person referred to in paragraph 1) above

5.Beneficial Owner – Every natural person who ultimately operates or controls a legal person, natural person or an entrepreneur or corporation, and every natural person for the benefit of whom these entities operate, or a natural person who especially:

In case of a legal person who is not part of the corporation or an issuer of securities admitted to trading on a regulated market who is subject to disclosure requirements under a special regulation, an equivalent to a legal regulation of a Member State or an equivalent to international regulations, a natural person who:Has a direct or indirect interest or sum thereof of at least 25% in the voting rights in a customer who is a legal entity – entrepreneur, or its capital including bearer shares,Is entitled to appoint, otherwise constitute or dismiss a statutory body or another executive body, supervisory body, or auditing body of a customer who is a legal person – entrepreneur,In a manner other than those referred to in letters a and b controls a customer who is a legal person – entrepreneurIs entitled to at least 25% of the profit from the operations of a legal person or its other activities. If no natural person meets the criteria referred to in paragraph 1) then the Beneficial Owner for this person is considered to be the members of its top management where a member of the top management is considered to be a statutory body, member of a statutory body, clerk and senior manager holding a post of the direct manager of the statutory bodyIn case of a natural person – entrepreneur, a natural person who has the right to the profit of at least 25% from the operations of the natural person – entrepreneur or other activities of such person.In the case of a corporation, a natural person who:Is the founder or establisher of the corporation; if the founder or establisher is a legal person, a natural person under paragraph 1);Has the right to appoint, otherwise constitute or dismiss a statutory body, executive body, supervisory body, or auditing body of the corporation or its member, or is a member of a body that has the right to appoint, otherwise constitute or dismiss these bodies or its memberIs a statutory body, executive body, supervisory body, auditing body or a member of these bodiesIs a beneficiary of at least 25% of funds supplied by a corporation, provided the future beneficiaries of those funds have been designated, orIs one of those persons for whose benefit a corporation is established or operates, if the future beneficiaries of funds of the corporation have not been designated,Has a reasonable assumption that the customer or the Beneficial Owner is a person on whom international sanctions are imposed under a special regulation, 1a) or a person who might have a relationship to such person, orWhere there is a reasonable assumption that its subject is or is to be an object or a service that may relate to an object or a service on which international sanctions are imposed under a special regulation.1a)1a) Act No. 289/2016 Coll. on the Enforcement of International Sanctions and on an amendment to Act No. 566/2001 Coll. on Securities and Investment Services and on amendments to certain laws (the Securities Act) as amended.

6. Identification – is the finding of:

In the case of a natural person, identification of the name, surname and birth number or date of birth, if no birth number has been assigned, address of permanent residence or other residence, nationality, identification of the type and number of the identity document; in the case of a natural person – entrepreneur, as well as finding out the address of the place of business, identification number, if assigned, designation of the official register or other official register in which this entrepreneur is registered, and the number of entry in this register or register,For a legal person, identification of the name, registered office address, identification number, designation of the official register or other official register in which the legal person is registered and the number of entry in this register or register, and identification of the natural person authorized to act on behalf of the legal person. personsIn the case of a person represented on the basis of a power of attorney, ascertaining his data pursuant to letter a) or b) and ascertaining the data of a natural person authorized to act on behalf of this legal entity or natural person within the scope of data pursuant to letter a),In the case of a minor who does not have an identity document, the name, surname and birth number or date of birth, if no birth number has been assigned, of the minor’s nationality and legal representative, or the nationality of his or her legal representative; orIn the case of performance by third parties pursuant to Section 13 of the Act, receipt of data and documents from a credit institution or financial institution.

7. Verification of identification – means:

In the case of a natural person, verification of data according to § 7 letter a) of the Act in his identity document, if they are listed there, and verification of the form of the person with the form in his identity document in his physical presence, or using technical means and procedures, if the liable person, taking into account the circumstances of implementation and security risks of the technology used whereas such means and procedures make it possible to verify identification at a level which, in terms of the reliability of the result of the verification, is similar to verification in the physical presence; for a natural person – entrepreneur also verification of data according to § 7 letter a) of the Act on the basis of documents, data or information obtained from the official register or other official records in which the entrepreneur is registered, or from another credible and independent source,In the case of a legal entity, verification of data pursuant to § 7 letter b) of the Act on the basis of documents, data or information obtained from the official register or other official records in which the legal entity is registered, or from another reliable and independent source and verification of the identification of a natural person authorized to act on behalf of the legal entity according to § 7 letter a) of the Act in its physical presence, and verification of the authorization to act on behalf of a legal entity,In the case of a person who is represented on the basis of a power of attorney, verification of his / her data in the scope of data pursuant to § 7 let. c) of the Act on the basis of documents, data or information obtained from the submitted power of attorney with a certified signature, official register or other official records or from another credible and independent source and verification of identification of natural person authorized to act on the basis of power of attorney letter a) of the Act in her identity document in her physical presence,In the case of a minor who does not have an identity document, verification of the type and number of the identity document and the form of the legal representative of the minor present with the form in his / her identity document,Verification of the identification number or code assigned to the transaction through technical equipment to the client, the liable person according to a special regulation, if the client has already been identified according to § 7 letter a) to d) of the Act,Proving the client with a guaranteed electronic signature, if the client has already been identified according to § 7 letter a) to d) of the Act, orVerification of identification by other means, if such a method allows a special regulation.

8. Assets – Are any assets, regardless of their nature, in particular movables, immovable property, flats, non-residential premises, securities, receivables, intellectual property rights, including industrial property rights, as well as legal documents and deeds, which prove a legal relationship to the property or a share in it.

9. Client – Means a person who:Is a party to a contractual relationship linked to the obligor ‘s business personsTakes part in proceedings for the purpose of becoming a party to the contractual relationship associated with the business activity of the liable person,Represents, in proceedings with the liable person, a party to the contractual relationship related to the business activity of the liable person, orRepresents, in proceedings with the liable person, a party to the contractual relationship related to the business activity of the liable person, or

10. Business relationship – Means a contractual relationship between the liable person and the client, inclusive any activities related to this relationship from which at the time of contact expects to contain an element of duration and further performances or recurring performances.

11. Trade – Means the creation, change or termination of a contractual relationship between the liable person and its client and any business operation of the client or on behalf of the client or disposal of the client’s property or on behalf of the client, related to the liable person’s activities, including in their own name and on their own account.

12. A type of transaction – Means a group of transactions within the activities of a liable entity, which are characterized by certain features or contractual conditions of their provision by the liable entity 13. Criminal activity – Means criminal activity committed on the territory of the Slovak Republic or outside the territory of the Slovak Republic.

14. The financial intelligence unit – Is a special unit of the financial police of the Police Force.

Article IIOverview of Forms of Unusual Business TransactionsUnusual business transaction (the “UBT”) means a legal act or other act which indicates that its execution may enable legalization or terrorist financing. The assessment whether a transaction is a UBT lies with Pagosa Oil . It is Pagosa Oil ’s task to determine, based on its experience and other facts, whether a transaction with regards to legal and natural persons in cooperation with whom such transaction is being prepared or executed can be classified as unusual.

Pagosa Oil does not need to know what type of criminal offence might be involved, who might have committed it, nor does it need to know any other facts relating to constituent elements of a specific criminal offence. The Pagosa Oil ’s task is to evaluate certain anomalies which due to their nature, content or exceptionality clearly fall outside the normal parameters or nature of certain transactions or certain Customer.The law generally defines a UBT as each of the following transactions:Which with regards to its complexity, unusually high amount of funds or its other nature goes apparently beyond the common framework or nature of a certain type of transaction or a transaction of a certain Customer;Which with regards to its complexity, unusually high amount of funds or its other nature has no apparent economic purpose or a visible lawful purpose;Where the Customer refuses to identify himself/herself or to provide the information necessary for the obliged entity to perform customer due diligence under Sections 10, 11 and 12 of the Act;Where the Customer refuses to provide information of the upcoming transaction or tries to provide as little information as possible or provides such information that the obliged entity can verify only with great difficulty or at a great cost;Where the customer demands its execution based on a project which raises doubts;Where funds of low nominal value in a considerably high amount are used;With a Customer in whose case it can be presumed that with regards to his/her occupation, position or other characteristics he/she is not or cannot be the owner of the required funds;Where the amount of funds that the Customer has at his/her disposal is in apparent disproportion to the nature or scope of his/her business activity or financial status declared by him/her;Where there is a reasonable assumption that the funds or property is to be used or was used to finance terrorism;Where there is a reasonable assumption that a Beneficial Owner is a person who collects or provides funds or property for the purpose of financing terrorism;Which is executed from a country or to a country on the territory of which terrorist organizations operate or which provides funds or other support to terrorist organizations;Where there is a reasonable assumption that the Customer or Beneficial Owner is a person on whom international sanctions are imposed under a special regulation, or a person who might have a relationship with a person on whom international sanctions are imposed under a special regulation; orWhere there is a reasonable assumption that its subject matter is an object or a service that may relate to an object or a service on which international sanctions are imposed under a special regulation;Where there is an assumption that during the execution of transfer or use of services unreasonably high transaction costs are to be incurred which clearly exceed the value of the services required.In which the client requests the use of such forms of payment system, which is not usual with acquaintances business activities of the client,In the case of frequent repetition of deposits below EUR 15,000 or in the equivalent in another currency, the deposit of which resulted in a significant deposit or which were later transferred to places not normally used by the client,In the case of non-cash deposits of the client and third parties and subsequent cash withdrawals of funds to the client for such purposes for which other forms of payment are usually used, such as checks, letters of credit, bills of exchange,In the case of clients’ activities related to the opening of several accounts, the amount of which is manifestly disproportionate to the subject of their activity, and transfers between these accounts,In the case of movements on clients’ accounts which do not correspond to the nature or scope of their business activity,In the number of turnovers on the account in one day or in consecutive days, which do not correspond to the usual monetary operations of the client,In the case of frequent erroneously paid payments and subsequent requests for their return to another account,For large one-off payments from and to abroad for no apparent reason,Which is carried out by a client belonging to a country on the list of risk countries.Article IIIThe method of performing care in relation to the clientThe company is obliged to perform basic care in relation to the client in the following cases:Concluding a business relationship,In the case of an occasional non – commercial transaction of at least 15 000. It does not matter whether the trade is executed individually or as several on top of each other subsequent transactions that are or may be connected,If it is suspected that the client is preparing or carrying out an unusual business operation, regardless of to the value of the trade,In case of doubt as to the veracity or completeness of previously obtained identification data on client, orIn the case of the payment of the balance of the canceled deposit to the bearer.Basic care means:Identification of the client and verification of his identification,Depending on the risk of legalization or terrorist financing, the identification of the end-user of the benefits and the adoption of appropriate measures to verify his identification, including measures to establish the ownership and management structure of a client who is a legal entity or an association of assets;Obtaining information on the purpose and intended nature of the business relationship,Carrying out ongoing monitoring of the business relationship, including a review of specific transactions carried out during the duration of the business relationship in order to determine whether the transactions carried out are in accordance with the obligated person’s knowledge of the client, his business profile and an overview of possible risks associated with the client, and depending on the risk of legalization or terrorist financing, data or information available to the client on the client.The company is obliged in accordance with par. § 10 par. 3 of the Act to identify the client and verify his identification even when executing a transaction, resp. the sum of trades with a value of at least EUR 1,000 / month, unless it is a case under point 2 of this Article, together with the company’s obligation to ascertain whether the client is acting in its own name (carrying out the trade on its own account)When performing basic care, the company ascertains whether the client is acting in its own name. If he finds that the client is not acting in his own name, he shall invite him to prove in the form of a binding written statement the name, surname, birth number or date of birth of the natural person or business name, registered office and identification number of the legal entity in which currency the business is conducted; the liable person shall proceed in the same way even if there are doubts as to whether the client is acting in his own name.The company is obliged to identify the end user of the benefits always in the case of legal entities; whereas the legal form of the company must not interfere with the identification of the end-user of the benefits. Verification of the information obtained on the end-user of benefits in accordance with the Act should be carried out to an appropriate extent; e.g. by requesting a written declaration of end-user benefits and subsequently verifying such information from available sources. If the client’s risk profile allows, the company may, when exercising basic care, identify the end-user of the benefits on the basis of information from public sources, without having to contact or verify the client’s information.The company is obliged to refuse a new client, terminate the existing business relationship with the client, or refuse to perform a specific business operation if it is not possible to perform basic care for reasons on the part of the client under point 2 (a). a) to c) of this Article.Depending on the risk of legalization or terrorist financing, the company is obliged to take measures to determine whether the client is a politically exposed person.When monitoring existing clients, the company is obliged to focus on ongoing investigation and verification of whether the client has become a politically exposed person; in such a case, the consent of the manager must be required for the continuation of the business relationship, and the employee is considered to be one management level higher. If the politically exposed person is the owner, or operates in the management structure of the client – legal entity, or is the end user of the benefits in this case, it is a situation that requires the application of increased care against the client – legal entity.In the cases provided for in Section 11 of the Act, it is sufficient if the company provides simplified care.The company will exercise increased care in relation to the client, if the client is not physically present for identification and verification purposes, so that in addition to basic identification requires official verification of the client’s signature on relevant documents or requires the submission of a photocopy of the client’s identity card submission of other required documents and in dealing with a politically exposed person the company will exercise increased care in relation to the client to the extent: obtains the consent of the manager before concluding a business relationship with a politically exposed person and takes measures to determine the origin of assets and origin of funds.Article IVMethod of risk assessment and managementThe scope of care in relation to the client is determined by the company with regard to the risk of legalization or terrorist financing.The risk of legalization or terrorist financing shall be assessed by the company according to the following criteria.Type of client (natural person – legal person; native – foreigner; non – entrepreneur – entrepreneur, politically exposed person, etc.)Type of trade (purchase – sale – free transfer)Type of business relationship (type of contract that the company and the client will enter into)Other criteria (especially Article III point 1 of the Program, etc.).As part of the management of risks related to protection against money laundering and terrorist financing, the company shall accept payments from clients in carrying out transactions exclusively through bank transfers or bank deposits in a Member State or in a third country guaranteeing an equivalent level of protection against money laundering and terrorist financing. In this case, the protection is doubled in the sense that the relevant financial institution also implements measures aimed at protection against legalization and terrorist financing.Article VThe procedure for assessing whether a transaction being prepared or executed is unusual. The process from the detection of an unusual business operation to its immediate reporting to a financial intelligence unitSuspicion of an unusual business operation, the relevant employee conducting the business shall consult with one of the managers, the managing director or the employee responsible for the performance of the compliance function (designated person); consider the operation to be unusual.In assessing the nature of the transaction, the employee performing the transaction, as well as the designated person to whom that employee has notified the transaction, shall base the assessment of the transaction on data obtained from the care taken against the client concerned.The company shall report to the financial intelligence unit an unusual business operation or an attempt to perform it, as well as a refusal to perform the requested unusual business operation without undue delay.The reporting obligation is fulfilled by submitting a report on an unusual business operation in a manner guaranteeing that the information contained therein remains confidential from an unauthorized person, namely: in person (Račianska 45, 832 23 Bratislava), in writing (Financial Intelligence Unit, Pribinova 2, 812 72 Bratislava), by telephone (if the matter cannot be postponed, with subsequent written confirmation within three days of receipt of the telephone report by the financial intelligence unit), electronically ([email protected]).The reporting of unusual business operations and ongoing contact with the financial intelligence unit shall be ensured by the employee responsible for the performance of the compliance function (designated person).The report on an unusual transaction shall contain in particular:Business name, registered office and identification number of the company,Data obtained by identifying the persons concerned by the unusual business operation,Details of the unusual business operation, in particular the reason for the unusual nature, the time course of events, account numbers, details of when they were established, who owns them and who has the right to dispose of them, photocopies of the documents on which the accounts were based, identifications persons authorized to handle the accounts, photocopies of concluded contracts and other related documents. and information,Data on third parties who have information about an unusual business operation,The name of the designated person responsible for protection against legalization and financingterrorism, which provides contact with the financial intelligence unit and telephone contact to this person.The notification of an unusual transaction is without prejudice to the obligation to report the facts indicating the commission of a criminal offense.For the purposes of this Article and Article XIV of the Program is also considered by the managing director of the Company, its the CEO or another person acting in the name and on behalf of the company, which is not an activity performed on the basis of a contractual relationship arising from the Labor Code.Article VIProcedure for delaying an unusual business operationThe company shall hold an unusual business operation until the reporting of the unusual business operation to the FIU.A company shall hold an unusual business operation if there is a risk that it may frustrate or make it significantly more difficult to seize the proceeds of crime or terrorist financing funds, or if the FIU so requests in writing, upon receipt of a notification from the FIU. units to carry out an unusual business operation; however, a maximum of 120 hours.After the expiry of this period, the company is obliged to delay the unusual business operation on the basis of the notification of the financial intelligence unit that it has handed over the case to the law enforcement authorities, but for a maximum of another 72 hours. Saturday and non-working days are not counted until the delay of an unusual business operation.The company is obliged to immediately inform the financial intelligence unit about the delay of an unusual business operation.A company shall not hold an unusual business transaction if:It cannot be delayed for operational or technical reasons; of this fact the liable person immediately inform the financial intelligence unit,A delay as previously notified to the FIU could frustrate the processing of an unusual business operation.Article VIIData retentionThe company shall keep for five years:From the end of the contractual relationship with the client, data and documents obtained during the implementation of the basic, simplified or increased care,From the execution of the transaction, all data and documents about it.The company shall keep the data and documents referred to in point 1 of this Article for more than five years, if requested in writing by the financial intelligence unit, stating the period and extent of retention of data and written documents.Records that need to be archived:Records on customer due diligenceFinancial institutions shall archive data and written documents on customer due diligence they apply (basic, simplified enhanced) obtained by way of the procedure described in Articles 10 and 12 of the AML Act, on the identification and verification of customers and beneficial owners, politically exposed or sanctioned persons, and information on the purpose and planned nature of transactions. Documentation on facts about the origin of property and funds also needs to be archived when relevant to the risk of money laundering or terrorist financing.Records on customers’ risk ratingDocuments and information related to the assignment of customers to risk groups must be archived, too.

Financial institutions shall record and archive important information confirming the circumstances justifying a customer’s reassignment to a different risk group (and therefore change in the customer’s risk profile) together with other data on the customer.Records on financial operationsThe internal regulations of a financial institution should establish the duty to record all financial operations carried out for customers in the financial institution’s accounting and reporting system. Records on financial operations that support accounting entries should be archived in a form that allows the FIU, supervisory authority, control authority and the law enforcement authorities to compile a satisfactory record and to verify each customer’s risk profile. Supporting records shall also contain the customer’s instructions related to the customer’s payments. The financial institution shall archive records on each financial operation made by the customer, including single financial operations performed for customers who do not have an account at the financial institution. The archiving period in this case is the same as for archiving identification records and documents.Records on internal notifications of UTs and UT reportsFinancial institutions shall archive all reports on a customer’s unusual activities, namely internal notifications of UTs intended for the NO, as well as UT reports that the NO has sent to the FIU. If, after assessing the relevant information and knowledge concerning a customer’s unusual activity, the NO decides that this does not constitute a UT and so there is no need to report the case to the FIU, the reasons for that decision must also be recorded and archived, together with the records on the relevant transaction.Records on staff training and educationFinancial institutions shall archive records on staff training focussed on familiarisation with the AML/CFT Programme, containing the names and positions of the participating employees, the date and place of training, and its form and content.Form of the recordsArchives must be kept of originals or photocopies of paper documents and documentation, as well as data stored in personal computers and on mechanical media in electronic form.Copies of documents must be made in a manner ensuring that the relevant data are legible and suitable for archiving. A natural person’s image copied from their identity document must be of adequate quality, enabling easy identification and verification.Place, manner and period for which records must be archivedArchiving periods are the same, regardless of the form in which the data are archived. In view of the need to provide additional data on customers and on their financial operations, particularly for the FIU, NBS and law enforcement authorities, it is important that financial institutions are able to find, without undue delay, the necessary data or records (in their archives of documents and data media). Financial institutions shall also continue to archive such information and documents on customers and their financial operations after the expiry of the statutory archiving period in cases where an investigation has been started by the competent law enforcement authorities, or a criminal prosecution has begun, for the purposes of investigation and criminal prosecution, on the basis of a written request received from the FIU pursuant to Article 19(3) of the AML Act; the scope and the additional period required must be stated in the request. Article VIIIPersons responsible for protection against legalization and terrorist financingThe person responsible for protection against legalization and terrorist financing and for ensuring the reporting of unusual business operations and ongoing contact with the financial intelligence unit (designated person) is in the company Fincity j.s.a. and Pagosa Oil International kft, e-mail: [email protected] and [email protected] Article IXPowers and responsibilities of the company’s bodies and employees in protection against legalization and terrorist financingManagers, the managing director, the employee responsible for the performance of the compliance function (designated person) and all employees of the company are obliged to prevent the legalization and financing of terrorism in their activities.Managers, the managing director, the employee responsible for performing the compliance function (designated person) and all employees of the company are obliged to provide the financial intelligence unit, upon request, with all necessary cooperation, assistance, information and written documents. The Company shall draw up and update a Program of its own activities aimed at antimoney laundering and terrorist financing.The protection against legalization and financing of terrorism and the methodology of the procedure for the prevention and detection of legalization and financing of terrorism shall be supervised by the employee responsible for the performance of the compliance function (designated person).The employee responsible for the performance of the compliance function (designated person), in his absence, directly by the company’s executives shall ensure the practical implementation of activities, in particular the performance of routine dayto-day activitiesIn the event that the managing director, the managing director, the employee responsible for the performance of the compliance function (designated person) or another employee culpably breaches his obligations in the field of protection against legalization and terrorist financing, he shall be fully liable for such breach and shall be liable for any damage. caused by this action.Article XObligation of secrecy about the reported unusual business operationThe company maintains confidentiality about the reported unusual business operation, about the measures performed by the financial intelligence unit, as well as confidentiality pursuant to Section 18 of the Act. This obligation applies to members of the Board of Directors, members of the Supervisory Board, the Chief Executive Officer, the employee responsible for performing the compliance function (designated person), the employee responsible for performing internal control, all employees, as well as legal and natural persons acting for the Company. on the basis of another contractual relationship.The obligation under paragraph 1 of this Article shall not be extinguished by the termination of the employment relationship, similar employment relationship or other contractual relationship.Article XIResponsibility of employeesThe staff of the company shall be liable for infringements of the legislation on combating money laundering and terrorist financing.For breach of the duty of confidentiality pursuant to Section 18 of the Act, a financial intelligence unit may impose a fine on an employee in accordance with the Act.The staff member shall not be liable for damage arising from the reporting of an unusual business operation or its delay, if he has acted in good faith. In case of doubt, the employee acted in good faith when reporting or delaying an unusual business operation. The state is responsible for the damage.Article XIVA method of securing an employee who detects unusual business operationsThe report of an unusual transaction shall in no case contain particulars of the employee who discovered the reported transaction.Article XVContent and schedule of staff trainingThe company is required to provide at least once a year staff training aimed at combating money laundering and terrorist financing.Employee training includes acquainting employees with the Act and its terminology, company obligations, unusual business operations and an overview of their forms, the method of performing care in relation to the client, the method of risk assessment and management, procedures for assessing whether the prepared or executed business is unusual, procedures from the detection of an unusual business operation to its immediate reporting to the FIU, procedures for the delay of unusual business operations, data retention procedures, powers and responsibilities of individual employees in protection against legalization and terrorist financing, broken down by activities performed by individual employees, method of ensuring protection an employee who detects unusual business operations.Article XVIThe method of monitoring compliance with the Program and the obligations arising from the ActMembers of the Board of Directors, members of the Supervisory Board, the General Manager, the employee responsible for performing the compliance function (designated person), the employee responsible for performing internal control and all employees of the company are obliged to comply with the Program in their activities.The employee responsible for the performance of the compliance function (designated person) draws up and updates the Program and at the same time supervises its observance at all levels of the company’s activities.Any managing director or CEO is entitled at any time to request from the employee responsible for the performance of the compliance function (designated person) information on the status of compliance with the Program at any level of the company’s activities.Article XVIIFinal provisionsThe program is a binding internal regulation for all employees of the company, as well as for other persons who perform activities for the benefit of the company on the basis of another legal relationship.An amendment or supplement to the program may be made by the adoption of a written amendment to the program by the company’s executives. Managers can also cancel the existing program in its entirety by adopting a new program.All employees of the company are obliged to become acquainted with the provisions of the Program. On the working day following the day of publication of the Program, it is considered that each employee has been acquainted with the Program. Demonstrable notification can also be made by the signature of the employee on the preparation of the regulation, which is deposited with the employee responsible for the performance of the function of compliance (designated person).The program enters into force and effect on the day of its approval by the company’s executives.The program has 2 annexes, which form an integral part of it:A model for reporting an unusual transaction;A list of countries at risk.Annex no. 1Sample report of an unusual business operationAccording to § 17 of Act no. 297/2008 Coll. on Protection against Money Laundering and Terrorist Financing and on Amendments to Certain Acts, as amended

A / Details of the liable personBusiness name:Seat:ID:Name and surname of the designated person: Tel .:E-mail:

B / Data on an unusual business operationTrade date:Trade value:Related to NOO report:Name and surname of the person who performed the NOO: Birth number:Address:Type and number of identity document:Relation to the liable person:Date and time of start of the NOO delay: Rejection of the NOO execution:Reason for unusualness:Characteristics

C / AccountAccount number:Currency in which the account is maintained: Date of account creation: Date of account cancellation:

D / Account holder Legal entity Business name: IČO:Registered office address:Natural person entrepreneurName and surname: Business name: Client ID:Birth number: Address:Registered office address:Type and number of identity document:IndividualName and surname :Identification number:Address:Type and number of identity document:

E / Persons authorized to handle the accountName and surname :Identification number:Address:Type and number of identity card:Name and surname :Identification number:Address:Type and number of identity card:

F / Data on third parties in connection with NOOName and surname:Identification number:Address:Type and number of identity card: Relation to the liable person: