Effective Date: 25 February 2026 This AML/CTF Policy describes the general anti-money laundering and counter-terrorist financing (AML/CTF) principles that SIA Anastrade2025 (“we”, “us”, “our”) may apply in connection with the ArcadeDock website and related transaction flows. This is a public-facing policy statement. It is intended to summarize our general approach and does not disclose internal controls in detail or create an obligation to provide any specific transaction functionality. 1. Commitment and Risk-Based Approach We are committed to maintaining a risk-based approach to reducing the risk of fraud, money laundering, terrorist financing, sanctions violations, and other illicit or abusive activity in connection with the Site. Our approach may include proportionate controls based on the nature of the product, transaction context, user behavior, technical signals, and applicable legal requirements. 2. Scope of This Policy This policy applies to our public-facing digital goods activities on the Site (including listings for game activation keys) and to payment-related risk controls when transaction functionality is available on the Site. Availability of specific payment methods or transaction functionality may vary and is subject to on-site notices and operational readiness. Nothing in this policy guarantees that any transaction, payment method, or user request will be accepted or processed. 3. Prohibited Activities We prohibit use of the Site for unlawful, fraudulent, or abusive purposes, including but not limited to: - use of stolen funds, stolen payment instruments, or unauthorized wallets/accounts; - impersonation, false identity information, or deceptive conduct; - transactions involving sanctioned persons, entities, regions, or prohibited counterparties, where applicable; - attempts to obscure source of funds in a suspicious or unlawful manner; - use of the Site to facilitate fraud, chargeback abuse, platform abuse, or other illegal activity; - circumvention of our controls, risk reviews, or access restrictions. We reserve the right to refuse service, block access, cancel or suspend transactions, or request additional information where prohibited activity is suspected. 4. Risk-Based Controls Overview We may maintain and apply risk-based controls, including, where appropriate: a) Screening and sanctions controls - checks against sanctions lists and restricted party information; - risk indicators related to higher-risk jurisdictions or prohibited use cases; - additional review where sanctions or compliance concerns arise. b) Transaction and behavior monitoring - review of transaction patterns, frequency, velocity, and anomalies; - detection of suspicious technical or behavioral signals (including repeated failed attempts or abuse patterns); - case-by-case manual review where automated or rule-based signals indicate elevated risk. c) Operational safeguards - temporary holds, review queues, or delayed fulfillment/reveal; - refusal or cancellation of a transaction before completion; - accountless checkout restrictions or communication verification (for example, email-based verification), where applicable. We may adjust, add, or remove controls over time based on risk, provider requirements, operational needs, and legal obligations. 5. Customer Due Diligence (CDD) / KYC Triggers We may require additional information or verification in certain cases, including where we reasonably determine that it is necessary for risk management, fraud prevention, sanctions screening, legal compliance, or dispute resolution. Such requests may include, where appropriate and lawful: - identity verification information; - proof of control of a payment method or wallet, where relevant; - information reasonably necessary to review suspicious activity or resolve a transaction issue. If requested information is not provided, or cannot be reasonably verified, we may decline, cancel, delay, or restrict a transaction or access to certain Site functions. 6. Recordkeeping We may retain records relating to transactions, communications, risk reviews, and compliance-related actions for periods reasonably necessary for operational, legal, audit, fraud prevention, and dispute-resolution purposes, subject to applicable law. Recordkeeping periods may vary depending on the nature of the data and applicable legal requirements. 7. Suspicious Activity Handling and Reporting Where we identify activity that appears suspicious, unlawful, or inconsistent with our controls, we may: - conduct additional review; - pause or decline a transaction; - request additional information; - preserve relevant records; - make reports or disclosures to competent authorities where required or permitted by applicable law. We do not disclose all monitoring criteria or investigation methods. 8. Program Governance Responsibility for AML/CTF oversight is assigned internally to an appropriate responsible person or function. Responsible officer / function (placeholder): SIA Anastrade2025 Compliance Contact support@arcadedock.store We may periodically review and update our controls and this policy to reflect changes in risks, operations, provider relationships, and legal requirements. 9. Relationship to Other Policies This AML/CTF Policy should be read together with our Terms of Service and Privacy Notice. If there is any conflict, applicable law and the specific terms governing the relevant issue will control. 10. Changes to This Policy We may update this AML/CTF Policy from time to time. The updated version will be posted on the Site with a revised Effective Date. 11. Contact SIA Anastrade2025 Reg. No. 40203707175 • VAT No. LV40203707175 Stacijas iela 93–9, Ludza, Ludzas nov., LV-5701, Latvia support@arcadedock.store