Anti-Money Laundering Policy

This Anti-Money Laundering and Counter-Terrorism Financing (“AML/CTF”) Policy is a public summary of the controls used to reduce financial-crime risk on the platform. It is intended for players and the public; it does not replace the operator’s internal procedures, regulator filings, or legal advice.

The policy operates in the legal framework of:

• The Anjouan Offshore Financial Authority (AOFA) License Conditions APR-2026, which set the baseline AML obligations for licensees.
• The anti-money-laundering law of the Comorian Union (Anjouan).
• International obligations the operator commits to follow even where local law is silent — Financial Action Task Force (FATF) Recommendations, UN sanctions, European Union restrictive measures, and the United States Treasury (OFAC) sanctions regime.

• Money Laundering — concealing the proceeds of crime by passing them through a legitimate financial system to disguise their origin.
• Predicate Offence — the underlying crime that produced the funds being laundered (drug trafficking, corruption, fraud, etc.).
• Terrorism Financing — providing or collecting funds with the intention they be used in a terrorist act.
• Politically Exposed Person (PEP) — a person entrusted with a prominent public function (head of state, senior politician, military commander, head of a state-owned enterprise), or their close family / associates. PEP status triggers additional checks.
• Beneficial Owner — the natural person who ultimately owns or controls a customer relationship.
• Customer Due Diligence (CDD) — the standard set of identity and risk checks performed on every player.
• Enhanced Due Diligence (EDD) — a deeper level of checks triggered by higher-risk indicators.
• Know Your Transaction (KYT) — automated and manual monitoring of player transactions for indicators of money laundering.
• Suspicious Activity Report (SAR) — a confidential report filed with the financial-intelligence unit when we identify suspected financial crime.

Every player passes through Customer Due Diligence at the start of the relationship and at intervals during it. CDD covers four axes:

• Identity. Government-issued photo ID and proof of address verified at first withdrawal — see our KYC Policy.
• Risk profile. Country of residence, occupation, declared income range, and behavioural signals are assessed at registration and periodically.
• Sanctions check. Player name and date-of-birth are screened against sanctions and PEP lists at registration and re-screened on list updates — see §5 below.
• Source of funds. For ordinary play we accept deposits up to the EDD threshold without specific source-of-funds documentation; above that threshold, EDD applies.

CDD is renewed at least every 24 months and out-of-cycle when a risk indicator (sudden change in deposit pattern, jurisdiction change, sanctions-list update) surfaces.

Enhanced Due Diligence is mandatory in the following circumstances:

• USD 10,000 cumulative deposits — License Conditions §4. Once a player’s lifetime deposits reach the threshold, additional deposits are paused until EDD completes.
• PEP status — confirmed PEPs and their close family / associates undergo EDD at the start of the relationship.
• High-risk jurisdiction — players in or transacting with FATF-listed high-risk jurisdictions.
• Anomalous activity — sudden deposit-pattern shifts, unusual withdrawal-to-deposit ratios, payment-method patterns inconsistent with ordinary play, or any flag from our transaction-monitoring system.
• External alerts — adverse-media findings, law-enforcement requests, or referrals from a regulator.

EDD typically requires source-of-funds documentation (payslips, bank statements, employment letter, tax return, or evidence of a one-off transaction) and a refreshed identity check. We treat the documentation with the same confidentiality protections as KYC documents.

A player who does not complete EDD within a reasonable period has further deposits and withdrawals paused; in extreme cases the Account is closed in good standing and the cash balance returned to the original payment instrument subject to applicable law.

Players are screened at registration and re-screened periodically against:

• UN Security Council Consolidated Sanctions List.
• EU Consolidated List of Persons, Groups, and Entities subject to EU sanctions.
• US Treasury OFAC Specially Designated Nationals (SDN) list.
• UK HMT Consolidated List.
• AOFA-designated lists (where issued).
• Politically-Exposed-Person (PEP) and adverse-media databases.

A confirmed sanctions match results in immediate account closure and a SAR filing to the relevant financial-intelligence unit. Funds are held pending regulator instruction; we do not return funds where doing so would itself breach the sanction.

False positives — common with names that match a listed person but are actually a different individual — are resolved through additional identity confirmation. We work to clear false positives as fast as possible without compromising the screen’s integrity.

Player transactions are monitored continuously by automated systems and reviewed by Compliance staff. The system looks for indicators that, taken together, suggest money laundering or terrorism financing. Examples of indicator categories:

• Velocity anomalies— sudden, large, or rapid changes in deposit volume relative to a player’s history.
• Withdrawal mismatch — large withdrawals shortly after large deposits with little intervening play, or withdrawals to instruments different from the deposit instrument.
• Structuring — transaction sizes deliberately structured to stay below regulatory thresholds.
• Geographic anomalies — IP, payment-instrument, or device-fingerprint geographies inconsistent with the declared country of residence.
• Account-network patterns — multiple accounts sharing identifiers (IP, device, payment instrument) consistent with bonus abuse, multi-accounting, or laundering through linked accounts.

We do not publish the specific monetary thresholds or the model parameters — doing so would compromise the controls. Players who breach a threshold are informed via a request for additional information; players who do not breach a threshold see no friction.

Records of identity verification, transaction history, source-of-funds documentation, sanctions screen results, and Compliance decisions are retained for the periods set out in our Privacy Policy §5.

• 5 years after account closure for KYC documentation.
• 7 years for transaction records.
• 7 years for the immutable audit trail (License Conditions §13). Even after primary KYC data is deleted at retention expiry, the cryptographic hash remains as evidence that the verification took place.

Access to AML records is restricted to staff with a need to know. Every access is logged in the immutable audit trail.

Where the Compliance team forms a reasonable suspicion of money laundering, terrorism financing, or another financial crime, we file a Suspicious Activity Report (SAR) with the AOFA’s Financial Intelligence Unit and any other authority required by applicable law.

Two principles govern SAR practice and players should understand them:

• Tipping-off prohibition. Once a SAR is filed or contemplated we are legally prohibited from telling the player that a report has been made or is being considered. This is to protect the integrity of any investigation. Do not interpret the absence of a comment about a particular request as an admission or denial; we cannot say either way.
• Funds protection during investigation. Where law permits, funds remain under regulator-authorised hold rather than being confiscated. We never confiscate funds outside a lawful process.

Under our Terms of Service you agree to:

• Provide accurate registration information and update it promptly when material details change (name, address, country of residence).
• Use only payment instruments you are personally authorised to use. Third- party deposits — funding from someone else’s card or bank account — are prohibited and are a financial-crime indicator.
• Respond to reasonable information requests from the Compliance team. EDD documentation, identity-confirmation queries, and clarifying questions about unusual activity are all part of cooperation.
• Not attempt to evade controls — by structuring transactions to stay below thresholds, by using multiple accounts, by obscuring location with VPNs, or by using anyone else as a front.

Failure to cooperate may result in account-action consequences ranging from a deposit pause to closure, and where indicators warrant, a SAR.

An Account may be frozen or restricted while a Compliance review is in progress. Restriction means deposits or withdrawals are paused; existing balances remain in the segregated account in the player’s name (see Player Funds Segregation).

We tell you when a restriction is imposed (subject to the tipping-off prohibition described in §8 — for SAR-related restrictions we may not be able to give a specific reason). We resolve restrictions as fast as the underlying investigation permits; complex cases may take weeks.

You may challenge a restriction through our Complaints & Disputes procedure. The procedure includes external review (alternative dispute resolution and the regulator) so a Compliance decision is never the final word.

The AML/CTF programme is governed as follows:

• Money Laundering Reporting Officer (MLRO). Our MLRO is MLRO TBC, contactable confidentially at aml@huli.bet. The MLRO is independent of revenue functions and reports to the operator’s board.
• Compliance Officer. CO TBC, with oversight of the broader compliance programme and reachable at compliance@huli.bet.
• AML Committee. Senior leadership reviews the AML programme — controls, indicator-tuning, training calendar, and incident history — at least quarterly.
• Staff training. Every staff member with player-facing or financial responsibilities completes AML/CTF training at induction and at least annually thereafter. Training records are kept for the same retention period as transaction records.
• Independent audit. The AML programme is audited by an independent third party at least once every two years; the audit report is filed with the AOFA.

For AML or compliance questions, contact compliance@huli.bet (Compliance Officer) or aml@huli.bet (MLRO direct).

This policy mirrors Anjouan Offshore Financial Authority (AOFA) License Conditions APR-2026 and FATF recommendations. It is drafted in good faith but is subject to final review by qualified counsel before relied upon for any specific legal purpose.