Anti-Money Laundering (AML) & Know Your Customer (KYC) Policy – amoozeshpoker.org 🔒

Last updated: 25 October 2025

This page sets out the Anti-Money Laundering (AML)r Customer (KYC) framework for
amoozeshpoker.org. Although AmoozeshPoker is an
educational platform about poker theory and strategy and does not operate as an
online casino or betting site, we recognize that limited financial interactions may occur
(for example, paid educational services, affiliates, donations, or partnerships).

This policy is designed to protect users and partners, deter illicit finance, and align
any financial-related operations associated with amoozeshpoker.org with internationally
recognized standards. It is written to satisfy strong EEAT Expertise, Authoritativeness, Trustworthiness) and
YMYL (Your Money or Your Life) expectations by providing clear
definitions, robust controls, and verifiable procedures. ✅

📌 Scope, Purpose, and Applicability

This policy applies to all current and future products, pages, communications, and
payment-related processes of amoozeshpoker.org, including (where applicable):

• Account creation for educational content and community features,
• Payments for courses, coaching, or premium educational materials (if offered),
• Refunds or withdrawals related to lawful educational services,
• Affiliate, instructor, or partner payouts managed through regulated channels,
• Promotional credits, vouchers, or coupons that may have monetary value,
• Dispute resolution processes involving financial aspects.

This policy applies to all personnel, contractors, payment partners, and service providers
who support such services connected to AmoozeshPoker.

Important: amoozeshpoker.org does not provide gambling, betting, or real-money poker gamesces to transactions in this document relate solely to lawful educational and
content-related services.

🧭 Regulatory Alignment & Best-Practice References

AmoozeshPoker seeks to align its AML/CFT (Anti-Money Laundering / Countering the Financing of Terrorism)
controls with the following standards, to the extent applicable:

• FATF Recommendations: risk-based AML/CFT approach, CDD/EDD, ongoing monitoring, reporting, and record retention.
• Directive (EU) 2015/849 and Directive (EU) 2018/843 (AMLD4/AMLD5)
  for obliged entities operating within or connected to the EU.
• Regulation (EU) 2015/847 on information accompanying transfers of funds, where relevant.
• Applicable national AML/CFT laws, sanctions regimes, and supervisory guidance based on
  the jurisdictions of our users, payment processors, and partners.
• Data protection principles consistent with GDPR and equivalent privacy laws:
  lawfulness, fairness, transparency, data minimization, purpose limitation, and security.

🧾 Definitions

• Money Laundering (ML): Converting, transferring, concealing, or disguising the origin of
  property known or suspected to be derived from criminal activity, or assisting persons involved in such activity
  to evade legal consequences.
• Customer Due Diligence (CDD / KYC): Identifying and verifying users, understanding the purpose of
  the relationship, and applying appropriate monitoring over time.
• Enhanced Due Diligence (EDD): Additional checks for high-risk users, jurisdictions, products,
  or behaviors beyond standard CDD.
• Source of Funds (SoF) / Source of Wealth (SoW): Evidence explaining the origin and legitimacy
  of funds and overall wealth (e.g. salary, business income, investments).
• Suspicious Transaction / Activity Report (STR / SAR): A formal report submitted to a
  Financial Intelligence Unit (FIU) when ML/TF or other financial crime is suspected,
  in accordance with applicable law.

🏛️ Governance & Accountability

• Senior Management at AmoozeshPoker sets the tone from the top, approves this policy,
  provides resources, and oversees remediation of identified issues.
• An appointed AML Compliance Officer (AMLCO) (or equivalent function, including via regulated payment partners) is responsible for:
  designing controls, overseeing monitoring, investigating alerts, escalating cases, and liaising with authorities.
• First Line of Defence (Operations & Support) implements CDD/EDD processes,
  enforces payment-related rules, and flags anomalies or red flags.
• Internal Audit / Independent Review performs periodic reviews of AML/KYC controls,
  tests their effectiveness, and recommends enhancements.

🛠️ Policy Maintenance & Change Control

Material updates to this AML/KYC Policy are subject to a documented risk impact assessment
and review by the AMLCO and Senior Management. Approved changes are:

• Documented with version history,
• Communicated internally to relevant staff,
• Reflected on this page, with the “Last updated” date adjusted accordingly.

Previous versions are archived and retained for audit and regulatory review.

🧩 Risk-Based Approach (RBA) & EWRA

AmoozeshPoker applies a risk-based approacheast annually, an
Enterprise-Wide Risk Assessment (EWRA) is conducted (directly or via regulated partners)
to assess:

• Risk across educational products and any monetization models,
• Delivery channels (web, mobile, third-party platforms),
• User profiles (students, coaches, affiliates, corporate partners),
• Geographic and sanctions exposure,
• Transaction volumes and patterns for paid services or payouts,
• Emerging typologies (fraud abuse, account takeover, misuse of educational platform for ML layering).

EWRA outcomes determine:

• Risk ratings for products, geographies, and user segments,
• Thresholds for additional checks,
• EDD triggers and escalation rules,
• Frequency of ongoing monitoring and reviews.

🪪 Tiered Customer Verification (KYC)

If and when AmoozeshPoker operates accounts with financial functionality (e.g. paid courses, instructor payouts),
a tiered KYC structure shall be applied. Certain activities may be restricted until the
required tier is completed.

Tier 1 – Basic Profile (required before any withdrawal)

• Full name, date of birth, gender, nationality;
• Country of usual residence and full address;
• Automated database and sanctions checks (where legally permitted);
• If checks are unavailable or inconsistent, proof of address may be required.

Tier 2 – Advanced ID Verification

Typically triggered when cumulative deposits or withdrawals reach 2,000 (USD/EUR or equivalent),
or lower depending on the applicable jurisdiction.

• Valid government-issued ID photographed next to a random 6-digit code written by the user,
• A live selfie / liveness check to match the ID,
• If e-verification fails: a recent proof of address (utility bill, bank statement, or official letter
  issued within the last 3 months) showing full name and address, with all four corners visible.

Tier 3 – Source of Funds / Source of Wealth (SoF/SoW)

Triggered when cumulative deposits/withdrawals reach 5,000valent),
or when peer-to-peer transfers or payouts reach 3,000.

Acceptable SoF/SoW evidence includes (non-exhaustive):

• Employment income: payslips, HR letters, tax statements;
• Business ownership: audited financials, company registry records, tax filings;
• Investments: broker statements, portfolio reports, proof of asset sales;
• Inheritance/gifts: probate documents, notarized deeds, bank confirmations.

🌍 Geographic Risk Categorization

• Low Risk: Users in countries with robust AML/CFT frameworks and low corruption risk.
  Standard thresholds and monitoring apply.
• Medium Risk: Users in jurisdictions with elevated ML/TF risk or regulatory gaps.
  Lower transaction thresholds may apply (e.g. 1,000 for Tier 2; 2,500 for Tier 3).
• High Risk: Users in sanctioned or high-risk jurisdictions. Access to services may be
  restricted or prohibited. Country lists are reviewed against sanctions advisories and
  regulatory guidance.

💳 Payment Method Controls

• Where payments are processed directly, the same method used for deposit should be used for
  withdrawals up to the original amount, minimizing ML layering risk.
• Third-party cards or accounts are not allowed. The name on the payment instrument must
  match the verified user name.
• Structuring deposits or withdrawals to avoid thresholds (e.g. multiple smaller payments) triggers EDD and may
  lead to restrictions or account closure.
• If AmoozeshPoker relies on third-party platforms (e.g. app stores, payment gateways),
  those platforms’ own AML/KYC frameworks also apply.

🔎 Ongoing Monitoring & Three Lines of Control

First Line – Operations & Payment Partners

AmoozeshPoker works only with reputable Payment Service Providers (PSPs) that operate effective
AML/KYC controls at onboarding and at transaction time. Operational teams monitor basic red flags and escalate
concerns to compliance.

Second Line – AML Compliance & Monitoring

Monitoring may involve rules-based and automated tools focusing on:

• Unusual deposit-withdrawal patterns (e.g. rapid in/out without genuine service usage),
• Activity inconsistent with a user’s profile or typical educational usage,
• Multiple accounts suspected to be linked to the same individual,
• Indicators of account takeover (ATO),
• Transactions to/from high-risk locations or entities.

Third Line – Manual Review & STR/SAR

High-risk or suspicious cases are subject to manual investigation, which may result in:

• Temporary suspension of services or withdrawals,
• Request for additional documentation (EDD),
• Filing of STR/SAR with competent authorities where required by law.

📈 Control Thresholds at a Glance

🧩 Acceptable SoF/SoW Examples

• Employment income: recent payslips, HR letters, employment contracts, tax declarations.
• Business income: audited financial statements, tax filings, company registry extracts.
• Investments: broker statements, portfolio summaries, proof of asset liquidation.
• Inheritance or gifts: probate documents, notarized gift deeds, bank confirmations.

🚨 Detection, Escalation, and STR/SAR

• Staff must promptly escalate unusual or suspicious activity to the AML team via secure channels.
• The AML team evaluates alerts, documents the rationale for its decisions, and files STR/SAR
  with the relevant FIU when legally required.
• “Tipping-off” is prohibited: Users are not informed about STR/SAR filings where such disclosure
  is restricted by law.

🧰 Procedures & Playbooks

Internal procedures and playbooks translate this policy into operational steps, including:

• Onboarding and minimum CDD standards,
• Sanctions and watchlist screening routines,
• EDD triggers and handling workflows,
• Case management, documentation, and evidence gathering,
• Rules for restricting, freezing, or closing accounts,
• Standard communication templates for interacting with users.

Where withdrawals are supported, initial withdrawals may require meaningful use of services
(e.g. at least 70% of deposited funds related to actual activity) to deter circular flows
and pass-through transactions.

🧾 Record-Keeping

• KYC and CDD/EDD data are retained for at least 10 years following the end of the business relationship,
  unless a longer period is mandated by local law.
• Transaction records are retained for at least 10 years after execution or termination.
• Records are stored securely, with encryption at rest and in transit, layered access controls,
  backups, and integrity checks.

🧑‍🏫 Training & Awareness

• Staff whose roles touch financial or user verification processes receive mandatory AML training
  at onboarding.
• Periodic refresher training is provided for finance, risk, operations, and customer support teams.
• Training includes case-based scenarios on typologies such as smurfing, mule accounts, synthetic identities,
  and misuse of educational platforms for ML purposes.
• Effectiveness is monitored via KPIs, quality assurance checks, and audit findings.

🧪 Internal Audit & Continuous Improvement

Internal Audit or an independent reviewer periodically assesses:

• Design and operation of AML/KYC controls,
• Data quality, completeness, and consistency,
• Timeliness and quality of case handling and escalations,
• Root causes of recurring issues and remediation effectiveness.

Metrics such as false-positive rates, case turnaround time, and enforcement outcomes
are used to refine rules and strengthen the AML framework.

🧱 Data Protection & Privacy 🔐

• AmoozeshPoker collects only the minimum personal data necessary to comply with AML/KYC
  obligations and to deliver its services.
• Personal data are not sold. Data may be shared only when required by law, for cooperation with
  competent authorities, or to prevent/detect financial crime.
• We respect applicable privacy rights (e.g. under GDPR), including the rights to
  access, rectification, restriction, objection, and portability, where applicable.
• Appropriate technical and organisational measures are employed to protect data against unauthorized access,
  alteration, or loss.

🚫 Zero-Tolerance for Violations

• Accounts linked to forged documents, stolen payment instruments, account takeover, or unjustified flows
  may be restricted, frozen, or terminated.
• Confirmed money laundering, terrorist financing, or serious fraud is reported to competent authorities
  without prior notice, as permitted or required by law.
• Attempts to bypass AML/KYC controls may result in permanent blocking of access to services and notification
  to relevant partners.

📫 Contact

If you have questions about this AML/KYC Policy, wish to exercise your privacy rights,
or need to report suspicious activity related to services associated with
amoozeshpoker.org, please contact us:

• Website: https://amoozeshpoker.org
• Support Email: [email protected]
• General / Info: [email protected]
• Phone (office hours): +98 21 9130 7788

⚠️ Compliance Notice

Use of amoozeshpoker.orgor future financial-related services connected to it
constitutes acceptance of this AML/KYC Policy.
Failure to provide requested documentation or to pass verification checks may result in
delayed withdrawals, rejected transactions, restricted access, or account closure,
in line with applicable laws and our risk appetite.

We reserve the right to update this document periodically to reflect evolving regulations,
supervisory expectations, technological developments, and best practices.