Last updated on September 15, 2025

Anti-Money Laundering and Counter-Terrorist Financing Notice

This Anti-Money Laundering and Counter-Terrorist Financing Notice (hereinafter - "Policy") sets out the principles, procedures, and measures adopted by GTT Technologies Limited, a private company limited by shares incorporated under the laws of the British Virgin Islands with its registered office at Intershore Chambers, Road Town, Tortola, British Virgin Islands, registered under number: 2180362 (hereinafter - “GTT”, “Company”, “we”, “our” or “us”) to prevent and detect money laundering, terrorist financing, and other forms of financial crime in accordance with applicable legal and regulatory requirements.

The primary objective of this Policy is to ensure that the platform operated by the Company and available at https://gtt.trade (hereinafter - “Platform”) is not misused for the purposes of concealing the origin of illicit funds or for financing terrorism. The Policy also aims to mitigate legal, financial, and reputational risks that may arise.

This Policy applies to all individuals who access or use the Platform (hereinafter - “User”, “you”, “your”).

Although the Company is not a “regulated person” under the Anti-Money Laundering Regulations, 2008 of the British Virgin Islands and is not subject to mandatory registration or licensing as a financial institution, this AML/CTF Policy has been voluntarily adopted. This Policy is implemented as a precautionary, risk-based, and good-faith measure to:

mitigate the risk of the Platform being misused for money laundering, terrorist financing, or other financial crime;
align with applicable FATF Recommendations and regulatory expectations for non-financial businesses operating in high-risk sectors (e.g., virtual assets, skill-based competitions involving monetary rewards);
strengthen internal controls and enhance trust among Users, service providers, and financial institutions;
demonstrate the Company’s commitment to responsible conduct and regulatory readiness.

This Policy applies to all Users of the Platform, and to the process of withdrawal of funds.

If you do not understand certain definitions, you can familiarize yourself with them in the relevant documents available on the Platform, such as the Privacy Policy and Terms of Use Agreement.

1. Definitions

For the purposes of this Policy, the following terms shall have the meanings assigned below:

"Money laundering" - the process by which the proceeds of crime are disguised to appear as though they originate from legitimate sources. It typically involves three stages: placement (introduction of illicit funds into the financial system); layering (complex transactions to obscure the source and ownership); integration (re-entry of laundered funds into the economy as seemingly legitimate assets).

"Terrorist financing" - the act of providing, collecting, or using funds, directly or indirectly, with the intention or knowledge that they will be used to support terrorist acts or organisations.

"Beneficial owner" - the natural person(s) who ultimately owns or controls a customer and/or the person on whose behalf a transaction is conducted. In the case of a legal person, this includes any individual: holding more than 25% of the shares or voting rights; or otherwise exercising control over the management of the legal entity.

"Politically Exposed Person" (hereinafter - “PEP”) - an individual who is or has been entrusted with a prominent public function, including heads of state, members of parliament, senior government officials, judges, or military officers, as well as their immediate family members and close associates. PEPs are subject to enhanced due diligence due to the increased risk of corruption.

"Suspicious Activity" - any conduct, transaction, or pattern of behaviour that raises concerns that funds may be linked to criminal activity, used to disguise criminal property, or intended to finance terrorism.

"Customer Due Diligence" (hereinafter - “CDD”) - the process of identifying a customer and verifying their identity using documents, data, or information obtained from a reliable and independent source. CDD includes understanding the nature of the business relationship and assessing the risks associated with it.

"Enhanced Due Diligence" (hereinafter - “EDD”) - additional measures undertaken where a higher risk of money laundering or terrorist financing has been identified, including for PEPs, non-face-to-face transactions, or users from high-risk jurisdictions.

"Risk-Based Approach" (hereinafter - “RBA”) - a methodology where the level and type of anti-money laundering controls are proportionate to the assessed risk posed by a client, transaction, product, or geography.

"User" - any natural who registers for or accesses the Company’s Platform, whether or not participating in a tournament.

2. Business risk assessment

The Company conducts a comprehensive business risk assessment in accordance with the risk-based approach. This assessment is reviewed and updated regularly to reflect changes in operations, user profiles, technologies, and applicable regulations.

The Company identifies and assesses the following categories of risk relevant to its business model:

Jurisdictional risk	Users from high-risk third countries, as defined by the FATF and recognised by the BVI Financial Services Commission or international sanctioning authorities, may pose increased exposure to money laundering and terrorist financing. Special consideration is given to Users accessing the Platform from sanctioned or non-cooperative jurisdictions.
Product and service risk	As a Platform involving virtual competition and the use of cryptoassets or fiat funds contributed by Users, the Company acknowledges inherent risks associated with the movement of cryptoassets and fiat funds, which may be used to obscure the origin of funds; the irreversible nature of crypto transactions; the possibility of misuse of prize distribution or in-game purchases for layering purposes.
Customer risk	Risk levels may vary depending on the user profile, such as: Users engaging with high frequency or depositing funds in large volumes; Users attempting to circumvent KYC/AML checks; PEPs.
Delivery channel risk:	As the Platform operates in a non-face-to-face environment, enhanced controls are applied to fraud risks.
Anonymity risk	Although the Company implements KYC measures, the inherent pseudonymity of blockchain-based deposits may still pose risks if not subject to appropriate controls.

The Company applies a structured methodology to assess and categorise risks using the following steps:

identification of risk categories and indicators;
evaluation of the likelihood and impact of potential AML/CTF threats in each category;
assignment of risk ratings (low, medium, high) to user segments, services, and geographic exposures;
implementation of proportionate controls, including KYC tiers, thresholds for deposit and platform activity monitoring, and EDD triggers.

The business risk assessment is reviewed at least annually or whenever there is a significant change in the business model or services, a new jurisdiction or user segment is targeted, regulatory updates or guidance impact the Company’s obligations, or internal audit or external findings require remediation.

The results of the business risk assessment directly inform the Company’s AML strategy, internal procedures, and allocation of compliance resources.

3. Customer Due Diligence

CDD is required in the following circumstances:

prior to the withdrawal of funds or prize payouts from the Platform;
if there is a suspicion of money laundering or terrorist financing;
where doubts arise regarding the veracity or adequacy of previously obtained customer identification data.

As a digital platform operating in a non-face-to-face environment, the Company ensures compliance with the identity verification standards.

CDD measures include:

full legal name;
date and place of birth;
nationality;
government-issued identification document (e.g., passport or national ID card);
selfie or live liveness scan for biometric verification;
where required, information on the source of funds and/or wealth.

These measures are performed prior to any withdrawal of cryptoassets or fiat funds, including tournament prizes. Until such time, the Company only collects minimal registration data (email and username), and conducts non-intrusive behavioural risk monitoring.

Where the risk is deemed higher, including but not limited to Users residing in high-risk jurisdictions (as designated by FATF or the BVI Financial Investigation Agency), PEPs, Users flagged through adverse media screening or unusual activity patterns, the Company will conduct Enhanced Due Diligence. This may include:

verification of source of wealth;
secondary identification documents;
ongoing enhanced monitoring;
senior management approval before processing withdrawals.

The Company uses regulated third-party providers for the purposes of document validation, PEP/sanctions screening, and wallet analytics.

In accordance with BVI AML laws, all CDD information is securely retained for at least five (5) years from the date of the last user interaction that falls under AML requirements.

4. Monitoring

While full identity verification is deferred until a user requests a withdrawal of funds, the Company maintains monitoring mechanisms to detect behaviours that may indicate misuse of the Platform or potential money laundering or terrorist financing risks.

The Company reviews in-platform activity both in real time and retrospectively, focusing on:

unusual usage patterns, such as frequent entry into high-value Tournaments;
use of anonymising technologies (e.g., VPNs from high-risk jurisdictions);
suspected collusion, self-referral, or use of multiple linked accounts;
behaviour inconsistent with Platform rules or declared user profile.

Monitoring is primarily automated using rule-based alerts and risk triggers. When an alert is raised, a responsible team member conducts a manual review. Where appropriate, temporary restrictions may be applied to a user account pending clarification or KYC initiation.

All monitoring activities, including triggered alerts, manual reviews, and final decisions, are documented and retained securely for at least five (5) years following the relevant activity or account closure, whichever is later.

5. PEPs and sanctions screening

The Company applies risk-based measures to identify and manage PEPs, their family members and close associates, as well as individuals or entities subject to international sanctions.

At the point of identity verification (prior to any withdrawal), all Users are screened using reputable compliance databases (e.g., World-Check) against global PEP and sanctions lists, including those issued by the UK, EU, UN, and OFSI. This screening is repeated periodically during the business relationship.

If a User is identified as a PEP, the Company conducts Enhanced Due Diligence. EDD measures may include:

verifying the source of funds;
obtaining senior management approval prior to withdrawal;
ongoing monitoring of User activity.

Users who cease to be PEPs may continue to be treated as such for risk mitigation purposes, up to a maximum of 10 years, where justified.

If a User appears on a sanctions list, or where the Company cannot resolve a high-risk case, access to funds or Platform features may be suspended, and the case may be reported to competent authorities.

6. Suspicious Activity Reporting

Although the Company is not a regulated or reporting entity under BVI AML laws, it reserves the right to voluntarily report suspicious activity to the BVI Financial Investigation Agency (hereinafter - “FIA”) or other relevant authorities, where it reasonably believes that a User may be engaged in money laundering, terrorist financing, or other criminal activity.

Examples of suspicious activity may include:

use of the Platform in ways inconsistent with its recreational and skill-based nature;
deposits or access from sanctioned or high-risk jurisdictions;
sudden changes in behavior or unexplained funding patterns.

All reports, if submitted, will be handled with strict confidentiality, and the identity of individuals raising concerns will be protected to the extent permitted by law.

6. Suspicious Activity Reporting

Examples of suspicious activity may include:

use of the Platform in ways inconsistent with its recreational and skill-based nature;
deposits or access from sanctioned or high-risk jurisdictions;
sudden changes in behavior or unexplained funding patterns.

All reports, if submitted, will be handled with strict confidentiality, and the identity of individuals raising concerns will be protected to the extent permitted by law.

7. Data protection and confidentiality

All personal data collected for AML/KYC purposes is processed lawfully, fairly and transparently, and only to the extent necessary to meet the objectives of this Policy.

Access to such data is strictly limited to authorised personnel and service providers who are contractually bound to confidentiality and data security obligations.

Personal data is stored securely, protected by technical and organisational measures (including encryption and access control), and retained only for as long as necessary, typically five (5) years from the end of the customer relationship, unless a longer period is required by law.

Users are informed about their rights under applicable data protection laws via the Company’s Privacy Policy.

8. Amendments to this Policy

This AML/CTF Policy is subject to regular review to ensure that it remains up-to-date with changes in legal requirements, regulatory expectations, business operations, and risk exposure.

This Policy is formally reviewed at least once every 12 months, or earlier if: there are significant changes in applicable BVI AML legislation or international standards; the Company expands its services, geographic reach, or user base; internal reviews, audits, or external feedback reveal areas for improvement.

When we make material changes, we will update the “Last Updated” date at the top of this page and, where required, notify users through the Platform (e.g., by displaying a banner or sending a notice).

We encourage users to review this Policy periodically to stay informed of their rights and obligations.

User continued use of the Platform after the effective date of the updated Policy constitutes user’s acceptance of the revised terms.

9. Contact information

If you have any questions, concerns, or requests regarding this Anti-Money Laundering and Counter-Terrorist Financing Policy, you may contact us at: support@gtt.trade.