# Compliance Policy **Last Updated:** February 27, 2024 *** ### **Purpose of the Program** Quantum Swap’s Compliance Policy defines the operational systems and procedures that ensure the platform functions in accordance with international legal and regulatory standards, particularly in the cryptocurrency sector, while safeguarding user privacy. This policy embodies Quantum Swap’s ethical business philosophy, integrating regulatory principles into its operations to ensure: * Robust compliance with legal requirements * Protection of user data and privacy * Agility in responding to evolving blockchain regulations Compliance is embedded in Quantum Swap’s DNA, demonstrating our commitment to operational rigor, ethical practices, and proactive leadership in privacy and compliance. *** ### **Our Role and Purpose** Quantum Swap provides compliant, private cryptocurrency transaction services for individuals, businesses, and dApps. The platform: * Protects sensitive financial information * Shields users from the transparency risks of public blockchains * Combines technological innovation with legal and ethical compliance Our mission is to ensure secure, private transactions while meeting the highest regulatory and ethical standards. *** ### **Quantum Swap Platform** * **Non-Custodial:** Quantum Swap never holds user assets; all transactions occur independently. * **Aggregation Engine:** Integrated with compliant, non-custodial exchanges and advanced privacy protocols. * **Innovation & Compliance:** Ensures privacy while adhering to cryptocurrency regulations, making Quantum Swap a trusted facilitator of secure transactions. *** ### **Compliance Team & Roles** **1. Compliance Officer:** * Develops, implements, and oversees the Compliance Policy * Ensures regulatory adherence and mitigates compliance risks * Oversees exchange partner audits and internal compliance processes * Coordinates with external auditors and advisors **2. Process Owner:** * Conducts quarterly exchange partner audits * Manages resolution of high-risk transactions and law enforcement requests * Ensures team compliance training and internal audit adherence * Implements corrective and preventive measures **3. IT Service Owner:** * Coordinates technical compliance with the Compliance Officer * Ensures Quantum Swap’s technology stack meets regulatory standards **4. Compliance Advisors:** * External specialists in Web3 law, AML/ATF, cryptography, and transaction screening * Participate in quarterly Compliance Policy reviews * Advise on regulatory compliance, best practices, and improvement opportunities *** ### **Exchange Partners** #### **Exchange Curation** * Only partners with rigorous, compliant processes are selected * Comprehensive risk and compliance assessment ensures AML/ATF credibility * Assessment areas include: * User agreements and data policies * AML procedures and effectiveness * Law enforcement request protocols * Transaction auditing and issue resolution * Public reputation and online compliance audits #### **Periodic Reviews** * Conducted at least quarterly * Key review components: * Terms and conditions updates * AML effectiveness assessments * External online audits * Issue resolution evaluation * Continuous improvement monitoring *** ### **Anti-Money Laundering & Anti-Terrorist Financing (AML/ATF)** * AML/ATF responsibility rests with exchange partners * Partners employ real-time, risk-based transaction monitoring * Transactions from sanctioned entities or jurisdictions (OFAC-listed) are blocked * Partners maintain transaction records for regulatory and law enforcement purposes *** ### **Data Processes** **Data Retention Policy:** * Transaction data retained for 72 hours before auto-deletion * Exchange partners maintain their own records independently * Exceptions only for law enforcement, partner requests, or ongoing customer support **Information Sharing:** * Legal and compliant sharing with law enforcement * Only valid requests are honored to protect user privacy **Data Collection & Storage:** * Data is encrypted and securely stored in accordance with data protection laws **Data Security:** * Encryption and access controls safeguard data integrity * Practices are continually updated to address evolving cyber risks **Transparency & User Rights:** * Users can access, correct, or delete data per our privacy policy **Compliance Audits:** * Internal and external audits ensure adherence to best practices and legal standards *** ### **Compliance Processes** * Structured assessments and periodic reviews of exchange partners * Comprehensive transaction issue resolution mechanisms * Ensures adaptability to evolving cryptocurrency regulations * Maintains alignment with AML/ATF and privacy standards at all times