AML Policy

1- Introduction

SIA Positive IA undertakes to carry out its activities in full respect of the spirit and letter of the applicable laws, rules and regulations and in accordance with the most developed ethical standards. We reaffirm our commitment to protecting our business and our employees from being used by criminals to “launder” the proceeds of crime. We strive to conduct our business with transparency and integrity and to ensure that all transactions comply with all applicable anti-money laundering laws and regulations and to take all reasonable steps to prevent and detect money laundering. Money laundering is a serious crime, often linked to acts of violence such as terrorism and drug trafficking, as well as other illicit activities such as corruption. Therefore, SIA Positive IA adopts a zero-tolerance position with regard to money laundering, as well as bribery or corruption of any kind. This policy is applicable to all operations of SIA Positive IA worldwide and therefore applies to all employees, officers, agents, board members and directors of SIA Positive IA. Everyone must read this Policy and, if necessary, follow the necessary training and periodically certify that they have not engaged in, and will not engage in the future, non-compliant behavior. This policy also applies to Third Parties who do business with SIA Positive IA.

SIA Positive IA prioritizes anti-money laundering in all of its work, and we ask that each of you join this important effort.

2- Objective of this Policy

The objective of this global anti-money laundering policy is to ensure that SIA Positive IA and its employees comply with all applicable anti-money laundering and anti-money laundering laws. terrorism, including the EU Directive on preventing the use of the financial system for the purposes of money laundering or terrorist financing of 2015, as amended by Directive (EU) 2018/843 of the European Parliament and of the Council of May 30, 2018 (“AMLD V”), and similar anti-money laundering and anti-terrorism financing laws in force in the country where Positive IA operates (collectively, the “Anti-Money Laundering Laws”)). Additionally, this policy also aims to ensure that all activities conducted with third parties comply with Anti-Money Laundering Laws. Positive IA has adopted a zero-tolerance standard for conduct violating any Anti-Money Laundering Law. As such, Positive IA seeks to only do business with Third Parties who carry out legitimate activities, share this standard and are committed to respecting these standards. This Policy establishes guidelines and mechanisms designed to ensure that all Positive IA personnel are well informed and trained to be able to detect, mitigate, prevent and report acts and/or transactions that may potentially involve resources. obtained illegally, in order to promote compliance with applicable Anti-Money Laundering Laws and to avoid possible damage to the integrity, stability and reputation of Positive IA. This Policy should be read in conjunction with the Positive IA Code of Ethics and Business Conduct, the Global Anti-Corruption Policy, as well as any other policy(ies), guidelines and procedures and all relevant and applicable controls to which Positive IA Personnel are subject. This Policy will prevail over any local or regional policy, procedure or practice inconsistent with the terms hereof. However, where local laws, procedures or practices are more restrictive than this policy, the more restrictive local requirements will govern. This Policy applies to all Personnel of Positive IA, regardless of where they reside or carry out activities, and to relationships with Third Parties over which Positive IA has control, including entities where a minority position is held and joint ventures, as well as all agents, consultants and other independent representatives when acting on behalf of Positive IA. All Positive IA personnel are required to comply with this Policy, participate in relevant training and communicate the principles established by this Policy to their colleagues, their direct superiors and Third Parties. In addition, Positive IA Personnel, exposed to money laundering situations, are required to periodically provide a certificate of training in the fight against money laundering, as required by the Compliance Department. Before entering into a professional relationship with Positive IA, all Third Parties are required to sign the Positive IA Third Party Compliance Declaration.

3- Roles and responsibilities

The Director of Positive IA has been designated as responsible for anti-money laundering compliance and will oversee overall compliance with this Policy and applicable Anti-Money Laundering Laws.

The Anti-Money Laundering Compliance Officer is required to:


• supervise the implementation of this Policy;
• With the local legal department, monitor any changes to applicable laws and any widespread techniques or cases related to Anti-Money Laundering Laws to ensure that the Policy remains effective and up-to-date;
• ensure overall compliance with the information retention policy;
• ensure that the training of Positive IA Staff complies with this Policy; • ensure that the local legal department and their corresponding regional compliance officer prepare a summary annual report relating to local compliance with this Policy; • provide the Positive IA audit committee with a summary report on overall compliance with this Policy at least once a year;
• ensure that compliance with this Policy is assessed and verified at least every two years.

4- The mechanisms of money laundering

Money laundering is the process of concealing the nature and source of money or other assets linked to criminal activity, such as drug trafficking, terrorism, corruption or bribery., integrating illicit money or goods into the flow of commerce so that it appears legitimate or their true source or owner cannot be identified. Those involved in criminal activity attempt to hide the proceeds of their crimes or make them appear legitimate by “laundering” them through legitimate businesses. Similarly, terrorism can be financed with legitimate funds, sometimes called “black money” because a legitimate business is used to finance criminal activity. The money laundering process generally occurs in three stages, in separate or distinct phases, which may include numerous transactions. Any of these transactions or steps could involve Positive IA or its employees:

A. PLACEMENT: The first step is the placement of funds into the economy. It is a means by which material products from illegal activities are physically released into the market. This is generally done through the purchase of goods, through deposits in financial institutions, through the creation of “ghost” companies, etc.

B. LAYERING: The second step is to separate illicit proceeds from their sources by creating complex layers of financial transactions designed to conceal the audit trail and ensure anonymity. This stage will generally depend on the steps or activities carried out during the placement stage. For example, after making a deposit into a bank account during the placement stage, a money launderer could make multiple transfers and transactions to move the deposited funds in order to conceal the initial deposit. Placement and layering are usually done through a third party.

C. REINTEGRATION: The third step involves attempting to make the proceeds of illegal activities completely legitimate. If the layering process was successful, the integration systems put the laundered proceeds back into the economy so that they appear to be legitimate funds to the financial system. For example, proceeds of crime could be used to purchase a third-party company, which carefully follows regulations, and the company's profits are then transferred to the criminal enterprise in a way that appears legitimate.

5- Legal and regulatory framework

SIA Positive IA operates in Europe and is therefore subject to anti-money laundering laws in several jurisdictions. Violations of these laws could have serious consequences for Positive IA, including costly investigations, damages and reputational damage. They could also result in significant economic sanctions and potential prison sentences for some individuals. Therefore, compliance with Anti-Money Laundering Laws is mandatory and a high priority for Positive IA. Positive IA L Personnel must endeavor to understand what laws or regulations govern their conduct and to comply with these laws and regulations. If a local regulation interferes with the implementation of any obligation under this Policy, Positive IA L Personnel must notify the Compliance Director and the local legal department. Additionally, where local law is more restrictive than this Policy, the more restrictive local law will govern.

The EU Directive on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (“AMLD IV”) of 2015, as amended by Directive (EU) 2018/843 of the European Parliament and of the Council of May 30, 2018 (“AMLD V”), establishes guidelines for the fight against money laundering, suspicious activity reports, reports 9 of specific operations, legal verifications of clients, identification of the ultimate beneficiary of the company, the recording of certain information and other related obligations. The adoption of this legislation by the European Union aims to bring greater transparency to the financial system in the region as well as to the countries that are part of it. It is necessary for Positive IA employees to comply with the requirements of AMLD V. It is important to note that the consequences of non-compliance can amount to 5 million euros in fines or 10%. of the company's annual profit, in certain cases.

6- The “knowledge” principle in money laundering

In general, many anti-money laundering laws criminalize the act of knowingly conducting a transaction with the proceeds of crime. In some countries, the government can prove "knowledge" by showing that the defendant displayed "willful blindness." Willful blindness is a deliberate failure to reasonably investigate wrongdoing despite suspicion or awareness of the high probability of its existence. This could mean that even if an employee of Positive IA does not have direct knowledge of the illegal nature of the proceeds of a transaction, Positive IA may still be liable for money laundering offenses if the circumstances have raised sufficient suspicions of money laundering activities, but that no measures were taken by Positive IA to follow up on these suspicions.

The following is a non-exhaustive list of examples of activities that could fall within the definition of money laundering or that could constitute evidence of money laundering under the Anti-Money Laundering Laws:

-engage in a transaction knowing that the transaction facilitates criminal activities or knowing that the funds used come from the proceeds of criminal activity;
-masking the source of funds obtained criminally through onward transfers to conceal the origin of the funds;
-facilitating a transaction while willfully or recklessly ignoring the source of an investor's assets or the nature of the investor's transactions or business operations.

7- Due Diligence

The Compliance Department carries out due diligence checks (“Due Diligence” or “Checks”) regarding third parties with whom SIA Positive IA does business based on the risk assessment mentioned below. Verifications must be carried out on a risk basis taking into account point 12 below.

Depending on the risk, the following measures will also be taken:

(i) Verify the identity of the third party. For individuals, this may include requesting a copy of passport or other identification document showing name, date of birth, tax identification number and valid public administrative identification, in accordance with local laws, and requesting the valid address. For a legal entity, this may include requesting formation documents or certificates of regularity from a competent government body, as well as data from their legal representatives, owners 10 or board members;
(ii) Collect their signed Declaration of Conformity from a Third Party;
(iii) Identify Third Party Ultimate Beneficiaries and verify them against official documentation;
(iv) Confirm the legal status of a third party by verifying official and/or authenticated documents (such as copies of business licenses, tax registrations, statutes, bank references, credit agency reports or any other equivalent deemed reasonable);
(v) Collect, in the case of a third party, such as a corporation, partnership, trust, etc., its place of operation and the identity and nationality of its shareholders, directors and officers, as well as its regulations, statutes or equivalent in each country where the third party operates;
(vi) Obtain any other information relating to a third party to be collected in the course of ordinary business practices, such as financial statements, credit bureau reports, banking references and bank account information, structure of ownership and control;
(vii) Monitor the third party against the AML and relevant sanctions lists.
(viii) Notify the third party in writing of this Policy and its obligation to comply with all applicable Anti-Money Laundering Laws. Once the due diligence information is collected, the compliance officer determines whether the transaction or business relationship should continue based on the information provided.

Records of due diligence determinations and associated documentation must be updated, based on risk, where applicable, every two (2) years or whenever Positive IA Staff detects a red flag.

8- Detect alarm signals

SIA Positive IA Personnel must be alert to suspicious behavior or “red flags” when conducting activities with third parties, carrying out verifications on these third parties and/or monitoring their persistence in their engagement. Appendix II contains a non-exhaustive list of 11 red flags which, if observed, should be reported to the Compliance Department and/or local legal departments. If a red flag is identified, the Compliance Department and/or local Legal department should be notified and they will investigate the red flag, in coordination with the General Counsel, and take other actions in accordance with this Policy and to relevant anti-money laundering laws. Local legal departments will have access to the entity compliance tool. Such an investigation may require a thorough review of the business relationship with the third party and any prior transactions with the third party to ensure that such transactions were in compliance with this Policy and Positive IA 's knowledge of the third party. party, its business activity, its risk profile and, if necessary, the source of its funds.

9- Payments

SIA Positive IA must take due diligence measures when accepting payments to reduce the risk of receiving money involved in money laundering activities. Third parties should be advised that acceptable forms of payment should be limited to the following:

(A) transfer from a bank account in the name of a third party;
(b) credit or debit card;

Positive IA may accept a bank transfer without specifying the bank account holder if this is a practice authorized by law in the country where the transaction takes place.

It is prohibited to make or receive Cash Payments above the applicable local thresholds set out in this Policy.

10- Training

Anti-money laundering training is provided at least once to employees of money laundering-sensitive departments at Positive IA The Compliance Director, as well as local Compliance Officers and Legal Departments, must provide periodic refresher training at least every two (2) years for employees of sensitive services. The Director of Compliance, with the assistance of local Compliance Officers and Legal Departments, must maintain a list of Positive IA employees who are completing such training and retain a copy of the materials used for such training.

11- Risk assessment

Each regional and local Enterprise Risk Management area must carry out an assessment, which will be updated every two (2) years, of the anti-money laundering risks of Positive IA as its activity evolves and develops. The results of the risk assessment should be communicated to local compliance officers and legal departments to assess necessary improvements to this Policy.

12- Internal review and audit

The Compliance Department will conduct a formal internal review of Positive IA 's compliance with this Policy at least once every two years. The review will include a written annual report, which will be sent to the Audit Committee and retained by the Director of Compliance in accordance with Positive IA 's information retention policies. Any deficiencies identified during the independent review will be accompanied by written plans to address these deficiencies in a manner consistent with the Positive IA L Policy.

The internal review will cover the following:

• any updates on laws and techniques or cases related to AML and economic sanctions,
• any investigation and the reasons for continuing a transaction or deciding to stop it;
• the summary of the annual AML-related risk assessment;
• the implementation of any training activity;
• the results of any internal review and audit and the measures to respond to their findings.

13- Record keeping and data retention

SIA Positive IA must record and retain, subject to Positive IA 's Global Information Retention Policy, all information required or collected as part of its:

(i) Due diligence checks as well as documents relating to local and international third party transactions with Positive IA , in accordance with the Positive IA Global Information Retention Policy, for a maximum period of ten (10) years after the end of the commercial relationship with a third party;

(ii) Anti-money laundering training provided to employees and third parties of Positive IA , in accordance with the Positive IA Global Information Retention Policy, for a maximum period of ten (10) years after the date of training;

(iii) Internal reviews or audits of relevant third parties, in accordance with the Positive IA Global Information Retention Policy, for a maximum period of five years after the date of the review or audit;

(iv) Any decision rejecting or approving the making or receipt of one or more Cash Payments as described in Article 10, for a maximum period of five (5) years.

14- Consequences of non-compliance

Violations of applicable Anti-Money Laundering Laws or this Policy may result in criminal prosecution and/or the imposition of civil penalties, not to mention potential long-term damage to the reputation of Positive IA. Under no circumstances should an employee of Positive IA facilitate or participate in money laundering activity. Positive IA will not pay any fines imposed on employees or third parties of Positive IA or any attorney's fees following a violation of any Anti-Money Laundering Law or this Policy. Additionally, any violation of this Policy may result in disciplinary action, including possible termination, or other corrective or disciplinary action appropriate in the circumstances, consistent with applicable employment law.

Conversely, Positive IA will fully support any employees or third parties of Positive IA who refuse to engage in conduct that would jeopardize the ethical principles and reputation of Positive IA L.

15- Reporting Requirements

If an employee of Positive IA suspects or becomes aware of a violation of applicable Anti-Money Laundering Laws or this Policy, he or she must promptly report the facts through the Process Assessment Department, the director of the compliance department, compliance officers, local legal department.

Positive IA strictly prohibits retaliation against any person raising good faith concerns regarding actual or suspected misconduct related to this Policy or any other Anti-Money Laundering Law. Such reprisals would justify possible disciplinary measures against anyone who intends to take them, including dismissal. In accordance with its obligations under the law and the enforcement processes established in Positive IA 's internal policies, Positive IA will keep confidential, to the extent possible, the identity of any person reporting a violation in good faith possible. No one will be fired, demoted, suspended, harassed or discriminated against solely for reporting a possible violation in good faith.

16- Contact details

The Director of Compliance, Regional Compliance Officers and the Process Assessment Department will monitor compliance with this Policy.