Compliance & Regulatory Framework

1. Our Regulatory Status

B2M Asia Inc. is incorporated under the laws of Ontario, Canada, and operates as a Money Services Business (MSB) registered with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC). As a registered MSB, we are authorized to provide foreign exchange dealing and cross-border money transfer services to business clients in Canada and internationally.

Our regulatory obligations arise under Canadian federal and provincial law, including:

• Proceeds of Crime (Money Laundering) and Terrorist Financing Act, S.C. 2000, c. 17 (PCMLTFA): The primary federal legislation governing anti-money laundering and counter-terrorist financing obligations for Canadian financial service providers.
• PCMLTFA Regulations: Including the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations, the Suspicious Transaction Reports Regulations, and the Cross-Border Currency and Monetary Instruments Reporting Regulations.
• Personal Information Protection and Electronic Documents Act (PIPEDA): Governing the collection, use, and disclosure of personal information in the course of commercial activities.
• United Nations Act, R.S.C. 1985, c. U-2: Implementing UN Security Council sanctions in Canada.
• Special Economic Measures Act (SEMA): Enabling Canadian sanctions against foreign states, entities, and individuals.
• The Justice for Victims of Corrupt Foreign Officials Act (Magnitsky Act): Enabling targeted sanctions against foreign nationals responsible for gross human rights violations or significant corruption.

We also monitor and, where applicable, comply with regulatory requirements in the jurisdictions of our clients and banking partners, including regulations governing cross-border transactions in China, Taiwan, Japan, South Korea, Hong Kong, and the United States.

2. Our Compliance Commitment

B2M Asia views compliance not as a regulatory burden, but as a core business value and a foundation of trust with our clients, partners, and regulators. Our compliance program is designed to:

• Prevent B2M Asia's platform from being used to facilitate money laundering, terrorist financing, fraud, or sanctions evasion
• Protect our clients, partners, and the broader financial system from financial crime
• Meet and exceed all applicable legal and regulatory obligations in every jurisdiction where we operate
• Maintain the trust and confidence of our clients by operating transparently and responsibly
• Apply a risk-based approach that ensures compliance resources are directed where the risk is greatest

Our Board of Directors and senior management team are directly accountable for the effectiveness of our compliance program and receive regular reporting on compliance performance, regulatory developments, and emerging risks.

3. Anti-Money Laundering Program

B2M Asia maintains a documented Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) compliance program that meets the requirements set out by FINTRAC under the PCMLTFA. Our AML program includes the following core components:

Compliance Officer

We have appointed a designated Compliance Officer at the senior management level who is responsible for implementing, overseeing, and reporting on our AML/CTF program. The Compliance Officer has the authority and resources necessary to carry out these responsibilities independently and effectively.

Written Policies and Procedures

We maintain detailed written AML policies and procedures that govern all aspects of our operations relevant to financial crime risk. These policies are reviewed and updated at least annually or whenever there is a material change in our business, regulatory environment, or risk profile.

Risk Assessment

We conduct and maintain a written AML/CTF risk assessment of our business, covering the products and services we offer, our client base, the geographic markets we serve, and our delivery channels. This risk assessment informs the design and prioritization of controls within our compliance program.

Independent Review

Our AML compliance program is subject to independent review at least every two years to assess its effectiveness and identify gaps. Review findings are reported to senior management and the Board, and any deficiencies are remediated on a defined timeline.

4. Know Your Business (KYB) Verification

Before activating any business account, B2M Asia conducts a thorough Know Your Business (KYB) verification process. This process is designed to confirm the legitimacy of each client business, understand the nature of the business and its intended use of our services, and identify the individuals who ultimately own or control the business.

Business Verification

We verify the legal existence and status of each client entity using one or more of the following methods:

• Review of certificate of incorporation, articles of association, or equivalent formation documents
• Confirmation of registration with the relevant provincial or federal corporate registry
• Review of proof of business address through utility bills, bank statements, or official correspondence
• Verification of tax registration numbers (BN, HST/GST) where applicable

Beneficial Ownership Verification

We identify and verify all individuals who directly or indirectly own or control 25% or more of the client entity, as well as all directors and authorized signatories. Verification methods include:

• Government-issued photo identification (passport, driver's licence, or national identity card)
• Biometric liveness verification using regulated third-party identity verification services
• Review of shareholder registers, trust deeds, partnership agreements, or other ownership documentation
• Screening of all identified persons against global sanctions lists, Politically Exposed Persons (PEP) databases, and adverse media sources

Enhanced Due Diligence

Clients assessed as higher risk — including those involving Politically Exposed Persons, complex ownership structures, high-risk jurisdictions, or high transaction volumes — are subject to Enhanced Due Diligence (EDD). EDD may include senior management approval, additional documentation, source of funds verification, and more frequent ongoing monitoring.

Ongoing Client Due Diligence

KYB is not a one-time process. We conduct periodic reviews of all client accounts based on their risk rating, and we re-verify client information when there are material changes to the business, its ownership, or its transaction patterns.

5. Sanctions Screening

B2M Asia operates a comprehensive sanctions screening program to ensure that we do not facilitate transactions involving sanctioned individuals, entities, or jurisdictions. Sanctions screening is applied at onboarding and in real time at the point of every transaction.

Our sanctions screening covers the following lists and regimes:

• The United Nations Security Council consolidated sanctions list
• Canadian sanctions lists administered under the United Nations Act, SEMA, and the Magnitsky Act, as maintained by Global Affairs Canada
• The OFAC Specially Designated Nationals and Blocked Persons List (SDN List) and other OFAC-administered sanctions lists
• The UK HM Treasury Financial Sanctions regime
• The European Union Consolidated Financial Sanctions List
• Politically Exposed Persons (PEP) databases
• Adverse media databases covering financial crime, corruption, and regulatory enforcement actions

Where a potential match is identified, the transaction or onboarding is immediately paused and reviewed by our Compliance team. Confirmed matches result in the rejection of the transaction, account restriction, and mandatory reporting to the relevant authorities where required by law.

Transactions involving counterparties or beneficiaries in comprehensively sanctioned jurisdictions — including North Korea and Iran — are categorically prohibited regardless of the stated purpose.

6. Transaction Monitoring

B2M Asia operates an automated transaction monitoring system that continuously analyzes payment activity across our platform to detect patterns that may be indicative of money laundering, terrorist financing, fraud, or other financial crime.

Our transaction monitoring program includes:

• Rule-based detection: Automated rules trigger alerts based on transaction characteristics including amount thresholds, frequency, geographic risk factors, and deviations from established client behaviour.
• Behavioural analytics: We use AI-driven analytics to establish baseline transaction profiles for each client and identify anomalous activity that deviates from expected patterns.
• Large cash and equivalent transaction reporting: Transactions involving $10,000 CAD or more in cash or equivalent are subject to mandatory reporting to FINTRAC as Large Cash Transaction Reports (LCTR) within the required timeframe.
• Electronic funds transfer reporting: We file Electronic Funds Transfer Reports (EFTR) with FINTRAC for international wire transfers of $10,000 CAD or more as required by PCMLTFA regulations.
• Alert review and investigation: All system-generated alerts are reviewed by trained compliance analysts who conduct thorough investigations and document their findings. Alerts that cannot be resolved are escalated to the Compliance Officer.

7. Cross-Border Regulatory Compliance

Cross-border payments involve regulatory requirements in both the originating and receiving jurisdictions. B2M Asia takes a proactive approach to understanding and complying with the regulatory requirements relevant to each currency corridor we support.

China (CNY)

Transfers involving the Chinese Renminbi are subject to the foreign exchange controls administered by China's State Administration of Foreign Exchange (SAFE). We ensure all CNY transactions are structured in accordance with SAFE regulations, applicable quotas, and required documentation for trade-related payments.

Taiwan (TWD)

Cross-border transfers involving New Taiwan Dollars are subject to the foreign exchange regulations administered by the Central Bank of the Republic of China (Taiwan) and reporting requirements under the Foreign Exchange Control Statute. We ensure proper documentation for all TWD transactions.

Japan (JPY)

JPY transactions are subject to the Foreign Exchange and Foreign Trade Act (FEFTA) administered by the Japanese Ministry of Finance. We ensure compliance with applicable reporting thresholds and sectoral restrictions.

South Korea (KRW)

Korean Won transactions are subject to the Foreign Exchange Transactions Act (FETA) and oversight by the Financial Services Commission (FSC) and the Bank of Korea. Our KRW transfers are processed in compliance with applicable reporting and documentation requirements.

Hong Kong (HKD)

HKD transactions are subject to oversight by the Hong Kong Monetary Authority (HKMA) and the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO). B2M Asia ensures compliance with applicable HKMA guidelines.

For all corridors, we require clients to provide appropriate trade documentation — including commercial invoices, purchase orders, bills of lading, and contracts — for transactions above applicable thresholds or where required by the regulations of the receiving country.

8. Data Protection and Privacy Compliance

B2M Asia's handling of personal and business information is governed by our Privacy Policy, which is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, the General Data Protection Regulation (GDPR).

Key data protection measures include:

• AES-256 encryption of personal and financial data at rest
• TLS 1.2 or higher encryption for all data in transit
• Role-based access controls and the principle of least privilege
• Mandatory multi-factor authentication for all platform and system access
• Data processing agreements with all third-party service providers who handle personal information
• A documented data breach response procedure with mandatory notification timelines

For full details on our data protection practices, please refer to our Privacy Policy.

9. Reporting Obligations

As a registered MSB under PCMLTFA, B2M Asia has mandatory reporting obligations to FINTRAC, including:

• Suspicious Transaction Reports (STR): We are legally required to file an STR with FINTRAC within 30 days of detecting a transaction or attempted transaction where there are reasonable grounds to suspect it is related to money laundering or terrorist financing. There is no minimum transaction threshold for STR filing.
• Terrorist Property Reports (TPR): We are required to file a TPR immediately upon discovering that we are in possession or control of property owned or controlled by or on behalf of a terrorist or a terrorist group.
• Large Cash Transaction Reports (LCTR): We file LCTRs within 15 calendar days for transactions of $10,000 CAD or more in cash or equivalent received in a single transaction or multiple transactions within 24 hours.
• Electronic Funds Transfer Reports (EFTR): We file EFTRs within 5 business days for international electronic transfers of $10,000 CAD or more sent or received.

Information disclosed to FINTRAC is protected under PCMLTFA provisions that restrict how FINTRAC may use and disclose information it receives. We are prohibited by law from disclosing to a client or any other person that we have filed or are considering filing a suspicious transaction report.

10. Compliance Governance

Compliance governance at B2M Asia is structured to ensure clear accountability at every level of the organization:

• Board of Directors: The Board is ultimately responsible for the adequacy and effectiveness of B2M Asia's compliance framework. The Board receives regular compliance reporting and approves material changes to compliance policies.
• Chief Executive Officer: The CEO is accountable for ensuring that sufficient resources — including budget, technology, and staffing — are allocated to compliance functions.
• Compliance Officer: The designated Compliance Officer is responsible for the day-to-day oversight and implementation of the AML/CTF and broader compliance program. The Compliance Officer reports directly to the CEO and has a reporting line to the Board.
• Compliance Function: The compliance team is independent of business units and operations to avoid conflicts of interest. Compliance staff have the authority to pause, investigate, and escalate transactions or client relationships without requiring business approval.
• All Employees: Every B2M Asia employee is responsible for understanding and adhering to our compliance policies and for escalating potential compliance concerns through established reporting channels.

11. Staff Training and Culture

B2M Asia is committed to building and maintaining a strong culture of compliance throughout the organization. All employees and contractors who interact with clients, process transactions, or have access to client data are required to:

• Complete comprehensive AML/CTF and compliance training upon joining B2M Asia
• Complete annual refresher training covering updates to regulatory requirements, emerging typologies, and internal policy changes
• Undergo role-specific training relevant to their particular responsibilities (such as KYB verification, transaction monitoring, or customer support)
• Acknowledge their understanding of and commitment to B2M Asia's compliance policies in writing

Training completion is tracked and reported to the Compliance Officer and senior management. Employees who do not complete required training are subject to disciplinary action.

12. Record Keeping

B2M Asia maintains comprehensive records in accordance with PCMLTFA record-keeping requirements. Our records are retained for the minimum periods specified by law and are stored securely in a format that enables timely retrieval in the event of a regulatory examination or law enforcement request.

Records maintained include:

• Client identification and verification records, retained for a minimum of five (5) years from the date of the last business activity
• Beneficial ownership records, retained for a minimum of five (5) years
• Transaction records for all payments processed, retained for a minimum of five (5) years from the date of the transaction
• Copies of all FINTRAC reports filed (STR, TPR, LCTR, EFTR), retained for a minimum of five (5) years
• AML risk assessment documents and compliance program documentation, retained for a minimum of five (5) years
• Staff training records, retained for a minimum of five (5) years
• Compliance monitoring and audit records, retained for a minimum of five (5) years

13. Risk-Based Approach

B2M Asia applies a risk-based approach (RBA) to all aspects of our compliance program, consistent with the guidance of FINTRAC and the Financial Action Task Force (FATF). Under this approach, the level of due diligence, monitoring, and controls applied to any client or transaction is proportionate to the assessed level of risk.

Factors that inform our risk assessment include:

• Client type, industry sector, and business model
• Geographic exposure, including the jurisdictions of the client, its counterparties, and its beneficiaries
• Transaction volumes, frequencies, and amounts
• Complexity of ownership and control structures
• PEP status of directors, owners, or authorized signatories
• Adverse media findings or prior regulatory enforcement history
• Source of funds and purpose of transactions

Clients and transactions assessed as higher risk are subject to enhanced scrutiny, additional documentation requirements, senior management approval, and more frequent review. B2M Asia reserves the right to decline or exit any client relationship where the assessed risk exceeds our risk appetite.

14. Correspondent Banking and Partner Compliance

B2M Asia selects its banking partners and payment correspondents with care. Before establishing or maintaining a correspondent or partner relationship, we conduct due diligence to satisfy ourselves that the partner maintains AML/CTF standards that are consistent with our own.

Our partner due diligence includes assessment of:

• The partner's regulatory status and licensing in its home jurisdiction
• The strength and adequacy of the partner's AML/CTF program
• Any history of regulatory sanctions, enforcement actions, or material compliance failures
• The geographic and sectoral exposure of the partner's business

We do not establish or maintain relationships with shell banks or with partners that permit their accounts to be used by shell banks. We do not enter into or maintain correspondent relationships with entities that are known to facilitate money laundering, terrorist financing, or sanctions evasion.

15. Reporting a Concern

B2M Asia encourages the reporting of compliance concerns, potential violations of law or policy, or suspected financial crime through our internal reporting channels. Individuals — including clients, employees, and third parties — who in good faith report compliance concerns will be protected from retaliation.

Internal compliance concerns may be reported to:

• Our Compliance Officer directly at compliance@b2masia.com
• Via our secure compliance reporting form available in the client dashboard

External reporting channels include:

• FINTRAC (Financial Transactions and Reports Analysis Centre of Canada): fintrac-canafe.gc.ca
• Office of the Privacy Commissioner of Canada (OPC): priv.gc.ca
• Financial Consumer Agency of Canada (FCAC): canada.ca/en/financial-consumer-agency

All reported concerns are investigated promptly and confidentially. The identity of the reporting individual will be protected to the fullest extent permitted by law.

16. Contact Our Compliance Team

If you have questions about our compliance program, our regulatory obligations, or your responsibilities as a B2M Asia client, please contact our Compliance team:

This Compliance page is provided for informational purposes and describes B2M Asia's compliance framework in general terms. It does not constitute legal advice. The specific obligations applicable to any client will depend on the nature of their business, the transactions they conduct, and the jurisdictions involved. Clients with specific compliance questions are encouraged to seek independent legal counsel.