AML Policy

Updated as of: March 10th, 2023

My Backpack, LLC Anti-Money Laundering (AML) Policy

My Backpack, LLC (“Company”), takes the issue of providing the best customer service to our users very seriously, including giving great importance to account security. It is the policy of the Company to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities by complying with all applicable requirements under the Bank Secrecy Act (“BSA”) and its implementing regulations.

Within the scope of this policy, the user, to whom this policy is implemented on and agrees and declares not to harm the Company's activities, refers to the real persons who are members of the Platform (“Platform”) that can be accessed via www.mybackpack.appand those who benefit from the services offered on the Platform and therefore those who accept the matters in this policy.

Money Laundering

Money laundering is generally defined as engaging in acts designed to conceal or disguise the true origins of criminally derived proceeds so that the proceeds appear to have derived from legitimate origins or constitute legitimate assets. Generally, money laundering occurs in three stages. Cash first enters the financial system at the "placement" stage, where the cash generated from criminal activities is converted into monetary instruments, such as money orders or traveler's checks, or deposited into accounts at financial institutions. At the "layering" stage, the funds are transferred or moved into other accounts or other financial institutions to further separate the money from its criminal origin. At the "integration" stage, the funds are reintroduced into the economy and used to purchase legitimate assets or to fund other criminal activities or legitimate businesses.

Although cash is rarely deposited into securities accounts, the securities industry is unique in that it can be used to launder funds obtained elsewhere, and to generate illicit funds within the industry itself through fraudulent activities. Examples of types of fraudulent activities include insider trading, market manipulation, ponzi schemes, cybercrime and other investment-related fraudulent activity.

Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal either the origin of the funds or their intended use, which could be for criminal purposes. Legitimate sources of funds are a key difference between terrorist financiers and traditional criminal organizations. In addition to charitable donations, legitimate sources include foreign government sponsors, business ownership and personal employment. Although the motivation differs between traditional money launderers and terrorist financiers, the actual methods used to fund terrorist operations can be the same as or similar to methods used by other criminals to launder funds. Funding for terrorist attacks does not always require large sums of money and the associated transactions may not be complex.

Our AML policies, procedures and internal controls are designed to ensure compliance with all applicable BSA regulations and FINRA rules and will be reviewed and updated on a regular basis to ensure appropriate policies, procedures and internal controls are in place to account for both changes in regulations and changes in our business.

Compliance

The Company will designate a firm to manage its Anti-Money Laundering (“AML”)Program, with full responsibility for the Company’s AML program. That firm will have a working knowledge of the BSA and its implementing regulations and will be qualified by experience, knowledge and training.
The duties of the firm will include monitoring the Company’s compliance with AML obligations, overseeing communication and training for employees. The firm will also ensure that the Company keeps and maintains all of the required AML records and will ensure that Suspicious Activity Reports (“SARs”) are filed with the Financial CrimesEnforcement Network (“FinCEN”) when appropriate. The firm will be vested with full responsibility and authority to enforce the Company’s AML program.

FinCEN Requests Under USA PATRIOT Act Section 314(a)

Company will respond to a Financial Crimes Enforcement Network (FinCEN) request concerning accounts and transactions (a 314(a) Request) by immediately searching our records to determine whether we maintain or have maintained any account for, or have engaged in any transaction with, each individual, entity or organization named in the314(a) Request. If we find a match, Company will report it to FinCEN via FinCEN's Web-based 314(a) Secure Information Sharing System within 14 days or within the time requested by FinCEN in the request. If the search parameters differ from those mentioned above (for example, if FinCEN limits the search to a geographic location), Company will structure our search accordingly.

If Company searches our records and does not find a matching account or transaction, then Company will not reply to the 314(a) Request. We will maintain documentation that we have performed the required.

We will not disclose the fact that FinCEN has requested or obtained information from us, except to the extent necessary to comply with the information request. Company will review, maintain and implement procedures to protect the security and confidentiality of requests from FinCEN similar to those procedures established to satisfy the requirements of Section 501 of the Gramm-Leach-Bliley Act with regard to the protection of user's nonpublic information.

We will direct any questions we have about the 314(a) Request to the requesting federal law enforcement agency as designated in the request. Unless otherwise stated in the 314(a) Request, we will not be required to treat the information request as continuing in nature, and we will not be required to treat the periodic 314(a) Requests as a government provided list of suspected terrorists for purposes of the user identification and verification requirements.

Voluntary Information Sharing With Other Financial Institutions Under USAPATRIOT Act Section 314(b)

We will share information with other financial institutions regarding individuals, entities, organizations and countries for purposes of identifying and, where appropriate, reporting activities that we suspect may involve possible terrorist activity or money laundering.Company will ensure that the Company’s files with FinCEN an initial notice before any sharing occurs and annual notices thereafter. Before we share information with another financial institution, we will take reasonable steps to verify that the other financial institution has submitted the requisite notice to FinCEN, either by obtaining confirmation from the financial institution or by consulting a list of such financial institutions thatFinCEN will make available. We understand that this requirement applies even to financial institutions with which we are affiliated, and that we will obtain the requisite notices from affiliates and follow all required procedures.

We will employ strict procedures both to ensure that only relevant information is shared and to protect the security and confidentiality of this information, for example, by segregating it from the Company’s other books and records.

We also will employ procedures to ensure that any information received from another financial institution shall not be used for any purpose other than:

Sharing SARs With Parent Companies

Because we are a subsidiary, we may share SARs with JXN, LLC. Before we share SARs with JXN, LLC, we will have in place written confidentiality agreements or written arrangements that protect the confidentiality of the SARs through appropriate internal controls.

Checking the Office of Foreign Assets Control Listings

Before opening an account, and on an ongoing basis, Company will check to ensure that a user does not appear on the Specially Designated Nationals and Blocked Persons list(“SDN”) or is not engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced by OFAC. Because the SDN list and listings of economic sanctions and embargoes are updated frequently, we will consult them on a regular basis and subscribe to receive any available updates when they occur. With respect to the SDN list, we may also access that list through various software programs to ensure speed and accuracy. Company will also review existing accounts against the SDN list and listings of current sanctions and embargoes when they are updated and they will document the review.

If we determine that a user is on the SDN list or is engaging in transactions that are prohibited by the economic sanctions and embargoes administered and enforced byOFAC, we will reject the transaction and/or block the users's assets and file a blocked assets and/or rejected transaction form with OFAC within 10 days.

Our review will include user accounts and transactions involving users.

Know Your Customer Verification

The information required to be collected under FINRA Rules 2090 (Know YourCustomer) and 2111 (Suitability) and Securities Exchange Act of 1934 (Exchange Act)Rules 17a-3(a)(9) (Beneficial Ownership), 17a-3(a)(17) (User Accounts), we have established a partnership with a Third-Party Service Provider to verify, document, and maintain the Know Your Customer (“KYC”) processes. They will collect certain minimum user identification information from each user who opens an account; utilize risk-based measures to verify the identity of each user who opens an account; record user identification information and the verification methods and results; provide the required adequate KYC notice to user that we will seek identification information to verify their identities; and compare user identification information with government-provided lists of suspected terrorists, once such lists have been issued by the government.

User Information

Prior to opening an account to enable transactions, our Third-Party Service Provider will collect and verify the following information for all accounts, if applicable, for any person, entity or organization that is opening a new account and whose name is on the account:

  1. the name;
  2. date of birth (for an individual);
  3. an address; and
  4. an identification number, which will be a taxpayer identification number, or one

or more of the following: a taxpayer identification number, passport number and country of issuance, alien identification card number, or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or other similar safeguard (for non-U.S.persons).
If a potential or existing user either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, our Company will not open a new account and, after considering the risks involved, consider closing any existing account.

Monitoring Accounts for Suspicious Activity

We will monitor account activity for unusual size, volume, pattern, or type of transactions, taking into account risk factors. Monitoring will be conducted through a Third-Party Service Provider. Our Third-Party Service Provider will be responsible for monitoring, review any activity that their monitoring system detects, determine whether any additional steps are required, will document when and how this monitoring is carried out, and will report suspicious activities to the appropriate authorities.

AML Record keeping

Our AML Compliance firm will be responsible for ensuring that AML records are maintained properly and that SARs are filed as required.

Monitoring Employee Conduct and Accounts

We will subject employee accounts to the same AML procedures as user accounts, under the supervision of the AML Compliance firm. We will also review the AML performance of supervisors, as part of their annual performance review.

Confidential Reporting of AML Non-Compliance

Employees will promptly report any potential violations of the Company’s AML compliance program to the AML Compliance firm. Such reports will be confidential, and the employee will suffer no retaliation for making them.

Approval & Periodic Review

This AML policy has been approved by Company and shall be effective as of the date listed below.

Company shall retain the rights to periodically review, revise and approve any amendments to the AML policy at its sole discretion or in accordance with applicable laws.

Updated as of: March 10th, 2023