CRIMINAL COMPLIANCE POLICY

TABLE OF CONTENTS

• 1. PURPOSE
• 2. SCOPE OF APPLICATION
• 3. AFFECTED ACTIVITIES
• 4. SUPERVISORY AND CONTROL BODY
• 5. MONITORING AND REVIEW OF THE CRIMINAL PREVENTION PROGRAM
• 6. COMMITMENT OF SPECIALLY EXPOSED PERSONS
• 7. WHISTLEBLOWING CHANNEL
• 8. NON-COMPLIANCE WITH THIS POLICY
• 9. KNOWLEDGE AND DECLARATION OF CONFORMITY

1. PURPOSE

The Criminal Compliance Policy of BITCOINFORME S.L (hereinafter Bit2Me) represents the organization's commitment to establishing a firm culture of compliance, understood as the extension of integrity in all manifestations of its business activity.

This policy is aligned with the organization's goals and reflects the company's zero-tolerance position regarding any irregular conduct that may constitute a crime.

2. SCOPE OF APPLICATION

This Policy applies to all members of Bit2Me, regardless of the position and function they perform.

This policy may also be extended to third parties acting on behalf of or representing Bit2me, as well as to external persons and/or organizations with any type of link to the organization when appropriate for the fulfillment of its purpose and possible due to the nature of the relationship, especially to participating partners and staff providing services in or for Bit2me as a result of the commitments assumed through the framework contract concluded between them.

3. AFFECTED ACTIVITIES

Bit2Me's criminal prevention program has a matrix of criminal risks and controls in which the offenses typified in the Criminal Code that could entail criminal liability for the organization as a legal entity are analyzed.

For each of the identified criminal risks, the main activities in which they could be committed are determined, these being, among others, the following:

1. Services for the purchase and sale of virtual currencies, as well as exchange between them and fiat money (euros) through the Bit2Me platform: https://bit2me.com/

2. Storage services for virtual currencies and fiat currencies (euros) in cryptoasset wallets and electronic money wallets

The organization has detected and analyzed all activities in which risks of corporate crimes may materialize and has assessed and determined the existing controls to minimize said risks. This risk map is found in the corresponding crime prevention manual as an independent document.

4. SUPERVISORY AND CONTROL BODY

Bit2Me has a Compliance Body in charge of ensuring compliance with this Criminal Compliance Policy, as well as with the rest of the criminal prevention program implemented in the organization. This body is vested with authority and independence, which allows it to act on its own initiative and with full autonomy with respect to the rest of the organization.

5. MONITORING AND REVIEW OF THE CRIMINAL PREVENTION PROGRAM

Bit2me carries out continuous monitoring of the performance of the determined activities with the periodicity established in its own manual. Periodically, it reviews the criminal compliance objectives and takes the necessary measures to update them and implement the necessary mechanisms for their achievement and continuous improvement.

6. COMMITMENT OF SPECIALLY EXPOSED PERSONS

For the purposes of this Policy and in accordance with the Analysis and Methodology of the RPC Management System document, "Specially Exposed Persons" shall be understood as those who, by virtue of their position, functions, or responsibilities within the organization, are in direct contact with relevant decision-making, the management of economic resources, or the supervision of critical activities that may involve significant regulatory risks. This definition aligns with the provisions of the UNE 19601 and ISO 37001 standards, which identify these individuals as those who, due to their influence and authority, may incur risk situations that compromise the integrity of the organization.

By virtue of their role, Specially Exposed Persons are obliged to express their commitment to the set of Compliance Policies on a periodic basis. This commitment will be carried out by signing a formal document that certifies their knowledge and acceptance. This process will be carried out annually, thus ensuring that all those involved recognize and adhere to the principles of integrity, transparency, and responsibility established by Bit2Me.

7. WHISTLEBLOWING CHANNEL

All members of Bit2me have the obligation to report any fact or conduct contrary to this Policy, or to the criminal prevention program, that could be considered irregular or illicit conduct of which they have knowledge or suspicion.

The way to communicate is through the bizneo tool (https://bit2me.bizneohr.com/whistleblowing-channel/) or physically in the mailbox at the Castellón office.

On the Bit2Me website, you can access information about the internal information system: https://bit2me.com/legal/canal-denuncias. In the Bit2Me whistleblowing channel, employees, suppliers, or third parties are allowed to report anonymously, and in any case, it will be kept confidential and will not be communicated to the persons to whom the facts refer or to third parties.

The organization will attend to all communications received, giving them the corresponding treatment, always guaranteeing their strict confidentiality. In addition, it will ensure that there are no reprisals of any kind against those employees who make communications in good faith.

8. NON-COMPLIANCE WITH THIS POLICY

This Policy is mandatory for all obliged subjects mentioned in point 2, from the moment of its publication.

Any breach of this Policy will be treated as a serious disciplinary offense and may be subject to the disciplinary actions contemplated in the general disciplinary regime of the organization to which the person who commits the irregularity belongs.

Likewise, irregular conduct committed by persons with a relationship other than employment will be sanctioned according to the available mechanisms.

9. KNOWLEDGE AND DECLARATION OF CONFORMITY

This Policy is communicated to all Bit2me personnel and is also available and updated on the company's intranet.