Ethics & Compliance Program Charter

Template Package B Deliverable Version 1.0 · July 2026 · For CASP / KVHS use

This template is provided for illustrative purposes. Client-specific charters are drafted and approved under formal engagement. Regulatory references should be mapped to your entity structure and licensing status.

1. Purpose & Mandate

The Ethics & Compliance Program ("Program") is established to promote a culture of integrity, ethical conduct, and compliance with applicable laws, regulations, and internal standards across all operations of the Company, including regulated financial services and crypto-asset activities.

The Program supports the Company's strategic objectives by preventing, detecting, and responding to ethical misconduct, regulatory breaches, and conduct risk, while safeguarding stakeholders, customers, and market integrity.

For crypto asset service providers, the Program complements — but does not subsume — AML/CTF, licensing, and prudential obligations under frameworks including SPK III-35B.1 (Turkey), MASAK requirements, and the EU Markets in Crypto-Assets Regulation (MiCA) where applicable.

2. Scope of the Program

2.1 Covered persons

The Program applies to:

2.2 Program coverage

Program coverage includes, but is not limited to:

AML/CTF, sanctions screening, and prudential regulatory compliance functions operate in coordination with, but independently from, the E&C Program. The Chief Ethics & Compliance Officer (CECO) and Money Laundering Reporting Officer (MLRO) maintain distinct mandates with defined coordination protocols (see Section 6).

3. Governance & Oversight

The Board of Directors has ultimate oversight responsibility for the Program and receives periodic reporting on Program effectiveness, material incidents, and emerging conduct risks.

A designated Board Committee (Audit, Risk, or Compliance Committee) oversees:

Senior management is responsible for supporting the Program and fostering ethical culture through tone at the top, including visible endorsement of speak-up channels and non-retaliation principles.

3.1 Board reporting cadence

4. Authority, Independence & Resources

The Chief Ethics & Compliance Officer (or equivalent role):

Adequate resources, budget, and skilled personnel are provided to ensure Program effectiveness, including access to investigation tools, training platforms, and third-party due diligence capabilities.

5. Core Program Components

The Program is risk-based and includes:

6. Regulatory Coordination & Jurisdiction Matrix

Given multi-jurisdiction operations, the CECO maintains a jurisdiction matrix identifying applicable conduct and governance requirements per entity and market. The CECO coordinates with the MLRO and regulatory affairs function on:

Entity-level RACI assignments are documented separately and reviewed annually (see Compliance RACI Matrix).

7. Crypto-Specific Conduct Risks

The Program explicitly addresses conduct risks inherent to crypto-asset services, including:

8. Speak-Up, Investigations & Non-Retaliation

The Company maintains confidential reporting mechanisms available to employees and third parties.

All reports are:

Retaliation against reporters or investigation participants is prohibited and treated as a serious violation, subject to disciplinary action up to and including termination and regulatory notification where required.

9. Monitoring, Reporting & Continuous Improvement

The effectiveness of the Program is monitored through:

Lessons learned from investigations, audits, regulatory feedback, and incidents are incorporated into Program enhancements within 90 days of closure where practicable.

10. Document Control & Review

← Template Pack RACI Matrix → Board Reporting →