ANTI-MONEY LAUNDERING (AML) AND COUNTER-FRAUD COMPLIANCE PROTOCOL
Company Name: CoreCraft Game Limited
Registered Address: 100 N HOWARD ST STE R, SPOKANE, WA, 99201, UNITED STATES
1. LEGAL FRAMEWORK AND COMPLIANCE STATEMENT
1.1
CoreCraft Game Limited (the "Company") maintains a rigorous Anti-Money Laundering (AML) and Anti-Fraud framework. This Protocol is designed to prevent the misuse of our casual gaming platform for illicit financial purposes and to ensure the security of our recreational ecosystem.
1.2
Although the Company provides a closed-loop entertainment service with no currency-out functionality, we voluntarily align our internal controls with the standards set by the U.S. Bank Secrecy Act (BSA), the USA PATRIOT Act, and the guidelines provided by the Financial Crimes Enforcement Network (FinCEN).
2. RISK MANAGEMENT TEAM AND GOVERNANCE
The Company operates a specialized Risk Management and Compliance Team. This department is tasked with the end-to-end monitoring of platform integrity, utilizing forensic data analysis to identify and neutralize suspicious activity. A designated Compliance Officer oversees the periodic auditing of these protocols to ensure they meet evolving federal and state regulatory expectations.
3. ADAPTIVE IDENTITY ASSURANCE (KYC/CIP)
CoreCraft Game Limited utilizes a Risk-Responsive User Verification model. Rather than applying static thresholds, our Risk Management Team triggers identity assurance procedures based on behavioral heuristics:
• Routine Engagement: Users are identified via secure digital signatures, device metadata, and encrypted contact data.
• Enhanced Due Diligence (EDD): If an account exhibits atypical spending patterns, such as multiple high-velocity transactions or the use of inconsistent funding sources, the Company mandates a formal identity validation. This requires the submission of government-issued credentials to ensure that the account activity is legitimate and authorized.
4. SUSPICIOUS ACTIVITY MONITORING (SAM)
Our Risk Management Team employs automated surveillance tools to detect and flag indicators of financial crime, including:
• Structuring and Smurfing: Identifying attempts to fragment large acquisitions of digital content into smaller, frequent transactions.
• Rapid Cycling: Detecting accounts that acquire virtual entitlements and immediately exhibit signs of "account flipping" or unauthorized transfer attempts.
• Geographic Mismatch: Highlighting discrepancies between a user's IP geolocation and the origin of their payment instrument.
5. FISCAL INTEGRITY AND CLOSED-LOOP CONTROLS
5.1 Origin-Restricted Reversals (Anti-Money Laundering Measure):
To prevent the platform from being used as a conduit for value movement, the Company enforces a strict "Return-to-Source" policy. Any approved transaction reversals (refunds) must be credited exclusively to the original payment method. We categorically prohibit the redirection of value to third-party accounts or alternative financial destinations.
5.2 Counter-Fraud Protections:
We deploy 3D Secure (3DS) and hardware-level fingerprinting to mitigate unauthorized credit usage. Accounts associated with fraudulent chargeback activity or "friendly fraud" are subject to immediate and permanent deactivation.
5.3 Virtual Item Integrity:
Digital content and virtual items within our platform are for recreational use only. They possess no real-world monetary value and cannot be exchanged for legal tender. The Company prohibits and voids any assets acquired through unauthorized third-party "top-up" or secondary market services.
6. GLOBAL SANCTIONS AND OFAC COMPLIANCE
CoreCraft Game Limited strictly adheres to the sanctions programs administered by the Office of Foreign Assets Control (OFAC). All high-engagement user profiles are screened against the Specially Designated Nationals (SDN) list. The Company does not provide services to, or facilitate transactions from, sanctioned jurisdictions.
7. RECORD RETENTION AND DATA SECURITY
In compliance with U.S. financial safety and privacy laws (including COPPA), the Company retains all transaction logs, identity verification records, and risk assessment data for a minimum of five (5) years in a highly secure, encrypted archival system.
8. REPORTING AND ENFORCEMENT
Any user or entity found in violation of this AML and Counter-Fraud Protocol will face:
• Immediate termination of access to all Company services and assets.
• Formal reporting of suspected illicit activity to relevant federal authorities, including the FBI's Internet Crime Complaint Center (IC3) and FinCEN, where appropriate.
• Full data cooperation with our payment processors and banking partners to assist in their regulatory filing obligations.