Compliance

1. Our Commitment to Compliance

CamelStone LLC ("CamelStone") maintains a rigorous compliance program designed to ensure adherence to applicable laws, regulations, and industry best practices. Our compliance framework covers anti-money laundering (AML), know-your-customer (KYC), sanctions screening, investor accreditation verification, and data protection. We are committed to operating with the highest standards of integrity and transparency.

2. Know Your Customer (KYC)

Before granting access to investment opportunities, CamelStone conducts thorough identity verification on all prospective investors. Our KYC process includes:

• Verification of government-issued photo identification
• Confirmation of residential address through utility bills or bank statements
• Verification of accredited investor status through documented evidence of income, net worth, or professional certifications
• Enhanced due diligence for politically exposed persons (PEPs) and high-risk jurisdictions

All KYC documentation is securely stored and processed in accordance with applicable data protection regulations. We partner with industry-leading identity verification providers to ensure accuracy and efficiency.

3. Anti-Money Laundering (AML)

CamelStone has implemented a comprehensive AML program that includes transaction monitoring, suspicious activity reporting, and ongoing customer due diligence. Our AML procedures are designed to detect and prevent the use of our platform for money laundering, terrorist financing, or other illicit activities. All employees receive regular AML training to stay current with evolving regulatory requirements and typologies.

4. Sanctions Compliance

We screen all investors, counterparties, and transactions against applicable sanctions lists, including those maintained by the Office of Foreign Assets Control (OFAC), the United Nations Security Council, the European Union, and other relevant authorities. We do not onboard or transact with individuals or entities that appear on any applicable sanctions list. Screening is conducted at onboarding and on an ongoing basis.

5. Data Protection

CamelStone complies with applicable data protection regulations, including the Saudi Arabia Personal Data Protection Law (PDPL) and, where applicable, the European Union General Data Protection Regulation (GDPR). We collect only the personal data necessary for providing our services and fulfilling regulatory obligations. Our data protection measures include encryption at rest and in transit, access controls, regular security audits, and incident response procedures. For more details, please refer to our Privacy Policy.

6. Investor Accreditation

All investors must meet the accreditation requirements applicable in their jurisdiction before participating in any investment opportunity on our platform. For US-based investors, this means meeting the definition of an "accredited investor" under Rule 501 of Regulation D of the Securities Act of 1933. We verify accreditation through documentation review or third-party verification services and may require periodic re-verification.

7. Reporting and Record-Keeping

CamelStone maintains comprehensive records of all compliance activities, including KYC documentation, transaction records, screening results, and training records. These records are retained for the minimum periods required by applicable regulations and are available for inspection by relevant regulatory authorities upon request. We file all required regulatory reports in a timely manner and cooperate fully with regulatory inquiries.

8. Contact Our Compliance Team

If you have questions about our compliance program or wish to report a concern, please contact our compliance team at compliance@camelstone.com. We take all reports seriously and investigate them promptly. Whistleblower protections are in place for individuals who report concerns in good faith.