Crypto-Asset Transfer Policy

MBI.COM Sp. z o.o.

Effective Date: February 2026

1. Purpose and Scope

This Crypto-Asset Transfer Policy ("Policy") establishes the operational rules, compliance procedures, and technical safeguards governing the routing and execution of crypto-asset transfers carried out by MBI.COM Sp. z o.o. ("the Company") through the Bitprime platform.

The Company operates under a transaction execution (transit) model.

The Company does not maintain client accounts or stored balances and does not provide custodial wallet services.

Any handling of crypto-assets is strictly limited to the technical execution of transactions and is temporary in nature.

Crypto-assets may be routed through the Company's operational infrastructure solely for the purpose of completing a transaction and are transferred to the Client's designated external wallet without delay.

The Company does not retain crypto-assets beyond the time required to execute a transaction.

This Policy ensures that all crypto-asset transfers facilitated by the Platform are conducted in accordance with applicable European Union regulatory frameworks, including:

  • Regulation (EU) 2023/1114 (MiCA)
  • Regulation (EU) 2023/1113 (TFR)

The Policy applies to all crypto-asset transfers executed through the Bitprime Platform available at bitprime.io, including:

  • fiat-to-crypto exchange transactions

2. Definitions

For the purposes of this Policy, the following definitions apply.

  • Client / User: Any natural person or legal entity accessing the Platform and using the Services.
  • Platform: The Bitprime platform operated by the Company and accessible through bitprime.io.
  • Crypto-Asset Transfer: A transaction involving the movement of a crypto-asset from one distributed ledger address to another through a blockchain network, initiated as part of a transaction processed by the Platform.
  • Transaction Execution (Transit) Model: A service architecture in which the Company facilitates crypto-asset transactions without maintaining client balances or providing ongoing custody. Any control over crypto-assets is strictly temporary and limited to the execution of a transaction.
  • Self-Hosted Wallet: A blockchain wallet that is not maintained by a regulated service provider and is controlled directly by the user through private keys.
  • Distributed Ledger Technology (DLT): A technological infrastructure that enables the recording, validation, and storage of transactions across a decentralized network of nodes.
  • Travel Rule: Regulatory requirements established under the EU Transfer of Funds Regulation requiring the transmission and storage of originator and beneficiary information for crypto-asset transfers.

3. Supported Crypto-Assets and Blockchain Networks

The Company facilitates transfers only for crypto-assets and blockchain networks explicitly supported by the Platform.

Examples of supported assets may include:

  • Bitcoin (BTC)
  • Ethereum (ETH)
  • Litecoin (LTC)
  • Ripple (XRP)
  • TRON (TRX)
  • Bitcoin Cash (BCH)

Supported token standards may include:

  • ERC-20
  • native blockchain assets

The current list of supported crypto-assets and blockchain networks is displayed on the Platform.

The Client is solely responsible for:

  • selecting the correct blockchain network
  • submitting a valid destination wallet address

Transfers sent through unsupported networks or incompatible protocols may result in permanent and irreversible loss of assets.

The Company bears no responsibility for such losses.

4. Transfer Execution Process

Crypto-asset transfers are executed only as part of a fiat-to-crypto transaction.

Transactions are initiated only after receipt of fiat funds from the Client via an approved payment service provider.

The Company executes crypto-asset transactions through third-party liquidity providers and does not act as a principal trading counterparty.

The transfer process consists of the following stages:

4.1 Order Initiation

The Client submits an order through the Platform specifying:

  • the crypto-asset to be purchased
  • the destination wallet address
  • the blockchain network

4.2 Compliance and Security Screening

Before execution, the transaction is automatically screened for:

  • sanctions exposure
  • suspicious activity
  • links to illicit blockchain addresses

The Company may delay, block, or reject a transaction if compliance concerns are identified.

4.3 Transaction Execution

Once the transaction is approved, the crypto-asset is executed via a third-party liquidity provider.

4.4 Transfer to Client Wallet

As part of transaction execution, crypto-assets may be temporarily processed through the Company's technical infrastructure before being transferred to the Client's designated external wallet.

The Company does not maintain ongoing custody or control over such assets beyond the execution of the transaction.

5. Blockchain Confirmations and Finality

Blockchain networks require a certain number of confirmations before transactions are considered final. The confirmation requirements vary depending on the blockchain.

Once a transaction:

  • has been broadcast to the network, and
  • has received the required confirmations

it becomes irreversible.

The Company cannot cancel, reverse, or modify blockchain transactions after broadcast.

6. Transparency and Transaction Information

The Platform provides Clients with transparent transaction data including:

  • detailed fee breakdowns
  • exchange rates applied to the transaction
  • blockchain network fees
  • transaction identifiers (TXID or transaction hash)

Clients may track their transfers using public blockchain explorers.

7. Travel Rule Compliance

In accordance with Regulation (EU) 2023/1113 (Transfer of Funds Regulation), the Company implements measures to ensure traceability of crypto-asset transfers.

For each transaction, the Company collects and stores information including:

Originator Information:

  • full legal name
  • verified identity details
  • blockchain address used for the transfer

Beneficiary Information:

  • beneficiary name (where applicable)
  • destination blockchain address

This information may be transmitted to other regulated crypto-asset service providers when required by law.

8. Self-Hosted Wallet Verification

Transfers involving self-hosted wallets may present additional compliance risks.

For transfers exceeding EUR 1,000, the Company may implement enhanced verification measures to confirm that the destination wallet is controlled by the Client.

Such measures may include:

  • blockchain signature verification
  • micro-transaction verification
  • user declarations
  • additional identity checks

The Company reserves the right to reject transfers where wallet ownership cannot be sufficiently verified.

9. Transaction Monitoring and Risk Controls

The Platform uses automated monitoring systems to detect suspicious or high-risk transactions.

Monitoring measures include:

  • blockchain analytics tools
  • sanctions screening
  • detection of links to illicit services such as mixers or darknet markets
  • behavioural monitoring of transaction patterns

Transactions identified as high-risk may be:

  • delayed
  • suspended
  • reported to competent authorities

10. Risk Disclosure

Crypto-asset transfers involve significant operational and market risks.

These risks include but are not limited to:

  • irreversible blockchain transactions
  • blockchain network congestion
  • software vulnerabilities
  • forks or protocol changes
  • volatility of crypto-asset prices

Clients acknowledge and accept these risks when using the Platform.

The Company does not guarantee the performance or security of any blockchain network.

11. Operational Security

To ensure secure processing of crypto-asset transfers, the Company implements industry-standard security controls.

These controls may include:

  • multi-signature transaction authorization
  • MPC (Multi-Party Computation) key management
  • hardware security modules
  • access control and authentication procedures
  • transaction authorization policies

Operational wallets used for routing transactions are secured using these technologies.

Such wallets are used solely for transaction execution purposes and do not store client assets beyond the time required to complete a transfer.

12. Limitation of Liability

The Company's responsibility is limited to the correct execution of crypto-asset transfers based on the instructions provided by the Client.

The Company shall not be liable for losses resulting from:

  • incorrect wallet addresses provided by the Client
  • use of unsupported blockchain networks
  • loss of access to a Client's wallet
  • blockchain network failures
  • protocol changes or blockchain forks
  • delays caused by network congestion

13. Record-Keeping and Data Retention

The Company maintains records of all crypto-asset transfers in accordance with applicable regulatory requirements.

Stored information may include:

  • transaction timestamps
  • blockchain addresses
  • asset types
  • transaction hashes
  • compliance screening results

Transfer records are retained for a minimum period of five (5) years, or up to ten (10) years where required by AML regulations.

Such records may be disclosed to competent authorities upon lawful request.

14. Business Continuity

The Company maintains internal procedures designed to ensure operational resilience and continuity of services.

These procedures include:

  • system redundancy
  • disaster recovery protocols
  • incident response procedures
  • cybersecurity monitoring

The objective of these measures is to maintain the availability of the Platform and the integrity of transfer operations.

15. Policy Review and Updates

This Policy is reviewed periodically to ensure continued compliance with:

  • MiCA regulatory requirements
  • Transfer of Funds Regulation obligations
  • applicable AML and counter-terrorist financing laws

Material updates to this Policy may be published on the Platform.

Continued use of the Platform constitutes acceptance of the updated Policy.