Application to be registered as a Recognized Market Operator (RMO) to the Securities Commission Malaysia

1. MX EXCHANGE
List of Annexures
Feb 2019
https://mx.exchange/

2. Document Name Description
Terms and Conditions - Terms and Conditions
Business Processes
Includes business processes describing the following:
- Client onboarding
- Customer Account Upgrade
- Ongoing Due Diligence (ODD)
- Enhanced On-Going Due Diligence (EDD)
- Regulatory
- Transaction Monitoring
- Customer Dormant / Inactive Account
- Customer Complaint Handling
- Suspension of Exchange
Business Processes – Client specific
Includes business processes describing the following:
- Deposit (Fiat and Digital Asset)
- Withdrawal (Fiat and Digital Asset)
- Buy: Market Order/ Instant Buy/ Limit Order (Digital Asset)
- Sell: Market Order/ Instant Sell/ Limit Order (Digital Asset)
Business Continuity Management and Disaster
Recovery Plan
- Business Continuity Management Plan including business continuity and recovery
organization, overall strategy to mitigate failure scenarios
- Disaster Recovery Plan and Procedures
Corporate Governance and Risk Management
Policy
- Governance and Operational Framework
- Risk Management Process and Mitigation Measures
IT Security Policy and Procedure
- IT Security Procedure
- IT Policy
- Vulnerability Management Procedure
- Incident Management Procedure
ANNEXURE (1/3)

3. Document Name Description
AML/CFT Policy
- Appendix I: Guideline on Sanction
- Appendix II: Guideline on Suspicious
Transaction
- Appendix III: Guideline on Risk Profiling of
Customer
- Appendix IV: List of prohibited countries
- Consisting of requirements and guidelines around Know Your Customer (KYC) / Customer
Due Diligence (CDD), Anti-Money Laundering (AML) / Countering Financing of Terrorism
(CFT)
- Includes guideline on sanction screening, suspicious transaction monitoring, and risk
profiling of customers
- Includes list of countries which are deemed as high risk / low risk and on the exchange’s
stance on dealing with customers from such countries
Customer Complaints Handling Policy - Customer Complaints and Dispute Resolution policy and procedure
Conflict of Interest Management Framework - Conflict of interest management framework for employees, clients, etc.
Risk Management Framework
- Risk Management Framework including mitigating steps for identified key risks and
proposed list of controls to be implemented
- IT Risk and Security Management Framework
Organisational Chart
- Organisation Structure
- Roles and Responsibilities
Financial Statements
- Financial statements since commencement of operations, including statement of cash
flow, balance sheet, and income statement
Operating Model and Business Plan - An overview of the operating model for MX Exchange and business plan for MX Exchange
Financial Forecasts
- Monthly cash flow forecast for first twelve (12) months of going live
- Pro forma income statement for first five (5) years of going live and up to year profit is
achieved
Internal Audit
- Letter of undertaking by Audit Company
- Audit Company’s Profile
- Profile for Internal Audit Lead
Recovery and Resolution Processes Recovery and Resolution Processes based on identified key trigger events
ANNEXURE (2/3)

4. Document Name Description
Operations Oversight Policy
Sets out mandatory procedures and operating requirements for Digital Asset Exchange (DAX)
operations to ensure:
- Proper conduct of DAX Operator and integrity of the operations;
- Proper management of cash, digital asset and liquidity.
Privacy Policy
Privacy Policy describes how we collect, process, use and disclose customer’s personal data in
relation to access and use of MX Global products and services.
Self-Declared Risk Acknowledgment Form Risk acknowledgment form to be agreed by the customers
Trustee Letter of Appointment Letter of Appointment of Trustee
ANNEXURE (3/3)