VFTChain Compliance Statement

Effective Date: January 1, 2026 Last Updated: October 29, 2025 Version: 1.0

Official Compliance Declaration

VFT Chain LLC ("VFTChain") hereby declares its commitment to full compliance with all applicable laws, regulations, and industry standards governing cryptocurrency, blockchain technology, and decentralized platforms.

1. Regulatory Status

1.1 United States Compliance

Securities and Exchange Commission (SEC):

Status: VFTC token is classified as a UTILITY TOKEN, not a security
Legal Basis: Fails all four prongs of the Howey Test
Registration: No SEC registration required
Offering: No token sale or ICO conducted
Distribution: Airdrop and mining rewards only

Commodity Futures Trading Commission (CFTC):

Status: VFTC may be considered a commodity (acceptable classification)
Trading: Spot transactions only, no futures or derivatives
Jurisdiction: Activities fall outside CFTC regulatory scope

Financial Crimes Enforcement Network (FinCEN):

Classification: NOT a Money Services Business (MSB)
Reason: Non-custodial architecture, no transmission of funds
Registration: No FinCEN registration required
AML Obligations: Risk-based approach implemented voluntarily

Office of Foreign Assets Control (OFAC):

Compliance Level: FULL MANDATORY COMPLIANCE
Screening: Automated wallet and geolocation screening
SDN List: Daily updates and real-time transaction monitoring
Blocked Jurisdictions: Complete service denial to sanctioned countries

Internal Revenue Service (IRS):

Reporting: Monitoring Form 1099 requirements for GPU providers
User Obligations: Users responsible for tax reporting
Guidance: Following IRS Notice 2014-21 and subsequent guidance

1.2 State-Level Compliance

Money Transmitter Licenses:

Requirement: NOT REQUIRED
Reason: Non-custodial platform, no pooled funds, direct peer-to-peer transactions
Analysis: Legal opinions obtained for key states

New York BitLicense:

Status: NY residents currently excluded from platform
Timeline: Application preparation for Q1 2026
Strategy: Evaluate cost/benefit of NY market entry

1.3 European Union Compliance

Markets in Crypto-Assets Regulation (MiCA):

Status: MONITORING implementation (effective 2024-2025)
Classification: VFTC likely qualifies as utility token
Requirements: May require white paper publication and CASP registration
Timeline: Compliance plan for Q2 2026 if required

General Data Protection Regulation (GDPR):

Status: FULL COMPLIANCE
DPO: Data Protection Officer appointed (Thomas@vftchain.com)
User Rights: Access, deletion, portability, objection mechanisms implemented
Data Transfers: Standard Contractual Clauses for international transfers
Breach Notification: 72-hour reporting procedures established

5th Anti-Money Laundering Directive (5AMLD):

Status: Risk-based compliance approach
Registration: CASP registration under evaluation
Monitoring: Transaction monitoring and suspicious activity protocols

1.4 United Kingdom Compliance

Financial Conduct Authority (FCA):

Status: Monitoring cryptoasset regulations
Registration: Evaluating FCA registration requirement
Financial Promotions: All marketing reviewed for compliance
Timeline: Registration decision by Q1 2026

UK GDPR:

Status: FULL COMPLIANCE (separate from EU GDPR post-Brexit)
Representative: UK representative appointed

1.5 Asia-Pacific Compliance

Singapore (MAS):

Status: DPT exemption application filed
License: Standard Payment Institution license sought
Timeline: Response expected Q1 2026

Japan (FSA):

Status: MONITORING regulatory developments
Registration: Crypto exchange registration may be required
Market Entry: Evaluating Japan market opportunity

Australia (ASIC):

Status: Monitoring AML/CTF obligations
Registration: No immediate requirement identified

2. Non-Custodial Architecture Declaration

2.1 Core Principle

VFTChain operates as a NON-CUSTODIAL platform.

This means:

✅ We DO NOT:

Hold or custody user private keys
Control user wallets or funds
Transmit funds on behalf of users
Pool user funds in omnibus accounts
Have access to user tokens or assets
Control blockchain transactions

✅ We DO:

Provide a web interface to interact with blockchain protocols
Display blockchain data from public sources
Facilitate peer-to-peer connections for compute services
Offer educational resources and documentation

2.2 Legal Implications

This non-custodial architecture exempts VFTChain from:

FinCEN MSB registration requirements
State money transmitter licenses (48+ states)
Custodial fiduciary duties
Certain consumer protection regulations applicable to custodial services

2.3 User Responsibility

Users retain full control and responsibility for:

Private key security and backup
Transaction verification and signing
Tax reporting and compliance
Compliance with local laws and regulations
Recovery of lost or stolen keys (we cannot assist)

3. VFTC Token Utility Classification

3.1 Official Classification

VFTC is a UTILITY TOKEN, not a security.

3.2 Howey Test Analysis

The U.S. Supreme Court established the Howey Test for determining whether an asset is a security. VFTC fails ALL FOUR requirements:

1. Investment of Money:

❌ FAIL: VFTC is acquired through airdrops (free) or mining rewards (payment for services), not purchased as an investment
Evidence: No token sale, no ICO, no fundraising via VFTC

2. Common Enterprise:

❌ FAIL: No pooling of funds, no collective investment scheme
Evidence: Decentralized network of independent participants

3. Expectation of Profits:

❌ FAIL: VFTC provides immediate utility value (access to compute services)
Evidence: No promises of profits, no revenue sharing, no guaranteed returns
Marketing: All materials emphasize utility, not investment potential

4. Efforts of Others:

❌ FAIL: Value derived from decentralized network of users, not promoter efforts
Evidence: User-operated GPU mining network, open-source protocols, DAO governance path

CONCLUSION: VFTC is NOT a security under U.S. federal securities law.

3.3 Token Utility Functions

VFTC is required for:

Accessing GPU compute resources on the network
Paying for AI training and rendering services
Receiving mining rewards for compute provision
Participating in platform governance (future DAO)
Claiming airdrop allocations

3.4 External Legal Opinion

Status: External counsel opinion to be obtained before mainnet launch Firm: [Major blockchain law firm - to be selected] Scope: U.S. federal securities law analysis Update Frequency: Annual review

4. OFAC Sanctions Compliance

4.1 Compliance Mandate

OFAC compliance is MANDATORY and NON-NEGOTIABLE.

Violations carry severe penalties:

Civil: Up to $330,000 per violation or 2x transaction value
Criminal: Up to $20 million and 30 years imprisonment

4.2 Prohibited Jurisdictions

VFTChain COMPLETELY BLOCKS access from:

Tier 3 - Zero Tolerance:

🚫 North Korea (DPRK)
🚫 Iran
🚫 Syria
🚫 Cuba
🚫 Crimea region
🚫 Donetsk People's Republic
🚫 Luhansk People's Republic
🚫 Any OFAC-sanctioned territories

4.3 Screening Mechanisms

Automated Real-Time Screening:

Geolocation Screening: IP address blocking at connection
VPN/Proxy Detection: Advanced fingerprinting techniques
Wallet Address Screening: Comparison against OFAC SDN list
Transaction Monitoring: Real-time scanning before blockchain submission

SDN List Updates:

Frequency: Daily automated downloads
Source: OFAC SDN list (primary), EU/UK/UN sanctions lists (supplementary)
Action: Immediate blocking of newly sanctioned addresses

Blockchain Analytics:

Provider: Chainalysis (or equivalent)
Monitoring: Indirect exposure to sanctioned entities
Risk Scoring: Wallet risk assessment

4.4 Record Keeping

Retention Period: 5 years minimum Records Maintained:

All blocked transactions with timestamps and reasons
SDN list match incidents and resolutions
Geolocation blocks and circumvention attempts
Suspicious activity reports filed with OFAC

5. Anti-Money Laundering (AML) Framework

5.1 Risk-Based Approach

VFTChain implements a RISK-BASED AML FRAMEWORK appropriate for a non-custodial platform.

Low-Risk Activities (No KYC Required):

Connecting wallet to view interface
Browsing platform features
Checking airdrop eligibility
Small airdrop claims (<$10,000 value)
Basic GPU mining rewards

Medium-Risk Activities (Enhanced Monitoring):

Large airdrop claims ($10,000 - $50,000)
High-frequency transaction patterns
Unusual compute usage patterns

High-Risk Activities (KYC Required):

Enterprise service agreements
Large-value transactions (>$50,000)
Fiat on-ramp integration (if implemented)

5.2 Transaction Monitoring

Automated Red Flags:

Transactions involving high-risk jurisdictions
Wallet addresses flagged by Chainalysis
Structuring patterns (multiple transactions just below thresholds)
Rapid succession of high-value transactions
Geographic inconsistencies

Manual Review:

Compliance team investigates flagged transactions
Enhanced due diligence for suspicious patterns
SAR filing if criteria met

5.3 Suspicious Activity Reporting (SAR)

Threshold: Activities meeting FinCEN SAR criteria SAR Process:

Suspicious activity identified
Compliance Officer review within 24 hours
SAR filed with FinCEN within 30 days of detection
Records retained for 5 years
User NOT notified (prohibited by law)

SAR Criteria:

Money laundering indicators
Terrorist financing red flags
Sanctions evasion attempts
Fraud or scam patterns

6. Data Protection and Privacy

6.1 GDPR Compliance

Status: FULL COMPLIANCE Key Measures:

✅ Data Protection Officer (DPO) appointed
✅ Privacy Policy published and accessible
✅ User consent mechanisms implemented
✅ Data minimization practices
✅ Right to access, deletion, portability
✅ Breach notification procedures (72-hour rule)
✅ Data Processing Agreements with vendors
✅ Privacy by design and default

EU Representative:

VFTChain EU Limited
Dublin, Ireland
Contact: Thomas@vftchain.com

6.2 CCPA Compliance

Status: FULL COMPLIANCE California Consumer Rights:

✅ Right to know what data is collected
✅ Right to access personal information
✅ Right to delete personal information
✅ Right to opt-out of "sale" (we don't sell data)
✅ Right to non-discrimination

Opt-Out: We do NOT sell personal information

6.3 Blockchain Privacy Considerations

IMPORTANT DISCLOSURE:

Blockchain transactions are:

Public: Visible to anyone on Solana blockchain
Permanent: Cannot be deleted or modified
Pseudonymous: Wallet addresses not directly linked to identities, but can be traced

We CANNOT:

Delete blockchain transactions (technically impossible)
Hide wallet addresses from public view
Make blockchain data private
Comply with "right to erasure" for on-chain data

This is a fundamental limitation of blockchain technology, not a policy choice.

7. Consumer Protection

7.1 Transparency Commitments

VFTChain commits to:

✅ Clear, accessible Terms of Service
✅ Comprehensive Privacy Policy
✅ Risk disclosures for all activities
✅ No hidden fees or surprise charges
✅ Accurate representation of services
✅ Prompt customer support responses

7.2 Prohibited Representations

VFTChain will NEVER:

❌ Guarantee profits or returns
❌ Claim VFTC is an investment
❌ Promise token price appreciation
❌ Misrepresent risks
❌ Provide financial advice
❌ Make false or misleading statements

7.3 Customer Support

Support Channels:

Email: support@vftchain.com
Response Time: 24-48 hours for standard inquiries
Legal Inquiries: Thomas@vftchain.com
Compliance Issues: Thomas@vftchain.com

8. Smart Contract Security

8.1 Security Measures

Pre-Deployment:

✅ External smart contract audits (minimum 2 firms)
✅ Bug bounty program
✅ Internal code reviews
✅ Testnet deployment and testing

Post-Deployment:

✅ Continuous monitoring for exploits
✅ Emergency pause mechanisms (where applicable)
✅ Upgrade procedures (via DAO governance)
✅ Incident response plan

8.2 Audit Reports

Status: Audits to be completed before mainnet launch Audit Firms (Planned):

[Major blockchain audit firm #1]
[Major blockchain audit firm #2]

Public Disclosure: All audit reports will be published

8.3 Bug Bounty Program

Status: To be launched with mainnet Scope: Smart contracts, web platform, infrastructure Rewards: Up to $100,000 for critical vulnerabilities

9. Governance and Decentralization

9.1 Decentralization Roadmap

Phase 1 (2025-2026): Foundation Governance

VFT Chain LLC operates platform
Community input via forums and proposals
Transparent decision-making

Phase 2 (2026-2027): Hybrid Governance

VFTC token voting on key decisions
Foundation retains operational control
Progressive decentralization

Phase 3 (2027+): Full DAO

On-chain governance via VFTC tokens
Foundation becomes executor only
Community-driven platform evolution

9.2 Legal Structure

Current Entity:

VFT Chain LLC (Delaware)
Address: c/o Corporation Service Company, 251 Little Falls Drive, Wilmington, DE 19808

Future DAO Structure:

Cayman Islands Foundation Company (planned)
Token holders as beneficial owners
On-chain voting = binding governance

10. Intellectual Property Protection

10.1 Trademarks

Registered/Pending Trademarks:

VFT CHAIN®
VFTCHAIN™
VFT™
"Mine Intelligence" (tagline)

Protection: U.S. and international trademark protection

10.2 Patents

Status: Patent pending Coverage: Proprietary technology for decentralized GPU compute marketplace

10.3 Open Source Commitments

Code Licensing:

Protocol smart contracts: Open source (MIT License)
Client applications: Open source (Apache 2.0 License)
Proprietary components: Limited to infrastructure management

11. Compliance Monitoring and Reporting

11.1 Internal Monitoring

Daily:

OFAC SDN list updates
Sanctioned wallet screening
Transaction monitoring alerts
Security incident checks

Weekly:

Regulatory news monitoring
Legal precedent review
Risk assessment updates

Monthly:

Compliance metrics dashboard
Policy and procedure review
Training completion tracking

Quarterly:

Full regulatory environment scan
Compliance committee meeting
External counsel consultation
Board compliance report

Annually:

Comprehensive external audit
Legal opinion updates
Policy overhaul (as needed)
Strategic compliance planning

11.2 Compliance Team

Chief Compliance Officer:

Email: Thomas@vftchain.com
Reports to: Board of Directors

Data Protection Officer:

Email: Thomas@vftchain.com
EU Representative: VFTChain EU Limited, Dublin

Legal Counsel:

Email: Thomas@vftchain.com

11.3 Training and Awareness

Employee Training:

Annual AML/sanctions training (mandatory)
Role-specific compliance training
Ongoing regulatory updates
Compliance culture promotion

Completion Tracking: 100% employee participation required

12. Incident Response

12.1 Compliance Breach Protocol

Discovery:

Immediate notification to Chief Compliance Officer
Preliminary investigation within 24 hours
Board notification if material breach

Investigation:

Fact-gathering and evidence preservation
Root cause analysis
Impact assessment (legal, financial, reputational)

Remediation:

Immediate corrective action to stop violation
Enhanced controls to prevent recurrence
User notification (if required by law)
Regulatory self-disclosure (if appropriate)

12.2 Security Incident Response

Detection:

24/7 security monitoring
Automated alert systems
User reports

Response:

Incident containment within 1 hour
User notification within 24 hours (if affected)
Regulatory notification within 72 hours (GDPR)
Public disclosure (if material)

13. Ongoing Legal Review

13.1 Regular Updates

Legal Framework Review:

Quarterly assessment of regulatory changes
Annual comprehensive policy update
Immediate response to adverse developments

External Counsel:

Ongoing relationship with blockchain law specialists
Quarterly consultations
On-call for urgent matters

13.2 Regulatory Engagement

Proactive Engagement:

Monitoring SEC, CFTC, FinCEN guidance
Participation in industry associations
Comment letters on proposed regulations
Dialogue with regulators (when appropriate)

Industry Collaboration:

Blockchain Association membership
Chamber of Digital Commerce participation
Best practices sharing

14. User Obligations

14.1 User Representations

By using VFTChain, users represent that:

They are at least 18 years old
They are not located in prohibited jurisdictions
They are not on OFAC SDN or other sanctions lists
They comply with all applicable laws
They are responsible for their own tax obligations

14.2 Prohibited Uses

Users may NOT use VFTChain for:

Money laundering or terrorist financing
Sanctions evasion
Illegal activities
Fraud or market manipulation
Violation of third-party rights

15. Disclaimers

15.1 No Investment Advice

VFTChain does NOT provide:

Investment advice or recommendations
Financial planning services
Predictions of token value
Guaranteed returns or yields

Users should consult qualified professionals for financial advice.

15.2 No Guarantees

VFTChain does NOT guarantee:

Platform uptime or availability
Specific compute performance
Token value or liquidity
Freedom from bugs or exploits
Regulatory compliance outcomes

15.3 Limitation of Liability

Maximum Liability: Lesser of $100 USD or fees paid in prior 12 months Excluded Damages:

Indirect, incidental, or consequential damages
Loss of profits or revenue
Loss of cryptocurrency or tokens
Smart contract exploits

16. Regulatory Contact Information

16.1 For Regulators

Official Compliance Inquiries:

Email: Thomas@vftchain.com
Response Time: 48 hours for regulatory requests

Chief Compliance Officer:

Email: Thomas@vftchain.com

Legal Counsel:

Email: Thomas@vftchain.com

Mailing Address: VFT Chain LLC c/o Corporation Service Company 251 Little Falls Drive Wilmington, DE 19808 United States

16.2 For Law Enforcement

Subpoena Compliance:

Email: Thomas@vftchain.com
Fax: [To be established]
Note: Due to non-custodial architecture, we have limited user data

Emergency Requests:

Email: Thomas@vftchain.com (mark URGENT)
Response: Within 24 hours

17. Public Transparency

17.1 Document Availability

All compliance and legal documents are publicly available at:

Website: https://vftchain.com/legal/ Documents Published:

Terms of Service
Privacy Policy
Compliance Framework
Cookie Policy
Securities Disclaimer
AML Policy
Risk Disclosures
Airdrop Terms
Acceptable Use Policy
THIS COMPLIANCE STATEMENT

17.2 Updates and Changes

Notification:

Material changes: 30 days advance notice
Minor changes: Immediate posting
Users notified via email and website banner

Version Control:

All documents versioned (semantic versioning)
Historical versions archived

18. Attestation

VFT Chain LLC hereby attests that:

✅ We have implemented comprehensive compliance policies and procedures
✅ We maintain a culture of compliance throughout the organization
✅ We conduct regular compliance audits and risk assessments
✅ We cooperate fully with regulators and law enforcement
✅ We prioritize user protection and transparency
✅ We commit to ongoing compliance with evolving regulations
✅ We operate in good faith and with integrity

This Compliance Statement is a living document and will be updated as regulations evolve and our platform grows.

19. Contact Information

General Inquiries

Email: info@vftchain.com

Legal & Compliance

Email: Thomas@vftchain.com Compliance Officer: Thomas@vftchain.com Data Protection Officer: Thomas@vftchain.com

Regulatory Affairs

Email: Thomas@vftchain.com

Support

Email: support@vftchain.com

Compliance Statement Version: 1.0 Effective Date: January 1, 2026 Last Updated: October 29, 2025 Next Review: January 31, 2026

Signed and Approved By: VFT Chain LLC Delaware Limited Liability Company October 29, 2025

This Compliance Statement demonstrates VFTChain's commitment to operating as a lawful, transparent, and responsible participant in the blockchain and cryptocurrency ecosystem. We welcome dialogue with regulators and remain committed to adapting our practices as regulations evolve.

For Public Distribution Regulators and Legal Authorities: Please contact Thomas@vftchain.com