Disclosures

Risk Disclosure Statement

We have been requested by the Virtual Assets Regulatory Authority to publish a detailed  description of all material risks associated with Virtual Assets, including the following: 

Virtual Assets – 

· May lose their value in part or in full and are subject to extreme volatility at times; · may not always be transferable and some transfers may be irreversible; · may not be liquid; 

· Some transactions are not private and may be recorded on public Distributed Ledger  Technology (DLTs); and 

· May at no fault of our own be subject to fraud, manipulation, theft, including through  hacks and other targeted schemes and may not benefit from legal protections. 

This Risk Disclosure Statements outlines a non-exhaustive list of material risks that are  associated with the Virtual Assets and WadzPay’s business: 

(i) Financial Risk 

Financial risk refers to not having adequate capital or liquidity to compete and carry out  business. It also refers to the inability to pay to debtors and creditors. 

(ii) Market Risk 

Market risks refer to the possibility of financial losses arising from changes in the value of  virtual assets. These changes could be caused by various factors such as economic events,  political events and other factors that affect the markets. 

(iii) Business Strategy Risk  

Business strategy risk is the risk that a company’s strategic decisions or plans may not achieve  the desired outcome or may result in unexpected negative consequences. It is the risk of  failure to execute a company’s strategy or the possibility that the strategy may become  obsolete due to changes in the business environment. 

(iv) Product Risk 

New products and business initiatives as well as major changes to existing products may  cause certain risks to companies. Having multiple products with different risk characteristics  assist to mitigate risks.  

(v) Customer Risk 

This risk refers to a company being adversely impacted by difficulties faced by customers. For  example, a customer may encounter financial difficulties and the Company’s overall risk also  increases if customer base is largely from high-risk categories such as high risk countries,  engaged in high risk products or services and if they are politically exposed persons.  

(vi) Employee Fraud and Retention Risk 

Employee fraud risk and employee retention risks are two main risks faced by companies.  Some fraud risks pertain to operational matters and others more general in nature including  risk of making fraudulent statement to counterparties, customers, service providers and the  Authority. Employee retention risk pertains to key people of the organisation leaving and not having adequate replacements in the organisation. It also refers to risk of hiring non competent  employees to carry out significant duties and functions in the organisation. 

(vii) Operational Risk 

Operational risk refers to the risk of loss resulting from inadequate of failed internal processes,  systems, human errors, or external events. It is the risk of disrupting to a company’s daily  operations, leading to financial or reputational losses. 

Operational risks can arise from a wide range of factors, including: 

• Human error or negligence; 

• System failures, such as technology breakdowns, hardware or software malfunctions, or cyber-attacks; 

• External events, such as natural disasters;

• Legal or compliance failures, such as violation of laws or regulations;

(viii) Technology Risk 

Technology risks refers to failure of technology and information systems to adequately support  the business. It also refers to unauthorised access and attacks to systems which causes  unwarranted risks such as customer data leak and business confidential information leak  which leads to reputation damage to the Company. 

System failures can lead to downtime, lack of communication and loss of critical information.  

(ix) Business Continuity Risk 

Business continuity risk refers to the risk of disruption to a company's operations due to  unexpected events, such as natural disasters, cyber-attacks, or other incidents that can cause  a significant impact on the business. Business continuity risk can lead to a disruption of critical  business processes, systems, and infrastructure, resulting in financial losses, reputational  damage, and other negative consequences. 

(x) Compliance and Regulation Risk 

Compliance and regulatory requirements are potential risk factors that company to assess to  either be deemed to have violated law or regulations. All licensed companies are obligated to  adhere to regulation obligations in order to maintain its license and ensure it is adhering to  fiduciary duties to its customers. 

Failure to comply with regulations and compliance may result in penalties and fines, removal  of key officers and in serious enough breach it may result in imprisonment, ban from doing  regulated activities and also cessation of licence. 

(xi) Outsourcing Risk 

Outsourcing risk can hurt a company in many ways—from failed controls that cause a vendor  to violate laws or regulations to poor management oversight. In fact, outsourcing risk is the  most encompassing vendor management risk.  

An effective governance approach must have a clear insight in the performance of a supplier  and the risks associated with the service being delivered. It makes sure the controls  commensurate with the level of value at risk presented by the outsourcing engagement. Any  lack of controls will leave the organisation exposed to value loss. An excess of controls on the  other hand will result in unnecessary efforts and costs.

(xii) Third-Party Risk 

The use of certain third-party services by the Company may not always constitute outsourcing.  However, as many of these services are provisioned or delivered using IT, or may involve  confidential or sensitive customer information being stored or processed electronically by the  third party, the Company’s operations and its customers may be adversely impacted if there  is a system failure or security breach at the third party.  

the Company will assess and manage its exposure to technology risks that may affect the  confidentiality, integrity and availability of the IT systems and data at the third party before  entering into a contractual agreement or partnership.  

On an ongoing basis, the Company should ensure the third party employs a high standard of  care and diligence in protecting data confidentiality and integrity as well as ensuring system  resilience. 

(xiii) Conflict of Interest Risk 

Conflict of interest may occur when a personal interest or relationship is placed before the  Company’s interest and customers’ interest. the Company may from time to time find itself in  a position where conflict of interest may arise. If the conflicts are not identified and reconciled,  it can lead to loss in revenue, reputational damage, legal or Authority’s action against the  Company.  

This may arise when: 

• Interest of the Company conflicts with those of customer. 

• Interest of one customer of the Company conflict with those of another customer of the  Company. 

• One subsidiary has obtained confidential information relating to an existing customer which  can benefit/ be value of another group entity of the Company Group.  

(xiv) Financial Crime Risks 

AML/CFT measurements are the core of the Company’s financial crime mitigation strategy. 

Sound CDD policies and procedures will reduce the risk of the Company being used as an  intermediary for money laundering or other illegal activities. Therefore, CDD policies and  procedures will be reviewed and updated periodically.  

Besides individual clients, ML/TF risks are also associated with virtual assets, virtual assets  related products and services, and technologies associated with VA Activities. 

(xv) Consumer Protection Risks 

Regulators are increasingly concerned about a range of consumer protection issues as  virtual assets industry continues to grow and evolve. Some of the key areas are: 

• Communication with clients and marketing campaigns. There are restrictions and  regulatory requirements on marketing activities in different regions that the Company  needs to be aware and action on accordingly. 

• Legal risks. Those are risks arising from the contractual agreements with clients. • Disclosure and Reporting. Risks arising from the nature of terms of business, periodic  statements and other documentation provided to clients. 

• Client assets. Risks arising from the Company holding or controlling of client money  or assets.

(xvi) Virtual Assets Related Risks 

Virtual Asserts are a young and emerging market—with many projects still in the stage of  explosive price discovery. This in turn results in an unusually high price volatility that you  wouldn't expect to see with other asset types. 

Private keys function as a verification mechanism embedded in the crypto wallet, allowing one  to sign and send transactions from his/her wallet balance. A secure wallet and an appropriate  backup method, and avoid storing any private key backups on an internet-connected device  are essential to safeguard one’s virtual assets.  

Virtual assets holders and users are also often targeted by scammers and tricksters. It is  especially important to be wary of fake websites and phishing emails that pretend to be from  reputable sources—no reputable crypto asset issuer or service provider will ask for your  private keys or passwords.

Disclaimer: *WadzPay is a B2B technology provider. All regulated activities featured in WadzPay are conducted by licensed entities in applicable jurisdictions.