Wallet Address Change Request Policy

1. Purpose

This Wallet Address Change Policy outlines the procedures and controls in place for users requesting a change to their registered wallet address due to reasons such as hacking, compromised access, or other acceptable reasons (refer to Section 3 – Acceptable Reasons for Change). It is designed to protect both Solidus AI Tech Ltd (“Solidus AITECH”, “Solidus”, “AITECH”, “we”, “us”, or “our”) and its users from fraud, impersonation, and unauthorized requests.

2. Scope

This policy applies to all registered AITECH platform users who have previously linked a wallet address to their account and now request to update or replace it.

3. Acceptable Reasons for Change

Users may request a wallet address change for the following reasons:

• Wallet has been hacked or compromised

• Loss of access to the wallet due to private key loss

• Migration to a more secure wallet provider

• Mistaken use of an incompatible or exchange-based wallet

• Technical issue or bug with wallet software

• Wallet provider discontinued or blacklisted

• Regulatory or security concerns (e.g., wallet is linked to a darknet market, sanctioned or blocked service provider)

• Legal or court-mandated wallet replacement

NOTE: AITECH reserves the right to request supporting documentation or reject requests that appear suspicious or unjustified.

4. How to Request a Wallet Address Change

All requests must be submitted via email to [email protected] with the subject line:

“Wallet Address Change Request – [Username or Email Registered with AITECH]”

Required Information:

• Full name (as registered on AITECH)

• Registered email address

• Current wallet address on file

• Reason for wallet change

• New wallet address

• A government-issued ID (front and back)

• A live selfie holding the ID and a handwritten note with today’s date and the phrase: “AITECH Wallet Change Request”

It is mandatory for the requester (user) to include the following user acknowledgement statement in the email:

“I confirm that the new wallet address provided belongs to me and that I fully understand this wallet address change is final and irreversible.”

NOTE: Once your request is received, our support team will assign a unique case number. This number will be referenced in all follow-up communication and status updates related to your request. Please keep it for your records.

5. Verification & Internal Review Procedures

To ensure the requester is the legitimate user and not an imposter, the following security checks will be conducted:

5.1. Identity Verification

• Review of submitted ID and selfie against user profile

• Cross-match with email and transaction history (if available)

• KYC file review (if applicable)

5.2. KYC Review and Validity

• Once the wallet address change request is received via email, the Compliance Team will first assess the validity and status of the user's KYC file.

• If the user’s KYC record is found to be expired, invalid, incomplete, or non-compliant with current regulatory requirements, the user will be required to re-complete and pass the full KYC verification process before Compliance can proceed with reviewing the wallet address change request.

• Compliance will send the user a secure KYC verification link via email with instructions.

• Completion of this KYC process is mandatory and a prerequisite for initiating the compliance review.

• The user is given 5 business days to complete the mandatory KYC or the wallet address change request will be rejected.

• The case will be placed on temporary hold until a valid and approved KYC record is confirmed in the system.

• Compliance may request:

- A new valid government-issued ID

- Updated proof of identity or residency (if applicable)

- Resubmission of documents through an authorized KYC provider or platform

• The Compliance Team will only resume review of the wallet address change request after successful re-verification or confirmation that the current KYC on file is valid.

NOTE: If the user refuses or fails to complete the updated KYC process with the given timeframe, the wallet change request will be rejected on compliance grounds.

5.3. Behavioral and Technical Verification (if needed)

• IP log review and geolocation match

• Review of recent account activities and login pattern anomalies

• Internal system alerts for suspicious activities

5.4. Secondary Verification (if risk detected)

• Additional video verification or a live call with the user

• Request for previous transaction history or proof of ownership of original wallet

5.5. Compliance Due Diligence Review

As part of the wallet address change vetting process, Compliance will conduct a due diligence review using a combination of proprietary systems and publicly available tools to assess the legitimacy of the user and the wallet address.

This review may include, but is not limited to:

• Screening the wallet address for associations with sanctions, fraud, illicit activity, or high-risk entities

• Checking the user and wallet for any history linked to scams, blacklists, or non-compliant services

• Conducting an adverse media and negative news search on the user identity and wallet address

• Verifying consistency of on-chain behavior with platform account activity

Compliance review typically takes 2–3 business days from the date all required documentation is received. With the following exceptions in the review process that may take longer in cases where:

• Potential fraud, identity mismatch, or irregular behavior is identified

• Sanctions, negative news, or adverse media hits are found

• Further clarification or documentation is required from the user to complete verification

6. Approval, Execution and Notification

• Once the request has passed all verification checks, the Compliance Analyst will escalate the case to the designated Compliance Officer for final review and approval.

• Approved requests will result in the new wallet address being updated within 1–2 business days.

• The user will receive confirmation via email with their case number and status update.

• All cases must be recorded in the Wallet Address Change Request Log for auditability and traceability. This log includes key details such as case number, user identity, old and new wallet addresses, reason for change, compliance reviewer(s), and approval status.

User Notification

A Compliance team member will inform the user of the final decision via email using pre-approved templates.

The notification will have the following information:

• Case Number

• Final decision (Approved/Denied)

• Summary of findings (optional if sensitive)

• Instructions or follow-up (if applicable)

NOTE: Wallet address changes are irreversible. AITECH is not responsible for any loss resulting from incorrect wallet information provided by the user.

7. No Fees for Wallet Address Change

We believe in transparency and fairness when it comes to user account management. As such, we confirm that submitting a wallet address change request is entirely free of charge.

No administrative, processing, or service fees will be imposed in connection with the review, approval, or execution of wallet address change requests. This approach aligns with our commitment to consumer protection, regulatory transparency, and fair treatment under EU MiCA Article 63(1) and related consumer law obligations.

8. Provision of Forged or Fraudulent Documents

In the event that a user submits false, forged, or misleading documents during the KYC process required for a wallet address change, the following consequences will apply:

• Immediate Rejection of Request

The wallet address change request will be immediately rejected, and the user will be notified of the reason for the rejection.

• Account Review and Suspension

The user's account may be subject to immediate suspension or restriction, pending further internal investigation in accordance with our AML/CTF Compliance Program.

• Termination of Business Relationship

If the submission of fraudulent documents is confirmed, we reserve the right to terminate the business relationship with the user, in accordance with our internal risk-based approach policy.

• Regulatory Reporting

In compliance with applicable anti-money laundering (AML) and counter-terrorist financing (CTF) laws, we may report such incidents to:

o Financial Intelligence Units (FIUs),

o Relevant supervisory authorities, or

o Law enforcement where required or deemed appropriate under Regulation (EU) 2015/847, MiCA Article 60, and local AML laws.

• Ban From All AITECH Platforms

Users who are found to have provided forged documents may be permanently banned from using all AITECH services in the future.

9. User Dispute Resolution

If a user disagrees with the outcome of their wallet address change request — including rejections due to non-compliance with KYC requirements, provision of invalid documentation, or other compliance-related grounds — they may initiate a formal dispute or inquiry.

Dispute Procedure:

1. Submission: The user must submit a written dispute within 10 business days from the date of receiving the final decision, addressed to our Compliance or Support Team via email at: [email protected].

2. Information Required: The dispute must include:

• Full name and registered AITECH email

• Description of the issue and grounds for dispute

• Any supporting documentation or evidence.

3. Review Timeline: Our Compliance Team will review the dispute in a timely manner and respond within 10 business days. Complex cases may require an extended timeframe, in which case the user will be informed.

4. Final Decision: All disputes are reviewed in accordance with applicable laws, our internal policies, and regulatory obligations. The final resolution will be communicated via email.

5. No Further Appeal: Once the final decision has been issued, it is considered binding and final. The user may not submit additional appeals or request further reconsideration of the same issue.

10. Fraud Risk Controls

To mitigate fraud risks, AITECH implements the following controls:

• Strict identity verification protocols

• Transactional and login pattern monitoring

• Mandatory 2FA two-step verification for high-risk requests

• Manual compliance review and approval required for all wallet changes

• Limited number of wallet change requests allowed per user (maximum of 2 change request per year, unless provided with exceptional reason)

11. Recordkeeping Policy

AITECH maintains a record of all wallet address change requests and related documentation for a minimum of five (5) years, in accordance with our internal compliance and audit policies.

The following records must be securely retained under the assigned case number:

• Submitted user documentation (ID, selfies, wallet addresses)

• Internal review notes, verification findings, and approvals

• Email communications and status notifications

• Audit trail entries from the Wallet Address Change Request Log

• Records are stored in a secure, access-controlled environment and may be subject to review during compliance audits or regulatory inspections.

12. Privacy Policy

All personal data submitted as part of a wallet address change request, including identification documents, contact information, and securing sensitive information will be processed in accordance with AITECH’s Privacy Policy.

For more information on how we collect, store, and protect your personal data, please refer to our full Privacy Policy here: https://aitech.io/privacy-policy/

13. Policy Updates

AITECH reserves the right to modify, amend, or update this policy at any time, at its sole discretion, without prior notice to users. The latest version of this policy shall be considered final and binding.

14. Disclaimer

All requests are subject to ongoing monitoring and review to detect changes in user risk profile or applicable regulatory requirements. AITECH reserves the right to refuse or delay any wallet address change request if there are grounds to suspect fraud, security threats, or inconsistencies in the verification process.

Solidus AI Tech reviews wallet address change requests in a fair, objective, and non-discriminatory manner. All decisions are based solely on risk-based factors such as regulatory compliance, identity verification, fraud prevention, and security considerations. We do not discriminate against any user or their associated persons based on race, color, gender, religion, nationality, ethnicity, or any other legally protected characteristic.