This Custody and Safeguarding Policy sets out the arrangements and internal controls adopted by Ronin EM Limited ("Ronin", "we", "us", "our") to protect client crypto-assets and fiat funds that we hold in connection with our services.

Our primary goal is to ensure the **segregation, security, and prompt availability** of your assets, in compliance with our regulatory obligations as a Crypto-Asset Service Provider (CASP) under the EU Markets in Crypto-Assets Regulation ("MiCAR").

This Policy applies to:

• All client crypto-assets for which we provide custody and administration of crypto-assets on behalf of clients.
• All fiat client funds received by us in connection with our crypto-asset services.

Client Crypto-Assets means crypto-assets (or the private keys controlling them) held by Ronin on behalf of a client.

Fiat Client Funds means fiat currency (e.g., EUR, USD) that a client has provided to Ronin for the purpose of purchasing crypto-assets or that results from the sale of crypto-assets.

As a regulated CASP, our custody and safeguarding measures are established and maintained in accordance with:

• The Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MICAR).
• Relevant directives and guidance issued by our competent authority, the Cyprus Securities and Exchange Commission (CySEC).
• Applicable national laws concerning client money and asset protection.

We ensure that client assets are strictly segregated from Ronin's own assets.

• Crypto-Assets: Client crypto-assets are held in dedicated wallets clearly designated as "Client Assets." The cryptographic keys associated with these assets are stored separately from the keys used for Ronin’s proprietary assets.
• Fiat Funds: Fiat funds are held in segregated bank accounts with credit institutions. These accounts are also designated as "Client Funds Accounts" and are legally distinct from Ronin’s operational accounts.

We maintain comprehensive and accurate internal records (an **electronic register of positions**) to clearly identify the ownership of each client's crypto-assets and fiat funds at all times.

We may use the services of reputable, regulated third-party custodians to safeguard client crypto-assets. Before appointing any third-party custodian, we perform extensive due diligence to ensure they meet high standards of security and operational robustness.

Where a third-party custodian is used, we ensure that:

• The custodian is legally authorized to provide custody services.
• Client assets remain segregated from the custodian's own assets and are held in a manner that protects the client's ownership rights.
• We maintain a clear record of the quantity and location of all assets held by the third party.

Fiat Client Funds received in exchange for crypto-assets, or pending investment in crypto-assets, are subject to strict safeguarding rules:

• Funds are deposited without delay into segregated accounts with credit institutions or central banks.
• We take all necessary steps to ensure that these funds are not used for Ronin's own operations and are protected in the event of our insolvency.

To manage security and liquidity, we employ a risk-based approach using different wallet types:

• Cold Storage (Offline Wallets): The vast majority of client crypto-assets are held in offline, air-gapped cold storage. Private keys are never connected to the internet, providing the highest level of security against online threats.
• Hot Storage (Online Wallets): A minimal amount of client assets is maintained in online wallets to facilitate rapid withdrawals and meet immediate operational liquidity needs. Hot wallets are protected by advanced multi-signature security protocols and strict access controls.

Our platform, systems, and private key management infrastructure utilize industry-leading cloud service providers. We enforce rigorous security measures, including:

• **Multi-Factor Authentication (MFA) and access control** for all critical systems.
• **Regular penetration testing and security audits** conducted by external experts.
• **Strict internal policies** for operational control and segregation of duties (e.g., requiring multiple authorized personnel to approve transactions from cold storage).

Clients have the right to request the withdrawal of their crypto-assets and fiat funds at any time, in accordance with the terms of the Client Agreement.

We process withdrawals promptly. However, large withdrawals, especially from cold storage, may require manual security procedures and multi-signature authorization, which can introduce a reasonable processing delay. We also apply Anti-Money Laundering (AML) checks to all withdrawals, which may affect the speed of transaction execution.

Our Client Agreement clearly sets out your ownership rights over the assets we hold in custody. You retain legal ownership of your crypto-assets.

Our **Client Register of Positions** is the definitive internal record of your asset ownership and is updated in real-time. We provide clients with access to their individual account statements to verify their holdings against our records.

The segregation of client assets is the key mechanism for insolvency protection.

• Protection: Due to segregation, your crypto-assets and fiat funds are protected in the event of Ronin’s insolvency and cannot be used by our creditors.
• Third-Party Use: We do not lend, transfer, or otherwise use client crypto-assets or fiat funds for our own account or for any purpose without your express prior consent, unless required by a court order or applicable law.

If we utilize other CASPs for services, we ensure that they are also subject to rules guaranteeing the segregation of client assets.

We provide clients with clear and complete information about the arrangements for the custody and administration of their assets, including:

• Regular account statements showing current balances.
• Detailed confirmation of all transactions, including the relevant network address for crypto transfers.
• Prompt notification of any material changes to our custody arrangements.

Upon termination of our custody services, we will facilitate the prompt return of all client crypto-assets and fiat funds to the client, subject only to any necessary security checks and the payment of any outstanding fees or charges.

We are liable to you for the loss of any crypto-asset or of the means of access to crypto-assets held in custody where such loss is attributable to us, in accordance with MICAR and applicable law. Our liability is in principle capped at the market value of the relevant crypto-asset at the time the loss occurred, as determined by reference to one or more reputable market data sources.

We are **not liable** for losses resulting from events that are not attributable to us, including (without limitation):

• Inherent defects or failures in the underlying distributed ledger or crypto-asset protocol that are outside our control;
• Decisions taken by governance bodies or validators of the relevant blockchain; or
• Events or circumstances for which we can demonstrate that they occurred independently of our services or operations.

We regularly review this Policy and whenever there are material changes in our business model, custody arrangements, technology stack, or the applicable regulatory framework. Updated versions of this Policy will be made available on our website and/or client platform.

If you have any questions about this Policy or how your assets are safeguarded, you may contact us using the details below: