E-sign Disclosure
Terms of Service
Privacy Policy
Bank Secrecy Act Policy
Federal Privacy Policy
Servicing and Collections Policy
Unfair, Deceptive and Abusive Acts and Practices Policy
Credit Profile Authorization

E-Sign Consent Agreement

Last updated: 8/7/2022

This Electronic Communication Disclosure (“E-SIGN Consent”) applies to all communications and/or disclosures that we are legally required to provide to you in writing in connection with your Account and any related products and services (“Communications”). This E-SIGN Consent supplements and is to be construed in accordance with the terms contained in the applicable terms of service (“Agreement”) you received from KAPED INC..

The words "we," "us," and "our" refer to KAPED INC.. The words "you" and "your" mean the account holder. "Account" means the account you have with us.

  1. Consent for Electronic Signatures, Records and Disclosures

Your consent to the electronic delivery of disclosures will be required before you can begin using your Account. If you are unable or unwilling to provide such consent, please do not enroll for an Account. Once you have activated your Account, you may withdraw your consent for E-SIGN and request paper communications and/or disclosures as noted below.

We suggest you read this document and print a copy for your reference.

  1. Scope of Communications to Be Provided in Electronic Form

When you use a product or service to which this E-SIGN Consent applies, you agree that we may provide you with any Communications in electronic format, and that we may discontinue sending paper Communications to you, unless and until you withdraw your consent as described below. Your consent to receive electronic communications and transactions includes, but is not limited to:

●     All legal and regulatory disclosures and communications associated with your Account and any related products and services

●     Your Agreement and any notices about a change in the Agreement

●     Privacy policies and notices

●     Error resolution policies and notices

●     Responses to claims filed in connection with your Account

●     Notices regarding insufficient funds or negative balances

  1. Method of Providing Communications to You in Electronic Form

All Communications that we provide to you in electronic form will be provided by access to our website or by email.

  1. How to Update Your Records

It is your responsibility to provide us with a true, accurate and complete email address, your contact information, and other information related to this E-SIGN Consent and your Account, and to maintain and update promptly any changes in this information. You may update your information by logging into your Account and updating your profile.

  1. Hardware and Software Requirements

To access, view, and retain electronic Communications that we make available to you, you must have the following software and hardware: A PC or Mac compatible computer or other device capable of accessing the Internet and an Internet Browser software program that supports at least 128 bit encryption. To read some documents, you may need a PDF file reader. If these requirements change while you have an active Account, and the change creates a material risk that you may not be able to receive Communications electronically, we will notify you of these changes. You will need a printer or a long-term storage device, such as your computer’s disk drive, to retain a copy of the E-Sign Consent for future reference.

  1. Requesting Paper Copies

We will not send you a paper copy of any Communication unless you request it or we otherwise deem it appropriate to do so. You can obtain a paper copy of an electronic Communication by printing it yourself or by requesting that we mail you a paper copy, provided that such request is made within a reasonable time after we first provided the electronic Communication to you. To request a paper copy, contact us by mailing your request to 571 W La Habra Blvd, La Habra, CA 90631.

We reserve the right, but assume no obligation, to provide a paper (instead of electronic) copy of any Communication that you have authorized us to provide electronically. For the avoidance of doubt, requesting a paper copy of any Communication, in and of itself, will not be treated as withdrawal of consent to receive electronic Communications.

  1. Communications in Writing

All Communications in either electronic or paper format from us to you will be considered "in writing." You should print or download for your records a copy of this E-Sign Consent and any other Communication that is important to you.

  1. Federal Law

You acknowledge and agree that your consent to electronic Communications is being provided in connection with a transaction affecting interstate commerce that is subject to the federal Electronic Signatures in Global and National Commerce Act, and that you and we both intend that the Act apply to the fullest extent possible to validate our ability to conduct business with you by electronic means.

  1. Termination/Changes

We reserve the right, in our sole discretion, to discontinue the provision of your electronic Communications, or to terminate or change the terms and conditions on which we provide electronic Communications. We will provide you with notice of any such termination or change as required by law.

10. How to Withdraw Consent

You may withdraw your consent to receive Communications in electronic form at any time by sending us a written request by mail to 571 W La Habra Blvd, La Habra, CA 90631. If you withdraw your consent, your Account and all associated cards will be closed in accordance with the Agreement and we will send subsequent required communications and disclosures to you in writing to the most current address we have on file.

We will not impose any fee to process the withdrawal of your consent to receive electronic Communications. Any withdrawal of your consent to receive electronic Communications will be effective only after we have a reasonable period of time to process your withdrawal. In the meantime, you will continue to receive Communications in electronic form. If you withdraw your consent, the legal validity and enforceability of prior Communications delivered in electronic form will not be affected.

Terms of Service

Please read the following Terms of Service carefully. These Terms of Service (“Terms”) are an agreement between you (“you,” “your,” or “user”) and KAPED its subsidiaries, affiliates, agents, service providers, and assigns (“PLATFORM,” “us,” “we,” or “our”). The Terms govern your use of products and services we may offer through our website www.kaped.io and all associated sites owned by KAPED and linked to this Website (collectively, the “Site”).

By using this Site, you acknowledge and agree that, by accessing or using this Site, you are indicating that you have read and understand, and agree to be bound by these Terms, as stated below as well as KAPED Privacy Policy ("Privacy Notice") at all times.


KAPED reserves the right at its sole discretion, to change, modify, add or remove portions of these Terms and our Privacy Policy at any time. It is your responsibility to check these Terms and our Privacy Policy periodically for changes. Your continued use of this Site after any such update constitutes your binding acceptance of such changes. As long as you comply with these Terms, KAPED grants you a personal, non-exclusive, non-transferable, limited privilege to enter and use this Site.

If you have questions, comments, concerns please contact KAPED at support@kaped.io with any questions you may have.


To use this Site you must be, and represent and warrant that you are, of legal age (18 years of age or older or otherwise of legal age in your jurisdiction, or, if you have parental consent, 13 years of age). If you’re agreeing to these Terms on behalf of an organization, entity, or co-applicant, you represent and warrant that you are authorized to agree to these Terms on behalf of that organization, entity, or co-applicant and bind them to these Terms (in which case, the references to “you” and “you're” in these Terms, except for in this sentence, refer to that organization, entity, or co-applicant). If KAPED has previously prohibited you from accessing this Site, you do not have permission to access this Site.


This Site is owned and operated by KAPED and contains material which is derived in whole or in part from material supplied by KAPED and our partners, as well as other sources, and is protected by United States copyright laws and other intellectual property laws. You agree to abide by all applicable copyright and other laws, as well as any additional copyright notices or restrictions contained on this Site. You acknowledge that this Site has been developed, compiled, prepared, revised, selected, and arranged by KAPED and others through the application of methods and standards of judgment developed and applied through the expenditure of substantial time, effort, and money and constitute valuable intellectual property of KAPED and such others. You agree to notify KAPED immediately upon becoming aware of any unauthorized access or use of this Site by any individual or entity or of any claim that this Site infringes upon any copyright, trademark, or other contractual, statutory, or common law rights. All present and future rights in and to trade secrets, patents, copyrights, trademarks, service marks, know-how, and other proprietary rights shall, as between you and KAPED, at all times be and remain the sole and exclusive property of KAPED.








In the event that you have a dispute with any third party, you agree that KAPED is under no obligation to become involved on your behalf. You release KAPED, and our officers, employees, agents, and successors from claims, demands, and damages of every kind or nature, known or unknown, suspected or unsuspected, disclosed or undisclosed, arising out of or in any way relating to such disputes and/or this Site. If you are a California resident, you hereby waive California Civil Code §1542, which says: “A general release does not extend to claims which the creditor does not know or suspect to exist in his favor at the time of executing the release, which if known by him must have materially affected his settlement with the debtor.” This release includes the criminal acts of others.


Some jurisdictions do not allow the exclusion of certain warranties or the limitation or exclusion of liability for incidental or consequential damages such as above in Sections 3 and 4. Accordingly, some of the above limitations may not apply to you.  If you are a NewJersey resident, or a resident of another state that permits the exclusion of these warranties and liabilities, then the limitations in Sections 3 and 4specifically do apply to you.


These Terms are effective unless and until terminated by you or us. We may, in our sole and absolute discretion, deny you access to all or part of this Site and/or our Services at any time for any or no reason at all, with or without notice to you. Grounds for such termination shall include, but not be limited to, (a) breaches or violations of these Terms or other agreements, (b) requests by law enforcement or government agencies, (c) discontinuance or material modification of this Site (or any part thereof), (d) unexpected technical or security issues or problems, (e) extended periods of inactivity, (f) activities related to protecting the rights, property, or safety of KAPED, our agents and affiliates, or our users and the public, or (g) if you provide any information that is false, inaccurate, out-of-date, or incomplete. Additionally, any suspected fraudulent, abusive, or illegal activity that maybe grounds for termination of your use of our Site and/or Services may bereferred to appropriate law enforcement authorities. If we terminate your right to access this Site, these Term will terminate and all rights you have toaccess this Site will immediately terminate; however, certain provisions ofthese Terms will still apply post-termination, including without limitation,the Arbitration and Class Action Waiver provisions.




Useof the Site for any illegal purpose, or any other purpose not expresslypermitted in these Terms, is strictly prohibited. We reserve the right toinvestigate and take appropriate legal action against anyone who, in our solediscretion, violates this section, including removing the offending Contentfrom our Site, suspending or terminating access to our Services and/or Site and reporting such violators tolaw enforcement authorities.

Beloware examples of content and/or uses that is illegal or prohibited:

§  Use this Siteto harass, abuse, or threaten any other person;

§  Provide informationthat is unlawful, harmful, deceptive, tortious, defamatory, libelous, orinvasive of another’s privacy;

§  Use this Sitecommercially, for benchmarking, or to compile information for a product orservice;

§  Copy, download(other than for personal use, or as otherwise expressly permitted by theseTerms), modify, distribute, post, transmit, display, perform, reproduce,broadcast, duplicate, publish, republish, upload, license, reverse engineer,create derivative works from, or offer for sale any content or otherinformation contained on or obtained from or through this Site by any meansexcept as provided for in these Terms or with the prior written consent of KAPED;

§  Scrape, access,monitor, index, frame, link, or copy any content or information on this Site byaccessing this Site in an automated way, using any robot, spider, scraper, webcrawler, or any other method of access other than manually accessing thepublicly available portions of this Site through a browser or accessing thisSite through any approved API;

§  Violate therestrictions in any robot exclusion headers of this Site, if any, or bypass orcircumvent other measures employed to prevent or limit access to this Site;

§  Upload orotherwise make available any material that contains any software, device,instructions, computer code, files, programs and/or other content or featurethat is designed to interrupt, destroy, or limit the functionality of anycomputer software or hardware or telecommunications equipment (includingwithout limitation any time bomb, virus, software lock, worm, self-destruction,drop-device, malicious logic, Trojan horse, trap door, “disabling,” “lock out,”or “metering” device, or any malicious code);

§  Attempt to disable, overburden, or impair the proper working of this Site (including the use of any Mail list, Listserv, or any form of auto-responder or “spam”);

§  Use the Websiteto distribute any other party’s intellectual property unless you have the right to do so, or remove or alter any copyright, trademark, or other proprietary notice contained on this Site;

§  Make available trade secrets or other confidential or proprietary information, or provide any material that you do not have a right to make available under any law or under contractual or fiduciary relationships, including but not limited to insiderinformation, or confidential or proprietary information learned or disclosed aspart of employment relationships or under non-disclosure agreements;

§  Falsely stateor otherwise misrepresent your affiliation with a person or entity, orimpersonate any person or entity;

§  Violate theseTerms or any guidelines or policies posted by KAPED; and/or

§  Interfere withany other party’s use of this Site.

Please note that the terms and restrictions described in these Terms also apply to any content that you may be able to copy or download from this Site (e.g., guides and white papers).

KAPED reserves the right, but not the obligation, in our sole and absolute discretion, to remove any information provided by you, and/or block access to the Site.


When you communicate with us electronically, such as via e-mail, you consent to receive communications from us electronically. Please note that we are not obligated to respond to inquiries that we receive. You agree that all agreements, notices, disclosures, and other communications that we provide to you electronically satisfy any legal requirement that such communications be inwriting.


KAPED has no control over, and assumes no responsibility for, the content, accuracy, privacy policies, or practices of, or opinions expressed in, any third-party websites or by any third party that you interact with through or on this Site. In addition, KAPED will not and cannot monitor, verify, censor, or edit the content of any third-party website or service. By using this Site, you release and hold KAPED harmless from any and all liability arising from your use of any third-party website or service, and you acknowledge and agree that the terms and privacy policies of such third parties govern your interactions with and use of such websites and services.


By using this Site,you acknowledge and accept this Site’s Privacy Policy and consent to thecollection and use of your data in accordance with the Privacy Policy. By usingthis Site, you acknowledge that Internet transmissions are never completelyprivate or secure. You understand that any message or information you send tothis Site may be read or intercepted by others, even if there is a specialnotice that a particular transmission is encrypted.


We may change, suspend or discontinue any aspect of this Site or service at any time. KAPED reserves the right to change system configurations, product specifications, upgrades, pricing, layouts, options and any other specifications at any time without notice. We may also impose limits or restrictions on certain services, features or content or restrict your access to parts or all of this Site without notice or liability.



13a. Agreement to Arbitrate. You and KAPEDagreethat these Terms affect interstate commerce and that the Federal ArbitrationAct governs the interpretation and enforcement of these arbitration provisions.This Section 13 is intended to be interpreted broadly and governs any and alldisputes between us including but not limited to claims arising out of orrelating to any aspect of the relationship between us, whether based incontract, tort, statute, fraud, misrepresentation, or any other legal theory;claims that arose before these Terms or any prior agreement (including, but notlimited to, claims related to advertising); and claims that may arise after thetermination of these Terms. The only disputes excluded from this broadprohibition are the litigation of certain intellectual property and small courtclaims, as provided below.

13b. Dispute Resolution. Most disputescan be resolved without resort to arbitration. If you have any dispute with us,you agree that before taking any formal action, you will contact us at support@kaped.io or by CertifiedMail to 571 W La Habra Blvd, La Habra CA 90631. The disputeshould contain a brief written description of the dispute and your contactinformation (including your username if your dispute relates to a Platformaccount). Except for intellectual property and small claims court claims, theparties agree to use their best efforts to settle any dispute, claim, question,or disagreement directly through consultation with KAPED, and goodfaith negotiations shall be a condition to either party initiating a lawsuit orarbitration.

13c. Binding Arbitration. If the parties do not reach an agreed-upon solution within a period ofsixty (60) days from the time informal dispute resolution is initiated underthe Dispute Resolution provision Section 13b, then either party may initiatebinding arbitration as the sole means to resolve claims, (except as provided inthe “Exception: Litigation of Intellectual Property and Small Claims CourtClaims” subsection below) subject to the terms set forth in provision Section13f. Specifically, all claims arising out of or relating to these Terms(including the Terms’ formation, performance, and breach), the parties’relationship with each other, and/or your use of KAPED shall be finally settled by binding arbitration. Regardless of themanner in which the arbitration is conducted, the arbitrator will issue areasoned written decision sufficient to explain the essential findings andconclusions on which the award is based.

13d. Class Action Waiver. The partiesfurther agree that the arbitration shall be conducted in the party’s respectiveindividual capacities only and not as a class action or other representativeaction, and the parties expressly waive their right to file a class action orseek relief on a class basis. YOU AND KAPED AGREES THATEACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR OUR INDIVIDUALCAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS ORREPRESENTATIVE PROCEEDING. If any court or arbitrator determines that the classaction waiver set forth in this paragraph is void or unenforceable for anyreason or that an arbitration can proceed on a class basis, then thearbitration provisions set forth above shall be deemed null and void in theirentirety and the parties shall be deemed to have not agreed to arbitratedisputes.

13e. Litigation of IntellectualProperty and Small Claims Court Claims. Notwithstanding the parties’ decisionto resolve all disputes through arbitration, either party may bring enforcementactions, validity determinations, or claims arising from or relating to theft,piracy or unauthorized use of intellectual property in state or federal courtor in the U.S. Patent and Trademark Office to protect its intellectual propertyrights (“intellectual property rights” means patents, copyrights, moral rights,trademarks, and trade secrets, but not privacy or publicity rights). Eitherparty may also seek relief in a small claims court for disputes or claimswithin the scope of that court’s jurisdiction.

13f. Confidentiality. All aspects of the arbitration proceeding, and any ruling, decision, or award by the arbitrator will be strictly confidential for the benefit of all parties.

13g. Changes to this Section. KAPED will provide thirty (30) days’ notice of any changes to this section by posting on this Site. Amendments will become effective thirty (30) days after they are posted on this Site. Changes to this section will otherwise apply prospectively only to claims arising after the thirtieth (30th) day. If a court or arbitrator decides that this subsection on “Changes to This Section” is not enforceable or valid, then this subsection shall be severed from the section entitled “Arbitration and Class Action Waiver,” and the court or arbitrator shall apply the first Arbitration and Class Action Waiver section in existence after you began using this Site.

13h. Survival. This Mandatory Arbitration and Class Action Waiver section shall survive any termination ofyour use of the Website.


14a.Limits on ACH Debit Transactions. The cut-off time for scheduling ACH transfers is 4:00 PM Mountain Time. Any transfer scheduled after the cut-off time will be treated as if it were scheduled on the next business day.

14b.ACH Debit Limits.The limitations to the amount of funds that can be transferred from your Deposit Account per day are as follows:

Transaction Type

Frequency and/or Amounts

ACH Debits (from external bank/provider)


ACH Credits from Mobile App


ACH Credits from external  Financial Institution


14c. Electronic Transfer Services. The following terms are used to describe Electronic Funds Transfer (“EFT”) services. “Automated credits” or “direct deposits” are deposits made to your Deposit Account by electronic means. “Automated debits” and “automated payments” indicate payments authorized by you to be made from your Deposit Account by electronic means. “Online Transfers” are the movement of funds between your Deposit Accounts by use of the Mobile App. Online Transfers are described in detail inthe agreement governing the Deposit Account.

When you accept direct deposits orauthorize automatic payments/debits or transfers to or from your Account, youagree to these Terms of Service.

Other relevant terms and conditionsdescribed elsewhere in the Agreement also apply as long as they are consistentwith Regulation E or Section 14.

14d.Types of Electronic Funds TransfersAvailable.You may arrange with another party, such as your employer or a governmentagency, to electronically deposit funds on a one-time or recurring basisdirectly to your Deposit Account.

You may authorize another party, suchas a merchant, to make a one-time or recurring payment(s) using the Deposit Accountand bank routing numbers, directly from your Deposit Account subject to theestablished limitations on withdrawals and transfers.

You may use the Debit Card to makepurchases at merchants that accept the Debit Card or to obtain cash at ATMs,Over The Counter cash and, subject to availability, cash back at POS terminals.

Limitations on Transfers, Amounts andFrequency of Transactions

You may make cash withdrawals and POSpurchases, not to exceed the established limits for your Deposit Account.  

14e. Limitations on Transfers, Amountsand Frequency of Transactions.

Þ     You may makecash withdrawals and Point of Sale (POS) purchases, not to exceed theestablished limits of your Deposit Account.

Þ     If your DepositAccount is closed, blocked or suspended for any reason, you will not be able totransact using your debit card (including at an ATM).

14f. Right to Receive Documentation ofElectronic Funds Transfers.

Þ     Statements. You will haveaccess to an electronic monthly statement that can be viewed on the Website.

Þ     Direct Depositsor Automated Credits.If you have arranged to have direct deposits made to your Deposit Account atleast once every sixty (60) days from the same person or company, call 1-888-656-3823tofind out if the deposit has been made.

14g. Right to Stop Payment ofPreauthorized Transfers. If you have told us in advance to make regularpayment out of your Deposit Account, you can stop any of these payments. Here’show:

Þ     To stop arecurring ACH transfer to a merchant you preauthorized to debit your Deposit Account,please contact the merchant to request cancellation of the recurring payment.

Þ     If the merchantwith whom you arranged recurring ACH transfers from your Deposit Account isunable or unwilling to stop the transfer, call customer support at 1-888-656-3823or email support@kaped.io to request astop on such payment. Your request to stop payment must be received at leastthree (3) business days before the payment is scheduled to be made. Such a stoppayment request will cancel a single, i.e. one (1) recurring payment. If youwant to permanently stop all recurring payments to a specific merchant, you maybe required to put your request in writing and email it to support@kaped.iowithin fourteen (14) days after you call. If we ask you to put your request inwriting, you will need to tell us; the name of the payee, the dollar amount ofthe payment and the date of the payment. If written stop payment notificationis required but is not received within fourteen (14) days, only the firstpayment you notified us of will be stopped, and future payments will not bestopped.

14h. Liability for Failure to StopPayment of Preauthorized Transfer. If you order us to stop apreauthorized payment three (3) business days or more before the transfer isscheduled, and we do not do so, we will be liable for your losses or damages.

Your Liability for UnauthorizedTransfers.Contact us at once if you believe your Debit Card, PIN or Deposit Accountnumber has been stolen. Telephoning is the best way to minimize your possiblelosses. If your Debit Card, PIN or Deposit Account number has been lost orstolen, or that someone has transferred or may transfer money from your DepositAccount without your permission, call customer support at 1-888-656-3823. Under VisaU.S.A. Inc. Operating Regulations, your liability for unauthorized Visa debittransactions on your Deposit Account is $0.00 if you are not grossly negligentor fraudulent in the handling of your Debit Card. This reduced liability doesnot apply to certain commercial card transactions, transactions not processedby Visa or to ATM transactions outside the U.S. You must notify us immediatelyof any unauthorized use. If the Visa Zero Liability Rules do not apply, if younotify us within two (2) business days after you learn of any unauthorizedtransactions, you may be liable for no more than $50.00 if someone used yourDeposit Account without your permission. If you do not notify us within two (2)business days after you learn of the loss or theft of your Debit Card, DepositAccount number or PIN and we can prove that we could have stopped someone fromusing your Deposit Account without your permission if you had promptly notifiedus, you may be liable for as much as $500.00.

If you become aware of and/or yourstatement shows transactions that you did not make, notify us at once followingthe procedures stated in the section labeled “Information About Your Right toDispute Errors“. If you do not notify us within sixty (60) days after youbecome aware of the transaction(s) and/or the statement was made available toyou, you may not get back any of the value you lost after the sixty (60) daysif we can prove that we could have stopped someone from taking value if you hadnotified us in time. If a good reason (such as a long trip or a hospital stay)kept you from telling us, we will extend the time periods. If your Debit Card,PIN or Deposit Account number has been lost or stolen, we will close your DebitCard and/or Deposit Account to keep losses down and send you a replacementDebit Card and/or Deposit Account number.

If your Deposit Account changes youmust immediately notify your employer or any other payors or merchants. Youmust provide them with your new Deposit Account number to ensure that yourdirect deposit and/or ACH Debit activity continues uninterrupted.

14i. Confidentiality. We maydisclose information to third parties about your Deposit Account, Debit Card orthe transactions you make:

Þ     Where it isnecessary for completing transactions;

Þ     In order toverify the existence and condition of your Deposit Account or Debit Card for athird party, such as a merchant;

Þ     In order tocomply with government agency, court order, or other legal or administrativereporting requirements;

Þ     If you consentby giving us your written permission;

Þ     To ouremployees, auditors, affiliates, service providers, or attorneys as needed;

Þ     As noted in thePrivacy Policy and Bank Partner’s Privacy Notice(s); or

Þ     As otherwise asnecessary to fulfill our obligations under this agreement.

14j.Information About Your Right toDispute Errors.In case of errors or questions about your electronic transactions, callcustomer support at 1-888-656-3823 or email us at support@kaped.io as soon as youcan, if you think your statement or receipt is wrong or if you need moreinformation about a transaction listed in the statement or receipt. We musthear from you no later than sixty (60) days after we sent the FIRST statementon which the problem or error appeared.

Þ     Tell us yourname, Deposit Account number and/or 16-digit Debit Card number.

Þ     Describe theerror or the transfer you are unsure about and explain as clearly as you canwhy you believe it is an error or why you need more information.

Þ     Tell us thedollar amount of the suspected error.

If you provide this information orally,we may require that you send your complaint or question in writing within ten(10) business days.

We will determine whether an erroroccurred within ten (10) business days after we hear from you and will correctany error promptly. If we need more time, however, we may take up to forty-five(45) days to investigate your complaint or question. If we decide to do this,we will credit your Deposit Account within ten (10) business days for the amountyou think is in error, so that you will have use of the money during the timeit takes to complete the investigation. If we ask you to put your complaint orquestion in writing and you do not provide it within ten (10) business days, wemay not credit your Deposit Account.

For errors involving new DepositAccounts; transactions with a merchant’s POS terminal, whether in-person,online, by telephone, mail, or otherwise; or foreign-initiated transactions, wemay take up to ninety (90) days to investigate your complaint or question. Fornew Deposit Accounts, we may take up to twenty (20) business days to credityour Deposit Account for the amount you think is in error. For errors involvingunauthorized preauthorized debits (“ACH”), we will ask you to complete and signan “Affidavit of Unauthorized ACH” and return it to us to assist in ourinvestigation.

We will send you the results withinthree (3) business days after completing the investigation. If we decide thatthere was no error, we will send you a written explanation. Copies of thedocumentation used in the investigation may be obtained by contacting us at thephone number or address shown below.


15a. Any translation of this Agreementis provided for your convenience. The meaning of the terms, conditions andrepresentations herein are subject to definitions and interpretations in theEnglish language. Any translation provided may not accurately represent theinformation in the original English.


16a. Severability. If anarbitrator or a court of competent jurisdiction finds any provision of theseTerms to be invalid, the parties agree that the court should endeavor to giveeffect, to the maximum extent permitted by law, to the parties’ intentions asreflected in the provision, and the other provisions of these Terms will remainin full force and effect.

16b. No Waiver. Except asexpressly set forth in these Terms, (i) no failure or delay by you or KAPEDinexercising any rights, powers, or remedies under will operate as a waiver ofthat or any other right, power, or remedy, and (ii) no waiver or modificationof any term of these Terms will be effective unless in writing and signed bythe party against whom the waiver or modification is sought to be enforced.


Ifyou have questions about these Terms or the Privacy Policy, please contact usby email at support@kaped.io, bymail at 571 W La Habra Blvd, La Habra CA 90631, or customer support number1-888-656-3823.

Privacy Policy

Last updated: 8/7/2022

Our Commitment to User Privacy:

This Privacy Policy (“Policy”) describes how KAPED INC., doing business as KAPED Capital, protects and manages your personal data, including:

●       What data we collect when you sign-up for, use, or engage with any of our applications, products, services, or websites (collectively, the "Services");

●       How we manage data from the beginning of your engagement onwards;

●       The choices you have regarding how data is managed.

This Policy applies to information we collect in connection with your access and use of our Services. Please read this Policy carefully. By continuing to use or access our Services, you are consenting to the practices described in this Policy.

We Limit Use of Your Personal Data to:

●       Providing, maintaining and improving our Services;

●       Verifying your identity, where applicable;

●       Communicating with you about new and existing Services;

●       Protecting the legal rights, property and safety of our Services and users.

Sharing Personal Data with Merchants:

We may be required to share your data with a merchant if you open a payment dispute for a transaction with said merchant.

We Collect and Use Data:

Data We Collect:

Your name, email address, phone number, birth date, government-issued identification number, where necessary, payment card and bank information, if applicable, as well as other information you may be asked to provide when signing-up for an account, providing identity verification or engaging in a transaction.

Other Data:

●       Transaction Data: when, where and how a transaction takes place including, but not limited to, the devices and payment methods used;

●       Device Data: hardware model, operating system, unique device identifiers, mobile network data as well as other data generated by a device's interaction with our Services;

●       Location Data: to prevent fraudulent use of our Services;

●       User Data: browser data, Internet Protocol ("IP") addresses and other data describing user engagement;

●       Cookies: small data files we may store on your computer or mobile device memory to help us manage your engagement with our Services, including gathering aggregated data about engagement;

●       Beacons: small electronic images we may use in our Services and emails to deliver cookies and measure user engagement.

●       Information to Enhance your Experience: other data such as a profile picture that may enhance your experience.

Sources of Information:

●       We also check that you are using our Services legally and are eligible for the Services you want to use. We protect the Services from fraudsters who may put you and your money at risk. To do this, we may collect data about you from companies that help us verify your identity, if applicable, prevent fraud or assess risk.

●       We collect (and/or have collected during at least the 12-month period preceding the effective date of this Policy) information about you from the following categories of sources:

○       You directly, when you submit information to us or allow us to access information,

○       Your devices and how you interact with our Services, and

○       Other sources, including:

■       Identity Verification, if applicable. Information from third-party identity verification services and publicly available sources, including your government-issued identification number.

■       Eligibility, Compliance, and Fraud. Information about you from third parties for any investigation, eligibility, identity or account verification process, fraud detection process, or collection procedure, or as may otherwise be required by applicable law. This may include, without limitation, the receipt and exchange of account or transaction-related information with any consumer reporting agency.

We Share Personal Data Under Controlled Circumstances:

●       With third parties who may access data about you to provide you with the Services;

●       With third parties who may access data about you to perform functions on our behalf;

●       With financial institutions, processors, payment card associations and other entities that are involved in the payment process;

●       With government and law enforcement where reasonably necessary to comply with applicable law, regulation, legal process, or governmental request;

●       With others where reasonably necessary to protect the security or integrity of our Services or user safety;

●       In connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture or dissolution of all or a portion of our business;

●       With your consent.

We may share aggregated and anonymized information that does not specifically identify you or any individual user of our Services.


We take reasonable measures, including administrative, technical and physical safeguards to help protect your personal data from loss, theft, misuse, unauthorized access, disclosure, alteration and destruction.

We maintain strict security standards and procedures with a view to preventing unauthorized access to your data by anyone, including our staff. We use leading technologies such as (but not limited to) data encryption, firewalls and server authentication to protect the security of your data.


●       Personal Data: You can change or correct data about yourself through your KAPED Capital account at any time or by emailing us at support@kaped.io. You can also email us if you wish to deactivate your account. We may retain data about you for a period of time consistent with applicable law.

●       Location Data, if applicable: Our mobile applications may require location data. If you do not grant us access to this data then you may not be able to use our Services. If you grant access to location data but later revoke this access your mobile device may no longer be able to use our Services. You may also uninstall our Services to stop collection of location data.

●       Cookies: You can set your browser to reject cookies but our Services may not function properly in this setting.

●       Marketing: You can opt-out of email or text messages by following instructions in these messages. If you opt-out we may still send you messages regarding transactions and services related to our ongoing business relationship.

●       Notifications: Our Services may ask you for permission to send notifications to your device. Our services will still work if you do not grant us permission to send you notifications.

●       Website Tracking: Certain websites you visit may provide options regarding advertisements you receive. For more information or to opt out of certain online behavioral advertising, please visit

YourAdChoices.com | Welcome to YourAdChoices.com .

●       Do Not Track: Some browsers support a “Do Not Track” feature, which is intended to be a signal to websites that you do not wish to be tracked across different websites you visit. Our Services do not currently change the way they operate based upon detection of a Do Not Track or similar signal.

Cookies and Tracking Technologies:

We and our partners use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and gather information about our user base, such as location information based on IP addresses. You can control the use of cookies at the individual browser level.

Cookies are small text files that are placed on your computer by websites and services that you visit or access. They are widely used to make websites and services work and function with greater efficiency, and to provide information about our users’ experience during use of, or interaction with, our websites, and Services. Some cookies last only for the duration of your web session and expire when you exit your browser; other cookies may last for longer than your web session, including after you exit your browser, for example by remembering you when you return to our website. The table below explains the cookies that we and our third party partners use and why.

Functional Cookie for Preferences and Settings: These cookies are used to record a user’s choice and settings that enable our websites and Services to operate correctly or that maintain your preferences over time and may be stored on your device.

Functional Cookie for Sign in and Authentication: When you sign into a website or Service using your KAPED Capital account, we may store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the website without having to sign in again on each page. You can also save your sign-in information, so you do not have to sign in each time you return to the site.

Analytics Cookie: To provide our products and improve your user experience on our websites and with our Services, we use cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service or to our blog and to develop other statistics about the operations of our Services. This may include cookies from us and from third-party providers. We use the information to compile reports and to help us improve our websites and Services.

How to Control Cookies

Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in most modern browsers, you can block or delete cookies by clicking Settings > KAPED Capital > Cookies. Instructions for blocking or deleting cookies in other browsers may be available in each browser's privacy or help documentation. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

Home  or

All About Cookies | Online Privacy and Digital Security .

Certain features of our Services may depend on cookies. Please be aware that if you choose to block cookies, you may not be able to sign in or use those features, and preferences that are dependent on cookies may be lost. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.

Third-Party Analytics Services:

We and our third-party service providers may sometimes use technologies to engage in data analytics, auditing, measurement, research, reporting, and debugging on our Services and to measure interactions with our services, such as tracking referral credits. For example, we use Google Analytics on our Services for such purposes. You can learn more about Google Analytics here and opt out here.

Third-Party Data:

The Services contain hyperlinks to other websites or locations that we do not control and are operated and controlled by third parties (“Third-Party Websites”). Our Privacy Policy does not apply to these Third-Party Websites and we make no representations regarding the policies or business practices of any such Third-Party Websites.

Changes to this Policy:

We can change this Policy. When the changes impact how we use your data in important ways, we’ll tell you first by email.

We may amend this Policy from time to time by posting a revised version and updating the “Effective Date” above. The revised version will be effective on the “Effective Date” listed. We will provide you with reasonable prior notice of material changes in how we use your information, including by email, if you have provided one. If you disagree with these changes, you may cancel your account at any time. If you keep using our Services, you consent to any amendment of this Policy.

Contact Details

If you have questions or comments, feel free to email us at support@kaped.io, call us at +1 (888) 656-3823, or write to us at 571 W La Habra Blvd, La Habra CA 90631.

Bank Secrecy Act Policy


It is the policy of KAPED(hereinafter “platform”) to comply with all requirements of the Bank Secrecy Act (BSA), Anti-Money Laundering(AML), Customer Identification Program (CIP), the USA Patriot Act and all regulations of the Department of Treasury and the Internal Revenue Service relating thereto. It is our ultimate goal to prevent the Platform’s productsand services from being used to facilitate money laundering and/or terrorist financing.


BSA / AML / CIP Risk Assessment

In order to ensure procedures are adequate and appropriate to mitigate risk, the platform shall perform an annual risk assessment. The annual risk assessment shall profile the following:

§  the customer base;

§  products and services offered;

§  delivery methods;

§  market area;

§  employee statistics;

§  loss history;

§  subpoena volume; and

§  Suspicious Activity Report volume.  


Customer Due Diligence

The platform shall have procedures in place to obtain information at account openingsufficient to develop an understanding of normal and expected account activity. These procedures shall enable the Platform to assign appropriate risk, todetermine an effective monitoring system, and to determine if enhanced due diligence is required.


Elevated Customer Risk

The platform shall have procedures in place that define the standard weekly monitoring forall customers or entities with an elevated risk. Customers or entities with an elevated risk level will be reviewed quarterly to determine if the risk ratingis accurate. The Compliance Officer and/or designated persons shall make thefinal determination.  


Comparison to Government Lists

The platform shall have risk-based procedures in place to compare customers, potential customers, and non-customers against government lists in accordance with theTreasury's Office of Foreign Assets Control regulations. Non-customers are those individuals or businesses who are payees who present item(s) for cash. Atransaction minimum of $3,000.00 will require comparison to government lists for non-customers. Funds transfer transactions shall require no transaction minimum. A periodic comparison of the current customer database shall be performed.    


Funds Transfers

The platform shall have procedures in place to collect and retain certain information inconnection with funds transfers of $3,000 or more in accordance with 31 CFR103.33(e).


Information Sharing

The platform shall have procedures in place to comply with Section 314a information requestsfrom FinCEN and will register to share information with other financial institutions who have also agreed to share information in accordance withSection 314b.


Appointment of Bank Secrecy Act Officer

JohnCastaldo is appointed as the Platform’s Compliance Officer. He will promulgate procedures for the preparation of cash transaction reports, the exemption of customers from currency transaction reporting, the monitoring and reporting of suspicious transactions, identification of customers, screening of personsagainst government lists, and arrange for regular, periodic training for each of these elements to the Platform’s staff.


Independent Audit Program

No less than annually, the Platform’s Internal Audit Department shall audit the Platform’s compliance with the Bank Secrecy Act. The results of this audit will be reported to the Senior Management Team. The audit shall include, but is not limited to:


1.      An evaluation of the BSA/AML/CIP compliance program to determine the overall integrity and effectiveness of the program. It shall include policies,procedures, and processes. Evaluation of the management information system forBSA-related reports.

2.      A review ofthe Platform’s risk assessment for reasonableness given the Platform’s risk profile (products, services, customers, entities, and geographic locations).

3.      Risk-basedtransaction testing to test the Platform’s adherence to BSA record-keeping and reporting requirements, e.g. CIP, SAR, CTR, CTR exemptions and information sharing requests.  

4.      Review ofelevated risk customers and related account activity. Review of funds transfer activity.  

5.      Review of audit and examiner reports to determine if the platform has resolved violationsand deficiencies. If a supervisory action is placed, a review of its progress.  

6.      Review training program for adequacy, accuracy, and completeness for affectedstaff.  

7.      Review of retention requirements.

8.      Review the overall process for identifying and reporting suspicious activity.



Knowledge of BSA is required of all directors, officers, and employees of the platform. The platform’sCompliance Officer and/or other designated person(s) shall provide all employees and the senior management team with education and training regardingthe Platform's BSA / AML / CIP policy and procedures and shall periodicallytest employees to determine the effectiveness of the training and the need foradditional training. Training will be conducted at least annually and morefrequently as periodic audits suggest. A record of training shall bemaintained.


Record Retention

All records related to this policy, unless otherwise noted, must be retained for five years from its original date.


Bank Secrecy Act /Anti-Money Laundering Policy Changes

The senior management team shall approve all changes to this policy.


Customer Identification Program (CIP) requirements

The USAPATRIOT Act created a new subsection (l) to 31 USC 5318 that requires the Treasury Department to adopt regulations that require and establish minimumstandards for a financial institutions' Customer Identification Program (CIP).These requirements relate to the identification and verification of any personwho applies to open an account. Treasury released the final rules on April 30,2003 with compliance being mandatory as of October 1, 2003.


The Customer Identification Program (CIP) and procedures in place to ensure all customersare properly and consistently identified. All document verifications ofcustomer identity are to be conducted prior to opening the account. Non-documentary means of verifying identity will be completed within onebusiness day of account opening. Customer will not have access to funds untilverification is complete. The platform will not open accounts where it is notfamiliar with the documents presented or cannot verify the customer's identityusing the documentary and non-documentary methods described in this program. Ifan account was opened, and non-documentary verification efforts fail within areasonable period of time, the account will be closed, and collected fundsdisbursed to the prospective customer providing the platform has received noinstructions otherwise. Accounts closed for lack of non-documentaryverification will be reviewed by the Compliance Officer and/or designatedpersons.



At a minimum, financial institutions are required to:


1.      verify the identity of any person seeking to open an account, to the extent reasonable and practicable;

2.      maintain records of the information used to verify the person’s identity, including name, address, and other identifying information; and,

3.      Determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency.  


The U.S. Patriot Act requires that financial institutions implement a written Customer Identification Program (CIP) appropriate for its size and type of business that, at a minimum, contains each of the requirements of the regulation. These requirements, discussed in detail below, address the following:


§  Customer identity information collection and verification,

§  Record-keeping,

§  Comparison with government lists, and

§  Customer notice.



These procedures require the proper identification of every customer at the time an account is opened. The following are key definitions for these procedures:


Account – A banking relationship established to provide or engage in services, dealings, or otherfinancial transactions, such as:


§  Deposits accounts, transaction or asset accounts

§  Loans

§  Cash management, custodian, and trust services


Account does not include:  

§  Products or services with no formal banking relationship such as check-cashing, wire transfers, or sales of official checks.

§  Accounts acquired through an acquisition, merger, purchase of assets or assumption of liabilities.


Person – An individual, corporation, partnership, trust or estate, joint stock company, association, syndicate, joint venture, or other unincorporated organization orgroup.


Non-US Person – An individual who is a resident or non-resident alien


Customer – For CIP purposes, a customer is:


§  Any person that opens a new account, including each person named on a joint account.

§  An individual who opens a new account for an individual who lacks legal capacity, such as minor or representative payee.

§  An individual who opens a new account for an entity that is not a legal person,such as civic club.


A “customer” does not include:

§  A bank, to the extent of its domestic operations

§  A government agency

§  A platform listed on the New York, American, or NASDAQ stock exchange, commonly referred to as a “listed company” for purposes of the BSA (The exemption does not apply, however, to subsidiaries of listed companies.)

§  A person who has an existing account with the bank provided that the bank has a reasonable belief that it knows the person's true identity.



Personal Accounts for U.S. Persons


Required information/documentation for individual accounts:

1.      Name

2.      Date of birth

3.      Street address

4.      Social Security Number (SSN) or Taxpayer identification number (TIN)  

5.     Valid Government Identification with legible photo

6.     Telephone Number (home, work, cellphone)

7.     Email Address


The following about the Government Identification Document (if applicable):

1.      Date of issuance

2.      Identification Number

3.      Date of expiration (No identification presented may be expired.)


APO and FPO addresses are permissible for military personnel, as are street addresses ofnext of kin.


List of Acceptable ID U.S. Person

§  Valid Driver’s License

§ Valid State Issued Identification Card

§  Social Security Number or Card Major credit card



Personal Accounts for Non-U.S. persons

It is difficult to identify and even more so to verify the identity of non – U.S. Persons. However, we must make due diligence efforts to do so. CIP requirements indicate you must obtain and record an identifying number prior to opening an account. This can be a passport number, ITIN (definition below), alien identification card number or number, and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard.


§  Non-U.S.  Citizens may be issued an ITIN number. ITIN numbers look like SSNs. However, they are issued by the IRS for tax reporting purposes, not the Social Security Administration. Valid ITIN numbers begin withthe number 9, and the 4th digit is a 7 or 8.

§  These are legal for tax reporting and should be obtained if the non-U.S. person has been issued one.  

§  Appropriate Certification: a W8-BEN is required for all non-U.S. persons, both resident,and non-resident aliens, except where they have an ITIN or SSN.


List of Acceptable ID Non-U.S. Person

§  The U.S. or Foreign Passport

§  Alien ID Registration card


Customer Address

Personnel will consider whether the customer's stated address and place of business appear to be legitimate. Stated addresses will be verified by a third-party verification system. P.O. Boxes are not accepted.


Address Discrepancies or Changes

If the customer’s identification does not include a local or current address or the address they give at account opening does not match the consumer report, the customer must provide another form of identification with the current date and current address, such as a utility bill.


Exceptions for minor owners:

Certain minor customers may not possess identification documents that would be considered acceptable, e.g., driver’s license, passports, or state-issued identification cards. In these instances, the following exception may apply:


1.      A joint account with a minor owner must have an adult owner to open the account, and CIP must be applied.


2.      If opening ajoint account with a minor, CIP is required for all owners. I.D. for the minor may be any of the following:

o   Social Security Card

o   ITIN

o   Valid State Issued Identification Card

o   Valid Driver’s License


Business Accounts, Clubs, and Charities

Obtain and record on the appropriate platform documents the following:


§  The business entity’s official legal name

§  The street address of its principal place of business, and if different, its local office.

§  TIN or employer identification number (EIN)

§  If a platform(Corporation, LLC) CIP cannot be verified at the time of account opening, all of the information listed for individuals for the person who has authority or control over the account may be verified until the documents for the entity can be acquired. If the entity documents are not presented within 45 days, the account should only be left open with the approval of the operations manager.  

§ Business License(s), unless the business is Sole Proprietor or DBA, for primary state and a list of states in which the business operates

§ Entity Holding Chart (Business Ownership Structure)

§ Operational Organizational Chart, including compliance and headcount

§ Beneficial Ownership:

o   Each individual that owns 25% or more of equity interest in the platform or;

o   An individual that has significant managerial control of the legal entity.  


Legal Status

The legal status of all businesses must be verified (i.e., sole proprietorship, partnership, corporation, etc.) through articles of incorporation or other documents that verify legal status. The Secretary of State website may be used to verify legal status by printing the page showing the organization number, type of business (INC, LLC), and status. If the in-active status is identified, the account will not be opened until active or proof that active status has been substantiated.


For large commercial accounts, additional records may be obtained from one or more of the following: (1) financial statements, (2) description of the customer’s principal line of business (3) description of business operations (i.e., wholesale vs. retail), and (4) list of major suppliers and customers.  


CIP for a sole proprietorship or DBA (doing business as) will require personal CIP documents for the sole owner.


Tax Identification Numbers New Accounts

New accountsare not opened unless the customer provides a Taxpayer Identification Number(TIN) or satisfactory evidence that the customer has applied for a TIN. If thecustomer is a foreign person and does not have a TIN, the form W8-BEN is required to be completed. It will be recommended an account be closed if avalid TIN is not received within 30 days of account opening. A list is maintained on the core system of accounts with missing TINs.



Theidentifying information obtained from a customer at account opening (Name, Address, SSN/TIN, Date of Birth, and Government ID) will be retained for a period offive years after the last account is closed.


A description of any document used for identity verification, noting:

1.      The type of document;

2.      Any identification number contained in the document;

3.      The place of issuance; and

4.      The date of issuance and expiration, if any.


A description of the resolution of any discrepancy when verifying the identifying information obtained.


Monitoring of High-Risk Accounts

As part of this platform’s account opening process, the Compliance Officer is expected to administer procedures designed to identify high-risk accounts or customers representing a greater risk of being involved in money laundering, structuring, or other illegal activities.


While not all-inclusive, the following are examples of high-risk accounts:

§  Professional service providers such as lawyers, accountants, or brokers make substantialcash deposits into client accounts.

§  Out-of-trade-area accounts

§  Accounts opened through mail or by website

§  Check cashing companies

§  Convenience stores

§  Wire Remitters

§  Currency Exchanges

§  Import/export companies

§  Offshore corporations

§  Non-resident aliens

§  Foreign customers

§  Foreign correspondent accounts

§  Payable through collection, pouch, and special-use accounts

§  Private banking

§  Trust accounts

§  Electronic accounts

§  Accounts utilizing significant movement of funds through wire transfers

§  PEP /Politically exposed persons


Enhanced Due Diligence

Utilizing a combination of system reports (i.e., currency transaction reports, balance fluctuation reports, suspect kiting reports, etc.) and visual observations,management personnel can identify whether an account, which is listed in thehigh-risk category, is suspicious. However, not all accounts identified are considered high-risk. Management personnel must make a determination and reportwhat transactions or activity prompted the account/transaction to be suspicious, thus monitoring the account for high-risk. Management personnelmust complete the BSA CHECKLIST FOR HIGH-RISK ACCOUNTS and set forth the frequency of periodic monitoring needed when an account is identified as a high-risk entity. A Suspicious Activity Report (SAR) is to be completed if the account/transactions are suspicious.

When an account or customer is deemed high risk due to activity inconsistent withnormal activity and the account is coded high risk, the activity in the account will be reviewed periodically or when suspicious activity is reported orappears on internal reports.


High-risk geography monitoring, in addition to high-risk account monitoring by management personnel, is to be performed on an ongoing basis by the Compliance Officer utilizing a combination of internal and system reports (i.e., wire transfer reports, reports or forms indicating location or addresses for high-risk geography) and visual observations.

The Compliance Officer's responsibility is to validate the frequency of account monitoring by reviewing the file created by branch management personnel and subsequentlyrevising the frequency from time to time. In addition, the Compliance Officeris to determine whether an account should be closed, additional monitoring isrequired, or a SAR completed. Ongoing monitoring may be necessary and should bedocumented on the BSA CHECKLIST FORHIGH-RISK ACCOUNTS.


Removing Customers from High-Risk List

To remove a customer from the High-Risk List, the Compliance Officer will access the customer's risk profile and make a determination. After assessing the customer risk profile determines they should be degraded to a low or medium risk category, the change will be updated in the customer profile. The original criteria for adding the customer to the list, along with documentation of the reason for adding and removing the customer to or from the High-Risk list, are kept onfile internally for 5 years.


Requests from personnel outside of the compliance department can be submitted to theCompliance Officer for consideration of removal.


Reasons for removal:

1.      If the activity stops for a period of 6 months, the customer will be moved to mediumrisk.

2.      After another 3 months with no suspicious or out of the ordinary activity, thecustomer will be moved to low risk.

3.      After another 3 months for a total of 12 months with no suspicious or out of theordinary activity, the customer will be removed from this manual list.


The Transaction Monitoring Software assigns risk ratings to customers and accounts according toparameters set up within the software. The software looks at activity inaccounts assigning percentages according to this activity. A risk score of 2.34or above is rated as a high-risk customer or account. Reports with risk ratingscan be run from the software.


Notice to Customers

The institution shall provide notice and applicable disclosures to customers thatit is requesting information from them to verify their identities, as required by Federal Law.  


Suspicious Activity Reporting (SAR)


If any platform personnel becomes aware of or suspects criminal activity or violations of theBSA by customers or employees, they should report the activity to the Compliance Officer for further review.


The platform shall have procedures in place to monitor and detect all known or suspectedcriminal offenses, transactions that involve suspected money laundering, or transactions that violate the Bank Secrecy Act. These procedures will includeat a minimum:


1.      maintain alist of “elevated risk” customers and have procedures in place to monitor account activity;

2.      a review of repetitive cash transactions below the $10,000 reporting threshold;

3.      a review of abnormal account activity to determine if it is suspicious or inconsistent withthe customer’s normal business;

4.      a review of funds transfer activity;

5.      monitoring of accounts of non-US persons;

6.      a review of excessive ATM activity;

7.      insider abuse;

8.      check kiting; and

9.      a periodic review of monetary logs.  


Monitoring systems may be adjusted from time to time but must include the previously mentioned items to detect thefollowing money laundering strategies:


§  Placement, which is the placing of unlawful cash proceeds into the bank by deposits, wire transfers, or other means. 

§  Layering, which is the separating of the proceeds of illegal activities from their origins through the use of layers of financial transactions, such as converting cash into traveler’s checks, money orders, etc.

§  Integration, which is combining illegal funds with legally obtained funds, and providing a legitimate explanation for its ownership.

§  Structuring, which is dividing large cash transactions into several smaller transactions to evade detection from BSA reporting and/or record-keeping thresholds.


Wherecircumstances require the institution to report suspicious activity to itsprimary federal regulatory agency and federal law enforcement officials, suchsteps will be taken expeditiously.


The ComplianceOfficer or Compliance Specialist will log the report, assign an anonymous filenumber, and conduct a preliminary investigation by gathering and documentinginformation. If there is evidence that indicates a violation or illegalactivity has occurred, the Compliance Officer or Compliance Specialist willaccumulate as much information as possible from the Platform’s records anddevelop a summary of the information found.

TheCompliance Officer will consider the reported activity and supporting evidence.If the conclusion is made that a BSA violation or crime has occurred, a SARwill be filed.


Specialissues are raised when the platform receives a subpoena or court order seekingSAR records in connection with an action not related to the activity reportedon the SAR. In such cases, the platform should, in conjunction with legalcounsel, contact its primary federal regulator and FinCEN to obtain guidanceand direction on how to proceed.


Wherecircumstances allow, the platform will report suspected illegal customer oremployee activity to law enforcement authorities. It is our policy to carefullyevaluate all known facts prior to filing a report. The instructions to the SARprovide procedures to be followed in reporting suspicious activity.


Voluntaryreports will be filed when there is a reasonable basis for believing thatspecific criminal activity has occurred, is occurring, or may occur. Voluntaryreports will be filed with federal,state, and local law enforcement agencies as appropriate.


All SARreporting will be reported to the senior management team at its next regularlyscheduled meeting. The report will include:


§  type ofviolation

§  date orrange of dates

§  branch wherethe violation occurred

§  dollaramount of violation

§  loss to the platform(if any)

§  if violationincluded a platform employee


SARs will befiled within 30 calendar days of the initial detection of the criminal orsuspicious activity. A delay of an additional 30 days is permissible, ifnecessary, to identify a suspect. The 30-day (or 60-day) period will begin whena review of the activity and a determination that the activity under review hasbeen determined to be "suspicious" with the meaning of the SARregulations. The review will be initiated promptly and completed in a reasonableperiod of time, considering the type of activity that is unusual and warrantsinvestigation.


After aninvestigation, if the Compliance Officer and/or the Compliance Specialist findsthere is not sufficient cause for filing a SAR, the reason will be documentedon the Suspicious Activity Investigation Report and signed by the ComplianceOfficer.   The documentation file will be kept for 18months or until the next on-site examination.


Ifsuspicious activity continues by a customer, a SAR will be filed approximatelyevery 90 days. It is the policy of “platform” to risk rate any accountreported for suspicious activity as High Risk. The account may be left open ifapproved by the Compliance Officer and/or the CEO. If it is indicated that anongoing investigation is being conducted by law enforcement, the account may beleft open.


If the platformsuspects an individual, entity, or organization of terrorist or moneylaundering activity and a SAR is filed, the platform may, under the protectionof the safe harbor for liability, share information with other financialinstitutions providing both institutions have filed the required certification noticewith FinCEN (Section 314(b)).



§  All SARfilings will be kept for 5 years

§ Investigation materials when a SARis not filed will be kept for 18 months


Disclaimer: Although a SARpolicy is in place with KAPED, all unusual activityreporting will be reviewed and escalated to our banking partner (“EvolveBank and Trust”) foranalysis and final assessment.



CurrencyTransaction Reporting (CTR) requirements

Theregulation and platform procedure requires a CTR to be filed for each deposit,withdrawal, exchange of currency, or other payment or transfer, by, through, orto the Platform, which involves a transaction in currency of more than $10,000.A CTR is completed when the currency threshold is reached in single or multipleamounts conducted either by or on behalf of the same person on the samebusiness day. The instructions to Form 104 are to be followed by the Personnelhandling the transaction and preparing the CTR. The branch representative willtype or print his/her name as the preparer on the CTR and send it to the ComplianceOfficer.


The ComplianceOfficer or a Compliance Specialist reviews the daily report of large cashtransactions. This automated report is generated from our core system. Thereport reflects large cash transactions sorted by tax identification number andteller batches of cashed checks. The Compliance Officer or ComplianceSpecialist compares this report with CTRs created in the software programAnti-Money Laundering. The electronic filing system creates CTRs for single orin aggregate cash transactions over $10,000 (except where the transaction isfor an exempt person). Manual CTR's may be added in the software program fortransactions such as negotiable instruments cashed that are not drawn on productsissued by “platform”. A CTRbatch is then filed electronically from the batches created in Anti-MoneyLaundering Software through the BSA Direct E-filing System from FinCEN. Batchesare sent weekly.


In the caseof multiple transactions, if one component of the transaction is greater than$10,000, the transactor information is required to be completed on the CTR. Amaster list with transactor information will be created at the office level andmaintained there if needed for reporting purposes.


If the platformrepresentative determines that multiple transactions which total more than$10,000 have taken place in any one business day, a CTR is to be completed. Forexample, if a platform representative can determine that "John Doe"deposits $5,000 in currency to his checking account at 9:00 a.m. and deposits$7,000 cash to his savings account at 2:00 p.m., a CTR should be completed.


The platform’sinternal system will alert office personnel to complete a CTR when singletransactions are greater than $10,000. The office representative shall gatherany additional information needed to complete the CTR. The CTR will then beforwarded to the Compliance Officer to be completed in the electronic system.


The platformrequires the customer to provide proof of their identity, such as a validdriver's license or state I.D. If an elderly or disabled customer does not havea driver's license, other forms of identification such as a state I.D.,Medicare/Medicaid card, voter registration card, utility, or real estate taxbill may be used. In these cases, platform personnel will mark the identityline on the CTR as "elderly" or "disabled" and record themethod of identification as "organization or membership card" onlyI.D. Terms such as "known customer" or "signature card" arenot acceptable to complete a CTR.


Daily, platformpersonnel forward all completed CTR’s to the Compliance Officer. There, theCTR's are entered into the electronic filing system. The platform representativehandling a currency transaction greater than $10,000 will get accurate andcomplete information for completing the CTR at the time of the transaction. TheCompliance Officer or Compliance Specialist shall electronically batch file allCTR’s in a timely fashion, within 25 calendar days after the transaction date.The Compliance Officer has the overall responsibility to determine that allsteps are followed.


If the ComplianceOfficer is for any reason unable to perform the duty of completing and filing,CTR's the Compliance Specialist will complete and file the CTR's.


In theevent, the electronic system cannot be used, CTR's may also be completed aspaper documents and filed (paper documents must be filed within 15 calendardays after the reportable transaction) by mailing them to IRS Detroit ComputingOffice, Attention: CTR, P.O. Box 33604, Detroit, MI 48232-5604. A copy of theCTR form 104 may be downloaded from the FinCEN Webb site www.fincen.gov/.


A copy ofeach Form 104 will be retained on paper or other media for a period of five (5)years.


Exempting aBusiness from CTR Reporting

The ComplianceOfficer is responsible for determining whether an account holder qualifies asan exempt person and for filing FinCEN Form 110, Designation of Exempt Person.


The filingof these forms will be done using the BSA E-filing System.


In the eventthe electronic system cannot be used, the forms may also be completed as paperdocuments and filed by mailing them to: IRS Detroit Computing Office,Attention: Designation of Exempt Persons, PO Box 33112, Detroit, MI 48232-0112.The Form 110 is available fordownload at the FinCEN Webb site at www.fincen.gov,


If the ComplianceOfficer is unable to perform a review for a business or the annual review ofexempt persons, the Compliance Specialist will assume the responsibility of newbusiness filings, perform the annual review of all exempt persons, and monitoraccounts for suspicious activity.


Theguidelines set forth for Phase I and Phase II exempt persons and revised byFinCEN effective January 5, 2009, will be followed.


Phase Icategories identifying the entities:

The finalrule by FinCEN, effective January 5, 2009 eliminated the requirement to reviewannually or make a designation of an exempt person (DEP Form 110) filing forcustomers who are:


§  Otherdepository institutions

§   U.S. or State governments

§   Entities acting with governmentalauthority.  


ListedBusinesses / publicly traded corporations

§  Any commonlyaccepted or published stock symbol guide published in a newspaper of generalcirculation with listings from:

a.       the New YorkStock Exchange

b.      the AmericanStock Exchange

c.       NASDAQ


§  subsidiariesof publicly held corporations

§  anyreasonably authenticated corporate officer’s certificate

§  anyreasonably authenticated photocopy of IRS Form 851

§  an annualreport or 10-K filed with the Securities and Exchange Commission


Under PhaseI listed business; a FinCEN Form 110 (Designation of Exempt Person) needs onlyto be filed one time. An annual review is required with evidence that thebusiness continues to be a publicly-traded platform.


Once alisted business/subsidiary has been exempted, the platform is not required tofile CTRs regarding any currency transactions (e.g., deposits, withdrawals, currencyexchanges) conducted by the exempt business.


TheCompliance Officer will review the list annually before March 15 and update itas necessary. The Compliance Officer will prepare a report of the review. Adesignated Compliance person will review this report and a sample of exemptperson files for compliance and ensure dual control.


Phase IIcategories identifying the entities:

An eligiblenon-listed business, including a DBA or payroll customer, must meet all of thefollowing requirements:

§  frequentlyconduct reportable cash transactions (minimum of 5 per year) or

§  operate afirm that regularly withdraws more than $10,000 to pay U.S. employees incurrency (Payroll Customer)

§  maintain atransaction account for at least two months or conduct a risk-based analysis ofthe legitimacy of the customer’s transactions

§  be a U.S.entity or authorized to do business in the U.S.

§  It is nolonger required to record and report a change of control in a designatednon-listed or payroll customer.


Phase IIexemptions are only exemptible to the extent of their transaction accounts(DDA): only commercial accounts of a DBA are eligible to be exempted. Companiesare not required to track commingled funds.

§  it willstill be necessary to file CTR's for currency exchange, CD purchase, Cashier'sCheck purchase, Loan payment, or Loan advance

§  all of acustomer’s transaction accounts may be treated as a single account indetermining frequently reportable transactions


The Managersof each location may submit a business for consideration of exemption alongwith supporting documentation. The Compliance Officer may determine if abusiness meets the criteria for exemption.

§  Supportingdocuments will include copies of at least 5 CTR reports for the past 12 month period;

§  ComplianceOfficer’s review document;

§  Businessproof of existence (e.g., print out from Secretary of State Web site showingbusiness active and in good standing);

§  Activeaccount documentation.


The ComplianceOfficer will:

§  Verifyexempt person status

§  File theFinCEN Form 110, Designation of Exempt Person no later than 30 days after theday of the first transaction to be exempted. (e.g., a customer eligible forexemption conducts a reportable transaction on May 1st as long asthe form 110 is filed by May 31st. No CTR is required for thattransaction.)

§  Maintain afile for Exempt persons along with the supporting verification for 5 yearsafter the exempt customer has closed all exempt accounts or the exemption isrevoked.

§  Annuallyreview the exempt status for each exempt person before March 15 of each year.

§  Exemptpersons' accounts will be monitored for suspicious activity at least annually,and a SAR filed if warranted.

§  Provide anupdated copy of the exempt business list to the Personnel of each branch



§  Thepersonnel of each office will monitor currency transactions in single oraggregate, to the best of their knowledge, that is greater than $10,000, andcomplete applicable CTR's.

§  A Designatedemployee of each office (or her/his designee) will be responsible forcompleting CTR's for that office and, when completed, forward them to theCompliance Officer.

§  The ComplianceOfficer or Compliance Specialist will check CTR’s with the Currency.Transaction System Interface Over $10,000 report and the electronic monitoringsystem and prepare them for filing using the Anti-Money Laundering Software.

§  CTR’s willbe reviewed for accuracy by a Compliance Specialist or the Compliance Officer

§  In order toensure dual control, one person will prepare the CTRs, and they will be checkedby the other.

§  The batcheswill then be submitted electronically to the IRS.

§  The ComplianceOfficer will maintain a file of Currency Transaction Reports electronically orhard copy.

§  The ComplianceOfficer will review & monitor both Phase I & Phase II exemptions.



It isagainst “platform” policy to send or receive wire transfers for non-customers.


The WireTransfer Department is responsible for conducting and retaining all informationrelated to wire transfer records. For each wire transfer of $3,000 or moreoriginated at "platform”, thefollowing records will be maintained on the wire transfer log or binder as wellas “travel” with the transmittal order:


1.      The name andaddress of the originator

2.      The amountof the payment order

3.      Theexecution date of the payment order

4.      Any paymentinstructions received from the originator with the payment order

5.      Thebeneficiary’s bank

6.      As many ofthe following items as are received with the payment order:

§  The name andaddress of the beneficiary

§  The accountnumber of the beneficiary

§  Any otherspecific identifier of the beneficiary


When the platformis a beneficiary company in a funds transfer, we will retain either theoriginal or a duplicate of the payment order. If the beneficiary does not havean account with the platform, our CIP procedure will help us verify thebeneficiary's identity. If we have knowledge that the person receiving theproceeds is not the beneficiary, we obtain a record of the beneficiary's nameand address, as well as the beneficiary TIN, if known by the person receivingthe proceeds, or a notation in the record of a lack thereof. If proceeds aredelivered other than in person, we retain a copy of the check or otherinstrument used to make a payment or the information contained therein as wellas the name and address of the person to which it was sent.


Wiretransfers are checked against government lists following OFAC procedures usingthe Transaction Monitoring Software.


Platform alsoserves as an intermediary company for our banking partner (“Evolve Bank andTrust”) for sending and receiving wire transfers. The same procedures arefollowed for sending wire transfers for the two institutions.


Disclaimer: Although this CTRPolicy is in place, at this time platform does notanticipate any cash components within its internal operations but may offer asa solution in the future.




Office of Foreign AssetsControl (OFAC) & Government List Requirements


The UnitedStates Department of Treasury's Office of Foreign Assets Control (OFAC)administers laws that impose economic sanctions against hostile foreigncountries, entities, and individuals. It is the platform’s policy to complywith U.S. laws, regulations, and orders that restrict dealings by U.S. personsor entities with certain foreign countries, their nationals, or "speciallydesignated nations (SDNs)."  The platformwill not knowingly do business with, maintain accounts for, nor handletransactions or monetary transfers for foreign countries or foreign nationalslisted on OFAC's Alphabetical Master List of Specially Designated Nationals andBlocked Entities (SDN List).


OFAC Check

On a weeklybasis and after any update to the OFAC list, the Transaction Monitoring programperforms a comparative review between the list of prohibited countries,entities, and individuals as provided by the Treasury's Office of Foreign AssetControl (OFAC) and the platform’s account, customer and transaction database.This process ensures that no prohibited accounts are maintained or transactionsperformed with entities on the OFAC or any government lists.  


New accountpersonnel is trained in using the internal system (a system that checks againstthe OFAC list) and the OFAC Reporting / Name Inquiry for checking names againstthe OFAC list before an account is opened.


A CreditBureau report will be acquired on a new loan and/or credit card customers. TheCredit Bureau report will include checking against the OFAC list. This will bedone before disbursing funds to the customer.


When aW8-BEN is completed due to a foreign customer not having a TIN, the customerwill be checked against the OFAC list using the OFAC Reporting; Name Inquiry.


ACH OFACCompliance

The platformwill follow the NACHA Operating Guidelines related to OFAC compliance inprocessing ACH items.



Allparticipants (e.g., originator, beneficiary) for "wire transfers" arechecked against the OFAC list through the Transaction Monitoring software.Because of the increased risk for money laundering in the "wiretransfer" area, the institution has decided not to conduct wire transfersfor non-customers.



All namesare checked when the Transaction Monitoring Software is run against the platform’sdatabase. OFAC searches against parties other than account holders,beneficiaries of wire transfers, or Checks (i.e., powers of attorney's, guarantors on loans) will not beincluded in the periodic OFAC check, as they may not be listed on theportfolio. Theplatform is willingto accept this risk.


OFACPotential Hit

If platform personnelidentify an account, wire transfer, or other transaction as a possible SDN, theCompliance Officer should be notified. The Compliance Officer or a designee willnotify the partner bank and/or may contact the OFAC Compliance Hotline at 1-800-540-6322​or if the transaction is an in-process wire transfer, use the online link fromthe U.S. treasury OFAC hotline, https://home.treasury.gov/policy-issues/financial-sanctions/contact-ofac



The ComplianceOfficer or a designee will document any OFAC phone or online advice for futurereference and record-keeping requirements. If a match is indicated,instructions for the type of sanction will then be followed.


Blocking anAccount:

The accountor transaction should be blocked. The blocked funds will be placed in anaccount on the banking partner’s books that earn interest at a rate paid toother deposits of comparable size in instruments with maturities of less than90 days.


All blockingactions must be reported to OFAC Compliance by fax at (202) 622-1657 within 10business days. No special forms are needed. The report will be made on platformletterhead by the Compliance Officer. The report will indicate that a blockedaccount has been established in the name of the blocked party and shouldindicate the amount of funds blocked and the name, phone number, and fax numberof the Compliance Officer.


SeniorManagement and the banking partner will also be provided with a copy of thisreport.



If the platformis holding blocked property or funds, it will file an annual report as of June30 regarding the blocked property using the Annual Report of Blocked Property(T.D. F 90-22.50) available on the OFAC Website http://ustreas.gov/ofac. The annualreport will be filed with OFAC by September 30 of each calendar year duringwhich the funds are held.



All OFACrecords will be kept for a period of 5 years.


National SecurityLetters (NSL)


A NationalSecurity Letter is a letter request for information from a third party that isissued by the FBI or by other government agencies with the authority to conductnational security investigations. An NSL is simply a request for information.It does not authorize the FBI to conduct a search or make a seizure. If therecipient of an NSL declines to produce the requested information, the FBIcannot compel him to do so; only a federal court has that authority.


The platformis prohibited from disclosing to any person that a government authority or theFBI has sought or obtained access to records or that an NSL has been received.


If the platformreceives an NSL, the Compliance Officer and/or the designated persons will beinformed immediately and take possession of the NSL. The Compliance Officerand/or the designated persons will determine what information is requested andwill be responsible for responding to the NSL. If there are questions regardingthe NSL, the platform’s local FBI field Office will be contacted.


If a SAR isfiled after receiving an NSL, the SAR will not contain any reference to thereceipt or existence of the NSL. It will reflect only facts and activities thatsupport the suspicious transactions identified by the platform.


A record ofthe NSL and all supporting documentation will be kept in a confidential filewith other BSA records. Examiners will not have access to this file.



NationalSecurity Letters will be kept for 5 years or a time specified by the requestinggovernment agency.



Report Of InternationalTransportation Of Currency Or Monetary Instruments; IRS Form 105


Who must file form 105:

Regulations require each person whophysically transports, mails or ships, or causes to be physically transported,mailed, or shipped currency or other monetary instruments in an aggregateamount exceeding $10,000 at one time from the U.S. to any place outside theU.S. or into the U.S. from any place outside the U.S. and


Each person who received in the U.S.currency or other monetary instruments in an aggregate amount exceeding $10,000at one time, which has been transported, mailed, or shipped to the person fromany place outside the U.S.


“Platform” does not typically seethese types of transactions. However, if we should, the platform instructionsfor form 105 will be followed.


It will be the responsibility of theCompliance Officer to file form 105 within 15 days after receipt of shipment ofcurrency or monetary instruments exceeding $10,000. The form will be filed withthe Customs officer in charge at any port of entry or departure or by mail withthe Commissioner of Customs, Attention: Currency Transportation Reports,Washington, DC 20229.


It will be the responsibility of theCompliance Officer to file form 105 within 15 days after receipt of shipment ofcurrency or monetary instruments exceeding $10,000. The form will be filed withthe Customs officer in charge at any port of entry or departure or by mail withthe Commissioner


Section 312 USA Patriot Act - Reportof Foreign Bank And Financial Accounts; IRS Form T.D. F 90-22.1


Any clients of the platform thathave an interest in, or authority over, financial accounts in a foreign countrywhose value exceeds $10,000 will be reported to FinCEN as required by law. Theinstitution does not currently hold any accounts that are known to fall underthis guideline. If any accounts are identified in the future, the BSA Officerwill ensure that it meets all requirements for filing the Report of ForeignBank Financial Accounts (Treasury Form 90-22.1) as required by Section 312 ofthe USA Patriot Act.



FinCEN Information Request  - Section 314(a)

Section 314 (a) of the USA PatriotAct requires the platform to search its records for suspected money laundersand terrorists “subjects of interests” which law enforcement has requestedinformation about and presented to FinCEN. FinCEN sends a list of namesrepresenting potential subjects of terrorism investigations or money launderinginvestigations.


The Compliance Officer or Seniormanagement officer is designated to receive notification of all 314(a)requests. The e-mail request will be forwarded to the Compliance Officer andCompliance Specialist. They will be responsible for checking the 314a listagainst the platform’s database by downloading the People List and BusinessList to the Transaction Monitoring Software.


After the requests are run, the ComplianceOfficer or Compliance Specialist will look at each potential list matchingalert in Anti-Money Laundering and investigate the alert or assign the alert toanother person in the Compliance Department for investigation. After assuringthat the potential matches are false positives, they are noted as falsepositives within the Transaction Monitoring Software and deleted.


A copy of the Audit Requirementreport showing the number of records checked and a printed copy of the FinCENpage of the “platform"Subject Menu for the date will be kept as proof of checking the lists againstthe customer and account database. A log will also be kept containing the dateof the file, the date checked, and a number of potential matches.

If a match is found, the match mustbe reported to FinCEN by logging into the secure communication site andfollowing the notification procedures. The platform is not required to take anyother action and will not maintain the list for the purpose of evaluatingwhether to open an account or conduct a transaction unless specificinstructions accompany the request and state otherwise.


A match does not automaticallyrequire the filing of a SAR, and the platform’s decision to file a SAR will bebased on the circumstance of the transaction or account activity only.


The search and response to anymatches will be completed within 14 days after receiving the request.


If the search does not uncover amatching account or transaction, then we will not reply to a 314(a) request.Furthermore, we will not disclose the fact that FinCEN has requested orobtained information from us, except to the extent necessary to comply with theinformation request.


The institution will direct anyquestions we have about the request to the requesting Federal Law enforcementagency as designated in the 314(a) request.


All information relating to searchresults will be retained for 5 years.


The institution will not use theinformation provided by FinCEN for any purpose other than to assist the firm incomplying with any requirement of Section 314 of the PATRIOT Act.


The protection and safeguarding ofthis information are considered as any other personal confidential informationand will be protected as all information described in the Information SecurityPolicy. After the check is completed, the text file of people and businesseswill be deleted from the 314(a) folder used for downloading to the TransactionMonitoring Software. This information will not be used for any other purpose.



Information Sharing – Section 314(b)

It is the policy of “platform” notto share information with any other institutions as permitted under Section314(b) of the USA Patriot Act.


Regarding information sharing undersection 314(b), if the platform decides to share information with anotherfinancial institution, it will register and verify the registration of theother institutions prior to sharing information.



Other Record-keeping

In addition to the records expresslydiscussed in this policy/procedure, records as listed below must also beretained for a period of five years; Records may be retained in any form,including microfiche, microfilm, optical disk, hard copy, or other form.


1.     Extensions of Credit – The name andaddress of the borrower, the amount of the credit, its nature or purpose, andthe date must be obtained by the financial institution. This requirement isapplicable only to extensions of credit in excess of $10,000 not secured byreal property.


2.     Funds Transferred to or from theU.S. – A record of each advice, request, or instruction received or givenregarding any transaction resulting in the transfer of currency or othermonetary instruments, funds, checks, investment securities, or credit of morethan $10,000 to or from any person, account, or place outside the UnitedStates. (Records regarding canceled transactions of this type are required onlyif they are normally made.)


3.     Taxpayer Identification Numbers(TINs) – The appropriate TIN for customers purchasing a certificate of depositor opening a deposit or share account. Internal Revenue Service guidelinesdetermine what constitutes a TIN and which number is to be used.


4.     Transaction Records – Eachstatement, ledger card, or other record on each deposit or share account.


5.     On-us Checks – Each check, cleandraft, or money order over $100 is drawn on the bank or issued and payable byit.  


6.     Debits to Customer Accounts – Alldebits or charges in excess of $100 other than bank or periodic charges.


7.     Items From Transfers Outside theU.S. – Each item, including checks, drafts or transfers of credit, of more than$10,000 remitted or transferred to a person, account, or place outside the UnitedStates.


8.     Records of Transfers Outside theU.S. – A record of each remittance or transfer of funds, currency, checks,investment securities, other monetary instruments, or credits of more than$10,000 to a person, account, or place outside the United States.


9.     Foreign Checks Presented for Payment– Checks or drafts in excess of $10,000 drawn on or issued by a foreign bank,which the domestic bank has paid or presented to a non-bank drawee for payment.


10. Items Received From Foreign BankingInstitutions – Each item, including checks, drafts, or transfers of credit ofmore than $10,000 received directly and not through a domestic financialinstitution, by letter, cable, or any other means, from a bank, broker, ordealer in foreign exchange outside the U.S.


11. Records of Receipts From ForeignBanking Institutions – A record of each receipt of currency, other monetaryinstruments, investment securities or checks, and each transfer of funds orcredit, of more than $10,000 received on any one occasion directly and notthrough a domestic financial institution, from a bank, broker, or dealer inforeign exchange outside the U.S.


12. Checks Deposited – All platform recordsprepared or received in the ordinary course of business, which would benecessary to reconstruct and trace items in excess of $100 deposited in atransaction account.


13. Deposit Slips or Credit Tickets –All deposit slips and credit tickets reflecting transactions in excess of $100and equivalent records for direct deposits and wire transfers. The amount ofcurrency involved must be reflected on the slip or ticket.


14. Currency Transaction Reports –Copies of all CTRs filed.


Pursuant to the USA Patriot Act, anyrequest from the platform´s principal Federal regulator pertaining to terroristor money laundering activities, these records must be accessible within 120hours of the request.


Summary of Responsibilities

Each employee's job description willinclude BSA compliance as is appropriate for that job, and it will be a part ofthe annual performance evaluation.


Compliance Officer

In the event the Compliance Officeris unable to perform the duties of this position, the Compliance Officer or adesignated Compliance Specialist will assume the duties of the ComplianceOfficer.


1.     Receives CTR’s from each office andchecks the Currency Transaction Interface over $10,000 report for single oraggregate cash transactions greater than $10,000 and Files CTR’s as required byusing the BSA E-file System.    

2.     Maintain a central list of allcustomers exempted from CTR filing. Review and file new DEP (Designation ofExempt Person) for qualifying business entities. Annually review existingexempted customers for reasonableness and continued eligibility.

3.     Presents internal or external auditsand examinations reports to the Board of Directors whenever received.  

4.     Files a report annually with theBoard of Directors that includes the following:

5.     The number of CTR’s filed.

6.     The number of CTR exemption requestsreceived:

o  Granted unilaterally;

o  Refused unilaterally;

o  Granted by the IRS;

o  Refused by the IRS; and

o  Where a disposition is pending.


7.     The number of CTR filing exemptionspresently considered “active. ”

8.     A review of formal BSA employeeeducation programs conducted during the preceding period.

9.     A synopsis of any changes in the platform´swritten procedures during the preceding  period and the reasons for those changes.

10. A certification that the platform´srecord-keeping procedures meet the requirements of the regulation and that itsrecords are adequately protected.

11. Alert the Senior Management whennecessary of possible suspicious transactions. Determine whether a SAR iswarranted after reviewing possible suspicious activity.

12. Presents suspicious activity reports to the Senior Management Team at themeeting following the filing of a SAR.

13. Overall compliance of the BSA program will be incorporated into the jobdescription and performance evaluations for the Compliance Officer.

14. Responsible for company-wide training.


Wire Transfer Department

1.     Retain required information onincoming and outgoing wire transfers.

2.     Retain and file identity records forwire transfer customers

3.     Maintain wire transfer records

4.     Check both incoming and outgoingwires against the OFAC list.


Loan Personnel

1.     Report suspicious activity to OperationsOfficer and the Compliance Officer.

2.     Before disbursing funds on loan, thecustomer will be checked against the OFAC list through the Credit Bureau reportsystem.

3.     Loan Officers will follow the“Customer Identification Program” when taking loan applications.

4.     Check for address or SSNdiscrepancies with the Credit Bureau Report and document the correct addressand reason of discrepancy, following the Red Flags procedures.



1.     Annual internal audit of BSA/AML/OFAC program.




























Exhibit A


Prohibited Business and ProductType List



Section I: Prohibited Products, Services, and Methods ofSelling  

Platform will notaccept customers that offer these types of products, services, or methods ofselling due to some companies being more liable to fraud, more exposed to high disputes& chargeback rates, and only legal when complying with some specific lawsor rules.


Adult Entertainment Businesses

Online Dating Services

Aircraft Dealers

Online Tobacco/e-cigarettes/e-liquid Sales

All Firearms/Ammunition Sales

Products/Services deemed Illegal by any level of Government

Cannabis Oil/Products

Pyramid Schemes/Multiple Level Sales

Choice of Law

Shell Corporations

Currency Exchange Businesses

Tattoo Parlors

Escort Services or Encounter Groups/Clubs

Tax Anticipation Programs

Fireworks Sales

Transaction Types prohibited by Visa/ MasterCard/American

Gambling Establishments


Marijuana or Illicit Drugs


Massage Parlors (not associated with salons/chiropractic care)

Unfair, Predatory, or Deceptive Practices/Goods

Nested Payment Processors

“Pseudo” Products

Offshore  Businesses



Section II: Prohibited MCC’s

In addition to the Prohibited Products, Services, or Methods ofSelling identified in Section I, platform bankingpartner will not process for merchants with these MCCs:

MCC  Code


MCC  4816

Computer  Networking Services, Internet access – all card transactions

MCC  5122

Drugs,  Proprietaries & Sundries – all card transactions

MCC  5816

Digital  Goods – Games, for Transactions involving skilled game wagering (for example:  daily fantasy sports) – all card not present transactions

MCC  5912

Drug  Stores and Pharmacies – all card transactions

MCC  5962

Direct  Marketing Travel, including discount travel clubs – all card transactions

MCC  5966

Direct  Marketing Outbound Telemarketing – all card transactions

MCC  5967

Direct  Marketing Inbound Teleservice, audio text & videotext – all card  transactions

MCC  5993

Cigars  Stores and Stands, tobacco product merchants – all card transactions

MCC  6051

Non-Financial  Institutions – Foreign Currency, non–Fiat Currency (i.e., Cryptocurrency),  Money Order (Not Money Transfer), Travelers Cheques, and Debt Repayment, for  sale of cryptocurrencies – all card not present transactions

MCC  6211

High–Risk  Securities Merchant – all card transactions

MCC  7021

Timeshares  – timeshare rentals, leases, and sales – all card transactions

MCC  7273

Dating  Services, misc. personal services – all card transactions

MCC  7995

Non  Face to Face Gambling – all card transactions



Section III: ProhibitedProducts, Services, and Methods of Selling

Acceptance of these types of businesses will be on a caseby case basis and will require an additional due diligence review and approvalfrom platform prior to anyactivity.


Auctions/Auction Services and Websites

Government Grants

Short term loans with high-interest rates

Bail Bond Services

Home Based Charities

Student Loan Assistance Companies

Check Cashing Institutions

Lifetime Guarantees

Surveillance equipment

Collection Agencies

Merchant Cash Advance

Talent Booking Agencies

Credit Card Schemes

Modeling Agencies


Credit Restoration/Debt Relief Services

Neighborhood Party Sales

Third-Party Hotel Reservation Services



Tobacco Sales

Door to Door

Pawn Shops

Vehicle Sales

Fantasy Sports

Payday Lenders

Vitamin and Supplement Sales

Flea Markets

Pharmaceutical Sales

"As Seen on T.V."

Get Rich Quick Schemes





Rev. 10/05/2021










Financial companies choose how they share your personal  information. Federal law gives consumers the right to limit some but not all  sharing. Federal law also requires us to tell you   how we collect, share, and protect your  personal information. Please read this notice carefully to understand what we do.




The types of personal information we collect, and share depend  on the product or service you have with us. This information can include:




n  SSN or ITIN


n  Occupation  and/or Salary Information


n  Account  Balances


n  Account and  Transaction History


n  Deposit/Loan  Account Information






All financial companies need to share customers’ personal  information to run their everyday business. In the section below, we list the  reasons financial companies can share their customers’ personal information;  the reasons KAPED chooses to share; and whether you can limit this sharing.




Reasons  we can share your personal information


Does KAPED share?


Can you limit this sharing?


For our everyday business purposes—


such as to process your transactions, maintain your  account(s), respond to court orders and legal  investigations.






For  our marketing purposes—


to offer our  products and services to you






For  joint marketing with other financial companies






For  our affiliates’ everyday business purposes—


information about your transactions  and experiences






For  our affiliates to market to you






For  nonaffiliates to market to you








To limit


our sharing


n  Visit us online:  www.KAPED.io


Please  note:


If you are a new customer, we can begin sharing  your information 30 days from the date we sent this notice. When you are no  longer our customer, we continue to share your information as described in  this notice.


However, you can contact us at any  time to limit our sharing.




n    Email us at support@kaped.io








Who  we are

Who is providing this notice?


What  we do

How does KAPED protect my personal  information?

To protect your personal information from unauthorized access  and use, we use security measures that comply with federal law. These  measures include computer safeguards and secured files and buildings.

How does KAPED collect my personal information?

We collect your personal  information, for example, when you

n  Apply for  services or account

n  Provide  Account Information

n  Apply for a  Loan

n  Use your  debit card

n  Deposit  Money

n  Pay a Bill

We also collect your personal  information from third parties (such as platforms, affiliates and Financial  Institutions we partner with).


Why  can’t I limit all sharing?

Federal law gives you the right to  limit only

n  affiliates  from using your information to market to you

n  sharing for  nonaffiliates to market to you

State laws and individual companies may give you additional  rights to limit sharing. See below for more on your rights under state law.

What happens when I limit sharing for  an account I hold jointly with someone else?

Your choices will apply to everyone  on your account.




Companies related by common ownership or control. They can be  financial and nonfinancial companies.

KAPED and its subsidiaries and affiliates


Companies not related by common ownership or control. They can  be financial and nonfinancial companies.

n  Nonaffiliates  we share with can include service providers, date processors, retailers,  financial services companies.

Joint  marketing

A formal agreement between nonaffiliated financial companies  that together market financial products or services to you.

n  Our joint  marketing partners include financial service providers and financial  institutions.

Other  important information

FOR VERMONT RESIDENTS: We will not  share information we collect about you with nonaffiliated third parties,  except as permitted by Vermont law, such as to process your transactions or  to maintain your account.


FOR CALIFORNIA RESIDENTS: We will  not share information we collect about you with nonaffiliated third parties,  except as permitted by California law, such as to process your transactions  or to maintain your account. We will limit sharing among our companies to the  extent required by California law.


FOR NEVADA RESIDENTS: We are  providing this notice to you pursuant to Nevada law. If you prefer not to  receive marketing calls from us, you may be placed on our internal Do Not  Call List by writing to us at Dave, Inc 1265 S Cochran Ave, Los Angeles, CA  90019. Nevada law requires that we also provide you with the following  contact information: Bureau of Consumer Protections, Office of the Nevada  Attorney General, 555 E. Washington Street, Suite 3900, Las Vegas, NV 89101,  phone number (702) 486-3132, email BCPINFO@ag.state.nv.us.


State laws may also provide you with  specific privacy protections. We will comply with applicable state laws with  respect to our use of your information.


1.                  Summary / Overview

KAPED INC.  (“KAPED” and the Company) will from time to time engage in servicing and collections activity with respect to: (i) debts that are due and owing to KAPED; and (ii) debts that are due and owing to third parties. The Company’s Board of Directors has adopted this Servicing and Collections Policy (“Policy”) as part of its Compliance Management System. The Compliance Officer serves as the individual responsible for all activities related to lending, and oversees the development and implementation of this Policy.

The Company intends to comply with applicable federal and state laws concerning loan servicing and the collection of commercial debt.  The purpose of this Servicing and Collections Policy and Procedures (“Policy”) is to describe the Company’s commitment to compliance with applicable state and federal collections and servicing laws. The Company takes its responsibility to comply with applicable servicing and collections laws seriously, and endeavors to mitigate losses with minimum delay and conflict and to treat each borrower with respect.

2.                  Scope

This Policy applies to all activities and practices related to the servicing and collection of loans.

This Policy applies to (i) Company employees; (ii) Company’s executives and senior managers (collectively, “Senior Management”); and (iii) any vendors providing services to the Company.

3.                  Roles and Responsibilities

3.1              Board of Directors

The Board of Directors oversees and is ultimately responsible for ensuring that the Company adheres to all applicable servicing and collections laws, regulations, and policies. The Board (or a designated Committee of the Board) is responsible for reviewing and approving this Policy at least annually and any changes or modifications to the Policy as they occur. The Board also maintains oversight of compliance with Policy and any significant servicing or collection risks that Senior Management identifies.

3.2              Compliance Officer

Michael De Guzma is responsible for monitoring servicing activities of staff to ensure compliance with applicable legal requirements, overseeing and maintaining evidence of servicing training (including training for laws related to service member protections, marketing, and fair lending), ongoing monitoring and testing to ensure adequate controls are in place to mitigate applicable servicing risks, and conducting regular assessments of Company’s servicing program.

Additionally, the Compliance Officer is responsible for evaluating and updating the Policy to reflect any changes to (i) relevant products or services of Company, (ii) Employees, or (iii) applicable laws and regulations. The Compliance Officer reviews the Policy on a periodic basis and when any such changes are made.  Review includes consideration of feedback on the effectiveness of the Policy and any input from relevant Bank Partners.

3.3              Servicing Team

The servicing team is responsible for knowing and understanding the organization’s risks, controls, and mitigation efforts related to servicing matters; reviewing regular reporting on escalated issues related to servicing and collections; ensuring implementation and support of this Policy by providing sufficient staff and resources to manage the risks; reporting to the Board on issues as needed, and assisting the Board with overseeing compliance with this Policy and any significant servicing and collections risks that management identifies.

3.4              Legal

The legal team is responsible for reviewing and approving new scripts and playbooks for servicing and collections efforts; providing guidance to the Company about applicable servicing laws and regulations; and assisting with the resolution of servicing and collection matters, including arbitration with delinquent borrowers.

3.5              Periodic Review

The Company shall identify and appoint appropriately skilled and knowledgeable persons to be responsible for conducting periodic review of the policy’s effectiveness.

4.                  Servicing

4.1              Overview

To ensure compliance in areas of risk involved in loan servicing and collections, this Policy incorporates internal controls, ongoing monitoring, organizational accountability, timely corrective action, and training related to applicable servicing and collections laws.

4.2              Fair Debt Collection Practices Act  (FDCPA)

The Fair Debt Collection Practices Act (“FDCPA”) restricts and regulates the conduct of debt collectors, which generally includes debt collection agencies, creditors using false names or collecting for other unaffiliated creditors, collection attorneys, purchasers of delinquent debts, repossession companies, and suppliers or designers of deceptive forms.  It does not include creditors collecting their own debt in their own names. Additionally, the FDCPA only applies to the collection of consumer debt that was incurred primarily for personal, family, or household purposes.  Generally, the FDCPA does not apply to commercial and business purpose debts. While the Company does not anticipate that the FDCPA will apply to its planned commercial loan and servicing activities, the Company strives to ensure that its policies and procedures adhere to the spirit of the FDCPA. The Company endeavors that neither it nor its employees or vendors will engage in collections acts or practices that are abusive, false, misleading, unfair, or constitute harassment as defined under applicable state and federal laws.

4.3              State Debt Collection Laws

Some states have enacted debt collection laws, some of which may apply to entities collecting on their own debts in addition to debt collected on behalf of third parties. It is Company’s policy to comply with applicable state collections laws when it contacts delinquent or defaulted borrowers (or others to the extent required by applicable law) with respect to debts owed to Company or to third-parties.

The FDCPA and similar state laws restrict the time, place, method, and other factors involved in a collector’s communications with a borrower. The Company maintains a system of record for applicable state law requirements, and is responsible for ensuring that such requirements are followed when employees communicate with a delinquent or defaulted borrower.  Those requirements are also incorporated into the Company’s procedures, playbooks and scripts.  Employees are trained and instructed to follow these materials to ensure compliance with applicable state servicing and collections law.

4.4              Fair Credit Reporting Act (FCRA)

As applicable, the Policy operates in accordance with the Fair Credit Reporting Act (“FCRA”), as amended by the Fair and Accurate Credit Transactions Act (“FACT Act”), when reporting collection of accounts.

Any reporting of disputed accounts is carefully investigated prior to reporting to the credit bureaus (also known as consumer reporting agencies).  The FCRA imposes specific requirements to users of consumer reports and furnishers of consumer reports.  The FACT Act imposes specific requirements about sharing information with affiliates.  Notice to consumers must be provided before reporting negative information to a consumer reporting agency, or within 30 days after reporting such information. As of the effective date of this Policy, the Company does not intend to use or furnish consumer reports in connection with its servicing and collections activities, and as such, the FCRA and FACT Act should not apply to the Company’s servicing and collections activities.

4.5              Servicemembers’ Civil Relief Act (SCRA)

As applicable, the Policy operates in accordance with the Servicemembers’ Civil Relief Act (the “SCRA”), which provides certain protections to military personnel during periods of active military service (as defined in the SCRA).  The following classes of borrowers are protected under the SCRA:

●        Members of the Army, Navy, Air Force, Marine Corps, or Coast Guard who are on active duty status or who are absent from duty as a result of being wounded or being granted leave; and

●        Members of the National Guard who have received a specific type of activation orders.

Members of the armed services are afforded the utmost respect and care when contacted as part of loan servicing and collections. At all times, Company executives and staff act to ensure members of the military and their families receive all the benefits afforded under the law.

4.6              Fair Lending

The Company endeavors to comply with all applicable state and federal laws ensuring fair lending and equal access to credit, including the Equal Credit Opportunity Act (“ECOA”), its implementing Regulation B, and related federal and state laws. Any decisions or considerations made in the course of Company’s collections or servicing activity shall be made without discrimination on the basis of race, color, religion, sex, national origin, marital or familial status, age (provided the applicant has legal capacity to enter into a binding contract), handicap, receipt of public assistance, or any other basis protected by applicable law.

4.7              Unfair, Deceptive, and Abusive Practices

As with all other activities conducted by the Company, Senior Management is responsible for ensuring that any servicing and collection activity is conducted fairly.  Management has implemented procedures to ensure that none of Company’s servicing and collections activities are construed as unfair, deceptive, or abusive.

5.                  Servicing Requirements and Objectives

In addition to ensuring compliance with the applicable laws outlined above, the Company and its personnel strive to:

●        Provide accurate and timely disclosures to a borrower as required by applicable law;

●        Investigate, respond to, and make appropriate corrections in response to complaints asserted by a borrower;

●        Provide a borrower with accurate and timely information and documents in response to the borrower’s requests for information about the borrower’s loan or account;

●        Provide owners or assignees of loans or accounts with accurate and current information and documents about all loans or accounts they own;

●        Provide appropriate personnel with access to accurate and current documents and information reflecting servicing and collection actions performed by third party vendors on behalf of the Company; and

●        Facilitate periodic reviews of vendors engaged in servicing and collection activity on behalf of the Company, including by providing appropriate personnel with documents and information necessary to audit compliance by third party vendors with the Company’s contractual obligations and applicable law.

6.                  Governance

The Company has adopted and follows written procedures to implement this Policy that meet the standards set forth in this Policy.  Procedures and changes to those procedures are reviewed and approved in advance of implementation by the Compliance Officer or their designee.  In addition, any significant procedural changes are communicated to relevant staff by the Compliance Officer or Senior Management through an email or training.

No part of this Policy or its supporting procedures should be interpreted as contravening or superseding any other legal and regulatory requirements imposed upon the Company.  Any conflicts between this Policy and other legal obligations should be submitted immediately to the Compliance Officer for further evaluation.

For any questions on this Policy or the Program, or to address any situations not covered herein, defer to the Compliance Officer prior to taking any action that may be non-compliant.

7.                  Approval, Review and Version History

Unfair, Deceptive and Abusive Acts and Practices Policy

1 1.     Overview

1.     Overview

KAPED INC. (“KAPED” or “Company”),  endeavors to fully comply with federal and state laws prohibiting unfair, deceptive, and abusive acts and practices (“UDAAP”), such as Sections 1031 and 1036 of the Dodd-Frank Act (“Dodd-Frank Act”) and Section 5 of the Federal Trade Commission Act (“FTC Act”), as well as similar state laws (collectively, the “UDAAP Laws”). Company is not a bank, a bank holding company, or a subsidiary of a bank or a bank holding company. However, the Company partners with banks (each, a “Bank Partner”) to provide services to its customers that are within the scope of Bank Partners ’obligations regarding UDAAP. Accordingly, the Company takes its role in ensuring its practices comply with all UDAAP Laws very seriously.

The Company’s Board of Directors has adopted this UDAAP Policy (“Policy”) as part of its compliance management system. The Compliance Officer serves as the individual responsible for all activities related to advertising and marketing in connection with the Company’s activities and oversees the development and implementation of this Policy.    

2.        Scope

This Policy applies to all activities and practices related to the Bank Partner’s offering and the Company’s activities in connection with financial services, including, but not limited to, marketing, customer service and collections (“Covered Practices”).

This Policy applies to (i) Company employees; (ii) the Company’s executives and senior managers (collectively, “Senior Management”); and (iii) any vendors providing services to the Company.  

3.        Roles and Responsibilities

3.1    Board of Directors

The Board oversees and is ultimately responsible for ensuring that the Company adheres to all applicable laws and company policies. The Board (or a designated Committee of the Board) is responsible for reviewing and approving this Policy and any changes to the Policy as they occur.  The Board designates their ability to make changes in between its review of this Policy to the Compliance Officer.  The Board also maintains oversight of compliance with Policy and any significant risks that Senior Management identifies.

3.2    Compliance Officer

The Compliance Officer is responsible for evaluating and updating the Policy to reflect any changes to (i) Covered Practices, (ii) Company employees whose duties involve Covered Practices, or (iii) applicable marketing and advertising laws.  The Compliance Officer reviews the Policy on a periodic basis and when any such changes are made.  The Compliance Officer’s review includes consideration of feedback on the effectiveness of the Policy and any input from relevant Bank Partners.

3.3    Marketing

Employees who help market the program with a Bank Partner shall be trained and responsible for ensuring that marketing materials do not contravene applicable marketing and advertising laws. These employees will consult with the Compliance Officer, the legal team, and relevant Bank Partners prior to conducting any qualifying marketing campaigns.

3.4    Customer Acquisition

Employees who work on customer acquisition, including the design of product onboarding funnels and the operation of onboarding customers, are expected to comply with all applicable UDAAP Laws. These employees will consult with the Compliance Officer, the legal team, and relevant Bank Partners prior to making material changes to customer-facing acquisition materials.

3.5    Collections

From time to time, customers may owe the Company for items such as unpaid fees or bounced ACH account-funding activities.  The Company manages its collections activities internally and such activities may include processing and posting payments, sending notices to customers, and imposing penalty fees. The Company ensures that all UDAAP Laws are adhered to in the collections process.

3.6    Legal

The Company’s legal team advises on the applicable UDAAP laws, which are described at the end of this Policy. Where appropriate, the Company also engages outside counsel to advise on other marketing and advertising matters.

3.7    Periodic Review

The Company shall identify and appoint appropriately skilled and knowledgeable persons to be responsible for conducting periodic review of the policy’s effectiveness.

4.        UDAAP

Sections 1031 and 1036 of the Dodd-Frank Act, which prohibit UDAAP, are enforced by the Consumer Financial Protection Bureau (“CFPB”) with respect to entities within that regulator’s jurisdiction. The Federal Trade Commission (“FTC”) has broad authority to enforce similar provisions of the FTC Act against non-bank entities. And state regulators have some authority to also enforce federal laws, in addition to any state standard prohibiting unfair and deceptive acts or practices.

4.1    Unfairness

An act or practice is considered “unfair” when:

●        It causes or is likely to cause substantial injury to consumers.

o    In most cases, a “substantial” injury involves monetary harm.

o    In contrast, emotional impact and other more subjective types of harm will not ordinarily make a practice unfair.

●        The customer injury is not reasonably avoidable by consumers.

●        The customer injury must not be outweighed by any countervailing benefits to consumers or to competition.

In determining whether an act or practice is unfair, a regulator may also consider whether the act or practice violates an established public policy, or whether the act or practice results in unethical or unscrupulous conduct.  

4.2    Deception

An act or practice is considered  “deceptive” if each of the following elements are met:

●        The act is a representation, omission, or practice that misleads or  is likely to mislead consumers.

o    Examples include false oral or written representations, misleading price claims, sales of systematically defective products or services without adequate disclosures, use of bait and switch techniques, and failure to perform promised services.

●        The consumer’s interpretation of the representation, omission, act, or practice is reasonable under the circumstances.

●        The representation, omission, or practice is material.

o    A “material” act is one that influences the customer’s conduct or decision to use a product or service.

o    In many cases, materiality can be presumed from the nature of the act or practice.

Thus, a regulator may consider an act or practice to be deceptive if there is a representation, omission or practice that is likely to mislead a customer acting reasonably in the circumstances, to the customer's detriment.  

4.3    Abusiveness

An act or practice is considered  “abusive” if each of the following elements are met:

●        The act or practice materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service or takes unreasonable advantage of:

o    A lack of understanding on the part of the consumer of the material risks, costs, or conditions of the product or services; .

o    The inability of the consumer to protect his/her interests in selecting or using a consumer financial product or service; or

o    The reasonable reliance by the consumer on a covered person to act in the interest of the consumer.

Examples of allegedly “abusive” practices have involved products targeted at consumers that a regulator believed were vulnerable and unable to understand the products at issue, and a belief by consumers that they could rely on the regulated entity to protect their interests.

5.        UDAAP Compliance

The Company takes its responsibility to mitigate any potential risks posed by UDAAP very seriously.  The Company recognizes that UDAAP violations can cause significant financial injury to consumers, cause significant reputational risk to the Company and its Bank Partners, erode consumer confidence, and undermine the financial marketplace.

5.1    Marketing

When developing marketing materials, the Company’s product and business teams ensure that the Company fairly and adequately describes the terms and the material limitations of the offered product or service, including any related or optional products or services, and such terms are not misrepresented either affirmatively or by omission. In addition, the Company (a) ensures that these materials do not use fine print, separate statements or inconspicuous disclosures to correct potentially misleading statements, and (b) ensures that there is a reasonable factual basis for all representations made. [[Complete marketing policies are set forth in the Company’s Marketing and Advertising Policy.]]

5.2    Customer Acquisition

The Company ensures that no unfair or deceptive misrepresentations concerning a consumer’s eligibility for a particular product are made during the account solicitation and opening process. Specifically, the Company:

●        Monitors complaints for potential misrepresentations in the customer acquisition process, as described in Section 6 (Complaints) below.

●        Ensures that account opening requirements, including documentation, are uniformly applied across all customers.

●        Trains its employees about who is authorized to approve accounts that need manual review and communicate decisions to prospective customers, as described in Section 7 (UDAAP Training) below.

5.3    Customer Service

The Company ensures that no unfair, deceptive, or abusive acts or practices occur during the course of its conversations with customers and during the account servicing process. Specifically, Company and any vendors employed in collections and servicing:

●        Ensure accurate and timely disclosures to customers, as required by applicable law.

●        Provide customers with accurate and timely information and documents in response to requests for information about the customer’s account.

●        Ensure accurate and timely processing of account funding payments.

5.4    Collections

The Company manages its collections activities internally and ensures that no unfair, deceptive, or abusive acts or practices occur during the course of any collections activities.  Specifically, the Company does not tolerate the following:

●        Collecting additional amounts in connection with amounts owed (including interest, fees, or charges) not expressly authorized by (i) agreement creating the amount owed and/or (ii) applicable law.

●        Failing to post payments timely, or failing to properly credit a customer’s account, and then charging late fees.

●        Taking possession of property without the legal right to do so.

●        Falsely representing the character, amount, or legal status of amounts owed to the Company.

●        Misrepresenting that a communication is from a government source or that the source of the communication is affiliated with the government.

●        Misrepresenting whether information about a payment or nonpayment would be furnished to a credit reporting agency.

●        Threatening any action that is not intended or authorized, including false threats of lawsuits, arrest, prosecution, or imprisonment for non-payment of amounts owed due to use of the product.

6.        Complaints

Complaints raising UDAAP concerns received through the Company are routed through customer service channels to the customer support team for resolution. Any complaints raising compliance issues with respect to UDAAP Laws will be raised with the Compliance Officer. Certain complaints may also be routed through the Bank Partner or may need to be escalated to the Bank Partner. The Company ensures that consumer-facing employees and vendors have appropriate complaint resolution processes in place.

[[The Company’s Complaint management policies are set forth in the Company’s Complaint Management Policy.]]

7.        UDAAP Training

The Company’s employees whose duties involve Covered Practices receive UDAAP training at least annually. In addition to annual training, such individuals receive appropriate retraining upon any changes to any applicable UDAAP Laws and regulations described below (Laws, Rules, Regulations and Other Sources). New employees of the Company whose duties involve Covered Activities receive UDAAP training during onboarding. The Company ensures that vendors whose services involve Covered Activities have received appropriate UDAAP training.

8.        Monitoring

The Compliance Officer promptly reports any self-identified UDAAP violations to Senior Management. Each quarter, the Compliance Officer gives the Company’s Senior Management a status report on the overall status of UDAAP-related initiatives, regulatory developments and emerging issues, and critical areas of risk.

9.        Recordkeeping

The Company maintains records of documents used in the ordinary course of its communications with customers. Marketing materials are retained by the Marketing Department.

10.      Laws, Rules, Regulations and Other Sources

This section provides a list of those laws, rules, regulations, guidelines, and other sources of legal guidance that the Company has determined are most relevant to its products, services, and activities.  This list is not exhaustive and is subject to periodic review and change, as appropriate.

●        Section 1036 of the Dodd-Frank Act, codified at 12 U.S.C. § 5536.

●        FTC Act, Section 5, codified at 15 USC § 45.

●        State Laws: Any UDAAP violation may also violate state laws (for example, if a fee is charged in violation of a state law).  Given the relationship between UDAAP and other laws, the Company ensures that this Policy is reviewed in conjunction with the Company’s other policies in connection with each applicable consumer financial services product and/or program, which may provide context and assist with compliance with this Policy.

11. Approval, Review and Version History


Changes By

Revision Notations

Date Reviewed


Vashon Gonzales

Policy drafted; effective date


Credit Profile Authorization

In this Consent Statement, “we,” “us,” and “our” refer to: (1) KAPED Capital Credit Cards, (2) KAPED INC., dba KAPED Capital, and (3) their service providers; and “you,” and “your” refer to (1) the person or business entity applicant and (2) the individual completing the application (who will also act as a guarantor).

You authorize us to obtain consumer and/or business credit reports that we will use when considering your application for credit. You also authorize us to obtain consumer and/or business credit reports from time to time and any other information about you in connection with any legal purpose, including:

  • ‍increases or decreases in the amount of credit made available to you under your account
    and extensions or withdrawals of credit on your account;
  • ‍the administration, monitoring, and review of your account and any attendant charges, and collection of your account; and
  • ‍offering you enhanced or additional products and services.

‍If you ask, we will tell you whether or not consumer or business credit reports were obtained and if the reports were obtained, as well as the name and address of the credit reporting agencies from which we obtained a report about you.