(a)

the applicant’s assessment of the inherent and residual risks of money laundering and terrorist financing associated with its business, including the risks relating to:

(b)

the measures that the applicant has or will put in place to prevent the identified risks and comply with applicable anti-money laundering and counter-terrorist financing requirements, including the applicant’s risk assessment process, the policies and procedures to comply with customer due diligence requirements, and the policies and procedures to detect and report suspicious transactions or activities;

(c)

detailed information on how those internal control mechanisms, policies and procedures are adequate and proportionate to the scale, nature, inherent risk of money laundering and terrorist financing, range of crypto-asset services provided, complexity of the business model and how those mechanisms, policies and procedures ensure compliance with Directive (EU) 2015/849 and Regulation (EU) 2023/1113;

(d)

the identity of the person in charge of ensuring compliance with anti-money laundering and counter-terrorist financing requirements, and evidence of that person’s knowledge, skills and experience;

(e)

arrangements, human and financial resources ensuring that the staff of the applicant is appropriately trained in anti-money laundering and counter-terrorist financing matters (annual indications) and on specific crypto-asset related risks;

(f)

a copy of the applicant’s anti-money laundering and counter-terrorism policies, procedures and systems;

(g)

the frequency of the assessment of the adequacy and effectiveness of those internal control mechanisms, policies and procedures, and the person or function responsible for such assessment.