ERAM · Compliance · AML & CFT

AML & CFT Policy.

ERAM Real Estate is committed to the prevention, detection and reporting of money laundering and the financing of terrorism, and applies a risk-based AML/CFT programme across the Company, its project SPVs, and the ERAM Investors Portal.

Effective date: 1 May 2026 · Last updated: 12 May 2026 · Owner: Money Laundering Reporting Officer (MLRO) · Review cycle: Annual or upon material change

1. Purpose and scope

ERAM Real Estate Sh.P.K. ("ERAM", "the Company", "we") is committed to the prevention, detection and reporting of money laundering, the financing of terrorism, and the financing of proliferation of weapons of mass destruction. This policy sets out the principles and minimum control standards applied across the Company, its project special-purpose vehicles (SPVs), the ERAM Investors Portal, and any third party acting on the Company's behalf.

The policy is binding on every director, officer, employee, consultant and contractor of ERAM. Compliance with it is a condition of engagement.

2. Legal framework

ERAM operates in accordance with the Republic of Kosovo Law on the Prevention of Money Laundering and Combating Terrorist Financing (and any successor legislation), the Kosovo Criminal Code, instructions of the Kosovo Financial Intelligence Unit (FIU-K), the requirements of the Central Bank of Kosovo applicable to non-bank reporting entities, and applicable European Union AML directives where they bind ERAM's counterparties or service providers.

Where Kosovo law and EU practice diverge, ERAM applies the higher standard.

3. Risk-based approach

ERAM applies a risk-based approach to AML/CFT, calibrated to the nature, scale and complexity of its activities. A documented enterprise-wide risk assessment is maintained, reviewed at least annually, and updated whenever there is a material change to ERAM's products, channels, customers, geographies or threat landscape.

Customer risk is rated low, medium or high based on a defined matrix considering, among other factors:

  • Type of customer — individual, corporate, trust, foundation, partnership, fund;
  • Country of residence, citizenship, and where applicable, source of wealth;
  • Political exposure (PEP, family member, close associate);
  • Nature and economic purpose of the transaction;
  • Source of funds and source of wealth;
  • Payment method and channel;
  • Reputational and adverse-media indicators;
  • Sanctions screening outcome.

4. Customer due diligence (CDD)

Customer Due Diligence is applied at onboarding to every prospective investor on the ERAM Investors Portal and to every customer entering a unit-sale or lease contract above the threshold specified in Kosovo AML law. CDD comprises:

  1. Identification — collection of full legal name, date of birth, nationality, government identification document, residential address.
  2. Verification — verification of identity against a reliable, independent source, including liveness check for remote onboarding via our KYC service provider.
  3. Beneficial ownership — for legal entities, identification and verification of all natural persons holding more than 25% of capital or voting rights, or otherwise exercising control.
  4. Purpose and intended nature — understanding of the business relationship, including investment range and investor classification.
  5. Source of funds and source of wealth — declaration and, for higher-risk relationships, supporting documentation.
  6. Sanctions and PEP screening — screening against EU, UN, OFAC, UK consolidated lists and PEP databases at onboarding and on a continuous basis thereafter.
  7. Ongoing monitoring — monitoring of transactions, periodic refresh of CDD information, and event-driven reviews.

5. Enhanced due diligence (EDD)

Enhanced Due Diligence is applied to higher-risk relationships, including but not limited to:

  • Politically Exposed Persons (PEPs), their family members and close associates;
  • Customers from, resident in, or with assets in higher-risk jurisdictions as defined by the Financial Action Task Force (FATF) or by ERAM's internal risk register;
  • Complex or unusual ownership structures with no apparent economic purpose;
  • Customers introduced by third parties subject to weaker AML standards;
  • Transactions involving private investment vehicles, nominee arrangements, or bearer instruments.

EDD measures may include senior-management approval before establishing or continuing the relationship, additional source-of-wealth documentation, lower transaction thresholds for monitoring, and more frequent CDD refresh.

6. Suspicious activity reporting

Every employee, contractor and agent of ERAM is obliged to report internally, without delay, any activity that raises suspicion of money laundering or terrorist financing. Internal reports are escalated immediately to the Money Laundering Reporting Officer (MLRO).

The MLRO conducts a documented assessment of every internal report and, where the suspicion is not dispelled, files a Suspicious Activity Report (SAR) with the FIU-K in accordance with applicable timelines.

Tipping-off — informing the customer or any third party that an internal report has been made or that a SAR has been filed — is strictly prohibited and is a criminal offence.

7. Money Laundering Reporting Officer (MLRO)

The Company appoints a designated MLRO with sufficient seniority, independence and authority to discharge the role. The MLRO's responsibilities include:

  • Receiving and assessing internal suspicion reports;
  • Filing SARs with the FIU-K where required;
  • Maintaining the enterprise-wide AML risk assessment;
  • Overseeing the AML training programme;
  • Reporting to the board at least annually on the effectiveness of the AML programme and any material incidents;
  • Acting as the principal point of contact with FIU-K, CBK and other competent authorities.

8. Record-keeping

ERAM retains CDD records, transaction records, internal suspicion reports and SARs for the period required by Kosovo AML law (currently five years following the end of the customer relationship or the date of the transaction, whichever is later). Records are stored securely, with access controls and audit trails.

9. Training

All staff, including directors, receive AML/CFT training appropriate to their role, on appointment and at least annually thereafter. Training records are maintained by the MLRO and reviewed during the annual statutory audit and any internal-audit cycle.

10. Third parties and reliance

Where ERAM engages a third party to perform any element of CDD (for example, an external KYC/AML service provider for investor onboarding), the third party is selected through documented due diligence, contractually bound to apply standards equivalent to or higher than ERAM's, and subject to periodic review. Ultimate responsibility for AML compliance remains with ERAM.

11. Governance and review

The board of ERAM Real Estate Sh.P.K. is ultimately accountable for AML/CFT compliance. The MLRO reports to the board at least annually. This policy is reviewed at least annually and whenever material changes to law, regulation or the Company's risk profile occur.

Contact

Questions regarding this policy, or to report a concern: [email protected]. Confidential reports may also be made via our Whistleblowing channel.

ERAM Real Estate Sh.P.K. · Business no. (NUI) 812052025 · Registered 13/06/2023 · Rruga Agim Ramadani, Nr. 2, 10000 Prishtina, Kosovo