Prohibited Lists Policy

Overview

Moola Copilot LLC (“Moola”) is committed to preventing financial crime, mitigating risk, and ensuring compliance with all applicable laws and regulations. To this end, the following industries, business models, and customer types are strictly prohibited from being onboarded, serviced, or facilitated through Moola or its Bank Partner programs.

Scope

This Policy applies to all Moola employees, contractors, and third-party partners involved in onboarding, servicing, or facilitating customers and accounts.

Policy

To maintain regulatory compliance and uphold our risk standards, the following industries, business models, and customer types are strictly prohibited from being onboarded, serviced, or facilitated:

Restricted Business Activities
Adult content, services, or entertainment, including pornography and escort services (including gentlemen’s clubs, strip clubs, topless bars)
Alcohol sales or distribution, including any business facilitating alcoholic beverages
Chemicals, including manufacture, sale, or distribution
Crypto-assets, digital currencies, or any business facilitating issuance, exchange, custody, or sale of cryptocurrencies, utility tokens, or ICOs
Dietary supplements and nutraceuticals, including sales, distribution, or promotion
Medical devices, prescription medications, or drugs, including any sales or facilitation
Tobacco products, including the sale, distribution, or facilitation of tobacco goods
Weapons and military-related products, including firearms, ammunition, military-grade equipment, software, or technologies
Violence-related materials or services promoting harm or hatred
Intellectual property violations or counterfeit goods
Unlicensed businesses requiring a government-issued license
Ponzi schemes, pyramid schemes, or deceptive multi-level marketing (MLM) models

High-Risk Entities and Structures
Bearer share corporations
Shell companies without a verifiable business purpose
Numbered or anonymous bank accounts
Parallel banking relationships
Payable through accounts (PTAs)
Pouch activities (informal value transfer systems)
Foreign shell banks
Financial institutions without a direct banking relationship (nested relationships)
OFAC-sanctioned countries, entities, or individuals

Foreign and Governmental Restrictions
Foreign governments
Embassies and foreign consulates
Foreign bulk currency shipments
Foreign gambling establishments or internet-based gambling platforms

Additional Prohibited Segments
Online dating or marriage services
Jewelry, precious metals, or gemstones businesses, including sale, exchange, or storage
Telemarketing activities
Securities-related services, including buying/selling stocks or investment vehicles
Marijuana or cannabis-related activities, including paraphernalia, regardless of legality in specific jurisdictions
Crowdfunding and/or fundraising platforms
Predatory mortgage consulting, lending, credit repair and counseling services
Content creation platforms

Policy Administration & Governance

The Compliance Officer will review this Policy annually or as required by law or regulatory guidance, and recommend changes to Senior Management. All updates must be approved by Senior Management and Moola’s Bank Partner. The Board of Directors will be provided a summary of updates, and full policy documentation will be available for review upon request.

Any proposed exceptions to this Policy and/or advice on potential risks arising from the exception should be directed to the Compliance Officer for review. Both the Compliance Officer and Senior Management must approve all exceptions to this Policy and notify the Bank Partner of the exception. Moola will not approve any exception that causes a breach of law or regulation. Questions regarding this Policy should be directed to the Compliance Officer.
Roles and Responsibilities
Moola is responsible for monitoring and reporting on compliance of this Policy. Moola may delegate to others the authority to adopt, develop, and implement procedures and reporting that support this Policy.

All employees are responsible for understanding and adhering to this Policy, reporting suspected violations, and completing required compliance training.

All employees must escalate any potential onboarding of restricted or high-risk business types to the Compliance Officer before account opening or service facilitation.

Record Retention

Moola maintains a Record Retention Policy. Please refer to that policy for any and all record retention guidelines.

Training

The Compliance Officer is responsible for ensuring all Moola staff receive training on compliance requirements, policies, and control processes relevant to their roles and responsibilities. The training program will be risk-based, and the Compliance Officer will revise it in light of any material compliance weaknesses identified. The program will identify the baseline training requirements for all Moola employees and categories of employees that require training above the baseline level. The Compliance Officer will track training completion and hold business line managers accountable for their staff completing appropriate training.

Customer Complaint Management procedures will be documented and all Moola employees having interaction with customers will be trained as part of their job responsibilities.

Training will be held within 30 days of hire for new employees and then on an annual basis.