# Compliance Integration Guide

### Compliance Integration Guide <a href="#compliance-integration-guide" id="compliance-integration-guide"></a>

**Regulatory Mapping · BSA/AML Program · On-Chain Verification · Module-Aware Coverage · Institutional Due Diligence**

Technical compliance reference for compliance officers, institutional risk teams, legal counsel evaluating the platform, and auditors verifying regulatory alignment. This document maps every regulatory obligation to the specific on-chain control or off-chain procedure that satisfies it, and details how compliance applies across all three production modules: Equities (Module 1), Real Estate (Module 2), and CORECM — Carbon Ore, Rare Earth, and Critical Minerals (Module 3).

The platform is operated by Groovy Company, Inc. The trading venue is CEDEX. The qualified-custody and onboarding anchor is Empire Stock Transfer.

> This document describes **what** must happen for each compliance obligation, **why** each obligation applies, and **how each obligation is verified**. Specific shell commands, RPC queries, and program-account schemas used by auditors for independent verification are maintained in the platform's internal compliance runbooks and Smart Contract Reference, and are accessible to authorized auditors under non-disclosure agreement.

***

#### Table of Contents <a href="#table-of-contents" id="table-of-contents"></a>

1. ​Regulatory Framework​
2. Category 1 Model B Requirements​
3. ​The 42 Controls — Regulatory Mapping​
4. Empire Stock Transfer Compliance Architecture​
5. ​BSA / AML Program​
6. ​OFAC Sanctions Program​
7. ​Holding Period Enforcement​
8. ​Investor Eligibility​
9. ​Record Keeping and Audit Trail​
10. ​Protective Conversion​
11. ​On-Chain Compliance Verification​
12. ​Module-Specific Compliance​
13. ​Module 3 Federal-Action Coordination​
14. ​Institutional Due Diligence Checklist​
15. ​Regulatory Contact Matrix

***

#### 1. Regulatory Framework <a href="#id-1.-regulatory-framework" id="id-1.-regulatory-framework"></a>

**1.1 Governing Authorities**

AuthorityJurisdictionPlatform Relevance

**SEC**

Federal securities law

Release No. 33-11412, Category 1 Model B, Reg D / Reg S / Reg CF, Form D, beneficial ownership

**FinCEN**

Bank Secrecy Act and AML

BSA compliance program, SAR / CTR filing, CIP, beneficial ownership

**OFAC**

Sanctions enforcement

SDN list screening, comprehensively sanctioned countries, secondary sanctions

**State securities regulators**

Blue Sky laws

State notice filings per Reg D

**Wyoming Secretary of State**

Issuer (Groovy Company, Inc.) incorporation

Wyoming Business Corporation Act, W\.S. 34-29-101 (Digital Asset Statute)

**Issuer states of incorporation**

Corporate governance

Certificate of Designation filing, Common B share class authorization

**USGS / DOE**

Critical minerals classification (Module 3)

USGS Critical Minerals List, DOE Critical Materials Strategy

**Federal trade and defense authorities**

Strategic minerals (Module 3)

Section 232 of the Trade Expansion Act of 1962, Defense Production Act Title III, Executive Order 14017, Energy Act of 2020

**FINRA**

Reg CF intermediation

Funding portal registration and oversight

**1.2 Primary Regulatory Citations**

CitationDateRelevance

**SEC Release No. 33-11412**

March 17, 2026

Establishes Digital Securities taxonomy. ST22 tokens classified as Category 5 Digital Securities.

**January 28, 2026 Joint Staff Statement**

January 28, 2026

Defines Category 1 (issuer-sponsored) versus Category 2 (third-party sponsored) tokenization. The platform operates under Category 1 Model B.

**SEC Crypto Task Force directive**

March 30, 2026

Common Class B shares specified as sole backing instrument for third-party ST22 tokens across all modules.

**April 13, 2026 SEC Staff Statement on Covered User Interface Providers**

April 13, 2026

Statement confirming that interface providers are not subject to broker-dealer registration when they do not engage in restricted activities.

**Securities Act of 1933**

As amended

Registration requirements; Reg D (§230.501–506), Reg S (§230.901–905), and Reg CF (§227.100–504) exemptions.

**Securities Exchange Act of 1934 §17A**

As amended

Transfer agent registration requirements. Empire Stock Transfer's compliance basis.

**Bank Secrecy Act (31 U.S.C. §5311)**

As amended

AML program requirements, CIP, CTR / SAR filing, recordkeeping.

**31 CFR Part 1010**

As amended

FinCEN regulations implementing the BSA.

**GENIUS Act**

Enacted

USDC and PYUSD stablecoin settlement framework.

**Wyoming W\.S. 34-29-101**

As amended

Wyoming Digital Asset Statute — statutory support for DLT-based securities.

**UCC Article 8**

Uniform

ST22 transfers on CEDEX constitute effective instructions to update Empire Master Securityholder File per §8-102(a)(8).

**USGS Critical Minerals List**

Most recent designation

Module 3 classification baseline.

**DOE Critical Materials Strategy**

Most recent edition

Module 3 classification baseline.

**Section 232 of the Trade Expansion Act of 1962**

As amended

Module 3 strategic-minerals federal-action source.

**Defense Production Act Title III**

As amended

Module 3 federal-action source.

**Executive Order 14017 (America's Supply Chains)**

February 24, 2021

Module 3 critical-minerals supply-chain policy basis.

**Inflation Reduction Act critical-minerals provisions**

August 16, 2022

Module 3 federal incentive and eligibility framework.

**Energy Act of 2020**

December 27, 2020

Module 3 critical materials and DOE coal-derived REE recovery basis.

**1.3 Mathematical versus Legal Enforcement**

DimensionLegal EnforcementThe Platform's Mathematical Enforcement

**Timing**

After violation (detective)

Before violation (preventive) — transaction reverts

**Certainty**

Subject to interpretation

Binary: compliant or blocked

**Dependence**

Good faith of intermediaries

Solana runtime — cannot be circumvented

**Override**

Administrative discretion

No override exists — immutable program logic

**Audit**

Reconstructed from logs

Immutable on-chain record per transaction

**Speed**

Weeks to months

\~400ms (one Solana block)

***

#### 2. Category 1 Model B Requirements <a href="#id-2.-category-1-model-b-requirements" id="id-2.-category-1-model-b-requirements"></a>

Release No. 33-11412 and the January 28, 2026 Joint Staff Statement establish seven requirements for Category 1 Model B compliance. The platform satisfies all seven across all three modules.

RequirementImplementationStatusVerification

**1. Direct issuer authorization**

Board resolution required before Common B creation. Corporate action of the issuer — not the platform.

Binding

Board resolution on file with Empire and the platform

**2. Official shareholder register**

Empire Master Securityholder File — DLT-integrated. Certificate of Designation filed with the issuer's state of incorporation.

Binding

Empire MSF plus state filing

**3. Regulated custody**

Empire Stock Transfer — SEC §17A-registered qualified custodian. Irrevocable custody.

Binding

Custody oracle attestation per block

**4. True equity backing**

1:1 Common Class B shares. Issuer-designated voting, dividends, liquidation per Certificate of Designation.

Binding

Ed25519 attestation every \~400ms

**5. Clear ownership chain**

CUSIP assigned per Common B class (Module 1); property identifier (Module 2); basin identifier (Module 3). UCC Article 8 transfer mechanics.

Binding

Empire records

**6. Investor protection**

42 Transfer Hook controls plus protective conversion triggers (Controls 35–38).

Binding

On-chain verification (Section 11)

**7. Token standard compliance**

SPL Token-2022 with Transfer Hook extension on Solana Mainnet-Beta.

Binding

Mint account extensions query

**Category 1 versus Category 2**

DimensionCategory 1 Model B (the platform)Category 2 (third-party sponsored)

Issuer authorization

Required — board resolution

Not required

Counterparty risk

None — direct ownership

Significant — intermediary holds assets

Custody

Empire §17A qualified custodian

Varies — often unregulated

DLT in official records

Yes — Empire MSF

Not typically

Onboarding

Empire — sole authority

Third-party, platform-dependent

Compliance enforcement

42 immutable Transfer Hook controls

Application-layer — bypassable

***

#### 3. The 42 Controls — Regulatory Mapping <a href="#id-3.-the-42-controls-regulatory-mapping" id="id-3.-the-42-controls-regulatory-mapping"></a>

Every Transfer Hook control maps to a specific regulatory obligation. The 42 controls apply identically across all three modules; module-specific extensions are documented in Section 12.

**Custody Verification (Controls 1–6)**

ControlFunctionRegulatory BasisError

**CV-01**

Verify Empire custody balance matches token supply — per block (\~400ms)

Category 1 Model B Req. 3 (regulated custody)

6001

**CV-02**

Confirm 1:1 ratio (supply ≤ custodied Common B) — per transfer

Category 1 Model B Req. 4 (true equity backing)

6001

**CV-03**

Confirm Empire Stock Transfer operational status — per transfer

Exchange Act §17A

6002

**CV-04**

Ed25519 oracle health and latency — continuous

Category 1 Model B Req. 7 (token standard compliance)

6002

**CV-05**

Asset-identifier match — custodied shares match CUSIP, property, or basin assignment — per transfer

Category 1 Model B Req. 5 (clear ownership chain)

6001

**CV-06**

Wallet registered in Empire MSF under UCC Article 8 — per transfer

Category 1 Model B Req. 2 (official shareholder register)

6002

**Investor Verification (Controls 7–14)**

ControlFunctionRegulatory BasisError

**IV-07**

Block unverified wallets — Empire KYC required

BSA CIP (31 CFR §1020.220)

6003

**IV-08**

Block ineligible investors — Reg D (US accredited), Reg S (non-US), Reg CF (US retail)

Securities Act §4(a)(2), Reg D Rule 501, Reg S, Reg CF

6003

**IV-09**

AML risk scoring — Chainalysis KYT plus TRM Labs

BSA (31 U.S.C. §5318), 31 CFR §1010.210

6006

**IV-10**

Verified identity linked to wallet

BSA CIP, FinCEN CDD Rule

6003

**IV-11**

Block prohibited jurisdictions (comprehensively sanctioned)

OFAC regulations (31 CFR Parts 510, 515, 542, 560, 589)

6003

**IV-12**

Block minors from all trading

State securities laws, platform policy

6003

**IV-13**

Track investor classification (accredited, institutional, non-US, Reg CF)

Reg D Rule 501, Reg S, Reg CF

6003

**IV-14**

Require re-verification when KYC or accreditation expires

BSA ongoing due diligence, FinCEN CDD Rule

6003

**Position Limits (Controls 15–19)**

ControlFunctionRegulatory BasisError

**PL-15**

Wallet registration — Empire MSF whitelist required

Exchange Act §17A (transfer agent records)

6004

**PL-16**

Wallet concentration at or below 4.99% of supply

Market manipulation prevention (Exchange Act §9, §10)

6020

**PL-17**

Velocity limit — maximum 50 transactions per hour per wallet

Wash trading prevention

6022

**PL-18**

Cross-wallet clustering detection

Coordinated activity detection

6023

**PL-19**

Cumulative position tracking

Beneficial ownership monitoring

6020

**Circuit Breakers (Controls 20–23)**

ControlFunctionRegulatory BasisError

**CB-20**

Halt on price move above 10% in 5 minutes — 15-minute cooldown

NYSE Rule 80B equivalent, SEC market structure

6005

**CB-21**

Block single trade with price impact above 2% versus TWAP

SEC market manipulation prevention

6021

**CB-22**

Velocity limit enforcement — per-wallet transaction rate

Flash crash prevention

6022

**CB-23**

Halt all trading if custody oracle fails

Fail-safe — data integrity

6002 / 6038

**Holding Period Enforcement (Controls 24–29)**

ControlFunctionRegulatory BasisError

**HP-24**

Rule 144 (6 months, US accredited); Reg S (12 months, non-US); Reg CF (12 months, US retail)

Securities Act Rule 144; Reg S §230.903; Reg CF §227.501

6024

**HP-25**

Jurisdiction flag verification

Reg S Category 1 (equity of non-reporting issuers); Reg CF retail eligibility

6024

**HP-26**

Purchase timestamp immutability

Securities Act (no backdating)

—

**HP-27**

Timer cannot be shortened by governance

Statutory minimum enforcement

—

**HP-28**

Per-investor-mint tracking (one account per pair)

Individual investor compliance

—

**HP-29**

Reg S US-person check during compliance period

Reg S §230.903(b) — flowback prevention

6024

**Sanctions Compliance (Controls 30–34)**

ControlFunctionRegulatory BasisError

**SC-30**

Exact wallet address match against SDN list

OFAC SDN screening (50 Fed. Reg. 5342)

6003 / 6004

**SC-31**

Fuzzy entity name matching for entity investors

OFAC guidance on name matching

6003 / 6004

**SC-32**

2-hop graph clustering — funding source analysis

OFAC secondary sanctions, proxy detection

6003 / 6004

**SC-33**

Continuous re-screening (every transfer, not just onboarding)

OFAC ongoing screening requirement

6005

**SC-34**

Blacklist enforcement — confirmed matches permanently blocked

OFAC blocking requirements

6003

**Protective Conversion (Controls 35–38)**

ControlTriggerActionRegulatory Basis

**PC-35**

Issuer bankruptcy filing

Automatic conversion of Common B to common stock

Investor protection — Certificate of Designation

**PC-36**

SEC enforcement action or criminal indictment

Automatic conversion

Investor protection

**PC-37**

Loss of Empire Stock Transfer services

Automatic conversion

§17A continuity, investor protection

**PC-38**

Material breach of tripartite agreement

Conversion at the platform's plus Empire's discretion

Contract enforcement

**Record Keeping and Governance (Controls 39–42)**

ControlFunctionRegulatory BasisError

**RK-39**

Immutable on-chain compliance audit trail per transfer

BSA recordkeeping (31 CFR §1010.410), Securities Act

—

**RK-40**

Hash chain verification of audit record integrity

Data integrity

—

**GOV-41**

Controlled migration — upgrades in progress

Governance protocol

6041

**REG-42**

Regulatory compliance freeze — immediate halt

Legal Counsel plus 3-of-5 multi-signature. No timelock. Used for SEC enforcement, court orders, FinCEN SAR investigations, OFAC emergency designations, active exploits, and Module 3 federal actions.

6042

***

#### 4. Empire Stock Transfer Compliance Architecture <a href="#id-4.-empire-stock-transfer-compliance-architecture" id="id-4.-empire-stock-transfer-compliance-architecture"></a>

**4.1 Empire's Dual Role**

RoleScopeRegulatory Basis

**Qualified Custodian**

Holds all Common Class B shares in irrevocable, perpetual custody. Maintains Master Securityholder File. Ed25519 attestation every \~400ms.

Exchange Act §17A; SEC custody requirements

**Sole Investor Onboarding Authority**

KYC (individuals), KYB (entities), AML (Chainalysis KYT plus TRM Labs), OFAC / SDN screening, wallet verification.

BSA CIP (31 CFR §1020.220); FinCEN CDD and Beneficial Ownership Rules

The platform does not perform investor onboarding. The platform Portal routes to Empire's dashboard for all verification. This architectural decision ensures that investor verification is performed by a regulated entity with §17A obligations — not by the platform operator.

**4.2 Empire Verification Types**

VerificationIndividual (KYC)Entity (KYB)

**Identity**

Government-issued photo ID, full legal name, DOB, SSN or ITIN

Entity formation documents, registration number, EIN

**Address**

Residential proof of address

Principal business address

**Accreditation**

Income ($200K+ individual, $300K+ joint), net worth ($1M+ excluding residence), or professional certification (Series 7, 65, 82)

$5M+ assets, or all equity owners accredited

**Beneficial ownership**

N/A

UBO at 25% or higher ownership threshold

**OFAC screening**

SDN list check

SDN list check plus entity officer and director check

**AML scoring**

Chainalysis KYT plus TRM Labs wallet risk score

Same plus entity risk assessment

**Wallet**

Solana wallet address linked to verified identity

Same — per authorized signer

**4.3 Empire Credentials**

CredentialDetail

SEC registration

Section 17A of the Securities Exchange Act of 1934

Operating since

2006

Companies served

530+ publicly traded companies

Geographic scope

Operations across 5 continents

DLT integration

Master Securityholder File with DLT record per Category 1 Model B

Conflict disclosure

Patrick Mokros serves as Chief Operating Officer of Groovy Company, Inc. and Founder of Empire Stock Transfer. The dual role is fully disclosed; all transactions between the two entities are classified as related-party transactions and subject to Audit Committee review per the platform's Related Party Policy.

***

#### 5. BSA / AML Program <a href="#id-5.-bsa-aml-program" id="id-5.-bsa-aml-program"></a>

**5.1 Program Elements**

ElementImplementationCFR Reference

**Customer Identification Program (CIP)**

Empire performs four-pillar identity verification at onboarding

31 CFR §1020.220

**Customer Due Diligence (CDD)**

Risk-based due diligence at onboarding plus ongoing monitoring

31 CFR §1010.210

**Beneficial Ownership**

Empire identifies UBOs at 25% or higher for all entity investors

31 CFR §1010.230

**Transaction Monitoring**

Transfer Hook Controls 9 and 11 through 15 screen every transfer. Chainalysis and TRM Labs analyze 200+ behavioral features.

31 CFR §1010.210

**Suspicious Activity Reports**

Empire files SARs with FinCEN for transactions at $5,000 or above meeting BSA criteria

31 CFR §1010.320

**Currency Transaction Reports**

Fiat on-ramp transactions at $10,000 or above trigger CTR filing

31 CFR §1010.311

**Recordkeeping**

5-year retention for KYC, KYB, and AML records. 7-year retention for transaction records.

31 CFR §1010.410

**Independent Testing**

Annual external audit of AML program effectiveness

31 CFR §1010.210(b)

**Compliance Officer**

Designated BSA compliance officer

31 CFR §1010.210(b)

**Training**

Annual AML training for all staff. Quarterly for compliance officers.

31 CFR §1010.210(b)

**5.2 Three-Layer AML Architecture**

The platform's AML defense operates in three layers, each handling a different point in the investor lifecycle:

**Layer 1 — Empire Onboarding (one-time plus periodic refresh).** Performed by Empire Stock Transfer at investor onboarding and on each periodic refresh. Includes identity verification (CIP), accreditation verification (Reg D Rule 501; Reg S non-US person determination; Reg CF eligibility), beneficial-ownership identification for entity investors, OFAC and SDN screening, AML risk assessment, and wallet registration in the Master Securityholder File.

**Layer 2 — Transfer Hook (every transfer, real-time).** Enforced by the on-chain Transfer Hook program at the Solana runtime level. Every transfer evaluates Controls 1 through 6 (custody verification via Ed25519), Controls 7 through 14 (investor eligibility), Controls 8 through 10 (OFAC re-screening against current SDN list), Control 11 (AML risk score check), Control 24 (holding period enforcement), and Controls 15 through 42 (position limits, circuit breakers, audit trail).

**Layer 3 — Platform Analytics (continuous).** Off-chain monitoring. Includes Chainalysis KYT real-time transaction monitoring, TRM Labs behavioral pattern analysis, volume-spike detection (100x threshold), cross-wallet clustering for coordinated activity, and SAR-trigger analysis.

**5.3 AML Risk Disposition**

ScoreTierActionSAR Trigger

0–30

Low

Approve — transfer proceeds

No

31–70

Medium

Approve and flag — compliance reviews within 24 hours

If investigation confirms suspicious activity

71–100

High

Reject (Error 6006) — wallet blocked

Yes — SAR filed if at $5,000 or above

***

#### 6. OFAC Sanctions Program <a href="#id-6.-ofac-sanctions-program" id="id-6.-ofac-sanctions-program"></a>

**6.1 Three-Layer Screening**

LayerMethodCatches

**Layer 1: Exact address**

Direct Solana wallet match against SDN addresses

Directly sanctioned wallets

**Layer 2: Fuzzy entity**

Entity name and alias matching via Chainalysis entity resolution

Slight name variations ("ACME Corp" versus "ACME Corporation LLC")

**Layer 3: 2-hop clustering**

Transaction graph analysis — wallets within 2 degrees of SDN entities

Proxy wallet strategies, indirect funding paths

**6.2 Comprehensively Sanctioned Jurisdictions**

Transfer Hook Control 11 blocks wallets associated with OFAC comprehensively sanctioned jurisdictions:

JurisdictionCFR Reference

Iran

31 CFR Part 560

North Korea

31 CFR Part 510

Syria

31 CFR Part 542

Cuba

31 CFR Part 515

Crimea region

31 CFR Part 589

**6.3 Continuous Re-Screening**

OFAC screening is not a one-time onboarding event. Controls 8 through 10 re-screen every wallet on every ST22 transfer against the current SDN list (refreshed hourly plus emergency push). A wallet clean at onboarding but later added to the SDN list is blocked immediately on its next transfer attempt. This continuous re-screening is architecturally impossible in an application-layer compliance system; the Transfer Hook enforces it at the Solana runtime level.

**6.4 Staleness Safeguards**

SDN List AgeBehavior

0–24 hours

Normal operation — screening on every transfer

24–48 hours

Cached list used. P2 alert raised. OFAC indexer investigated.

Above 48 hours

All transfers halt — Error 6005 until SDN list refreshed

**6.5 Module 3 Secondary Sanctions Considerations**

Module 3 issuances may involve basin-asset entities operating in or sourcing materials from jurisdictions where US secondary sanctions apply. Empire applies enhanced screening for Module 3 entity investors and basin-asset issuers, including review of supply-chain counterparty exposures where federal counter-party diligence is appropriate.

***

#### 7. Holding Period Enforcement <a href="#id-7.-holding-period-enforcement" id="id-7.-holding-period-enforcement"></a>

**7.1 On-Chain Mechanism**

Transfer Hook Control 24 enforces mandatory holding periods at the Solana runtime level. This is not a contractual agreement — it is mathematically enforced code that rejects transfers before the statutory period elapses.

Investor TypeExemptionHolding PeriodEnforcementStatutory Basis

US accredited

Reg D

6 months (15,778,800 seconds)

On-chain (Control 24)

Securities Act Rule 144(d)

Non-US

Reg S

12 months (31,536,000 seconds)

On-chain (Control 24)

Reg S §230.903(b)(3)

US retail

Reg CF

12 months (31,536,000 seconds)

On-chain (Control 24)

Reg CF §227.501

**7.2 HoldingPeriodAccount**

A per-investor-per-mint state account is created at token delivery. The account records the purchase timestamp (set by the Solana runtime clock — never by user input), the jurisdiction flag (US / Non-US / Reg CF), the holding period in seconds (immutable per investor type), and the lock status.

**7.3 Properties**

PropertyEnforcement

Cannot be shortened

Holding period seconds are hard-coded program constants — governance cannot reduce below statutory minimum

Cannot be backdated

Purchase timestamp is set by the Solana runtime clock at transaction execution

Cannot be overridden

No administrative override path. The platform cannot unlock a holding period early.

Per-investor tracking

One HoldingPeriodAccount per investor and per mint

Jurisdiction immutable

Set by Empire at onboarding. Cannot be changed post-delivery.

**7.4 Verification**

Auditors verify holding period enforcement by querying the HoldingPeriodAccount for a specific investor-mint pair. The query returns the jurisdiction (US, Non-US, or Reg CF), the purchase timestamp, the holding period in seconds, and the lock status. Verification methodology is documented in the Smart Contract Reference and the platform's compliance runbooks.

***

#### 8. Investor Eligibility <a href="#id-8.-investor-eligibility" id="id-8.-investor-eligibility"></a>

**8.1 Accredited Investor Definition (SEC Rule 501)**

Qualification PathThreshold

**Income**

$200,000 individual ($300,000 joint) in each of the 2 most recent years with reasonable expectation of continuance

**Net worth**

$1,000,000 or higher excluding primary residence

**Professional certification**

Series 7, 65, or 82 license holders

**Entity**

$5,000,000 or higher in assets, or all equity owners accredited

**Knowledgeable employee**

Of the private fund issuer

**8.2 Verification by Empire**

Empire Stock Transfer performs all accreditation verification. Accepted methods include:

* Third-party accreditation letter (valid 90 days).
* Tax return verification (IRS Form W-2, 1099, K-1).
* Account statements (broker-dealer, bank).
* Professional license verification.
* Entity documentation (audited financials, formation documents).

**8.3 Reg S Investor Qualification**

Non-US investors must satisfy Reg S requirements:

* Not a "US person" per Reg S §230.902(k).
* Transaction occurs in an "offshore transaction."
* No "directed selling efforts" into the United States.
* Verified by Empire Stock Transfer.

**8.4 Reg CF Investor Qualification**

US retail investors purchasing in Reg CF offerings must satisfy the SEC Rule 100(a)(2) investment-limit determination:

* Annual income or net worth determines the maximum amount the investor may purchase across all Reg CF offerings in a 12-month period.
* A FINRA-registered funding portal must intermediate the offering.
* Empire performs the eligibility determination at onboarding and the funding portal applies the per-offering investment limit at purchase.

**8.5 Investor-Type Determination at Onboarding**

Empire's onboarding determination flags each investor as US accredited (Reg D), non-US (Reg S), or US retail (Reg CF). The flag is recorded in the Master Securityholder File and on chain via the HoldingPeriodAccount jurisdiction field. The flag is immutable after delivery — an investor's classification cannot be changed post-purchase.

***

#### 9. Record Keeping and Audit Trail <a href="#id-9.-record-keeping-and-audit-trail" id="id-9.-record-keeping-and-audit-trail"></a>

**9.1 Dual Record Architecture**

Record LayerWhatRetentionRegulatory Basis

**On-chain (immutable)**

Every ST22 transfer with all 42 control results, amounts, timestamps, wallet addresses, error codes

Permanent (Solana ledger)

BSA §1010.410; Securities Act

**Empire Stock Transfer**

KYC and KYB records, accreditation documents, MSF entries, SAR and CTR filings

5–7 years per BSA

31 CFR §1010.410

**Platform compliance database**

Oracle attestation history, circuit breaker events, AML scores, OFAC screening results, Module 2 NAV records, Module 3 federal-action records

7 years

BSA plus Securities Act

**9.2 On-Chain Audit Record**

Every successful transfer emits a TransferValidated event including the mint, sender, recipient, amount, timestamp, and a signal that all 42 controls passed. Every rejected transfer returns a specific error code identifying which control failed. Both outcomes are recorded on the Solana ledger — immutable and independently verifiable by any party with an RPC connection.

**9.3 Retention Summary**

Record TypeRetentionRegulatory Basis

KYC records

5 years after account closure

BSA

KYB records

5 years after relationship ends

BSA, FinCEN CDD

Transaction records

7 years

Securities Act, IRS

Accreditation records

5 years

Reg D

OFAC screening records

5 years

OFAC regulations

SAR filings

5 years from filing

BSA

CTR filings

5 years

BSA

Audit reports

5 years

BSA

Training records

5 years

BSA

Module 2 appraisal records

7 years

Real-property records standard; SEC offering documentation retention

Module 3 federal-classification records

Permanent

Federal record-keeping standard for strategic-minerals diligence

On-chain transfer records

Permanent

Solana ledger

***

#### 10. Protective Conversion <a href="#id-10.-protective-conversion" id="id-10.-protective-conversion"></a>

**10.1 Trigger Events**

Controls 35 through 38 implement automatic protective conversion — converting Common B shares to common stock upon adverse events, protecting investors even if the issuer fails:

TriggerControlActionInvestor Impact

Issuer bankruptcy filing

PC-35

Automatic conversion per Certificate of Designation

Investor holds common stock through bankruptcy proceedings

SEC enforcement action

PC-36

Automatic conversion

Investor holds common stock — exits tokenized structure

Criminal indictment (officer or director)

PC-36

Automatic conversion

Same

Loss of Empire services

PC-37

Automatic conversion

Investor holds common stock — custody transfers

Material breach of tripartite agreement

PC-38

Conversion at the platform's plus Empire's discretion

Case-by-case determination

**10.2 Purpose**

Protective conversion ensures that investors retain genuine equity ownership (common stock) even if the tokenization infrastructure fails. This is the safety valve that separates Category 1 Model B from Category 2 — the investor is never left holding a token with no underlying claim.

**10.3 Module-Specific Protective Conversion**

The same four trigger types apply across all modules. Module-specific considerations:

* **Module 1 (Equities).** The investor receives common stock of the issuer corporation upon conversion.
* **Module 2 (Real Estate).** The investor receives common stock of the single-asset entity that holds the property. The single-asset entity continues as a going concern post-conversion; the investor's claim is now to the entity's equity directly rather than to a tokenized representation.
* **Module 3 (CORECM).** The investor receives common stock of the basin-asset entity that holds the mineral basin or mining concession. As with Module 2, the entity continues as a going concern, and the investor holds direct equity.

***

#### 11. On-Chain Compliance Verification <a href="#id-11.-on-chain-compliance-verification" id="id-11.-on-chain-compliance-verification"></a>

Auditors and institutional risk teams independently verify every compliance claim without relying on the platform's representations. The platform exposes verification methodology and reproducible procedures through the Smart Contract Reference, the platform's published audits (Quantstamp, Halborn, OtterSec, Certora), and on-chain queries that any party with a Solana RPC connection can perform.

**11.1 Verifications Required Across All Modules**

VerificationWhat Is Confirmed

Transfer Hook permanently attached

The Token-2022 mint extension stores the Transfer Hook program ID; the SPL Token-2022 standard makes attachment permanent

1:1 custody backing

The custody oracle reports `common_b_balance` greater than or equal to `token_supply`; Ed25519-verified; no discrepancy detected

Holding period enforcement

The HoldingPeriodAccount records the correct jurisdiction-specific period; lock status accurate

Global Pool permanently locked

LP mint supply is zero, LP mint authority is `None`, pool program upgrade authority is `None`

OFAC oracle current

The OFAC oracle's `is_fresh` status is true; entry count consistent with the published SDN list

SecurityConfig parameters

All parameters within governance-approved ranges; pause flag false during normal operation

Holding period constant immutability

Verified by Certora invariant E.4 plus examination of deployed program bytecode against audited source

**11.2 Module-Specific Verifications**

Module 2 and Module 3 add verification points for the module-specific oracles:

VerificationModuleWhat Is Confirmed

NAV oracle freshness

Module 2

`last_reappraisal` within `nav_reappraisal_max_age_secs`; appraiser signature verified

NAV deviation within bounds

Module 2

On-chain price within `nav_deviation_max_bps` of NAV

Classification oracle freshness

Module 3

USGS and DOE classification within `classification_max_age_secs`

Federal-action status

Module 3

Classification oracle reports current federal-action status for the basin

**11.3 Independent Verifiability**

Every verification listed above can be performed without the platform's cooperation. The on-chain accounts are public; any Solana RPC provider returns the data; the Ed25519 signatures are verifiable using Empire's published public key; the program bytecode is verifiable against published audit hashes. This is a structural property of Category 1 Model B, not a discretionary practice of the platform.

***

#### 12. Module-Specific Compliance <a href="#id-12.-module-specific-compliance" id="id-12.-module-specific-compliance"></a>

The 42 Transfer Hook controls apply identically across all three modules. Module-specific compliance considerations sit at the asset-class and federal-framework layer, not at the on-chain enforcement layer.

**12.1 Module 1 — Equities**

**Asset class.** Public-company equity securities sourced from OTC microcap, NASDAQ, AMEX, TSX, and other global exchanges.

**Compliance posture.** Standard Reg D, Reg S, and (where applicable) Reg CF offering exemptions. CUSIP-identified Common Class B share class. EDGAR pipeline integration provides issuer-disclosure intelligence to support investor-protection controls (Layer 9 IDOS).

**Empire onboarding considerations.** Standard accreditation paths. Investor-type classification flags Reg D, Reg S, or Reg CF.

**Module-specific records.** Issuer board resolution, Certificate of Designation filed with the issuer's state of incorporation, CUSIP assignment, EDGAR filings.

**12.2 Module 2 — Real Estate**

**Asset class.** Tokenized real-property assets held via single-asset entities.

**Compliance posture.** Same Category 1 Model B framework. Common Class B is issued by the single-asset entity that holds the property. Module-specific NAV oracle reports appraised value alongside Empire's per-block custody attestation; on-chain price is constrained to remain within governance-set deviation bounds of NAV.

**Empire onboarding considerations.** Standard accreditation paths. The investor's economic exposure is to the single-asset entity's equity; offering documentation discloses the property's specific risks (jurisdiction, title status, tenancy, environmental, insurance).

**Module-specific records.** Property identifier, appraisal-cycle metadata, single-asset entity formation documents, title diligence package, initial appraisal, periodic reappraisals.

**Module-specific compliance considerations.** NAV oracle staleness triggers a P1 incident under the Incident Response Playbook. NAV deviation outside `nav_deviation_max_bps` triggers a per-mint circuit breaker that pauses AMM trading on the affected mint until a fresh appraisal restores the on-chain price within bounds.

**12.3 Module 3 — CORECM**

**Asset class.** Tokenization of US strategic minerals supply chain. CORECM means Carbon Ore, Rare Earth, and Critical Minerals. Frameworks include the USGS Critical Minerals List, the DOE Critical Materials Strategy, Section 232 of the Trade Expansion Act of 1962, Title III of the Defense Production Act, the Inflation Reduction Act critical-minerals provisions, Executive Order 14017, and the Energy Act of 2020. Carbon Ore covers DOE coal-derived rare-earth element recovery.

**Compliance posture.** Same Category 1 Model B framework. Common Class B is issued by the basin-asset entity that holds the mineral basin or mining concession. Module-specific Classification oracle reports federal classification status from USGS and DOE feeds alongside Empire's per-block custody attestation.

**Empire onboarding considerations.** Empire applies enhanced KYC depth for Module 3 issuances. Enhanced depth includes verification of any federal-program eligibility constraints applicable to the basin (such as DOE coal-derived REE recovery program participation), confirmation of the investor's eligibility under any applicable export-control regime, and additional review for entity-investor UBO chains where federal counter-party diligence is appropriate.

**Module-specific records.** Basin identifier, USGS classification, mineral class, basin-asset entity formation documents, geological survey, mineral-rights documentation, federal-program participation records, federal-action history.

**Module-specific compliance considerations.** Classification oracle staleness triggers a P2 incident (P1 if staleness exceeds 48 hours; P0 if a federal-action notification arrives during staleness). Federal-action issuance against a basin asset is automatically a P0 — see Section 13.

***

#### 13. Module 3 Federal-Action Coordination <a href="#id-13.-module-3-federal-action-coordination" id="id-13.-module-3-federal-action-coordination"></a>

Federal actions affecting strategic minerals are a regulatory category unique to Module 3. They have no parallel in Module 1 (Equities) or Module 2 (Real Estate).

**13.1 What Constitutes a Federal Action**

Federal actions include:

* Executive Orders affecting strategic minerals (such as Executive Order 14017 and successor orders).
* Section 232 tariff or restriction orders issued under the Trade Expansion Act of 1962.
* Defense Production Act Title III orders.
* Department of Energy program changes affecting eligibility (such as changes to the DOE coal-derived REE recovery program).
* Inflation Reduction Act critical-minerals eligibility determinations.
* Court orders or regulatory directives specifically naming a basin or mineral classification.

**13.2 Detection**

The platform's Module 3 federal-action feed monitors federal sources (Federal Register, DOE program announcements, USGS classification updates, Department of Defense procurement directives) on a 5-minute cadence. New actions that match a basin or mineral class associated with an issued ST22 mint trigger an automatic P0 incident under the Incident Response Playbook (Section 13).

**13.3 Response Procedure**

Federal-action response is governed by the Incident Response Playbook Section 13. The procedure summarized:

1. Capture the federal action — issuing agency, action type, effective date, and scope.
2. Identify affected mints by mapping each Module 3 mint to its basin identifier, mineral class, and federal-program participation.
3. Activate Control 42 (regulatory freeze) on each affected mint — same Control 42 mechanism as SEC enforcement actions or court orders. Legal Counsel authorization plus 3-of-5 multi-signature; no timelock.
4. Notify Empire Stock Transfer within the 15-minute SLA.
5. Notify affected issuers (basin operators) and affected investors.
6. Update the Classification oracle with the federal-action status.

**13.4 Resolution**

The freeze remains active for the full duration that the federal action prohibits transfer or while substantial uncertainty about transfer status persists. Resolution requires the federal action to expire, be rescinded, the basin to be exempted, or the issuer to obtain an authorized variance — followed by Legal Counsel authorization, 3-of-5 multi-signature execution, Classification oracle update, and stakeholder notification.

**13.5 Investor and Issuer Communication**

Module 3 federal-action incidents involve a fourth external audience beyond Module 1 and Module 2 incidents: the federal agency. The platform's Communications Lead and Legal Counsel coordinate counsel-to-counsel communication with the issuing federal agency through the platform's outside SEC counsel where appropriate, and review all external communications before publication regardless of audience.

**13.6 Why This Matters Architecturally**

Federal-action coordination demonstrates that Category 1 Model B compliance scales beyond securities-law obligations to other federal regulatory frameworks. The same Control 42 freeze mechanism and the same Empire-coordinated response procedure handle SEC enforcement, court orders, FinCEN SAR investigations, OFAC emergency designations, and Module 3 federal actions — without a new on-chain primitive for each new regulatory category. The platform's compliance architecture is extensible by design.

***

#### 14. Institutional Due Diligence Checklist <a href="#id-14.-institutional-due-diligence-checklist" id="id-14.-institutional-due-diligence-checklist"></a>

For institutional investors, fund managers, or compliance teams evaluating the platform.

**Regulatory**

* Verify SEC Release No. 33-11412 applies (March 17, 2026).
* Confirm Category 1 Model B alignment (seven requirements — Section 2).
* Verify Empire Stock Transfer's §17A registration.
* Confirm Reg D, Reg S, and Reg CF offering frameworks as applicable to the issuance.
* Review Form D filing status for the issuance (where applicable).
* Verify no SEC enforcement actions against Groovy Company, Inc. (EDGAR query).
* Review the OFAC sanctions program (Section 6).
* Review the BSA / AML program elements (Section 5).
* For Module 3 issuances, review the basin's USGS classification, DOE Critical Materials status, and any pending federal action affecting the basin or mineral class.

**Custody**

* Verify Empire holds Common B shares in irrevocable custody.
* Verify Ed25519 attestation updating per block.
* Verify 1:1 backing ratio on-chain.
* Confirm zero-discrepancy production history.
* Review protective conversion triggers (Section 10).

**Technology**

* Verify the Transfer Hook is permanently attached to the mint.
* Verify all 42 controls are active by querying SecurityConfig.
* Verify Global Pool immutability (LP burn complete; pool program upgrade authority is `None`).
* Review audit reports (Quantstamp, Halborn, OtterSec, Certora).
* Review the six Certora formal-verification invariants.
* Verify holding period enforcement.
* For Module 2 issuances, verify NAV oracle freshness and deviation bounds.
* For Module 3 issuances, verify Classification oracle freshness and federal-action status.

**Operational**

* Review the conflict of interest disclosure (Patrick Mokros dual role).
* Verify multi-signature configuration (5-of-9 for upgrades; 3-of-5 for parameter and emergency).
* Review incident response procedures (Incident Response Playbook).
* Verify monitoring and alerting infrastructure (Datadog and PagerDuty escalation).
* Review the bug bounty program (refer to the Security Model).
* For Module 3 issuances, review the federal-action monitoring and response procedure (Incident Response Playbook Section 13).

***

#### 15. Regulatory Contact Matrix <a href="#id-15.-regulatory-contact-matrix" id="id-15.-regulatory-contact-matrix"></a>

MatterContactChannel

**Issuer onboarding**

Empire Stock Transfer plus the platform's issuer services

Through Empire's onboarding dashboard

**Compliance inquiries**

Compliance team

<compliance@rwatokens.net>

**Security vulnerabilities**

Security team

<security@rwatokens.net>

**SEC and regulatory**

Legal Counsel (JDT Legal)

Through the platform's SEC counsel coordination

**Empire Stock Transfer**

Empire compliance team

Through platform-Empire coordination

**Technical and CTO**

Frank Yglesias, Chief Technology Officer

<frank@rwatokens.net>

**Module 3 federal-action**

Legal Counsel (JDT Legal)

Counsel-to-counsel through the platform's SEC counsel

**SAR Filing**

Empire Stock Transfer files SARs with FinCEN per 31 CFR §1010.320. The platform provides transaction data and AML analytics to support Empire's filing obligations. SAR filings are confidential — contents are not disclosed to the subject of the report.

**Regulatory Examination Support**

In the event of an SEC, FinCEN, OFAC, or federal-agency examination, Groovy Company, Inc. and Empire Stock Transfer cooperate fully. On-chain records are independently verifiable and cannot be altered. Off-chain records are maintained per the retention schedule in Section 9.3. For Module 3 issuances, federal-program participation records are maintained on a permanent retention basis appropriate to federal record-keeping standards.

***

#### Related Documentation <a href="#related-documentation" id="related-documentation"></a>

* **Solana Blockchain Foundation** — Why Solana, Token-2022, Transfer Hook, module-specific foundations
* **Architecture Decisions** — ADR-001 through ADR-012, including ADR-011 (three-module architecture) and ADR-012 (Empire as sole onboarding authority)
* **Security Model** — Threat model, key management, formal verification, module-specific threat surfaces, bug bounty
* **Infrastructure Overview** — Cloud architecture, environment separation, blockchain infrastructure
* **Network Configuration** — Program addresses, RPC endpoints, oracle PDAs, multi-signature addresses, production parameters
* **Deployment Guide** — Build, deploy, verify, upgrade, rollback procedures including module-specific initialization
* **Incident Response Playbook** — P0 through P3 runbooks; Module 3 federal-action freeze runbook (Section 13)
* **Empire Stock Transfer Integration** — Custody architecture, Ed25519 attestation, MSF, KYC / KYB / AML / OFAC, conflict of interest disclosure, module-aware custody coverage
* **Smart Contract Reference** — Transfer Hook control implementations, account schemas, error codes
* **Oracle Integration Guide** — Custody, OFAC, AML, NAV (Module 2), Classification (Module 3) relay architecture
* **Issuer Onboarding Guide** — Customer-facing nine-stage process

***

*RWA Tokens · Compliance Integration Guide · Groovy Company, Inc.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bitbook.rwatokens.net/compliance_and_custody/compliance-and-custody/compliance-integration-guide.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.