‍Last Updated: May 13, 2026

El Dorado Labs PY INC (“El Dorado”, “we”, or “our”) is committed to upholding the highest standards of compliance, safety, and integrity across our financial ecosystem. This Prohibitions List outlines the categories of business activities, spending behaviors, geographic locations, and user conduct that are either limited or prohibited when using El Dorado services.

This Prohibitions List applies to all end users of the Platform (individuals and entities) and to all El Dorado products and services, including but not limited to: USD Account (ACH/Wire), P2P Marketplace, International Visa Card, Crypto, El Dorado Pay (peer-to-peer internal transfers), and QR Payments.

El Dorado reserves the right to update this list at any time and to apply additional restrictions on a case-by-case basis where required by law, by our banking and card-issuing partners (including Lead Bank, Bridge Ventures LLC, and Visa U.S.A. Inc.), by our regulators, or where reputational, fraud, or financial-crime risk is identified.

I. Prohibitions by Residential Status

A. Restricted Jurisdictions — Onboarding and Service Provision

El Dorado can only provide services to end users residing in countries listed on the App. Notwithstanding the foregoing, it is prohibited for El Dorado to provide services to end users in the following countries:

•       Belarus

•       China (Mainland)

•       Cuba

•       India

•       Iran

•       Iraq

•       Israel

•       Myanmar

•       Nepal

•       Nicaragua

•       North Korea

•       Russia

•       Syria

•       Turkey

•       Ukraine

•       Venezuela

•       Vietnam

El Dorado does not support onboarding in jurisdictions that present heightened legal, regulatory, or sanctions risks. El Dorado also cannot provide services to end users who are physically located in any of the above countries at the time of onboarding or transacting, regardless of nationality or declared residence.

B. Sanctions Screening — Prohibited Persons

Regardless of country of residence, El Dorado cannot under any circumstances onboard or maintain a relationship with, or process transactions for, any person or entity that is:

•       Listed on the U.S. OFAC Specially Designated Nationals and Blocked Persons List (SDN), the Sectoral Sanctions Identifications List, the Foreign Sanctions Evaders List, or any other list maintained by OFAC.

•       Listed on the UN Security Council Consolidated Sanctions List.

•       Listed on the European Union Consolidated Financial Sanctions List.

•       Listed on the UK HM Treasury (OFSI) Consolidated List.

•       Owned 50% or more, directly or indirectly, by one or more sanctioned persons (the “50% Rule”), or otherwise controlled by a sanctioned person.

•       Identified as a Politically Exposed Person (PEP) where Enhanced Due Diligence cannot be satisfactorily completed, or where the PEP’s source of funds or wealth cannot be reasonably verified.

•       Subject to credible adverse media indicating involvement in money laundering, terrorist financing, proliferation financing, corruption, sanctions evasion, or other predicate offenses.

•       Located at an IP address, device, or KYC-declared address tied to any of the restricted jurisdictions listed in Section I.A.

C. Age and Capacity

•       End users must be at least 18 years old (or the legal age of majority in their jurisdiction, whichever is higher).

•       End users who lack legal capacity, or who are subject to legal incapacitation, cannot use the Platform.

II. Prohibited Business Activities (Entities)

A. Absolute Prohibitions

El Dorado cannot provide services to entities engaged in the following types of businesses under any circumstances:

•       Illegal or highly regulated activities, including but not limited to:

◦       Distribution of illegal substances or controlled drugs without proper licensing.

◦       Human trafficking, smuggling of persons, forced labor, prostitution, or escort services.

◦       Sale of counterfeit, replica, or unauthorized branded goods, and IP-infringing merchandise.

◦       Pyramid schemes, Ponzi schemes, matrix programs, fake giveaways, romance-scam infrastructure, or other deceptive or unfair practices.

◦       Production, distribution, hosting, or facilitation of illegal digital content, including child sexual abuse material (CSAM) — zero tolerance.

•       Political campaign fundraising or donation platforms operating outside applicable electoral and campaign-finance law.

•       Terrorist financing and proliferation financing: any activity that funds terrorism, terrorist organizations, or the proliferation of weapons of mass destruction (nuclear, chemical, biological, radiological).

•       Weapons of mass destruction and restricted weapons: manufacture, trade, or transport of WMDs, nuclear materials outside lawful regulated trade, anti-personnel landmines, cluster munitions, and chemical/biological weapons.

•       Shell companies: entities with no demonstrable business purpose, no operations, no employees, and no verifiable beneficial ownership.

•       Unlicensed financial services: businesses operating as banks, payment institutions, e-money issuers, securities dealers, money transmitters, or Virtual Asset Service Providers (VASPs) without the required license in their jurisdiction of operation.

•       Mixers, tumblers, and anonymity-enhancing services: cryptocurrency mixers, tumblers, coin-join services, privacy-coin-only exchanges, and services designed to obscure the origin or destination of funds.

•       Darknet and cybercrime: darknet marketplaces, ransomware infrastructure, malware distribution, stolen-data brokerage, hacking-for-hire, DDoS-for-hire, and phishing-kit vendors.

•       Wildlife and environmental crime: trade in endangered species, illegal wildlife products, illegal logging, and conflict minerals.

•       Human body parts: trade in human organs, tissues, blood, or other body parts outside lawful donation programs.

B. High-Risk Business Activities (Enhanced Due Diligence Required)

El Dorado may provide services to entities in the following categories, subject to Enhanced Due Diligence (EDD), evidence of licensing, demonstrable regulatory compliance, strong internal AML/CFT controls, and ongoing monitoring. Approval is at El Dorado’s sole discretion and may be revoked at any time.

•       Money Service Businesses (MSBs), remittance services, and payment service providers.

•       Cryptocurrency platforms, exchanges, OTC desks, and other Virtual Asset Service Providers (VASPs).

•       Stablecoin issuers and on/off-ramp providers.

•       Charities, foundations, and non-governmental organizations (NGOs), particularly those operating in or sending funds to higher-risk jurisdictions.

•       Precious metals, gemstones, and jewelry dealers (DPMS).

•       Online content and creator platforms (e.g., subscription-based streaming, tipping, or fan-monetization platforms), including those that allow adult content where lawful.

•       Regulated gambling, betting, lotteries, and fantasy sports operators.

•       Online gaming and esports platforms with in-game economies or skin-trading.

•       Real estate developers, brokers, and agents — particularly cross-border transactions.

•       Art dealers, auction houses, and high-value collectibles platforms.

•       Trust and company service providers (TCSPs), corporate-formation agents, and “nominee” service providers.

•       Crowdfunding and peer-to-peer lending platforms.

•       Foreign exchange brokers and CFD/forex trading platforms.

•       Adult content platforms operating lawfully in their jurisdiction.

•       Firearms and ammunition dealers operating with full federal/state/local licensing (subject to card-network restrictions in Section III).

•       Tobacco, vape, and e-cigarette retailers operating with applicable licensing.

•       Pharmaceutical wholesalers, telemedicine, and online pharmacies operating with applicable licensing.

•       Multi-level marketing (MLM) and direct-sales companies with verifiable products and lawful compensation plans.

•       Travel agencies, tour operators, and timeshare resellers.

•       Telemarketing and outbound-sales call centers.

•       Cannabis-adjacent ancillary businesses (e.g., hardware, packaging, software) operating where lawful.

III. Card Product — Spending Prohibitions

The following restrictions apply to all Cardholders, individual and corporate, in addition to the Cardholder Agreement and Visa’s rules.

A. Geographic Restrictions on Card Use

For the Card product, the end user cannot use the Card for spending in the following countries:

•       Cuba

•       Iran

•       North Korea

•       Russia

•       Syria

•       Ukraine

•       Venezuela

Card usage is prohibited in each of the countries listed above, regardless of whether the Cardholder is an entity or an individual. This restriction also applies to online purchases where the merchant is located, incorporated, or operating from any of the above jurisdictions.

B. Prohibited Merchant Categories and Transaction Types

The Card may not be used for any of the following purchases or transaction types. These restrictions apply at the Merchant Category Code (MCC) level and at the merchant-name / descriptor level:

•       Purchase or trade of digital currencies, stablecoins, NFTs, or any other virtual asset (including funding of external crypto wallets and exchanges).

•       Cash advances at ATMs or over the counter, and “quasi-cash” transactions (money orders, traveler’s checks, wire transfers from third parties, and similar).

•       Drug-related purchases, including marijuana, cannabis, CBD, head shops, and black-market items.

•       Payments on dark-web marketplaces or for hacking / cybercrime services (ransomware, malware, DDoS-for-hire, stolen data, phishing kits).

•       Internet pharmacies that are unlicensed or operate outside regulated jurisdictions, including unauthorized prescription-drug resale.

•       Firearms, ammunition, explosives, and firearm parts — prohibited for both individual and corporate Cardholders.

•       Hazardous materials, toxic chemicals, radioactive materials, and chemical precursors without proper regulatory clearance.

•       Escort services, dating-for-pay, adult-content, adult-entertainment venues, and any sexual-services merchant.

•       Unlicensed or illegal auction sites, and stolen-goods resale platforms.

•       Unregulated lending, payday loans, title loans, and predatory short-term consumer credit.

•       Data brokerage services, especially involving unauthorized personal data, scraped data, or non-consensual people-search services.

•       Purchase or trade of endangered species or wildlife products, ivory, conflict minerals, and illegal timber.

•       Online gambling, sports betting, lotteries, and fantasy sports — except where (i) the merchant is properly licensed in the jurisdiction of operation, (ii) the Cardholder is in a permitted jurisdiction, and (iii) the transaction is approved by Lead Bank and Visa.

•       Political contributions where prohibited by U.S. or local campaign-finance law (including foreign-source contributions to U.S. campaigns).

•       Counterfeit or replica goods, IP-infringing merchandise, and unauthorized branded products.

•       Multi-level marketing entry fees, “investment” coaching, and “get-rich-quick” programs.

•       Tobacco, vape, and e-cigarette purchases from unlicensed or age-restricted-noncompliant merchants.

•       Test transactions, BIN attacks, card-testing fraud, and any merchant flagged by Visa or Lead Bank as high-risk for fraud.

•       Sanctioned merchants, or merchants whose name, descriptor, or beneficial ownership ties to a person listed in Section I.B.

C. Cardholder Conduct Prohibitions

•       Sharing, lending, or transferring the Card or Card credentials to any third party.

•       Using the Card to circumvent currency controls, capital controls, or local foreign-exchange rules in the Cardholder’s country of residence.

•       Initiating disputes or chargebacks in bad faith (“friendly fraud”).

•       Use of the Card for transactions that have no legitimate economic or commercial purpose.

IV. Crypto, Wallet, Deposits, and Withdrawals

The following restrictions apply to crypto deposits and withdrawals (TRON and Arbitrum) and to El Dorado’s Crypto Mini App:

•       Deposits or withdrawals to/from blockchain addresses linked, directly or indirectly, to sanctioned persons or entities listed in Section I.B (including but not limited to OFAC-listed addresses).

•       Deposits or withdrawals to/from known mixers, tumblers, and coin-join services (e.g., chain-analytic flags above El Dorado’s risk threshold).

•       Deposits or withdrawals to/from darknet markets, ransomware addresses, sanctioned exchanges, and addresses tied to scams, hacks, or stolen funds.

•       Use of privacy coins or anonymity-enhancing assets where El Dorado does not support them.

•       Structured deposits or withdrawals designed to avoid reporting thresholds (“smurfing” / structuring).

•       Transactions on blockchains other than those officially supported by El Dorado — funds sent on unsupported networks may be unrecoverable.

•       Use of the wallet to provide custody or trading services to third parties (i.e., operating an unlicensed VASP through the Platform).

V. P2P Marketplace — User Conduct Prohibitions

The following conduct is prohibited on the El Dorado P2P Marketplace:

•       Trading on behalf of an undisclosed third party, including “nominee” trading and brokering for undisclosed or sanctioned parties.

•       Operating as an unlicensed money transmitter or MSB through repeated, high-volume P2P activity.

•       Coordinated trading between accounts under common control to manipulate price, volume, ratings, or reputation.

•       False marking of payment as “sent” when funds have not been transmitted; submission of forged payment receipts or screenshots.

•       Use of third-party bank accounts, e-wallets, or payment-app accounts that do not match the verified KYC name of the user.

•       Chargeback or reversal of off-platform payment after USDT has been released on-platform.

•       Off-platform communication or settlement that bypasses El Dorado’s escrow, dispute resolution, and AML controls.

•       Harassment, threats, hate speech, discriminatory conduct, or sharing of personal data of another user.

•       Use of automation, bots, or scripts to place, modify, or accept P2P orders without El Dorado’s prior written authorization.

•       Solicitation of trades involving prohibited activities, prohibited merchants, or restricted jurisdictions.

VI. USD Account, ACH/Wire, and QR Payments

A. USD Account (ACH and Wire)

The USD Account is provided in partnership with our U.S. banking partners. The following are prohibited:

•       Receiving funds from, or sending funds to, any person or entity listed in Section I.B, or located in any restricted jurisdiction listed in Section I.A.

•       Receiving funds from sources that cannot be reasonably verified as legitimate, or whose origin the end user refuses to document upon request.

•       Use of the USD Account as a pass-through for third-party funds without disclosure (“muling”), including funds that the end user does not beneficially own.

•       Receiving payments related to any prohibited business activity listed in Section II.A.

•       Structured deposits or withdrawals designed to avoid reporting or monitoring thresholds.

•       Repeated returned ACH transactions, reversals, or claims of unauthorized activity that suggest abuse.

•       Use of the USD Account for tax-evasion schemes, undeclared cross-border income, or any other activity that the end user knows or should reasonably know is unlawful in their country of tax residence.

B. QR Payments

•       Use of QR rails to settle transactions that would otherwise be prohibited under Sections II.A or III.B.

•       Use of QR in a country where the end user is not authorized to transact under local law.

•       Acceptance of QR payments by a merchant that has not been onboarded and approved by El Dorado for merchant acceptance.

•       Reversal or repudiation of QR payments in bad faith after delivery of goods or services.

VII. El Dorado Pay (Internal Transfers Between Users)

•       Use of El Dorado Pay to circumvent KYC, transaction limits, or any restriction set out in this Prohibitions List.

•       Transfers to or from accounts that the end user knows or suspects to be controlled by a third party, by a sanctioned person, or by a person engaged in prohibited activity.

•       Use of El Dorado Pay as a means of payment for any prohibited business activity or prohibited merchant category listed in this document.

•       Repeated transfers between the same group of accounts with no apparent economic or commercial rationale (potential layering).

VIII. API and Widget (B2B Partners)

Business partners using the El Dorado API or Widget agree to apply, and to cause their own end users to comply with, this Prohibitions List. In addition, the following are prohibited:

•       Integration of the API / Widget into any product or service that supports a prohibited activity listed in Section II.A.

•       Onboarding of end users without performing KYC at a standard at least equivalent to El Dorado’s own KYC program, and without applicable sanctions and PEP screening.

•       Resale, sublicensing, or repackaging of El Dorado services to undisclosed third parties.

•       Use of the API / Widget to provide services to end users in any restricted jurisdiction listed in Section I.A.

•       Failure to maintain required licenses, registrations, and authorizations in the partner’s jurisdiction of operation.

•       Sharing of API credentials, technical bypass of rate limits, or any activity that compromises platform security or stability.

IX. General User Conduct

•       Submission of false, forged, altered, or stolen identification documents during onboarding or ongoing review.

•       Creation or operation of multiple accounts by the same individual without El Dorado’s prior authorization (“multi-accounting”).

•       Impersonation of another person, entity, public official, or El Dorado employee.

•       Use of the Platform from a virtual private network (VPN), proxy, or other anonymizing tool with the intent to defeat geo-restrictions or KYC controls.

•       Reverse-engineering, scraping, or unauthorized automated access to the Platform.

•       Any activity that the end user knows or should reasonably know is unlawful in any jurisdiction relevant to the transaction.

•       Refusal to cooperate with reasonable AML, sanctions, or fraud-related requests for information from El Dorado.

X. Enforcement and Consequences

Where El Dorado identifies actual or suspected violation of this Prohibitions List, El Dorado may, at its sole discretion and without prior notice:

•       Decline to onboard the end user, or terminate the relationship.

•       Suspend, freeze, or close one or more accounts, products, or services.

•       Reject, reverse, hold, or freeze any transaction.

•       Cancel or block the Card.

•       Withhold funds pending compliance review, or remit funds to the appropriate authority where required by law.

•       Report the matter to financial intelligence units, law-enforcement agencies, regulators, and partner institutions, in accordance with applicable law.

•       Apply any other remedy available under the Terms of Service or applicable law.

This Prohibitions List forms part of, and should be read together with, El Dorado’s Terms of Service, Privacy Policy, and any product-specific agreement (including the Cardholder Agreement). In the event of conflict, the stricter restriction applies.

‍