Risk Disclosure

Last Updated: April 8, 2026

This Risk Disclosure Notice provides a general overview of the risks associated with using the crypto-asset services offered by Dream Finance OU. Its purpose is to ensure that all users of our services understand the nature of these risks before engaging in any activity involving crypto-assets, whether for operational, commercial, or other purposes.

The information in this notice is not exhaustive and does not take into account the specific circumstances, objectives, or risk profile of any particular user. It is intended as a broad summary of key considerations and does not replace the need for users to conduct their own assessment of the suitability of our services in the context of their business or operational needs.

Nothing in this notice constitutes investment, financial, legal, tax, or other professional advice, nor does it represent a recommendation to engage in any crypto-asset activity. Users should evaluate the risks described here carefully and, where appropriate, obtain independent professional advice before proceeding.

This notice forms part of the overall information provided by Dream Finance OU in relation to its authorised crypto-asset services and should be read together with our terms and conditions, service-specific documentation, and any contractual arrangements governing the use of our services.

This Risk Disclosure applies to the crypto-asset services provided under these authorisations, including:

  • Providing custody and administration of crypto-assets on behalf of clients.
  • Exchange of crypto-assets for funds.
  • Exchange of crypto-assets for other crypto-assets.
  • Providing transfer services for crypto-assets on behalf of clients.

Key Risks

Dream Finance categorises risks into the following principal groups:

  1. Strategic / Business Risk (including strategy, industry and reputational risks)
  2. Operational Risk (including people and conduct risk, fraud risk (including internal and external fraud), settlement risk, conflict of interest, business resilience risk and change management)
  3. ICT & Cyber Risk (including information technology and data security risks)
  4. Financial Risk (including credit risk, market risk, foreign exchange risk, capital and liquidity risk and safeguarding risk)
  5. Regulatory and Financial Crime Risk, including regulatory compliance, financial crime and sanctions risk
  6. Third-Party and Outsourcing Risk (arising from reliance on external service providers and critical infrastructure providers).

These categories form the basis for the Company’s risk identification, monitoring and reporting processes.

Strategic / Business Risk

Strategic and business risks arise from competitive pressures, technological developments, industry dynamics and changes in market demand.

These risks include strategy risk, industry and business risk and brand and reputational risk.

Dream Finance mitigates these risks through clearly defined business strategy, conservative growth planning, diversification of clients and partners where possible, periodic market analysis and ongoing monitoring of public perception and customer feedback.

Changes in market conditions, competitive dynamics, technological developments or shifts in customer demand may affect the Company’s business model, service offering or long-term strategy.

Users should be aware that such changes may influence the availability, features or pricing of services over time.

Operational Risk

Operational risk relates to failures in internal processes, people or systems that may disrupt business activities or result in financial or reputational damage. Key operational risks include people and conduct risk, internal and external fraud risk, settlement risk, change management risk, conflict of interest risk, and business resilience risk.

These risks are mitigated through defined internal policies and procedures, segregation of duties, staff training, structured governance and escalation processes, fraud monitoring controls and maintenance of a documented Business Continuity Plan (BCP) designed to ensure the continuity of critical services during disruptive events.

Failures in internal processes, human error, system disruptions or external events may impact the Company’s ability to deliver services as intended.

Users should consider that operational incidents may result in temporary delays, processing issues or service interruptions.

ICT & Cyber Risk

ICT and cyber risks arise from system failures, cyber threats, technology vulnerabilities and data security incidents. The Company manages information technology and data security risks through defined ICT risk management procedures, access controls, system monitoring, incident management processes and resilience testing.

Dream Finance’s ICT risk framework is aligned with the requirements of the Digital Operational Resilience Act (DORA) and includes safeguards designed to ensure the confidentiality, integrity and availability of systems and data.

Cyber threats, system vulnerabilities or technology failures may affect the security, availability or performance of the Company’s systems and data.

Users should be aware that, despite implemented safeguards, there is a risk of unauthorized access, data breaches or temporary unavailability of services.

Financial Risk

Financial risks arise from potential adverse movements in financial conditions or exposures to counterparties and markets. These include capital and liquidity risk, credit risk, market risk, foreign exchange (FX) risk, and safeguarding risk relating to the protection of client assets.

These risks are managed through liquidity forecasting, monitoring of counterparty exposures, prudent capital planning, diversification of banking and payment partners, and internal controls designed to ensure the safeguarding of customer funds and crypto-assets.

Adverse financial conditions, counterparty failures or market fluctuations may affect the Company’s financial stability or its ability to meet obligations.

Users should consider that such events could impact transaction processing, liquidity conditions or, in extreme scenarios, the safeguarding of assets.

Regulatory and Financial Crime Risk

Regulatory risk arises from potential non-compliance with applicable legal and regulatory obligations, including MiCA, payment services legislation and other applicable regulatory frameworks. The Company manages regulatory compliance risk through dedicated Compliance and AML functions, ongoing regulatory monitoring and internal review of new products and services.

Financial crime and sanctions risk includes the potential misuse of the Company’s services for money laundering, terrorist financing, sanctions breaches or other illicit activity. These risks are managed through a risk-based AML/CFT framework including customer due diligence, enhanced due diligence where appropriate, transaction monitoring, sanctions screening and suspicious activity reporting procedures.

Dream Finance OU is required to comply with applicable Anti-Money Laundering (AML), Counter-Terrorist Financing (CFT), and sanctions obligations. As part of these obligations, transactions, accounts, and crypto-asset transfers may be reviewed, delayed, restricted, blocked, or reported where required by law or where Dream Finance identifies activity that cannot be supported.

These measures may impact the timing, completion, or availability of certain services, particularly where linked to suspicious activity monitoring, sanctions screening, or regulatory requests for information and may result in additional verification requirements, transaction monitoring, restrictions or delays.

Third-Party and Outsourcing Risk

Third-party and outsourcing risk arises from reliance on external service providers that support the Company’s operations or provide critical infrastructure and services. Failure of such providers to perform as expected may result in operational disruption, delayed or failed transactions, financial losses, regulatory exposure or reputational damage.

To manage this risk, Dream Finance conducts due diligence on service providers prior to engagement and enters into contractual arrangements designed to clearly allocate responsibilities and protect operational resilience. The Company also performs ongoing monitoring of third-party performance and risk exposure.

In line with applicable regulatory expectations, including the Digital Operational Resilience Act (DORA), Dream Finance maintains procedures for oversight of critical service providers and escalation of material issues to ensure that third-party risks remain within acceptable limits and do not compromise operational continuity or client protection.

The Company relies on external service providers for certain functions and infrastructure. Failures or disruptions affecting these providers may impact service delivery.

Users should consider that issues with third-party providers may lead to delays, interruptions or limitations in the availability of certain services.

Crypto-assets held with Dream finance OU are not protected by deposit guarantee schemes, investor compensation schemes, or similar protections that may apply to bank deposits or regulated investment products. Although Dream finance OU applies robust safeguarding and security controls, the value of crypto-assets remains subject to market, issuer, and technological risks that may result in partial or total loss.

Nature of crypto-assets and general risk warning

Crypto-assets represent a relatively new and rapidly evolving category of assets, with features that differ substantially from traditional financial instruments, payment methods, or electronic money. Users should recognise that involvement with crypto-assets carries inherent and significant risks, including the potential for partial or complete loss of value.

Crypto-assets do not constitute legal tender, are neither issued nor guaranteed by any government or central bank, and may lack backing by any underlying assets or safeguards. Their value is largely driven by market demand, the performance and adoption of the underlying technology, and the resilience of the surrounding ecosystem. Consequently, their prices can be highly volatile and subject to sudden and significant changes, even within short timeframes.

There is no assurance regarding the ongoing functionality or stability of the networks and protocols supporting crypto-assets. Factors such as shifts in market sentiment, technological issues, regulatory changes, or decisions made by the relevant communities may negatively impact the availability, usability, or valuation of specific crypto-assets.

Dream Finance OU payment and settlement services primarily rely on stablecoins, which are intended to maintain a stable value relative to fiat currencies. However, the company also provides access to other types of crypto-assets that are not designed to preserve a stable value.

Accordingly, users should engage with crypto-assets only with a clear understanding of the associated risks. This includes, in the case of stablecoins, risks such as de-pegging and issuer-related risks, as well as, for other crypto-assets, exposure to significant price volatility. Such activities may not be appropriate for all business models or operational contexts, and crypto-assets should be used only where these risks are properly assessed and deemed acceptable.