Regulatory Compliance

1. SEC Registration and Oversight

Oriental Holdings LLC is registered with the U.S. Securities and Exchange Commission (SEC) as an investment adviser under the Investment Advisers Act of 1940, as amended. Our SEC registration number and regulatory disclosures are publicly available on the SEC's Investment Adviser Public Disclosure (IAPD) website at www.adviserinfo.sec.gov.

1.1 Form ADV Disclosures

We are required to file Form ADV with the SEC, which contains comprehensive information about our firm:

• Part 1: Business information, ownership, clients, employees, and disciplinary history
• Part 2A (Firm Brochure): Advisory services, fees, conflicts of interest, disciplinary information, and other important disclosures
• Part 2B (Brochure Supplement): Information about key personnel providing advisory services
• Part 3 (Form CRS): Client relationship summary for retail investors

Clients and prospective clients receive our Form ADV Part 2 annually and upon request at no charge.

2. Fiduciary Duty and Best Practices

2.1 Fiduciary Standard

As a registered investment adviser, we are held to a fiduciary standard, which is the highest standard of care under securities law. Our fiduciary duty consists of:

• Duty of Care: Obligation to provide suitable advice based on client's financial situation and investment objectives
• Duty of Loyalty: Obligation to act in the client's best interest and avoid conflicts of interest
• Duty of Good Faith: Obligation to deal fairly and honestly with clients
• Duty to Disclose: Obligation to fully disclose all material facts and conflicts of interest

2.2 Best Execution

We seek best execution for client transactions by considering price, execution speed, likelihood of execution, availability of liquidity, nature and size of the transaction, and all other relevant factors. We periodically review execution quality and broker-dealer relationships to ensure we are meeting our best execution obligations.

3. Anti-Money Laundering (AML) Program

We have implemented a comprehensive Anti-Money Laundering (AML) Program in compliance with the Bank Secrecy Act (BSA), USA PATRIOT Act, and regulations issued by the Financial Crimes Enforcement Network (FinCEN). Our AML Program includes:

3.1 Customer Identification Program (CIP)

• Verification of identity using government-issued identification documents
• Collection of name, date of birth, address, and tax identification number
• Verification through documentary or non-documentary methods
• Recordkeeping of identification documents and verification results
• Notice to clients regarding information collection requirements

3.2 Customer Due Diligence (CDD) and Beneficial Ownership

For legal entity clients, we collect beneficial ownership information to identify and verify individuals who:

• Own 25% or more of the entity (ownership prong)
• Exercise significant control over the entity (control prong)

3.3 OFAC Sanctions Screening

We screen all clients, beneficial owners, and counterparties against:

• Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) list
• OFAC Consolidated Sanctions List
• United Nations Security Council Sanctions List
• European Union Consolidated Financial Sanctions List

3.4 Suspicious Activity Monitoring and Reporting

We monitor account activity for suspicious transactions and file Suspicious Activity Reports (SARs) with FinCEN when we detect:

• Transactions of $5,000 or more involving potential money laundering or violation of the BSA
• Transactions of $25,000 or more with no business or apparent lawful purpose
• Use of the firm to facilitate criminal activity
• Attempts to evade BSA reporting or recordkeeping requirements

4. Code of Ethics and Personal Trading

4.1 Code of Ethics

We have adopted a Code of Ethics pursuant to Rule 204A-1 under the Investment Advisers Act. Our Code of Ethics establishes standards of conduct for all personnel and addresses:

• Fiduciary duty to clients
• Personal securities transactions and reporting requirements
• Insider trading prohibitions
• Conflicts of interest and disclosure obligations
• Gifts, entertainment, and political contributions
• Confidentiality of client information

4.2 Personal Trading Policies

Access persons (employees with access to nonpublic information about client transactions or holdings) are subject to personal trading restrictions:

• Pre-clearance of certain personal securities transactions
• Blackout periods around client transactions
• Prohibition on trading in securities on the firm's restricted list
• Quarterly reporting of personal securities holdings and transactions
• Annual acknowledgment of the Code of Ethics

5. Cybersecurity and Data Protection

In accordance with SEC cybersecurity guidance and Regulation S-P, we maintain a comprehensive cybersecurity program:

• Risk Assessment: Annual cybersecurity risk assessments covering systems, data, and third-party service providers
• Access Controls: Multi-factor authentication, role-based access, and principle of least privilege
• Encryption: Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Incident Response Plan: Procedures for detecting, responding to, and recovering from cybersecurity incidents
• Employee Training: Annual cybersecurity awareness training for all personnel
• Vendor Management: Due diligence and ongoing monitoring of third-party service providers
• Testing and Monitoring: Regular vulnerability scans, penetration testing, and security monitoring

6. Books and Records

We maintain books and records as required by Rule 204-2 under the Investment Advisers Act, including:

• Investment advisory agreements
• Trade confirmations and account statements
• Records of all orders and transactions
• Written communications relating to recommendations and advice
• Financial records including trial balances and financial statements
• Code of Ethics and personal trading records
• Performance calculation methodologies and supporting documentation
• Marketing materials and advertisements

Records are maintained for at least six years, with the first two years in an easily accessible location, in accordance with SEC requirements.

7. Business Continuity and Disaster Recovery

We maintain a Business Continuity Plan (BCP) designed to enable us to continue operations in the event of a significant business disruption:

• Emergency Contact Procedures: Contact trees for employees, vendors, and key clients
• Backup Sites: Alternative work locations with necessary infrastructure
• Data Backup: Regular backups with off-site storage and cloud redundancy
• Critical Function Identification: Prioritization of essential business functions
• Recovery Time Objectives (RTO): Target timeframes for resuming critical operations
• Annual Testing: Regular testing and updating of the BCP

8. Regulatory Examinations and Cooperation

We cooperate fully with regulatory examinations and inquiries from:

• Securities and Exchange Commission (SEC)
• Financial Industry Regulatory Authority (FINRA)
• State securities regulators
• Internal Revenue Service (IRS)
• Department of Labor (DOL) for ERISA matters

SEC-registered investment advisers are subject to periodic examinations by the SEC's Office of Compliance Inspections and Examinations (OCIE). We maintain a culture of compliance and view regulatory oversight as an opportunity to improve our operations and better serve our clients.

9. Whistleblower and Reporting Procedures

We encourage employees and clients to report suspected violations of laws, regulations, or our internal policies:

• Internal Reporting: Employees may report concerns to the Chief Compliance Officer (CCO)
• Anonymous Hotline: Confidential reporting mechanism for sensitive matters
• Non-Retaliation Policy: Protection against retaliation for good-faith reporting
• SEC Whistleblower Program: Information about the SEC's whistleblower program is available at www.sec.gov/whistleblower

10. Contact Our Compliance Department