Skip to main content

⚖️ Section 11: Regulatory Compliance Framework

📜 Section 11: Conclusion

⚖️ SECOTCM CATEGORYProtocol's 1comprehensive COMPLIANTlegal |framework Issuer-Sponsored Tokenized Securities pursuantAct tocompliance, SECExchange DivisionAct ofobligations, CorporationTransfer Finance,Agent Divisionregulations, ofAML/BSA Investment Management,requirements, and Divisionimmutable ofaudit Tradingtrail and Markets Joint Statement dated January 28, 2026architecture.

⚖️ SECTION 11: REGULATORY COMPLIANCE FRAMEWORK

11.1 🌍Securities TransformativeAct Marketof Infrastructure

1933 Compliance

🔹 11.1.1 Regulatory Foundation

Pursuant to comprehensive15 technical,U.S.C. financial,Section and77a regulatoryet analysisseq. presented(Securities inAct of 1933), any offer or sale of securities within the precedingUnited sectionsStates ofrequires thiseither whitepaper,SEC registration or an applicable exemption. OTCM Protocol representsexplicitly transformativestructures institutional-gradeST22 markettokens infrastructureas addressingsecurities offerings, relying upon established exemptions rather than attempting regulatory arbitrage or circumvention.

📋 15 U.S.C. § 77e — Prohibitions Relating to Interstate Commerce and the Mails

It shall be unlawful for any person, directly or indirectly, to make use of any means or instruments of transportation or communication in interstate commerce or of the mails to sell a fundamentalsecurity failureunless a registration statement is in globaleffect as to such security, or the security or transaction is exempt from registration.

"OTCM Protocol embraces securities regulation rather than attempting to circumvent it. ST22 tokens are securities by design, utilizing established exemptions that have enabled capital markets:formation thefor systematicdecades."

exclusion

This ofcompliance-first illiquidapproach provides several strategic advantages:

shareholder

🔹 bases.11.1.2 YetRegulation whenD theyRule lost506(c) 15c2-11 eligibility, their shareholders lost access to functioning markets.

Implementation

The currentprimary situationexemption createsutilized for ST22 offerings is Regulation D Rule 506(c), which permits unlimited-dollar offerings to verified accredited investors with general solicitation:

📋 17 CFR Section 230.506(c) — Conditions to be Met in Offerings Subject to Limitation on Manner of Offering

An issuer may offer and sell securities pursuant to section 4(a)(2) of the Securities Act if: (1) The issuer is not a paradox:disqualified issuer under § 230.506(d); (2) All purchasers of securities are accredited investors; (3) The issuer takes reasonable steps to verify that purchasers are accredited investors.

ConditionRequirement

RealityOTCM Implementation

⚖️Accredited Investors Only

LegalPortal toverifies Tradeaccreditation through third-party verification (RIA, CPA, attorney, broker-dealer) or self-certification with enhanced scrutiny

Reasonable Verification Steps

Tax returns, bank statements, third-party letters, FINRA BrokerCheck; method documented on-chain

General Solicitation Permitted

Marketing through websites, social media, digital advertising, public events; no restriction on investor outreach channels

Bad Actor Disqualification

Pre-issuance screening of issuer, officers, directors, 20%+ shareholders against SEC disqualification events

Form D Filing

Filed with SEC within 15 days of first sale; annual amendments required; state blue sky filings coordinated

Offering Amount

Unlimited — no cap on total offering size or individual investment amounts

Resale Restrictions

Securities remainare registered"restricted securities" under SectionRule 12(g)144; ofresale therequires Exchange Act

🚫

Impossible to Trade

No broker-dealer quotes pricesexemption or executes trades

🔒

Value Trapped

Shareholders hold certificated securities with zero practical liquidity

Companies Paralyzed

Cannot raise capital, compensate employees with equity, or pursue strategic transactionsregistration

// Rule 506(c) Offering Structure (TypeScript)

Traditionalinterface solutions—regainingRule506cOffering 15c2-11 eligibility, reverse mergers, going-private transactions—require $100,000+ in legal and accounting fees, 6-12 months of effort, and often fail due to regulatory complexity. Shareholders remain trapped.{

// 
11.1.2Offering 💰 The Magnitude of Trapped Value


Market Segment
💰 Estimated Trapped Value
🇺🇸 
U.S. OTC Markets (Expert Market)
$25-30 Billion
🇺🇸 
U.S. OTC Markets (Grey Market)
$10-15 Billion
🌍 
International Illiquid Securities
$15-20 Billion
💰 
TOTAL ADDRESSABLE MARKET
$50+ BILLION
identification

ThisofferingId: represents real shareholder value—retirement accounts, employee compensation, inheritance, and investment capital—rendered practically worthless by market structure failure, not by any deficiency in the underlying businesses.string;

issuerId:

string;

formDFileNumber: string;

// Regulatory classification

exemption: {

type: 'RULE_506C';

cfrReference: '17 CFR 230.506(c)';

generalSolicitationPermitted: true;

accreditedInvestorsOnly: true;

verificationRequired: true;

};

// Bad actor check

badActorCheck: {

completed: boolean;

checkDate: Date;

coveredPersons: CoveredPerson[];

disqualifyingEvents: DisqualifyingEvent[]; // Empty if clear

status: 'CLEAR' | 'DISQUALIFIED' | 'WAIVER_GRANTED';

};

// Verification method tracking

verificationMethods: {

income: {

documentsRequired: ['TAX_RETURN_Y1', 'TAX_RETURN_Y2'];

thirdPartyVerifier?: string;

};

netWorth: {

documentsRequired: ['ASSET_STATEMENT', 'LIABILITY_STATEMENT'];

excludePrimaryResidence: true;

};

professional: {

licenses: ['SERIES_7', 'SERIES_65', 'SERIES_82'];

finraVerification: boolean;

};

};

// Form D filing

formD: {

initialFilingDate: Date;

firstSaleDate: Date;

amendmentDates: Date[];

totalAmountSold: number;

totalNumberInvestors: number;

};

}

🔹 11.1.3 🔺Rule The506(c) Trilemmavs Solution

506(b)

Prior to OTCM Protocol and the SEC's January 28, 2026 Category 1 framework, securities markets faced an impossible trilemma. Any platform could achieve at most two of three critical objectives:

PERMISSIONLESS ACCESS
                           /\
                          /  \
                         /    \
                        /      \
                       /   ❌    \
                      /  Traditional \
                     /   Markets      \
                    /     Cannot       \
                   /      Achieve       \
                  /        All Three     \
                 /________________________\
    REGULATORY                              COUNTERPARTY
    COMPLIANCE                              RISK ELIMINATION
         \                                      /
          \              OTCM                  /
           \           PROTOCOL              /
            \             ✅                /
             \     Category 1             /
              \    Compliant            /
               \________________________/

The SEC's Category 1 framework changed everything. By establishing clear regulatory guidance for issuer-authorized tokenized securities, the Commission created a pathway to achieve all three objectives simultaneously.

11.1.4 🎯 Simultaneous Objective Achievement Through Category 1

OTCM Protocol achieves simultaneous satisfaction of three historically contradictory objectives through SEC Category 1 compliant architecture:

Objective

OTCM Protocol Implementation

Category 1 Alignment

🌐

Permissionless Access

Blockchain-based trading accessible 24/7/365 globally. Any verified participant can trade without intermediary approval.

Category 1 permits direct blockchain integration

⚖️

Regulatory Compliance

Full Category 1 compliance

: issuer authorization, SEC-registered custody, true equity backing, 42 Transfer Hook investor protections

SEC-endorsed framework

🛡️

Risk Elimination

Elimination of counterparty risk through direct issuer authorization, protective conversion triggers, and permanent liquidity locks

Category 1 eliminates intermediary risk

💡 Architecture Philosophy: OTCM Protocol combines centralized compliance infrastructure for Category 1 requirements with decentralized token-level security for transaction execution. This hybrid approach captures the benefits of both paradigms while satisfying the SEC's investor protection objectives.

11.2 💡 Key Innovations

OTCM Protocol introduces five foundational innovations that together create the first Category 1 compliant, permanent, and liquid trading infrastructure for securities excluded from traditional markets.

11.2.1 🏦 CEDEX: Purpose-Built Category 1 Securities Exchange

The Compliant Exchange for Digital Securities (CEDEX) represents the first purpose-built decentralized exchange architecture designed specifically for Category 1 compliant tokenized securities trading.

Innovation

Market Impact

Category 1 Alignment

⚖️

Compliance-First Architecture

Standard DEX operators rationally reject securities compliance. CEDEX aligns operator profitability with compliance success.

Full Transfer Hook support maintains Category 1 controls

📈

Dual-Layer Execution

Sigmoid bonding curves for price discovery with CPMM liquidity pools post-graduation

Compliant trading throughout lifecycle

🪝

Integrated Compliance

Every transaction atomically verifies KYC, accreditation, sanctions screening, and custody backing

Category 1 investor protection

🛡️

MEV Protection

Jito bundle integration and circuit breakers eliminate front-running and sandwich attacks

Fair execution for securities trading

⚠️ Why CEDEX Exists: The External DEX ProblemComparison

Major decentralized exchanges (Raydium, Orca, Meteora) disable Transfer Hooks upon graduation, eliminating all 42 security controls and removing Category 1 investor protections. CEDEX was built specifically to maintain full Transfer Hook compliance throughout the token lifecycle.

Platform

Transfer Hook Support

Category 1 Compliant

Raydium

❌ Disabled

❌ No

Orca

❌ Disabled

❌ No

Meteora

❌ Disabled

❌ No

CEDEX

✅ Full Support

✅ Yes

11.2.2 💧 OTCM Liquidity Pool: Permanent Capital Foundation

The OTCM Liquidity Pool introduces a four-mechanism capital accumulation architecture that creates permanent, non-withdrawable trading liquidity:

┌─────────────────────────────────────────────────────────────────┐
│              OTCM LIQUIDITY POOL ACCUMULATION                   │
│                  (Category 1 Market Stability)                  │
└─────────────────────────────────────────────────────────────────┘

    ┌──────────────┐    ┌──────────────┐    ┌──────────────┐
    │  GRADUATION  │    │   TRADING    │    │   STAKING    │
    │    FUNDS     │    │    FEES      │    │  REINVEST    │
    │     40%      │    │     2%       │    │     2%       │
    └──────┬───────┘    └──────┬───────┘    └──────┬───────┘
           │                   │                   │
           └───────────────────┼───────────────────┘
                               ▼
                    ┌──────────────────────┐
                    │   PERMANENT LOCKED   │
                    │   LIQUIDITY POOL     │
                    │                      │
                    │   LP Tokens Burned   │
                    │   (0x000...dead)     │
                    │                      │
                    │   WITHDRAWAL:        │
                    │   IMPOSSIBLE         │
                    └──────────────────────┘

Category 1 Significance: Unlike Category 2 models where intermediary failure can strand investors, OTCM's permanent liquidity locks ensure markets cannot be "rugged"—counterparty risk eliminated.

11.2.3 🪝 SPL Token-2022 Transfer Hooks: Category 1 Investor Protection

OTCM Protocol leverages Solana's SPL Token-2022 standard to implement 42 built-in security controls that execute atomically with every transaction—mathematically-enforced Category 1 investor protection:

Protection Category

Controls

Category 1 Purpose

🏦

Custody Verification

8

Confirms 1:1 true equity backing on every transaction

🪪

Investor Verification

6

KYC/AML/accreditation compliance

🛡️

Market Protection

12

Circuit breakers, wallet limits prevent manipulation

⚖️

Compliance Enforcement

10

OFAC screening, audit trails, regulatory reporting

⚙️

Administrative Controls

6

Vesting enforcement, emergency response

📊

TOTAL CONTROLS

42

Category 1 investor protection exceeding traditional markets

Category 1 Advantage: Mathematical vs. Policy Protection

Protection Type

Traditional Markets

OTCM Category 1

🔴

Insider Dumps

Voluntary lock-ups (policy)

Enforced by smart contract

 (mathematical)

🔴

Price Manipulation

After-the-fact enforcement

Blocked before execution

🔴

Custody Verification

Periodic audits

Every 400ms verification

🔴

Investor Verification

Manual review

Atomic on-chain verification

11.2.4 🏢 Issuers Portal: Democratized Category 1 Tokenization

The Issuers Portal democratizes Category 1 compliant securities tokenization by eliminating the prohibitive compliance burden that previously limited tokenization to well-funded issuers:

Parameter

❌ Traditional Path

✅ OTCM Category 1

⏱️

Timeline to Market

6-12 months

2-4 weeks

💰

Legal & Compliance Cost

$100,000-500,000

$1,000-25,000

📅

Ongoing Compliance

$50,000+/year

Included in 1% fee

⚖️

Regulatory Clarity

Variable, uncertain

SEC Category 1 framework

🏦

Custody Requirement

Complex arrangement

Empire Stock Transfer (SEC-registered)

🛡️

Investor Protection

Policy-based

42 Transfer Hook controls

11.2.5 ⚔️ The Alesia Doctrine: Mathematical Category 1 Security

OTCM Protocol's security architecture follows the Alesia Doctrine—a strategic framework inspired by Julius Caesar's legendary siege of Alesia, where dual fortifications simultaneously contained internal threats and repelled external attacks.

┌─────────────────────────────────────────────────────────────────┐
│                    THE ALESIA DOCTRINE                          │
│              (Category 1 Mathematical Security)                 │
└─────────────────────────────────────────────────────────────────┘

     EXTERNAL THREATS                    INTERNAL THREATS
     (Contravallation)                   (Circumvallation)
           │                                   │
           ▼                                   ▼
    ┌─────────────┐                     ┌─────────────┐
    │ Bot Attacks │                     │ Insider     │
    │ MEV/Sandwich│                     │ Manipulation│
    │ Flash Loans │                     │ Rugpulls    │
    └──────┬──────┘                     └──────┬──────┘
           │                                   │
           └───────────────┬───────────────────┘
                           ▼
              ┌─────────────────────────┐
              │   42 TRANSFER HOOKS     │
              │   (Category 1 Defense)  │
              │                         │
              │   • Circuit Breakers    │
              │   • Wallet Limits       │
              │   • Custody Verification│
              │   • Vesting Enforcement │
              │   • OFAC Screening      │
              │   • MEV Protection      │
              └─────────────────────────┘

💡 "Mathematical certainty takes precedence over policy-based protections. Our 42 built-in security controls, permanent liquidity locks, and circuit breakers create Category 1 investor protection that cannot be circumvented through smart contract enforcement rather than relying on human oversight alone."

11.3 🔮 Vision Statement

11.3.1 🏗️ Creating Category 1 Markets Where None Exist

OTCM Protocol isexclusively notutilizes competingRule with506(c) existingrather marketthan infrastructure.Rule We are not attempting506(b) to disruptenable NASDAQ,general NYSE,solicitation orwhile OTCmaintaining Marketsfull Group.regulatory These platforms serve their constituencies effectively.

Instead, OTCM Protocol creates permanent, Category 1 compliant markets for securities that currently have no market at all. When a company loses 15c2-11 eligibility, when shares become trapped in the Grey Market, when international securities lack U.S. trading venues—OTCM Protocol provides the SEC-endorsed solution.

💡 "We're not disrupting functioning markets. We're creating permanent, Category 1 compliant markets where none exist."

11.3.2 🌐 The Fully Tokenized Future

OTCM Protocol envisions a future where every illiquid micro-cap company has access to permanent, Category 1 compliant, and liquid trading infrastructure:compliance:

Feature

DescriptionRule 506(b)

CategoryRule 1506(c) Foundation

General

24/7 Global TradingSolicitation

Securities trade around the clock, across time zonesPROHIBITED

Blockchain enables continuous operationPERMITTED

🔗Non-Accredited

1:1 Equity BackingInvestors

EveryUp ST22to token35 backed by real preferred sharespermitted

TrueNOT equity backing requirementPERMITTED

Verification

Instant SettlementRequired

T+0Self-certification settlement eliminates multi-day clearing delaysOK

SolanaReasonable ~13steps second finalityrequired

🌍Offering

Democratized AccessAmount

Verified investors worldwide can participateUnlimited

KYC/accreditation verificationUnlimited

🔒Form

PermanentD LiquidityRequired

Locked liquidity pools ensure markets never dry upYes

CounterpartyYes

risk

💡 eliminatedStrategic Choice: 506(c)

OTCM Protocol uses 506(c) exclusively because general solicitation is essential for digital marketing, social media outreach, and public awareness campaigns. The verification burden is offset by automated third-party verification through the Issuers Portal.

🔹 11.1.4 Section 4(a)(1) Exemption

📋 15 U.S.C. Section 77d(a)(1) — Exempted Transactions

The provisions of section 77e of this title shall not apply to transactions by any person other than an issuer, underwriter, or dealer.

ST22 primary offerings utilize Section 4(a)(1) structure enabling issuing companies to distribute tokens directly to investors through portal infrastructure without intermediary broker-dealer involvement:

  • Direct Distribution: Issuers distribute tokens directly to investors via Portal
  • No Broker-Dealer: Eliminates BD commission structure (typically 5-10%)
  • Portal as Technology: OTCM Portal provides technology infrastructure, not broker services
  • Issuer Control: Companies maintain control over their capital raise
// Section 4(a)(1) Distribution Structure

interface Section4a1Distribution {

/**

  • Section 4(a)(1) permits transactions by persons other than
  • issuers, underwriters, or dealers without registration

*/

distributionType: 'DIRECT_ISSUER_TO_INVESTOR';

// No broker-dealer involvement

brokerDealer: null;

// Issuer distributes directly

distributor: {

type: 'ISSUER';

companyName: string;

cik: string;

};

// Portal provides technology only

portalRole: {

type: 'TECHNOLOGY_PLATFORM';

services: [

'KYC_VERIFICATION',

'ACCREDITATION_VERIFICATION',

'TRANSACTION_PROCESSING',

'COMPLIANCE_RECORDKEEPING',

];

isBrokerDealer: false;

earnsCommission: false;

};

// Fee structure (flat, not commission-based)

fees: {

mintingFee: '$1,000 - $25,000'; // One-time

transactionFee: '5% of volume'; // Protocol fee, not broker commission

};

}

🔹 11.1.5 Regulation A+ Tier 2 Framework

For offerings targeting non-accredited investors, OTCM Protocol implements Regulation A+ Tier 2 compliance:

📋 17 CFR Section 230.251 — Scope of Exemption

Regulation A provides an exemption from registration for certain securities offerings. Tier 2 permits offerings up to $75,000,000 in any 12-month period to both accredited and non-accredited investors.

Requirement

OTCM Implementation

Annual Offering Limit

$75,000,000 maximum per 12-month period per issuer

🛡️Non-Accredited

Investor ProtectionLimit

4210% Transferof Hookgreater controlsof onannual everyincome transactionor net worth (Portal enforces)

SEC Qualification

CategoryForm 11-A compliancefiling with SEC qualification required before sales

Ongoing Reporting

Semi-annual (Form 1-SA), Annual (Form 1-K), Current (Form 1-U)

Financial Statements

Audited financial statements required (GAAP or IFRS)

State Preemption

State blue sky registration preempted (except notice filings)

🔹

11.3.31.6 🔐Regulation S Offshore Transactions

For non-US investor participation, OTCM Protocol implements Regulation S compliance:

📋 17 CFR Section 230.903 — Conditions to be Met

Securities offered or sold in an offshore transaction are not subject to the registration requirements of section 5 of the Act if (1) the offer or sale is made in an offshore transaction; (2) no directed selling efforts are made in the United States; and (3) applicable conditions are satisfied.

// Regulation S Structure

interface RegulationSOffering {

// Offshore transaction requirements

offshoreTransaction: {

buyerLocation: string; // Non-US jurisdiction

noUSPersonPurchasers: boolean;

transactionExecutedOffshore: boolean;

};

// No directed selling efforts

directedSellingEfforts: {

usMediaAdvertising: boolean; // Must be false

usTargetedWebsite: boolean; // Must be false

usInvestorMeetings: boolean; // Must be false

};

// Category 1: Mathematical Certainty Over Policydetermination

Traditionalcategory: investor'CATEGORY_1' protection| relies'CATEGORY_2' on| policies,'CATEGORY_3';

procedures,
// andDistribution humancompliance oversight.period Policies(Category can3 be- ignored.Equity)
Procedures

distributionCompliance: can be bypassed. Human oversight fails.{

period: 40; // 40 days for equity

flowbackRestriction: boolean;

legendRequired: boolean;

distributorCertification: boolean;

};

// Buyer certification

buyerCertification: {

nonUSPersonCertified: boolean;

residencyVerified: boolean;

verificationMethod: 'DOCUMENT' | 'IP_GEOLOCATION' | 'BOTH';

};

}

🔹 11.1.7 Form D Filing Requirements

OTCMSEC Protocol'sForm CategoryD 1filings architectureare replacesrequired policy-basedfor protectionall withRule mathematical506(c) certainty:offerings:

RiskFiling Type

❌ Traditional ProtectionRequirement

✅ OTCM Category 1 CertaintyDeadline

🕳️Initial

CounterpartyForm FailureD

TrustFile +with reputationSEC EDGAR system disclosing offering details

Direct15 issuerdays authorization

after (nofirst intermediary)sale

💣

Bankruptcy ExposureAmendment

GeneralUpdate creditortotal statusamount sold, investor count, material changes

Protective conversion triggersAnnual

📉State

InsiderNotice DumpFiling

VoluntaryFile lock-upsin states where investors reside (varies by state)

Enforced15-30 by smart contract

📊

Price Manipulation

After-the-fact enforcement

Blocked before execution

👤

Unverified Investor

Manual verification

Atomic on-chain verification

🔗

Backing Mismatch

Periodic audits

Every 400ms verificationdays

🔹

11.3.41.8 💪Information EmpoweringProvision Companies and Shareholders

Requirements

OTCM Protocol existsimplements comprehensive disclosure through on-chain information provision:

  • Quarterly Reports: 10-Q equivalent reports published on-chain within 45 days of quarter end
  • Annual Reports: 10-K equivalent reports published on-chain within 90 days of fiscal year end
  • Current Reports: 8-K equivalent reports for material events within 4 business days
  • Financial Statements: Audited annual financials (GAAP or IFRS)
  • Risk Factors: Comprehensive risk disclosure updated quarterly
// Issuer Disclosure Requirements

interface IssuerDisclosure {

// Quarterly disclosure (10-Q equivalent)

quarterlyReports: {

frequency: 'QUARTERLY';

deadline: '45_DAYS_AFTER_QUARTER_END';

contents: [

'FINANCIAL_STATEMENTS',

'MD&A',

'RISK_FACTORS_UPDATE',

'CAPITALIZATION_TABLE',

];

format: 'PDF_AND_STRUCTURED_DATA';

storageLocation: 'IPFS_WITH_ONCHAIN_HASH';

};

// Annual disclosure (10-K equivalent)

annualReports: {

frequency: 'ANNUAL';

deadline: '90_DAYS_AFTER_FISCAL_YEAR_END';

auditRequired: true;

auditStandard: 'PCAOB' | 'AICPA';

};

// Current reports (8-K equivalent)

currentReports: {

triggeringEvents: [

'MATERIAL_ACQUISITION_DISPOSITION',

'BANKRUPTCY_RECEIVERSHIP',

'CHANGE_IN_CONTROL',

'EXECUTIVE_OFFICER_CHANGE',

'MATERIAL_IMPAIRMENT',

];

deadline: '4_BUSINESS_DAYS';

};

}

✅ 11.2 Securities Exchange Act of 1934 Compliance

🔹 11.2.1 Exchange Act Overview

Pursuant to serve15 twoU.S.C. constituenciesSection 78a et seq., the Securities Exchange Act of 1934 regulates secondary trading of securities, including antifraud provisions, disclosure requirements, and market manipulation prohibitions. CEDEX achieves Exchange Act compliance through Categorya 1portal-integrated compliantregulatory infrastructure:framework.

📋 15 U.S.C. § 78j — Manipulative and Deceptive Devices

It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce or of the mails, or of any facility of any national securities exchange, to use or employ, in connection with the purchase or sale of any security, any manipulative or deceptive device or contrivance.

🏢🔹 For11.2.2 Companies:Rule 10b-5 Antifraud Provisions

OTCM Protocol implements Rule 10b-5 compliance through unprecedented on-chain transparency:

📋 17 CFR 240.10b-5 — Employment of Manipulative and Deceptive Devices

It shall be unlawful for any person: (a) To employ any device, scheme, or artifice to defraud; (b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading; or (c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person.

Benefit10b-5 Element

DescriptionOTCM Protocol Implementation

🏦(a)

PermanentNo MarketFraudulent AccessSchemes

OnceAll tokenizedtransactions underrecorded Categoryimmutably 1,on sharesSolana tradeblockchain; forever—no morehidden riskorder ofbooks; losingcomplete marketprice accessdiscovery transparency

💰(b)

CapitalNo FormationMaterial Misstatements

IssueIssuer newdisclosures shareshashed toand verifiedstored investorson-chain; globallycannot underbe Regulationaltered Dafter 506(c)publication; timestamp proves publication date

👥(c)

EmployeeNo CompensationFraudulent Acts

EquityTransfer grantsHooks with liquid secondary markets

🤝

Strategic Transactions

M&A, partnerships, and corporate actions with market-priced shares

⚖️

Regulatory Clarity

SEC Category 1 framework provides clearenforce compliance pathwayrules automatically; smart contract constraints prevent manipulative trading patterns

👥
// ForRule Shareholders:

10b-5
Compliance Implementation

Benefitinterface Rule10b5Compliance {

Description/**

💧

Liquidity

Sell

  • 10b-5 shares anytimecompliance through Categoryon-chain 1transparency
compliant

*/

infrastructure
// (a) No fraudulent schemes

transparencyMeasures: {

📊allTransactionsOnChain: true;

PricepublicOrderBook: Discoverytrue; // No hidden orders

FairrealTimePriceDiscovery: markettrue;

pricing

noFrontRunning: true; // Transfer Hooks prevent

};

// (b) No material misstatements

disclosureIntegrity: {

disclosuresHashedOnChain: true;

immutableAfterPublication: true;

timestampProof: true;

contentAddressableStorage: 'IPFS';

};

// (c) No fraudulent acts

tradingConstraints: {

priceImpactCircuitBreaker: {

enabled: true;

maxImpact: 200; // 2% max price impact

};

volumeConstraints: {

enabled: true;

dailyLimit: true;

};

washTradingDetection: {

enabled: true;

selfTradeBlocked: true;

};

};

}

🔹 11.2.3 Rule 10b-5(b) Manipulative Trading Prevention

CEDEX implements multiple layers of manipulative trading prevention through transparentsmart ordercontract booksconstraints:

  • Price Impact Circuit Breaker: 2% maximum price impact per transaction prevents sudden price manipulation
  • Volume Detection: Unusual volume patterns trigger enhanced monitoring and potential circuit breaker
  • Wash Trading Prevention: Self-trades blocked; coordinated trading detected through wallet clustering
  • Front-Running Protection: Transfer Hooks execute before trade completion; no advance knowledge available
  • Spoofing Detection: Order cancellation patterns analyzed; suspicious patterns flagged

🔹 11.2.4 Rule 13d-3 Beneficial Ownership Disclosure

🔐OTCM Protocol implements beneficial ownership disclosure through public on-chain registries:

Custody📋 Control17 CFR 240.13d-3 — Determination of Beneficial Owner

HoldA tokensbeneficial owner of a security includes any person who, directly or indirectly, has or shares: (1) Voting power, including the power to vote or direct the voting of such security; and/or (2) Investment power, including the power to dispose or direct the disposition of such security.

// Beneficial Ownership Disclosure

interface BeneficialOwnershipDisclosure {

// 5% threshold monitoring

thresholdMonitoring: {

threshold: 500; // 5% in personalbasis walletspoints

with

monitoringFrequency: SEC-'REAL_TIME';

automaticAlert: true;

};

// Disclosure triggers

disclosureTriggers: [

'CROSS_5_PERCENT', // Initial 5% crossing

'CROSS_10_PERCENT', // Major holder status

'MATERIAL_CHANGE', // 1%+ change

'CHANGE_IN_INTENT', // Passive vs active intent

];

// On-chain registry

publicRegistry: {

data: {

walletAddress: Pubkey;

percentOwnership: number;

lastUpdateTimestamp: i64;

disclosureType: 'SCHEDULE_13D' | 'SCHEDULE_13G';

filingStatus: 'CURRENT' | 'AMENDMENT_REQUIRED';

}[];

accessLevel: 'PUBLIC';

updateFrequency: 'EACH_BLOCK';

};

// Automatic filing assistance

filingAssistance: {

schedule13DTemplate: boolean;

schedule13GTemplate: boolean;

edgarFilingIntegration: boolean;

deadlineReminders: boolean;

};

}

🔹 11.2.5 CEDEX Exchange Act Positioning

CEDEX operates as a protocol-level matching engine rather than a registered transfersecurities agentexchange, backing

🌍achieving

Globalthis Access

Tradepositioning from anywhere inthrough the worldfollowing architectural decisions:

🛡️

Investor Protection

42 Transfer Hook controls + protective conversion triggers

11.4 📋 Protocol Summary & Specifications

11.4.1 🔧 Technical Architecture Summary

ComponentCharacteristic

SpecificationRegistered Exchange

CategoryCEDEX 1 FunctionProtocol

⛓️Order

BlockchainBook Custody

SolanaExchange Mainnet-Betaholds (400ms slots, 65K TPS capacity)orders

High-performanceUsers securitiesmaintain settlementcustody

🎫

Token StandardMembership

SPLMembership Token-2022 with Transfer Hook extensionsrequired

EnablesPermissionless Category 1 compliance controlsaccess

🛡️Matching

Security ControlsEngine

42Centralized built-in protections (6 primary hooks + 36 supplementary)server

CategorySmart 1contract investor protectionAMM

📈

Trading MechanismOperation

Dual-layer:Human Sigmoid bonding curve → CPMM post-graduationdiscretion

CompliantAutonomous price discoveryexecution

🏦Trading

CustodyHours

Limited hours

24/7/365

🔹 11.2.6 Section 12(g) Registration Considerations

Section 12(g) of the Exchange Act requires registration for issuers with total assets exceeding $10 million and a class of equity securities held by 2,000 or more persons (or 500 non-accredited investors). OTCM Protocol addresses this through:

  • Accredited Investor Focus: Rule 506(c) offerings limited to accredited investors
  • Investor Count Monitoring: Portal tracks holder count against 12(g) thresholds
  • Voluntary Registration Support: Portal assists issuers who choose or are required to register
  • Rule 12g-4 Exit Procedures: Guidance for deregistration when thresholds no longer met

🏦 11.3 Transfer Agent Regulation

🔹 11.3.1 Transfer Agent Requirements

Pursuant to 17 CFR Section 240.17a-1 et seq., transfer agents must be registered with the SEC and maintain comprehensive recordkeeping, reporting, and custody standards. OTCM Protocol integrates with Empire Stock Transfer to satisfy all transfer agent requirements.

📋 17 CFR 240.17Ad-2 — Turnaround, Processing, and Forwarding of Items

Every registered transfer agent shall (1) turnaround at least 90% of items within three business days and (2) process or reject items received in proper form within 30 days.

🔹 11.3.2 Empire Stock Transfer Partnership

Empire Stock Transfer (provides SEC-registered transfer agent)agent services for all ST22 issuers:

Service

Description & Implementation

SEC Registration

RegulatedRegistered custodytransfer requirementagent under Section 17A of the Securities Exchange Act; subject to SEC examination

🔗Physical

Backing RatioCustody

1:1All token-to-Series M preferred share (verifiedcertificates everystored ~400ms)

Truein equitybank-grade backingvault facilities with dual-control access, 24/7 monitoring, and $50M insurance coverage

🎓Shareholder

Graduation ThresholdRegistry

$75,000Official marketregistry capitalization

Liquidityrecording milestonebeneficial owners, wallet addresses, share quantities; real-time updates synchronized with blockchain

🔥Attestation

LP LockOracle

PermanentReal-time cryptographic attestations of custody balance published on-chain every Solana slot (LP~400ms) tokensfor burnedTransfer toHook 0x000...dead)verification

Audit & Reporting

CounterpartyMonthly riskindependent eliminationaudits with results published on-chain; monthly TA-1 filings submitted to SEC; annual Form TA-2 filing

🔹

11.4.23.3 ⚖️Series M Preferred Share Custody

The custody architecture for Series M preferred shares follows institutional standards:

// Series M Custody Architecture

interface SeriesMCustody {

/**

  • Empire Stock Transfer custody of Series M preferred shares
  • backing all ST22 tokens

*/

// Physical custody

physicalStorage: {

location: 'BANK_GRADE_VAULT';

accessControl: 'DUAL_CONTROL'; // Two authorized persons required

monitoring: '24_7_SURVEILLANCE';

insurance: {

coverageAmount: 50_000_000; // $50M

carrier: string;

policyNumber: string;

};

};

// Certificate details

certificateDetails: {

issuer: string;

shareClass: 'SERIES_M_PREFERRED';

cusip: string;

totalSharesIssued: number;

parValue: number;

certificateNumbers: string[];

};

// 1:1 backing verification

backingVerification: {

totalSharesCustodied: number;

totalST22Circulating: number;

discrepancy: number; // Should be 0

maxAllowedDiscrepancy: 0.0001; // 0.01% tolerance

lastVerification: Date;

verificationFrequency: 'EVERY_400MS'; // Each Solana slot

};

// Redemption capability

redemptionProcess: {

enabled: boolean;

minimumRedemption: number;

processingTime: '3_5_BUSINESS_DAYS';

deliveryMethod: 'DRS' | 'PHYSICAL_CERTIFICATE';

};

}

🔹 11.3.4 Shareholder Registry Architecture

The shareholder registry maintains authoritative records synchronized with on-chain token balances:

// Shareholder Registry Structure

interface ShareholderRegistry {

// Registry entry for each beneficial owner

entries: {

// Shareholder identification

shareholderId: string;

legalName: string;

taxId: string; // SSN/EIN (encrypted)

address: string;

// Ownership details

shareQuantity: number;

shareClass: 'SERIES_M_PREFERRED';

acquisitionDate: Date;

certificateNumbers?: string[];

// Blockchain linkage

walletAddress: Pubkey;

tokenBalance: number; // ST22 tokens

lastSyncTimestamp: Date;

syncStatus: 'SYNCED' | 'PENDING' | 'DISCREPANCY';

// Compliance status

kycStatus: 'VERIFIED' | 'PENDING' | 'EXPIRED';

accreditationStatus: 'ACCREDITED' | 'NON_ACCREDITED' | 'PENDING';

accreditationExpiration?: Date;

}[];

// Registry reconciliation

reconciliation: {

lastReconciliation: Date;

frequency: 'REAL_TIME';

totalShareholderCount: number;

totalSharesOutstanding: number;

discrepancies: Discrepancy[];

};

}

🔹 11.3.5 Monthly Audit and Reporting

Independent audits occur monthly with results published on-chain for public verification:

// Monthly Audit Report Structure

interface MonthlyAuditReport {

// Audit period

auditPeriod: {

startDate: Date;

endDate: Date;

};

// Independent auditor

auditor: {

firmName: string;

auditorName: string;

license: string;

signature: Ed25519Signature;

};

// Share reconciliation

shareReconciliation: {

physicalCertificatesHeld: number;

registrySharesRecorded: number;

tokensCirculating: number;

discrepancy: number;

discrepancyExplanation?: string;

status: 'RECONCILED' | 'DISCREPANCY_NOTED';

};

// Registry accuracy

registryAudit: {

totalBeneficialOwners: number;

recordsSampled: number;

recordsReconciled: number;

discrepanciesFound: number;

accuracyRate: number; // Target: 100%

};

// Custody verification

custodyVerification: {

physicalInspectionCompleted: boolean;

certificatesAccountedFor: boolean;

vaultSecurityConfirmed: boolean;

insuranceVerified: boolean;

};

// On-chain publication

onChainRecord: {

transactionSignature: string;

blockHeight: number;

ipfsHash: string; // Full report stored on IPFS

reportHash: string; // SHA-256 of report content

};

}

🔹 11.3.6 SEC CategoryFiling 1Requirements

Compliance

Empire SummaryStock Transfer maintains all required SEC filings:

Category 1 RequirementFiling

OTCM ImplementationDescription

StatusFrequency

🏛️

Direct Issuer Authorization

Board resolution required for Series M creation

📝

Official Shareholder Register

Certificate of Designation filed with Secretary of State

🏦

Regulated Custody

Empire Stock Transfer (SEC-registered transfer agent)

💎

True Equity Backing

1:1 preferred shares with conversion rights

🔗

Clear Ownership Chain

CUSIP assignment + Golden Medallion Guarantee

🛡️

Investor Protection

42 Transfer Hook controls + protective conversion triggers

Additional Regulatory Compliance

Regulation

Compliance Implementation

📜

SEC Rule 506(c)

Accredited investor verification, general solicitation permitted

📜

Securities Act 1933

Regulation D exemption, Form D filing within 15 days

📜

Exchange Act 1934TA-1

Transfer agent coordination,registration; beneficialupdates ownershipfor trackingmaterial changes

As needed

💵Form

Bank Secrecy ActTA-2

AMLAnnual program,report SAR/CTRof filing,transfer 314(b)agent information sharingactivities

Annual

🚫Monthly

OFAC SanctionsReport

Real-time SDN screening via Transfer Hook

🏛️activity,

Wyomingregistered WDACholders, shares outstanding

Digital Asset Corporation registrationMonthly

🔍

11.4 Anti-Money Laundering Framework

OTCM Protocol implements comprehensive AML and KYC mechanisms exceeding statutory minimums, ensuring institutional-grade compliance with the Bank Secrecy Act, OFAC regulations, and FinCEN requirements.

🔹 11.4.31 💰Bank EconomicSecrecy ModelAct Summary

Compliance

📋 31 U.S.C. § 5311 — Declaration of Purpose

It is the purpose of this subchapter to require certain reports or records where they have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities to protect against international terrorism.

ParameterRequirement

SpecificationThreshold

NotesAction

CFR Reference

📜Beneficial

ST22 Token ClassificationOwnership

Securities

 (Category 1)$10,000+

BackedKYC 1:1verification byrequired

31 SeriesCFR M preferred shares1010.230

🎫Currency

OTCM Utility TokenTransaction

Utility Token

 (NOT securities)$10,000+

Governance,CTR fees,filing staking—nowith equityFinCEN

31 backingCFR 1010.311

💵Suspicious

Transaction FeeActivity

5% total (4% OTCM Protocol, 1% ST22 Issuer)$5,000+

AppliedSAR tofiling Categorywith 1FinCEN

31 securitiesCFR trading1010.320

🏦Foreign

Staking APY Range

8-40% (volume-dependent)

Funded by ST22 trading fees

Team Vesting Schedule

48 months (12-month cliff)

Prevents insider dumps

💰

Minting FeeAccount

$1,000-$25,000 USD (tiered)10,000+

90-98%FBAR lessannual than traditional paths

📈

Year 5 Revenue Projectionreporting

$293.75M31 total

FromCFR Category 1 securities trading

💧

Year 5 LP Value

$100M+ (permanent, non-withdrawable)

Counterparty risk eliminated1010.350

🔹

11.4.2 OFAC Sanctions Implementation

Every CEDEX transaction checks both sender and recipient against the current OFAC Specially Designated Nationals (SDN) list:

// OFAC Screening Implementation

interface OFACScreening {

/**

  • OFAC SDN list screening implementation
  • Updated hourly from official OFAC publication

*/

// SDN list integration

sdnList: {

source: 'OFAC_OFFICIAL';

updateFrequency: 'HOURLY';

lastUpdate: Date;

entryCount: number;

cryptoAddressCount: number;

};

// Screening scope

screeningScope: {

directAddressMatch: boolean; // Direct SDN address

clusterAnalysis: boolean; // Related wallets

fundingSourceAnalysis: boolean; // Upstream exposure

transactionCounterparty: boolean; // Downstream exposure

};

// Screening execution

screeningExecution: {

timing: 'PRE_TRANSACTION';

blockingBehavior: 'AUTOMATIC_BLOCK';

appealProcess: 'NONE'; // Must resolve with OFAC directly

};

// Comprehensive sanctions programs

sanctionsPrograms: [

'IRAN', // 31 CFR Part 560

'NORTH_KOREA', // 31 CFR Part 510

'SYRIA', // 31 CFR Part 542

'CUBA', // 31 CFR Part 515

'CRIMEA', // 31 CFR Part 589

'RUSSIA', // 31 CFR Part 589

'VENEZUELA', // 31 CFR Part 591

];

}

🔹 11.4.3 FinCEN Integration

The Portal integrates directly with FinCEN's BSA E-Filing System for automated regulatory submissions:

  • BSA E-Filing: Direct API integration for SAR and CTR submission
  • FinCEN Form 114 (FBAR): Annual filing for foreign financial accounts exceeding $10,000
  • Beneficial Ownership Information: BOI reporting for corporate entities
  • Response to Law Enforcement: 314(a) and 314(b) information sharing

🔹 11.4.4 🏆SAR CategoryFiling 1Automation

Competitive

📋 Advantages31

CFR § 1010.320 — Reports by Financial Institutions of Suspicious Transactions

Advantage

Description

⚖️A

Regulatoryfinancial Clarity

SECinstitution Januaryshall 2026file guidancea providesSAR clearwith complianceFinCEN framework

🏦for

Institutionalany Appeal

Categorysuspicious 1transaction status enables institutional participation

🛡️

Investor Protection

42 Transfer Hook controls exceed traditional market standards

🏆

Competitive Moat

Issuer authorization requirement creates barrierrelevant to entrya possible violation of law or regulation if the transaction involves funds or other assets of at least $5,000.

// SAR Filing Automation

📊interface SARFilingAutomation {

// SAR filing triggers

filingTriggers: {

minimumAmount: 5000; // $5,000 threshold

suspiciousIndicators: [

'STRUCTURING_DETECTED',

'HIGH_RISK_SCORE', // AML score > 70

'SANCTIONS_ADJACENT', // Near-SDN exposure

'CRIMINAL_EXPOSURE', // Darknet, ransomware, etc.

'UNUSUAL_PATTERN', // Deviation from baseline

];

};

// SAR content

sarContent: {

subjectInformation: SubjectInfo;

suspiciousActivityDescription: string;

transactionDetails: Transaction[];

narrativeExplanation: string;

supportingDocumentation: string[];

};

// Filing process

filingProcess: {

reviewPeriod: '30_DAYS_FROM_DETECTION';

filingDeadline: '30_DAYS_FROM_DETERMINATION';

extensionAvailable: '30_DAY_EXTENSION';

filingMethod: 'FINCEN_BSA_EFILING';

};

// Confidentiality

confidentiality: {

tippingOffProhibited: true;

safeHarborProtection: true;

recordRetention: '5_YEARS';

};

}

🔹 11.4.5 Currency Transaction Reporting

MarketCurrency AccessTransaction Reports (CTRs) are filed automatically for qualifying transactions:

 
// CTR Filing Structure

Nointerface retailCTRFiling trading{

restrictions
// Filing threshold

threshold: {

amount: 10000; // $10,000

currency: 'USD_EQUIVALENT';

aggregation: 'SAME_DAY_MULTIPLE_TRANSACTIONS';

};

// CTR content (unlikeFinCEN CategoryForm 2104)
models)

reportContent: {

🔒transactorIdentification: {

name: string;

address: string;

ssn: string;

dob: Date;

idType: string;

idNumber: string;

};

transactionDetails: {

date: Date;

amount: number;

transactionType: 'DEPOSIT' | 'WITHDRAWAL' | 'EXCHANGE';

};

filingInstitution: InstitutionInfo;

};

// Filing timeline

timeline: {

filingDeadline: '15_CALENDAR_DAYS';

filingMethod: 'FINCEN_BSA_EFILING';

};

}

🔹 11.4.6 Enhanced Due Diligence Procedures

CounterpartyEnhanced Elimination

Directdue issuerdiligence authorization(EDD) removes intermediary risk

11.5 📢 Callapplies to Action

high-risk

OTCM Protocol represents a once-in-a-generation opportunity to participate in the transformation of securities markets through SEC Category 1 compliant infrastructure. We invite participation from issuers, investors,customers and partners who share our vision.

11.5.1 🏢 For Issuers

If your company has lost market liquidity, if your shareholders are trapped in illiquid positions, if you've been told there's no solution—OTCM Protocol's Category 1 framework was built for you.transactions:

DetailEDD Trigger

SpecificationAdditional Requirements

Politically

EligibleExposed CompaniesPerson (PEP)

OTCSenior Marketsmanagement (Expertapproval, Market,enhanced Greysource Market),of delistedfunds, exchanges,ongoing international securitiesmonitoring

⏱️High-Risk

Onboarding TimelineJurisdiction

2-4Additional weeksdocumentation, frompurpose applicationof toaccount tradingverification, transaction limits

💰Complex

CostStructure

$1,000-$25,000Beneficial mintingownership feetraced (90-98%to lessultimate thanindividual, traditionalstructure paths)justification

⚖️High-Volume

Regulatory FrameworkTrading

SECWealth Categoryverification, 1source (Issuer-Sponsoredof Tokenizedfunds Securities)

📧documentation,

Contact

issuers@otcm.iotrading rationale

🚀8.5 IssuerImmutable Opportunity:Compliance Be among the first 10-25 Category 1 compliant issuers at launch. Early issuers benefit from concentrated liquidity, marketing support, and founding issuer recognition.Records

11.5.2 💰 For Investors

ST22 Tokenized Securities (Category 1)

Accredited investors can invest in Category 1 compliant tokenized securities representing true equity ownership in participating companies:

Detail

Specification

⚖️

Classification

Securities

 under federal securities laws

💎

Backing

1:1 by Preferred Series "M" shares at Empire Stock Transfer

🎖️

Eligibility

Accredited investors (SEC Rule 501 qualification required)

🛡️

Investor Protection

42 Transfer Hook controls + protective conversion triggers

🌐

Portal

invest.otcm.io

OTCM Utility Token

The OTCM UtilityPortal Tokenrecords providesall platformcompliance governance,determinations feeimmutably discounts,on andthe stakingSolana rewards:blockchain with cryptographic signatures, enabling a permanent audit trail that regulatory inspectors can verify independently without relying on company-maintained records.

Detail

Specification

⚖️

🔹

Classification

Utility1.5.1 Token

 (NOT backed by securities)

🔧

Utility

Governance voting, 10-50% fee discounts, 8-40% staking APY

💎

Backing

None

CEDEXutilityLayer token5 only

📋(See

Offering

$20MSection under Regulation D 506(c)

⚠️ Important Distinction: ST22 Tokenized Securities and the OTCM Utility Token are completely different instruments with different regulatory classifications. ST22 tokens ARE securities. The OTCM Utility Token is NOT backed by securities.

11.5.3 🤝 For Partners

5)

OTCM"SEC Protocolinspectors seekscan strategicdirectly partnershipsverify acrosscompliance theprocedures securitiesthrough ecosystemblockchain inspection without relying on company-maintained records subject to expandalteration Category 1 compliant infrastructure:risk."

Partner Type

Opportunity

🏦

Transfer Agents

Integration partnerships for Category 1 custody and attestation services

👔

Broker-Dealers

White-label CEDEX access for client securities trading

🏛️

Institutional Investors

Early access programs for family offices and RIAs

🔧

Technology Partners

Infrastructure, security, and compliance service providers

⚖️

Legal Partners

Securities counsel for Category 1 compliance expansion

📧

Contact

partners@otcm.io

11.5.4 🌟 Building the Category 1 Future Together

OTCM Protocol is more than a trading platform. It is infrastructure for a new era of securities markets—one where every legitimate security has access to permanent, Category 1 compliant, and liquid trading regardless of size, jurisdiction, or regulatory complexity.

💡 "The future of OTC markets is fully tokenized under SEC Category 1 guidelines. Every illiquid micro-cap company will have access to permanent, compliant, and liquid trading infrastructure—with regulatory clarity that enables institutional participation."

🎯 Final Summary

// Immutable Compliance Record Architecture
─────────────────────────────────────────────────────────────────────────────┐
│                  OTCMIMMUTABLE PROTOCOLCOMPLIANCE RECORD │              SEC Category 1 Compliant Infrastructure                        │
│           for Issuer-Sponsored Tokenized SecuritiesARCHITECTURE               │
└─────────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────────────┐
│                    COMPLIANCE EVENT OCCURS                          │
│   (KYC Verification, Accreditation, AML Screening, Transaction)     │
└───────────────────────────────┬─────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────────┐
│                     THERECORD PROBLEMGENERATION                               │
│  • Hash sensitive data (documents, PII)                             │
│  • Create compliance record with metadata                           │
│  • Sign with compliance officer Ed25519 key                         │
└───────────────────────────────┬─────────────────────────────────────┘
│
┌───────────────────────┼───────────────────────┐
│                       │                       $50+
billion                       in                       shareholder
value┌───────────────┐      trapped┌───────────────┐      in┌───────────────┐
illiquid   securitiesSOLANA      │      │     withIPFS      no      functioning   marketsENCRYPTED   │
│  BLOCKCHAIN   │      │   STORAGE     │      │   DATABASE    │
│               │      │               │      │               │
│ • Record hash │      │ • Full docs   │      │ • PII data    │
│ • Timestamp   │      │ • Reports     │      │ • KYC docs    │
│ • Signature   │      │ • Audit logs  │      │ • Tax forms   │
│ • IPFS hash   │      │               │      │               │
└───────────────┘      └───────────────┘      └───────────────┘
│                       │                       │
└───────────────────────┼───────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────────┐
│                    VERIFICATION CAPABILITIES                        │
│  • Timestamp proof via Solana slot                                  │
│  • Content integrity via SHA-256 hash                               │
│  • Officer authorization via Ed25519 signature                      │
│  • Document retrieval via IPFS hash                                 │
└─────────────────────────────────────────────────────────────────────────────

🔹 ┌─────────────────────────────────────────────────────────────────────────────┐11.5.2 Compliance THERecord SOLUTIONData Structures

// ────────────Compliance Record Data CategoryStructures
1

interface compliantComplianceRecord tokenized{

securities

/**

with:
  • On-chain compliance record structure
  • Provides Directimmutable issueraudit authorizationtrail for regulatory verification

*/

// Record identification

recordId: string; // Unique identifier

recordType: ComplianceRecordType;

timestamp: i64; // Unix timestamp

solanaSlot: u64; // Blockchain slot (Boardtimestamp resolutionanchor)

required)
// Subject identification

subject: SEC-registered{

walletAddress: Pubkey;

investorId: string; // Internal reference

issuerId?: string; // If issuer-related

};

// Compliance determination

determination: {

status: 'APPROVED' | 'REJECTED' | 'PENDING_REVIEW' | 'EXPIRED';

reasonCode: string;

reasonDescription: string;

reviewerType: 'AUTOMATED' | 'MANUAL';

reviewerId?: string;

};

// Evidence references (hashes only on-chain)

evidenceHashes: {

documentHash?: string; // SHA-256 of KYC documents

screeningHash?: string; // SHA-256 of AML screening result

verificationHash?: string; // SHA-256 of accreditation letter

transactionHash?: string; // SHA-256 of transaction details

};

// IPFS storage references

ipfsReferences: {

fullRecordCid?: string; // Complete record on IPFS

supportingDocsCid?: string; // Supporting documentation

};

// Cryptographic signature

signature: {

algorithm: 'Ed25519';

signerPublicKey: Pubkey; // Compliance officer key

signatureBytes: [u8; 64];

signatureTimestamp: i64;

};

}

enum ComplianceRecordType {

KYC_VERIFICATION = 'KYC_VERIFICATION',

KYC_EXPIRATION = 'KYC_EXPIRATION',

ACCREDITATION_VERIFICATION = 'ACCREDITATION_VERIFICATION',

ACCREDITATION_EXPIRATION = 'ACCREDITATION_EXPIRATION',

AML_SCREENING = 'AML_SCREENING',

AML_ALERT = 'AML_ALERT',

TRANSACTION_AUTHORIZATION = 'TRANSACTION_AUTHORIZATION',

TRANSACTION_BLOCK = 'TRANSACTION_BLOCK',

SAR_FILING_REFERENCE = 'SAR_FILING_REFERENCE',

SANCTIONS_CHECK = 'SANCTIONS_CHECK',

SANCTIONS_BLOCK = 'SANCTIONS_BLOCK',

BENEFICIAL_OWNERSHIP = 'BENEFICIAL_OWNERSHIP',

ACCOUNT_FREEZE = 'ACCOUNT_FREEZE',

ACCOUNT_UNFREEZE = 'ACCOUNT_UNFREEZE',

}

🔹 11.5.3 Regulatory Inspector Access

SEC and other regulatory inspectors can directly verify compliance procedures through multiple access methods:

Access Method

Description

Public Blockchain Explorer

Compliance records viewable through standard Solana explorers (Solscan, Explorer.Solana.com); no special credentials required

Regulatory API

Dedicated API with enhanced query capabilities for bulk compliance verification; authenticated access for authorized regulators

Evidence Retrieval

Document hashes enable verification against off-chain records; IPFS retrieval for full documents; hash comparison proves integrity

Timeline Reconstruction

Complete chronological history of any investor's compliance journey; all state transitions recorded with timestamps

Compliance Dashboard

Web-based dashboard for regulators with export capabilities; aggregated compliance metrics; alert monitoring

🔹 11.5.4 Cryptographic Proof Standards

Each compliance record includes cryptographic proof enabling independent verification:

// Cryptographic Proof Standards

interface CryptographicProofStandards {

/**

  • Cryptographic standards for compliance verification

*/

// Timestamp proof

timestampProof: {

method: 'SOLANA_SLOT_ANCHOR';

precision: '~400ms'; // Slot time

verifiability: 'BLOCKCHAIN_CONSENSUS';

tamperResistance: 'CRYPTOGRAPHICALLY_GUARANTEED';

};

// Document integrity proof

documentIntegrity: {

hashAlgorithm: 'SHA-256';

collisionResistance: '2^128'; // Security level

verification: 'RECOMPUTE_AND_COMPARE';

};

// Authorization proof

authorizationProof: {

signatureAlgorithm: 'Ed25519';

keySize: 256; // bits

publicKeyOnChain: true;

verification: 'SIGNATURE_VERIFICATION';

};

// Chain of custody proof

chainOfCustody: {

linkage: 'PREVIOUS_RECORD_HASH';

sequencing: 'SOLANA_SLOT_ORDER';

gapDetection: 'SEQUENCE_ANALYSIS';

};

}

Proof Element

Standard

Verification Method

Timestamp

Solana slot number

Slot anchored to network consensus; ~400ms precision

Document Hash

SHA-256

Recompute hash of original document; compare to on-chain

Signature

Ed25519

Verify signature against known compliance officer public key

Chain of Custody

Linked records

Verify complete history with no gaps via sequence analysis

🔹 11.5.5 Record Retention Requirements

OTCM Protocol maintains compliance records in accordance with regulatory retention requirements:

  • KYC Records: 5 years after account closure (Empire31 StockCFR Transfer)1010.430)
  • Transaction Records: 5 years Truefrom 1:transaction date
  • SAR Records: 5 years from filing date (confidential)
  • CTR Records: 5 years from filing date
  • Accreditation Records: Duration of investment plus 5 years
  • Blockchain Permanence: On-chain records retained indefinitely by network design ✓ Regulatory Advantage

Unlike traditional compliance records maintained in company databases (subject to alteration, loss, or destruction), OTCM's on-chain records are immutable by design. Regulators need not trust the company—they can independently verify compliance through blockchain inspection with cryptographic certainty.

📋 11.5 Immutable Audit Trail

🔹 1.5.1 equityCEDEX backing— Layer 5 (SeriesSee MSection preferred5)

shares)

Every ST22 token transfer, 42compliance verification event, and Transfer Hook securityexecution controlsgenerates an immutable on-chain record. These records cannot be altered, deleted, or selectively disclosed — they exist permanently on the Solana blockchain and are accessible to any regulatory inspector with the appropriate wallet address or block explorer access. OTCM's audit trail exceeds SEC Rule 17a-4 requirements for electronic records retention by providing cryptographic proof of every compliance decision at transaction level.

🔹 11.5.2 Compliance Record Data Structures

Record Type

On-Chain Data

Retention

Transfer Hook execution

Hook ID, result, timestamp, wallet addresses

Permanent (mathematicalSolana investorledger)

KYC protection)verification event

Hash of verification result, timestamp, provider

Permanent liquidity(Solana locksledger)

OFAC screening result

Screening timestamp, result code, SDN list version

Permanent (counterpartySolana ledger)

AML risk eliminated)score

Risk score └─────────────────────────────────────────────────────────────────────────────┘bucket, timestamp, ┌─────────────────────────────────────────────────────────────────────────────┐transaction hash

Permanent THE(Solana RESULTledger)

Circuit breaker activation

Trigger ──────────condition, TWAP at Permanent,trigger, compliant,recovery liquidtime

Permanent markets(Solana ledger)

🔹 11.5.3 Regulatory Inspector Access

OTCM Protocol provides SEC, FINRA, and FinCEN inspectors with dedicated read-only wallet addresses enabling direct on-chain audit access without requiring OTCM Protocol cooperation for securitiesdata thatproduction. currentlyThis design is haveintentional: regulatory inspection capability is structural, not subject to company cooperation. Inspector access documentation is maintained current and provided proactively upon regulatory engagement.

🔹 11.5.4 Cryptographic Proof Standards

Each on-chain compliance record is signed with OTCM Protocol's program keypair, providing cryptographic non-repudiation. Records cannot be backdated, altered post-execution, or selectively omitted. Third-party verification of any compliance record requires only the Solana block hash and the transaction signature — no market—withOTCM cooperation required.

⚠️ 11.6 Regulatory Risk Matrix

This section provides a comprehensive regulatory clarityrisk thatassessment enablesfor institutionalOTCM Protocol operations:

participation

Regulatory Area

Risk Level

Mitigation

Status

Securities Classification

LOW

Explicit securities structure

Designed as securities from inception

Accreditation Verification

LOW

Third-party verification

Automated verification workflow

Transfer Agent Compliance

LOW

Empire Stock Transfer

SEC-registered partner

AML/KYC Compliance

LOW

Exceeds BSA minimums

Chainalysis, TRM, FinCEN integration

OFAC Sanctions

LOW

Real-time SDN screening

Transfer Hook enforcement

Exchange Act Compliance

MEDIUM

Protocol positioning

Decentralized AMM structure

State Blue Sky

LOW

506(c) preemption

Federal preemption of state reg

International Compliance

MEDIUM

Reg S + jurisdiction restrictions

Country-specific compliance

💡 Overall Regulatory Risk Assessment

OTCM Protocol's compliance-first design results in LOW overall regulatory risk. The explicit securities structure, established exemptions, SEC-registered transfer agent partnership, and investorcomprehensive protectionAML exceedingframework traditionalprovide marketsstrong regulatory └─────────────────────────────────────────────────────────────────────────────┘foundation. Medium ┌─────────────────────────────────────────────────────────────────────────────┐ │ THE OPPORTUNITY │ │ ─────────────── │ │ • Issuers: Category 1 tokenizationrisks in 2-4Exchange weeksAct forpositioning $1K-$25Kand international compliance are Investors:actively Accessmanaged tothrough compliantongoing tokenizedlegal securitiescounsel globally │ │ • Partners: Build on Category 1 compliant infrastructure │ │ │ │ Contact: issuers@otcm.io | invest.otcm.io | partners@otcm.io │ └─────────────────────────────────────────────────────────────────────────────┘

© 2026 OTCM Protocol, Inc. | All Rights Reservedengagement.

Aligned with SEC Division of Corporation Finance, Division of Investment Management, and Division of Trading and Markets Joint Statement dated January 28, 2026━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

ST22 Tokenized Securities are securities under federal securities laws. The OTCM Utility Token is a utility token that is NOT backed by securities. This document is for informational purposes only and does not constitute an offer to sell or solicitation of an offer to buy any securities.

Back to top