Audit programs Rippling believes that a robust payments and payroll Compliance and Risk program must include independent assessments of key policies, procedures, and other controls. To this end, Rippling leverages experienced independent auditors specializing in fintech compliance to review and assess our major Compliance and Risk programs on an annual basis. Anti-money laundering audit Rippling’s AML and OFAC programs are independently assessed on an annual basis. These reviews test the overall integrity and effectiveness of the AML and OFAC systems, controls, and technical compliance with the Bank Secrecy Act and other applicable laws and regulations. The reviews also evaluate the effectiveness of company procedures and employee knowledge of and execution against those procedures. Fraud and risk audit Rippling’s Fraud and Risk program is independently reviewed each year to test the maturity and strength of Rippling’s fraud and credit risk controls, including the effectiveness of prevention and detection controls and the efficiency of mitigation procedures. Nacha audit Rippling’s ACH Program is reviewed annually to ensure that all processes are executed in compliance with the Nacha Operating Rules, the governing organization of the ACH Network. This audit includes a review of our compliance policies and framework, information security policies, and other operational procedures relevant to the creation, transmission, and return of ACH files with partner institutions. Rippling helps businesses manage all their employee operations— Rippling helps businesses manage all their employee operations— from HR to IT—in a single place, enabling you to automate payroll, from HR to IT—in a single place, enabling you to automate payroll, benefits, computers, apps, and more. benefits, computers, apps, and more. ©© 2 2002211 R Ripippplinlingg 4