Anti-Money Laundering program Our AML program utilizes risk-based policies and controls to monitor the inherent risks with our unique product offerings and customer portfolios. Internal policies All high-level and relevant compliance policies, including the AML Policy and AML Risk Assessment, are reviewed annually and approved by the Board of Directors. Program and procedure documentation providing more detailed information on operational standards is maintained by the Compliance team and internally restricted to protect sensitive information as needed. Compliance officer The Compliance program is overseen by the Board-appointed Compliance Officer, with experience in payments and financial transac- tions compliance. Training Rippling conducts annual AML and risk training for all employees working on payments-related products, including targeted team training focused on specific risks that vary by function. Independent testing Rippling undergoes an annual third-party audit to evaluate the overall adequacy and maturity of our BSA/AML compliance program and adherence to regulatory requirements. Customer due diligence Rippling maintains a robust Know Your Customer (KYC) program (also known as a Customer Due Diligence program), which includes enhanced due diligence procedures designed to understand customer risk profiles and provide a greater level of scrutiny where appropriate. Risk and fraud operations Robust fraud detection and risk mitigation measures are essential to ensuring a safe and healthy payments and payroll platform and overall financial ecosystem. To this end, Rippling has developed and runs a rippling.com | Payments Compliance and Risk Programs 2