Skip to content

02_ANCHOR_PARTNERSHIP_SLA_TEMPLATE.md

Latest commit

 

History

History
1117 lines (895 loc) · 56.2 KB

02_ANCHOR_PARTNERSHIP_SLA_TEMPLATE.md

File metadata and controls

1117 lines (895 loc) · 56.2 KB

Anchor Partnership SLA Template

1. Agreement Overview

Parties: Program Administrator (Platform) and Anchor Partner (BSP-Licensed EMI/Bank/Trust)

Effective Date: [Date]

Term: Two (2) years from Effective Date, with automatic one (1) year renewals unless either party provides ninety (90) days written notice

Governing Law: Republic of the Philippines

Regulatory Framework: BSP Circulars 1098, 946, 808, 1097, 1126, 972; AMLA RA 9160; DPA RA 10173

1.1 Purpose

This Service Level Agreement ("SLA") establishes the operational, technical, and compliance commitments between the Program Administrator and the Anchor Partner for the provision of fiat custody, Stellar network settlement, and related financial services within the Program ecosystem. This SLA is an annex to the Master Services Agreement ("MSA") between the parties and forms an integral part thereof.

1.2 Scope

This SLA covers:

  • Fiat currency custody and reserve management
  • Stellar Ecosystem Protocol (SEP) integration and compliance
  • Payment processing and settlement services
  • KYC/AML information exchange
  • Liquidity provisioning and management
  • Agent float and working capital management
  • Merchant settlement guarantees
  • Audit rights and regulatory compliance
  • Dispute resolution and escalation procedures

2. Definitions

Term Definition
Anchor BSP-licensed EMI, rural bank, or universal bank providing fiat custody and Stellar SEP services
SEP Stellar Ecosystem Protocol, a standard for interoperability on the Stellar network
PHP Float Fiat Philippine Peso held in segregated trust account backing on-chain PHP-pegged tokens
NAV Net Asset Value: ratio of off-chain reserve balance to on-chain token supply
Program Administrator Platform entity managing orchestration, compliance tooling, and government relationships
ClaimableBalance Stellar protocol operation for conditional escrow with defined claim conditions
Reserve Account Segregated trust/demand deposit account at BSP-supervised institution
T+0 Same-day settlement
T+1 Next business day settlement
Idempotency Key UUID v4 ensuring exactly-once processing of requests
Webhook HTTP callback for asynchronous event notification
SLA Breach Failure to meet a defined service level commitment
Material Adverse Effect Event significantly impairing anchor's ability to fulfill obligations
Business Day Any day except Saturday, Sunday, and Philippine regular holidays
Settlement Window Agreed timeframe for settlement processing
Obligation Ledger Platform's append-only system-of-record for all financial obligations
Circuit Breaker Automated restriction triggered at defined utilization thresholds
BSP Bangko Sentral ng Pilipinas (Central Bank of the Philippines)
AMLC Anti-Money Laundering Council
DPA National Privacy Commission (Data Privacy Authority under RA 10173)
KYC Know Your Customer verification process
AML/CFT Anti-Money Laundering / Countering the Financing of Terrorism
CTR Currency Transaction Report (threshold: PHP 500,000 or equivalent)
STR Suspicious Transaction Report
SAR Suspicious Activity Report
PDP Policy Decision Point: platform authorization engine for payment approvals
Reconciliation Control Tower Platform system for real-time dual-ledger reconciliation
SEP-10 Stellar Web Authentication protocol
SEP-12 KYC Information Exchange protocol
SEP-24 Hosted Deposit and Withdrawal protocol
SEP-31 Receiver-Sender Cross-Border Payments protocol
SEP-38 Request for Quote (RFQ) FX protocol

3. Scope of Services

3.1 Anchor Responsibilities

The Anchor Partner shall provide the following services in accordance with the commitments set forth in this SLA:

  • Fiat Custody: Maintain BSP-compliant segregated reserve/trust account for all program funds in accordance with BSP Circular 1098 (Regulations on Electronic Money Issuers) and BSP Circular 946 (Enhanced Regulations on EMI Operations).
  • SEP-10 (Stellar Web Authentication): Provide challenge-transaction authentication for all platform-originated Stellar transactions, including domain validation, client account verification, and challenge signing.
  • SEP-12 (KYC Information Exchange): Accept and process KYC verification requests, maintain KYC status data, and respond to platform queries within defined SLA timeframes.
  • SEP-24 (Hosted Deposit/Withdrawal): Provide hosted web interface for fiat on-ramp and off-ramp flows, with real-time status tracking and webhook notification to the platform.
  • SEP-31 (Receiver-Sender Payments): Process cross-border and domestic payment instructions, including compliance screening, receiver information validation, and settlement confirmation.
  • SEP-38 (RFQ FX Quoting): Provide firm and indicative FX quotes for multi-currency program support, with defined spread limits and quote validity periods.
  • Asset Issuance: Issue and manage PHP-pegged tokens on Stellar with compliance flags (AUTH_REQUIRED, AUTH_REVOCABLE, AUTH_CLAWBACK_ENABLED) in accordance with BSP Circular 1126 (Digital Assets Framework).
  • Transaction Reporting: Provide real-time transaction confirmation and settlement reporting to the platform Reconciliation Control Tower via API and webhook.
  • Reserve Reporting: Deliver daily reserve balance data and cooperate with monthly attestation processes as specified in Section 4.
  • Liquidity Maintenance: Maintain minimum liquidity buffer as defined in Section 6.2 and promptly notify the platform of any buffer shortfalls.

3.2 Platform Responsibilities

The Program Administrator shall:

  • Customer Onboarding: Manage end-to-end KYC enrollment and tier classification (Tiers 0-3) in accordance with the platform KYC specification and BSP guidelines.
  • Policy Decision Point (PDP): Evaluate all payment authorization requests against program policies, beneficiary eligibility, and spending limits before forwarding payment instructions to the anchor.
  • Obligation Ledger: Maintain the append-only Obligation Ledger as the system-of-record for all financial obligations, and perform dual-ledger reconciliation with anchor transaction records.
  • AML Screening: Conduct AMLC-mandated screening including transaction monitoring, CTR filing (threshold: PHP 500,000 per AMLA RA 9160), and STR/SAR detection and reporting.
  • Government Program Administration: Manage government program enrollment, benefit eligibility verification, and disbursement scheduling.
  • Dispute Resolution: Serve as first-line intake for customer disputes, perform initial investigation, and escalate to anchor when appropriate.
  • Agent Network Management: Recruit, accredit, and monitor the agent network in accordance with BSP Circular 808 (Regulations on Rural Bank Operations) and agent tier requirements.

4. Fiat Custody & Reserve Segregation

4.1 Reserve Account Structure

Parameter Requirement
Account type Segregated trust/demand deposit account at BSP-supervised institution
Account title "[Anchor Name] as Trustee for [Program Name] Beneficiaries"
Legal segregation clause "All funds held in the Reserve Account are the exclusive property of [Program] Beneficiaries and shall not form part of the Anchor's general assets, shall not be available to satisfy claims of the Anchor's creditors, and shall not be used for any purpose other than fulfilling payment obligations to Beneficiaries."
Signatory requirements Dual signatory: anchor treasury officer + platform treasury representative
Daily balance reporting Automated API feed to platform Reconciliation Control Tower by 08:00 PHT
Independent auditor access Monthly reserve attestation, quarterly external audit
Bank institution tier Must be a BSP-supervised bank (Universal/Commercial/Rural) or licensed EMI

4.2 1:1 PHP Float Backing

  • Every on-chain PHP-pegged token shall be backed 1:1 by PHP in the reserve account.
  • No fractional reserve banking is permitted under any circumstances.
  • No commingling with anchor operational or proprietary accounts.
  • No rehypothecation, lending, or investment in interest-bearing instruments that introduce counterparty risk beyond Philippine government treasury bills (subject to platform written consent).
  • NAV Calculation: NAV = Total Reserve Balance / Total On-Chain PHP Token Supply
  • Target NAV: 1.0000
  • Acceptable Variance: +/- 0.01%
  • Variance > 0.01%: Automatic system halt + investigation queue + BSP notification within 24 hours per BSP Circular 1098 Section 4.3.
  • Variance > 0.05%: Immediate regulatory notification, public disclosure, and emergency board session convened within 48 hours.

4.3 Reserve Attestation Cadence

Attestation Type Frequency Conductor Timeline Distribution
Internal Monthly Anchor Treasury + Platform Treasury Within 5 business days of month-end Platform, Anchor
External Quarterly BSP-accredited audit firm Within 15 business days of quarter-end Platform, Anchor, BSP (if required)
Annual comprehensive Annually BSP-accredited audit firm Within 60 days of fiscal year-end Board of Directors, BSP
Spot/triggered Upon variance >0.05% or regulator request Independent auditor Within 10 business days Platform, BSP, AMLC

4.4 Reserve Investment Restrictions

Permissible reserve investments are limited to:

  1. Philippine Peso demand deposits at BSP-supervised institutions
  2. Philippine government treasury bills (BSP-registered, with platform written consent)
  3. BSP reverse repurchase agreements (overnight only)

Prohibited investments include:

  • Corporate bonds or commercial paper
  • Equities or equity-linked instruments
  • Derivatives or structured products
  • Foreign currency-denominated instruments (unless approved for cross-border program)
  • Any instrument with maturity exceeding 90 days

5. SEP Protocol Integration Requirements

5.1 SEP-10: Stellar Web Authentication

Parameter Requirement
Challenge transaction format Domain, client account, memo (containing platform transaction reference)
Challenge expiry 5 minutes from generation
Platform validation Platform verifies challenge signatures before allowing any Stellar operations
Key management Anchor signs with Stellar signing key, verified via stellar.toml hosted at anchor domain
Authentication scope Required for all platform-originated Stellar operations including payments, KYC exchanges, and asset transfers
Key rotation Anchor must rotate signing keys quarterly; 48-hour advance notice to platform required
Domain verification stellar.toml must include SIGNING_KEY, ORG_NAME, ORG_PHYSICAL_ADDRESS, ORG_OFFICIAL_EMAIL per SEP-1 specification

5.2 SEP-12: KYC Information Exchange

Parameter Requirement
Endpoint PUT /kyc/transactions/{id} for KYC status updates
Supported status fields status (PENDING, APPROVED, REJECTED, REVOKED), message, updated_at
KYC data fields per tier Tier 0: Phone number only; Tier 1: Name, date of birth, government ID reference; Tier 2: Full PhilSys/valid ID verification; Tier 3: Enhanced due diligence (source of funds, purpose)
Response SLA Tier 0/1: within 2 minutes; Tier 2/3: within 15 minutes
Data submission Platform submits KYC data via SEP-12 fields; anchor returns verification status
Status updates Anchor must push status change webhook to platform within 30 seconds of status determination
Data retention KYC data retained per AMLC requirements: minimum 5 years post-transaction

5.3 SEP-24: Hosted Deposit & Withdrawal

Parameter Requirement
Endpoint GET /transaction/{id} for deposit/withdrawal status tracking
Supported transaction types deposit-fiat, withdrawal-fiat
Required fields amount, asset_code, source_account, destination_account, status, eta
Status webhook Notification to platform within 30 seconds of status change
User experience Anchor-hosted web interface for fiat on-ramp/off-ramp, mobile-responsive, accessible at anchor domain
Deposit SLA Funds credited to reserve within 4 hours of bank confirmation (T+0 corridors)
Withdrawal SLA Fiat disbursed to user bank account within 1 business day of on-chain burn confirmation
Transaction fee disclosure All fees disclosed upfront via SEP-24 fee field before user confirmation

5.4 SEP-31: Receiver-Sender Payment Processing

Parameter Requirement
Endpoint POST /transactions for payment initiation
Required fields amount, asset_code, source_account, destination_account, destination_memo, fields (receiver information per corridor requirements)
Idempotency key X-Idempotency-Key header, UUID v4, mandatory
Settlement confirmation Webhook to platform within 60 seconds of Stellar confirmation
Payment status tracking pending_sender, pending_receiver, pending_customer_info_update, completed, error, expired
Settlement SLA T+0 for domestic PHP, T+1 for cross-border corridors
Compliance screening Anchor screens all transactions against AMLC consolidated list and UN sanctions lists
Transaction limit Per transaction and daily limits configurable per program policy, default: PHP 500,000/transaction, PHP 2,000,000/day

5.5 SEP-38: RFQ FX Quoting

Parameter Requirement
Quote endpoint GET /prices for firm FX quotes; POST /prices for indicative quotes
Quote validity Minimum 30 seconds from quote timestamp
Supported pairs PHP/XLM, PHP/[program asset], [program asset]/PHP
Slippage tolerance Maximum 0.5% deviation from interbank rate at time of quote
Spread limit Maximum 1.5% above mid-market rate for PHP pairs
Quote refresh Automatic refresh every 10 seconds during active payment flow
Quote source BSP-authorized FX dealer or interbank market (e.g., Philippine Dealing System)
Rate source transparency Anchor must disclose rate source and calculation methodology upon request

6. Liquidity & Settlement Commitments

6.1 Settlement Timeframes

Transaction Type Settlement Target Maximum Time Penalty After SLA
Domestic PHP transfer (T+0) Same business day 4 hours 0.1% of transaction value
Domestic PHP transfer (T+1) Next business day 24 hours 0.05% per day delay
Cross-border (SEP-31) Per corridor agreement 2-3 business days Per corridor SLA
Voucher issuance On-chain confirmation 10 seconds (Stellar) N/A
Reserve withdrawal Bank processing 1 business day 0.1% per day delay
Merchant settlement (T+0 digital) Immediate on-chain Stellar confirmation time N/A
Merchant settlement (T+1 fiat) Next business day 24 hours 0.05% per day delay
T+2+ delayed settlement Breach threshold 48 hours 0.1-0.5% automatic penalty accrual

6.2 Liquidity Guarantees

  • Minimum Liquidity Buffer: Anchor maintains a minimum liquidity buffer of 15% of rolling 30-day average daily program volume.
  • Buffer Formula: Buffer = 0.15 * (SUM(daily_disbursements[last_30_days]) / 30)
  • Buffer Shortfall Notification: Immediate notification required within 1 hour of detection.
  • Buffer Restoration Commitment: Full restoration within 4 business hours of shortfall notification.
  • Repeated Shortfall Threshold: Three (3) or more shortfalls in any rolling 30-day period grants the platform the right to terminate with 30 days written notice.
  • Buffer Reporting: Daily buffer status reported to platform Reconciliation Control Tower via API.

6.3 Anchor Concentration & Systemic Risk Controls

Parameter Limit Rationale
Minimum anchor partners 2 (MVP), 3+ (Scale phase) Redundancy, failover capability
Maximum float exposure per anchor 40% of total reserve Diversification, single-anchor failure impact
Emergency concentration limit 60% single anchor (temporary, max 72 hours) During failover transition only
Anchor rebalancing frequency Monthly or upon breach Maintain exposure limits
Cross-anchor correlated exposure 60% combined maximum Diversification requirement

6.4 Circuit Breaker Levels

Level Trigger Condition Automated Actions Recovery Requirement
Green (0-70%) Normal operations No restrictions N/A
Yellow (70-85%) Anchor liquidity below 70% of required Enhanced monitoring, halt new issuances, notify treasury team Restore to >85%
Orange (85-95%) Anchor liquidity below 85% stress threshold Halt all disbursements, emergency anchor funding request, BSP notification Restore to >95% with external funding
Red (>95%) Critical reserve depletion Full halt, regulatory notification, public disclosure, board emergency session External capital injection, program suspension

Circuit Breaker Escalation Contacts:

Level Primary Contact Secondary Contact Notification Channel
Yellow Anchor Operations Manager Platform Treasury Lead Slack + Email
Orange Anchor CTO/Treasury Head Platform CTO Phone + Email
Red Anchor CEO Platform CEO + BSP Phone + Formal Letter

6.5 Failover Routing Logic

Parameter Requirement
Failure detection 3 consecutive failed health checks over 5 minutes
Automatic failover Within 10 minutes of detection
Data synchronization Last-known Obligation Ledger state pushed to secondary within 5 minutes
Failback procedure Mutual agreement, full reconciliation, signed handover
Failover testing Quarterly disaster recovery drill
Failover penalty Anchor responsible for costs incurred during failover if failure was anchor-caused
Failover notification Platform notifies merchants and agents of routing change within 15 minutes
Partial failover Platform may route specific transaction types (e.g., only domestic PHP) to secondary anchor

7. Agent Float & Working Capital Model

7.1 Pre-Funded Digital Float

  • Agents receive pre-funded digital float allocations from anchor-backed credit lines.
  • Float amount determined by agent tier, historical transaction volume, and risk assessment score.
  • Float held in segregated agent wallet on Stellar with multi-signature control (agent + platform).
  • Zero FX risk and zero liquidity risk transferred to agents under any circumstances.
  • Float allocation reviewed and adjusted monthly based on usage patterns and agent performance.

7.2 Float Management

Parameter Threshold Action
Auto top-up trigger Float balance at 20% of allocated amount Automatic replenishment from anchor credit line
Maximum float per agent PHP 500,000 (Tier 0 agent), PHP 2,000,000 (Tier 1 agent) Risk-based allocation
Daily reconciliation End of each business day Float usage vs. transaction volume matched
Float audit Monthly Agent float account reviewed for anomalies
Float freeze trigger Agent flagged for suspicious activity Immediate freeze, investigation initiated
Float reduction trigger Agent volume drops below 30% of allocated float for 14 consecutive days Reduce allocation by 50%

7.3 Agent Float Reconciliation

  • Daily Reconciliation: Agent float balance reconciled against transaction volume and cash-on-hand at end of each business day.
  • Variance > 0.1%: Flagged for investigation, agent notified within 2 hours.
  • Variance > 1%: Agent suspended pending review, anchor notified, investigation initiated within 24 hours.
  • Monthly Audit: Comprehensive float audit with anchor treasury team, findings reported to platform compliance officer.
  • Reconciliation Report Format:
    • Opening float balance
    • Total disbursed (customer withdrawals)
    • Total collected (customer deposits)
    • Net transaction fees
    • Closing float balance
    • Variance amount and percentage
    • Investigation notes (if variance > 0.1%)

7.4 Agent Credit Line Terms

Parameter Specification
Credit line provider Anchor Partner
Interest rate BSP reference rate + agreed spread (disclosed to agent)
Credit line limit Based on agent tier and risk score
Repayment Automatic deduction from agent settlement proceeds
Default Agent termination, collateral liquidation if applicable

8. Merchant Liquidity Guarantees

8.1 Settlement SLA for Merchants

Settlement Type SLA Description
T+0 Digital Immediate Merchant receives PHP-pegged tokens on Stellar within seconds of transaction confirmation
T+1 Fiat Next business day Anchor converts tokens to fiat and deposits in merchant's bank account
T+2+ Delayed Breach Settlement not completed within 48 hours triggers automatic penalty accrual

8.2 Pre-Funded Merchant Liquidity Pool

  • Eligibility: High-volume vendors with PHP 1,000,000+ monthly processing volume.
  • Pool Funding: Funded by anchor, managed by platform via smart contract on Stellar.
  • Purpose: Ensures T+0 settlement continuity even during anchor processing delays or outages.
  • Pool Size: 10% of merchant's 30-day average processing volume.
  • Pool Replenishment: Automatic replenishment from anchor credit line when pool balance drops below 30%.
  • Pool Withdrawal: Merchant may withdraw pool balance with 2 business days notice.

8.3 Dynamic Routing on Primary Failure

Step Action Timeline
1 Primary anchor settlement failure detected (3 failed health checks) T+0
2 Platform evaluates failover routing rules T+1 minute
3 Merchant transactions automatically routed to secondary anchor T+2 minutes
4 Routing decision logged in Obligation Ledger T+2 minutes
5 Merchant notified of routing change (no action required) T+5 minutes
6 Settlement SLA maintained despite anchor failure Ongoing
7 Failback to primary anchor upon recovery confirmation Upon mutual agreement

8.4 Penalty Accrual for Delayed Settlement

Delay Period Penalty Rate Accumulation
T+2 delay 0.1% of transaction value Per transaction
T+3 delay 0.25% of transaction value Per transaction
T+5+ delay 0.5% of transaction value Per transaction
Maximum cumulative penalty 5% of total monthly settlement volume Cap on monthly penalties
  • Penalties automatically deducted from anchor service fees in the next billing cycle.
  • Penalty report generated monthly and shared with anchor within 5 business days of month-end.
  • Disputed penalties must be raised within 10 business days of report receipt.

9. Penalty Clauses & SLA Breach Compensation

9.1 SLA Breach Classification

Severity Description Examples Response Time Resolution Time Compensation
Critical (S1) Complete service outage, fund loss, reserve shortfall System-wide outage >30 min, reserve NAV variance >0.05%, confirmed fund misappropriation 15 minutes 2 hours 2x daily program fees
High (S2) Partial degradation, delayed settlements Settlement delay >4 hours (T+0), SEP endpoint unavailable >1 hour, webhook delivery failure >10% 30 minutes 4 hours 1x daily program fees
Medium (S3) Intermittent errors, API latency >5 seconds API error rate >1%, average response time >5 seconds, KYC processing delay >30 minutes 1 hour 8 hours 0.5x daily program fees
Low (S4) Non-critical bugs, documentation gaps Minor API field discrepancy, documentation inaccuracy, non-blocking UI issue 4 hours 24 hours Remediation only

9.2 SLA Credit Calculation

  • Monthly SLA Credit: Sum of all breach compensation amounts incurred during the calendar month.
  • Maximum Monthly Credit: 25% of monthly anchor service fees.
  • Credit Application: Applied to next invoice automatically; non-refundable if fees are zero.
  • Termination Threshold: Three (3) or more consecutive months of SLA credits grants the platform the right to terminate with 30 days written notice.
  • Credit Dispute Process: Anchor may dispute credit calculations within 10 business days of invoice issuance; undisputed credits are applied automatically.

9.3 Material Breach & Termination

Material Breach Events:

  1. Regulatory sanction or license suspension by BSP, AMLC, or other competent authority.
  2. Fraud or willful misconduct by anchor personnel affecting program funds or data.
  3. Reserve account shortfall exceeding 0.01% NAV variance not corrected within 4 hours.
  4. Failure to restore liquidity buffer within 24 hours of shortfall notification.
  5. Data breach affecting platform customer data (per DPA RA 10173 breach notification requirements).
  6. Failure to maintain minimum 2-anchor configuration during Scale phase.
  7. Unauthorized rehypothecation or investment of reserve funds.
  8. Repeated failure to cooperate with audit requirements (2+ missed audits in 12 months).

Termination Provisions:

Termination Type Notice Period Trigger Transition Period
Convenience 90 days Either party 90 days
Material breach 30 days Material breach event 60 days
Regulatory action Immediate BSP order, license revocation As directed by regulator
Insolvency Immediate Bankruptcy filing, receivership As directed by court

Post-Termination Obligations:

  • Data return in agreed format (JSON/CSV for transaction data, PDF for audit reports)
  • Fund transfer to replacement anchor within 10 business days
  • Full Obligation Ledger reconciliation and sign-off
  • Audit cooperation for 12 months post-termination
  • Continued confidentiality obligations per Section 15

10. Anchor SLA Monitoring Dashboard

10.1 Dashboard Metrics

Metric Measurement Alert Threshold Update Frequency Escalation Trigger
Uptime percentage Successful health checks / total health checks <99.5% Every 30 seconds S2 breach
Settlement speed P50 Median time from payment initiation to Stellar confirmation >30 seconds Per transaction S3 breach
Settlement speed P95 95th percentile settlement time >2 minutes Per transaction S2 breach
Settlement speed P99 99th percentile settlement time >5 minutes Per transaction S1 breach
Liquidity buffer % Current buffer / required buffer * 100 <20% Every 5 minutes Circuit breaker Yellow
NAV variance NAV - 1.0 * 100 >0.005%
SEP compliance SEP-10/12/24/31/38 endpoint availability <99.9% Per request S2 breach
Webhook delivery rate Successful webhook deliveries / total <99% Per event S3 breach
Error rate 5xx responses / total API responses >0.1% Per minute S3 breach
API response time P95 95th percentile API response latency >2 seconds Per minute S3 breach
KYC processing time Average time from KYC submission to status response >5 minutes (Tier 0/1), >20 minutes (Tier 2/3) Per transaction S3 breach
Reserve reporting timeliness On-time daily reports / total expected <95% Daily S4 breach

10.2 Automated Breach Detection

Breach detection workflow:

  1. Detection: Real-time monitoring system detects metric breaching threshold.
  2. Classification: System classifies breach severity (S1-S4) based on impact and duration.
  3. Failover Routing Evaluation: If anchor-specific breach, evaluate failover routing per Section 6.5.
  4. Penalty Accrual Calculation: Calculate applicable penalty per Section 9.
  5. Platform Notification: Notify platform treasury team via dashboard alert, email, and Slack.
  6. Anchor Notification: Notify anchor operations team via webhook, email, and SMS (S1/S2 only).
  7. Audit Trail: Breach event logged in immutable audit trail with timestamp, metric value, and classification.
  8. Resolution Tracking: System tracks resolution time from detection to recovery; auto-closes breach when metric returns to acceptable range for 15 consecutive minutes.

10.3 Dashboard Access

  • Platform Users: Full read access to all metrics, real-time updates, export functionality.
  • Anchor Users: Read access to own anchor metrics, breach history, penalty reports.
  • Regulator Access: Read-only access to reserve metrics, NAV, and compliance reports (upon BSP request).
  • Audit Log Access: Immutable audit log accessible to both parties; export in JSON format for external audit.

11. Audit Rights & Compliance

11.1 Platform Audit Rights

Audit Type Frequency Scope Notice Cost Bearer
Operational Quarterly Anchor service delivery, SLA compliance, SEP conformance 5 business days Platform
Reserve attestation Monthly Reserve balance verification, NAV calculation, 1:1 backing 2 business days Shared
Comprehensive annual Annually Full operational, financial, compliance, and security review 10 business days Platform
Breach-triggered Upon material breach Targeted investigation of breach root cause and impact Immediate (no notice) Anchor
Regulatory preparation Upon regulatory notice Preparation for BSP/AMLC examination 5 business days Platform

11.2 Regulatory Audit Cooperation

  • Anchor must cooperate fully with BSP examinations, AMLC investigations, and DPA compliance reviews.
  • Platform must be notified of any regulatory examination within 24 hours of notice receipt.
  • Examination findings, observations, and recommendations must be shared with platform within 5 business days of receipt.
  • Joint remediation planning required for any regulatory findings within 15 business days of receipt.
  • Anchor must implement remediation actions within timelines agreed with regulator and platform.
  • Failure to cooperate with regulatory examination constitutes material breach under Section 9.3.

11.3 Reporting Requirements

Report Frequency Content Delivery Method Due Date
Reserve balance Daily Account balance, on-chain supply, NAV, variance API + email 08:00 PHT next day
Transaction summary Daily Volume, count, failures, fees, average settlement time API 08:00 PHT next day
Liquidity buffer status Daily Buffer amount, required amount, variance, shortfall hours API 08:00 PHT next day
SEP compliance Monthly SEP-10/12/24/31/38 conformance report, endpoint uptime PDF + API 5th business day
Incident log Weekly All incidents, resolution status, root cause, preventive actions API + email Monday 09:00 PHT
Reserve attestation Monthly External/internal auditor opinion, NAV certification PDF 5th business day
SLA performance Monthly All SLA metrics, breach incidents, penalties, credits Dashboard + PDF 5th business day
KYC summary Monthly Applications processed, approval rate, average processing time, rejection reasons PDF 5th business day
AML/CFT summary Quarterly CTRs filed, STRs filed, screening results, false positive rate PDF + secure email 10th business day

11.4 Compliance Framework Alignment

This SLA aligns with the following regulatory requirements:

Regulation Requirement SLA Reference
BSP Circular 1098 EMI reserve segregation, reporting Sections 4.1, 4.2, 11.3
BSP Circular 946 Enhanced EMI operational requirements Sections 3.1, 6.3
BSP Circular 808 Rural bank operations Sections 3.1, 7.1
BSP Circular 1097 Payment system oversight Sections 5.4, 6.1
BSP Circular 1126 Digital asset framework Sections 3.1, 4.2
BSP Circular 972 Risk management guidelines Sections 6.3, 6.4
AMLA RA 9160 Anti-money laundering Sections 3.2, 5.4, 11.3
DPA RA 10173 Data privacy Sections 15, 11.2
NPC Advisory 2024-01 Data breach notification Section 15

12. Dispute Resolution

12.1 Dispute Classification

Type Examples Resolution Process Timeline Escalation Path
Transaction dispute Failed payment, wrong amount, double-charge, delayed settlement Investigation by both parties, reversal if confirmed 5 business days Ops teams -> Department heads
Custody dispute Reserve shortfall, NAV variance, attestation failure, investment violation Joint investigation, independent auditor involvement 10 business days Treasury teams -> Executive sponsors
Compliance dispute KYC mismatch, AMLC flag, screening error, CTR/STR filing disagreement Compliance officer escalation, regulatory consultation if needed 3 business days Compliance officers -> Legal
Technical dispute API failure, webhook delivery failure, data inconsistency, SEP non-conformance Engineering joint debugging, log analysis, root cause determination 2 business days Engineering teams -> CTOs
Contractual dispute Fee disagreement, SLA interpretation, penalty calculation, termination dispute Legal negotiation, mediation if unresolved 30 days Legal teams -> Mediation
Emergency settlement Manual payout authorization, Obligation Ledger binding, fund recovery Dual-control review, regulator notification if fund loss suspected 48 hours Treasury + Legal -> Board

12.2 Escalation Path

Level Participants Timeframe Authority
1. Operational Ops managers, engineering leads 24 hours Investigation, fact-finding
2. Department Heads Treasury heads, compliance officers, tech leads 48 hours Resolution proposal
3. Executive Sponsors C-level executives, authorized decision-makers 5 business days Binding resolution
4. Mediation Philippine Dispute Resolution Center, Inc. (PDRCI) 30 days Non-binding mediation
5. Arbitration Construction Industry Arbitration Commission (CIAC) or courts of Manila Per applicable rules Binding arbitration

12.3 Force Majeure

Defined Force Majeure Events:

  1. Natural disasters (typhoons, earthquakes, volcanic eruptions, floods)
  2. War, armed conflict, terrorism, or civil unrest
  3. Government action (executive order, BSP directive, legislative action)
  4. BSP payment system or RTGS outage exceeding 4 hours
  5. Stellar network consensus failure exceeding 30 minutes
  6. Pandemic or epidemic resulting in government-imposed restrictions
  7. Critical infrastructure failure (power grid, telecommunications) not within either party's control

Force Majeure Obligations:

  • Notification: Affected party must notify the other within 4 hours of event occurrence.
  • Mitigation: Both parties must use best efforts to maintain or restore service within the constraints of the force majeure event.
  • Fallback Mode: Platform Fallback Mode operations activated per platform architecture (refer to 00_ARCHITECTURE_BACKGROUND.md).
  • Reserve Protection: During force majeure, reserve account protection remains paramount; no fund movement without dual signatory approval.
  • Termination Right: If force majeure exceeds 30 consecutive days, either party may terminate with 15 days written notice.
  • Post-Event Reconciliation: Full Obligation Ledger reconciliation within 5 business days of service restoration.

12.4 Governing Law & Jurisdiction

  • This SLA shall be governed by and construed in accordance with the laws of the Republic of the Philippines.
  • Any dispute arising from this SLA shall first be subject to mediation under PDRCI rules.
  • If mediation fails, disputes shall be resolved through binding arbitration under CIAC rules or in the courts of competent jurisdiction in Manila, Philippines.
  • The United Nations Convention on Contracts for the International Sale of Goods (CISG) shall not apply.

13. Technical API Contract — Anchor Orchestrator

13.1 Base URL & Authentication

Parameter Specification
Base URL https://anchor.[partner-domain].com/api/v1
Authentication SEP-10 JWT token in Authorization: Bearer <token> header
Mutual TLS Required for all endpoints; certificate pinning recommended
Rate limiting 1,000 requests per minute per API key
API versioning URL-based versioning; minimum 6 months notice for deprecation
Request ID X-Request-ID header (UUID v4) required for all requests; logged in audit trail
Response format JSON, UTF-8 encoded
Date format ISO 8601 (YYYY-MM-DDTHH:mm:ss.sssZ)
Amount format Decimal string (e.g., "1500.00"), never floating point

13.2 Endpoints

POST /payments/initiate

Initiate a new payment transaction.

Request:

{
  "idempotency_key": "uuid-v4-string",
  "amount": "string (decimal, e.g., '1500.00')",
  "asset_code": "PHP",
  "source_account": "stellar-public-key",
  "destination_account": "stellar-public-key",
  "destination_memo": "string (optional)",
  "payment_type": "voucher|direct|reimbursement",
  "policy_context": {
    "program_id": "string",
    "beneficiary_id": "string",
    "vendor_id": "string (optional)",
    "category_tags": ["string"]
  },
  "callback_url": "https://platform.example.com/webhooks/anchor"
}

Response (201 Created):

{
  "payment_id": "uuid-v4-string",
  "status": "pending|processing|completed|failed|cancelled",
  "stellar_transaction_hash": "string (nullable)",
  "created_at": "2026-04-07T10:30:00.000Z",
  "updated_at": "2026-04-07T10:30:00.000Z",
  "eta": "2026-04-07T10:30:10.000Z (nullable)",
  "fee": "string (decimal)",
  "idempotency_key": "uuid-v4-string"
}

Error Responses:

  • 400 Bad Request: Invalid request parameters (ERR_VALIDATION)
  • 401 Unauthorized: Invalid or expired auth token (ERR_UNAUTHORIZED)
  • 403 Forbidden: Compliance flag blocking transaction (ERR_COMPLIANCE_BLOCK)
  • 409 Conflict: Idempotency key conflict (ERR_DUPLICATE)
  • 429 Too Many Requests: Rate limit exceeded (ERR_RATE_LIMIT)
  • 500 Internal Server Error: Internal anchor error (ERR_INTERNAL)
  • 502 Bad Gateway: Stellar network error (ERR_STELLAR_NETWORK)
  • 503 Service Unavailable: Anchor liquidity shortage (ERR_INSUFFICIENT_LIQUIDITY), reserve shortfall (ERR_RESERVE_SHORTFALL), circuit breaker triggered (ERR_CIRCUIT_BREAKER)

GET /payments/{payment_id}

Retrieve payment status.

Response (200 OK): Same structure as POST /payments/initiate response, with updated status, stellar_transaction_hash, and updated_at fields.

Error Responses:

  • 404 Not Found: Payment not found (ERR_NOT_FOUND)
  • 401 Unauthorized: Invalid or expired auth token (ERR_UNAUTHORIZED)

POST /kyc/submit

Submit KYC data for anchor verification.

Request:

{
  "idempotency_key": "uuid-v4-string",
  "kyc_tier": "0|1|2|3",
  "fields": {
    "first_name": "string",
    "last_name": "string",
    "date_of_birth": "YYYY-MM-DD",
    "phone_number": "string",
    "government_id_type": "philsys|passport|drivers_license|UMID",
    "government_id_number": "string",
    "address": "string (optional)",
    "source_of_funds": "string (Tier 3 only)",
    "purpose": "string (Tier 3 only)"
  },
  "callback_url": "https://platform.example.com/webhooks/kyc"
}

Response (201 Created):

{
  "kyc_transaction_id": "uuid-v4-string",
  "status": "PENDING|APPROVED|REJECTED|REVOKED",
  "submitted_at": "2026-04-07T10:30:00.000Z",
  "estimated_completion": "2026-04-07T10:32:00.000Z"
}

GET /kyc/{kyc_transaction_id}

Retrieve KYC verification status.

Response (200 OK):

{
  "kyc_transaction_id": "uuid-v4-string",
  "status": "PENDING|APPROVED|REJECTED|REVOKED",
  "kyc_tier": "0|1|2|3",
  "message": "string (optional explanation)",
  "approved_at": "ISO-8601 (nullable)",
  "rejected_at": "ISO-8601 (nullable)",
  "expiry_date": "ISO-8601 (nullable, for approved KYC)",
  "updated_at": "2026-04-07T10:32:00.000Z"
}

POST /quotes/fx

Request FX quote via SEP-38.

Request:

{
  "idempotency_key": "uuid-v4-string",
  "source_asset": "iso4217:PHP|stellar:PHP:...",
  "destination_asset": "iso4217:USD|stellar:XLM|...",
  "amount": "string (decimal)",
  "type": "firm|indicative",
  "sell_amount": "boolean (true = amount is sell amount, false = buy amount)"
}

Response (200 OK):

{
  "id": "string (quote ID)",
  "price": "string (decimal, e.g., '56.2500')",
  "total_price": "string (decimal, including fees)",
  "sell_amount": "string (decimal)",
  "buy_amount": "string (decimal)",
  "fees": {
    "total": "string (decimal)",
    "source_asset": "string",
    "details": [
      {
        "name": "string",
        "description": "string",
        "amount": "string (decimal)"
      }
    ]
  },
  "expires_at": "ISO-8601 (minimum 30 seconds from creation)",
  "created_at": "ISO-8601"
}

GET /reserve/balance

Current reserve account balance and NAV.

Response (200 OK):

{
  "reserve_balance": "string (decimal, PHP)",
  "on_chain_supply": "string (decimal, PHP tokens)",
  "nav_ratio": "string (decimal, e.g., '1.0000')",
  "variance_percentage": "string (decimal, e.g., '0.001')",
  "last_updated": "ISO-8601",
  "circuit_breaker_level": "Green|Yellow|Orange|Red",
  "liquidity_buffer_percentage": "number"
}

GET /reserve/attestation

Latest reserve attestation report reference.

Response (200 OK):

{
  "attestation_id": "string",
  "type": "internal|external|annual|spot",
  "period": "YYYY-MM",
  "conducted_by": "string (auditor name)",
  "result": "clean|qualified|adverse|disclaimer",
  "nav_verified": "string (decimal)",
  "issued_at": "ISO-8601",
  "report_url": "string (nullable, secure download link)"
}

POST /webhooks/register

Register platform webhook endpoint.

Request:

{
  "url": "https://platform.example.com/webhooks/anchor",
  "events": [
    "payment.completed",
    "payment.failed",
    "kyc.approved",
    "kyc.rejected",
    "reserve.updated",
    "liquidity.alert",
    "compliance.flag",
    "circuit_breaker.triggered",
    "anchor.failover"
  ],
  "secret": "string (HMAC-SHA256 signing key)",
  "format": "json",
  "api_version": "v1"
}

Response (201 Created):

{
  "webhook_id": "uuid-v4-string",
  "url": "string",
  "events": ["string"],
  "status": "active|disabled",
  "created_at": "ISO-8601",
  "last_delivery_at": "ISO-8601 (nullable)",
  "last_delivery_status": "success|failed (nullable)"
}

13.3 Idempotency Requirements

Requirement Specification
Header X-Idempotency-Key: <uuid-v4>
Scope All POST endpoints
Validity period 24 hours from first submission
Duplicate handling Returns original response with HTTP 200/201; no side effects
Key generation Platform generates and stores idempotency keys before making requests
Key format RFC 4122 UUID v4 (lowercase, hyphenated)
Conflict detection Server-side deduplication; matching key + different body returns ERR_DUPLICATE
Storage Anchor stores idempotency keys for minimum 24 hours; platform stores indefinitely

13.4 Webhook Delivery Guarantees

Parameter Specification
Delivery attempt Immediate upon event occurrence (within 30 seconds)
Retry policy Exponential backoff: 1s, 5s, 30s, 2m, 10m, 30m, 2h, 6h, 24h (10 attempts total)
Timeout per attempt 10 seconds
Success criteria HTTP 2xx response
Dead letter queue After all 10 attempts exhausted; manual review required
Signature HMAC-SHA256 in X-Webhook-Signature header
Signature payload HMAC-SHA256(secret, request_body)
Content type application/json
Maximum payload size 1 MB
Idempotency Each webhook delivery includes X-Event-ID header for deduplication

13.5 Supported Webhook Events

Event Type Description Data Payload Retry Priority
payment.completed Payment settled on Stellar payment_id, amount, asset_code, tx_hash, destination_account, completed_at High
payment.failed Payment failed payment_id, error_code, error_message, failed_at High
kyc.approved KYC verification approved kyc_id, tier, expiry, approved_at High
kyc.rejected KYC verification denied kyc_id, reason, rejected_at High
reserve.updated Reserve balance changed balance, on_chain_supply, nav, variance, timestamp Medium
liquidity.alert Liquidity buffer below threshold current_buffer, required_buffer, percentage, timestamp Critical
compliance.flag AML/CFT flag raised account_id, flag_type, reference, timestamp Critical
circuit_breaker.triggered Circuit breaker level changed level, previous_level, trigger_reason, timestamp Critical
anchor.failover Failover activated from_anchor, to_anchor, reason, timestamp Critical

13.6 Error Code Reference

Code HTTP Status Description Recommended Action
ERR_VALIDATION 400 Invalid request parameters (missing required fields, malformed values) Fix request parameters and retry
ERR_DUPLICATE 409 Idempotency key conflict; request already processed Use original response from first request
ERR_RATE_LIMIT 429 Rate limit exceeded (1,000 req/min) Retry after rate limit window; implement backoff
ERR_UNAUTHORIZED 401 Invalid or expired SEP-10 auth token Refresh SEP-10 token and retry
ERR_FORBIDDEN 403 Insufficient permissions or access denied Contact anchor admin to verify API key permissions
ERR_NOT_FOUND 404 Requested resource not found Verify resource ID and retry
ERR_INSUFFICIENT_LIQUIDITY 503 Anchor liquidity below minimum threshold Retry after delay; consider failover if persistent
ERR_COMPLIANCE_BLOCK 403 AML/CFT or sanctions screening blocking transaction Compliance review required; do not retry
ERR_STELLAR_NETWORK 502 Stellar network error (horizon unavailable, transaction submission failed) Retry with exponential backoff
ERR_INTERNAL 500 Internal anchor server error Retry once; if persistent, contact anchor support
ERR_RESERVE_SHORTFALL 503 Reserve account below on-chain token supply Immediate escalation to treasury team and regulator
ERR_CIRCUIT_BREAKER 503 Circuit breaker level triggered (Yellow/Orange/Red) Wait for circuit breaker recovery; do not retry

13.7 Health Check Endpoint

GET /health

Response (200 OK):

{
  "status": "healthy|degraded|unhealthy",
  "timestamp": "2026-04-07T10:30:00.000Z",
  "version": "1.2.3",
  "uptime_seconds": 86400,
  "checks": {
    "database": "healthy|degraded|unhealthy",
    "stellar_horizon": "healthy|degraded|unhealthy",
    "sep_10": "healthy|degraded|unhealthy",
    "sep_12": "healthy|degraded|unhealthy",
    "sep_24": "healthy|degraded|unhealthy",
    "sep_31": "healthy|degraded|unhealthy",
    "sep_38": "healthy|degraded|unhealthy"
  }
}
Parameter Specification
Health check interval Every 30 seconds
Unhealthy threshold 3 consecutive failures triggers failover consideration per Section 6.5
Deggraded status One or more sub-system checks reporting degraded; overall service still available
Unhealthy status Core systems (database, Stellar Horizon, SEP-10) failing; service unavailable

14. Term & Termination

14.1 Term

  • Initial Term: Two (2) years from the Effective Date.
  • Renewal: Automatic one (1) year renewals unless either party provides ninety (90) days written notice prior to the end of the then-current term.
  • Early Renewal Discussion: Both parties shall commence renewal discussions at least 180 days prior to term expiration.

14.2 Termination Rights

Termination Type Notice Period Triggering Condition Compensation
Convenience 90 days written notice Either party, no cause required Pro-rated fees through termination date
Material breach 30 days written notice Material breach event per Section 9.3 Outstanding penalties + pro-rated fees
Regulatory action Immediate (no notice) BSP order, license revocation, regulatory prohibition Pro-rated fees through termination date
Insolvency Immediate (no notice) Bankruptcy filing, receivership, insolvency proceedings As directed by court/trustee
Repeated SLA failure 30 days written notice 3+ consecutive months of SLA credits Outstanding penalties + pro-rated fees
Mutual agreement As agreed Written mutual consent of both parties As agreed in writing

14.3 Transition Period Obligations

Obligation Timeline Responsible Party
Fund transfer to replacement anchor Within 10 business days Terminating anchor
Full Obligation Ledger reconciliation Within 15 business days Both parties
Data export in agreed format Within 10 business days Terminating anchor
Customer notification Within 5 business days of termination notice Platform
Regulatory notification Within 5 business days of termination notice Terminating anchor
SEP-10 key revocation Upon fund transfer completion Terminating anchor
Webhook deregistration Upon termination effective date Both parties
Audit cooperation 12 months post-termination Terminating anchor

14.4 Surviving Obligations

The following obligations survive termination:

  • Confidentiality obligations (Section 15)
  • Audit cooperation (12 months post-termination)
  • Dispute resolution for pre-termination events
  • Data retention per regulatory requirements (minimum 5 years per AMLC)
  • Penalty payment for pre-termination breaches

15. Confidentiality & Data Protection

15.1 Data Privacy Compliance

  • Both parties shall comply with Republic Act No. 10173 (Data Privacy Act of 2012) and its Implementing Rules and Regulations.
  • Personal information collected under this agreement shall be processed only for the purposes explicitly defined in this SLA and the Data Processing Agreement ("DPA") between the parties.
  • Data subjects' rights (access, correction, deletion, portability) shall be honored within the timelines prescribed by the National Privacy Commission.

15.2 Data Classification & Handling

Classification Description Handling Requirements
Public Publicly available information (stellar.toml, public keys) No special handling
Internal Operational data not intended for public disclosure Access limited to authorized personnel
Confidential Customer data, transaction records, KYC information Encryption required, access logged, need-to-know
Restricted Reserve account details, security credentials, audit findings Dual-control access, encrypted at rest and in transit, audit trail mandatory

15.3 Security Controls

Control Requirement
Encryption at rest AES-256 or equivalent for all confidential and restricted data
Encryption in transit TLS 1.3 or higher for all data transmission
Access control Role-based access control (RBAC) with principle of least privilege
Authentication Multi-factor authentication for all systems accessing confidential data
Audit logging All access to confidential/restricted data logged with user ID, timestamp, action
Key management HSM or equivalent for cryptographic key storage; quarterly key rotation
Vulnerability management Monthly vulnerability scanning; critical patches applied within 48 hours
Penetration testing Annual third-party penetration testing; findings shared with platform

15.4 Data Breach Notification

  • Detection: Both parties must maintain monitoring systems capable of detecting unauthorized access, disclosure, or loss of personal data.
  • Notification Timeline: Within 72 hours of discovery, as required by NPC Advisory 2024-01 and DPA RA 10173 Section 20.
  • Notification Content: Nature of breach, categories and approximate number of affected data subjects, likely consequences, measures taken or proposed to address the breach.
  • Regulatory Notification: National Privacy Commission must be notified within 72 hours when breach creates a real risk of serious harm to data subjects.
  • Joint Response: Both parties shall coordinate on public communication and affected data subject notification.
  • Remediation: Responsible party bears cost of breach remediation including credit monitoring, legal fees, and regulatory fines attributable to their systems or personnel.

15.5 Sub-Processor Approval

  • Anchor shall not engage sub-processors for handling platform customer data without prior written consent from the platform.
  • Approved sub-processors must comply with equivalent data protection standards as specified in this SLA.
  • Anchor remains liable for sub-processor compliance with this SLA.
  • Sub-processor list must be updated and shared with platform within 5 business days of any change.

15.6 Data Retention & Deletion

Data Category Retention Period Deletion Method
KYC records Minimum 5 years post-transaction (AMLC) Secure deletion (NIST SP 800-88)
Transaction records Minimum 5 years post-transaction (AMLC) Secure deletion
Audit logs Minimum 3 years Secure deletion
Reserve records Minimum 5 years Secure deletion
Webhook delivery logs Minimum 1 year Standard deletion
API request logs Minimum 90 days Standard deletion
Personal data (post-retention) Delete upon retention expiry Secure deletion with certificate

16. Signatures

16.1 Program Administrator (Platform)

Field Value
Company Name [Platform Legal Entity Name]
Address [Platform Registered Address]
Authorized Signatory [Name, Title]
Signature ________________________________
Date [Date of Execution]
Witness 1 [Name, Signature, Date]
Witness 2 [Name, Signature, Date]

16.2 Anchor Partner

Field Value
Company Name [Anchor Legal Entity Name]
BSP License Number [EMI/Bank Trust License Number]
Address [Anchor Registered Address]
Authorized Signatory [Name, Title]
Signature ________________________________
Date [Date of Execution]
Witness 1 [Name, Signature, Date]
Witness 2 [Name, Signature, Date]

16.3 Notarization

REPUBLIC OF THE PHILIPPINES )
CITY OF [CITY]              ) S.S.

BEFORE ME, a Notary Public for and in the City of [City], this [Day] day of [Month], [Year],
personally appeared the following individuals:

  Name                | ID Type & Number          | Date/Place Issued
  --------------------|---------------------------|-------------------
  [Platform Signatory]| [Valid Government ID]     | [Date/Place]
  [Anchor Signatory]  | [Valid Government ID]     | [Date/Place]

Known to me and to me known to be the same persons who executed the foregoing Anchor Partnership
Service Level Agreement, and they acknowledged to me that the same is their free and voluntary act
and deed.

This Agreement consists of [Number] pages, including the page on which this acknowledgment is written,
and has been signed by the parties and their instrumental witnesses on each and every page thereof.

WITNESS MY HAND AND SEAL on the date and place first above written.

NOTARY PUBLIC

Doc. No. ______;
Page No. ______;
Book No. ______;
Series of [Year].

16.4 Annexes

The following annexes form an integral part of this SLA:

Annex Title Reference Document
A Data Processing Agreement Separate DPA executed by both parties
B Fee Schedule Commercial terms, pricing, and billing schedule
C Cross-Border Corridor SLAs Per-corridor settlement terms and FX spreads
D Disaster Recovery Runbook Failover procedures, contact lists, recovery steps
E API Integration Checklist Pre-launch testing requirements and sign-off
F Government Program Parameters Per-program eligibility, limits, and category rules
G Agent Tier Definitions Tier criteria, limits, and requirements
H Compliance Checklist BSP, AMLC, and DPA compliance requirements

Document Control

Version Date Author Changes
1.0 [Date] [Author] Initial version

Approval Record

Role Name Signature Date
Platform Legal Counsel
Anchor Legal Counsel
Platform CTO
Anchor CTO
Platform Treasury Head
Anchor Treasury Head

📝 License

Proprietary - Bull Run Consulting / Starting Block Ventures

👥 Team

  • Bull Run Consulting - Web3 venture builder
  • Starting Block Ventures - Venture studio

🆘 Support

For issues or questions, contact the development team.