30/06/2026 15:26
Introduction and scope
1.1 Young Platform S.p.A. (hereinafter also referred to as “Young Platform” or the “Company”) is authorised, pursuant to Regulation (EU) 2023/1114 (hereinafter also “MiCAR”), to provide the crypto-asset services referred to in Articles 75 (custody and administration of crypto-assets on behalf of clients), 77 (exchange of crypto-assets for funds and for other crypto-assets), 78 (execution of orders for crypto-assets on behalf of clients), 79 (placing of crypto-assets), 80 (transfer services for crypto-assets on behalf of clients) and 81 (providing advice on crypto-assets and portfolio management of crypto-assets) of the same Regulation. This Policy is adopted by the Company, as a crypto-asset service provider authorised under Regulation (EU) 2023/1114 (hereinafter, “MiCAR“), and is intended to describe the internal measures aimed at preventing and detecting conduct that may qualify as market abuse, in accordance with Article 92 of MiCAR. The Company, as a crypto-asset service provider, is subject to the market abuse regime set out in Regulation (EU) 2023/1114 and is therefore required to put in place appropriate safeguards to prevent, detect and report without delay any abusive conduct.
1.2 Article 92 of the Regulation requires offerors of crypto-assets, issuers, persons seeking admission to trading and crypto-asset service providers to adopt policies and procedures to prevent and detect market abuse practices in relation to crypto-assets admitted to trading or for which a request for admission to trading has been made.
1.3 This Policy applies to all activities, operations, services, information flows and technical-operational flows relating to crypto-assets that fall within the Company’s operations or that are otherwise relevant for the prevention, detection and reporting of potential market abuse conduct pursuant to Regulation (EU) 2023/1114. It applies, in particular, to: (i) members of the administrative, management and supervisory bodies; (ii) personnel responsible for operational, technical, support or control activities; (iii) clients, counterparties and other parties interacting with the Company’s systems, infrastructure and services in relation to crypto-assets; (iv) exchange and placing activities, proprietary trading, as well as technical settlement flows (including on-chain) and any ancillary, instrumental or related activity involving crypto-assets that may be relevant for monitoring potential market abuse. This Policy complements the further measures adopted by the Company in the areas of anti-money laundering, customer due diligence, ICT risk management, operational risk, business continuity, conflicts of interest and record-keeping, where relevant for the prevention and detection of market abuse.
1.4 This Policy also applies to crypto-asset trading carried out by the Company on its own account, as well as to all transactions carried out by employees, collaborators, members of corporate bodies or any other person who, by reason of their office, function or assignment, has access to confidential or inside information regarding crypto-assets, issuers, offerings or transactions relevant for the market abuse regime.
1.5 For the purposes of this Policy, “crypto-assets other than asset-referenced tokens and e-money tokens” means crypto-assets falling within the scope of Regulation (EU) 2023/1114 that constitute neither asset-referenced tokens within the meaning of Article 3(1)(6) nor e-money tokens within the meaning of Article 3(1)(7) of the same Regulation. Such crypto-assets include, where relevant, utility tokens and other crypto-assets other than ART and EMT admitted to the services provided by the Company in accordance with the applicable internal procedures.
1.6 In particular, the crypto-assets in relation to which the Company provides its regulated services under MiCAR include:
- crypto-assets other than asset-referenced tokens (ART), including utility tokens within the meaning of Article 3(1)(9) of Regulation (EU) 2023/1114 — including the YNG token issued by the Company — admitted to the provision of services in accordance with the internal procedures for admission, assessment and review;
- e-money tokens (EMT), solely with respect to the services actually provided by the Company in relation to such instruments, including exchange and execution services;
- crypto-assets traded: (i) on a bilateral exchange basis pursuant to Article 77 of MiCAR, with the Company acting as counterparty and price determined according to an objective and pre-defined methodology; and/or (ii) on external execution venues in the context of the service of execution of orders for crypto-assets on behalf of clients pursuant to Article 78 of MiCAR, in accordance with the applicable execution policy.
1.7 The list of admitted crypto-assets is subject to review and update in accordance with the internal procedures for the admission, suspension and removal of crypto-assets; each change is communicated to clients and made available on the Platform.
1.8 The following are expressly excluded from the scope of this Policy: (i) crypto-assets not previously admitted by the Company for the purposes of providing regulated services; (ii) asset-referenced tokens (ART), in relation to which the Company does not provide and does not intend to provide any service; (iii) tokenised financial instruments or other digital assets falling within the scope of the legislation governing traditional financial markets.
1.9 This Policy therefore applies to:
- members of the administrative, management and supervisory bodies;
- personnel responsible for operational and control activities;
- clients and counterparties interacting with the Company’s systems and infrastructure in the context of the services provided.
The Policy complements the further measures adopted by the Company in the areas of anti-money laundering, customer due diligence, ICT risk management, operational risk and business continuity, where relevant for the prevention of market abuse.
1.10 This Policy also applies to crypto-asset trading carried out by the Company on its own account (so-called proprietary trading), where applicable, as well as to all transactions carried out by employees, collaborators, members of corporate bodies or any person with access to confidential information, in relation to crypto-assets traded through the Company’s services. Where carried out, the Company’s proprietary trading activities are limited to the management of its inventory and operational liquidity, and do not entail market-making activities, autonomous price formation or the operation of trading venues.
Definitions and regulatory references
2.1 For the purposes of this Policy, the definitions, principles and interpretative criteria contained in Regulation (EU) 2023/1114 (MiCAR) shall apply, together with those set out in Commission Delegated Regulation (EU) 2025/885, which supplements and specifies, pursuant to Article 92 of MiCAR, the organisational, procedural and monitoring safeguards required of crypto-asset service providers for the prevention and detection of market abuse. This Policy is adopted in accordance with Article 92 of Regulation (EU) 2023/1114 (MiCAR) and Commission Delegated Regulation (EU) 2025/885, which specifies the organisational, procedural and monitoring safeguards, and takes into account the applicable national sanctions framework. References to the relevant legislation contained in this Policy shall be understood as referring to these provisions, without the need for further repetition.
2.2 In particular, the following definitions shall apply:
- Market abuse: any conduct that may qualify as market manipulation or insider dealing, including on a potential basis, in relation to crypto-assets admitted to trading or for which a request for admission to trading has been made, pursuant to Article 92 of MiCAR.
- Market manipulation: any conduct or attempt aimed at giving, or that is likely to give, false or misleading signals as to the supply of, demand for, or price of a crypto-asset, or that secures, by means of fictitious transactions or any other form of artifice, the price of one or more crypto-assets.
- Inside information: information of a precise nature, which has not been made public, relating to one or more crypto-assets or their issuer, and which, if made public, would be likely to have a significant effect on the prices of those crypto-assets.
- Crypto-asset service providers: persons authorised under MiCAR to provide one or more of the services set out in the Regulation.
2.3 Without prejudice to the national framework implementing Regulation (EU) 2023/1114 (MiCAR), introduced by Legislative Decree No. 129 of 5 September 2024, this Policy also takes into account the sanctioning provisions set out therein regarding market abuse in the crypto-asset sector. In particular, Articles 32 and 33 of the aforementioned Legislative Decree govern the regime of administrative monetary penalties and further measures applicable in the event of breach of the obligations to prevent and detect market abuse imposed on offerors, issuers and crypto-asset service providers. In this context, this Policy is adopted in implementation of Article 92 of Regulation (EU) 2023/1114 and Commission Delegated Regulation (EU) 2025/885, and takes into account the applicable national sanctions framework for the purposes of correctly identifying the responsibilities and consequences arising from any breaches.
General principles of prevention
3.1 The Company adopts a set of organisational, procedural and technological measures aimed at preventing, detecting, analysing and reporting potential market abuse conduct in relation to crypto-assets and the services relevant to its operations, in accordance with Article 92 and the other relevant provisions of Regulation (EU) 2023/1114, as well as Commission Delegated Regulation (EU) 2025/885, in a manner proportionate to the nature, scale and complexity of the Company’s activities.
3.2 In view of its operating model, the Company does not operate a multilateral trading platform, does not engage in autonomous price formation activities and does not provide services beyond those expressly included in its operational perimeter. All activities, services, information flows and technical-operational flows relating to crypto-assets that are relevant for the prevention and detection of potential abusive conduct remain, however, subject to the safeguards set out in this Policy.
3.3 Nevertheless, in order to prevent any potential involvement of its clients in market abuse, the Company undertakes to apply the following general principles:
- Operational integrity: placing and exchange activities for crypto-assets against funds or other crypto-assets are managed so as to ensure the traceability of transactions and the identifiability of the parties involved, and to ensure the retention of relevant information and records for a period of no less than five years, in accordance with Commission Delegated Regulation (EU) 2025/885. For the purposes of this Policy, references to the crypto-asset exchange service cover both the exchange of crypto-assets for funds and the exchange of crypto-assets for other crypto-assets;
- Functional separation and confidentiality: internal information flows are structured so as to prevent unauthorised access to sensitive or potentially privileged data. For the purposes of this Policy, “sensitive or potentially privileged data” means, by way of example and not exhaustively: (a) non-public information relating to the criteria for the selection, suspension or removal of crypto-assets admitted to the Company’s services; (b) internal pricing parameters, operational thresholds, risk limits and algorithmic configurations used in exchange services provided on a principal basis; (c) information relating to operational decisions not yet made public, such as temporary suspensions of services, operational restrictions or the activation of extraordinary safeguards; (d) aggregate or non-public data on client transactions or on proprietary trading activity carried out for purely instrumental purposes; (e) information received from issuers or counterparties in the context of the placing service prior to its official publication. Access to such information is restricted to personnel who require it in connection with their role (the “need-to-know” principle) and is safeguarded through organisational and technical measures, including: segregation of roles and functions, Identity and Access Management systems with granular authorisation profiles, monitoring of access and consultation events, immutable logging and periodic access reviews. In any event, employees, collaborators and authorised third parties are prohibited from using such information for purposes other than those strictly connected to the provision of services, or from disclosing it to unauthorised persons;
- Ex ante assessment of new services: any modification or extension of the services offered is subject to a prior risk assessment of potential impacts on the market abuse regime, in coordination with the Compliance Function;
- Controls on clients and transactions: measures are in place to detect anomalous or recurring operating patterns that may relate to potentially manipulative practices, in particular in the case of transactions executed through the Company’s exchange services, conduct inconsistent with the client’s operational profile, time- or volume-based concentrations on specific crypto-assets, or recurring interactions with the same technical counterparties. As part of its surveillance and control activities, the Company carries out continuous integrated surveillance covering both off-chain and on-chain dimensions. In particular, off-chain monitoring covers operational flows, requests for quote, acceptance of Price Quotes, application logs and transaction data recorded in the Platform’s internal systems; on-chain monitoring covers the publicly verifiable evidence of technical settlement transactions, including transaction validation, the characteristics of the reference blockchain, the consensus mechanism adopted, and the risk indicators that can be derived from the analysis of on-chain addresses and flows. The analysis of on-chain transactions linked to off-chain activity is performed by means of blockchain analytics tools and consultation of distributed ledgers (block explorers and flow analysis tools), used exclusively for the prevention of market abuse and consistently with the Company’s operating model, which does not operate trading venues or multilateral platforms;
- Controls on proprietary exchange activities: crypto-asset exchange activities carried out by the Company on its own account are performed exclusively on an ancillary and instrumental basis, for the purposes of managing the inventory and operational liquidity required for the provision of exchange services on a principal basis, and do not constitute autonomous speculative trading or market-making activities. Such activities are subject to specific control safeguards, including: (a) pre-defined quantitative limits on proprietary holdings and exposures, on a per-asset and aggregate basis; (b) continuous monitoring of transactions carried out for the Company’s own account, with tracking via immutable audit logs and periodic reconciliation; (c) functional separation between inventory management processes and the processes for determining the quotes offered to clients, which are generated according to pre-defined and non-discretionary algorithmic models; (d) ex post checks aimed at identifying any operational anomalies or deviations from the purposes of balancing and hedging; (e) prohibition on the use of non-public or internal information, including potentially inside information, for purposes other than the prudential management of positions. Proprietary exchange activities do not affect the economic conditions applied to clients, do not give rise to execution priority in favour of the Company and are carried out so as to avoid any conflict of interest or risk of market manipulation, in accordance with the principles set out in Article 92 of Regulation (EU) 2023/1114 and in Commission Delegated Regulation (EU) 2025/885;
- Cooperation with competent authorities: the Company ensures full cooperation with the national and European authorities competent for market supervision, providing in a timely manner any information relevant for the assessment of abusive conduct.
This document also takes into account the provisions contained in Article 92 of Regulation (EU) 2023/1114 (MiCAR) and in Commission Delegated Regulation (EU) 2025/885, which supplements the MiCAR framework by setting out specific safeguards in the area of transaction monitoring, the detection of abusive conduct and the organisational requirements applicable to crypto-asset service providers.
The Company adopts the measures described above in accordance with Article 92 of Regulation (EU) 2023/1114 (MiCAR), which governs the prevention and detection of market abuse in the crypto-asset sector, as well as Commission Delegated Regulation (EU) 2025/885, which specifies the organisational, procedural and monitoring safeguards applicable to crypto-asset service providers for the implementation of that Article.
Mapping of the main market manipulation schemes
For the purposes of its monitoring and detection activities, the Company has mapped the main types of market manipulation relevant in the context of crypto-assets, in line with the indications set out in Regulation (EU) 2023/1114 and Commission Delegated Regulation (EU) 2025/885. In particular, the monitoring system is calibrated to detect, by way of example and not exhaustively, the following conduct:
- Spoofing: the placing of orders or requests for quote without genuine intention to conclude the transaction, in order to create a false impression of demand or supply for a given crypto-asset. In the bilateral operating model adopted by the Company, this conduct may manifest itself through the repeated submission of requests for quote of significant size followed by systematic non-acceptance;
- Wash trading: the execution of purchase and sale transactions on the same crypto-asset, coordinated between connected persons or persons attributable to the same economic centre of interest, without any actual transfer of ownership or economic risk, in order to generate an artificial appearance of volume or market activity;
- Pump and dump: the artificial inflation of the price of a crypto-asset through coordinated purchases or the dissemination of misleading information, followed by the mass sale of the accumulated position at the inflated price;
- Layering: the placing of multiple orders or requests for quote at different price levels, creating a false impression of market depth, with subsequent cancellation or non-acceptance prior to execution;
- Insider dealing: the direct or indirect use of precise non-public information concerning one or more crypto-assets or their issuer, which, if made public, would be likely to have a significant effect on prices, to carry out transactions on one’s own account or on behalf of third parties, or to recommend or induce others to carry out transactions;
- Marking the close (or marking the price): trading activity concentrated around specific valuation moments, fixings, portfolio snapshots, the closing of calculation periods or other relevant pricing events, capable of artificially affecting reference values;
- Cross-venue manipulation: conduct carried out through interactions between the Platform, external execution venues, liquidity providers, market makers or decentralised protocols, capable of generating misleading signals on one or more reference markets used by the Pricing Engine or the Smart Order Router;
- On-chain manipulations: circular movements of crypto-assets, the coordinated use of wallets attributable to the same economic centre of interest, transactions lacking apparent economic rationale, and anomalies in on-chain flows that may generate misleading signals;
- Abusive conduct related to the placing of crypto-assets under Article 79 of MiCAR: unjustified preferential allocations, pre-arranged operations during the pre-listing phase, the use of inside information relating to the offering, including where carried out through connected persons or third parties;
- DLT-related manipulations: conduct that exploits the characteristics of distributed ledger technology infrastructure, including anomalies in the consensus mechanism, forks or reorganisations of the blockchain used, or the use of obfuscation tools (mixers, tumblers) to conceal the origin, destination or purpose of transactions;
- Anomalous activity around relevant events: orders, requests for quote or transfers coinciding with listings, delistings, suspensions, technical updates, hard forks, extraordinary maintenance, or the launch of placing or marketing campaigns relating to crypto-assets traded or offered by the Company.
The monitoring of these schemes takes into account the specific features of the Company’s operating model, which does not operate a multilateral trading system, and is therefore aimed at detecting potentially manipulative conduct that may affect the integrity of the price determination process, the instrumental use of the Platform to influence external reference prices, or the coordinated use of multiple accounts attributable to the same economic centre of interest.
Measures for the detection and reporting of suspicious transactions
4.1 In order to ensure the effective detection of potential conduct that may qualify as market abuse, the Company adopts a continuous monitoring system covering the relevant operational, transactional, informational and technical-IT flows, based on automated controls, anomaly alerts and internal escalation safeguards. The system is designed to enable the most timely possible identification of orders, transactions, conduct or other aspects of the functioning of the DLT that may give rise to a reasonable suspicion of market abuse.
4.2 Alerts generated by the monitoring systems, as well as anomalies detected through manual controls or internal reports, are taken in charge without delay by the Legal Function or by the relevant control function, which carries out the corresponding analysis with the utmost achievable promptness, taking into account the nature of the signal, the type of crypto-asset involved, the risk of recurrence and the potential impact on the market or on clients.
4.3 If, upon completion of the analysis, a reasonable suspicion of market abuse arises, the Company shall without delay prepare and submit the relevant Suspicious Transaction and Order Report on market abuse (STOR) to the competent Authority, by electronic means and through the applicable channels and templates. The subsequent acquisition of additional information does not justify any delay in submitting the report if reasonable suspicion has already been formed.
4.4 The information generated by the monitoring activity is subject to a first analysis by the Legal Function without delay and, in any event, according to priorities consistent with the level of risk expressed by the alert, the nature of the crypto-asset, the client’s profile and the prevailing market context.
Monitoring of operational activities:
4.5 The Company has put in place a structured system for the documentary monitoring and cross-analysis of exchange transactions and the associated technical settlement flows, consistent with its operating model and with the perimeter of the services actually provided. The documentary monitoring covers, in particular, the evidence generated by the Platform’s internal systems, including: information collected during onboarding and customer due diligence; application logs relating to requests for quote, the acceptance or refusal of Price Quotes and the settlement phases of transactions; the records of completed or non-finalised exchange transactions; and the evidence relating to fiat currency payment flows and reconciliation activities. The cross-analyses make it possible to correlate such off-chain information with the publicly verifiable on-chain evidence of the technical settlement of crypto-asset transactions, in order to assess the overall consistency of operations and identify any anomalies, inconsistencies or atypical operating patterns. The monitoring activities are organised on multiple levels and include automated and continuous controls on the operational and transactional flows carried out through the Platform’s systems, as well as structured analyses conducted by the competent functions. Such analyses are carried out by the Legal Function, with the support of the Risk Management and Tech & Product Functions, on the basis of the evidence collected and the alerts generated by the control systems. The outcomes of the monitoring activities are formalised in control reports, retained on a durable medium and used for the purposes of any activation of internal escalation procedures or reporting to the competent Authorities. These activities make it possible to:
- detect transactions characterised by frequency, volume, direction or repetitiveness that are anomalous compared with the client’s profile or historical market behaviour;
- identify recurring patterns of activity with specific counterparties, including through opaque structures (e.g. unidentified wallets or parties resident in high-risk jurisdictions);
- identify operational concentrations or suspicious spikes coinciding with information events, market news or anomalous price fluctuations.
The cross-analysis integrates: (a) KYC/KYB data and client profile; (b) operational and transactional logs (off-chain) relating to exchanges and movements; (c) on-chain evidence (addresses, clusters, counterparties, risk indicators) through blockchain analytics tools; (d) relevant information events (news, issuer disclosures) where available. The outcomes are formalised in control reports including risk classification and tracking of actions (archiving, request for information, escalation, proposal of a STOR).
4.6 The control system currently in place is structured as follows:
- anomaly detection criteria: based on quantitative thresholds, behavioural indicators, pattern analysis and correlations between off-chain and on-chain data;
- detection systems: through automated controls on operational and transactional flows and data analysis tools, as well as structured manual reviews;
- internal escalation: structured on multiple levels, with immediate handling by the Legal Function and involvement of the Risk and Tech & Product Functions where necessary;
- roles and responsibilities: clearly defined among the Operations, Legal, Risk Management and Tech & Product Functions, with segregation of duties and traceability of decisions;
- recording and outcomes: all analysis activities, decisions to archive or escalate and any reports submitted are documented and retained on a durable medium, with evidence of the underlying reasons and timelines.
The Company maintains adequate supporting documentation regarding the controls performed, the alerts generated, the analyses conducted and their outcomes, making it available to the competent Authorities upon request.
4.7 Within the monitoring system adopted by the Company, the analysis of transactions and flows relevant for the prevention and detection of potential market abuse is aimed at identifying operational and behavioural patterns that, by their nature, frequency or manner of execution, may appear anomalous or inconsistent with the normal functioning of markets or with the client’s profile.
In particular, the monitoring system takes into account, by way of example and not exhaustively, the following types of pattern:
- anomalous quantitative patterns, such as transactions of an amount significantly higher or lower than the client’s history or the market average for the specific crypto-asset;
- anomalous time-based patterns, including the concentration of requests for quote or exchange transactions in narrow time windows, particularly close to relevant information events or during phases of high volatility;
- patterns of repetitiveness or systematic conduct, characterised by sequences of transactions similar in amount, asset and timing, potentially capable of influencing the price or generating misleading signals on the market;
- patterns of interaction between multiple parties, such as coordinated or recurring activity on the same crypto-asset attributable to multiple clients or to related technical counterparties;
- patterns of economic inconsistency, in which transactions are not consistent with the client’s declared profile, with the purpose of the relationship or with the economic rationale of the transaction;
- relevant on-chain patterns, such as the recurring use of the same addresses or address clusters, circular flows, rapid movements of assets between correlated addresses, or anomalies attributable to the characteristics of the consensus mechanism or to congestion of the network used.
The timing for the detection of such patterns is structured on a multi-level basis. The Platform’s systems carry out automated and continuous controls on off-chain operational and transactional flows, generating alerts where deviations from pre-defined thresholds and criteria occur. The on-chain evidence relating to technical settlement transactions is analysed by means of blockchain analytics tools and consultation of distributed ledgers, so as to enable timely alignment between off-chain activity and on-chain findings.
Following the generation of alerts or the detection of elements of anomaly, the information is subject to qualitative and contextual analysis by the Legal Function, with the support of the Risk Management and Tech & Product Functions for matters within their technical competence. Such analysis is carried out without delay and, in any event, within timeframes compatible with the nature and complexity of the case, in order to assess the relevance of the patterns identified and any need to activate the internal escalation procedures or to report the matter to the competent Authority.
For the technical description of the logging infrastructure, the data collection-normalisation-analysis layers and the automated alert generation mechanisms, reference is made to Chapter 12 of Annex 20 ‘Platform Description’. The quantitative thresholds and technical parameters for alert generation are formalised and reviewed at least annually by the Legal Function, with input from the Risk Management Function and the Tech & Product Function.
4.8 With reference to the documentary monitoring system, the Company has implemented a centralised platform for the archiving, management and consultation of documentation relevant to operations and compliance purposes, including onboarding documents, KYC/KYB files, contractual documentation, transaction records and internal control evidence.
4.9 This system ensures full traceability of activities, the retention of documents in a secure and tamper-proof format, and access controlled and limited to authorised personnel, in accordance with the principles of segregation of duties and least privilege.
4.10 Cross-analyses of exchange transactions are carried out by means of data analytics tools that make it possible to correlate documentary information with transactional data, both off-chain and on-chain.
4.11 In particular, data relating to clients, the wallet addresses used, amounts, timings and counterparties involved are compared, in order to verify the consistency between the information declared during onboarding and actual operational behaviour. Such controls make it possible to identify any anomalies, discrepancies or suspicious patterns, supporting the prevention of fraud, market abuse and breaches of internal policies.
4.12 Monitoring activities are carried out on a continuous basis through automated systems and structured manual safeguards, designed to enable the timely identification of anomalies and their handling without delay. Periodic reviews serve solely the purpose of reviewing the system, calibrating control parameters and assessing the overall effectiveness of the framework, and do not in any way replace continuous monitoring or the mechanisms for immediate escalation.
Behavioural and contextual analysis
4.13 The information generated by the monitoring activity is subject to a first analysis by the Legal Function, which assesses:
- the economic and financial consistency of transactions in relation to the client’s profile and historical behaviour;
- the possible correlation between transactions carried out by multiple clients on the same crypto-asset or within narrow time windows;
- the nature of the crypto-asset involved, with particular attention to illiquid tokens, tokens with low market capitalisation or tokens subject to significant price fluctuations.
Internal reporting and escalation
4.14 Where well-founded grounds for suspicion arise, the Legal Function prepares the internal supporting documentation underpinning the Suspicious Transaction and Order Report on market abuse (STOR). The STOR is drafted using the harmonised template set out in the Annex to Commission Delegated Regulation (EU) 2025/885, ensuring the completeness of the information required and consistency with the evidence collected as part of the monitoring activities. The supporting documentation and the draft report are then submitted to the Officer Responsible for Suspicious Transaction Reports, for a final assessment regarding their submission to the competent Authority.
Communication with the competent authorities
4.15 Once the conditions for reporting have been confirmed, the Suspicious Transaction and Order Report on market abuse (STOR) is transmitted without delay, by electronic means, to the competent Authority through the channels and operational procedures indicated by CONSOB. The submission is carried out in accordance with the timeframes set out in the applicable legislation and ensures the confidentiality of the reporting person and of the information contained in the report, as well as the retention on a durable medium of the evidence and decisions taken, in accordance with Regulation (EU) 2023/1114 and Commission Delegated Regulation (EU) 2025/885.
Abusive conduct by personnel
5.1 The Company adopts specific measures to prevent, detect and sanction the abusive or improper use of the Company’s services by its personnel, collaborators, members of corporate bodies and other parties with access to confidential information. In particular:
- absolute prohibition on carrying out transactions on crypto-assets in connection with confidential information obtained in the course of corporate duties;
- mandatory recording of personal transactions, where permitted, by employees or collaborators, in a dedicated internal register maintained by the Company;
- operational restrictions system (blackout period): personnel are prohibited from trading in crypto-assets managed by the Company during specific periods (e.g. launch of new services, significant updates, relevant market events);
- cross-monitoring between personnel transactions and those of clients or of proprietary trading, also through documentary analysis and periodic reviews;
- internal disciplinary procedure, activated in the event of breach of this Policy, providing for proportionate measures up to and including termination of the employment or collaboration relationship.
Management of inside information and disclosure obligations (Article 88 MiCAR)
6.1 As issuer of the YNG token — a crypto-asset other than ART and EMT admitted to trading on third-party venues and to the services provided by the Company — Young Platform is subject to the obligations set out in Article 88 of Regulation (EU) 2023/1114 concerning the public disclosure of inside information.
6.2 The Company adopts the following organisational and procedural measures to ensure the timely and proper fulfilment of the disclosure obligations:
- Identification of inside information: the Legal Function, in coordination with the relevant business areas (including the Operations, Finance and Tech & Product Functions), assesses on an ongoing basis whether information relating to the YNG token, its tokenomics, the activity of the issuer or relevant events (such as, by way of example, new listings on third-party platforms, structural changes to the tokenomics, significant changes to governance or to the operating model) may qualify as inside information within the meaning of Article 88(1) of MiCAR.
- Timely and non-discriminatory publication: identified inside information is disclosed to the public as soon as possible, in a manner that enables fast, complete and non-discriminatory access. Publication takes place through a dedicated institutional section of the Company’s website (at youngplatform.com/legal, in the “YNG Token” category), accessible free of charge and on a non-discriminatory basis, and not through commercial or marketing communication channels. Communications are drafted in strictly factual, neutral language, free of any promotional tone, and clearly bear the wording “Inside Information pursuant to Article 88 of MiCAR”, together with the exact date and time of publication. In order to avoid cross-border information asymmetries, communications are published simultaneously in all the languages supported by the Platform.
- Maintenance of the Insider List: the Company establishes and keeps up to date a list of persons having access to inside information (insider list), adopted on a voluntary and prudential basis and not in fulfilment of an obligation set out under MiCAR. The insider list records, for each registered person: the full name, the date and reason for inclusion, the date of any removal, and the inside information to which the person has had access. The insider list is updated without delay whenever changes occur. The register is retained for a period of no less than five years from the date of its drafting or last update, and made available to the competent Authority upon request.
- Prohibition on trading by persons with access to inside information: persons included in the insider list are prohibited from carrying out, directly or indirectly, any transaction on the crypto-assets to which the inside information relates, or from disclosing such information to third parties outside the normal performance of their duties, until publication of such information pursuant to point (ii) above. This prohibition is reinforced through the application of operational blackout periods, in accordance with the provisions of Section 5 of this Policy.
- Delayed disclosure: the Company may delay, under its own responsibility, the public disclosure of inside information, provided that the conditions set out in Article 88(2) of MiCAR are met, namely: (a) immediate disclosure may prejudice a legitimate interest of the Company; (b) the delay is not likely to mislead the public; (c) the Company is able to ensure the confidentiality of the information during the period of delay. In the event of delay, the Company informs the competent Authority without delay, together with the reasons for the delay, and internally documents the reasons and the measures adopted to ensure confidentiality. Once the conditions for the deferral cease to apply, public disclosure is carried out without delay and the notification to the competent Authority is made immediately after the public disclosure of the information, accompanied by a written description of how the conditions for the deferral were ensured, pursuant to Article 88(5) of Regulation (EU) 2023/1114.
6.3 The Company retains the documentation relating to the management of inside information, including published communications, versions of the insider list, any delay decisions and the related reasons, for a period of no less than five years, and makes such documentation available to the competent Authority upon request.
Corporate functions involved, dedicated resources and internal responsibilities
7.1 The Company has put in place a structured framework for the prevention and monitoring of market abuse, based on the cooperation of multiple corporate functions on the basis of segregation of duties and multi-layered controls.
7.2 The Legal Function represents the primary safeguard, with responsibility for defining the policy, assessing potentially unlawful conduct, coordinating analyses and overseeing compliance with MiCAR and with the market abuse regime.
7.3 The Risk Management Function supports the analysis of behavioural patterns and contributes to the definition of risk indicators, while the Tech & Product Function ensures the recording and traceability of the technical logs and alerts generated by the systems.
7.4 The Operations Function contributes to the identification of any operational irregularities or conduct inconsistent with client profiles, while Internal Audit periodically verifies the effectiveness of the system.
7.5 The Company ensures that the organisational framework dedicated to the prevention, detection, analysis and reporting of potential market abuse is equipped with adequate human, technical and organisational resources proportionate to the nature, scale and complexity of the activities carried out, as well as to operational volumes, the number of clients, the types of crypto-assets handled, the frequency of alerts and the Company’s overall risk profile.
7.6 The proportionality assessment is reviewed at least annually and, in any event, upon the occurrence of relevant events affecting the scale, nature or risk profile of the operations. Where necessary, the Company shall accordingly adjust the allocation of resources and the safeguards adopted, so as to maintain a level of control consistent with the evolution of its activity and with the indications of the competent Authorities.
7.7 The adequacy of the resources dedicated to the market abuse framework is subject to periodic review by the Company and, in any event, whenever there is an increase in business volumes, a significant change in the number or type of clients, an extension of the service perimeter, an evolution in technical-operational flows or an increase in the frequency, complexity or relevance of detected anomalies. Where necessary, the Company shall promptly strengthen the resources and control safeguards.
7.8 The Board of Directors designates an Officer Responsible for Suspicious Transaction Reports, endowed with autonomy, access to all relevant information and the authority to interact directly with the competent Authority.
7.9 Such Officer coordinates the collection of evidence, assesses the relevant cases, decides on the submission of reports and ensures the documentary retention of the decisions to submit or archive reports, as well as the internal reporting to the Board of Directors.
Communication with the competent Authority, information flow, assessment criteria and monitoring software
8.1 Communication with the competent Authority (CONSOB) takes place through the official channels provided for, within the framework of a formalised information flow based on continuous monitoring, prompt analysis of alerts and the submission without delay of STORs where a reasonable suspicion of market abuse arises.
The flow provides for:
- identification of potentially anomalous conduct by the operational functions or the monitoring systems;
- preliminary analysis by Legal, with the possible support of the Risk Function for the assessment of the context and impact;
- validation of the proposed report by the STOR Officer;
- submission of the report to the Authority;
- retention of evidence and reasons for the decision.
The monitoring and analysis arrangements are not based on merely periodic reviews. Periodic reviews, including those conducted on a semi-annual basis or at any other frequency defined by the Company, serve solely the purpose of an overall review of the system, calibration of alert parameters, retrospective analysis of risk trends and verification of the effectiveness of the safeguards adopted, and do not in any way replace continuous monitoring or the timely management of anomalies for the purposes of submitting a STOR.
8.2 The criteria for assessing reportable transactions are based on quantitative indicators (e.g. anomalous volumes and prices, repetitive orders, conduct inconsistent with the client’s history), qualitative indicators (possible use of inside information, coordinated schemes, conflicts of interest) and internal control lists (watchlists and insider lists), using a risk matrix that combines impact, likelihood and intentionality.
8.3 For the purposes of prevention and monitoring, the Company uses a software solution developed in-house, designed to integrate with the core systems (wallet, ICT logging) and to generate automated alerts, reports and evidence useful for transaction analysis.
8.4 During the phase preceding the launch of the authorised services, and pending the completion of the development of the in-house solution, the Company uses semi-automated tools and structured manual procedures that nevertheless ensure traceability, compliance and the ability to detect suspicious conduct.
8.5 The in-house platform will progressively include anomaly detection modules, behavioural analysis and automated STOR generation, ensuring an advanced technological safeguard. All processes and decisions are documented and subject to periodic reviews by Legal and, at least annually, to internal or external audit checks.
Training, awareness and updating of the policy
9.1 The Company ensures that all personnel involved, in any capacity, in the provision of the service of exchange of crypto-assets for funds, the service of exchange of crypto-assets for other crypto-assets and the service of placing of crypto-assets receive adequate training on the prevention of market abuse.
The training programmes:
- illustrate the main conduct that may qualify as market abuse under Regulation (EU) 2023/1114;
- explain how such conduct may manifest itself, including in indirect or intermediated operational contexts;
- set out individual responsibilities in the event of detection of, failure to detect, or facilitation of abusive conduct;
- provide for practical exercises and periodic updates, at least annually and in any event whenever relevant regulatory or procedural changes occur.
The training programmes include specific modules for personnel potentially involved in proprietary exchange activities, with the aim of ensuring full awareness of the risks of market abuse and of the related responsibilities. In particular, the training explores in depth the prohibitions on the use of inside information, the rules of conduct to be observed during the execution of transactions, the obligations to document and ensure the traceability of activities, and the profiles of individual and corporate liability in the event of breaches.
9.2 The Company undertakes to raise awareness among its clients of the prohibition on engaging in market abuse practices. To this end, it makes available, through its website and in its contractual documents, an information notice on:
- the obligation to comply with the provisions of Article 92 of MiCAR;
- the consequences, including of a criminal or sanctioning nature, arising from breach of those provisions;
- the Company’s right to refuse, suspend or report transactions deemed suspicious;
- the consequences, including of a sanctioning nature (and, where applicable, further consequences of an administrative nature), arising from breach of the MiCAR provisions on market abuse and of the national implementing legislation, including the provisions of Legislative Decree No. 129 of 5 September 2024 (in particular, Articles 32 and 33).
9.3 This Policy is reviewed at least annually by the Compliance Function, or whenever:
- regulatory changes affect the market abuse regime in the context of crypto-assets;
- significant updates occur in the services provided by the Company;
- developments occur in the operating models or in the internal monitoring systems.
A review is also triggered if proprietary trading activity is launched or modified, or where cases of suspected market abuse related to personnel conduct are detected.
9.4 Any amendments are approved by the administrative body and promptly communicated to personnel.