Introduction:

Syncrosis, in its capacity as a global provider in technology consulting and intelligence services, is committed to adhering strictly to all relevant UK legal frameworks, international treaties, and global best practices. This policy sets forth the criteria by which Syncrosis excludes individuals, entities, and nation states from potential business engagements, ensuring full compliance with the Sanctions and Anti-Money Laundering Act 2018 (SAMLA), UK Bribery Act 2010, General Data Protection Regulation (GDPR), and other applicable laws.

This exclusion policy is binding for all employees, contractors, and affiliates of Syncrosis and will be regularly updated in response to changes in law or geopolitical conditions. Failure to comply with this policy will result in legal action, including the immediate cessation of any existing or prospective business relationships.

1. Sanctioned Countries and Entities

Syncrosis shall not engage in any business relationship, direct or indirect, with entities or individuals residing in or subject to the jurisdiction of countries or regions that are under sanctions imposed by the following authorities:

• The United Nations Security Council (UNSC)
• The European Union (EU) Council Regulations
• The United Kingdom Office of Financial Sanctions Implementation (OFSI)
• The United States Office of Foreign Assets Control (OFAC)
• Any other relevant sanctioning bodies or regimes with which the UK Government maintains a cooperative agreement

• Democratic People's Republic of Korea (North Korea)
• Islamic Republic of Iran (Iran)
• Syrian Arab Republic (Syria)
• Republic of Belarus (Belarus)
• Russian Federation (Russia)
• Republic of Venezuela (Venezuela)
• Republic of Cuba (Cuba)
• South Sudan
• Eritrea
• Sudan

These restrictions extend to entities that are domiciled in, controlled by, or operating within the aforementioned jurisdictions, as well as any individuals or organisations appearing on sanctions lists such as:

• The UK Consolidated List of Financial Sanctions Targets
• OFAC's Specially Designated Nationals and Blocked Persons List (SDN List)
• EU Consolidated Sanctions List

Syncrosis conducts enhanced due diligence to ensure full compliance with these sanctions, and any identified breaches will result in immediate termination of business relations, with potential for legal recourse.

Legal Citations:

• Sanctions and Anti-Money Laundering Act 2018 (SAMLA)
  
• Council of the European Union Regulations
• UK Consolidated List of Financial Sanctions Targets
  
• OFAC Specially Designated Nationals (SDN) List

2. Strategic Adversaries of NATO

Syncrosis shall not engage with any entities or individuals domiciled in, aligned with, or associated with strategic adversaries of the North Atlantic Treaty Organisation (NATO), as determined by UK defence policies and NATO Strategic Concept. This includes:

• The Russian Federation, as a result of ongoing hostilities with NATO-aligned states and annexation of foreign territories.
• The Islamic Republic of Iran, due to its nuclear proliferation activities and aggressive military posture towards NATO allies.
• The Syrian Arab Republic, for its continued violation of international humanitarian law and alignment with NATO adversaries.
• Any other entities or states classified as adversarial under NATO’s defence strategy, such as those supporting terrorist organisations or actively undermining NATO’s geopolitical interests.

Syncrosis also refrains from any engagement with defence or intelligence contractors that operate in or provide services to these adversarial states. Additionally, entities aligned with the Collective Security Treaty Organisation (CSTO) are excluded.

Legal Citations:

• NATO Strategic Concept 2022
  
• UK National Security Strategy
• Sanctions and Anti-Money Laundering Act 2018 (SAMLA)

3. China and China-Aligned Entities

Syncrosis prohibits any engagement with the People’s Republic of China (PRC) and entities aligned with or controlled by the Chinese Communist Party (CCP). This exclusion extends to:

• Businesses domiciled in or controlled by the PRC or any territories aligned with the CCP, including Hong Kong and Macau, if subject to PRC influence.
• Entities complicit in human rights violations under the Uyghur Forced Labor Prevention Act (UFLPA) and those involved in the systematic exploitation of Uyghur Muslims in the Xinjiang region.
• Organisations engaged in cyber espionage, intellectual property theft, or state-sponsored cyberattacks targeting the UK or allied interests, as covered under the UK National Security and Investment Act 2021.

Syncrosis also applies enhanced cybersecurity protocols to prevent the leakage of sensitive data or intellectual property to PRC-aligned actors, and actively monitors for state-sponsored intrusions into its supply chain and partner networks.

Legal Citations:

• UK National Security and Investment Act 2021
  
• Uyghur Forced Labor Prevention Act (UFLPA)
  
• UK Counter-Terrorism and Security Act 2015
  
• Global Magnitsky Human Rights Accountability Act
  

4. Human Rights Violations and Ethical Standards

Syncrosis adheres to the highest standards of human rights protection and refuses to engage with entities that are complicit in, or benefit from, human rights violations. This includes:

• Organisations involved in terrorism, pursuant to the UK Terrorism Act 2000 and Counter-Terrorism and Security Act 2015.
• Entities engaged in crimes against humanity, including genocide, enslavement, torture, and enforced disappearances, as defined by the Rome Statute of the International Criminal Court (ICC).
• Companies exploiting forced labour, child labour, or modern slavery, in violation of the UK Modern Slavery Act 2015 and ILO Forced Labour Conventions (No. 29).

Entities found to be on the Global Magnitsky Sanctions List, or those implicated in human rights abuses under the Uyghur Forced Labor Prevention Act, will not be considered for any business dealings. Syncrosis conducts ongoing due diligence on partners to ensure their supply chains are free from human rights abuses.

Legal Citations:

• UK Human Rights Act 1998
  
• Rome Statute of the International Criminal Court (ICC)
  
• UK Modern Slavery Act 2015
  
• Global Magnitsky Human Rights Accountability Act
• Uyghur Forced Labor Prevention Act (UFLPA)

5. Financial Crimes and Corporate Governance

In line with the UK Bribery Act 2010, Anti-Money Laundering (AML) Regulations 2017, and Proceeds of Crime Act 2002, Syncrosis will not engage with entities or individuals convicted of:

• Money laundering, bribery, fraud, tax evasion, or embezzlement.
• Entities or individuals under active investigation for financial crimes or those listed by the Financial Conduct Authority (FCA) or Financial Action Task Force (FATF).

All prospective partners must meet strict corporate governance standards as defined in the UK Companies Act 2006. Any company exhibiting corrupt practices, opaque financial reporting, or governance failures will be excluded from potential partnerships.

Legal Citations:

• UK Bribery Act 2010
  
• Proceeds of Crime Act 2002
  
• Anti-Money Laundering Regulations 2017
  
• Companies Act 2006
  
• Financial Action Task Force (FATF)
  

6. Data Privacy Compliance

Syncrosis maintains full compliance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. Syncrosis will not engage with any entities or individuals found to be in violation of:

• GDPR, including unlawful data processing, failure to safeguard personal data, or involvement in significant data breaches.
• The Computer Misuse Act 1990, specifically those engaged in cyber espionage, hacking, or other forms of cybercrime.

Syncrosis actively implements ISO/IEC 27001 Cybersecurity Standards and the Cybersecurity Maturity Model Certification (CMMC) for its partners, ensuring that all business engagements meet stringent cybersecurity standards.

Legal Citations:

• GDPR
  
• Data Protection Act 2018
  
• Computer Misuse Act 1990
  
• ISO/IEC 27001 Cybersecurity Standards
• Cybersecurity Maturity Model Certification (CMMC)