Based on the OFAC enforcement release and settlement agreement regarding Exodus Movement, Inc., here is a summary of the Compliance Commitments (often found in Section 2 or labeled as a specific point in the agreement terms):

• Sanctions Compliance Program: Exodus agrees to maintain a comprehensive sanctions compliance program for at least five years.
• Management Commitment: The company will ensure senior management support and the provision of adequate resources to the compliance function.
• Risk Assessment: Exodus will conduct periodic risk assessments to identify and mitigate sanctions risks specific to its business.
• Internal Controls: The company must implement and maintain written policies and procedures, including effective sanctions screening (such as IP blocking/geoblocking) and escalation protocols for potential matches.
• Testing and Audit: Exodus is required to perform independent testing and audits to ensure the effectiveness of its compliance program.
• Training: The company commits to providing regular (at least annual) sanctions compliance training to relevant employees.
• Compliance Investment: Exodus has specifically agreed to invest $630,000 in additional sanctions compliance controls and measures.
• Reporting: A senior executive must submit annual certifications to OFAC for a period of five years, confirming that the company is meeting these compliance obligations.