Modern Slavery &
Human Exploitation Statement

Our commitment

mistwire.io is committed to preventing modern slavery, human trafficking, forced labor, debt bondage, and all forms of human exploitation in our operations and across our supply chain. We recognize our responsibility to act ethically, transparently, and with integrity in every business relationship — and to implement systems and controls that protect against exploitation at every level of our work.

This commitment is not separate from our business values. It is an expression of them. Our founding principles — human primacy, transparency, mutual benefit — apply as much to the people in our supply chain as to the customers who depend on our platform.

Applicable legal framework

mistwire.io operates in compliance with all applicable US federal anti-trafficking and labor protections, including:

• Trafficking Victims Protection Act (TVPA), 22 U.S.C. § 7101 et seq. — the principal federal law prohibiting and criminalizing trafficking in persons, including forced labor, sex trafficking, and debt bondage
• Trafficking Victims Protection Reauthorization Acts (TVPRA) — successive reauthorizations expanding liability to supply chains and broadening corporate obligations
• Executive Order 13627 (2012) — Strengthening Protections Against Trafficking in Persons in Federal Contracts — prohibits federal contractors from engaging in, or knowingly benefiting from, trafficking-related conduct; requires compliance plans for covered contracts
• FAR 52.222-50 — Combating Trafficking in Persons — directly applicable to mistwire.io as a federal contracting candidate; prohibits trafficking-related conduct, requires employee notification, and mandates contractor cooperation with government investigations
• Fair Labor Standards Act (FLSA), 29 U.S.C. § 201 et seq. — governing minimum wage, overtime, and prohibitions on oppressive child labor across all US operations
• Tariff Act of 1930, Section 307 (19 U.S.C. § 1307) — prohibiting importation of goods produced by forced or indentured labor; applicable to any hardware or physical goods in our supply chain

Where we engage suppliers, subcontractors, or partners in support of federal contracts, FAR 52.222-50 compliance obligations flow down through our agreements.

Our business

mistwire.io is a US-based cybersecurity and AI infrastructure company building autonomous Moving Target Defense technology. We develop software and cloud-native security platforms designed to protect enterprise and government networks through continuous, AI-driven attack surface rotation and cryptographic audit.

We are a small, early-stage company operating primarily in the United States, with a supply chain consisting almost entirely of technology vendors, cloud infrastructure providers, and professional services firms. We do not manufacture physical goods, operate production facilities, or engage labor-intensive supply chains that carry elevated modern slavery risk.

Risk assessment

We have assessed our operations and supply chain for modern slavery risk. Given our profile — a US-domiciled technology company with a digital-native supply chain — we consider the inherent risk to be low. We nonetheless identify the following factors and controls:

Policies and governance

We are committed to ensuring that modern slavery does not occur within our business or supply chains. Our approach is supported by internal governance structures that set clear expectations for ethical behavior, human rights, and compliance with applicable law. These include:

• Code of Conduct — establishing expected standards of behavior for all personnel and partners
• Anti-Bribery and Corruption Policy — prohibiting all forms of corrupt practice
• Whistleblowing Policy — protecting those who raise legitimate concerns in good faith
• Supplier contractual obligations — requiring adherence to applicable law and ethical conduct standards in all vendor agreements
• Employment practices — ensuring all employees and contractors are engaged under lawful, voluntary, and fairly compensated terms

Due diligence

We take a risk-proportionate approach to due diligence across our supply chain. At our current scale, our primary measures include:

• Reviewing prospective vendors' publicly available ethics, labor, and supply chain policies before engagement
• Including ethical conduct and applicable law compliance obligations in all supplier and contractor agreements
• Prioritizing vendors who are signatories to recognized industry standards or publish their own modern slavery commitments
• Applying enhanced scrutiny before engaging suppliers based in jurisdictions with elevated human rights risk profiles

As our operations scale, we will formalize these processes into a structured supplier screening and periodic review program.

Partner and client standards

mistwire.io holds itself to a defined standard of conduct regarding modern slavery and human exploitation. We extend that standard to the business relationships we enter. A relationship in which one party operates in compliance and the other does not provides neither party with meaningful protection — and, in certain circumstances, creates legal exposure for both.

Accordingly, mistwire.io may, at its discretion and on a risk-proportionate basis, require prospective or existing business partners — including clients, strategic partners, technology integrators, resellers, and investors — to provide reasonable evidence of their compliance with applicable anti-trafficking and labor exploitation law as a condition of entering into or continuing a business relationship.

Such assessments are not a judgment of character or intent. They are an objective, documented review against a defined legal and regulatory standard — intended to provide both parties with confidence that the relationship does not, knowingly or inadvertently, contribute to exploitation. The criteria applied will be grounded in applicable law, publicly available disclosures, and recognized industry standards.

At mistwire.io's discretion, assessments may be conducted internally or delegated in whole or in part to qualified independent third parties — including compliance consultants, accredited audit bodies, or recognized due diligence service providers — whose findings will inform our determination. Where a third party is engaged, we will notify the relevant partner and ensure the process is conducted with appropriate regard for confidentiality.

Where a formal assessment is requested, mistwire.io will communicate the basis for the request, the scope of information required, and the standard against which the assessment will be made. We are committed to conducting any such process efficiently, transparently, and with respect for the partner's operational constraints.

mistwire.io reserves the right to decline to enter into, or to terminate, a business relationship where an assessment identifies material non-compliance with applicable anti-trafficking or labor exploitation law, or where a prospective partner declines without reasonable cause to participate in an assessment that mistwire.io considers necessary given the nature or risk profile of the proposed relationship.

Confidentiality of assessment outcomes

mistwire.io will not make public statements regarding the outcomes of any assessment conducted pursuant to this section — whether the outcome is favorable or otherwise. Assessment results, including findings, supporting correspondence, and related documentation, are treated as confidential business records. This confidentiality is not a mechanism to protect non-compliant actors from accountability; it reflects the principled view that mistwire.io is a private commercial entity conducting bounded due diligence, not a regulatory body exercising public enforcement authority.

All assessment records will be retained for a minimum of seven years from the date of assessment, consistent with applicable federal record-keeping requirements and the standards applicable to FAR-governed compliance documentation. This retention period ensures mistwire.io can demonstrate the basis and conduct of its due diligence in any subsequent legal, regulatory, or contractual context.

Remediation and re-engagement

An adverse assessment outcome does not constitute a permanent bar to a business relationship with mistwire.io. Where an assessment identifies areas of material non-compliance, mistwire.io may, at its discretion, communicate the basis of its determination to the assessed entity. If that entity subsequently undertakes substantive corrective measures and provides verifiable, independently documented evidence of a material improvement in its compliance posture — not self-reported assertion, but demonstrable and auditable change — mistwire.io will consider that record of remediation as a legitimate basis for re-engagement.

We hold this view deliberately: a compliance posture that has been independently tested, found wanting, and demonstrably corrected represents a more durable foundation for a business relationship than one that has never been examined. Integrity under scrutiny means more than integrity unchallenged. Where a prospective partner has done the work to close the gap, mistwire.io recognizes that as a meaningful signal — and a reason to engage, not to exclude.

Training and awareness

All personnel at mistwire.io — employees, contractors, and advisors — are expected to understand the nature of modern slavery, to recognize potential indicators, and to know how to raise a concern. Awareness of this policy forms part of onboarding for all new personnel.

As the company grows, formal training on modern slavery and ethical supply chain practices will be incorporated into periodic compliance reviews.

Reporting concerns

Employees, contractors, suppliers, and other stakeholders are encouraged to raise concerns about potential modern slavery, human trafficking, or other forms of exploitation — whether observed in mistwire.io's operations or in our supply chain.

Concerns can be reported directly to: ethics@mistwire.io

All reports will be treated seriously and investigated promptly. mistwire.io prohibits retaliation against any person who raises a concern in good faith.

Continuous improvement

We are committed to reviewing and improving our approach to modern slavery prevention as our business evolves. This statement will be reviewed no less than annually and updated to reflect any material changes to our operations, supply chain, or applicable legal obligations.

We recognize that our obligations in this area will grow as our business grows — particularly as we pursue federal and defense contracts where FAR 52.222-50 compliance plans become mandatory. We intend to be ahead of those obligations, not behind them.