Security & Compliance
A systematic approach to protection, risk management, and regulatory alignment
Security and compliance are not separate initiatives—they are foundational to how we operate. Every portfolio company benefits from group-level expertise, standardized controls, and continuous monitoring.
Security Controls
Our security posture is built on multiple layers of protection:
Encryption
Data encryption at rest and in transit using industry-standard protocols. All sensitive information is encrypted before storage.
Access Control
Role-based access management, multi-factor authentication, and principle of least privilege across all systems.
Monitoring
Continuous system monitoring, anomaly detection, and real-time alerting for suspicious activities.
Incident Response
Documented procedures for security incident identification, containment, remediation, and post-incident analysis.
Risk Management
We maintain a structured approach to identifying and mitigating operational risks:
Vendor Oversight
Thorough due diligence on all third-party service providers with ongoing performance and security assessments.
Internal Controls
Segregation of duties, approval workflows, and regular internal audits to ensure operational integrity.
Operational Resilience
Business continuity planning, disaster recovery procedures, and redundant systems to ensure service availability.
Compliance Approach
Our compliance framework is designed to align with industry best practices:
KYC/AML Alignment
Customer identification procedures and transaction monitoring aligned with anti-money laundering principles, implemented according to the requirements of our operational context.
Regulatory Awareness
Ongoing monitoring of regulatory developments in digital asset markets and proactive adjustments to our operational approach.
Policy Framework
Comprehensive internal policies covering data handling, security practices, and operational procedures.
Privacy & Data Handling
We treat user data with respect and care:
Data Minimization
We collect only the information necessary for providing services and meeting our operational requirements.
Retention Policies
Clear data retention schedules and secure disposal procedures for information no longer needed.
User Rights
Processes for users to access, correct, or request deletion of their personal information where applicable.