Security Center

First Digital’s security and compliance principles guide how we deliver our products and services, enabling our clients to securely access next generation financial services.

AML/CTF compliant

First Digital is committed global regulatory standards for anti-money laundering/counter-terrorist financing (AML/CTF).

We require First Digital group companies, management, and employees to adhere to these standards to prevent the use of First Digital's products and services for money laundering/terrorist financing purposes.

To ensure compliance of our regulated entities, we subject our AML/CTF policies, procedures and systems to regular independent AML/CTF audits.

Legal & Regulatory Information

Audited by

SOC 1 certified

First Digital is SOC 1 compliant for financial reporting.

Our clients and investors increasingly needed to rely upon First Digital to serve as a dependable and reliable service provider focused on minimizing risk, adding value, and maintaining a high level of service. Service Organizational Control (SOC) 1 Type 1 certification is a manifestation of our ongoing commitment to reliable financial reporting.

SOC 2 certified

First Digital is SOC 2 compliant to keep your data safe.

We take security seriously and develop our products with high standards of security. Built with tried-and-tested technologies, First Digital is officially Service Organizational Control (SOC) 2 Type 1 compliant to safeguard your sensitive data.

Why it Matters?

STAR Level One

First Digital has completed STAR Level 1: Self-Assessment.

We have completed the STAR Level 1: Self-Assessment to analyze our security posture in real terms and to provide security control transparency.

View details in CSA Registry

Security practices & processes

First Digital employees with access to sensitive data undergo a background check and sign an NDA prior to joining the company, and undergo security training right after joining.

Access to all sensitive services is protected with strong password requirements and two-factor authentication (where possible).

Access to data is further restricted according to the principles of least privilege and rolebased permissions: team members are only authorised to access data that they reasonably must handle in order to fulfil their current job responsibilities.

Our approved password manager is required, to generate, store, and enter unique and complex passwords to avoid password reuse, phishing, and other password-related risks.

We leverage automatic security vulnerability detection tools to alert us if/when security issues arise in the software packages we use. We apply fixes and deploy them as quickly as possible.

Questions about security?

We have a team dedicated to answering all of your privacy and security questions. Reach out to us at [email protected] provide feedback or with any questions you may have about security at First Digital.