We advise on the secure design and operation of regulated payment systems
in line with key security standards

Flawless Money’s regulatory consultants advise on the secure design and operation of regulated payment systems, including:

  • Supporting the Generation of critical operational documents to support the authorisation process (Information Security Policy, Business Continuity/Disaster Recovery Plans, Business Impact Analysis).
  • Providing advice on the effective supervision of the delivery of Critical IT Services outsourced to external/intragroup outsourcers (Production Network Hosting, Security Engineering, Network Monitoring/Operations).
  • Supporting the generation of compliance assessment/monitoring frameworks to assess the compliance of Agents/Distributors of regulated PSPs with applicable cybersecurity requirements.
  • Providing advice on the design of customer authentication and transaction authorisation processes to align with applicable regulatory standards (e.g. CDR 2018/389)
  • Advising Account Servicing Payment Service Providers (ASPSPs) on the development and implementation of payment account access interfaces that meet the Common and Secure Communication (CSC) criteria in CDR 2018/389.
  • Assisting ASPSPs to apply/receive an Exemption from the Contingency Mechanism requirement detailed in Art. 33(6) of CDR 2018/389.