Summary


One of our core values at First AML is to be trusted guardians of compliance; we take our commitment to guarding our customers’ data seriously. So we are thrilled to announce that we have now achieved the ISO 27001 Certification for security and privacy.


The ISO 27001 standard is the internationally recognised best practice framework for an Information Security Management System (ISMS). Achieving this is just one of the steps we are taking to ensure that we live by our core company values, and taking all the steps we can to ensure we are delivering a world-class customer experience that has security and privacy at the heart of it. 


AML compliance requires a lot of personally identifiable information to be disclosed – that’s how we can verify your identity and combat money laundering. However we understand that disclosing this information to a service provider comes with a risk, which is why it is our commitment to you – our customers, and your clients – that we are taking all necessary steps to ensure the safety and security of your personal data and information. 


Security and privacy isn’t just a box that we are ticking – we resonate these values throughout everything that we do. We recruit people with customer-centric mindsets, who put our customers first and take security and privacy seriously, and we believe that all of our employees are responsible for delivering on this experience. Read on to find out what this certification means for you.


What this means for you

Maintaining a private and secure platform is key to our success and at the forefront of everything we build. We deal with our user’s most important and private information: their identity. Therefore, our customer’s data can only ever be accessed by those who need to see it to complete verification checks. Our platform is hosted in Amazon Web Services (AWS), the world’s leading cloud provider, which has some of the most secure facilities in the world. 


Achieving this certification indicates that First AML takes a ‘best practice’ approach to information and data security management, and that we follow best industry practises in managing information security risks. It also makes it clear to our customers, stakeholders and employees that we take security seriously and make every effort to protect First AML’s customer data and information.


This is our ongoing priority



Achieving our ISO certification isn’t just a box ticking activity for us. The privacy and security of our customers’ data is an ongoing priority for us, and maintaining this certification requires regular internal checks, and yearly external audits.


At First AML, we have always prioritised security when it comes to accessing information. Achieving our ISO certification adds to the many measures we’ve already implemented, which includes encrypting your data, 24/7 monitoring and surveillance, and regular security audits to identify and manage threats. We engage with third-party information security specialists who conduct quarterly penetration testing and architectural reviews of our platform, ensuring we keep up with industry best practices around security, and give our data the best protection possible.


Given the nature of our business, privacy and security are number one priorities. All of our staff regularly undergo security awareness training and understand the importance of protecting customer data. Having best in class information security processes is an area we are increasingly focusing on, and are proud to be the only AML compliance provider in New Zealand to have achieved the ISO 27001 Certification.