Results of the latest assessment of the operational and security risks related to the payment services the firm provides.
We accept cash payments only from clients physically presenting themselves to ourselves. To minimise operational and security risks, we do not accept alternative forms of payment. When a client wishing to perform a money transfer transaction approaches our office, the client is asked for a contact number or an ID number as per their photo ID which maybe either a European driving licence or valid passport. These are either matched in the case of a returning client to previous data held in the system, or captured in the case of a new client.
We use a bespoke IT system, that provides secure access, breach prevention, data analysis, logging and reporting in section. The system validates the identity documentation, and if it is not valid or is expired, the transaction will be immediately rejected. We consider all our systems critically important at the highest level.
We operate from a single premises and it is completely secured with the following:
- Steel roller shutters over shop-front and all access points including rear access.
- Intrusion detection alarm linked to live local rapid response unit.
- CCTV system installed both internally and externally with images stored both locally and remotely.
- Access control devices are used throughout the premises with all entries and exits logged on our secure servers.
All IT equipment is suitably protected with the latest Norton Antivirus software which is updated on a daily basis, or whenever an update becomes available. It equipment is also physically protected with the use of Kensington locks.
Customer authentication is carried by physically and meticulously confirming client ID’s with their identity particulars. Confirmation of address and post code, date of birth, transactional history and contact details are all used to further verify clients. Any suspicious transactions or individuals are duly reported using the in-built reporting utilities available to employees which is designed around FCA reporting guidelines.
Since we operate in a specific location and our services offered appeal to a specific target market, they are very specific and all our clients are well-known to us. We operate in a specific geographical location, and only offer money remittance services to two countries, any suspicious activity is immediately recognised and duly reported via the in-built reporting utility our system has been programmed with as per FCA guidelines. Such suspicious activity relates to but is not limited to transaction amounts, transactional frequency, failure to verify identity particulars, etc.
In terms of security risks, the measures taken as detailed above, are adequate in preventing, reporting and predicting any security breaches or risk of fraud or money-laundering.