Public trust
Trust evidence buyers can inspect before procurement.
A regtech product has to make its own controls inspectable. This page links security, privacy, certification readiness, wallet conformance, bug bounty and subprocessor evidence in one place.
Trust programme
Security overview
Public posture covering encryption, access, audit, residency and vulnerability reporting.
Open evidenceISO 27001 and 27701 evidence
ISMS and PIMS evidence rooms are mapped; external audit is required before any certificate claim.
Open evidenceSOC 2 Type II evidence
Trust Services Criteria are mapped for observation; no Type II report is claimed until auditor issuance.
Open evidenceEU Digital Identity Wallet conformance
EUDI Wallet-aligned issuer, presentation and status-list surfaces are available for interoperability testing.
Open evidencePrivate bug-bounty programme
Responsible disclosure and private bounty scope are published with safe-harbour rules.
Open evidenceSubprocessor register
Core subprocessors are listed for procurement and privacy review.
Open evidenceData Processing Addendum
Processor terms, Article 28 commitments, transfer mechanisms and technical measures are published for customer review.
Open evidenceService levels and support
Support severity targets, availability posture, incident handling and order-form dependencies are documented for procurement.
Open evidenceImplementation runbook
Rollout phases, customer inputs, order-form checklist, launch gates and implementation timeline are published for buyer review.
Open evidence