SECURITY

Bank-grade security controls built for sensitive AML data

Answer-first summary

How secure is Certivus for AML compliance data?

Certivus is designed for sensitive AML, CDD, KYC, and identity evidence workflows. The platform presents controls for encryption, role-based access, audit logs, monitoring, UK data residency, and security assessment so practices can review how client data is protected.

  • Built for identity documents, screening results, and AML evidence records
  • Security controls are part of the buying journey, not an afterthought
  • Practices can review data residency, access, logging, and support before rollout

Encryption

In transit + at rest

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • End-to-end encryption for sensitive client data
  • Secure key management with regular rotation

Access Controls

Role-based access

  • Granular role-based access control (RBAC)
  • Multi-factor authentication (MFA) support
  • Single sign-on (SSO) integration available
  • Principle of least privilege enforced

Monitoring & Logging

Full audit trail

  • Real-time security monitoring and alerting
  • Comprehensive audit logs for all user actions
  • Anomaly detection and threat identification
  • Immutable log storage for compliance

Data Residency

UK-based infrastructure

  • All data stored in UK-based data centres
  • GDPR-compliant data processing
  • No data transfers outside the UK/EEA
  • Sovereign cloud infrastructure

Penetration Testing

Regular security assessments

  • Annual third-party penetration testing
  • Continuous vulnerability scanning
  • Responsible disclosure programme
  • Regular security updates and patching
COMPLIANCE

Certifications & Compliance

ISO 27001Information Security Management
SOC 2Service Organization Controls
GDPRGeneral Data Protection Regulation
SECURITY QUESTIONS

Common security questions

How does Certivus protect AML and identity data?

Certivus uses encryption in transit and at rest, access controls, monitoring, audit logs, UK data residency controls, and regular security assessment practices to protect sensitive AML and identity evidence.

Why does security matter for AML software?

AML software can hold identity documents, verification results, screening outcomes, risk decisions, and audit records. Practices should review access control, encryption, data residency, logging, and support before trusting any provider.

Ready to secure your AML compliance?

Join hundreds of accountants who trust Certivus with their sensitive data.