The Luxembourg digital finance platform operator Finologee (www.finologee.com) has been granted ISO/IEC 27001:2013 certification, the international standard outlining best practices for information security management systems. Issued by Bureau Veritas, the certification validates that the company’s data security systems meet industry best practices. The ISO/IEC 27001 standard is the leading auditable international benchmark for information security management.

This certification is a cornerstone of Finologee’s operational excellence strategy, aimed at providing clients with an operations infrastructure and processes for their products and platforms that meet the highest international standards, facilitating the financial industry’s quest for optimisation and innovation without compromising on service quality and security.

The implementation of the ISO/IEC 27001:2013 standard acts as a guarantee that Finologee has established methodologies and a framework of business and IT processes to help identify, manage and reduce risks. It is also a demonstration to customers that the company is wholly committed to safeguarding their information assets through the products and services it provides.

Furthermore, the implementation of the ISO/IEC 27001:2013 standard lays a robust foundation for the implementation of the latest regulatory requirements from national and European financial industry regulation authorities. It has enabled Finologee to enhance further its formal risk management methodology processes, as laid out by recent updates to national circulars (CSSF Circular 12/552 and CSSF Circular 17/654), and the EBA guidelines on Outsourcing and ICT risks (CSSF Circular 20/750) covering governance, risk assessment, information security, ICT operations management, business continuity plans, and assistance to payment service users, among other topics.   

“Receiving the ISO 27001 certification is a significant milestone for Finologee that demonstrates to our customers and partners that our company puts security management controls at centre stage, as well as displaying our verifiable approach to information security. The positive outcome of the thorough audit process carried out in the context of this certification endorses our commitment to the highest levels of data security. This achievement marks one more step in our efforts to prove the company’s transparency and resilience” - said Stéphane Chmielewski, Finologee’s Chief Information Security Officer.

“We recognise that continuous efforts to anticipate and effectively prevent security breaches and protect data from being compromised is of the utmost importance to our clients. As more and more financial industry players rely on companies such as Finologee to provide digital products and platforms in an outsourced ‘managed services’ setup, we will continue to identify and address data security risks thoroughly as we meet the highest industry standards. This is a key milestone for our company, and one we have reached in a record 6 months thanks to the expertise and the commitment of our engineers and specialists.” - said Raoul Mulheims, co-founder & CEO at Finologee.

ISO/IEC 27001 is the most widely used information security standard prepared and published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards. It includes requirements on how to implement, monitor, maintain, and continually improve an Information Security Management System (ISMS) within the context of an organisation and its business needs. More information about ISO/IEC 27001 can be found at the International Organization for Standardization website: https://www.iso.org/isoiec-27001-information-security.html