Flo2Cash is fully PCI DSS 3.2.1 compliant as a Level 1 Service Provider, which is the key security standard within the payments industry.

Flo2Cash is also certified for ISO / IEC 27001 Information Security Management, a widely recognised, internationally accepted standard for information security. Our processes and controls were assessed by an accredited independent auditor. The British Standards Institution (BSI), an ISO-accredited certification body, certified our compliance with the ISO standard.

Flo2Cash is working towards compliance with ISAE3402/SOC 1 (Service Organizational Control 1), which evaluates and tests the internal controls around financial reporting of a service organisation. It reflects the compliance with policies and procedures of the service organisation through monitoring, training, and checks on policies and procedures.


In addition, Flo2Cash is assessed for PCI DSS by a Qualified Security Assessor (QSA) for the Payment Card Industry Security Standards Council. Our PCI ASV is Tenable. Flo2Cash also adheres to the card schemes' operating regulations. Flo2Cash is subject to yearly audits by Visa, MasterCard, and our financial regulators.