Certifications
Flo2Cash is committed to the highest standards of security and compliance. We are certified and independently audited against globally recognized frameworks such as PCI DSS v4.0 and ISO/IEC 27001, with ongoing efforts toward ISAE 3402 / SOC 1. These certifications demonstrate our dedication to safeguarding customer data, ensuring secure payment processing, and maintaining robust internal controls.
PCI DSS v4.0 Compliance
Flo2Cash is fully compliant with PCI DSS version 4.0 as a Level 1 Service Provider—the highest level of compliance under the Payment Card Industry Data Security Standard. This globally recognized standard is essential for securing cardholder data and maintaining trust within the payments ecosystem.
ISO/IEC 27001 Certification
Flo2Cash is certified for ISO/IEC 27001—the internationally recognized standard for Information Security Management Systems (ISMS). Our controls and processes are independently audited and certified by Intertek, an ISO-accredited certification body, ensuring our adherence to rigorous global information security practices.
ISAE 3402 / SOC 1 Readiness
Flo2Cash is currently working towards compliance with ISAE 3402 / SOC 1. This certification focuses on the internal controls relevant to financial reporting for service organizations. It evaluates the design and effectiveness of our policies, procedures, and internal control mechanisms through monitoring, training, and audit readiness.
Ongoing Audit and Assessment
Flo2Cash undergoes an annual PCI DSS assessment by a Qualified Security Assessor (QSA) approved by the Payment Card Industry Security Standards Council. Our Approved Scanning Vendor (ASV) is Qualys.
In addition, we comply with all relevant card scheme operating regulations and are subject to regular audits by Visa, MasterCard, and our financial regulatory bodies.