BINK
ConsumerBusinessServicesCryptoAbout
Log inGet Started
Compliance & trust

Bank-grade
controls.
On every cent.

Compliance isn't a feature here — it's the foundation. Every wallet, card and transfer runs on rails certified by the same standards regulated banks use, and verified by the same third-party auditors.

PCI · ISO · SOC 2Dubai · Regulated256-bit AES · TLS 1.3
Lvl 1
PCI DSS
Type II
SOC 2
24/7
AML monitoring
15 min
Incident response
Three pillars

Certified.
Verified.
Monitored.

Certifications

Audited end-to-end

  • PCI DSS Level 1 (annual on-site)
  • ISO 27001 information security
  • SOC 2 Type II (continuous)
  • NACHA-aligned ACH controls
  • Egyptian Central Bank reporting

KYB & KYC

Identity, verified

  • KYC tied to verified national IDs
  • KYB tied to corporate registry data
  • Sanctions, PEP and adverse-media screening
  • Continuous re-screening on watchlist updates
  • Audit trail on every identity decision

AML monitoring

Eyes on every transaction

  • Real-time transaction screening
  • Behavioural risk scoring per account
  • Velocity, volume and corridor rules
  • Suspicious-activity reports filed automatically
  • Independent compliance committee review
Operational controls

The boring details
we obsess over.

Audit-grade controls don't come from a slide deck — they come from the rituals a team commits to running every week, year after year.

Encryption

256-bit AES at rest

Column-level KMS for sensitive fields. TLS 1.3 in flight. Hardware-isolated key custody.

Access

Least privilege, always

Role-based access. Two-factor required for every admin action. Quarterly access reviews.

Audit

Immutable ledger

Every state change is recorded with actor, timestamp and reason. Retained for seven years.

Resilience

Multi-AZ by default

Read-replica reconciliation, automated failover, chaos-tested incident drills monthly.

Penetration

Quarterly external testing

Independent red-team engagements. Bug-bounty program with public disclosure policy.

Privacy

Data minimisation

We collect only what compliance requires. Customer data is never sold or shared for marketing.

Audit reports

Available under NDA

SOC 2 Type II, ISO 27001 statement of applicability, PCI DSS AOC, and our latest pen-test summary are available to enterprise prospects and regulated counterparties under a one-page NDA.

Trust, reconciled

If we can't
reconcile it,
we don't ship it.

Compliance isn't bolted on after launch — it's the foundation we built BINKPAY on. Every product on the platform inherits the same controls.

Request audit reportsSecurity overview