As a registered Digital Asset Service Provider (DASP) by the French Financial Markets Authority (AMF), Fipto places paramount importance on safeguarding clients' assets by adhering to the highest security standards within the industry.
Fipto holds its clients’ investable assets such as fiat currencies, cryptocurrencies, NFTs and asset-backed tokens backed by a distributed ledger. In order to bring the most protection to those assets, our objective is to replicate the best security standards in traditional finance while incorporating the best security standards for digital assets.
As a result, Fipto has established a robust framework based on four fundamental pillars, each carefully designed to fortify asset protection:
A key principle at Fipto is to distinctly identify digital assets held in Fipto wallets within our accounts, ensuring complete separation from Fipto's corporate funds. This segregation ensures a clear distinction between operational capital and clients' digital assets.
By extension, Fipto refrains from investing clients' digital assets, differentiating from conventional banking practices. With this approach, clients' wallets maintain an identical balance to the amount reflected on the Fipto side at any given moment. Clients' digital assets are not invested, not even in “low-risk, liquid and safe-asset” as most banks or fintech would typically do.
Fipto build its own internal ledger, systematically recording records of financial transactions and balances, which also tracks and verifies financial activities to ensure accuracy.
To maintain our ledger as an immutable transactional log, preventing any alteration of transaction history—a possibility in most traditional financial firms—we utilize the Amazon Quantum Ledger Database.
In developing our technical infrastructure, Fipto adheres to the Principle of Least Privilege, granting individuals only the minimum authorizations to perform their function. Moreover, critical actions require validation through the "4-eyes principle," involving at least two individuals to authorize specfic actions.
Additionally, Fipto adopts two-factor authentication (2FA) for certain actions within the system, aligning with standard security practices in the financial industry. For payments in traditional currencies, current regulations mandate authentication based on two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses), and inherence (something the user is).
For each action, a user has to complete both a knowledge and a possession factor. They need to first provide their password to access the tool and then enter a code generated by an app on their phone.
Fipto adheres to compliance rules akin to those applicable to traditional financial institutions, emphasizing a conservative approach in segregating client funds and following meticulous Know Your Client (KYC) and Transaction Monitoring processes.
Transaction monitoring consist of a continuous oversight and analysis of customer transaction activity to identify patterns, behaviors, and anomalies that might indicate fraudulent, illegal, or non-compliant activities. It is an essential tool in risk management, ensuring regulatory compliance, and safeguarding the integrity of payment systems.
This proactive stance showcases Fipto's dedication to the highest compliance standards, aiding in combating money laundering and terrorism financing.
Fipto strategically partners with trusted industry leaders committed to compliance and security in the financial sector. These partnerships encompass:
By meticulously upholding these pillars and collaborating with reputable industry partners, clients can have confidence that their assets are safeguarded with diligence and expertise, underlining Fipto's commitment to security and client trust.
We can set up a trial account for your company. Get started
.png)
