authorities
Kontomatik delivers services with great care for regulations compliance, mainly in these aspects:
Depending on our clients, the country they operate in and other factors, one of our entities is involved - Kontomatik Sp. z o.o. or Kontomatik UAB. Both of them are monitored and required to report their financial services activities to the supervisory authorities.
Kontomatik Sp. z o.o. is supervised by KNF (Komisja Nadzoru Finansowego, en. Polish Financial Supervision Authority) which in 2019 granted us the authorization to perform Open Banking services (as an Account Information Services Provider) - as the first company in Poland to be able to do so.
Kontomatik UAB has also been authorized to act as an Account Information Services Provider even before that, in 2018, by Bank of Lithuania (lt. Lietuvos bankas).
You can find the our official registry entries under these links:
PSD2 is a European Union directive being a response to the rapid technological development in the area of finance. Among many regulations concerning payment services, the Open Banking area has been introduced officially creating a new category of payment providers - Third Party Providers.
Under certain conditions with authorization from local authorities, TPPs can offer services related to account information (AIS), payments (PIS) and more.
Complementing the PSD2, another document has been created, called RTS (Regulatory Technical Standards). It goes more into detail about how certain PSD2 regulations should be implemented specifying required security levels, technical methods of accessing account information, performance, data range or how often it can be accessed and much more.
If you’re interested in reading the documents, follow these links:
As we process a lot of personal and financial information, we care deeply about data protection. Here are some of the core data-related activities we engage in:
ISO/IEC 27001 is an international norm standardizing information security management. We’re proud to be certified since 2018 with yearly certification reviews confirming we still adhere to the highest standards of security.
The norm is defined by 14 different domains, more notable ones include:
More about the norm: https://www.iso.org/isoiec-27001-information-security.html