Protecting your assets, your identity, and your data is an unconditional obligation — not a feature. Our security infrastructure is designed to institutional standards, maintained continuously, and tested independently.
Our security framework is built in layers — technical controls, operational procedures, and human oversight — so that no single point of failure can compromise your account.
All data transmitted between your device and our systems is encrypted using TLS 1.3 — the current gold standard. Data at rest in our systems is encrypted using AES-256. Your financial information is never transmitted in plaintext under any circumstances.
Every login to the Online Banking Platform requires multi-factor authentication. A password alone is never sufficient. High-value transactions require an additional authentication step, including biometric confirmation where your device supports it.
Every transaction is screened in real time against behavioural patterns unique to your account. Unusual activity — including unexpected geographies, unusual amounts, or unfamiliar beneficiaries — triggers automatic review before funds are released.
Our systems undergo quarterly penetration testing by independent specialist firms. Identified vulnerabilities are triaged by severity and remediated within defined timeframes. Test results are reported to the Board's Risk Committee.
Our systems are hosted in Tier IV data centres with physical access controls, biometric entry, redundant power, and geographically separated disaster recovery facilities. Uptime SLAs of 99.99% are maintained for core banking systems.
All staff complete mandatory security awareness training annually, including phishing simulation exercises, social engineering awareness, and secure handling of client data. Security compliance is a condition of continued employment.
Criminals sometimes impersonate financial institutions. Knowing what we will never ask you to do is your first line of defence. If you receive any communication that does any of the following, it is not from us — contact your relationship manager immediately.
Your Online Banking password should be at least 12 characters, mix upper and lowercase letters, numbers, and symbols, and should not be used for any other service.
Where your device supports it, enable biometric authentication for the mobile app. Biometric data never leaves your device — it is not stored by us.
Always log out of the Online Banking Platform when finished, especially on shared or public devices. The platform will automatically time out after 10 minutes of inactivity.
Before making a payment to a new beneficiary — especially following any email or phone instruction — call your relationship manager directly to verify. Always use a number you know, not one provided in the message.
Ensure your phone, tablet, and computer operating systems and apps are kept up to date. Security patches are critical — enable automatic updates where possible.
Never access Online Banking from public Wi-Fi. Use a trusted private network or a mobile data connection. Consider a VPN if you travel frequently.
Fraudulent emails that appear to come from the Bank, asking you to click a link, confirm credentials, or take urgent action. We will never send unsolicited links. Always go directly to our website by typing the address yourself.
A caller claiming to be from our fraud or security team, warning of suspicious activity and urging you to transfer funds or reveal security credentials. Hang up and call your relationship manager on a number you already have.
Criminals impersonating solicitors, estate agents, or suppliers to redirect payments to fraudulent accounts. Always independently verify new or changed payment details using a trusted phone number before making any transfer.
Criminals posing as Bank technicians or IT support, asking you to install software that gives them remote control of your device. We will never ask you to install any software. If asked, refuse and contact us immediately.
Unsolicited approaches promising unusually high returns on investments, often using cloned websites or fake fund documents. Only deal with authorised firms. If in doubt, contact your relationship manager before committing any funds.
Your relationship manager is your first point of contact for any security concern. For technical matters, our security team is available directly.