Secure international payments: how to check your provider’s security credentials

Convenience can lead to complacency when it comes to your business making secure international payments online. The ability to open an account in minutes and make transfers at the touch of a button often overshadows the need to check your payment providers security credentials. Simply assuming they’re regulated and have sufficient processes in place will leave your finances and data exposed to nefarious activity.

To avoid this unwanted scenario, you should thoroughly review the following factors when choosing an international payment provider – it won’t take long, and it could save you a huge headache in the future.

Are they FCA authorised?

Fortunately, no one can start providing international payment services overnight. Anyone entering the market must obtain the relevant regulatory authorisation first, so they can guarantee that their customer’s money has a certain level of protection.

The Financial Conduct Authority (FCA) regulates financial services firms and financial markets in the UK – to protect customers, increase market integrity and promote healthy competition. All UK-based firms that handle international money transfers should be authorised by the FCA, to ensure their conduct is monitored and controlled.

FCA authorised firms must safeguard your business’s money by keeping it separate from company funds, so if a firm goes bust, you’re more likely to get your money back. However, you won’t be covered by the Financial Services Compensation Scheme. This means that if the firm you choose to transact with fails and can’t pay, you’re unlikely to get your money back.

Are they registered with HMRC under the Money Laundering Regulations?

Keeping your business’s reputation intact will always be a top priority. To achieve this, you must work with reputable companies. Especially when it comes to facilitating your international payment requirements – no matter how large or small.

Any business that “transmits money, or any representation of money” must register with Her Majesty’s Revenue and Customs (HMRC) under the Money Laundering Regulations. Under HMRC supervision for anti-money laundering purposes, businesses are subject to fit and proper and approval requirements, as well as annual audits. These provisions examine whether a business’s beneficial owners and senior management are appropriate people to undertake those roles. They must pass the relevant test before the business can register, and remain registered, with HMRC.

Do they conduct the necessary KYC checks?

Any business that’s covered by the Money Laundering Regulations must meet certain day-to-day responsibilities. These include implementing customer due diligence measures and on-going monitoring to check that the people they transact with are who they say they are and risk assessing their business. Referred to as Know Your Customer (KYC) checks, they help protect against fraud, money laundering, bribery, human rights violations and other forms of corruption and crime.

Do they offer SSL payments?

Cybersecurity is a major concern for any business that makes online payments. Around a third of UK businesses fell victim to cybercrime in 2018, costing them £17 billion in damaged assets, financial penalties and downtime.

Provide a valuable layer of protection in your business’s fight against cybercrime by ensuring your international payment provider offers Secure Sockets Layer (SSL) payments. SSL is a protocol that encrypts transactions between a client application (a browser) and the provider’s platform. SSL prevents sensitive data, such as credit card details, from being compromised by making them private and confidential over the internet.

Do they fulfil their GDPR obligations?

Data protection covers the fair and proper use of information about people. It’s about recognising their right to have control over their own identity and their interactions with others. By maintaining this fundamental right to privacy, it’s possible to build trust between people and organisations.

The UK data protection regime is set out in the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) – which also forms part of UK law through the DPA 2018. All international payment providers must comply with the legislation because they process personal data.

Read their privacy policy

All reputable international payment providers will have a privacy policy on their website. This explains how they collect, use, share and transfer your personal data when you use their services.


RationalFX has its bases covered when it comes to safeguarding your money and data:

  • We’re authorised by the FCA for the Provision of Payment Services under the Payment Services Regulations 2017.
  • We’re registered with HMRC as a Money Service Business under the Money Laundering Regulations 2017.
  • We conduct thorough due diligence checks on all new clients.
  • We are registered with the Information Commissioner’s Office under the Data Protection Act 2018 and fully compliant with GDPR.
  • We segregate your funds in a safeguarding account.
  • Our server uses a secure web site protocol aka SSL.
  • We have a comprehensive privacy policy


Why choose RationalFX?

Based in the heart of London’s financial district Canary Wharf, RationalFX has traded over $10billion in currencies across the globe. Take advantage of our competitive exchange rates, market expertise, suite of FX products and online payment platform when you make bank to bank transfers in over 50 currencies worldwide.

Whatever your reason for making overseas payments, we’re confident our currency specialists can save you time and money while providing peace of mind. Call our team now on: +44 20 7220 8181