Your assets,
fully protected
Industry-leading security infrastructure with $100M insurance coverage. Your funds are protected by the same standards used by global banks.
Industry-leading security infrastructure with $100M insurance coverage. Your funds are protected by the same standards used by global banks.
Six independent layers of protection working together to keep your assets safe
Multi-factor authentication using Face ID, Touch ID, and hardware security keys.
98% of all digital assets are held in offline, geographically distributed cold storage vaults.
All sensitive data is protected with AES-256 encryption at rest and TLS 1.3 in transit.
Comprehensive identity verification and anti-money laundering procedures.
Independent third-party security firms conduct quarterly penetration tests.
Fully licensed and regulated across multiple jurisdictions.
Full coverage on all custodial digital assets
All digital assets held in our custody are insured through a comprehensive policy with Lloyd's of London, the world's leading insurance marketplace. This coverage protects against theft, hacking, and operational errors.
Lloyd's of London syndicate led by Marketform, one of the most trusted names in specialty insurance since 1888.
Up to $50 million in coverage for assets held in hot wallets for operational liquidity.
Up to $50 million in coverage for assets held in offline cold storage vaults.
Theft by employees, hacking attacks, insider threats, and operational errors.
Important: Insurance does not cover losses due to user error (lost passwords, sending to wrong address, falling for phishing scams, etc.). Always enable 2FA and use strong passwords.
Enterprise-grade technical infrastructure protecting your data and assets
Our infrastructure is hosted on enterprise-grade cloud providers with geographically distributed data centers. We maintain 99.99% uptime SLA through multi-region redundancy and automatic failover.
All sensitive data is encrypted both at rest and in transit using industry-leading cryptographic standards.
Strict internal controls and procedures protect against insider threats
Role-based access control (RBAC) with principle of least privilege. All access is logged and monitored.
Security Operations Center (SOC) monitors all systems 24/7. Automated alerts notify our team of any suspicious activity.
All employees undergo thorough background checks. Access to sensitive systems requires multiple approvals.
All team members complete mandatory security awareness training and secure coding practices.
Documented incident response procedures with defined roles. Regular drills ensure our team is prepared.
Internal and external security audits conducted quarterly. Independent firms verify our security posture.
Independently verified security and compliance standards
Security, availability
Certified 2024
Info security mgmt
Certified 2023
Payment card standard
Certified 2024
EU data protection
Compliant
Crypto security
Certified
Cloud security
Level 2
Travel rule
Compliant
AML standards
Member
Security is a shared responsibility. Follow these best practices
Create a password with at least 12 characters including uppercase, lowercase, numbers, and symbols. Use a password manager.
Always enable 2FA using an authenticator app rather than SMS. Hardware security keys provide the highest level of protection.
Always verify the URL before entering your credentials. MonxoBank will never ask for your password via email or phone.
We send email confirmations for all important account activities. Report any suspicious activity immediately.
Avoid accessing your account on public Wi-Fi. Use a VPN when traveling. Always log out on shared devices.
Review your transaction history and account activity. Set up alerts for logins and transactions.
How we communicate security incidents and updates
In the event of a security incident that may affect our users, we are committed to:
Found a vulnerability? Report it through our bug bounty program. Suspect unauthorized access? Contact our security team immediately.