Compliance

Built for compliance.
Designed for scale.

Security and compliance aren't an afterthought β€” they're the foundation. Every feature ships with compliance built in.

Certifications & attestations

PCI DSS Level 1

The highest level of PCI compliance. All cardholder data is encrypted at rest and in transit. Annual QSA audit. Merchants using hosted checkout qualify for SAQ-A.

SOC 2 Type II

Annual independent audit of our security, availability, and confidentiality controls. Report available to customers under NDA.

GDPR

Full compliance with EU GDPR. Data residency options in EU regions. Data Processing Agreements available for all customers. Right to erasure supported.

ISO 27001

Internationally recognised standard for information security management. Our ISMS is certified by an accredited certification body.

AML Screened

Every transaction is screened against OFAC, UN, EU, and UK sanctions lists in real time. Suspicious activity reporting (SAR) and audit trails included.

KYC Verified

Identity verification for all merchants and relevant end-users. Automated document checks, liveness detection, and ongoing monitoring.

Data residency

Choose where your data lives. We support four primary regions.

πŸ‡ΊπŸ‡Έ

United States

  • AWS us-east-1 primary
  • SOC 2 & PCI DSS
  • CCPA compliant

πŸ‡ͺπŸ‡Ί

European Union

  • AWS eu-west-1
  • GDPR data residency
  • Standard Contractual Clauses

πŸ‡¬πŸ‡§

United Kingdom

  • AWS eu-west-2
  • FCA aligned controls
  • UK GDPR compliant

πŸ‡³πŸ‡¬

Nigeria

  • AWS af-south-1
  • NDPR compliant
  • CBN guidelines aligned

Security by default

AES-256 encryption at rest on all cardholder data

TLS 1.3 for all data in transit

Tokenisation β€” raw PANs never stored after authorisation

Annual penetration testing by accredited third party

Bug bounty programme via HackerOne

WAF and DDoS protection on all endpoints

Immutable audit logs for all admin actions

99.99% uptime SLA with automatic failover

Full security overview
Ready to Orchestrate

Unify your providers.
Scale with confidence.

Join thousands of businesses using Orchestrate to power their payment flows. Get up and running in minutes, not months.

Get started free Talk to sales
No credit card required PCI DSS compliant 99.9% uptime SLA