Security & Certifications

OUR TECHNOLOGY

CERTIFICATIONS & AWARDS
Move beyond the limitations of conventional distribution methods

Firstance has always recognized the importance of certifying its processes, ensuring all stakeholders that work with the company the commitment to service quality and security—two key aspects the market consistently associates with the brand.
At the beginning of 2019, certifications for both ISO 9001:2015 and ISO/IEC 27001:2013 were granted by an external certification authority.
Since then, annual reviews have been conducted by the certification authority. These activities have been instrumental in continuously improving our focus, especially considering the steady growth of our business and managed processes

ISO 9001:2015

ISO 9001:2015

Defines the requirements of a quality management system for an organization that intends to plan, implement, monitor, and improve its operational and support processes, using the quality management system as a means to achieve its objectives

ISO/IEC 27001:2013

ISO/IEC 27001:2013

It defines the requirements of an information security management system, providing not only a standard for information security, but also for logical, physical/environmental and organisational security

AWS Invited Speaker

AWS Invited Speaker

Firstance was selected at AWS 2023 in Milan in the Digital Financial Services section to discuss about its journey to API-driven serverless microservices for Digital Financial Services

OUR TECHNOLOGY

SECURITY
FA's goal is to maintain a failsafe system that requires no remediation

Recurring audits are conducted annually with the support of an external security provider. These audits include:

  • Architecture and Infrastructure: Review and certification of AWS systems configuration.
  • Service Platform: Vulnerability assessment and source code review.

FA’s goal is to maintain a failsafe system that requires no remediation. The web platform adheres to the highest security standards, ensuring full data encryption, high reliability, resource availability, and scalability. All data is stored within the EU, in compliance with current GDPR regulations.

Firstance’s internal IT policy mandates that a complete Vulnerability Assessment (VA) and Penetration Test (PT) be performed on the applications by an external security provider at least once a year or with any major platform release. This policy has been strengthened due to the extensive use of cloud services, including a security review of the cloud account to ensure it meets the highest market standards. The most recent VA/PT and AWS account review were completed in July 2024. The next reviews are scheduled for August 2025 (standard yearly review) and January 2026 (review planned due to platform frontend re-engineering)

0+ bn €

Assets managed by the platform

0+

Clients

0+

Business partners

0

Jurisdictions Covered

0

Locations

0+

Employees

0+

Different nationalities

0+

Languages spoken

We are the Leading European Wealth Tech Platform for Private Insurance