Qonto holds an ISO 27001 certification for its e-invoicing solution, in accordance with the requirements of DGFIP. Our servers are hosted on ISO 27001 certified platforms, including AWS and Outscale. Additionally, Outscale is SecNumCloud certified to enhance the security of our services.
The ISO 27001 certification allows companies to demonstrate their security level. However, as a payment institution regulated by the ACPR, Qonto is already subject to various equally strict security requirements which are regularly monitored by the ACPR:
-
Decree of 3 November 2014 and notice on IT risk management of 7 July 2021 published by the ACPR,
-
Compliance with PCI DSS security rules
-
Digital Operational Resilience Act (DORA) Regulation 2022/2554, which will enter into force in 2025.