Skip to main content

Security & Compliance

ChariBaaS operates under the highest regulatory and security standards in Morocco's financial ecosystem.

Certifications & Licenses

Bank Al-Maghrib License

Chari Money SA is a fully licensed payment institution regulated by Bank Al-Maghrib, Morocco's central bank. This license authorizes us to provide payment services, issue electronic money, and operate agent networks.

PCI DSS Certified

Our payment infrastructure meets the Payment Card Industry Data Security Standard (PCI DSS), the global benchmark for securing cardholder data. All card transactions are processed in a certified environment.

3D Secure Compliant

All online card payments are protected by 3D Secure authentication, adding an extra layer of verification to prevent fraud and unauthorized transactions.

Data Protection

Client data is protected following industry best practices: encryption at rest and in transit, strict access controls, and compliance with Moroccan data protection regulations (Loi 09-08).

Security Measures

End-to-End Encryption

All sensitive data is encrypted using TLS 1.3 in transit and AES-256 at rest. API communications are secured with mutual TLS authentication.

24/7 Monitoring

Real-time monitoring of all systems and transactions with automated anomaly detection and alerting for suspicious activity.

Role-Based Access Control

Strict RBAC policies ensure that only authorized personnel can access sensitive systems and data, with multi-factor authentication enforced.

Complete Audit Trail

Every action and transaction is logged with immutable audit trails, enabling full traceability and regulatory reporting.

Incident Response

Dedicated security incident response procedures with defined escalation paths, ensuring rapid containment and resolution of any security event.

Business Continuity

Redundant infrastructure with automated failover, regular disaster recovery testing, and 99.99% uptime SLA to ensure uninterrupted service.

Regulatory Framework

ChariBaaS operates within Morocco's regulatory framework for payment institutions. We maintain ongoing compliance with Bank Al-Maghrib directives, AML/CFT regulations, and reporting requirements. Our compliance team continuously monitors regulatory changes to ensure our platform and partners remain fully compliant.