Security & Compliance
ChariBaaS operates under the highest regulatory and security standards in Morocco's financial ecosystem.
Certifications & Licenses
Bank Al-Maghrib License
Chari Money SA is a fully licensed payment institution regulated by Bank Al-Maghrib, Morocco's central bank. This license authorizes us to provide payment services, issue electronic money, and operate agent networks.
PCI DSS Certified
Our payment infrastructure meets the Payment Card Industry Data Security Standard (PCI DSS), the global benchmark for securing cardholder data. All card transactions are processed in a certified environment.
3D Secure Compliant
All online card payments are protected by 3D Secure authentication, adding an extra layer of verification to prevent fraud and unauthorized transactions.
Data Protection
Client data is protected following industry best practices: encryption at rest and in transit, strict access controls, and compliance with Moroccan data protection regulations (Loi 09-08).
Security Measures
End-to-End Encryption
All sensitive data is encrypted using TLS 1.3 in transit and AES-256 at rest. API communications are secured with mutual TLS authentication.
24/7 Monitoring
Real-time monitoring of all systems and transactions with automated anomaly detection and alerting for suspicious activity.
Role-Based Access Control
Strict RBAC policies ensure that only authorized personnel can access sensitive systems and data, with multi-factor authentication enforced.
Complete Audit Trail
Every action and transaction is logged with immutable audit trails, enabling full traceability and regulatory reporting.
Incident Response
Dedicated security incident response procedures with defined escalation paths, ensuring rapid containment and resolution of any security event.
Business Continuity
Redundant infrastructure with automated failover, regular disaster recovery testing, and 99.99% uptime SLA to ensure uninterrupted service.
Regulatory Framework
ChariBaaS operates within Morocco's regulatory framework for payment institutions. We maintain ongoing compliance with Bank Al-Maghrib directives, AML/CFT regulations, and reporting requirements. Our compliance team continuously monitors regulatory changes to ensure our platform and partners remain fully compliant.