Finom, a European digital financial platform for small and medium-sized businesses, achieved ISO/IEC 27001:2022 Information Security Management Systems certification from BSI following an April 2025 audit of the company's information security management systems. This certification validates Finom’s comprehensive Information Security Management System (ISMS) and demonstrates the company’s commitment to meeting rigorous information security standards expected by financial regulators across Europe.

BSI, one of the world's most recognized business improvement and standards companies, conducted the comprehensive audit evaluating Finom's information security policies, procedures, and technical controls across all company operations. ISO/IEC 27001:2022 is the international standard for information security management systems, requiring organizations to implement information security measures across risk management, access control, data protection, incident response, and staff training - including over 100 security requirements.

This certification follows a multi-year implementation of Finom's Information Security Management System. The company adopted an integrated approach by embedding advanced ICT risk management practices into the implementation process to strengthen its information security framework for regulated financial environments.

This achievement places Finom alongside leading technology and financial companies that maintain ISO/IEC 27001 certification, including major cloud providers and prominent fintech organizations. The certification helps to address the increasing regulatory requirements for financial services providers across the European Union.

The certification is valid for three years, with annual surveillance audits to ensure continued compliance. This achievement supports Finom's expansion plans across the European Union, where regulatory compliance and data security are critical factors for financial services providers.