Platform Security

How REXE protects your transaction

REXE is not a technology company that happens to handle money. It's a regulated entity that uses technology to make the regulated parts work better. The protections below are structural, not policy.

🏛️

Regulated escrow

REXE operates under licence from Fidusol Ltd (HE 394047), a Licensed Administrative Service Provider regulated by the Cyprus Bar Association. Client funds are held in safeguarded escrow accounts — separate from REXE's operating accounts and protected against REXE's own insolvency.

🔐

Identity verification

All parties are verified via Idenfy — a liveness check and document verification system. PEP and sanctions screening runs automatically at onboarding and is re-run against adverse event triggers. KYC records are retained per CBA AML Directive requirements.

📡

No email payment instructions

Payment instructions are generated exclusively within the REXE platform. No bank details are ever transmitted by email. There is no email address to spoof, no instructions to intercept, and no redirection attack possible through conventional BEC methods.

🔒

Immutable audit trail

Every action — approval, rejection, document submission, fund movement — is logged with approver identity and timestamp. The log cannot be modified. It is exportable as a PDF by all authorised parties and available as evidence in any dispute or PI claim.

🔍

Title monitoring

REXE monitors DLS title activity between contract and completion. If a new caveat, mortgage, or encumbrance registers after the transaction workspace opens, all parties receive an alert before any funds are released.

🛡️

Conflict detection

REXE flags when the same solicitor represents both buyer and seller. Dual representation is disclosed to all parties before any milestone is advanced. REXE does not prevent dual representation — that is a professional responsibility matter — but makes it visible.

Compliance & certifications

Building to the highest data and security standards

REXE is currently undergoing formal certification across the leading data-protection and information-security frameworks. The programmes below are actively in progress as part of REXE's compliance roadmap. Certification evidence will be published here on completion and is available on request in the interim.

GDPR logo
In progress

GDPR

EU General Data Protection Regulation — data-protection compliance programme.

SOC 2 Type II logo
In progress

SOC 2 Type II

AICPA Service Organization Control — security, availability & confidentiality controls.

ISO/IEC 27001 logo
In progress

ISO/IEC 27001

International standard for information security management systems (ISMS).

Regulatory summary
EntityFidusol Ltd (HE 394047)
PlatformREXE
Licence typeLicensed Administrative Service Provider
RegulatorCyprus Bar Association
Client fundsSafeguarded escrow accounts
Settlement providerTier 1 EU Banks
AML frameworkCBA AML Directive
KYC providerIdenfy