Contact Us
Book a Demo

SQR Achieves ISO/IEC 27001 Certification: A milestone in our commitment to data security

We’re thrilled to announce that SQR has officially passed its ISO/IEC 27001 audit and is now certified. This accreditation, awarded through BSI via DIATF, reflects SQR's longstanding commitment to information security.
SQR achieves ISO/IEC 27001 certification

From inception, we have operated with a robust Information Security Management System (ISMS), and this certification validates our dedication to providing clients with the most secure solutions possible. Our adherence to the rigorous requirements of the ISO/IEC 27001 standard demonstrates our unwavering commitment to our approach and security standards.

ISO/IEC 27001 is the international standard for Information Security Management Systems (ISMS), and provides a globally recognised framework for managing and protecting sensitive data through a risk-based, systematic approach. Achieving ISO 27001 certification means that an independent, external auditor BSI has verified that SQR has implemented a robust ISMS that meets the standard’s requirements. This involves a comprehensive assessment of our security policies, procedures, risk management processes, and technical controls.

What Does ISO 27001 Certification Mean for SQR?

Becoming ISO27001 certified signals that we’re ready for scale, for global partnerships, and for solving complex digital identity challenges in a secure, compliant, and forward-thinking way. It further demonstrates that SQR:

  • Identifies and manages information security risks: The certification process requires organisations to conduct thorough risk assessments and implement appropriate controls to mitigate those risks.
  • Protects sensitive data: ISO 27001 helps organisations protect their data from unauthorised access, disclosure, alteration, and destruction.
  • Complies with regulations: The standard aligns with various legal and regulatory requirements related to data protection and privacy.
  • Builds trust with clients and partners: Certification provides assurance to clients and partners that an organisation takes information security seriously.
  • Improves business processes: Implementing an ISMS often leads to improved efficiency and effectiveness in managing information.

Shelley Langan-Newton, SQR’s CEO said: “Trust is at the heart of what we do at SQR. Whether we’re enabling government, fintechs, or partners in highly regulated industries, data protection isn’t optional, it’s essential. In a world where data integrity underpins trust, ISO 27001 is a recognised framework that enables us to protect what matters most – our clients’ data, their confidence, and ultimately, their success.”

Securing ISO 27001 certification is a major achievement, and we’re proud to have achieved this milestone. This globally recognised standard demonstrates to our clients and partners that we prioritise the security of their data and our systems, significantly enhancing our credibility. With this certification, we are excited to pursue new business opportunities and expand our reach, particularly within regulated sectors where ISO 27001 is often a prerequisite.

Mark Rodman, our Chief Technology and Security Officer said: “Our ISMS is not just a tick-box project, but a continuous process. ISO 27001 provides a framework for us to continually improve our security practices and adapt to evolving threats. I am incredibly proud of this achievement and grateful to our team for their hard work and dedication. We are committed to maintaining our ISMS and continuing to prioritise information security in everything we do.”

As SQR continues to grow, innovate, and support regulated industries, this certification reinforces our promise: To protect what matters most: trust, identity, and your data.

Visit our website www.sqr.id to learn more about our approach to security, or how SQR supports compliance in regulated industries.

In this case study, we explore how digital identity verification can successfully address key challenges, demonstrating its impact in transforming public sector processes.

Solving Public Sector Pain Points: 

The need for independent validation of corporate ownership data has never been more pressing. As countries around the world intensify efforts to combat money laundering, tax evasion and financial crimes, understanding Ultimate Beneficial Ownership (UBO) has become a key global priority. Findings by the International Financial Accountability, Transparency and Integrity (FACTI Panel) estimates;

  • $500 billion losses to governments each year from profit-shifting enterprises;
  • $7 trillion in private wealth hidden in haven countries, with 10% of world GDP held offshore;
  • Money laundering of around $1.6 trillion per year, or 2.7% of global GDP.

One of the most effective tools in this battle is the beneficial ownership registry, but ensuring the accuracy and integrity of the information held within often presents a challenge. Certified digital identity solutions could provide the answer. 

What is a Beneficial Ownership Registry?

A beneficial ownership registry is a database that records the individuals who have significant control over, or who stand to benefit from, a legal entity such as a company or trust. The goal is to bring transparency to the ownership structure of companies, making it harder for criminals to hide behind complex corporate arrangements.

According to the Financial Action Task Force (FATF), the global authority on anti-money laundering and combating the financing of terrorism, a UBO is “the natural person(s) who ultimately owns or controls a customer or the natural person on whose behalf a transaction is being conducted.” This definition extends to those who exercise ultimate control over a legal entity, typically individuals who directly or indirectly own more than 25% of a company’s shares or voting rights.

The Challenges of UBO Disclosure

Identifying UBOs is not always straightforward. Ownership can be deliberately obscured through layered holding structures, spread across multiple jurisdictions with differing disclosure rules. This creates a significant challenge for authorities and regulators trying to track the real beneficiaries of a company. The International Monetary Fund (IMF) emphasised this critical risk in their 2022 whitepaper ‘A guide to Beneficial Ownership Transparency’, noting that countries should have mechanisms to ensure the accuracy of the data submitted.

FATF defines accuracy in the context of beneficial ownership information as having been “verified to confirm its accuracy by checking the identity and status of the beneficial owner using reliable, independently sourced or obtained documents, data, or information.” Given the complexities involved, independent validation of beneficial ownership data is critical. Without robust mechanisms, beneficial ownership registries run the risk of being inaccurate or incomplete, which leaves the system vulnerable to financial crime.

A Leading Example

One country that has made significant strides in beneficial ownership verification is Denmark. The Danish system integrates digital identity tools such as ‘MitID’ – a government-issued digital ID – with its beneficial ownership registry. MitID connects to an individual’s civil registration number, as well as their address in the Danish Address Register, enabling authorities to automatically cross-check all of the information submitted against trusted databases. This reduces the risk of both unintentional errors and fraud, ensuring a higher level of data accuracy.

However, while Denmark’s approach provides a model initiative in respect of the country’s resident beneficial owners, it does have limitations. Non-residents are ineligible for a MitID, necessitating an additional identity verification process for this group of beneficial owners. This adds complexity and relies on more traditional, less streamlined methods. 

Fostering an Inclusive Cross-Border Approach

Countries and jurisdictions without government-issued digital identity systems, or with foreign national UBOs, are increasingly turning to private sector digital identity solutions to validate their data. It is crucial however, that only digital identity providers certified to a recognised government standard – such as DIATF in the UK or eIDAS in the EU – are onboarded. This ensures that the verification process meets stringent regulatory and security benchmarks, providing a high level of trust and reliability. Find out how SQR’s certified digital identity solution is being leveraged in this way here.

This type of collaboration between public and private sectors fosters the creation of innovative, tailored solutions that meet the unique needs of each jurisdiction while also leveraging the advantages of reusability. For instance, individuals with a certified digital identity from an approved provider can seamlessly share their pre-verified identity information with the relevant authorities. This approach not only streamlines the verification process but also ensures adherence to stringent government standards, significantly mitigating the risk of fraud and enhancing the integrity of beneficial ownership data.

The Future of UBO Verification

Countries and jurisdictions without government-issued digital identity systems, or with foreign national UBOs, are increasingly turning to private sector digital identity solutions to validate their data. It is crucial however, that only digital identity providers certified to a recognised government standard – such as DIATF in the UK or eIDAS in the EU – are onboarded. This ensures that the verification process meets stringent regulatory and security benchmarks, providing a high level of trust and reliability. Find out how SQR’s certified digital identity solution is being leveraged in this way here.

The use of independent digital identity systems represents a crucial step forward in improving the accuracy and security of beneficial ownership databases. By fostering collaboration between governments and the private sector, countries can implement innovative, scalable solutions that address the growing demands of the global regulatory environment. Ultimately, these advances will empower authorities to better tackle financial crime, increase public trust, and enhance the integrity of beneficial ownership data worldwide.

A secure, efficient and inclusive digital identity system offers a wide range of benefits. By adopting certified digital identity solutions, governments and organisations can streamline operations, build public trust, and create a more secure and transparent digital ecosystem. 

The benefits of secure, efficient and inclusive digital identity

A certified digital identity solution provides a reliable and verifiable source of information, minimising errors often associated with manual verification processes. This is particularly crucial for company beneficial ownership data, where accuracy is paramount to ensure transparency and accountability. By verifying the legitimacy of ownership, digital identity systems ensure that only authorised individuals can access sensitive information or claim beneficial ownership. This significantly reduces fraudulent activity, protecting both individuals and organisations.

Governments around the world face stringent regulatory requirements for transparency, anti-money laundering (AML) and combating the financing of terrorism (CFT). Certified digital verification identity solutions also help meet regulatory obligations, by providing a secure and trusted method for verifying beneficial owners. Automating and standardising the identity verification process further ensures that organisations are compliant with complex regulations, whilst also reducing the risk of non-compliance penalties.

Managing large datasets manually is time-consuming and prone to errors. Thus, automating and streamlining data management and digital identity verification processes reduces administrative burdens and improves operational efficiency. This more accurate processing of ownership and identity data, in turn leads to better decision-making and resource allocation for governments and businesses. With a certified digital identity system, sensitive data related to ownership is better protected against breaches, thanks to robust encryption and authentication processes. These enhanced security measures ensure that sensitive information remains protected, and helps to maintain the integrity of ownership records.

In an increasingly interconnected world, the ability to verify identities across borders is essential for multinational organisations and cross-border transactions. Certified digital identity solutions have the ability to integrate with international databases, ensuring consistency and reliability in identity verification on a global scale. It further plays a key role in enhancing global interoperability, as they enable integration with international databases. This is crucial for verifying identities consistently across borders, supporting multinational entities and cross-border transactions.

Additionally, governments that utilise certified digital identity verification systems can strengthen public confidence by demonstrating their commitment to transparency and safeguarding ownership data integrity. Furthermore, collaboration between governments and certified identity verification service providers fosters innovation. By partnering with cybertech firms, governments leverage advanced technology to develop scalable, compliant, and secure solutions for managing beneficial ownership databases.

This synergy benefits both parties, allowing governments to implement modern solutions while enabling tech firms to design systems aligned with regulatory needs.

Rebecca Glassey, Product & Operations Manager at SQR:

“Certified digital identity solutions are the cornerstone of secure, accurate data management in the modern era. By collaborating closely with government entities, we ensure that our technology not only meets the highest regulatory standards but also delivers the scalability and security that public systems demand. It’s all about providing a seamless and trusted verification process, while reducing the risk of fraud and errors in critical government datasets like beneficial ownership registers.”

Steven Webster, Head of Strategic Partnerships at SQR:

“Our work with government agencies highlights the immense value of public-private collaboration in tackling complex challenges such as identity verification. By partnering with certified Identity Service Providers, governments can adopt cutting-edge technology that ensures transparency and security in managing beneficial ownership data. This level of cooperation fosters innovation and enables both parties to create solutions that are not only efficient but also adaptable to the evolving regulatory landscape.”

For more details on how SQR’s certified digital identity solution is being implemented in collaboration with governments, refer to this SQR article.

Ready to get started?

FAQ
Book a Demo
Contact Us
Book a Demo