Share

Compliance

What is Compliance?

Acting in compliance involves knowing the rules issued by regulators and adhering to them. For all Treezor employees to act in compliance, these rules must be clearly expressed, and each individual must be sensitized and trained. The rules aim to ensure transparency in Treezor’s relationship with its clients and partners, as well as its integrity.

Compliance within Treezor

Treezor’s activities are conducted in strict compliance with regulatory obligations regarding payment institutions and electronic money institutions.

In particular, Treezor focuses on:

  • Collecting all required information as part of customer knowledge (KYC: Know Your Customer) to meet regulatory requirements while preserving customer satisfaction;
  • Working with clients and partners whose practices comply with international standards and rules for combating money laundering and terrorism financing;
  • Strictly adhering to international embargo and financial sanction rules;
  • Protecting customer interests by offering suitable products and services;
  • Respecting the data protection of its customers and employees;
  • Conducting necessary checks and declarations;
  • Preventing and managing conflicts of interest;
  • Combating corruption, fostering a culture of compliance among its employees, and ensuring the exercise of whistleblowing rights;
  • Applying all rules to ensure tax transparency;
  • Managing risks of serious environmental and human rights violations associated with its activities and ensuring compliance with voluntary commitments in terms of CSR (Corporate Social Responsibility).

Compliance priorities

Compliance ensures:

  • Compliance with laws, regulations, and specific ethical principles related to the provision of payment services and electronic money, as well as adherence to good conduct rules and personal ethics of Treezor employees;
  •  Awareness-raising and training of all stakeholders on preventing non-compliance and reputation risks.

The action of compliance is at the core of our business and ambitions, relying on the trust of our clients and exemplified by the Code of Conduct of the Société Générale Group.

The main risks related to compliance

1. KYC (Know Your Customer)

KYC encompasses all the obligations of financial entities with regard to knowing their customers. It involves identifying the customer, gaining an overall understanding of their characteristics (activity, source of funds, etc.), updating this information and exercising appropriate vigilance.

2. Combating money laundering and the financing of terrorism

The mission of Compliance is to prevent the operational risks associated with money laundering and the financing of terrorism. It coordinates the daily efforts against these risks and provides ongoing training for all employees.

3. Embargoes – International sanctions

Compliance with sanctions is an increasingly important and complex issue, which can generate significant operational risks and requires an international approach. Trade embargoes and economic sanctions are strictly observed.

4. Customer protection

Treezor pays particular attention to this major issue by implementing strong training and awareness-raising actions for its employees, by developing its tools and by strengthening the internal rules concerning the handling of customer complaints.

5. Anti-corruption

Treezor promotes the strict principles described in the Societe Generale Group Code of Conduct and complies with the strictest regulations in this area.

6. Prevention of tax evasion

Treezor has implemented control measures to ensure compliance with local laws and regulations. Treezor acts in accordance with tax transparency requirements and applies the Common Reporting Standard (CRS) to its entities. The same applies to the US Foreign Account Tax Compliance Act (FATCA), which aims to combat tax evasion schemes.

7. Outsourcing management

Treezor supervises and monitors the compliance of its service providers by applying the regulations in force on outsourcing, in particular:

  • Decree of 03/11/2014 & decree of June 2021 (transposition of EBA – PSE guidelines).
  • DORA (Digital Operational Resilience Act) for digital resilience.
  • GDPR for data protection.

This regulatory framework ensures rigorous management of contracts, risks and operational monitoring of service providers.

8. Business Continuity Plan

In the event of an emergency, Treezor monitors and ensures the resilience of its activities thanks to a business continuity plan designed to protect and quickly restore its operations, both on its own system and on those of its subcontractors. This plan includes specific measures to guarantee the availability, integrity and security of internal infrastructures as well as services provided by its partners.

9. Data protection

Sensitive to the protection of personal data, Treezor regularly strengthens its protective measures and has set up a specialised department. Since the entry into force of the European General Data Protection Regulation in 2018 (GDPR), Treezor has expanded its measures, applying the requirements of national and European regulations, particularly with regard to security, the use of personal data and the implementation of the rights of data subjects.

For more details, you can consult the Privacy Policy at the following address.

For any request for information relating to the processing of personal data by Treezor, you can write to the following address: dpo@treezor.com

10. Digital compliance

In a constantly evolving digital environment, the Digital Compliance system aims to verify Treezor’s eligibility for regulations and apply the identified requirements.

Treezor identifies and deploys the following regulations:

  • Data Management (Data Act);
  • Public data (Data Governance Act);
  • Digital services (Digital Services Act);
  • Digital marketing (Data Marketing Act);
  • Artificial Intelligence (AI Act).

11. Social and environmental responsibility

Committed to a responsible approach, Treezor integrates the environmental and social requirements of the Société Générale Group while respecting regulatory obligations.

Treezor ensures that in each of its activities, its employees, as well as its subcontractors or suppliers, act in accordance with Treezor’s environmental and social obligations and commitments to ensure a responsible and sustainable economy.

To find out more about Treezor’s social and environmental commitments, please visit the following page.

Compliance and whistleblowing channel

Treezor S.A.S, as a subsidiary of the Societe Generale group, benefits from the alert collection and processing system set up by the Group. This new system, which complies with the obligations defined by Directive 2019/1937- the EU Whistleblowing Directive – offers the possibility of reporting any activity considered to be serious or not in compliance with the rules governing the conduct of the Group’s activities. The whistle-blowing tool is based on a secure external platform that guarantees the protection of personal data and strict confidentiality of information. 

The whistleblower may report anonymously (without giving his/her name), although he/she should generally identify him/herself if possible and the Company will protect his/her identity. It is accessible in several languages and is open to Societe Generale and Treezor employees, as well as to external and temporary staff and lastly to service providers with whom the Group and Treezor have an established commercial relationship (subcontractors or suppliers).

Discover the Whistleblowing tool