We require you to set up two-factor authentication (2-FA) when creating your account. 2-FA helps to protect your account by requiring you to enter a One-Time-Password (OTP) sent via SMS whenever you sign in from a new device or make changes to your account.
Our engineering team built and manages a secure server infrastructure that keeps your data protected. Regular whitebox and blackbox testing ensures that this multi-layered defence mechanism will not be compromised under a potential cyber attack.
To prevent unauthorised withdrawals, we will only process withdrawal requests to bank accounts from which you have previously transferred funds into your StashAway account.
Your assets are held by third parties at all times. You will transfer your money directly into a trust account with very limited access permissions from which it can only be transferred back into your personal bank account or into our broker’s custodian account for investing into your portfolio.