Obsession for security

AmFi is a pioneer in the Brazilian capital market and has developed a platform that brings together service providers and global investors, providing an infrastructure for blockchain-based financial products, including anticipation of receivables and structured operations.

Our goal is to bring innovation to the financial market while applying the highest standards of security and efficiency to protect the company and its users from violations of laws and regulations, as well as issues related to ethics, image, and sensitive information.

AmFi recognizes that security, governance and compliance are critical to ensuring that the platform and its operations comply with applicable laws, regulations and internal policies. Therefore, fostering an ethical and transparent culture is a sine qua non for the company's success. This includes encouraging employees, customers and partners to report issues or concerns and to support the market as a whole in its development.

State-of-the-art security

• The AmFi Platform was developed entirely by AmFi partners and staff and includes a complete and proprietary software system, system integrations, and business rules designed specifically for AmFi's core operations. One of the main tasks of the development team was to automate most of the processes and make them as little dependent on human intervention as possible to minimize the risk of manual errors or incorrect use of the Platform.

• The system's back-office interface has permission control so that each internal AmFi user ("AmFi Operator") has access only to the actions required for their function, with access control, activity log, and audit of actions performed, including information edited, modified, replicated, and/or canceled.

• No Employee, Partner or Related Party has full access to keys, passwords and/or access passwords used by the AmFi Platform systems to communicate with the blockchain. These keys are used exclusively by the system to perform automated functions.

• All of these keys are protected by multiple layers of encryption. Each is encrypted with passwords from three different sources and then split into parts that are stored in topologically isolated infrastructures with disk encryption.

• Communication between the different parts of the system is ensured through the simultaneous use of cryptography and several sophisticated and highly secure software development techniques, including: Handshake between internal services and third-party services, RSA key pairs, and communication via SSL, in addition to firewalls and isolation of subnets to prevent any outside access.

• All logins and User information, including AmFi's internal Users, are stored in an audit log.

• All executed writing operations are stored in an audit log with information on which User executed them.