FinGoal Serves Trusted Financial Brands
FinGoal analyzes account holder credit and debit card spending in order to best understand each user at an individual level and match them with automated insights, advice, and recommendations to optimize their daily spending. Additionally, FinGoal can use this understanding of the user to help their financial institution (”FI”) better serve the user.
Either directly from the FI or an integrated technology partner, FinGoal is sent feeds of anonymized transactions from financial accounts (e.g. checking and credit card accounts). At no point does FinGoal ever transmit or hold a customer’s account numbers or password. FinGoal does not hold money for customers.
Although FinGoal never touches a user’s most financial sensitive information (e.g. SSN or card numbers), we do hold something equally important: their trust. As a white-labeled solution serving trusted financial brands, FinGoal must act with great care and stewardship over the entire data and experience flow.
In the interest of transparency, FinGoal makes our policies, controls, and architecture public. Security by obscurity has no place in modern financial services.
Table of Contents
INTRODUCTION page 4 ACCESS CONTROL POLICY page 5 CHANGE MANAGEMENT POLICY page 9 CORRECTIVE ACTION POLICY page 14 ETHICS & ANTI-CORRUPTION POLICY page 15 GOVERNMENT DATA REQUEST POLICY page 22 INCIDENT MANAGEMENT POLICY page 23 MONITORING POLICY page 27 NETWORK AND SYSTEM SECURITY POLICY page 28 INFORMATION SECURITY POLICY page 30 PANDEMIC RESPONSE PLANNING POLICY page 31 PEOPLE SECURITY POLICY page 34 PHYSICAL SECURITY POLICY page 35 PRIVACY IMPACT ASSESSMENT POLICY page 36 RISK MANAGEMENT POLICY page 39 SECURITY ORGANIZATION AND MANAGEMENT POLICY page 40 VENDOR MANAGEMENT POLICY page 41 VULNERABILITY MANAGEMENT POLICY page 43 CHANGE CONTROL page 48