Encryption
Encryption of data in transit and at rest.
Security & Compliance
Regulated. Supervised. Held separately.
Security isn't an add-on at Tantum — it's the foundation. As a supervised e-money institution we combine regulatory standards with technical protection at every level.
Regulation & supervision
Supervised by the FMA
Tantum AG is an authorised e-money institution in Liechtenstein, supervised by the Financial Market Authority (FMA). Through EEA passporting under the Second E-Money Directive (EMD2), Tantum provides its services across the entire European Economic Area. We follow the relevant guidelines of the European Banking Authority (EBA).
Safeguarding your funds
Held separately at tier-1 banks
Client funds are held separately at tier-1 banks in the European Economic Area — strictly separated from the institution's own assets and never lent out. These are e-money accounts; the funds are not deposits and are not covered by a deposit guarantee scheme, but remain fully available to you at all times.
Separated holding
Strictly separated from the institution's assets.
Tier-1 banks in the EEA
Never lent out.
Available at all times
Your funds remain fully available to you.
Data & prevention
Responsible with data and risk
Data protection
We process personal data sparingly, for defined purposes and transparently — following the Privacy-by-Design principle. Processing takes place on the basis of the GDPR and further regulatory requirements applicable to our services.
Anti-money laundering
As a regulated institution, preventing money laundering and terrorist financing is an integral part of our processes. On the basis of the Due Diligence Act (SPG) we review customers and transactions on a risk basis — automated checks and monitoring mechanisms support our compliance functions in making a risk-based assessment.
Technical security
Technical protection at every level
Strong authentication
Strong customer authentication (SCA) and two-factor authentication via the Tantum app (PIN, Touch ID, Face ID).
Monitoring & incident processes
Continuous system monitoring and established processes for handling incidents.
Device binding
Each user account is linked to the personal device.
Would you like to learn more about our security and compliance standards?
Our team answers your questions about regulation, data protection, anti-money laundering and client-funds safeguarding.