Moss guarantees business continuity by safeguarding your funds under regulated supervision.
Keeping your data safe
Moss prioritises privacy-first practices, protecting sensitive data and upholding GDPR compliance.
Making compliance simple
Operate with confidence knowing Moss meets all legal and regulatory requirements for financial security.
Trusted by finance teams at Europe's leading companies
1.
Trusted standards and security
Built to meet both local and global standards
Moss operates under the highest industry standards and regulations. From regulatory compliance to operational security, Moss ensures your funds and data are always protected.
Regulated financial institution under PSD2 framework
ISO/IEC 27001:2022 certified
2.
Protect every transaction, every time
Security features built into every step
Advanced security protects account access, task approvals, and payments.
Multi-factor authentication: Extra layer of login security
Biometrics: Access and approval verification
4-Eyes Principle: Multi-level approvals for sensitive actions
SSO for organisation-wide access management
3.
Trusted global partnerships
Strength through strategic partners
Moss collaborates with world-class partners for secure financial operations.
Barclays and Bank of England secure UK funds
Deutsche Bank safeguards EU funds
4.
Data security and privacy
Privacy-first data protection
GDPR and privacy-first practices safeguard your data and ensure transparency.
GDPR compliance ensures EU and UK data security
Regular independent security tests and audits, including monitoring by Ubiscore
“Moss has delivered above and beyond our expectations. It’s brilliant, intuitive, and simple to use. The flexibility, receipt capture and card type options are unbelievable.”
Jack H., Head of Finance, AVM Solutions
"The approval process became more efficient, providing visibility and reducing manual intervention in every transaction. The Moss platform offers the tools they need to manage expenses effectively and implement spend controls, authorisations, and limits, all in one place."
Sophie Gilchriest, Finance Director at Pizza Pilgrims
“Moss gives us peace of mind that everything is tracked and managed in a way that makes sense. Now we can spend more time helping our clients to achieve their goals and less time processing transactions and monitoring spend.”
Ife Odubela, Head Of Technology, Venture Beyond
“We finally found a solution that fits the exact needs of our rapidly growing e-commerce concern. Without Moss, we’d need at least two or perhaps even three people scanning and submitting receipts all day.”
Rehan Choudhry, Team Lead Finance, Snocks
“Having expenses, cards, and invoices all in one place has made it more efficient instead of using 3-4 different softwares. We’ve had an uptick in receipts actually being uploaded because it’s so easy to use.”
Tori Griffith, Finance Controller, Florence
"Moss has saved us money through the visibility it has provided us - we have reduced our subscription spend by around £8k, as well as cancelling as many as 10 of the smaller subscriptions and removing seats from others that weren’t in use anymore."
Katy Hazley, Management Accountant, Orderly
Pay as you grow
Our pricing model is unique—just like your business. Design your ideal package: start with a base like Corporate Cards, Employee Reimbursements, or Accounts Payable, enhance with add-ons like Advanced Accounting or ERP integrations, and upgrade to an integrated suite when you're ready.
Moss protects data through industry-leading encryption protocols (TLS 1.2+ for data in transit and AES-256 for data at rest), strict access controls, and secure hosting exclusively on Google Cloud Platform (GCP) in Frankfurt, Germany. Continuous monitoring and regular audits further ensure the confidentiality, integrity, and availability of data.
What measures are in place to ensure business continuity?
Moss has a robust Business Continuity Plan (BCP) that includes infrastructure redundancy, regular backups, and disaster recovery strategies. These measures ensure the uninterrupted operation of services and swift recovery from unexpected disruptions.
How does Moss respond to security incidents?
Moss follows a comprehensive Incident Response Plan, which includes early detection, containment, resolution, and post-incident reviews. These processes are designed to address threats quickly while continuously improving our response capabilities.
How does Moss ensure vendor security?
Moss conducts rigorous due diligence and regular security assessments for all third-party vendors. High-risk vendors undergo additional scrutiny to ensure compliance with our stringent security and regulatory standards.
What security training do Moss employees receive?
All Moss employees complete regular security awareness training, including phishing simulations, to stay informed about the latest threats and best practices.
How does Moss encrypt data?
Moss uses Transport Layer Security (TLS 1.2 or higher) to encrypt data in transit and AES-256 encryption for data at rest. These measures protect data from unauthorised access and ensure secure communication and storage.
Where is customer data hosted?
Customer data is hosted exclusively in the European Union on Google Cloud Platform (GCP), with Frankfurt, Germany, as the sole data processing region. This ensures compliance with GDPR and other EU regulations. See our security whitepaper for more details.
How does Moss manage data backups?
Moss performs incremental backups daily and full backups weekly, securely stored on Google Cloud Platform (GCP). These measures ensure rapid recovery in case of data loss or disruption.
What should I do if I suspect a security issue with Moss?
If you’ve identified a potential security vulnerability, please report it through this form. We appreciate responsible disclosure.