Security

Trust, encoded into every layer.

Apex operates under bank-grade security standards with zero-trust architecture, hardware security modules, and an immutable audit log of every system action — visible to you.

SOC 2

Type II audited

ISO 27001

Certified

PCI DSS

Level 1

FedRAMP

Moderate

Architecture

Defense in depth, not defense by hope.

AES-256 Encryption

All data encrypted at rest and in transit using FIPS 140-2 validated cryptography. Keys rotate every 90 days, custody held in FIPS-3 HSMs.

SOC 2 Type II

Independently audited annually by Deloitte for security, availability, processing integrity, and confidentiality.

Hardware Authentication

FIDO2 / WebAuthn for enterprise accounts. YubiKey, Touch ID, Face ID, and Windows Hello supported natively.

Immutable Audit Log

Every administrative action recorded permanently and verifiably. Exportable as cryptographically signed JSONL.

Zero-Trust Network

No implicit trust. Every request authenticated, authorized, and encrypted regardless of origin — internal or external.

Data Sovereignty

EU, UK, US, and APAC data residency. Customer data never leaves your selected jurisdiction.

Insurance

Protected up to $500M per entity.

Apex deposits are insured up to $500M per legal entity through our FDIC sweep network, spread across 30+ partner institutions. Every deposit. Every currency. Every account.

  • FDIC pass-through insurance
  • Lloyd's of London crime coverage
  • Cyber-liability up to $250M per incident

Responsible disclosure

Found a vulnerability? Our bug-bounty program pays up to $250,000 for critical issues.

security@apexinternational.io

Your funds. Your data. Your control.

Open an account