Security & Compliance
Institutional Security.
Complete Transparency.
Every technical, regulatory, and operational decision at Crest Rock Finance is made with your security as the primary consideration. Here is exactly what we do to protect you.
Security Architecture
Six layers of protection.
Your security is not a feature — it is the foundation of everything we build.
End-to-End Encryption
All data — in transit and at rest — is encrypted with AES-256. TLS 1.3 is enforced on all connections. No plaintext storage of any sensitive data.
Segregated Client Accounts
Client funds are held in ring-fenced accounts at a regulated partner bank, entirely separate from Crest Rock Finance operational funds. We cannot access your funds for company purposes.
Regulatory Authorisation
Crest Rock Finance is an appointed representative of Goldcrest Financial Planning Limited, which is authorised and regulated by the Financial Conduct Authority. FRN 810649. We are subject to periodic regulatory review and annual external audit. Verify on the FCA Register at https://register.fca.org.uk/.
Immutable Audit Trail
Every action on the platform — login, transaction, approval, override — generates an immutable audit record. Records cannot be modified or deleted. Full history is available to regulators.
KYC / AML Compliance
All investors undergo identity verification and sanctions screening before accessing any product. Ongoing transaction monitoring flags unusual activity for compliance review.
Access Controls
Role-based access control ensures that platform staff can only access the data and functions required for their specific role. Admin actions require additional authentication.
Regulatory Compliance
Every regulation. Every time.
We treat regulatory compliance as a minimum floor, not a ceiling. Here are the frameworks that govern how we operate.
KYC (Know Your Customer)
All investors complete biometric identity verification before accessing investment products. Documents are verified against government-issued databases.
AML (Anti-Money Laundering)
Transaction monitoring and sanctions screening are applied to all deposits, withdrawals, and investment activity. Suspicious activity is reported to the relevant authority.
GDPR
We process personal data in full compliance with UK GDPR. Data is processed only for stated purposes, stored securely, and never sold to third parties.
MiFID II / FCA Rules
Investment product documentation, suitability assessments, and risk disclosures comply with applicable FCA conduct rules and MiFID II obligations.
Regulatory Information
- Registered Name
- Crest Rock Finance Ltd
- Regulatory Authority
- Financial Conduct Authority
- Principal Firm / FRN
- Goldcrest Financial Planning Ltd · FRN 810649
- Registered Address
- Unit 2, The Village, Guards Avenue, Caterham, Surrey, CR3 5XL, United Kingdom
You can verify our authorisation status on the FCA Financial Services Register.
Responsible Disclosure
If you believe you have discovered a security vulnerability in our platform, please contact our security team directly. We take all reports seriously and respond promptly.
Contact Security Team →Get Started Today
Invest with confidence.
Regulated, encrypted, and audited — every step of the way.
FCA Authorised · Segregated Accounts · No Hidden Fees