Data and Compliance

At OakNorth, we take a top-down approach to security and compliance. Our security and compliance programs are sponsored and closely monitored by our executive leadership.

Our Information Security Management Systems are certified against the requirements of the ISO 27001 standard. As part of the certification, OakNorth’s control environment is assessed by a third-party independent auditor on an annual basis.

To provide increased assurance on our internal control environment and to make the due-diligence for our partners less burdensome, we are working toward completing the following compliance programs: ISAE 3402, SOC 1, 2, & 3, ISO 27017, ISO 27018, ISO 22301, and CSA STAR.

We understand that our customers need to fulfill their own audit and regulatory requirements. To help them with this risk management process, we can provide them with insights into some of our key security and compliance procedures. Our customers can approach their account manager if they need any help performing such assessments.

In the UK, OakNorth Bank is authorized by the Prudential Regulation Authority (PRA) and regulated by both the Financial Conduct Authority and the PRA. As a regulated financial institution, we take security and compliance seriously and both have been built into the DNA of the organization.