Managing data is a crucial part of our work with risk and vulnerability. Our platform has built-in security, and all our solutions use an authorization engine with pre-defined roles and corresponding authorities. Countersignatures are used to minimize human errors and prevent fraud. And everything is logged and searchable.
We have an SKF (security knowledge framework) defined as part of the development process. With this, we can identify possible vulnerabilities both before and during development.
External security experts perform vulnerability scans, so-called “Ethical Hacks”, annually on our products to minimize the risk of exploits. We also use “Clair” to perform internal vulnerability scans on our products.
We are dedicated to maintaining the very highest standards for banking security, and to complying with the laws and regulations governing banks. We are ISO 27001 and UK Cyber Essentials certified so that you can feel completely confident that your information is secure in our solutions.
For our cloud environment, we are cloud-agnostic, and you can run your operations in a global public cloud like Microsoft Azure or in a local public cloud like our Swedish provider Elastx. Both clouds are ISO 27001 and ISO 14001 certified so your information is secure and it is sustainable. Read more about our Kubernetes set-up.
Our customers work in highly regulated environments. To do business means to adhere to complicated compliance and regulatory requirements. That’s why our product is designed to provide you with tools and functionality for full compliance, and we ensure our services keep our customers compliant with a minimum of fuss.
Players in the financial industry must pay close attention to the compliance regulations issued by international regulatory bodies. In Sweden, we primarily follow the rules issued by the European Banking Authority, The Swedish Financial Supervisory Authority (Finansinspektionen), and the Swedish Data Protection Authority (Datainspektionen).
We continuously review all existing and new compliance regulations. We also have close interactions with customers – existing and new – to understand how they interpret the compliance regulations and their impact on their business.
Based on our analysis of relevant compliance regulations and with insights learned from our customers, we continue working to ensure that our services stay compliant. It’s an ongoing process, and our new releases include compliance enhancements to our services. If you have any questions or concerns regarding our compliance with laws and regulations, please reach out directly to ciso@viljasolutions.com.
Vilja delivers exceptionally high availability with virtually no downtime. The Vilja Platform operates across three physically separate sites, ensuring uninterrupted service even if one or two sites become unavailable.
Vilja Business Continuity Plan defines multiple disaster scenarios, along with defined solutions and recovery time objectives. These scenarios are rigorously tested three to five times per year to ensure resilience and reliability.
Vilja Platform is fully compliant with DORA and offers tools for customers to comply regulatory frameworks like PSD2, AMLD and to the European Banking Authority (EBA).
The platform embeds security and compliance in its foundation layer (access control, audit logging, anonymization, observability) and runs on HA Kubernetes clusters in ISO‑14001 aligned cloud environments with encrypted storage and WAF-protected ingress. Data is encrypted in transit and at rest.
Yes, Vilja Platform has extensive KYC functionality, transaction monitoring for AML and configurable controls for fraud detection. In addition, as a modular platform it easily integrates to other third-party solutions.
Yes, Vilja is fully compliant and certified to all controls of ISO27001:2022 and UK Cyber Essentials.
Vilja Platform uses intelligent monitoring that proactively detects and responds to suspicious data traffic and abnormal user behavior patterns.
The platform offers extensive reporting capabilities, including configurable built-in reports and a data warehouse that enables the creation of custom reports. Easy configuration options enable you to set up the system according to your business operation needs.
Vilja Platform is replicated across three availability zones, ensuring continued availability even if two of the three zones become unavailable. Backups are handled through Point-in-Time Recovery, providing continuous backup and enabling restoration to any specific point in time.
Vilja maintains a comprehensive business continuity plan with clearly defined recovery time objectives for multiple scenarios, which are rigorously tested three to five times per year. In addition, external penetration tests are conducted two to four times annually to continuously validate the platform’s security posture.
Ready to take the next step in learning how to power your bank for the future? We understand you might have a few questions and would love to answer them for you. You have our 100% commitment.
• Superior customer experience: Modern “My Pages” built for self-service and automation
• User friendly and extensive back-office: Designed for easy product management, smooth servicing and rich compliance functionality
• Complete end-to-end solution with modular approach: Cover the full customer life cycle, KYC & servicing, both at onboarding and recurring
