Universal Merchant Bank (UMB) has its Information Security Management Systems (ISMS) certified by International Standard Organization (ISO) in compliance with the ISO 27001 standard and again certified on the Payment Card Industry Data Security Standard (PCI DSS) by the PCI Council. This demonstrates the bank’s commitments to maintaining and improving its information security systems to guarantee the integrity, confidentiality, and availability of customers’ data.
UMB’s security strategy aligns with the standard and requirements of both ISO and PCI to:

  • Ensure that the confidentiality of customer information is protected and prevented from the disclosure of sensitive information.
  • Ensure that the integrity of information is maintained to ensure its accuracy and completeness.
  • Ensure that the availability of information is maintained to meet the needs of customers and authorized business operations when necessary.
  • Provide information security awareness training for all stakeholders.
  • Meet all regulatory directives and legislative requirements.
  • Ensure that all breaches of information security, actual or suspected, are reported, investigated, and properly mitigated or eliminate the risk.
  • Continually improve the bank’s security balance.
  • Implement a robust risk assessment management framework.
  • Ensure regular audits to identify gaps and recommend the right treatment strategies.
  • Continually communicate and educate key stakeholders on emerging security threats and adopt a healthy security awareness culture.

UMB shall always strive for safety, diligence, and excellence to maintain a good security posture and seek opportunities to improve.