4.2M
people received their first regulated cross-border transfer through our network in 2025.
سياسة الخصوصية
كيف تجمع إفينتي هولدنغز إنك. وشركاتها التابعة المرخَّصة وتستخدم وتحمي البيانات الشخصية في الـ23 ولايةً قضائيةً التي نعمل فيها.
1.1النطاق
This Policy applies to Efinti Holdings Inc. (the holding company, Delaware) and to its licensed operating subsidiaries, including EFY Pagos S.A.S. (Colombia), EFY Mexico S.A.P.I. de C.V. IFPE, EFY Capital S.A., and Corecredit S.A.. Each operating subsidiary may publish a supplementary local notice that prevails in its jurisdiction where required by law.
1.2البيانات التي نجمعها
We collect identification data (name, government ID, date of birth), contact data (address, email, phone), commercial data (transaction history, beneficial-ownership information for KYC), technical data (IP, device, cookies), and, where lawful, biometric data for liveness checks. The exhaustive list per service is maintained in the local privacy notice of the relevant subsidiary.
1.3كيف نستخدمها
We use personal data to (a) operate licensed services, (b) meet AML/CTF and sanctions-screening obligations, (c) prevent fraud, (d) communicate transactional and regulatory information, and (e) improve our products. We do not sell personal data and do not use it for behavioral advertising.
1.4الأسس القانونية
Processing relies on the legal bases applicable in each jurisdiction: GDPR Art. 6 (EU/EEA, UK), LGPD Art. 7 (Brazil), CCPA/CPRA (California), Habeas Data Ley 1581 of 2012 (Colombia), LFPDPPP (Mexico), PDPA (Singapore), and equivalent statutes elsewhere. Where consent is required, it is collected separately and may be withdrawn at any time.
1.5الاحتفاظ
Retention varies by purpose. KYC and transaction records are retained for the term required by financial-sector law (typically 5–10 years after the customer relationship ends). Site-analytics data are retained for up to 26 months. Cookie preferences are retained for 12 months unless you change them sooner.
1.6التحويلات الدولية
Where data crosses borders, we rely on Standard Contractual Clauses (SCC) for EU/UK transfers, the EU–US Data Privacy Framework (DPF) where the receiving entity is certified, and equivalent legal mechanisms in other jurisdictions. A list of intra-group transfer destinations and safeguards is available on request from privacy@efinti.com.
1.7حقوقك
Subject to local law, you have the right to access, rectify, erase, port, restrict and object to the processing of your personal data, and to lodge a complaint with the competent supervisory authority. To exercise these rights, contact the controller of the relevant service or the holding-level Data Protection Officer.
1.8ملفات تعريف الارتباط
For the categories of cookies we use, retention periods, and how to manage your preferences, see our Cookie Policy.
تواصل
privacy@efinti.com
شروط الاستخدام
تنظِّم هذه الشروط استخدامك لموقع efinti.com. الخدمات المقدَّمة من شركاتنا التابعة تخضع لاتفاقياتها الخاصة ولا تنظِّمها هذه الشروط.
2.1النطاق
These Terms apply to your use of the website at efinti.com and the corporate information published on it. They do not govern any product, service, account, or transaction provided by an Efinti subsidiary; those are governed exclusively by the agreements between you and the relevant licensed entity.
2.2التعريفات
"Efinti", "we", "us" and "our" mean Efinti Holdings Inc. unless context indicates an operating subsidiary. "Site" means efinti.com and its subdomains. "Content" means all text, images, data, code and audiovisual material made available on the Site.
2.3الاستخدام المقبول
You agree not to scrape the Site at a rate that degrades service, attempt to circumvent its security, misrepresent your identity, or use the Site to violate applicable law or sanctions. We may suspend access for violation of these rules without notice.
2.4الملكية الفكرية
Efinti and the Efinti mark are registered trademarks of Efinti Holdings Inc. All Content on the Site is owned by or licensed to Efinti and is protected by copyright, trademark and other applicable laws. You receive no license to the Content except the limited right to view it for personal, non-commercial purposes.
2.5إخلاءات المسؤولية
The Site is provided on an "as is" and "as available" basis. Information published is for general corporate communication and does not constitute legal, tax, accounting, investment, or regulatory advice, and is not an offer or solicitation in any jurisdiction. Forward-looking statements reflect current beliefs and are subject to risks identified in our 20-F.
2.6تحديد المسؤولية
To the fullest extent permitted by applicable law, Efinti is not liable for indirect, incidental, special, consequential or punitive damages arising out of your use of the Site, including loss of profits, data or goodwill, even if advised of the possibility of such damages. Nothing in these Terms limits liability that cannot be limited under applicable law.
2.7القانون الحاكم
These Terms — strictly insofar as they govern use of the Site — are governed by the laws of the Republic of Colombia, without regard to conflict-of-laws rules. Your use of any subsidiary's product or service is governed by the law specified in the agreement with that subsidiary.
2.8التغييرات
We may update these Terms from time to time. The "Last updated" date at the top of this page reflects the most recent material change. Continued use of the Site after the update constitutes acceptance of the revised Terms.
تواصل
legal@efinti.com
سياسة ملفات تعريف الارتباط
يستخدم هذا الموقع ملفات تعريف الارتباط للتشغيل وقياس الأداء وتذكُّر تفضيلاتك للغة والإفصاح.
3.1ما هي ملفات تعريف الارتباط
Cookies are small text files placed on your device by a website. They allow the site to recognize your device on subsequent visits and to store small amounts of state, such as a chosen language. Some cookies are essential for the site to operate; others are optional and enabled only with your consent.
3.2الملفات التي نستخدمها
The table below lists the cookies set on this site, their purpose, category, and retention.
| الاسم | الغرض | الفئة | الاحتفاظ |
|---|---|---|---|
| efinti.lang | Stores chosen language | ضرورية تمامًا | 12 months |
| efinti.theme | Stores light/dark theme | ضرورية تمامًا | 12 months |
| efinti.cookies | Stores consent for non-essential cookies | ضرورية تمامًا | 12 months |
| _ga | Aggregated site analytics (Google Analytics) | تحليلية | 24 months |
| _gid | Per-session analytics (Google Analytics) | تحليلية | 24 hours |
3.3ملفات الجهات الأخرى
Analytics cookies are set by Google Analytics 4. Edge-network cookies for delivery and bot mitigation are set by Cloudflare. We do not allow third parties to set advertising cookies on this site.
3.4خياراتك
You can accept, reject, or change non-essential cookies at any time through the consent banner on the home page. You can also clear cookies through your browser settings; doing so may reset your language and theme preferences.
3.5التحديثات
When we add or remove cookies, we update this page and refresh the consent banner. If a new category requires consent, you will be prompted again on your next visit.
تواصل
privacy@efinti.com
برنامج الامتثال
برنامج موحَّدٌ عبر الـ23 ولايةً القضائية، منسجمٌ مع توقعات الإشراف لأكثر منظِّمٍ صرامةً في نطاقنا.
4.1نظرة عامة
The program is owned by the Group Chief Compliance Officer reporting to the holding-level Audit Committee. Each licensed subsidiary maintains a Compliance Officer authorized to act independently with the local regulator. Group standards form a floor; local rules prevail when stricter.
4.2مكافحة غسل الأموال / اعرف عميلك / فحص العقوبات
Customer due diligence is risk-based and follows FATF Recommendations. Onboarding screens against 90+ watchlists (OFAC, UN, EU, UK HMT, local PEP and adverse-media lists). Ongoing transaction monitoring runs continuously; suspicious activity reports are filed within statutory deadlines in each jurisdiction.
4.3FATCA و CRS
EFY Capital and Corecredit are registered as Reporting Financial Institutions where required and report annually under FATCA (US) and the OECD Common Reporting Standard (CRS). Self-certification is collected at onboarding and refreshed on a defined cadence.
4.4مكافحة الرشوة والفساد
Our ABC standard is harmonized to the FCPA (US), the UK Bribery Act 2010, and Ley 1474 (Colombia). Gifts, hospitality, and political contributions are governed by a Group policy with monetary thresholds, pre-approval workflows, and an annual attestation by all officers.
4.5حماية البيانات
A Group Data Protection Officer coordinates compliance with GDPR, LGPD, CCPA/CPRA, Habeas Data and equivalent regimes. Data-protection impact assessments are mandatory for new processing of sensitive data. See the Privacy Policy for further detail.
4.6مدوَّنة السلوك
All employees, contractors, and directors complete annual Code of Conduct training. The Code is published in English, Spanish, and Portuguese and is available on request: code-of-conduct.pdf.
4.7قناة المُبلِّغين
Confidential reporting is operated by NAVEX EthicsPoint with a 24/7 hotline and web intake in 11 languages. Retaliation against good-faith reporters is grounds for termination. Reports can be made anonymously where local law permits.
4.8المدقِّق الخارجي
Our consolidated financial statements are audited annually by PricewaterhouseCoopers (PwC). PwC also provides limited assurance on selected non-financial disclosures, including the ESG Report.
4.9الشؤون التنظيمية الأخيرة
No material regulatory enforcement actions have been brought against Efinti Holdings Inc. or any operating subsidiary in the past five years. Any future matter that meets the materiality threshold will be disclosed in the next periodic filing.
تواصل
compliance@efinti.com
إدارة المخاطر
تُحوكَم المخاطر على مستوى الشركة القابضة من خلال لجنة مخاطر يقودها المجلس، فيما تُشغِّل الشركات التابعة ضوابط الخط الأول وفق أُطرٍ مشتركة.
5.1إطار الحوكمة
We operate a three-lines-of-defense model: business units (1st line) own and manage risk; the Group Risk and Compliance functions (2nd line) set policy, monitor, and challenge; Internal Audit (3rd line) provides independent assurance to the Audit Committee.
5.2لجنة المخاطر بالمجلس
The Risk Committee comprises four directors, three of whom are independent, and is chaired by the Lead Independent Director. It meets at least quarterly, approves the risk-appetite statement, and reviews the heat map of top enterprise risks.
5.3المخاطر الرئيسية
Our principal risk categories are regulatory, FX & sovereign, credit, operational, concentration, and capital. A summary appears on the home page under Risk factors; the full discussion is in our 20-F.
5.4شهية المخاطر
The Group risk-appetite statement defines explicit limits for credit-loss ratio, country concentration, FX-mismatch buffer, operational-loss VaR, and minimum liquidity coverage. Breaches trigger pre-defined escalation to the Risk Committee.
5.5كفاية رأس المال
We maintain capital reserves at 1.4× the most stringent regulator minimum in our footprint. Internal capital adequacy assessment (ICAAP) is performed at least annually and stress-tested against severe macro scenarios.
5.6المخاطر التشغيلية
Operational risk is managed under a Basel-aligned Risk and Control Self-Assessment (RCSA) cycle, with quarterly attestations from each business unit. Loss events above defined thresholds are reported within 24 hours.
5.7الأمن السيبراني
Our security program is certified to SOC 2 Type II and ISO/IEC 27001. We conduct an annual third-party penetration test and run a managed bug-bounty program. The Group CISO reports quarterly to the Risk Committee.
5.8استمرارية الأعمال والتعافي
For tier-1 settlement infrastructure we target a Recovery Time Objective (RTO) of 4 hours and a Recovery Point Objective (RPO) of 15 minutes. Disaster-recovery exercises are run twice yearly with regulator-observable scenarios.
5.9تقرير المخاطر السنوي
The Annual Risk Report summarizes the year's enterprise-risk performance, KRI trends, and remediation progress. It is published alongside the annual financial statements: risk-report-2025.pdf.
تواصل
risk@efinti.com
تقرير ESG 2025
متوافقٌ مع SASB و TCFD ومعايير ISSB IFRS لإفصاحات الاستدامة. ضمانٌ مستقلٌّ من PwC.
23
markets aligned to ISSB IFRS S1/S2 sustainability-disclosure standards.
2028
target year for operational carbon neutrality across all owned facilities.
6.1الحوكمة
The Board's Nominations & Sustainability Committee oversees ESG strategy, climate-related financial disclosures, and human-capital metrics. Executive compensation is partly tied to ESG KPIs from 2026 onwards.
6.2البيئة
We track Scope 1, 2, and material Scope 3 emissions. Operational facilities source 62% renewable electricity in 2025 (up from 41% in 2024). Water and e-waste metrics are reported under SASB FN-IF-310 where applicable.
6.3المجتمع
Financial-inclusion metrics include the count of first-time regulated cross-border senders, average ticket size, and corridor diversity. Our workforce is 47% women globally and 52% women in management in our LatAm footprint.
6.4مصفوفة الموضوعات الجوهرية
Materiality is assessed through a double-materiality lens, scoring impact and financial relevance with input from regulators, investors, employees, and counterparties. The current matrix elevates AML effectiveness, data protection, financial inclusion, climate transition, and operational resilience.
6.5المنهجية
Greenhouse-gas accounting follows the GHG Protocol Corporate Standard. Restatements of prior-year figures, where required, are disclosed in the report's "Reporting boundary and changes" section.
6.6ضمانٌ مستقل
PricewaterhouseCoopers (PwC) provides limited assurance under ISAE 3000 (Revised) over selected metrics, including Scope 1+2 emissions, financial-inclusion counts, and workforce diversity ratios.
6.7تنزيل التقرير الكامل
The complete 2025 ESG Report, including the SASB index, TCFD index, GRI content table, and PwC assurance statement, is available as esg-report-2025.pdf.
تواصل
esg@efinti.com