Skip to main content
Fincra Technologies Limited

Terms and Conditions

GLOBAL COLLECTIONS AND PAYOUT

The terms and conditions outlined in this agreement (“Agreement) pertain to your use of FINCRA’s website, platform, and services (“Platform”). Any translation of the terms and conditions herein provided is for convenience only and may not accurately represent the information in the original English language version of such document.

By using the service(s), You agree to (i) be legally bound by the Agreement and other applicable agreements for FINCRA’s various services that You may use; (ii) be legally bound by the pricing on our website or any other document provided by FINCRA; (iii) agree to receive all agreements, communications, contracts, disclosures, notices, and any other items electronically to either the email address(es) You provided to FINCRA or any other email addresses you may subsequently provide to FINCRA, via any of FINCRA’s platforms. You agree to provide certain data about (i) your business, (ii) your legal representative, and (iii) any other information FINCRA may require to provide the service(s).

SERVICES

The services provided by FINCRA or its payment partners are:

  1. Creation of Multicurrency Virtual Bank Accounts (VBAs)
  2. Cross-border transfers and FX Payouts
  3. Multiple currency conversions
  4. Digital Assets

INTELLECTUAL PROPERTY RIGHTS

Subject to the provisions of this Agreement, FINCRA grants You, and You accept, a limited, non-exclusive, non-transferable, non-assignable licence to use the Platform for your internal use only.

Except as provided in this Agreement, no other licence under any patents, copyrights, trademarks, trade secrets, or any other intellectual property rights, express or implied, is granted by FINCRA to You under this Agreement.

All patents, copyrights, circuit layouts, mask works, trade secrets, and other proprietary rights in and/or related to the Platform are and will remain the exclusive property of FINCRA or its payment partners, whether or not specifically recognized or perfected under the laws of the jurisdiction in which the Platform is used or licensed.

You shall not allow any third party to have access to the Platform or derivative works from the Platform without FINCRA’s prior written consent.

Unless otherwise agreed on a case-by-case basis, FINCRA will own all rights in any copy, translation, modification, adaptation or derivation of the Platform or other items of Confidential Information, including any improvement or development thereof.

You will obtain, at FINCRA’s request, the execution of any instrument that may be appropriate to assign these rights to or perfect these rights in FINCRA’s name.

You grant FINCRA the right to use your company’s/corporate name or/and logo (“Logo”) on FINCRA’s website, or in any marketing materials.

FEES

The sum to be paid by You to FINCRA under this Agreement is as set out on the website or any other agreement signed by FINCRA.

By accepting this Agreement, you confirm you have read and agree to pay us the relevant fees as set out on the website or any other documents provided by FINCRA to You.

All fees are exclusive of applicable taxes and duties, which shall be borne by You.

Except as provided under this Agreement, You are responsible for all taxes that are applicable to You and the services under relevant laws.

FINCRA may amend the fees payable under this Agreement at any time and shall give You notice of such amendment.

SET-OFF

FINCRA may set off any debts or liabilities (including refunds, taxes, fines, legal costs) due from You or your Affiliates to FINCRA or any of FINCRA’s Affiliates under this Agreement against any debts or liabilities owed by You or any of your Affiliates to FINCRA or its Affiliates, regardless of the place of payment or currency of either obligation.

If the obligations are in different currencies, then FINCRA may convert either obligation at a market rate of exchange in its usual course of business for the purpose of the set-off.

The exercise by FINCRA of any of its rights under this clause shall be without prejudice to any other rights or remedies (including but not limited to set-off) to which FINCRA or its Affiliates are otherwise entitled (by operation of law, contract, or otherwise).

WARRANTIES

  1. You warrant that all corporate action required to enter into this Agreement and the exercise of your rights and the performance of your obligations under this Agreement have been duly taken.
  2. You warrant that you are not registered in or will provide the services to any person or corporate entity in the Prohibited Countries.

A list of the prohibited countries is accessible here

  1. You warrant that You are duly registered and have the full capacity and corporate authorisation to enter into this Agreement and discharge the obligations and responsibilities created herein.
  2. You warrant that You have the required licenses and regulatory approvals to conduct your business and enter into this Agreement.
  3. You will use the services in accordance with the terms of this Agreement, all applicable law, card scheme rules and further guidance provided on our website.

In particular, You will not use the services in a manner that could result in a violation of anti-money laundering, counter-terrorist financing, and similar legal and regulatory obligations.

  1. You shall comply with any technical specifications available on FINCRA’s website, which FINCRA reserves the right to modify at any time.
  2. You will keep FINCRA indemnified against all actions, claims, proceedings, and all legal costs or other expenses arising out of any breach of the above warranties or out of any claim by a third party based on any facts that, if substantiated, would constitute such a breach or a breach of other relevant legal or settlement obligation or contractual duty.
  3. FINCRA warrants to You that no element of the Platform or services constitutes a breach of any patent, copyright, or other intellectual property in its country of operation.
  4. FINCRA neither warrants that the operation of the Platform or any ancillary products or services will be uninterrupted nor error-free, nor will it be 100% fraud or fail-proof.
  5. Except as outlined in this Agreement, FINCRA makes no express or implied representations or warranties concerning the Platform or its condition, merchantability, or fitness for any particular purpose or use by You.
  6. FINCRA disclaims and excludes any warranty that is not expressly stated in this Agreement.
  7. You and FINCRA warrant that you are not contemplating or in the process of being wound up.

INDEMNITY

You agree to indemnify and hold FINCRA harmless in respect of all claims, demands, damages, losses, liabilities, expenses, and costs suffered or incurred by FINCRA arising out of or in connection with (i) misuse of the services or Platform (ii) breach of this Agreement or applicable laws (iii) breach of third-party provider agreement, or (iv) misconduct and negligence.

LIMITATION OF LIABILITY

Except as set out in this Agreement, FINCRA excludes all conditions, warranties and representations, expressed or implied by (i) statute, (ii) common law or (iii) otherwise, in relation to the Platform and services provided hereunder.

FINCRA is not liable to You under any circumstance, whether for negligence, breach of contract, misrepresentation or otherwise, for:

  1. loss or damage which is incurred by You as a result of:
    1. third party claims;
    2. viruses, malware, IP spoofing, exposure of API keys, fraudulent or malicious attacks, disruptive codes, power cuts or service interruptions or other IT or hardware or software problems or faults;
    3. decisions by any relevant court, regulatory or other authority or the operation of Applicable Law; and/or
    4. loss of profit, goodwill, business opportunity or anticipated saving suffered by You;
  2. indirect, consequential, punitive, exemplary or similar loss or damage (including damage to reputation) suffered by You; and/or
  3. loss or damage that may be the consequence, wholly or partially, of a breach of the Agreement by You.

The entire liability of FINCRA under or in connection with this Agreement whether for negligence, breach of contract, misrepresentation or otherwise, is limited to the total fees earned by FINCRA from You under this Agreement during the one (1) month period immediately preceding the date the first of such claims arose.

Nothing in this Agreement shall operate to exclude or restrict the liability of FINCRA for death or personal injury or fraud committed by FINCRA where such liability cannot be lawfully excluded or limited.

Notwithstanding any provision to the contrary, FINCRA shall not be liable in the event that abnormal and unforeseeable circumstances beyond its control prevent it from fulfilling its obligations under this Agreement.

No liability shall be raised against FINCRA more than One (1) year after the accrual of the cause of such liability.

The limit of liability expressed in this entire clause 10 applies irrespective of the number of claims.

FINCRA shall not be liable for any loss which occurs during a routine maintenance of its Platform, of which it has given You notice of.

FINCRA will not be liable for the actions or inactions of any third party not acting on the instructions of FINCRA;

neither will FINCRA be liable for the actions nor inactions not directly traceable to it.

This entire clause of Limitation of Liability shall survive the termination of this Agreement.

RELATIONSHIP BETWEEN PARTIES

This Agreement shall not in any way constitute a partnership or joint venture between You and FINCRA nor constitute You an agent of FINCRA.

The relationship between You and FINCRA is on a principal-to-principal basis only.

This Agreement is not intended to confer on any person other than You and FINCRA any express or implied benefit or burden.

CONFIDENTIALITY

You shall treat as confidential all information and shall not divulge such confidential information to any person (except as provided for in this clause) without FINCRA’s prior written consent.

You shall be responsible for any breach of the obligations of confidentiality by You, your representatives, and/or affiliates.

You may disclose Confidential Information only:

  1. as required by law or by any regulation or similar provision, provided that You, where possible, give FINCRA not less than seven (7) Business Days written notice of such disclosure to enable the FINCRA to take whatever steps it deems necessary to protect its interest in this regard and shall, to the extent possible disclose only the portion of the information necessary;
  2. to your representatives who need to know it strictly for the purpose of carrying out your obligations under this Agreement, on the basis that such representatives will keep the same confidential on the terms of this Agreement;

or

  1. to your affiliates.

For this purpose, the term “Confidential Information” means all information relating to FINCRA which is obtained, whether in writing, pictorially, in machine readable form or orally or by observation in connection with this Agreement, including but without limitation, financial information, know-how, partner information, processes, ideas, intellectual property schematics, trade secrets, technology and other customer-related information, sales statistics, market, market intelligence, marketing and other business strategies and other commercial information of a confidential nature but does not include information which is known to You without any limitation or restriction on use or disclosure before receipt of such information from or on

behalf of FINCRA or becomes publicly available, other than as a breach of this Agreement, or becomes lawfully available to You from a third party free from any confidentiality restriction or any information required to be disclosed under any relevant law or any binding judgment or order of court or arbitration tribunal or any stock exchange regulations or under direction from any relevant regulatory authority or law enforcement agents, or was developed by the receiving party or its affiliates independently of the Confidential Information received from FINCRA hereunder.

The obligations as to confidentiality shall survive the termination of this Agreement for a period of 3 years after the termination of this Agreement.

You agree to maintain the applicable Payment Card Industry Data Security Standard (PCI DSS) requirements to the extent that You shall possess or otherwise store, process, or transmit cardholder data under this Agreement.

FORCE MAJEURE

If FINCRA is prevented from fulfilling its obligations under this Agreement by reason of any supervening event beyond its control (including but not limited to an Act of God, natural disaster, or civil disorder), FINCRA shall immediately notify You and will resume full performance upon the cessation of the event.

If the period of incapacity exceeds two months, You may terminate this Agreement.

TERMINATION AND SUSPENSION

Termination without cause.

FINCRA or You may terminate this Agreement at any time by giving 30 days notice in writing to the other Party.

Termination with cause

Regardless of any other provision of this Agreement, FINCRA reserves the right to terminate this Agreement forthwith or suspend access to the Platform or service(s) by notice to You if:

  1. it is required or requested to do so by any regulatory authority;
  2. You fail to comply with any applicable laws;
  3. You fail to comply with any term of this Agreement;
  4. You fail to comply with access and/or interface specifications as communicated by FINCRA;
  5. FINCRA is required to do so by a Card Scheme;
  6. fraud is committed by your customer;
  7. fraud is committed due to the act and/or omission of You;
  8. You fail to pay any sums under this Agreement by the payment due date;
  9. anything happens to You or a matter is brought to the attention of FINCRA which in its absolute discretion, it considers may affect your ability or willingness to comply with all or any of its obligations or liabilities herein;
  10. FINCRA, in its absolute discretion, determines that the relationship with your business represents an increased risk of loss or liability;
  11. You did not submit complete and/or accurate Know Your Customer documents; and/or
  12. Any fines or any other claims are brought against FINCRA by any Card Scheme, financial institution, or any other third party arising from any aspect of the parties’ relationship (including in connection with any security breach, compromise, or theft of data held by You or on behalf of You irrespective of whether such security breach, compromise, or theft of data was within or outside your control).

In the event of a suspension (where the breach is capable of remedy), FINCRA shall notify You in writing of the details thereof and, if the breach and/or non-compliance is capable of remedy, of the requirements and the timeframe for same that must be met by You for the suspension or restriction to be lifted.

In the event of the remediation of a breach and/or non-compliance, FINCRA shall reinstate the suspended or restricted access within forty-eight (48) hours of You having complied with the requirements communicated to it by FINCRA.

Any costs incurred consequent upon the suspension, restriction, and/or reinstatement of the access shall be borne by You.

Notwithstanding any other provision in this Agreement, FINCRA may suspend the processing of any transaction and/or any connected transaction or withhold settlement until the satisfactory completion of any investigation if FINCRA has reasonable suspicion that a transaction may be fraudulent or involve other criminal activity.

You shall not be entitled to claim or demand any interest or other compensation whatsoever in respect to any such suspension or delay.

MODIFICATIONS

FINCRA may modify any terms of this Agreement and provide notice of same to You via any email address submitted by You or posting the revised version on this Platform or on the Website.

We advise that you visit the website any time You intend to use the Services.

WAIVER

FINCRA failure to exercise or any delay in exercising any rights under this Agreement shall not operate as a waiver or variation of that or any other such right;

any defective or partial exercise of any such right shall not preclude any other or further exercise of that or any other such right;

and no act or course of conduct or negotiation on the part of FINCRA shall preclude it from exercising any such right or constitute a suspension or variation of such right.

SEVERANCE

If any provision of this Agreement is declared by any applicable law, judicial or other competent authority to be void, voidable, illegal, or otherwise unenforceable or irrelevant, it shall, to the extent required by such law or authority, be severed from this Agreement and rendered ineffective so far as is possible without modifying the remaining provisions of this Agreement.

NO ASSIGNMENT

FINCRA may assign its rights, benefits, or obligations under this Agreement without Your prior written consent.

In such event, this Agreement shall be binding upon and inure to the benefit of each of the Parties and the assignee.

You shall not assign your rights or obligations under this agreement without the prior written consent of FINCRA.

GOVERNING LAW

This Agreement shall be interpreted and enforced in accordance with the laws of Canada.

Certain services on the Platform for certain jurisdictions may, however, be subject to laws of applicable jurisdictions where You are organised or the services are provided from or regulated as captured in the relevant terms applicable to such jurisdictions.

DISPUTE RESOLUTION

If a dispute arises between the Parties in connection with the interpretation, implementation, or operation of this Agreement or its subject matter or the validity of any document furnished by the Parties under this Agreement that cannot be resolved amicably by the Parties within 10 days of notice of the dispute by either of the Parties, the dispute shall be referred to a court of competent jurisdiction in Ontario.

INDUCEMENT AND ANTI-CORRUPTION

FINCRA complies with all anti-bribery and anti-corruption laws in any relevant jurisdiction and all applicable anti-bribery and anti-corruption regulations and codes of practice.

You shall not offer or give any FINCRA employee or third party any gratification, bribe, or consideration of any kind as an inducement or reward for doing or not doing or having done or omitting to do a favour or for a disfavour done to another in the discharge of official duty or duties or in relation to any matter connected with his/her job functions or relating to the business of FINCRA.

Any breach of the terms of this clause by You or by your employees, subcontractors, agents, or anyone acting on their instructions (whether with or without your knowledge) shall entitle FINCRA to terminate this Agreement forthwith.

Termination shall be without prejudice to other remedies available to FINCRA at law.

You owe FINCRA a duty to report any violation of this clause by FINCRA’s employees, agents or representatives to FINCRA via FINCRA’s anonymous whistleblowing channel [email protected]

AUDIT/INSPECTION

You warrant to FINCRA that You have or shall upon the coming into effect of this Agreement, engage an independent consultant with the necessary expertise to undertake a systems and compliance audit which shall be conducted on a yearly basis to ensure adequate controls, safeguards, security and effective internal controls to protect the integrity of the information technology and related systems of FINCRA.

A copy of the audit report shall be provided to FINCRA immediately upon the conclusion of each audit.

You undertake that the systems audit shall be carried out in accordance with the International Standard on Auditing or other similar internationally recognized systems auditing standards.

FINCRA is required by the rules of the applicable Card Schemes to appoint at any time an authorized representative/auditor to conduct a systems and/or compliance audit of You (upon reasonable notice) notwithstanding that You have confirmed to FINCRA that You have conducted an audit.

You undertake to cooperate fully with and grant FINCRA’s representative full access to its operations and relevant documentation for the purpose of conducting the audit.

You shall permit the authorized representatives of FINCRA and/or Card Schemes to carry out physical inspections of your place(s) of business or other facilities to verify if You comply with your obligations hereunder.

If You refuse such inspection or provide inaccurate, untrue, or incomplete information or fail to comply with the terms and conditions of this Agreement, FINCRA reserves the right to suspend access to the Solution or terminate the Services with immediate effect.

RESERVE BALANCE

You understand that FINCRA may require You to maintain a minimum amount (“Reserve Balance”) from time to time as a condition of continued access and use of any of the services in the Services Schedule.

You understand that FINCRA may, at its discretion or as may be required by its payment partners, draw upon the Reserve Balance to cover any liability of You to FINCRA in the course of its use of any of the services.

For the avoidance of doubt, You hereby authorise FINCRA to debit the Reserve Balance to the extent of any sum owed to FINCRA under this Agreement either as the cost of FINCRA’s provision of the services under this Agreement or otherwise.

Where You fail to maintain the requisite Reserve Balance, FINCRA reserves the absolute right, without limitation, to suspend any of the services to You or terminate this Agreement.

FINCRA reserves the right to cause the Reserve Balance to be held for up to 180 days following the termination of this Agreement or for such additional time as may be required to ensure that FINCRA is not exposed to liability pursuant to this Agreement.

NON-CIRCUMVENTION

You hereby agree not to in any way or through any affiliate, partner, employee, or agent directly or indirectly circumvent FINCRA in relation to the services contemplated under this Agreement.

You further agree that it shall not enter into any Agreement with any third party introduced by Fincra or used by Fincra for the provision of any services under this Agreement.

This obligation shall survive the termination of this Agreement for a period of 2 years.

Breach of this clause shall entitle Fincra to 100% of all the profit derived by You from the business with interest.

ABUSE OF API

You acknowledge that the API credentials are confidential and intended solely for your use in accordance with the Agreement.

You shall protect the API credentials and shall not share, sell, transfer, or disclose the API credentials to any third party without the prior written consent of FINCRA.

You agree not to interfere with the API operations (reverse engineer, decompile, disassemble, or attempt to derive the source code of the API) and shall prevent unauthorized access or misuse of the API credentials.

You further agree that any unauthorized use of the API credentials by You or its customers will be a material breach of this Agreement.

In the event of such material breach, FINCRA may immediately suspend or terminate your access to the API/Service or/and unilaterally terminate the Agreement without notice.

You agree to indemnify and hold FINCRA harmless from any claims, damages, losses, or expenses (including attorney’s fees) arising out of or related to You or your customer’s breach of this clause.

OVERPAYMENT/UNDERPAYMENT PROCESS

Where You receive payment that is less than the predefined transaction limited, FINCRA shall treat the transaction as follows:

  1. Settle such transactions to your wallet.
  2. Debit the transaction fees from your wallet.

Payment above $10,000 shall trigger an RFI in line with the API documentation.

DATA PRIVACY AND INFORMATION SECURITY

FINCRA is certified to ISO 27001:2022, and the Nigeria Data Protection Act.

In addition to certification, FINCRA has implemented data loss prevention measures, access control, security audits, secure data transfer to certification partners and organisational policies to ensure protection of its information and other related assets as well as other users.

You shall also protect FINCRA data and information assets with relevant technical and organizational measures as well as compliance to applicable regulatory standards.

The information security requirements below are applicable to You:

  • Compliance to ISO 27001
  • Establishment of controls for possible risks via Risk Assessment process
  • Notification of any incident/data breach without any undue delay
  • Commitment to information security and data privacy and protection.
  • Establishment of acceptable use of information systems assets

ELECTRONIC COMMUNICATION

By using the Services, you agree and consent to transact business with FINCRA electronically and to receive electronically certain disclosures, documents, communications, agreements, and notices (collectively, “Disclosures”) that we provide in connection with your use of the Services.

Disclosures include, without limitation, agreements and policies related to your Account (including Wallet), transaction receipts, and account statements.

FINCRA will provide Disclosures by posting them on the Platform, website or by emailing them to you at the email address associated with your Account.

You also agree that any Disclosures you or we sign electronically will have the same legal effect as a signed physical document.

YOUR OBLIGATIONS

You shall:

  1. Not use the Platform to facilitate transactions in the Prohibited List.

A list of the prohibited transactions and industries is accessible here This list may be amended by FINCRA from time to time.

  1. Not use the Platform to facilitate transactions in the Prohibited List.
  2. A list of the prohibited transactions and industries is accessible here This list may be amended by FINCRA from time to time.
  3. Maintain appropriate reserves as may be required by FINCRA.
  4. Comply with all applicable laws and any relevant Card Scheme Rules.
  5. Accept payments and process refunds only from customers in connection with goods and/or services supplied by You and in respect of goods and services which commonly fall within your business as identified in your request to FINCRA for the services or which the customer would reasonably expect to receive in respect of goods or services, the provision of which is in accordance with applicable law.
  6. Comply with third-party provider terms and conditions applicable to the services they provide.

You agree that FINCRA is not and shall not be responsible for any loss suffered by You or dispute between You and the third-party provider as a result of utilizing the third-party services.

  1. Comply with your tax obligations
  2. Remain solely responsible for ensuring the correct implementation, installation, integration, security, and operation of all systems, equipment, software, and telecommunications and use of the services on your platform.
  3. Notify FINCRA if You have been banned by any service provider for using same service or similar services
  4. Not enroll any customers involved in any activities stated in the Prohibited and Restricted Lists.
  5. Provide FINCRA immediate notice of (i) any unauthorized third-party use of the services or access to the Platform;
  6. and/or (ii) any event that might lead to such unauthorized use.
  7. Assist FINCRA in handling any claim or query raised by any third party in relation to the services.
  8. Comply with any additional security, authentication, risk control, or other requirements imposed by FINCRA, a card scheme, or any of the payment partners.
  9. Perform the necessary KYC (Know your customer) & due diligence on all your customers and sub-merchants in accordance with applicable regulations and provide them on request.
  10. Implement a fraud protection and monitoring tool and provide evidence of the same to FINCRA, if requested by FINCRA.
  11. Implement at a minimum, two-factor authentication system.
  12. Not use any cardholder payment card details including but not limited to Primary Account Number (PAN) or Card Number, Personal Identification Number (PIN), Card Verification Value (CVV) for any purpose other than for the facilitation of the payment authorized by the cardholder.
  13. Take full responsibility for the integration process using the API furnished by FINCRA.

All integrations, however, shall be subject to passing FINCRA’s integration acceptance tests prior to go-live.

  1. Provide KYC documentation/information relating to any of your customers at the request of FINCRA without any delay.
  2. Be responsible for data stored or transmitted on or through your systems or any use of the passwords or identification codes assigned by FINCRA.
  3. Be solely responsible to and for your customers.
  4. Comply with applicable data protection regulations.
  5. Initiate an exchange order for FINCRA’s processing via the Platform.
  6. Transfer the quantity of currency agreed upon in the exchange order into FINCRA’s account or Wallet.
  7. Provide relevant KYC documents without any delay.
  8. Submit to any compliance checks required by FINCRA.
  9. Ensure that the proceeds of this Agreement are not used to fund illegal or prohibited transactions.
  10. Provide additional documents concerning You, any customer, or a specific transaction upon FINCRA’s request within 24hours (or such other timeframe as may be agreed).
  11. Abide by and continue to observe all guidelines and conditions related to each transaction as may be made from time to time and communicated by FINCRA.

RESTRICTIONS ON USE OF THE SERVICE

You shall not do any of the following in connection with your use of the services:

  1. download, modify, copy, distribute, transmit, display, perform, reproduce, duplicate, publish, license, create derivative works from, or offer for sale any information contained on, or obtained from or through, the Services, except for temporary files that are automatically cached by your platform for display purposes, or as otherwise expressly permitted in this Agreement;
  2. duplicate, decompile, reverse engineer, disassemble or decode the Services (including any underlying idea or algorithm), or attempt to do any of the same;
  3. use, reproduce or remove any copyright, trademark, service mark, trade name, slogan, logo, image, or other proprietary notation displayed on or through the Services;
  4. use automation software (bots), hacks, modifications (mods) or any other unauthorized third-party software designed to modify the Services;
  5. access or Use the Services in any manner that could disable, overburden, damage, disrupt or impair the Services or interfere with any other party’s access to or use of the Services or use any device, software or routine that causes the same;
  6. attempt to gain unauthorized access to, interfere with, damage or disrupt the Services, accounts registered to other users, or the computer systems or networks connected to the Services;
  7. circumvent, remove, alter, deactivate, degrade or thwart any technological measure or content protections of the Services;
  8. use a VPN or other tool to circumvent any geoblock or other restrictions that FINCRA or its partner may have implemented for the services;
  9. use any robot, spider, crawlers, scraper, or other automatic device, process, software or queries that intercepts, “mines,” scrapes, extracts, or otherwise accesses the Services to monitor, extract, copy or collect information or data from or through the Services, or engage in any manual process to do the same;
  10. introduce any viruses, trojan horses, worms, logic bombs or other materials that are malicious or technologically harmful into our systems;
  11. refuse to cooperate in an investigation or provide confirmation of your identity or any information you provide to FINCRA or its Partner;
  12. send or receive fraudulent money or payments for advertising, marketing or otherwise on an unsolicited and unauthorized basis;
  13. provide a cash advance from your credit card;
  14. access or use the Services in any way not expressly permitted by this Agreement

SERVICE LEVEL AGREEMENT

FINCRA Incident Management Framework

Definition An Incident is an event or circumstance that affects or could affect your business negatively and is attributed to IT systems and/or the network.

These incidents will most often include, but are not limited to:

  • Infrastructure Downtime
  • Fraud
  • Application Malfunction

Management of Incidents

Classifying the risk

You must immediately make an initial assessment of the actual impact that the incident has had.

This will be one of five levels: insignificant, minor, moderate, severe or catastrophic.

The initial impact of the incident will inform the immediate reporting requirements.

Investigation of Incidents

Where incidents are sufficiently serious or complex, or part of an ongoing pattern, a formal investigation may need to take place to establish the root cause of the incident.

The level of investigation, guided by the level of risk presented by the reported incident, should be determined as part of the reporting procedure by You and FINCRA.

However, it should be noted that as individual incidents can vary, so too can the level of investigation required.

The standard approach to the investigation of any incident is to apply the principles of a Root Cause Analysis (RCA) to establish the true reasons for the incident so they may be prevented in the future.

Communication of Incidents

E-Mail Communication

One-one via slack

Duties & Responsibilities in Incident Management

The following table:

RoleResponsibilityContact
End user / user / requesterFINCRA merchant who usually experiences a disruption in service and raises an incident ticket to initiate the process of incident management.You
First Level SupportThis is the first point of contact by You when You raise a request or incident ticket. First level support people have a working knowledge of the most common issues that might occur.Merchant Success
Second Level SupportMade up of support engineers with advanced knowledge of incident management. They usually receive more complex requests from users; they also receive requests in the form of escalations from first level support.Support Engineers
Tier 3 (and above) service deskThis level is usually composed of specialist engineers who have advanced knowledge of particular domains in the FINCRA infrastructure.CTO
Incident ManagerThis stakeholder plays a key role in the process of incident management by monitoring how effective the process is, recommending improvements, and ensuring the process is followed, among other responsibilities.CTO
Process OwnerThis stakeholder owns the process followed for managing incidents. They also analyze, modify, and improve the process to ensure it best serves the interest of the organization.CTO

External Incident Management & SLAs

Incident Logging

An incident can be logged through phone calls, emails, web forms published on the self-service portal or via live chat messages.

The following table:

ChannelContact detailsResponse Time
Phone013432000Real time Mon-Fri , 8:00am -5:00pm
Email[email protected]15 min FRT. available 24/7 with human response Mon-Fri , 8:00am -5:00pm
Live Chatavailable in portal & on website2min FRT available for live chat Mon-Fri , 8:00am -5:00pm
Self- Service portalavailable in portal & on websiteReal time ticket logging system avail 24/7 with human response Mon-Fri , 8:00am -5:00pm

Incident Categorization

Incidents can be categorized and sub-categorized based on the area of IT or business that the incident causes a disruption in like network, hardware etc.

The following table:

CategoryIncident TypesOwner
HighInfrastructure Malfunction or downtimeEngineering
MediumComplaints & EnquiriesTechnical Account Manager | Support Engineers
LowEducation gaps & EnquiriesSupport

Incident Prioritization

The priority of an incident can be determined as a function of its impact and urgency using a priority matrix.

The impact of an incident denotes the degree of damage the issue will cause to the user or business.

The urgency of an incident indicates the time within which the incident should be resolved.

Based on priority, incidents are categorized as

The following table:

PrioritizationNature of IncidentFixer
CriticalInfrastructure Downtime, Application Malfunction, Fraud.CTO
HighFraudCompliance
MediumGeneral Complaints | RequestsMerchant Success | Supporting Unit
LowEnquiriesMechant Success

Incident routing and assignment: Merchant Success Associate

Once the incident is categorized and prioritized, it gets routed to a support engineer with the relevant expertise.

This case will originate from Freshdesk and will be transferred to Jira.

Creating and managing tasks: Technical Support Engineer

Based on the complexity of the incident, it can be broken down into sub-activities or tasks.

Tasks are typically created when an incident resolution requires the contribution of multiple 2nd level support people from either the same or different departments.

SLA Management & Escalation

While the incident is being processed, the support engineer needs to ensure the SLA isn’t breached.

An SLA is the acceptable time within which an incident needs a response (response SLA) or resolution (Resolution SLA).

SLAs can be assigned to incidents based on their parameters like category, requester, impact, urgency etc. In cases where an SLA is about to be breached or has already been breached, the incident can be escalated functionally or hierarchically to ensure that it is resolved at the earliest.

The following table:

PriorityResponse TimeResolution Time
Critical10min2 hours
High15min4 hours
Medium15min12 hours
Low15min24 hours
EscalationRealtime48 hours

CHAREGEBACKS AND REFUNDS

  1. In certain circumstances, FINCRA payment partners, Card Issuers, Card Schemes and/or Other Financial Institutions may require repayment in respect of a transaction previously settled and/or remitted to You or its customers, notwithstanding that authorisation may have been obtained from our payment partner, Card Issuer and/or Other Financial Institution (such circumstances being a “Chargeback”).
  2. You acknowledge and agree that under all applicable rules, regulations and operating guidelines issued by Card Schemes, our payment partner, financial institution, and FINCRA relating to card, wallet, virtual bank account transactions, other payment methods and processing of data, You may be required to reimburse acquirers, our payment partners or other individuals for Chargebacks in circumstances where You have accepted payment in respect of the relevant transaction.
  3. All Chargebacks shall correspond to the whole or part of the settlement value of the original transaction or to an amount equivalent to the original settlement currency at the rate of exchange quoted for settlement purposes on the day the Chargeback is processed.
  4. All refunds or reversals (whether for underpayments, overpayments or otherwise) shall attract a fee of 15 EUROs and 15 GBP for EURO and GBP-denominated transactions and 35 USD for USD-denominated transactions.
  5. Where a Chargeback occurs or where You fail to address a Chargeback claim within 16 hours, FINCRA shall immediately be entitled to debit your position, make a reversal from your settlement account, virtual bank account or e-wallet and/or make a deduction from any remittance, reserve and/or invoice You to recover:
    • the full amount of the relevant Chargeback;
    • the sum of 15 EUROs and 15 GBP for EURO and GBP denominated transactions and 35 USD as chargeback fees (irrespective of whether the chargeback was successful or otherwise);
    • and any other costs, expenses, liabilities or Fines which may be incurred as a result of or in connection with such Chargeback (“Chargeback Costs”).
  6. FINCRA shall have the right to immediately terminate this Agreement if your chargeback, refund or reversal exceeds FINCRA’s acceptable threshold.
  7. A Chargeback represents an immediate liability from You to FINCRA.
  8. Where the full amount of any Chargeback and/or any Chargeback Costs is not debited by FINCRA from your bank account, virtual bank account or e-wallet or deducted from any remittance or invoiced as referred to in the previous clause, then FINCRA shall be entitled to otherwise recover from You by any means the full amount of such Chargeback and Chargeback Costs (or the balance thereof, as the case may be).
  9. FINCRA shall not be obliged to investigate the validity of any Chargeback by any Card Issuer, Card Scheme, payment partner or Other Financial Institution, whose decision shall be final and binding in respect of any Chargeback.
  10. As Chargebacks may arise a considerable period after the date of the relevant transaction, You acknowledge and agree that, notwithstanding any termination of this relationship for any reason, FINCRA shall remain entitled to recover Chargebacks and Chargeback Costs (and, where relevant, from any entity who has provided FINCRA with a guarantee or security relating to your obligations under this relationship) in respect of all Chargebacks that occur in relation to transactions effected during the term thereof.
  11. FINCRA reserves the right to immediately pass on to and recover from You any fines incurred and/or impose further charges on You and/or terminate the relationship forthwith if we consider that the total value of refunds and/or Chargebacks is unreasonable.
  12. FINCRA can recover fines from You to FINCRA.
  13. You agree that You bear the responsibility to prove to FINCRA’s satisfaction (or that of the relevant Card Issuer, payment partner or Other Financial Institution) that the debit of a customer’s or cardholder’s account was authorised by such customer or cardholder.

DIGITAL ASSETS SERVICES

This schedule applies to your use of Digital Assets.

The services under this schedule are provided by FINCRA’s provider (‘Fincra Partner’).

Fincra Partner shall be an independent contractor for the purposes of this service.

The link to the terms and conditions governing this service is accessible here

DATA PROCESSING AGREEMENT

RESPONSIBILITIES

  1. Each Party shall implement and maintain effective Security Measures (pseudonymization and encryption etc.) that are designed to preserve the security and confidentiality of each Party’s Data and protect its Data from Security Incidents.

Such security measures shall be regularly tested and evaluated for effectiveness.

  1. The Parties understand that Sensitive Data merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms of the Data Subject.

The Controller will therefore not provide (or cause to be provided) any Sensitive Data to Processor for processing under the Agreement without the express consent of the Data Subject.

  1. The Processor shall adopt such measures to ensure a level of security appropriate to the sensitivity of the Data transferred to the Processor.

These measures include the pseudonymisation and encryption of personal data.

  1. Processor shall notify Controller in writing within 48 (forty-eight) hours, unless prohibited from doing so under Data Protection Laws, if it becomes aware or believes that any data processing instruction from Controller violates any Data Protection Law.
  2. Processor shall ensure it can restore the availability and access to Personal Data promptly in the event of a Security Incident.
  3. Processor shall ensure that any person who is authorised by Processor to process Personal Data (including its staff, agents and subcontractors) shall be under a contractual or statutory obligation of confidentiality.
  4. Processor shall in updating or modifying its Security Measures, ensure that such updates and modifications do not result in the degradation of the Processor’s Security Measures.
  5. Upon becoming aware of a Security Incident, the Processor shall:
    1. notify Controller without undue delay, and where feasible, in any event no later than 48 hours from becoming aware of the Security Incident
    2. provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Controller;
    3. and promptly take reasonable steps to contain and investigate any Security Incident.
  6. Processor’s notification of or response to a Security Incident shall not be construed as an acknowledgment by the Processor of any fault or liability concerning the Security Incident.
  7. Notwithstanding the above, Controller agrees that except as provided in this Agreement, Controller is responsible for protecting the security of Personal Data when in transit to the Processor while the Processor is responsible for protecting the security of Personal Data it receives and transfers to any party including any Sub-Processor.
  8. The Controller represents and warrants that:
    1. it has complied, and will continue to comply, with all applicable laws, including Data Protection Laws, in respect of its processing of Personal Data and any processing instructions it issues to Processor;
    2. and it has obtained and will continue to obtain, all consents and rights necessary under Data Protection Laws for Processor to process Personal Data for the purposes described in the Agreement.
  9. Controller shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Controller acquired Personal Data.
  10. Controller will ensure that Processor’s processing of the Controller’s Data following Controller’s instructions will not cause Processor to violate any applicable law, regulation, or rule, including, without limitation, Data Protection Laws.

SUB-PROCESSING

  1. Controller agrees that the Processor may engage Sub-processors to process Personal Data on Controller’s behalf.
  2. Processor shall notify Controller of any engagement or disengagement of a Sub-processor and shall enter into a written agreement with each Sub-processor containing data protection obligations that provide at least the same level of protection for Controller’s Data as those in this Agreement;
  3. The Processor shall remain responsible for the Sub-processor’s compliance with the obligations of this Agreement and for the acts or omissions of such Sub-processor that cause Processor to breach any of its obligations under this Agreement.

SECURITY REPORTS AND AUDITS

  1. Where the Processor is audited against PCI standards, it shall supply (on a confidential basis) a copy of its annual attestation of compliance and certificate of compliance (“Reports”) to Controller within 5 Business Days of Controller’s written request, to enable

CHAREGEBACKS AND REFUNDS

  1. In certain circumstances, FINCRA payment partners, Card Issuers, Card Schemes and/or Other Financial Institutions may require repayment in respect of a transaction previously settled and/or remitted to You or its customers, notwithstanding that authorisation may have been obtained from our payment partner, Card Issuer and/or Other Financial Institution (such circumstances being a “Chargeback”).
  2. You acknowledge and agree that under all applicable rules, regulations and operating guidelines issued by Card Schemes, our payment partner, financial institution, and FINCRA relating to card, wallet, virtual bank account transactions, other payment methods and processing of data, You may be required to reimburse acquirers, our payment partners or other individuals for Chargebacks in circumstances where You have accepted payment in respect of the relevant transaction.
  3. All Chargebacks shall correspond to the whole or part of the settlement value of the original transaction or to an amount equivalent to the original settlement currency at the rate of exchange quoted for settlement purposes on the day the Chargeback is processed.
  4. All refunds or reversals (whether for underpayments, overpayments or otherwise) shall attract a fee of 15 EUROs and 15 GBP for EURO and GBP-denominated transactions and 35 USD for USD-denominated transactions.
  5. Where a Chargeback occurs or where You fail to address a Chargeback claim within 16 hours, FINCRA shall immediately be entitled to debit your position, make a reversal from your settlement account, virtual bank account or e-wallet and/or make a deduction from any remittance, reserve and/or invoice You to recover:
    • the full amount of the relevant Chargeback;
    • the sum of 15 EUROs and 15 GBP for EURO and GBP denominated transactions and 35 USD as chargeback fees (irrespective of whether the chargeback was successful or otherwise);
    • and any other costs, expenses, liabilities or Fines which may be incurred as a result of or in connection with such Chargeback (“Chargeback Costs”).
  6. FINCRA shall have the right to immediately terminate this Agreement if your chargeback, refund or reversal exceeds FINCRA’s acceptable threshold.
  7. A Chargeback represents an immediate liability from You to FINCRA.
  8. Where the full amount of any Chargeback and/or any Chargeback Costs is not debited by FINCRA from your bank account, virtual bank account or e-wallet or deducted from any remittance or invoiced as referred to in the previous clause, then FINCRA shall be entitled to otherwise recover from You by any means the full amount of such Chargeback and Chargeback Costs (or the balance thereof, as the case may be).
  9. FINCRA shall not be obliged to investigate the validity of any Chargeback by any Card Issuer, Card Scheme, payment partner or Other Financial Institution, whose decision shall be final and binding in respect of any Chargeback.
  10. As Chargebacks may arise a considerable period after the date of the relevant transaction, You acknowledge and agree that, notwithstanding any termination of this relationship for any reason, FINCRA shall remain entitled to recover Chargebacks and Chargeback Costs (and, where relevant, from any entity who has provided FINCRA with a guarantee or security relating to your obligations under this relationship) in respect of all Chargebacks that occur in relation to transactions effected during the term thereof.
  11. FINCRA reserves the right to immediately pass on to and recover from You any fines incurred and/or impose further charges on You and/or terminate the relationship forthwith if we consider that the total value of refunds and/or Chargebacks is unreasonable.
  12. FINCRA can recover fines from You to FINCRA.
  13. You agree that You bear the responsibility to prove to FINCRA’s satisfaction (or that of the relevant Card Issuer, payment partner or Other Financial Institution) that the debit of a customer’s or cardholder’s account was authorised by such customer or cardholder.

DIGITAL ASSETS SERVICES

This schedule applies to your use of Digital Assets.

The services under this schedule are provided by FINCRA’s provider (‘Fincra Partner’).

Fincra Partner shall be an independent contractor for the purposes of this service.

The link to the terms and conditions governing this service is accessible here

DATA PROCESSING AGREEMENT

RESPONSIBILITIES

  1. Each Party shall implement and maintain effective Security Measures (pseudonymization and encryption etc.) that are designed to preserve the security and confidentiality of each Party’s Data and protect its Data from Security Incidents.

Such security measures shall be regularly tested and evaluated for effectiveness.

  1. The Parties understand that Sensitive Data merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms of the Data Subject.

The Controller will therefore not provide (or cause to be provided) any Sensitive Data to Processor for processing under the Agreement without the express consent of the Data Subject.

  1. The Processor shall adopt such measures to ensure a level of security appropriate to the sensitivity of the Data transferred to the Processor.

These measures include the pseudonymisation and encryption of personal data.

  1. Processor shall notify Controller in writing within 48 (forty-eight) hours, unless prohibited from doing so under Data Protection Laws, if it becomes aware or believes that any data processing instruction from Controller violates any Data Protection Law.
  2. Processor shall ensure it can restore the availability and access to Personal Data promptly in the event of a Security Incident.
  3. Processor shall ensure that any person who is authorised by Processor to process Personal Data (including its staff, agents and subcontractors) shall be under a contractual or statutory obligation of confidentiality.
  4. Processor shall in updating or modifying its Security Measures, ensure that such updates and modifications do not result in the degradation of the Processor’s Security Measures.
  5. Upon becoming aware of a Security Incident, the Processor shall:
    1. notify Controller without undue delay, and where feasible, in any event no later than 48 hours from becoming aware of the Security Incident
    2. provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Controller;
    3. and promptly take reasonable steps to contain and investigate any Security Incident.
  6. Processor’s notification of or response to a Security Incident shall not be construed as an acknowledgment by the Processor of any fault or liability concerning the Security Incident.
  7. Notwithstanding the above, Controller agrees that except as provided in this Agreement, Controller is responsible for protecting the security of Personal Data when in transit to the Processor while the Processor is responsible for protecting the security of Personal Data it receives and transfers to any party including any Sub-Processor.
  8. The Controller represents and warrants that:
    1. it has complied, and will continue to comply, with all applicable laws, including Data Protection Laws, in respect of its processing of Personal Data and any processing instructions it issues to Processor;
    2. and it has obtained and will continue to obtain, all consents and rights necessary under Data Protection Laws for Processor to process Personal Data for the purposes described in the Agreement.
  9. Controller shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Controller acquired Personal Data.
  10. Controller will ensure that Processor’s processing of the Controller’s Data following Controller’s instructions will not cause Processor to violate any applicable law, regulation, or rule, including, without limitation, Data Protection Laws.

SUB-PROCESSING

  1. Controller agrees that the Processor may engage Sub-processors to process Personal Data on Controller’s behalf.
  2. Processor shall notify Controller of any engagement or disengagement of a Sub-processor and shall enter into a written agreement with each Sub-processor containing data protection obligations that provide at least the same level of protection for Controller’s Data as those in this Agreement;
  3. The Processor shall remain responsible for the Sub-processor’s compliance with the obligations of this Agreement and for the acts or omissions of such Sub-processor that cause Processor to breach any of its obligations under this Agreement.

SECURITY REPORTS AND AUDITS

  1. Where the Processor is audited against PCI standards, it shall supply (on a confidential basis) a copy of its annual attestation of compliance and certificate of compliance (“Reports”) to Controller within 5 Business Days of Controller’s written request, to enable

Controller verify Processor’s compliance with the audit standards against which it has been assessed and this Agreement.

3.2 In addition to the Reports, Processor shall respond to all reasonable requests for information made by Controller to confirm Processor’s compliance with this Agreement, including responses to information security, due diligence, and audit questionnaires, by making additional information available regarding its information security program upon Controller’s written request, provided that Controller shall not exercise this right more than once per calendar year.

3.3 Where the Processor is not audited against PCI standards, the Processor shall allow for audit inspections by Controller or Controller’s nominated consultant in order to assess compliance with this Agreement and Data Protection Laws. Processor shall also make available to Controller all information reasonably necessary to demonstrate compliance with this Agreement and the Data Protection Laws.

3.4 In addition to the audit inspections, Processor, shall respond to all reasonable requests for information made by Controller or Controller’s consultant to confirm Processor’s compliance with this Agreement, including responses to information security, due diligence, and audit questionnaires, by making additional information available regarding its information security program upon Controller’s or Controller’s consultant written request.

4. INTERNATIONAL TRANSFERS

Controller acknowledges that Processor may transfer and process Personal Data outside its jurisdiction where Processor, its Affiliates or its Sub-processors maintain data processing operations.

Processor shall at all times ensure that such transfers are made in compliance with the requirements of Data Protection Laws.

5. RETURN OR DELETION OF DATA

Upon termination or expiration of the Agreement, Processor shall (at Controller’s election) and subject to applicable laws, delete or return to Controller all Personal Data (including copies) in its possession or control, except the Personal Data is archived on back-up systems, which Personal Data Processor shall securely isolate, protect from any further processing and eventually delete in accordance with Processor’s deletion policies, except to the extent required by applicable laws.

6. RIGHTS OF A SUBJECT RIGHTS AND COOPERATION

6.1 Processor shall to the extent possible, assist the Controller to comply with its data protection obligations with respect to a Data Subject’s rights under Data Protection Laws.

6.2 If any request is made by a Data Subject to Processor directly, Processor shall not respond to such communication directly except as appropriate (for example, to direct the Data Subject to contact Controller) without Controller’s prior authorisation except as legally required.

6.3 If Processor is required to respond to a request made under clause 6.2, Processor shall promptly notify Controller and provide Controller with a copy of the request unless Processor is legally prohibited from doing so.

For the avoidance of doubt, nothing in this Agreement shall restrict or prevent Processor from responding to any Data Subject or data protection authority requests concerning Personal Data for which Processor is a controller.

6.4 If a law enforcement agency sends Processor a demand for Personal Data (for example, through a subpoena or court order), Processor shall attempt to redirect the law enforcement agency to request that Data directly from Controller.

As part of this effort, Processor may provide Controller’s contact information to the law enforcement agency.

If compelled to disclose Personal Data to a law enforcement agency, then Processor shall give Controller reasonable notice of the demand to allow Controller to seek a protective order or other appropriate remedies, unless Processor is legally prohibited from doing so.

7. INDEMNIFICATION

The Processor agrees to indemnify, keep indemnified and defend at its own expense the Controller against all costs, claims, damages or expenses incurred by the Controller or for which the Controller may become liable due to any failure by the Processor or its employees, subcontractors or agents to comply with any of its obligations under this Agreement or the Data Protection Legislation.

8. GENERAL TERMS

8.1 Processor shall have a right to collect, use and disclose Data for its legitimate business purposes, such as: (i) for accounting, tax, billing, audit, and compliance purposes; (ii) to provide, develop, optimize and maintain the services; (iii) to investigate fraud, spam, wrongful or unlawful use of the services; and (iv) as required by applicable laws.

8.2 No one other than a party to this Agreement, its successors and permitted assignees shall have any right to enforce any of its terms.

Updated April 24, 2025

Ready to Get Started?

Create an account instantly and start accepting payments. You can also contact us to design a custom package for your business.

Create Account

Products

Usecase

Developers

Company

© 2025 Fincra

Terms & Conditions

Privacy Policy

Information Security Policy

Communications Policy

IMS Policy

Whistle Blowing

Close Menu