Regulatory information

IFX (UK) Ltd is referred to hereon as “IFX”, “we” or “us”.

Company information

IFX (UK) Ltd, trading as IFX Payments, registered in England and Wales. Company Number: 05422718. Registered Office: 33 Cavendish Square, London, W1G 0PW, United Kingdom. IFX (UK) Ltd is authorised and regulated by the Financial Conduct Authority under the Electronic Money Regulations 2011 (FRN 900517) for the issuing of electronic money, and is registered as a Foreign Money Services Business (“FMSB”) with the Financial Transactions and Reports Analysis Centre (“FINTRAC”) in Canada (Reg. No.: M23400543).

IFX (UK) Ltd, trading as International Foreign Exchange (DIFC Representative Office), registered as a Recognised Company in the Dubai International Financial Centre (DIFC). Registered Number: 1363. Registered Offices: Unit 401, Level 4, Index Tower, DIFC, PO Box 507009, Dubai, UAE. IFX (UK) Ltd is authorised and regulated by the Dubai Financial Services Authority (FRN F001814) to operate as a Representative Office to market its services in the DIFC.

Data privacy

IFX is registered with the UK Information Commissioner’s Office (Reference Number: Z9399766). For more information, please see our Privacy Policy. In the event you wish to contact IFX regarding the processing of your personal data, please contact: regulatory@ifxpayments.com.

Secure Customer Authentication

We are required by applicable laws and regulations to apply Secure Customer Authenticate (SCA) whenever you perform certain actions via our ibanq or mPay platforms (for example logging in, adding a beneficiary or approving payments). We use software called BindID provided by Transmit Security to perform SCA. As part of the authentication process, biometrics which are held locally to your device are used to perform the verification. Biometric data is not collected, stored or processed by us (or our third party providers) as part of the authentication.

Territory of provision of our services

Our services are available to persons in certain jurisdictions only. The distribution of the information and documentation on this website may be restricted by law in certain countries. This website, and the information and documentation on it, are not addressed to any person resident in the territory of any country or jurisdiction where such distribution to any person resident in the territory of any country or jurisdiction where such distribution would be contrary to local law or regulation.

IFX does not have a physical presence outside the UK, other than in Poland and the DIFC.

If you use our payment services and are based outside the UK, we provide our payment services strictly on the basis that:

  1. You approached us for the provision of our payment services.
  2. You have been advised that our payment services are not regulated or authorised outside the UK.
  3. All of our services are provided in the UK only.
  4. You agree that it is your duty to ensure that you are compliant with the applicable laws in your country.

Provision of information on this website

The information on this website does not constitute, and should not be construed as, financial product advice or a recommendation to buy, sell or otherwise transact in any financial product including, but not limited to, foreign exchange contracts and payment services.

Complaints 

In accordance with our regulatory obligations, we have in place effective and transparent procedures for the reasonable and prompt handling of complaints in relation to the services we provide.

Making a complaint

If you are a client of IFX, we encourage you to first contact your Account Executive either by phone or email in an attempt to resolve your complaint.

In the event this is unsuccessful or if your complaint involves your Account Executive, please email us at regulatory@ifxpayments.com and a member of our team will be in contact with you directly.

lease be assured that the team member handling your complaint will be experienced in dealing with complaints, and will not be directly involved in the matter relating to the complaint. They will have the authority to settle your complaint or will have access to someone who has such authority.

Kindly note that we are required to keep a record of each complaint received and any action taken by us. We retain these records for a minimum of 7 years from the date of receipt of the complaint.

Complaints handling process

Step 1 – a member of our team will promptly acknowledge receipt of your complaint.

Step 2 – following a thorough investigation, we will provide you with a final response to your complaint, confirming our position and setting out our conclusions. We aim to do this within 15 business days of receipt of your complaint.

Step 3 – If you are not happy with our final response, you can refer your complaint to the Financial Ombudsman Service (FOS) or the Financial Consumer Agency of Canada (FCAC) using the information set out below.

In exceptional circumstances and for reasons beyond our control, we may take longer to respond to your complaint. If so, we will send you a holding response within 15 business days of receipt of your complaint, explaining the reasons for the delay and advising when we will issue our final response. In any event, we will issue our final response within 35 business days of receipt of your complaint.

Kindly note that the time scales set out above are indicative only. In exceptional circumstances, if we cannot issue a final response within the given time period, we will contact you to let you know why not and confirm when you can expect to receive a final response from us.

Referral to the FOS

If you remain dissatisfied with our final response, you may be eligible to refer your complaint to the FOS. Further information on the services that the FOS can provide is available here : https://www.financial-ombudsman.org.uk/businesses/resolving-complaint/ordering-leaflet/leaflet

You must contact the FOS within 6 months of the date of our final response. The FOS may refuse to consider your complaint if you do so after this time, or will only consider it in exceptional circumstances. Note that the FOS will only consider complaints about regulated products and services.

You can contact the FOS on the details given below:

Financial Ombudsman Service
Exchange Tower
London
E14 9SR

Telephone No: 08000234567

Website: https://www.financial-ombudsman.org.uk/

Referral to the FCAC

If you are a client registered in Canada and remain dissatisfied with our final response, you may be eligible to refer your complaint to the FCAC. Please find the contact information for the FCAC below:

Phone: (866) 461-3222 (English) | (866) 461-2232 (French) | (613) 960-4666 (outside of Canada)

Website: https://www.canada.ca/en/financial-consumer-agency/corporate/contact-us.html

Protecting yourself against fraud

As a global foreign exchange and payment solutions provider, we place the utmost importance on fraud prevention and protection. We are dedicated to ensuring the safety and security of our customers' personal and financial information, and we have implemented various measures to safeguard against fraudulent activity.

We utilise advanced fraud detection tools and technologies to monitor transactions for suspicious activity, regularly review and update our security protocols, and educate our staff and customers on best practices for preventing and reporting fraud.

We also advise our customers to take proactive steps to protect themselves against fraud, such as regularly monitoring their accounts and reporting any suspicious activity immediately.

We are committed to maintaining the highest level of security and confidentiality for our customers. We will continue to invest in and improve our fraud prevention efforts to ensure a safe and secure online experience for all. Our commitment to fraud prevention and protection is further reinforced by our compliance with all applicable laws, regulations, and industry standards related to fraud prevention and data security.

Have you been a victim of fraud?

If you suspect you have been a victim of fraud, we advise you to report it immediately to our team via regulatory@ifxpayments.com

You can report fraud and cybercrime if you live in the UK to Action Fraud.

When you contact us, we will investigate your suspicions and where possible take necessary steps to prevent others from falling victim to the same scam.

Fraud alerts

Please be aware that fraudsters use ever-changing methods of defrauding payment service users. A few examples are set out below:

Authorised push payment (APP) fraud or bank transfer scams

APP fraud, also known as bank transfer scams, is a type of fraud in which an individual or organisation is tricked into transferring money to a fraudster's account. This type of fraud typically occurs when the fraudster poses as a legitimate individual or entity, such as a vendor, supplier, or employee of a company.

The fraudster will usually contact the victim through email, phone, or text message and provide them with false information, such as fake invoices or payment requests. The victim is then instructed to make a payment to the fraudster's account, often under the guise of urgent or time-sensitive circumstances.

The fraudster will use various tactics to convince the victim to transfer the funds, such as creating a sense of urgency, threatening legal action or penalties, or providing fake assurances of security or legitimacy.

Once the victim transfers the funds, the fraudster will quickly withdraw the money from the account, often leaving the victim with little to no recourse to recover the lost funds.

APP fraud is a growing concern for individuals and businesses alike, and it is important to be vigilant and take appropriate measures to prevent falling victim to these scams. It is important to verify the authenticity of any payment requests before transferring funds and to educate employees and colleagues about the risks and signs of APP fraud. Additionally, banks and financial institutions are working to implement additional security measures to prevent and detect APP fraud.

Account takeover

Account takeover is a type of fraud where criminals gain unauthorised access to a customer's account, typically through phishing scams, social engineering, or various forms of hacking to trick the account holder into providing sensitive information.

Once a criminal has access to an account, they can steal funds, make unauthorised transactions, or change the account details to lock the legitimate owner out of their account, causing significant financial losses.

Preventative measures include implementing strong authentication measures and security protocols such as multi-factor authentication, monitoring for suspicious login activity, educating customers, and having a response plan and a refined procedure in place for notifying affected customers and law enforcement agencies.

Cyber fraud

Cyber fraud refers to any fraudulent activity that takes place online and typically involves using the internet or technology to deceive individuals and organisations into providing sensitive information.

It includes phishing scams, identity theft, hacking, and malware attacks. Cyber fraud can be committed by individuals or organised groups who target vulnerable entities lacking adequate security measures.

Examples include email scams requesting, fake websites, and ransomware attacks, leading to financial loss, reputational harm, and legal consequences.

To prevent cyber fraud, keep software up to date, use strong and unique passwords, be wary of suspicious emails and messages, use two-factor authentication and keep sensitive information private.

CEO email fraud

CEO email fraud, also known as business email compromise, is a type of cyber fraud where criminals impersonate a CEO or another high-level executive to trick employees and partners into transferring funds or sensitive information, causing significant financial losses and reputational damage.

The fraudster creates an email address similar to the targeted executive's by slightly altering the domain name, then requests urgent payment or transfer from the finance or accounting department, and uses various tactics to create a sense of urgency or authority by claiming the requested funds are needed to close a critical deal. The funds will then be sent to the criminal’s account through a series of intermediaries or shell accounts. These are often difficult to trace.

To prevent this fraud, payment firms should implement strict authentication protocols for all financial transactions including multiple levels of approval, educate employees, conduct regular security audits, and have a response plan in place for recovery of stolen funds and notifying law enforcement.