Expanding Globally? Here’s How to Stay Compliant and Secure Your Marketplace

Regulatory Fragmentation and Market-Specific Requirements

Operating in multiple jurisdictions requires an understanding of diverse legal frameworks. One country’s regulations may prioritize consumer data protection while another may impose strict foreign exchange monitoring. This regulatory fragmentation means that a strategy suitable for one region may be entirely ineffective in another.

In the United States, for instance, platforms that make payments to independent contractors may need to comply with tax reporting rules such as the 1099 form. In the European Union, adherence to the General Data Protection Regulation is mandatory when handling user data. Meanwhile, emerging markets may require direct partnership with licensed financial institutions or government approval to offer local payment services.

A common pitfall for marketplaces is assuming that domestic compliance automatically covers international operations. In reality, each market must be treated as a standalone regulatory environment with its own obligations, processes, and enforcement mechanisms.

Establishing a Governance Framework

A governance framework creates the foundation for managing compliance systematically. It consists of the internal policies, procedures, and organizational roles that define how the marketplace handles its legal responsibilities. This includes everything from onboarding policies for merchants to how financial data is processed, stored, and monitored.

Designing a clear framework involves documenting operational workflows, assigning accountability for compliance activities, and conducting regular internal audits. These efforts should be tailored to address specific regulatory categories such as tax compliance, user verification, anti-fraud monitoring, and data security.

Having centralized documentation that outlines these controls helps internal teams align on compliance practices. It also facilitates audits, regulatory inquiries, and partnerships with banks, payment service providers, or other financial entities.

Secure and Compliant Data Management

A significant component of compliance involves how personal and financial data is managed. With most marketplaces processing payments and storing sensitive customer information, safeguarding this data is a legal and ethical imperative. Regulations like the GDPR in Europe and CCPA in California set clear standards for how data must be handled, stored, and shared.

A secure data management policy includes encryption at rest and in transit, access control mechanisms, and detailed logs of who accesses data and when. Data minimization, meaning only collecting what is necessary, is another principle embedded in many privacy regulations. Storage and retention policies should specify how long data is kept and under what circumstances it is deleted or archived.

Beyond security, transparency is a key requirement. Users must be informed about how their data is used and provided with options to opt out or request deletion. Meeting these requirements reinforces platform credibility and shields the marketplace from costly penalties.

Managing Financial Transactions Across Borders

Cross-border financial transactions are subject to extensive scrutiny by regulators. This includes currency exchange controls, international sanctions compliance, reporting obligations, and limitations on capital movement. These rules are designed to prevent money laundering, terrorist financing, and other illicit activity.

When processing international transactions, marketplaces must track the source and destination of funds, screen participants against global sanctions lists, and ensure that all flows are documented properly. Countries with strict capital controls may limit how much money can be moved in or out, requiring workarounds such as local settlement arrangements.

Efficient management of cross-border payments requires knowledge of regional payment rails, currency regulations, and financial licensing. Many platforms choose to work with partners that provide access to these local networks, helping to streamline transactions while staying within legal bounds.

Implementing Know Your Customer and Know Your Business Protocols

Regulators around the world require marketplaces to verify the identity of users and businesses transacting on their platforms. Know Your Customer and Know Your Business procedures are legal obligations under most anti-money laundering laws.

These protocols involve collecting identifying information such as names, addresses, business documents, and bank account verification. More advanced checks may include biometric verification or risk scoring based on behavioral patterns. Proper implementation helps prevent fraud, detect suspicious activity, and prove that the platform is not inadvertently facilitating illicit transactions.

KYC and KYB requirements differ by region and transaction type. A thorough compliance strategy includes workflows for collecting and validating this information, storing it securely, and updating records periodically. Automated systems that integrate verification services reduce the burden on internal teams and accelerate merchant onboarding.

Staying Ahead of Tax Compliance Requirements

Tax compliance is another complex element of global operations. Different jurisdictions enforce different tax obligations for platforms that collect payments, deliver goods, or disburse funds to individuals and businesses. For example, platforms operating in the US may need to file IRS 1099 forms for certain types of payouts. In Europe, they may need to collect and remit VAT.

The challenge is not just understanding local laws but also managing reporting obligations, calculating tax liabilities, and generating required documentation. This becomes increasingly difficult as the number of markets and transactions grows.

Implementing automated tax compliance tools and integrating tax data with accounting systems can significantly ease this burden. In-house tax expertise or partnerships with global tax advisory firms can further reduce risks associated with misreporting or non-compliance.

Monitoring Fraud and Financial Crime

Maintaining a secure platform means being vigilant against fraud and financial crime. Marketplaces are attractive targets for bad actors who attempt to exploit loopholes in payment systems, impersonate users, or launder illicit funds.

Building a compliance strategy involves more than just preventing individual incidents. It requires establishing a comprehensive fraud detection framework that uses real-time monitoring, behavioral analytics, and machine learning to identify irregularities. Suspicious transaction reporting must be timely and in line with regional laws.

Platforms should implement tiered fraud alerts, conduct regular audits, and continuously train their teams to recognize red flags. A strong compliance posture helps prevent reputational damage and operational disruptions stemming from fraud-related incidents.

Structuring for Scalability and Operational Efficiency

A compliance strategy should not slow down growth. Instead, it should be designed to scale alongside the marketplace. This means investing in modular, API-driven systems that automate regulatory processes like KYC, tax calculation, and transaction screening. Reducing manual touchpoints improves speed, lowers operational costs, and minimizes the risk of human error.

Scalability also depends on hiring and training the right talent. As compliance demands grow, marketplaces should consider dedicated compliance officers, risk analysts, and legal advisors who can work cross-functionally to implement best practices.

With the right infrastructure, teams, and tools in place, marketplaces can respond faster to regulatory changes, enter new markets more efficiently, and operate with confidence across borders.

Creating a Culture of Compliance

Building a resilient compliance strategy goes beyond technology and policy. It requires creating a company-wide culture that prioritizes ethical behavior, transparency, and accountability. This involves setting the tone from leadership, offering regular compliance training, and incentivizing adherence to rules and guidelines.

Employees at all levels should understand the importance of compliance and feel empowered to raise concerns or report misconduct. A culture of compliance reduces the risk of unintentional violations and helps ensure that the marketplace’s values align with the expectations of regulators and customers alike.

This culture should also extend to third-party partners, including vendors, contractors, and service providers. Due diligence should be conducted before engagement, and clear compliance expectations should be included in contracts and partnership agreements.

Role of Embedded Finance in Marketplace Growth

Modern marketplaces are evolving beyond simple transaction platforms to become comprehensive ecosystems that offer integrated services for both buyers and sellers. One of the most transformative developments in this evolution is the integration of embedded finance. By enabling marketplaces to provide financial services directly within their platforms, embedded finance offers new growth opportunities while introducing fresh layers of regulatory and security responsibility.

Embedded finance allows platforms to offer services such as payment processing, lending, digital wallets, insurance, and currency exchange without becoming full-fledged financial institutions. However, offering these services means taking on some of the compliance burdens that regulated entities face. Understanding how to implement embedded finance responsibly is critical for marketplaces seeking to expand globally.

Embedding Financial Services Responsibly

To deploy embedded finance in a secure and compliant manner, marketplaces must build a framework that blends technology, legal oversight, and operational efficiency. Unlike traditional banking products that are external to the commerce experience, embedded services are part of the transaction flow. This close integration requires strict adherence to financial regulations.

Embedded finance must be underpinned by clear terms of service, risk assessment protocols, and ongoing monitoring. Each financial service offered carries its own set of legal obligations. For example, issuing credit requires understanding lending regulations and interest rate disclosures, while offering digital wallets entails compliance with e-money licensing frameworks in specific countries.

Collaboration with established financial partners or regulated entities is often necessary to deliver these services. However, marketplaces retain the responsibility for user data, interface design, transaction security, and customer experience—all of which can have compliance implications.

Licensing and Regulatory Compliance by Region

One of the main hurdles in offering financial services globally is acquiring the appropriate licences. Different countries regulate financial products differently, and even within regions, licensing requirements can vary dramatically. Marketplaces must navigate a patchwork of banking laws, securities rules, and consumer protection statutes.

For instance, providing payment services in Europe may require an e-money institution licence under PSD2 regulations, while in North America, similar offerings might be governed by a combination of state-level money transmission licences and federal banking laws. In Asia, some countries mandate joint ventures or domestic incorporation before granting access to financial markets.

The complexity of acquiring licences in each jurisdiction can become a bottleneck for expansion. This challenge leads many marketplaces to rely on licensed financial infrastructure partners who already hold the necessary authorisations. However, even when leveraging third-party licences, the marketplace must ensure that all services remain compliant with local laws, including those around reporting, customer rights, and dispute resolution.

Automating Compliance with Embedded APIs

One of the greatest advantages of embedded finance is the ability to automate compliance through APIs. Marketplace platforms can integrate tools that perform real-time identity verification, risk scoring, sanctions screening, and tax calculation. These automations reduce the need for manual intervention and ensure that compliance checks happen consistently and at scale.

Know Your Customer and Know Your Business processes can be embedded into onboarding flows using secure identity APIs. Similarly, transaction monitoring can be implemented using machine learning algorithms that flag suspicious behavior based on patterns and risk thresholds. Automated tax tools can classify transactions by location, apply appropriate tax rates, and generate documentation in accordance with local rules.

Automated APIs not only reduce compliance risks but also enhance the user experience. Faster onboarding, fewer errors, and quicker payouts can improve trust among users and increase marketplace efficiency.

Cross-Border Transactions and Foreign Exchange Compliance

International expansion introduces complications related to currency exchange, cross-border fees, and varying local payment preferences. Embedded finance solutions that offer built-in foreign exchange capabilities allow marketplaces to facilitate global transactions without relying on external banks or money transfer providers.

Managing cross-border payments requires compliance with local currency controls, central bank regulations, and international tax treaties. Some countries impose restrictions on the flow of capital, while others require transaction-level reporting to financial authorities. Marketplaces must also account for risks such as exchange rate volatility and delays caused by clearing mechanisms.

Using embedded finance to handle foreign exchange internally allows for tighter control over transaction flows, better visibility into fees, and more consistent user experiences. But it also requires robust internal controls, risk hedging strategies, and the ability to respond quickly to regulatory inquiries.

Enhancing Payment Security Through Embedded Systems

Security is an integral part of regulatory compliance, particularly when handling financial transactions. Embedded finance solutions must include enterprise-grade security measures to protect customer funds and sensitive data. Without these safeguards, marketplaces may be exposed to legal liabilities, reputational harm, and regulatory penalties.

Security protocols should include encryption of data both at rest and in transit, secure user authentication, tokenization of payment methods, and protection against common threats like phishing, malware, and insider attacks. In addition, systems should be compliant with industry standards such as the Payment Card Industry Data Security Standard and other global frameworks.

Real-time fraud detection is another crucial component. With embedded finance, platforms can analyze transactional behavior to identify anomalies, block unauthorized access, and flag suspicious transfers. Machine learning models can detect subtle deviations from typical usage patterns, enabling marketplaces to intervene before fraud occurs.

Real-Time Compliance Monitoring and Reporting

Monitoring financial activity in real time helps marketplaces detect compliance breaches as they occur rather than after the fact. Embedded finance tools can provide dashboards and alerting mechanisms that track key indicators such as failed verification attempts, unusual transaction volumes, or elevated risk profiles.

These systems allow compliance teams to intervene quickly, conduct investigations, and adjust thresholds based on emerging risks. In some jurisdictions, real-time monitoring is not just a best practice but a regulatory requirement. For example, financial authorities may expect immediate notification of suspicious transactions or large fund transfers.

Compliance reporting is equally important. Marketplaces must generate audit trails, transaction histories, and regulatory filings on demand. Automating these reports through embedded systems ensures accuracy, reduces the burden on staff, and speeds up the process of responding to audits or government requests.

Aligning Embedded Finance with Internal Risk Frameworks

Risk management is fundamental to responsible financial operations. When offering embedded financial services, marketplaces need to integrate compliance with their broader risk frameworks. This means mapping out all points of potential failure, from operational breakdowns to legal non-compliance, and assigning controls and contingency plans for each.

Risk assessments should be conducted regularly and updated as new services or regions are added. These assessments help identify vulnerabilities in the platform’s infrastructure, flag compliance gaps, and define escalation paths for critical issues.

For marketplaces operating at scale, it’s essential to have a dedicated risk and compliance team that works in tandem with product, engineering, and customer support teams. This cross-functional collaboration ensures that compliance is embedded into the product lifecycle, not tacked on at the end.

Adapting to Regional Differences in Financial Regulation

One of the defining features of global compliance is regional variation. Each country has its own rules on financial disclosures, transaction limits, consumer protections, and dispute resolution. What is standard practice in one market may be illegal or ineffective in another.

Embedded finance solutions must be designed to accommodate these differences. This includes offering localized user interfaces, adjusting transaction flows based on legal requirements, and providing customer support in multiple languages and time zones. It also means working with legal advisors who understand the nuances of each jurisdiction and can advise on changing rules.

Global compliance is a moving target. Regulations evolve in response to economic shifts, technological changes, and political developments. A marketplace that does not stay informed risks falling out of compliance and facing fines, legal actions, or service disruptions.

Supporting Merchant and Customer Trust

Ultimately, compliance is not just about avoiding penalties—it’s about building and maintaining trust. Merchants and buyers need to feel confident that the platform is reliable, secure, and fair. Embedded finance allows marketplaces to offer seamless financial services that enhance the user experience, but only if those services are delivered in a compliant and transparent way.

Clear terms and conditions, fast dispute resolution, transparent pricing, and robust customer support contribute to this trust. Ensuring that all financial services meet regulatory standards and undergo regular audits signals professionalism and accountability.

By treating compliance as a value-add rather than a burden, marketplaces can differentiate themselves in a crowded landscape. Trust becomes a competitive advantage, drawing in higher-quality merchants and loyal customers who prefer secure and compliant platforms.

Integrating Compliance into the Product Lifecycle

To make compliance truly effective, it must be integrated into the product development process from day one. Too often, marketplaces treat compliance as an afterthought, leading to costly reengineering efforts or rushed legal reviews.

Product managers, engineers, and designers should be educated on regulatory considerations and equipped with tools to build compliant experiences. This includes incorporating KYC flows, tax disclosures, and secure payment methods into the initial product design. Legal and compliance teams should be consulted during planning stages to identify requirements early.

When compliance is built into the DNA of the platform, it becomes easier to scale, easier to audit, and easier to trust. This alignment between product and regulation ensures that innovation does not outpace responsibility.

Creating a Compliance-First Culture

As marketplaces scale globally, a reactive approach to compliance is no longer sufficient. Growth requires a proactive, integrated strategy that anticipates legal challenges and embeds compliance throughout the organization. A compliance-first culture ensures that regulatory considerations are not just an obligation, but a foundational principle driving operational integrity and customer trust.

To establish such a culture, leadership must emphasize compliance from the top down. Executives should clearly articulate compliance as a business priority and allocate resources to support it. Teams must be trained to understand their roles in maintaining compliance, whether in product design, engineering, customer support, or vendor management.

By promoting collaboration between departments and integrating compliance into day-to-day decision-making, marketplaces can build an agile, responsible infrastructure capable of navigating complex global regulatory environments.

Centralizing Compliance Operations

Centralizing compliance functions helps marketplaces maintain consistency across regions while reducing duplication of effort. A centralized compliance team can oversee the implementation of global policies, manage relationships with regulators, and coordinate local compliance teams to adapt to regional requirements.

This approach allows for better governance, standardizes procedures, and enables faster response to legal changes or incidents. A global compliance center of excellence can develop playbooks, design compliance KPIs, and deploy best practices across the organization.

While centralization offers scale and efficiency, local teams remain essential for adapting global policies to specific markets. These teams provide critical context on regional regulations, cultural norms, and enforcement practices. The optimal structure combines centralized leadership with decentralized execution.

Designing a Modular Compliance Framework

Global marketplaces operate in diverse environments that demand tailored compliance strategies. A modular compliance framework enables organizations to scale their operations while customizing regulatory controls based on jurisdiction.

This framework includes core global policies around data privacy, financial reporting, and anti-fraud procedures, alongside local modules covering specific requirements such as regional tax laws, licensing obligations, or consumer protection rules. Modularity ensures agility—allowing marketplaces to launch in new markets quickly without rebuilding their compliance infrastructure from scratch.

The framework should be designed to integrate easily with product systems, APIs, and external vendor platforms. This flexibility helps future-proof the marketplace against regulatory changes and supports ongoing innovation.

Establishing Regulatory Intelligence and Monitoring

Regulatory landscapes are continuously evolving. Staying compliant means keeping pace with legal updates, proposed legislation, enforcement actions, and regulatory guidance in every jurisdiction where the marketplace operates.

Establishing a regulatory intelligence function enables continuous monitoring of legal developments through government sources, industry groups, law firms, and compliance networks. This function should track developments at both the national and subnational levels, particularly in countries with decentralized regulatory structures.

Automated tools can be used to scan regulatory feeds, flag relevant changes, and update internal policies accordingly. This proactive approach prevents surprises, reduces legal risk, and allows the marketplace to engage constructively with regulators during times of change.

Building Relationships with Regulators

Open communication with regulators is a powerful tool for maintaining compliance and earning goodwill. Proactive engagement helps marketplaces clarify ambiguous rules, influence policy discussions, and resolve issues before they escalate into enforcement actions.

Regulatory outreach can include participating in consultations, attending industry roundtables, or inviting regulators to visit company offices. When entering new markets, early contact with local authorities can facilitate licensing, build trust, and accelerate go-to-market timelines.

These relationships also help when navigating crises, such as data breaches or system outages. Regulators are more likely to show leniency toward companies that have demonstrated transparency, responsiveness, and a history of cooperation.

Leveraging Compliance Technology at Scale

Technology plays a pivotal role in scaling compliance across a growing platform. RegTech solutions offer automation, standardization, and data-driven insights that reduce manual workloads and improve accuracy.

Examples of compliance technologies include:

• Identity verification platforms for onboarding users
• Transaction monitoring tools for detecting suspicious behavior
• Tax engines for calculating cross-border VAT or sales tax
• Document management systems for archiving audit trails
• Policy management tools for distributing updates and tracking acknowledgments

These tools can be integrated with core marketplace systems to create seamless compliance workflows. For example, identity verification can be triggered automatically during user registration, while payment flows can be screened in real time for sanctions compliance. By investing in scalable compliance architecture, marketplaces can reduce the marginal cost of entering new regions, maintain service quality, and protect against emerging threats.

Managing Vendor and Partner Compliance

Marketplaces rely on a network of external vendors, service providers, and financial partners. Each third-party relationship introduces compliance risks, particularly if vendors handle user data, payments, or regulated activities.

A comprehensive vendor compliance program involves:

• Performing due diligence before onboarding partners
• Requiring contractual commitments to regulatory standards
• Auditing vendor practices regularly
• Monitoring for changes in vendor risk profiles

In high-risk areas like payment processing or cloud hosting, additional scrutiny is needed. This may include penetration testing, data residency audits, or business continuity assessments. Vendors that cannot demonstrate robust compliance should not be trusted with critical functions.

The marketplace remains accountable for the actions of its vendors. Ensuring partner compliance is not just a legal necessity, but a critical component of operational risk management.

Integrating Data Governance with Compliance

Data is central to modern compliance strategies. Marketplaces must track, secure, and report on data across customer touchpoints while complying with privacy regulations, cybersecurity standards, and data localization laws.

A strong data governance framework supports compliance by:

• Defining data ownership and classification
• Limiting access based on role and necessity
• Encrypting data in storage and transit
• Logging data usage for auditing purposes
• Retaining or deleting data according to jurisdictional rules

This framework should align with privacy laws such as the General Data Protection Regulation and emerging data protection regimes around the world. Violations of these laws carry steep penalties and can erode user trust. By embedding data governance into the product development lifecycle, marketplaces can design secure and compliant features from the ground up.

Ensuring Tax Compliance Across Jurisdictions

International marketplaces face intricate tax obligations. These include collecting indirect taxes like VAT or GST, filing income reports for contractors, and submitting cross-border tax disclosures. Each jurisdiction has its own rules for determining tax nexus, registration thresholds, and compliance obligations. Marketplaces must understand where they are required to collect taxes, how to remit payments, and what records must be retained.

Automated tax solutions can help calculate tax rates based on buyer and seller locations, apply tax exemptions, and generate reports for filing. Still, tax compliance requires close coordination between legal, finance, and product teams to ensure accuracy and consistency. Mistakes in tax handling can lead to costly audits, reputational harm, and legal exposure. A proactive tax strategy minimizes risks and enables faster international growth.

Developing an Incident Response Plan for Compliance Breaches

No compliance program is foolproof. When incidents occur—whether due to human error, system failures, or external threats—marketplaces must be prepared to respond quickly and transparently.

An effective incident response plan includes:

• Clear roles and responsibilities for managing incidents
• Defined escalation paths and communication protocols
• Procedures for containment, investigation, and resolution
• Templates for regulatory notifications and customer communication
• Post-incident reviews to identify root causes and preventive measures

The plan should be tested regularly through tabletop exercises or simulations to ensure readiness. In high-risk industries, regulators may require documented response plans as a licensing condition. Rapid and responsible handling of compliance breaches can mitigate damage, preserve user confidence, and demonstrate organizational maturity.

Educating Internal Teams on Global Compliance

Compliance is a shared responsibility that spans the entire organization. Marketplace employees must understand the rules that govern their work and how to identify potential violations. Training programs should be tailored to different roles and include practical scenarios relevant to day-to-day operations. For example:

• Engineers should learn about secure coding practices and privacy-by-design principles
• Customer support agents should be trained on identity verification and dispute resolution
• Marketing teams should understand advertising laws and consent requirements

Refresher courses and ongoing learning opportunities keep compliance top of mind. Gamified learning tools, micro-learning modules, and compliance champions can help reinforce a culture of vigilance. Measuring training outcomes through assessments or tracking participation ensures accountability and helps identify knowledge gaps.

Measuring and Reporting Compliance Performance

Quantifying compliance efforts helps demonstrate value, identify trends, and drive continuous improvement. Key metrics may include:

• Time to onboard new users or merchants compliantly
• Number of suspicious activity reports filed
• Audit findings and resolution timelines
• Training completion rates across departments
• Customer complaints related to compliance issues

Dashboards and analytics tools allow compliance leaders to monitor performance in real time, present data to executives, and benchmark against industry peers. Transparent reporting also supports stakeholder engagement, including investors, regulators, and business partners. When compliance is viewed as a business enabler rather than a bottleneck, it gains stronger internal support.

Planning for Future Regulatory Trends

The compliance landscape is dynamic. Emerging technologies like decentralized finance, artificial intelligence, and digital identity will reshape regulatory priorities in the coming years. Marketplaces that plan ahead will be better positioned to adapt. Scenario planning helps identify potential regulatory developments and their impact on the business. 

By tracking early signals—such as policy drafts, enforcement actions, and academic papers—compliance teams can prepare for change. Engaging in industry coalitions, attending conferences, and contributing to policy discussions allows marketplaces to stay informed and influence future regulation. Regulatory foresight is not a luxury; it’s a competitive necessity in a fast-changing world.

Conclusion

Scaling a global marketplace is an ambitious yet rewarding endeavor that demands a deep understanding of security and regulatory compliance. As marketplaces expand across borders, they encounter diverse legal frameworks, evolving payment ecosystems, and rising expectations for data privacy and financial integrity. Each region presents its own set of rules, tax implications, and regulatory bodies, making compliance a dynamic and critical function that can shape the success or failure of global operations.

Throughout this series, we’ve explored how compliance complexity increases with cross-border transactions, local tax obligations, and growing threats of fraud and cybercrime. Ensuring compliance requires more than just meeting checkboxes—it demands proactive strategies, dedicated resources, and scalable systems that evolve with the regulatory environment. Marketplaces must prioritize secure infrastructure, data protection, and real-time monitoring to safeguard users and sustain trust at scale.

Moreover, integrating robust compliance frameworks into the core of marketplace operations enables platforms to navigate global regulations with greater agility and confidence. From managing FX and cross-border payments to verifying identities and maintaining detailed audit trails, a well-structured compliance strategy unlocks speed, efficiency, and resilience. Automating compliance processes and leveraging embedded infrastructure can dramatically reduce manual overhead and error risks, allowing businesses to move swiftly without compromising safety or legality.

In an increasingly competitive digital economy, trust and compliance are no longer just operational necessities—they are strategic differentiators. A marketplace that operates transparently, securely, and in accordance with local and international regulations will not only avoid costly penalties but also build long-lasting relationships with customers, partners, and regulators alike.

As your marketplace expands into new geographies, the ability to anticipate, adapt, and align with regulatory demands becomes essential. By committing to best-in-class compliance practices and partnering with the right financial infrastructure, you can scale confidently across regions, support your merchants with integrity, and deliver seamless global experiences that meet the highest standards of trust and security.