Security Directory

S

SIA Hedge Capital Company

nordcard.eu

0

NordCard, operated by SIA Hedge Capital Company, is a Latvian non-bank financial service provider specializing in offering flexible credit lines up to 10,000 EUR. The website targets Latvian consumers seeking quick and convenient short-term credit solutions, providing online application processes, online banking access, and payment cards linked to credit lines. The company positions itself as a reliable and customer-focused lender within the Latvian market, supported by customer reviews and comprehensive FAQs. Technically, the website employs modern JavaScript libraries and Google Tag Manager for analytics and marketing, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though some HTTP security headers are not explicitly detected. Privacy compliance is well addressed with accessible privacy and cookie policies and a consent mechanism. Overall, the website demonstrates a professional and trustworthy online presence with moderate to good technical maturity.

D

Data Invision

datainvision.com

0

Data Invision is a technology startup founded in 2019, specializing in AI-powered predictive analytics solutions primarily for the finance sector. Their platform focuses on enhancing business decision-making through machine learning models that address credit risk, fraud detection, and campaign optimization. The company positions itself as a niche provider offering precision, efficiency, and profitability improvements to financial institutions and related businesses. Technically, the website is built with modern JavaScript frameworks such as React and integrates Google Analytics and Tag Manager for user tracking. The site is hosted with Cloudflare DNS services and uses HTTPS with a good SSL configuration. Security posture is moderate; while HTTPS is enforced and domain registration is protected against unauthorized changes, the site lacks security headers and explicit security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact information is limited to a company email and a hidden contact form, with no phone numbers or physical addresses found. Overall, the website is professional and trustworthy but could improve in security and privacy compliance aspects.

Dains is a well-established UK-based accounting and business advisory firm offering a wide range of professional services including audit, taxation, corporate finance, payroll, and forensic accounting. The company targets private individuals, private companies, large corporates, and not-for-profit organizations, positioning itself as a trusted partner with nearly a century of history and a broad service portfolio. The website reflects a professional and modern digital presence with clear navigation, comprehensive service descriptions, and strong branding consistency. Technically, the website employs modern web technologies such as Tailwind CSS, JavaScript frameworks, and integrates multiple analytics and marketing tools including Microsoft Clarity, Google Tag Manager, Lead Forensics, and social media pixels. The site is mobile-optimized, fast-loading, and accessible, indicating a mature digital infrastructure likely hosted behind Cloudflare services. From a security perspective, the site enforces HTTPS and uses Cloudflare Turnstile CAPTCHA for bot protection, but lacks explicit security headers and does not provide a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. However, the WHOIS data for the domain is missing or inaccessible, which raises concerns about domain registration legitimacy or recent registration status. This discrepancy between the professional website and missing WHOIS data suggests a need for further verification. Overall, the site demonstrates strong business credibility and technical maturity but would benefit from enhanced transparency in security policies and domain registration details.

C

Chip

getchip.uk

0

Chip is a UK-based fintech company offering a comprehensive savings and investment app that integrates AI-driven auto-saving features and multiple account types including Cash ISAs and Stocks & Shares ISAs. The company targets individuals seeking to build long-term wealth with ease and convenience, boasting over 500,000 users and strong market presence supported by competitive rates and promotional offers. The website reflects a mature digital infrastructure leveraging modern web technologies, analytics, and marketing tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, security headers, and consent management, though explicit incident response and vulnerability disclosure policies are not publicly available. Overall, Chip demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR and UK financial regulations.

C

Compass Plus (Great Britain) Limited

compassplus.com

0

Compass Plus Technologies is a UK-based company specializing in payments technology solutions, including issuing, acquiring, digital solutions, and processing services. The company positions itself as an innovator and market leader, targeting financial institutions, start-ups, and disruptors in the payments industry. Their business model focuses on providing flexible, scalable, and visionary payment platforms to empower customers in controlling their payment ecosystems. The website content is rich, professionally designed, and clearly structured, reflecting a medium-sized enterprise founded in 2022. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, integrates Google Tag Manager and Analytics for tracking, and is hosted on AWS infrastructure. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and accessibility compliance. From a security perspective, the site uses HTTPS with a good SSL configuration and enforces domain transfer restrictions. However, it lacks DNSSEC and explicit security headers, and no security policy or incident response contacts are published. Cookie consent mechanisms and privacy policies are comprehensive and GDPR compliant, indicating a strong privacy posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional digital presence with solid business credibility. Strategic improvements in security headers, DNSSEC, and incident response transparency would enhance the security posture and trust further.

D

Deutsche Börse Group

eurexgroup.com

0

Eurex, operated by Deutsche Börse Group, is a leading global derivatives exchange specializing in EUR-denominated equity index and fixed income derivatives. The website presents comprehensive market and product information targeting financial market participants such as traders, clearing members, and institutional investors. The business model focuses on providing derivatives trading, clearing services, market data, and repo market solutions, positioning Eurex as a key player in the global financial markets. Technically, the website is built on CoreMedia CMS with JavaScript and integrates Matomo analytics for user tracking. The site demonstrates good mobile optimization, clear navigation, and professional design, supporting a positive user experience. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are not clearly published. WHOIS data is unavailable, likely due to privacy protections common in financial sector domains, but the domain and content legitimacy are supported by consistent branding and association with Deutsche Börse Group. Overall, the website is professional, secure, and credible, serving its target audience effectively.

N

Numeri

numeri.lv

0

Numeri is a Latvian-based financial services company specializing in accounting, payroll, tax, and consulting services for businesses at various stages of development, including support for non-resident companies. The company positions itself as a reliable partner in financial management, offering expert guidance to optimize financial processes and support strategic decision-making. The website is professionally designed, localized in Latvian, and includes client testimonials and partner affiliations that enhance its credibility. Technically, the website is built on Drupal 11, employs Google Tag Manager for analytics, and uses Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized and accessible, with good SEO practices and modern web standards. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. The absence of WHOIS data for the domain numeribaltics.com is a notable concern, as it limits the ability to verify domain registration legitimacy. Despite this, the website content and professional presentation suggest a legitimate business operation. No explicit security or incident response policies are published, which could be improved to enhance trust. Overall, Numeri demonstrates a mature digital presence with good privacy compliance and security practices, but domain registration transparency and explicit security policies should be addressed to strengthen trust and compliance.

M

Man Group

man.com

0

Man Group is a well-established, enterprise-level investment management firm with a heritage dating back to 1783. The company specializes in technology-empowered active investment management, offering diversified strategies including quantitative and discretionary approaches, as well as private market investments. Their target audience primarily consists of institutional investors seeking tailored portfolio solutions. The website reflects a strong market position with consistent branding and comprehensive content focused on their investment capabilities and corporate responsibility. Technically, the website is built on Drupal CMS and employs modern web technologies such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. However, some security headers are missing, and no explicit incident response or vulnerability disclosure information is provided, indicating areas for security posture improvement. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, reflecting good privacy compliance aligned with GDPR. The absence of WHOIS data limits domain registration trust analysis, but the website content and external references strongly support legitimacy. Overall, the site demonstrates a mature digital presence with room for enhanced security transparency. Strategically, Man Group should focus on publishing vulnerability disclosure policies, enhancing security headers, and providing clear incident response contacts to strengthen trust and compliance. These steps will improve their security posture and align with best practices for enterprise financial services websites.

H

Hérens Quality Asset Management

hqam.ch

0

Hérens Quality Asset Management (HQAM) is a specialized asset management boutique focused on serving institutional and private investors primarily in Switzerland. The company offers key services including asset management, investment advisory, and portfolio analysis. The website is professionally designed using WordPress with modern plugins such as Elementor and Rank Math SEO, indicating a mature digital presence. The site is well-structured, mobile-optimized, and includes a customer portal for client access. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, HQAM presents a credible and professional business front with room for improvement in privacy and security transparency.

A

Altum

altum.lv

0

Altum is a Latvian state financial institution providing government-backed financial support and services to residents, businesses, farmers, and investors. The website clearly communicates its role in supplementing the private financial market with state support products, including loans, investment funds, and bonds. The institution targets a broad audience within Latvia, including individuals and commercial entities. The digital presence is built on a modern WordPress CMS with Elementor, featuring responsive design and integrated calculators to assist users. Security measures include HTTPS enforcement and Google reCAPTCHA integration, alongside a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not publicly available, and WHOIS data could not be retrieved due to query limits, slightly reducing confidence in domain registration transparency. Overall, the website demonstrates a solid security posture and professional business presentation appropriate for a government financial institution.

A

Access Digital

accesssoftek.com

0

Access Digital is a mature digital banking platform provider offering a comprehensive ecosystem that includes consumer and business banking, cryptocurrency trading, robo-advisory investing, biometric security, fraud detection, and conversational banking in multiple languages. The company targets financial institutions and businesses seeking advanced digital banking solutions, positioning itself as a robust and elegant financial ecosystem with over 160 integrations and award-winning security features. The website reflects a medium-sized enterprise with a professional online presence and a business history dating back to 1999. Technically, the website is built on WordPress using Elementor and JetEngine plugins, integrated with HubSpot marketing and analytics tools, and served via Cloudflare DNS. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and domain locks in place, but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service pages. Overall, the security posture is adequate but could be improved by enabling DNSSEC, publishing security and privacy policies, and adding vulnerability disclosure information. The website is accessible without WAF blocking, indicating no content restrictions. The domain WHOIS data is consistent with the business claims, showing a long-established domain registered via GoDaddy with Cloudflare DNS. Strategic recommendations include enhancing privacy and security transparency, implementing security headers, and providing clear incident response contacts to strengthen trust and compliance.

B

Bilderlings Pay

bilderlings.com

0

Bilderlings Pay is a fintech company established in 2012, offering business accounts with advanced payment card solutions including cashback and integration with Apple Pay and Google Pay. The company targets businesses seeking efficient global payment and banking services. The website is built on WordPress with Elementor, featuring a professional design and moderate performance. Security posture is adequate with HTTPS enabled and domain registration locks in place, but lacks DNSSEC and explicit security policies. Privacy compliance is partial, with a cookie policy and consent mechanism present but no visible privacy policy or terms of service. Overall, the site presents a credible fintech business with room for improvement in transparency and security best practices.

J

JE Consulting

jeanedwards.com

0

Jean Edwards Consulting is a specialized consulting firm established in 2005, focusing on change management and data services primarily for the finance industry and public sector. The company positions itself as a provider of high-quality, flexible, and maintainable solutions, leveraging expertise in management consultancy, data management, technology innovation, and AI & automation. Their market presence is supported by longstanding client relationships and a professional digital footprint. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and Slider Revolution, hosted behind Cloudflare DNS and leveraging WP Engine infrastructure. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security measures include HTTPS enforcement and Google reCAPTCHA integration, though additional security headers and policies could enhance the posture. From a security perspective, the site shows a solid baseline with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms indicates room for maturity improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and business demonstrate a trustworthy and professional presence with moderate technical sophistication and good compliance. Strategic enhancements in security transparency and technical hardening would further strengthen their risk profile.

N

Nordea

nordea.lv

0

Nordea is a leading Nordic universal bank providing a wide range of financial services including personal and business banking, asset management, and investment solutions. The bank targets individuals and corporate clients primarily in the Nordic region, maintaining a strong market position supported by comprehensive corporate governance and investor relations transparency. The website is built on Drupal 10, indicating a modern and maintainable technical infrastructure with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement, security headers, and secure login portals, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, the site demonstrates a high level of professionalism and trustworthiness, though the absence of WHOIS data for the domain is unusual and should be further verified to ensure domain legitimacy.

T

Trust Krediet Beheer

tkb.nl

0

Trust Krediet Beheer (TKB) is a well-established Dutch credit management specialist offering a suite of services including credit management software (TRUST IT), debt collection (incasso), outsourcing, and staffing solutions. The company targets businesses seeking to optimize their receivables and improve cash flow. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content including client case studies and testimonials, positioning them as a trusted partner in the finance sector. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and performance optimizations such as LiteSpeed Cache. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing, demonstrating a moderate level of digital maturity. Mobile optimization and SEO practices are well implemented, though accessibility could be further enhanced. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes key security headers. Forms use secure POST methods, and no sensitive data exposure or vulnerable libraries were detected. However, the absence of a dedicated security policy or incident response information suggests room for improvement in transparency and preparedness. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, reflecting a reliable and professional online presence. Strategic enhancements in security policy disclosure and accessibility would further strengthen their position.

BIC Securities is an independent corporate finance advisory firm primarily serving Russia, Ukraine, and the Baltic states. The company focuses on mergers and acquisitions advisory and related corporate finance services, targeting corporate clients engaged in domestic and cross-border equity transactions. The website content reflects a small-sized firm with a clear business focus but limited digital maturity. Technically, the site uses legacy technologies such as jQuery and Google Analytics, with no modern CMS or advanced frameworks detected. The site lacks mobile optimization and accessibility features, and no privacy or cookie policies are present, indicating low privacy compliance. Security posture is weak due to absence of visible security headers and unknown HTTPS status. Overall, the website is functional but basic, with moderate trustworthiness given the lack of contact details and compliance documentation.

D

DTB group

dtb.lv

0

DTB group is a Latvian financial and legal services company specializing in providing financing solutions for individuals and legal entities. Their offerings include mortgage loans, transport financing, overdrafts, credit lines, factoring, refinancing, investment attraction, real estate acquisition, purchase of receivables, and comprehensive legal services. The company positions itself as a conservative and experienced player in the Latvian financial market, collaborating with multiple banks and financial institutions to deliver tailored financial products and legal support. The website content is primarily in Russian, targeting clients in Latvia and surrounding regions. The presence of partner logos from reputable banks enhances their market credibility. Technically, the website is built using Adobe Muse with jQuery 1.8.3 and RequireJS, indicating a static site with limited modern CMS features. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture shows room for improvement, with no explicit security headers detected and use of an outdated jQuery version that may expose vulnerabilities. The site uses HTTPS and AJAX for form submissions but lacks privacy and cookie policies, which impacts compliance. Overall, the security posture is moderate with no detected blocking or WAF interference. The lack of WHOIS data limits domain trust verification, but the website's professional content and partner affiliations suggest legitimacy. Strategic improvements in security headers, library updates, and privacy compliance would enhance trust and reduce risk.

TaxLink Latvia is a professional services firm specializing in tax, audit, accounting, and financial consulting services primarily for businesses with active operations in Latvia. As a member of the international IR Global network, it offers expert solutions with global reach, targeting both companies and private individuals. The company positions itself as a leading international level audit and consulting firm with over 14 years of experience and a broad client base. The website reflects a professional and consistent brand image, showcasing key services such as transfer pricing, tax risk management, and financial consulting. The technical infrastructure of the website is built on modern and widely used technologies including jQuery, Bootstrap, Swiper.js, and Google services such as Maps, Tag Manager, and Analytics. The site is mobile-optimized and provides a good user experience with clear navigation and responsive design. However, some SEO and accessibility features could be improved for better performance and compliance. From a security perspective, the website uses HTTPS and employs standard best practices such as asynchronous loading of analytics scripts. There is no evidence of exposed sensitive data or vulnerable libraries in the provided content. However, security headers are not explicitly detected, and no formal security or incident response policies are published on the site. Privacy and cookie policies are present, indicating some level of compliance with data protection regulations, though GDPR compliance is not explicitly confirmed. Overall, the website presents a trustworthy and professional image suitable for its business domain. The lack of WHOIS data limits the ability to fully verify domain legitimacy, but the content and presentation suggest a legitimate and established business. Strategic recommendations include enhancing security headers, publishing incident response contacts, improving SEO and accessibility, and adding a security.txt file for vulnerability disclosure.

L

Leveria

leveria.lv

0

Leveria is a Latvian financial consulting firm specializing in corporate finance advisory, funding acquisition, business modeling, and corporate restructuring. Positioned as a leader in financing projects across Latvia, Leveria collaborates with major financial institutions to support sustainable business growth. The website demonstrates a professional digital presence built on WordPress with modern performance optimizations and multilingual support. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear cookie and privacy policies. Overall, Leveria presents a credible and trustworthy business profile with room for enhanced security transparency and WHOIS data availability.

A

AFINANCE FINANCIAL CONSULTING SL

afinance.es

0

aFinance is a specialized mortgage brokerage company based in Spain, offering comprehensive mortgage management and negotiation services. The company positions itself as a market reference, providing services such as mortgage simulators, debt consolidation, and personalized real estate shopping assistance. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, targeting individuals seeking mortgage solutions in Spain. Technically, the site employs modern analytics and tracking tools with appropriate consent mechanisms, ensuring GDPR compliance. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although no explicit security policy or incident response information is published. WHOIS data confirms the legitimacy of the domain and its alignment with the business identity. Overall, the site demonstrates high professionalism, trustworthiness, and compliance, suitable for its financial services sector.

R

Rigensis Bank AS

rigensisbank.com

0

Rigensis Bank AS is a Latvian financial institution founded in 2011, which historically provided specialized financial products. As of October 2021, the bank is undergoing reorganization to cease its credit institution activities and transition into a commercial company not engaged in banking services. The website primarily communicates this regulatory and business status update. Technically, the website uses legacy jQuery libraries and several jQuery plugins, hosted behind Cloudflare DNS, but lacks modern security headers and privacy compliance documentation. The site is accessible without WAF or security challenges, but it lacks critical privacy and cookie policies, and no email or contact forms are provided, limiting user engagement and transparency. Security posture is moderate but could be improved by updating libraries, enabling DNSSEC, and adding security headers. Overall, the website reflects a small financial entity in transition with basic digital maturity and moderate trustworthiness.

I

ICBA - International Credit Brokers Alliance

icba.com

0

ICBA - International Credit Brokers Alliance operates as a global network of independent trade credit insurance brokers, boasting a large presence with 900 specialist brokers across 50 countries and additional correspondents. The organization focuses on providing trade credit insurance and related financial services to companies seeking to trade internationally with risk mitigation. Their business model emphasizes collaboration among top brokers to deliver localized expertise with global reach. Technically, the website is built on WordPress with modern libraries and frameworks, offering a good user experience and mobile optimization. However, minor backend issues such as PHP warnings and lack of DNSSEC indicate areas for improvement. Security posture is moderate with HTTPS enabled and reCAPTCHA on forms, but lacks explicit security headers and published security policies. Privacy compliance is limited due to absence of a privacy policy page, though cookie consent is implemented. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

V

Vialet

vialet.eu

0

Vialet is a business payment solutions provider offering services such as multi-currency accounts, virtual cards, instant money transfers, and e-commerce integration. The website is professionally designed using WordPress and Elementor, with modern tracking and marketing technologies including Intercom, LinkedIn Insight, and Google Tag Manager. The site employs HTTPS and cookie consent mechanisms, indicating a baseline of security and privacy awareness. However, the absence of explicit privacy policies, terms of service, and contact information limits transparency and user trust. WHOIS data is unavailable due to privacy protection, which is common for EU domains but reduces registrant visibility. Overall, the website presents a credible business presence with room for improvement in compliance and security disclosures.

I

ILF

ilf-ua.com

0

ILF is a well-established Ukrainian law firm founded in 1994, providing a broad range of legal services including investment consulting, dispute resolution, corporate consulting, and representation in criminal cases. The firm targets international companies and Ukrainian businesses across multiple industries such as finance, IT, healthcare, and creative economy. The website reflects a professional and consistent brand image with detailed team profiles and client success statistics, positioning ILF as a credible player in the legal services market. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and integrates Google Analytics and Facebook Pixel for user tracking. The site is mobile optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and CSRF protection on forms, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security practices.

Granat Holding is an international multi-disciplinary investment holding company focusing on sectors such as finance, real estate, production, social projects, and development. The company positions itself as a trusted private investor with a presence in multiple countries, targeting investors and business partners interested in diversified investment opportunities. The website reflects a professional and consistent brand image with clear navigation and good content quality, although some areas like privacy compliance and direct contact information could be improved. Technically, the website uses a modern tech stack including jQuery, Bootstrap, and Google Maps API, with good mobile optimization and moderate performance. However, there is a lack of advanced security headers and DNSSEC is not enabled, which are areas for improvement. The site uses HTTPS and has a stable domain registration, which supports its legitimacy. From a security perspective, the site has a moderate posture with HTTPS enabled and domain transfer protection, but lacks security headers and cookie consent mechanisms. No incident response or security policies are published, and no direct company contact emails or phone numbers are provided, which may impact user trust and compliance with privacy regulations. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security practices, and more transparent contact information to strengthen trust and regulatory adherence.

T

Trust Comfinancial

trustcomfinancial.com

0

Trust Comfinancial is a small-scale Italian-language website focused on personal finance education, providing articles and guidance on budgeting, investing, and financial planning. The site targets individuals seeking to improve their financial literacy and independence. Technically, the site is built on WordPress with common libraries such as jQuery and Bootstrap, hosted by GoDaddy. The website demonstrates good SEO practices and mobile optimization but shows minor backend issues such as exposed PHP warnings. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers, and no cookie consent mechanism is present. Contact information is limited to an email address with no phone or physical address. Overall, the site is legitimate and consistent with its stated purpose but could improve in security and privacy compliance.

T

TheWaay

thewaay.space

0

TheWaay is a fintech company specializing in AI-powered lifestyle banking solutions aimed at enhancing customer engagement and personalization for banks and financial institutions. Their platform integrates AI-fueled personal assistants and deep behavioral profiling to boost card transactions, daily engagement, and upsell metrics within mobile banking apps. Positioned as a leader in lifestyle banking, TheWaay targets millennials and digital banking customers with innovative services including stand-alone lifestyle banking apps and marketing CRM assistants. The company is small-sized, founded in 2015, and operates primarily from the UK. Technically, the website employs a modern JavaScript stack including jQuery, Slick Carousel, AOS animations, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Yandex Metrika, and Intercom. Hosting is provided by Beget, and the site is mobile-optimized with good SEO practices. However, accessibility features are basic, and no CMS or major frameworks are detected. From a security perspective, the site uses HTTPS and Google reCAPTCHA for form protection, but lacks visible security headers and DNSSEC is not enabled. There is no published privacy policy, cookie policy, or terms of service, which impacts GDPR compliance and user trust. The domain is privacy protected with a registrant in Russia, while the business claims a UK address, a common practice for startups but worth noting. Awards from Visa, BBVA, and Ernst & Young add credibility. Overall, the website is professional and functional with moderate security posture and privacy compliance. Strategic improvements in privacy documentation, security headers, and DNS security would enhance trust and compliance. The business shows promise in the fintech lifestyle banking niche with a clear value proposition and established market presence.

P

Prudentia

prudentia.lv

0

Prudentia is a leading corporate finance company in the Baltic region specializing in company sales, purchases, and mergers and acquisitions advisory services. The website is built on the Wix platform, leveraging standard Wix technologies and scripts, indicating a moderate level of digital maturity. The site presents professional content relevant to its target audience of businesses seeking corporate finance services in Latvia and the Baltics. Security posture is basic with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, which are critical for compliance and trust. The absence of WHOIS data due to query limits restricts full domain legitimacy assessment. Overall, the website is functional and professional but would benefit from enhanced security practices and compliance documentation.

X

Xcelsior Loans

xcelsiorloans.co.za

0

Xcelsior Loans operates as a South African financial services provider specializing in short-term secured loans using vehicles as collateral. The website presents a professional and consistent brand image, targeting individuals seeking quick cash flow solutions without credit checks. The business model focuses on vehicle pawn loans with an online application process, positioning itself as a niche player in the local finance sector. Technically, the website is built on WordPress using the Divi theme, enhanced with SEO and analytics tools such as Yoast SEO and Google Tag Manager. Security measures include HTTPS enforcement, security headers, and Google reCAPTCHA to mitigate bot activity. However, the absence of WHOIS registrant data and lack of explicit privacy and terms policies represent gaps in transparency and compliance. Overall, the site is functional and moderately secure but would benefit from enhanced privacy disclosures and registrant transparency.

Reportum is a small Latvian company specializing in providing financial institutions with advanced technology and knowledge for regulatory reporting and risk management. It serves as the official representative of Wolters Kluwer Financial Services in Latvia and the Baltic region, offering compliance, audit, and consultancy services tailored to the financial sector. The website is professionally designed with clear navigation and relevant content targeting financial institutions and regulatory bodies. Technically, the site uses standard HTML and CSS with Google Analytics for visitor tracking but lacks modern security headers and visible privacy or cookie policies, which are critical for GDPR compliance. The absence of WHOIS data limits domain registration transparency, but the business legitimacy is supported by its association with a reputable global brand and consistent contact information. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

ShareBuilder 401k is a specialized provider of affordable 401(k) retirement plans targeting self-employed individuals and small to medium-sized businesses. The company offers a range of plan types including Solo, Safe Harbor, Traditional, and Roth 401(k) plans, complemented by investment management expertise and dedicated customer support. The website positions ShareBuilder 401k as a cost-effective alternative to industry averages, supported by strong trust signals such as ratings from Forbes, CNN, and NerdWallet, and serving over 6,500 businesses since 2005. Technically, the website is built on the Nuxt.js framework, leveraging modern JavaScript and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and a professional design. However, some accessibility features could be improved. The SSL configuration is excellent, ensuring secure HTTPS connections, but the absence of security headers and cookie consent mechanisms indicates room for security and privacy enhancements. From a security perspective, the site demonstrates good practices such as secure login portals and no visible sensitive data exposure. Nonetheless, the lack of published incident response policies, vulnerability disclosure, and security.txt files suggests limited transparency in security governance. The missing WHOIS data for the domain is a notable concern, potentially indicating privacy protection or domain registration issues, which slightly detracts from overall trustworthiness. Overall, ShareBuilder 401k presents a professional and trustworthy online presence with strong business credibility and technical implementation. Addressing the identified security and privacy gaps, along with clarifying domain registration status, would further strengthen its risk posture and compliance standing.

B

BANKEX

bankex.com

0

BANKEX operates as a digital asset banking platform aiming to unlock liquidity for asset holders by providing banking and securitization services tailored to digital assets. The platform targets investors and financial institutions seeking to leverage their digital assets for cash access. The website is professionally designed using modern web technologies such as Webflow and Lottie animations, offering a good user experience with mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Security posture is adequate with HTTPS enabled but lacks comprehensive security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the platform shows promise but requires improvements in transparency, security disclosures, and compliance documentation to enhance trust and credibility.

U

Unlimit

cardpay.com

0

Unlimit is a fintech company providing global payment solutions including payment processing, payouts, business accounts, banking as a service (BaaS), and crypto-related services such as NFTs and GameFi. The company targets businesses seeking borderless payment methods and operates across multiple regions including LATAM, APAC, Africa, Europe/UK, and India. Their digital presence is supported by a WordPress-based website with modern technologies such as Google Tag Manager and CookieYes for cookie consent management. The website is well-structured, multilingual, and integrates various analytics and advertising tracking services, indicating a mature digital marketing strategy. From a security perspective, the website enforces HTTPS and uses Cloudflare Bot Management, but lacks explicit security headers and published security policies. The cookie consent mechanism is comprehensive, supporting GDPR compliance, but no privacy policy or terms of service were detected in the provided content. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and branding appear professional and consistent with a legitimate fintech business. Overall, the website demonstrates good technical implementation and business credibility but would benefit from enhanced transparency in privacy and security policies, as well as verified domain registration information. Strategic improvements in security headers, incident response disclosures, and contact information would strengthen trust and compliance.

C

CALAY LTD

fbsb.com

0

The website represents CALAY LTD, formerly known as FBSB PLC and trading as FBS Banking™, specializing in offshore bank account opening services since 1997. The business underwent a trademark acquisition by Tradestone Limited in 2021, with a clear rebranding effort directing former clients to calay.com. The site targets individuals and businesses seeking offshore banking solutions, positioning itself as a niche service provider in the finance sector. The content is basic but communicates the essential business transition and service focus. Technically, the website is built on WordPress using the Divi theme, with common plugins such as Contact Form 7 and a cookie notice plugin. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Google Analytics is installed but not configured, indicating incomplete analytics setup. The site uses HTTPS but lacks visible security headers and DNSSEC, which are areas for improvement. From a security perspective, the domain is well-established with a consistent WHOIS record and no privacy protection, supporting legitimacy. However, the absence of published privacy policies, terms of service, and incident response information reduces compliance and trustworthiness. The cookie consent mechanism is present and functional, but overall privacy compliance is limited. No direct contact information or social media links are provided, which may hinder user trust and engagement. Overall, the website is functional and moderately credible but requires enhancements in privacy compliance, security posture, and content richness to improve user trust and regulatory adherence. Strategic improvements in security headers, policy publication, and analytics configuration are recommended to strengthen the site's digital maturity and risk management.

G

Goldman Sachs Asset Management

nnip.com

0

Goldman Sachs Asset Management operates a professional website targeting financial intermediaries and advisors, offering asset and investment management services. The site is branded consistently with Goldman Sachs and positions itself as a leading global asset manager. The technical infrastructure leverages modern web technologies including React and Next.js, hosted likely via Akamai, with performance monitoring implemented through Akamai mPulse. The website is well-optimized for mobile and accessibility, with good SEO practices evident. Security posture is strong with HTTPS enforced and modern TLS usage, though explicit security headers and vulnerability disclosure mechanisms are absent. The WHOIS data is unavailable for the subdomain, consistent with it being a subdomain under the main gs.com domain, which is owned by Goldman Sachs. Overall, the site is legitimate, professional, and secure, but could improve privacy compliance disclosures and incident response transparency.

G

Graphdo

graphdo.net

0

Graphdo is a small Latvian company specializing in software solutions for Anti-Money Laundering (AML) compliance, focusing on transaction analytics to enhance Enhanced Due Diligence (EDD) and Know Your Customer (KYC) processes. Their software aims to detect suspicious payment patterns and automate AML reporting, targeting financial institutions and compliance professionals. The website is built on the Wix platform, indicating a moderate level of digital maturity with basic SEO and mobile optimization. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and operational status. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site presents a basic professional front but lacks critical trust and compliance indicators.

A

Austrenis Capital SA

frigate.ch

0

Austrenis Capital SA is a Swiss-based investment business service provider specializing in asset management, investment advice, financial intermediary services, and documentary maintenance of financial and investment operations. The company targets investors seeking secure investment opportunities and operates a multipurpose investment platform. The website presents a professional and consistent brand image with clear navigation and relevant content, positioning Austrenis as a niche player in the finance sector in Geneva, Switzerland. Technically, the website uses modern web technologies including jQuery, AjaxForm, and Cloudflare Zaraz for script management and analytics. The site is hosted behind Cloudflare, providing good SSL configuration and moderate performance. Mobile optimization and accessibility are adequate but could be improved. SEO practices are basic with minimal meta descriptions and no structured data. From a security perspective, the site enforces HTTPS and uses secure form submission. However, it lacks explicit security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. The contact form posts data to an external domain (frigate.ch), which may raise data protection concerns. No incident response or vulnerability disclosure information is available, indicating room for improvement in security maturity. Overall, the website scores moderately well in business credibility and technical implementation but falls short in privacy compliance and security best practices. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, clarifying data handling for forms, and enhancing GDPR compliance to improve trust and reduce risk.

B

B.C. Ziegler and Company

ziegler.com

0

B.C. Ziegler and Company operates as a specialty investment bank focusing on healthcare, senior living, education, and municipal finance sectors. The firm provides capital raising, strategic advisory, sales and trading, and proprietary investments. It holds a strong market position with top rankings in senior living financing and healthcare M&A. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to institutional clients and municipal entities. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager and Hotjar, uses lazy loading for images, and is built on a SiteBuilder CMS platform. The site is mobile optimized and accessible, with good SEO practices. However, there is room for improvement in security headers and privacy compliance mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data raises some concerns but is mitigated by the presence of regulatory trust signals and professional content. Privacy compliance could be enhanced by implementing cookie consent banners and publishing incident response contacts. Overall, the website and business demonstrate a high level of professionalism and trustworthiness, suitable for their target market. Strategic improvements in privacy and security transparency would further strengthen their risk profile and compliance stance.

S

Soft-FX

soft-fx.com

0

Soft-FX is a fintech software development company specializing in comprehensive FX and digital asset trading software solutions. The company targets brokerages, blockchain platforms, and proprietary trading firms, offering a broad portfolio of products including margin trading solutions, liquidity aggregation, deliverable trading software, and risk management tools. With over 30 completed projects and a presence in more than 22 countries, Soft-FX positions itself as a mature and innovative player in the financial technology sector. Technically, the website is built on the Ghost CMS platform and utilizes modern JavaScript libraries such as jQuery and Swiper for UI components. It integrates analytics and marketing tools including Google Tag Manager, Microsoft Clarity, and HubSpot forms, indicating a digitally mature infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and uses asynchronous loading for third-party scripts, reducing performance impact and potential vulnerabilities. However, no explicit security headers were detected in the provided data, and there is no visible incident response or security policy documentation. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business presence appear professional and trustworthy. Overall, Soft-FX presents a strong business and technical profile with room for improvement in transparency and security documentation. The risk assessment is moderate due to the missing WHOIS data, but the operational and content quality supports a positive trust posture.

Н

Народна банка Србије

nbs.rs

0

The website represents the official online presence of the National Bank of Serbia, the central bank responsible for monetary policy, financial stability, banking supervision, and payment systems in Serbia. It serves a broad audience including citizens, financial institutions, investors, and analysts by providing comprehensive financial data, news, and regulatory information. The site is professionally designed with clear navigation and multilingual support, reflecting a mature digital infrastructure. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and charting libraries like C3.js and D3.js. It is hosted under a domain registered by TELEKOM SRBIJA A.D., indicating a reliable hosting environment. The site is mobile optimized and uses HTTPS, but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. From a security perspective, the site shows good practices such as HTTPS enforcement and secure form handling. However, the absence of privacy and cookie policies, as well as missing security headers, represent compliance and security gaps. No WAF or blocking mechanisms were detected, and the domain registration is consistent and legitimate. Overall, the site is trustworthy and professional but would benefit from improved privacy compliance and enhanced security configurations to align with best practices and regulatory requirements.

S

Streets Insurance

streets.net.nz

0

Streets Insurance is a small, established insurance and mortgage brokerage based in Christchurch, New Zealand, with a history dating back to 1987. The company offers a range of personalized insurance products including life assurance, trauma cover, income protection, mortgage protection, and business insurance. The website reflects a professional and consistent brand image targeting individuals and businesses seeking insurance solutions in New Zealand. Technically, the site uses common web technologies such as jQuery and Google Analytics, with moderate performance and good mobile optimization. However, there is no evidence of HTTPS enforcement or security headers, which are critical for protecting user data and ensuring trust. Privacy and cookie policies are absent, indicating a gap in compliance with data protection regulations. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy but does not necessarily imply malicious intent given the professional content and contact information provided. Overall, the site is functional and informative but requires improvements in security and privacy compliance to enhance trust and protect users.

S

SIA Finance 360

finance360.eu

0

SIA Finance 360 operates as a Latvian financial services company offering integrated financial solutions aimed at clients and partners seeking comprehensive financial support. The company emphasizes fast, secure, and risk-mitigated services with fair pricing and collaboration among market participants. The website content is primarily in Latvian and presents basic corporate information including the company registration number, but lacks detailed privacy, cookie, or terms of service policies. Technically, the website uses older JavaScript libraries such as jQuery 1.9.1 and minimal modern web technologies, with no detected CMS or advanced frameworks. Security posture is moderate but could be improved by updating libraries and implementing security headers. No analytics or tracking tools are evident, indicating minimal user tracking. Overall, the site presents a basic but functional online presence with moderate trustworthiness.

D

DECTA

decta.com

0

DECTA operates as a full-stack payment platform specializing in B2B payment solutions tailored for merchants, fintechs, and banks. The company offers a broad range of services including payment acquiring, issuer and acquirer processing, digital banking platforms, and BIN sponsorship. Their market position is strengthened by multiple certifications such as EMI licenses in the UK, Cyprus, and Ireland, PCI DSS Level 1 compliance, and membership with Mastercard and Visa. The website reflects a professional and modern fintech company with a clear focus on innovation and global scalability. Technically, the website employs a modern technology stack with integrations of Google Tag Manager, Google Analytics, Microsoft Clarity, Facebook Pixel, LinkedIn Insight Tag, Hotjar, and Osano for consent management. The site is well-optimized for mobile devices, has good accessibility features, and demonstrates solid SEO practices. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were identified in the HTML content. The absence of WHOIS registration data is a notable concern, potentially indicating privacy protection or data source limitations, which slightly reduces trustworthiness. Overall, DECTA presents as a credible fintech business with strong compliance and certification signals, a professional web presence, and moderate security posture. The main risk lies in the lack of publicly available domain registration data, which should be further investigated. Strategic recommendations include enhancing transparency around security policies, incident response, and domain registration details to improve trust and compliance.

T

The Economist Newspaper Limited

eurofinance.com

0

EuroFinance is a well-established global treasury community platform operated under The Economist Newspaper Limited brand. It specializes in organizing influential corporate treasury events, training programs, research, and awards, targeting senior treasury professionals worldwide. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive content relevant to its audience. Technically, the site is built on WordPress with modern JavaScript libraries and integrates multiple analytics and marketing tools, reflecting a sophisticated digital marketing strategy. Security posture is strong with HTTPS enforced and consent management implemented, though explicit security headers could be improved. The absence of WHOIS data is notable but likely due to querying issues rather than malicious intent. Overall, the site presents a trustworthy and authoritative resource in the finance and treasury sector.

D

DPA Professionals

dpa.nl

0

DPA Professionals is a well-established Dutch staffing and consultancy firm specializing in connecting professionals with top-500 companies through secondment. With over 30 years of experience and a strong parent company relationship with Team Eiffel, DPA offers career development, training, and flexible staffing solutions. The website reflects a professional and consistent brand image targeting both professionals seeking career growth and companies needing temporary expert staff. Technically, the site employs modern tracking and consent technologies such as Google Tag Manager and Cookiebot, ensuring GDPR compliance and user privacy. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Overall, the site demonstrates a mature digital presence with good performance and accessibility.

A

AS PNB Banka

pnbbanka.eu

0

AS PNB Banka operates as a financial institution serving private customers primarily in Latvia. The website provides announcements, news, and essential banking service information such as loan liabilities and commission fee payments. The bank appears to be undergoing insolvency proceedings as indicated by creditor meeting announcements. The digital presence is professional with clear navigation and relevant content targeting private customers and residents. The business model focuses on traditional banking services including asset sales and customer support.

W

WestStein

weststeincard.com

0

WestStein is a digital financial services provider offering online current accounts with Lithuanian IBANs and prepaid debit Mastercard cards. The company targets individuals seeking a modern, cost-effective alternative to traditional banks within the EU, emphasizing fast onboarding, mobile app access, and integration with Apple Pay and Google Pay. The website is well-designed, multilingual, and optimized for mobile, reflecting a mature digital infrastructure built on Next.js and React, hosted behind Cloudflare DNS. Security posture is strong with HTTPS, security headers, and Mastercard 3D Secure protections, though minor improvements like enabling DNSSEC and publishing a security.txt file are recommended. Privacy compliance is robust with clear cookie consent and privacy policies. The domain registration is consistent and appropriate for the business age, supporting legitimacy. Social media presence and customer testimonials further enhance trust. Overall, WestStein presents a professional, secure, and user-friendly digital banking platform.

A

AG Capital CFO Services

agcapitalcfo.com

0

AG Capital CFO Services is a specialized financial services provider offering fractional CFO and outsourced financial planning and analysis services primarily targeting start-ups and SMEs. The company leverages deep financial expertise, including credentials such as CFA and MFM, and is closely associated with the Financial Modeling World Cup, enhancing its market credibility. The website is professionally designed with clear navigation and rich content describing their comprehensive financial services portfolio. Technically, the site is built on WordPress with Elementor and uses modern plugins and tracking tools such as Google Tag Manager and Hotjar. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers and policies are missing. Overall, the site reflects a mature, credible business with room for improvement in privacy and security policy transparency.

S

Swedbank Group

ektornetgroup.com

0

Swedbank Group is a major financial institution rooted in Sweden’s savings bank tradition, serving millions of private and corporate customers primarily in Sweden and the Baltic countries. The website reflects a mature and professional banking entity with comprehensive investor relations, sustainability initiatives, and customer services. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS, Adobe Analytics, and Google reCAPTCHA, indicating a well-maintained digital presence. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers and vulnerability disclosure information are absent. The WHOIS data is missing, which is unusual for a bank of this scale, suggesting privacy protection or registrar restrictions. Overall, the site is trustworthy and professionally managed but could improve transparency in domain registration and security headers.

O

OP Corporate Bank plc filiāle Latvijā

opbank.lv

0

OP Corporate Bank plc filiāle Latvijā is a corporate banking branch of the leading Finnish financial services group OP Financial Group. The bank focuses on serving large and medium-sized enterprises in Latvia, offering a comprehensive portfolio of financial products including loans, guarantees, letters of credit, factoring, and cash flow and risk management solutions. The website reflects a professional and consistent brand presence aligned with its parent company, targeting business clients in the Baltic region. Technically, the website is built using modern web technologies such as React and is hosted on Microsoft Azure infrastructure, leveraging Application Insights for telemetry and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Privacy and cookie policies are present and indicate GDPR compliance. From a security perspective, the site enforces HTTPS and uses monitoring tools but lacks explicit security policies or incident response information publicly available. No critical vulnerabilities or suspicious indicators were detected in the website content or linked domains. The absence of WHOIS data limits full domain legitimacy verification, but the overall digital footprint and corporate affiliations support a trustworthy profile. Overall, the website demonstrates a solid business and technical foundation with room for improvement in security transparency and enhanced compliance disclosures.