Online Security Statement
MLRO transactional website
The MLRO transactional website forms an online interface between the Money Laundering Regulatory Officer and the Financial Intelligence Service as part of the GBA computer system known as Themis.
It is a platform to allow MLRO's to comply with their legislated obligations that includes compliance with Section 2 of the Disclosure (Bailiwick of Guernsey) Law, 2007.
To ensure security of the data that MLRO's input into the site the States of Guernsey have followed their established directives and guidelines on information security.
The following security measures have been implemented. The site mlro.gov.gg has been penetration tested by SecureTest, www.securetest.com who are ISO27001 accredited and whose testers are certified to relevant industry standards such as CESG CHECK and CLAS.
Additionally the data provided is stored according to recommendations from Ernst & Young in their document entitled 'States of Guernsey - Web Server Security Guideline (April 2009)'. This guideline recommends the separation of sensitive data from the application using a 3-tier firewall model with the data residing in the secure 'database' level. Copies of this guideline are available on request.
Users of the MLRO system can therefore be confident that security of data is a priority and all possible measures to keep that data secure have been taken.
Information Security Officer - States of Guernsey
Sir Charles Frossard House
St Peter Port
Tel. 01481 717000
Financial Investigation UnitOzanne Hall, Mignot Plateau, Cornet Street, St Peter Port, GY1 1LF, Guernsey
Tel: 44 (0)1481 714081 Fax: 44 (0)1481 710466