The house that Pleo built: Security, infrastructure and how we keep your money safe

Lifting the lid on how Pleo works is something we like to do. Whether that’s talking about how we hire or sharing information about product features in development.

Another aspect we’re keen to shine the spotlight on – because it’s something we’ve thought about a lot – is how Pleo is set up to keep customers’ funds as safe as possible.

We’re talking about the structure of how money flows through Pleo.

Why this is on our mind

You might not follow fintech news as avidly as we do. That’s OK – in fact, it’s probably a good idea.

One of the biggest stories in recent years was the collapse of German payments group Wirecard, something that sent undeniable shockwaves across business in Europe.

Wirecard’s problems had major knock-on effects for a number of fintech companies who had partnered with them.

We really felt for the customers of those companies that were affected – and the hard-working teams that scrambled to find solutions for those fintechs.

But we also think that now is a great time to explain how our payment structure *is* set up. So, here we go.

It’s about your money

Maybe you’re already a customer and are curious about this kind of stuff. Or it might be that you’re considering signing up to Pleo.

While the details of who provides what service and in what order can be complicated, fundamentally it’s about trust. If you trust Pleo with your company’s money, it’s good to know exactly how seriously we take that responsibility.

It starts with us using state-of-the-art authentication and encryption technologies – but there’s a lot more to it than that.

Behind-the-scenes: Buying something with Pleo 

Paying for something with your Pleo card is smooth. You tap your physical card at a payment terminal or enter your virtual card’s details online, capture the receipt and… that’s it. We designed it to be straightforward.

But things are happening behind-the-scenes in the split second between you making the payment and confirmation of your purchase flashing up.

(You know all this of course, you probably just don’t think about it.)

First, the merchant sends a signal to Mastercard, which recognises your card. 

Mastercard then sends a signal to the payment processor (ours is a company called Enfuce), who then communicate with Pleo.

We send a signal back to approve or decline the transaction. 

If everything looks in order, Pleo approves the transaction and… Congratulations! You’ve just bought that iced coffee you desperately need to power through the afternoon. 

Behind-the-scenes: A Pleo Wallet transfer

That’s one side of how your team’s money flows through Pleo – the other is how you top up your central Wallet.

Your Pleo account is hooked up to your business bank account. 

So every time you add funds to Pleo, to help your team buy what they need for work, that money comes out of your business bank account.

It goes first to J.P. Morgan, or to Danske Bank for our customers in Denmark and Sweden. This means that neither we – nor anyone else – have direct access to your money.

So, when a transaction is made and Mastercard looks for the funds to cover it, Pleo takes the money from J.P. Morgan or Danske Bank to pay it.

Pleo, meet Pleo

This is where it gets interesting. Because there are two Pleos.

Pleo Technologies: This is the company that makes the software you use every time you boot up our app. It also handles sales, marketing and most other functions of the business.

Pretty cool. But even cooler (maybe) is Pleo Financial Services. This is the licenced entity that is involved in processing every transaction with one of our cards. It’s regulated by the Financial Supervisory Authority in Denmark.

The existence of Pleo Financial Services means we enforce our own compliance and fraud regulations, as well as developing a relationship with the financial regulator. 

We’re not relying on another institution to remain compliant. We’re not exposed to any governance failings on their part. Which should be reassuring for you.

Who we work with counts

Our partnership with J.P. Morgan was something that our team worked hard to secure.

The security and reliability they offer to Pleo Financial Services – and thus our customers – were the fundamental reasons for that.

J.P. Morgan and Danske Bank are both deemed to be Systemically Important Financial Institutions, in the US and Denmark respectively. 

That means that if something truly catastrophic happened, the central banks in the relevant countries would step in to ensure the survival of those institutions.

And Mastercard has more than a billion cards in circulation at the time of writing, so we don’t foresee any plausible scenario where they’d stop functioning.

Maintaining the highest standards

Hopefully, all of this information helps put you at ease and make that smooth Pleo experience even more stress-free.
 
If anything, the issues with Wirecard have shown the importance of being transparent about these payment structures.

The foundation our team has put in place – the house that Pleo has built – ensures that we’ve set the highest possible benchmark for keeping customers’ money safe.

We aim to continue living up to that standard.