Monkor Finance NBFI obtained its special license to operate as a non-banking financial institution—engaging in lending services, foreign currency trading, investment activities, and providing financial consulting and information—under Resolution No. 349 issued on June 10, 2020. The company has since commenced its operations based on 100% private ownership.
We strive to be a team that adheres to international standards, works toward a unified goal, and is recognized within our industry.
We value continuous development and aim to be your most trusted partner in providing comprehensive financial services.
Positive mindset
Positive values
Positive actions
The purpose of this policy is to ensure the implementation of the use, storage, protection, confidentiality, integrity, availability, business continuity, and monitoring of information, information systems, and infrastructure used in the operations of Monkor Finance NBFI. It also aims to ensure continuous adherence to information security policies in daily operations in accordance with international standards.
INFORMATION SECURITY POLICY
1. The organization conducts its information security activities in compliance with the requirements of the international Information Security Management System standard MNS ISO/IEC 27001:2023, as well as applicable laws, regulations, rules, procedures, and guidelines of Mongolia, and fully fulfills all contractual obligations.
2. The implementation of this Information Security Policy applies to employees, suppliers, other stakeholders, customers, and partners. The organization ensures understanding of the policy among all relevant parties and collaborates with them accordingly.
3. We ensure complete information security in all traditional and fintech financial services we provide.
4. Information belonging to partner organizations, customers, and employees is considered a valuable organizational asset. We take preventive measures against unauthorized access, deletion, damage, alteration, and loss, and ensure confidentiality, integrity, and availability.
5. Information systems, servers, computers, and internal and external networks are the property of the organization and must be protected to maintain security and integrity.
6. The organization regularly assesses risks related to information security within its operation, plans and implements appropriate responses to high-impact risks, and focuses on monitoring and reducing information security risks.
7. For every incident or breach related to information security, the root cause is identified, and effective measures are taken to prevent recurrence.
8. The effectiveness and implementation of the Information Security Management System are regularly audited internally, and continuous improvements are made based on measurable results.