Your protection

Security & Asset Protection

How Wealth8 protects your personal data, your account, and your invested assets — at the technical, operational, and regulatory level.

Data Security

Your data, encrypted and protected.

Encryption in transit

All connections to Wealth8 use TLS 1.3 encryption. Your login credentials, personal data, and portfolio information are encrypted in transit — not readable by intermediaries.

Encryption at rest

Personal data and account information stored in our systems is encrypted at rest using AES-256. We apply the principle of minimal data retention — we do not hold data we do not need.

Two-factor authentication

2FA is available for all Wealth8 accounts using an authenticator app (TOTP). We strongly recommend enabling 2FA — it significantly reduces the risk of unauthorised account access.

Wealth8 processes personal data in accordance with the UK GDPR and the Data Protection Act 2018. See our Privacy Policy for details of how we handle personal data, your rights, and how to contact us about data matters.

Asset Protection

Your assets are segregated from Wealth8's own funds.

Client assets are held in segregated custody accounts with a UK-registered custodian, under FCA Client Assets Sourcebook (CASS) rules. This means:

  • Your assets are legally separate from Wealth8's operating capital
  • In the event of Wealth8's insolvency, your assets are not available to creditors
  • Custodian accounts are reconciled daily
  • Subject to independent audit under FCA supervision

Custodian structure

Wealth8 engages a UK-registered FCA-authorised custodian to hold client assets. The custodian holds assets in dedicated client accounts clearly identified as belonging to Wealth8 clients — not in Wealth8's own name on a pooled basis.

Details of the custodian are provided in Wealth8's Client Terms, available on request.

FSCS

FSCS protection — how it works in practice.

The FSCS protects eligible deposits up to £85,000 per eligible depositor per authorised firm. For a Wealth8 ISA:

  • Cash held in your account waiting to be invested — eligible for FSCS protection up to £85,000
  • If Wealth8 fails, FSCS may compensate you for eligible deposits
  • The FSCS will also facilitate transfer of your investment holdings to another authorised firm
  • Investment losses due to market movements are not covered — the FSCS covers firm failure, not market risk

FSCS limit correct as of 2026. Visit fscs.org.uk for the most current information.

£85,000
FSCS eligible deposit protection

Per eligible depositor
Per authorised firm

Operational Resilience

Designed with security controls in mind.

Security testing

We conduct regular security testing of our platform, including vulnerability assessments. Security findings are tracked and remediated according to severity.

Incident response

We maintain documented incident response procedures. In the event of a security incident affecting your personal data, we will notify you and the ICO in line with UK GDPR requirements.

FCA operational resilience

Wealth8 designs its technology and operations to align with FCA operational resilience requirements (PS21/3). We identify important business services and set impact tolerances for disruption.

Staff access controls

Access to client data and systems is granted on a need-to-know basis, with formal access review. Staff are trained in data protection and security awareness.