Tecalis successfully passes the latest and extraordinarily demanding audit of the National Security Framework (ENS), with our company and products being assigned the High Level category, the most rigorous information protection standard in Spain.
This accreditation once again reaffirms the resilience of our technological and organizational architecture, guaranteeing that our clients' data, systems, and operations are protected under the highest criteria of confidentiality, integrity, traceability, and availability. However, the recent audit featured a particularity that elevates this technical milestone to a superior level.
An exceptional audit with direct intervention from the CCN-CNI
The renewal and certification process, conducted by the auditing firm BDO, has been marked by unprecedented technical and control requirements. From the National Cryptologic Center (CCN) —an agency dependent on the National Intelligence Center (CNI)— the certifying body was previously contacted to establish the direct and in-situ participation of CCN specialist technicians during our audit, unlike the standard process.
This on-site supervision by the state's highest cybersecurity regulator subjected the process to extreme scrutiny. The pressure and thoroughness of the audit, carried out under the direct gaze of the competent authority, has resulted in the issuance of an official certification of a special nature jointly endorsed by BDO and the CCN-CNI.
Transversal coverage: All products, levels, and legacy systems
Typically, cybersecurity audits limit their scope to specific tools or restricted environments. In our case, the ENS High Level scope has been applied seamlessly across 100% of the company (at corporate and operational levels) and the technological ecosystem (products, services, and tools).
This certifies the robustness of:
- Tecalis Identity: Our digital onboarding, biometrics, and KYC/KYB/AML identity verification solutions.
- Tecalis Sign: Our entire infrastructure as European Qualified Trust Service Providers (QTSP) for eIDAS electronic signatures and certified communication.
- Tecalis Customer Hub: Omnichannel BSS/OSS platforms for the management and automation of sales networks with AI-based commercial tools.
- Corporate and Custom Services: Software development, IT professional services, integrations, Tecalis interactive kiosks (and their software), and internal operations.
- Legacy Developments: Validated and audited security even in previous architectures, components, and systems, or ad-hoc developments under professional services for clients.
Compliance-by-Design for critical industries
For our partners and clients operating in highly regulated sectors —such as banking, insurance, fintech, or public administrations— having a RegTech technology provider endorsed with the ENS High Level under CCN monitoring eliminates operational risks at the root.
Our technology, systems, and solutions combine business agility with absolute compliance with regulations such as eIDAS2, SEPBLAC, AML6, PSD3, and GDPR. With this special certification, we demonstrate once again that at Tecalis, security is not an added layer, but the core upon which we build innovation.
