Compliance

Allocator Investor access is only granted to entities with Qualified Investor status in accordance with Rule 501(a) of Regulation D of the U.S. Securities Act of 1933.

 

The Allocator portal is designed to be compliant with the SEC’s “Lamp Technologies” no-action letter. The “Lamp” no-action letter, as it is commonly referred to, was a ruling by the SEC which set out all of the elements which a website must contain in order to preserve certain securities exemptions so that the website does not trigger a “public offering” of securities.

 

The European Union’s Alternative Investment Fund Managers Directive (AIFMD), effective in certain EU jurisdictions as of 22 July 2013, imposes extensive operational and other requirements on alternative investment managers, including non-EU managers that solicit investment within the European Union. Allocator has incorporated a ‘reverse solicitation’ mechanism In the sign-up process whereby, in order to gain access, investors have to affirmatively request to receive marketing materials, ongoing service information and direct contact from all of the managers that post their information on the Allocator portal.

 

Manager information is only accessible to approved family offices and institutional investors via the Allocator portal. Members of the public and other fund managers cannot access this information. Managers have the option of restricting access to certain investors or requiring investors to request access. Managers may choose to restrict investors from certain geographies from accessing information. The platform is designed to allow managers to carefully control the distribution of sensitive materials and comply with global regulatory restrictions.

Security

At Allocator, our number one priority is the privacy of our users’ data. Allocator database servers are located remotely on virtual servers and maintain strict access policies. Only the application itself is allowed to access any part of the database. Users’ credentials, data at rest and data in motion are all encrypted which means that no one can access restricted information without the prior consent of the user.

 

The allocator also implements need-based file access privileges. This ensures the safety of private documents uploaded on the portal which are meant to be accessed only by authenticated users.

 

Our technical backbone is tightly coupled with Heroku, a Salesforce company, which provides a wealth of features to ensure industrial-level security. Heroku hosts their applications at Amazon’s secure data centres and utilizes the Amazon Web Service (AWS) technology, which inherently provides Allocator with PCI Level 1 Compliance. Heroku, backed by the massive and mature infrastructure of Amazon, provides security against physical, environmental and software threats. Amazon is praised for its constantly upgrading network security eliminating threats such as data sniffing, identity spoofing, Distributed Denial of Service (DDoS) attacks etc. If circumstances yet surpass the security and preventive measures, Heroku also provides an isolated application environment and automatic data backups. Heroku signs and maintains a strict privacy policy regarding sensitive data of applications hosted on their servers.

 

All users should feel safe using the Allocator portal and we will continue to implement the latest security technologies to ensure that this remains the case.