One workspace
African compliance automation + security evidence management
The security and compliance platform built for African regulated teams.
For banks, fintechs, PSPs, crypto/VASPs, government, agencies, and security-led teams.
Audit-ready
Evidence linked to real risk
Africa-focused
Local regulatory context
Product
Security operations that feed compliance evidence.
Application security
Live system testing
Dependency and container risk
Use cases
Built for the teams carrying audit and security pressure.
Banks and regulated financial institutions
Prepare for CBN cybersecurity and operational resilience reviews
Fintechs, PSPs, MMOs, gateways, and switches
Manage payment, PCI DSS, NDPR, and NPS readiness in one workspace
Remittance, cross-border payments, treasury, and multi-currency teams
Prove cross-border transfer security, AML/CFT, FX, and settlement readiness
Product views
See the daily workflow before booking a call.
Command center
Scan operations
Compliance gaps
Who is Shomar built for?
Shomar is built for regulated African teams: banks, fintechs, PSPs, payment gateways, remittance operators, crypto/VASPs, agencies, government teams, and security-led organisations that need security operations tied to compliance evidence.
Does Shomar cover cross-border payments and remittance?
Yes. Shomar now includes a cross-border payments and remittance compliance baseline covering AML/CFT, KYC, sanctions and PEP screening, FX controls, payment corridors, settlement, reconciliation, partner due diligence, and evidence trails.
Does source code leave our environment?
Shomar supports SaaS scanning and can also support dedicated or customer-controlled worker patterns for sensitive teams. Repository scans are bound to approved projects and integrations so organisations keep clearer control over what is scanned.
Can we choose only compliance or only security scanning?
Yes. Platform admins can assign licence tiers, framework bundles, and feature flags so an organisation can receive compliance-only, security-only, or mixed access depending on the commercial scope.
How does the trial work?
Demo organisations can receive a 10-working-day or 14-calendar-day trial. After expiry, the organisation needs an active licence to continue using subscribed Shomar capabilities.
Can evidence stay in our own storage or local region?
Yes. Shomar supports managed evidence storage and customer-controlled evidence storage patterns, including external-link evidence, to help teams address confidentiality and data residency requirements.
Does Shomar replace auditors or compliance consultants?
No. Shomar helps teams organise evidence, map security posture to controls, track gaps, and export reports. It supports audit readiness, but it is not legal, regulatory, or audit attestation advice.
How do support and onboarding work?
Customers can raise support tickets in the app, request implementation help, and use demo or assessment forms for guided onboarding. Higher tiers can include priority support and dedicated success commitments.
Next step