Skip to main content
REME
WhatsApp Submission Submit receipts via chat — no app required AI Fraud Detection 7 agents catch fraud in under 200ms OCR Receipt Processing 99.9% accuracy on any receipt format Approvals Workflow One-tap manager approvals via WhatsApp Policy Enforcement Rules enforced automatically, before approval
For CFOs Close month-end faster, prove ROI For Finance Teams Eliminate manual reconciliation For HR Teams WhatsApp-native, no training required For Remote Teams Submit anywhere, any currency
Compare REME with
vs SAP Concur Enterprise expense → mid-market fit vs Expensify When the SMB standard isn't enough vs Ramp Beyond the corporate-card stack vs Brex Built for non-VC mid-market vs Pleo Global vs European-first vs Spendesk Transparent pricing, faster setup vs Sage Expense Management AI-native vs card-feed automation vs Navan Purpose-built expense vs travel + T&E vs Zoho Expense AI fraud detection vs Zoho ecosystem
See all alternatives
Pricing About
Free Tools 12 tools live Blog Strategy and how-to articles Guides In-depth playbooks Customer Stories How finance teams use REME Security & Compliance SOC 2, ISO 27001, GDPR
Sign in Start free trial
REME
WhatsApp Submission Submit receipts via chat AI Fraud Detection 7 agents, 200ms, every claim OCR Receipt Processing 99.9% accuracy on any receipt Approvals Workflow One-tap manager approvals Policy Enforcement Rules checked before approval
For CFOs Close month-end faster, prove ROI For Finance Teams Eliminate manual reconciliation For HR Teams WhatsApp-native, no training required For Remote Teams Submit anywhere, in any currency
vs SAP Concur Enterprise → mid-market alternative vs Expensify When the SMB standard isn't enough vs Ramp Beyond the corporate-card stack vs Brex Built for non-VC mid-market vs Pleo Global vs European-first vs Spendesk Transparent pricing, faster setup vs Sage Expense Management AI-native vs card-feed automation See all alternatives
Free Tools 9 calculators and templates Blog Strategy and how-to articles Guides In-depth playbooks Customer Stories How finance teams use REME Security & Compliance SOC 2, ISO 27001, GDPR
Pricing About
Sign in Start free trial

Security

Security White Paper

A comprehensive overview of REME's security infrastructure, certifications, and data protection practices.

Last updated: 13 May 2026

On this page

  1. 1. Access Control
  2. 2. Authentication
  3. 3. Encryption
  4. 4. Cloud Infrastructure
  5. 5. Physical & Network Security
  6. 6. Vulnerability Assessment & Penetration Testing
  7. 7. Incident Management & Breach Notification
  8. 8. Employee Security Training
  9. 9. Data Backup & Retention
  10. 10. ISO 27001:2022 Certification

Related

  • Privacy Policy
  • PDPA Commitment
  • Terms of Service

ISO 27001:2022 Certified

REME (operated by People Central Pte Ltd) is ISO 27001:2022 certified for information security management.

Access Control

Customers retain full control over their accounts, managing user access based on subscribed headcounts. Super-admin roles regulate access privileges to specific modules and functionalities. Our software support personnel access customer information solely upon request through formal channels such as a ticketing system or phone call prioritising data protection and security.

We continuously refine access control protocols to grant users the necessary access without compromising data security, ensuring the safety of sensitive information handled within REME.

Authentication

Access to REME is granted through standard login credentials. As an added layer of security, Two-Factor Authentication (2FA) is available, requiring a One-Time Password (OTP) generated and sent to the user's smartphone.

Access and audit logs provide transparency, allowing customers to monitor their employees' login activity. We periodically review and update our authentication policies in alignment with evolving security standards.

Encryption

All data transmitted between customers and the REME cloud environment is encrypted using TLS 1.2 or higher protocols. For data storage, we employ 256-bit Advanced Encryption Standard (AES).

Our web-based applications utilise end-to-end encryption with SSL certificates as a default security measure. The cloud application employs supplementary security layers including Multi-Factor Authentication and secure HTTPS to fortify data transmission to Azure and AWS.

Cloud Infrastructure

REME engages Microsoft Azure and Amazon Web Services (AWS) as cloud service providers, hosting and storing all data in a Tier-4 data centre situated in the South-East Region (Singapore). Both Azure and AWS implement a multi-layered security approach across physical data centres, infrastructure, and operations.

The Tier-4 data centre offers optimal security through multi-tiered access control mechanisms from facility perimeter to internal data centre access, each undergoing stringent scrutiny to safeguard against unauthorised access or breaches.

Physical & Network Security

Our office premises are under 24/7 surveillance. We implement multiple layers of network controls including firewalls and network segregation, ensuring robust access controls. Routine preventive maintenance including software and antivirus updates is conducted according to established schedules.

REME leverages Microsoft Defender Advanced Threat Protection and Amazon GuardDuty to fortify our network against potential threats.

Vulnerability Assessment & Penetration Testing

We conduct both internal and external Vulnerability Assessment and Penetration Tests (VAPT) at specified intervals for all applications, APIs, and servers. Internal assessments occur once every three months; external assessments are conducted once a year.

These evaluations serve to identify and rectify vulnerabilities, shielding our networks and systems from potential cyber threats.

Incident Management & Breach Notification

We possess a well-defined incident management process and an emergency response team responsible for managing security incidents. In the event of a potential data breach, we will assess the breach and implement notification protocols to inform impacted parties within 24 hours of determining that the breach is likely to cause substantial harm.

Employee Security Training

All employees undergo security awareness training emphasising data protection practices. Onboarding includes a Data Protection Management Programme granting access to internal security policies. Regular communication reinforces security protocols and best practices.

Data Backup & Retention

We maintain regular 7-day database backups and implement server redundancy measures. Data remains in customers' accounts as long as they utilise REME services.

Upon account termination, data is securely deleted from the active database after a 30-day grace period, with prior notice to the customer. We strictly adhere to established timelines for data retention and deletion to honour privacy commitments.

ISO 27001:2022 Certification

REME (operated by People Central Pte Ltd) is ISO 27001:2022 certified. This certification is specifically focused on the REME ISMS (Information Security Management System) and measures how our internal processes follow the ISO standard. Services included in the scope of certification include receipt processing, OCR data extraction, fraud detection, and expense workflow automation.

Certification means a third-party, accredited, independent auditor has performed an assessment of our processes and controls and confirms they are operating in alignment with the comprehensive ISO 27001 standard.

Questions about our security practices?

DPO Officer: Ravinder Pal Singh  ·  ravi@peoplecentral.co  ·  +65 6837 2336

Or write to us at People Central Pte Ltd, Singapore.

REME

AI-powered expense management with real-time fraud detection and WhatsApp receipt submission.

support@reimburseme.ai

Global Remote Team

Product

  • WhatsApp Submission
  • AI Fraud Detection
  • OCR Receipt Processing
  • Approvals Workflow
  • Policy Enforcement
  • Pricing

Solutions

  • For CFOs
  • Finance Teams
  • HR Teams
  • Remote Teams
  • About
  • Security & Compliance
  • Customer Stories

Resources

  • Free Tools
  • Blog
  • Guides
  • Alternatives
  • Fraud Loss Calculator
  • Book a Demo

© 2026 REME (operated by People Central Pte Ltd) · ISO 27001:2022 Certified

Privacy Policy · Terms of Service · PDPA · Security