Security & Compliance
PDPL, WPS, and Shariah compliance are part of the architecture — not a layer added on top.
Employee data is stored in a dedicated, isolated tenant partition. Data at rest is encrypted; data in transit is protected with TLS. No employee record is shared across tenants. Platform admins access cross-tenant data only through permissioned, role-gated views — and every access is logged. PDPL consent is captured at onboarding through a plain-language flow.
The reconciliation engine is WPS-ready today. Every EWA advance is linked to a specific payroll cycle. Deduction tracking operates at both the individual and batch level. Reports are exportable as CSV for regulatory submission. Monthly settlement dashboards give platform admins a full cross-employer view.
PayDay uses the Murabaha (service fee) model. There is no interest. There is no loan. The fee is a flat charge for the service of releasing earned wages early — calculated, disclosed alongside VAT, and confirmed by the employee before any request is processed. The model is approved by Shariah scholars on an ongoing review basis.
Employees cannot self-register. Data flows in from a KYB-verified employer record. OTP-based identity verification uses the phone and email the employer registered. Every employer passes Know Your Business verification before any employee onboarding.
Every fee calculation is logged. Every disbursement is traceable to an employee record and a payroll cycle. Every admin action is attributed and timestamped. The audit trail is paginated, filterable, and exportable for regulatory submission.
Talk to our compliance team — we'll walk you through PDPL, Shariah, and WPS readiness in detail.
