Legal

Terms of Service

Framework contract · England and Wales · Last updated: June 2026 · Version 4.0

Plain-English summary. These Terms set out the contract between you and Mando Systems Ltd for use of the Mando software platform. Mando Network is not a bank: we do not hold customer money ourselves. Payment processing, card issuance, and money safeguarding are provided by an authorised UK Electronic Money Institution under the Electronic Money Regulations 2011 — see our Regulatory Information. We protect your data, we settle payments in pounds sterling, and we operate under the laws of England and Wales. If you disagree with anything below, do not open an account.

1. Parties, Definitions and Structure

These terms and conditions (the "Terms") form the contract for use of the Mando software platform between:

Mando Systems Ltd (referred to as "Mando", "we", "us" or "our"), a company incorporated in England and Wales under Company No. 17168657, trading under the Mando Network brand and providing regulated payment services to consumers and businesses in the United Kingdom through the website at mando.network; and
the individual (for a Personal Account) or the legal entity (for a Business Account) who has opened a Mando account (the "Customer", "you" or "your").

In these Terms the following expressions have the meanings given below:

Account — any Personal Account or Business Account opened in your name under these Terms.
Funds — pounds sterling (GBP) electronic money held in your Account.
Business Day — Monday to Friday, excluding bank holidays in England and Wales.
Mando Code — your unique internal account identifier in the format MANDO-XXXXXXXX, used for instant transfers between Mando users and for identifying yourself to our support team.
Payment Instruction — any instruction you give us to execute a payment transaction, whether through the dashboard, the API, a payment link, or any other channel we make available.
Safeguarded Account — the segregated client-money bank account(s) operated by our authorised payment partner under the Electronic Money Regulations 2011 ("EMRs 2011"), in which customer funds are ring-fenced. Mando Systems Ltd is not the account holder.
Scheme Rules — the operating rules published from time to time by Visa, Mastercard, American Express, Apple Pay, Google Pay and any other payment scheme whose rails Mando transacts over.
FCA — the Financial Conduct Authority (fca.org.uk).
FOS — the Financial Ombudsman Service (financial-ombudsman.org.uk).
FSCS — the Financial Services Compensation Scheme (fscs.org.uk).
ICO — the Information Commissioner's Office (ico.org.uk).

2. Regulatory Status and Scope of Services

Mando Network operates in the United Kingdom. Payment processing services are delivered in partnership with one or more firms authorised by the Financial Conduct Authority as an e-money institution or authorised payment institution and with one or more UK credit institutions authorised by the Prudential Regulation Authority for safeguarding. Card acquiring is provided by an FCA-authorised acquirer under a written Scheme Rules agreement. References to "Mando Network" or "we" in these Terms include, as appropriate, our regulated partners acting on our behalf.

The services we provide consist of: (a) opening and maintaining an electronic-money Account denominated in pounds sterling; (b) executing outbound credit transfers over UK Faster Payments; (c) receiving inbound credit transfers over UK Faster Payments once that rail becomes live for your Account; (d) accepting card and digital-wallet payments on your behalf through hosted payment pages, payment links, invoices and APIs; (e) issuing virtual and physical debit cards linked to your Account; (f) providing a real-time merchant dashboard, reporting, and data export; (g) providing internal transfers between Mando users by Mando Code; (h) any additional ancillary services we describe on our website from time to time.

Nothing in these Terms constitutes the provision of regulated investment advice, tax advice, insurance, credit, mortgage lending, or any other regulated activity we are not authorised to carry out. We do not take deposits within the meaning of section 5 of the Financial Services and Markets Act 2000; customer Funds are at all times held as electronic money in safeguarded accounts, not as bank deposits, and are therefore protected under the EMRs 2011 rather than the FSCS deposit-protection regime (see section 12 below).

3. Eligibility

To open a Personal Account you must be at least 18 years old, resident in the United Kingdom, and able to satisfy the identity verification requirements described in section 4. To open a Business Account the legal entity must be incorporated in the United Kingdom, listed on the Companies House register, in good standing, not on any sanctions list, and must nominate at least one natural person (a beneficial owner or authorised representative) who will complete identity verification as a condition of account approval.

We may refuse to open an Account in our absolute discretion, including where we reasonably suspect the applicant is a sanctioned person, a politically exposed person for whom we cannot complete enhanced due diligence, a prohibited industry under section 14, or where opening the Account would expose Mando to unacceptable legal, regulatory, reputational or financial-crime risk. Where refusal is not prohibited by law we will notify you of the refusal, though we are not obliged to disclose the reason.

4. Customer Due Diligence, Onboarding and Ongoing Monitoring

Before we open your Account we will carry out customer due diligence in accordance with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 ("MLR 2017"), the Joint Money Laundering Steering Group ("JMLSG") guidance, and our own risk-based procedures. This includes:

verification of identity from a government-issued photo identity document (passport, UK driving licence, national identity card) cross-checked against a liveness-verified selfie;
verification of residential address from an acceptable proof-of-address document or from authoritative electronic sources;
for business applicants, verification of incorporation status against the Companies House register, verification of beneficial owners holding 25 percent or more of the shares or voting rights, verification of directors, and collection of a nature-of-business statement and source of funds;
sanctions screening of all account holders, directors and beneficial owners against the UK HM Treasury consolidated list, the UN list, and the OFAC and EU lists at onboarding and on a continuing daily basis thereafter;
politically-exposed-person ("PEP") screening and enhanced due diligence where a positive match is returned;
ongoing monitoring of Account activity against expected profile and known fraud patterns.

You agree to provide accurate, current and complete information on request. Providing false, misleading or fraudulent information is grounds for immediate termination under section 15 and may be reported to law-enforcement agencies. We may at any time ask you for additional documents or information and we may suspend Account functionality until we receive them.

5. Your Account and Security Credentials

On approval we will issue you with login credentials consisting of an email address, a password you choose (stored as a bcrypt hash), a numeric passcode of 4 to 8 digits (stored as a separate bcrypt hash), a memorable word of 6 to 20 characters (stored AES-256-GCM encrypted at rest), and, where you choose to enable it, a time-based one-time-password seed compatible with RFC 6238 authenticators (Google Authenticator, Authy, 1Password, etc).

You are responsible for keeping all of these credentials secret. You must not share them with any other person, including any member of Mando staff — we will never ask you for your password, passcode, memorable word or authenticator codes by email, SMS or telephone. If you suspect any of your credentials have been disclosed to or used by a third party, you must notify us immediately through the in-app contact form, by email to support@mando.network, or by telephone on the number published on our website, so that we can freeze the Account. We strongly recommend that you enable two-factor authentication and the "SMS on every login" option in your Settings.

We operate a new-device detection system. When you sign in from a device or network we have not seen before, we will challenge you with an additional SMS code delivered through our Twilio Verify partner. This is a regulatory requirement under the Strong Customer Authentication provisions of the PSRs 2017 and cannot be disabled for high-risk operations.

6. Payment Services — How We Execute Your Instructions

When you give us a Payment Instruction, we will: (a) apply our fraud-engine rules in real time; (b) check that you have sufficient available balance; (c) check that execution would not breach any volume limits, sanctions screening, or scheme rule; and (d) if all checks pass, execute the instruction.

For the purposes of PSR 2017 Regulations 81 and 82 the time of receipt of a Payment Instruction is the moment it is received by us through the dashboard, the API, or any other supported channel, except that instructions received after 4:30 pm on a Business Day or at any time on a non-Business Day are deemed received on the next Business Day. Where you ask us to execute an instruction on a future date, the time of receipt is the agreed date.

We will execute outbound UK credit transfers over Faster Payments so that funds reach the beneficiary's payment service provider within the maximum execution time set out in Regulation 86 of the PSRs 2017, which is the end of the Business Day following the day of receipt, and in practice typically within a few seconds. We accept no liability for delays caused by the beneficiary bank, intermediary networks, or events of force majeure under section 18.

You may withdraw consent to a Payment Instruction at any time before the point of irrevocability set out in Regulation 83 of the PSRs 2017. After that point the instruction cannot be recalled.

7. Unauthorised and Incorrectly Executed Payment Transactions

If you believe a payment has been debited from your Account without your authorisation, or has been executed incorrectly, you must notify us without undue delay and in any event no later than 13 months after the debit date, as required by Regulation 74 of the PSRs 2017. Subject to that time limit and to the exceptions below we will, on receipt of a valid notification, refund the unauthorised transaction and, where applicable, restore your Account to the state it would have been in had the transaction not been executed.

We will not refund where we reasonably believe that you acted fraudulently, or where the unauthorised transaction resulted from your intentional or grossly negligent failure to keep your credentials safe or to notify us promptly of their loss or compromise. In those cases you bear the loss up to the full amount of the unauthorised transaction, subject to the limits set out in Regulation 77 of the PSRs 2017.

8. Fees, Charges and Currency Conversion

The fees applicable to your Account are published on our Pricing page and reproduced inside your dashboard. The current published fee structure, which we may amend on two months' notice under section 19, is as follows:

Personal Account — £0 per month, free Mando-to-Mando transfers, free UK bank in/out, 1 percent processing fee on top-ups by card.
Business Starter — £0 per month, 3 percent total transaction fee (1.5 percent Mando platform fee plus approximately 1.5 percent card-network processing fee). Includes UK business account, debit card, payment terminals, payment links, invoices, bank transfers and Apple Pay / Google Pay acceptance.
Pro — £19.99 per month, 2 percent total transaction fee (0.5 percent Mando platform fee plus approximately 1.5 percent card-network processing fee). Includes everything in Starter plus professional business website, logo generation, smart service scanner, online bookings, service menu, customer management, business profile and reviews, and priority email support.
Gold — £49.99 per month, 1.6 percent total transaction fee (0.1 percent Mando platform fee plus approximately 1.5 percent card-network processing fee), unlimited monthly volume. Includes everything in Pro plus social media reach, email marketing and campaigns, print studio, custom domain, customer loyalty programme, advanced reports, recurring payments, team members and permissions, and dedicated account manager with 1-hour priority support SLA.

All Mando platform fees are stated exclusive of VAT where applicable. Standard card-network processing fees (typically 1.4 percent + £0.20 for UK consumer cards and higher for commercial, premium or international cards) apply on top of the Mando platform fee and are debited from the transaction amount at settlement. The exact interchange+ breakdown is visible for every transaction in your dashboard.

Where you instruct us to carry out a currency conversion, we will apply the mid-market rate supplied by our rate provider plus a published spread, and the final rate used will be displayed to you before you confirm the conversion, in compliance with Article 45a of Regulation (EU) 2015/751 as retained in UK law.

9. Refunds

When you issue a refund to a customer, the refund amount is debited from your Mando balance and returned to the original payment method.

The card-network acquirer fee that the payment processor charged on the original transaction (typically 1.4% + £0.20) is not returned to Mando Network by the processor. This is industry standard for every UK card processor (Adyen, Worldpay, Square, Checkout.com and all major UK processors behave the same way).
To avoid Mando Network absorbing that loss, the same amount is automatically debited from your Mando balance, plus a £1.00 Mando refund administration fee.

Worked example. Customer pays you £100. Card-network fee on the original payment was £1.60. You issue a full refund:

Refund returned to customer	£100.00
Card-network acquirer fee (non-refundable, debited from your balance)	£1.60
Mando refund administration fee	£1.00
Total deducted from your Mando balance	£102.60

Partial refunds are charged the proportionate card-network fee and a single £1.00 administration fee per refund event, irrespective of the number of part-refunds issued against the same original transaction.

10. Chargebacks and Disputes

A chargeback is a forced reversal of a card payment initiated by the cardholder through their card issuer under Visa, Mastercard or other scheme rules. Chargebacks are governed by the Scheme Rules and, ultimately, by the card issuer's assessment of the evidence, not by Mando Network.

When a chargeback is filed, the disputed amount is held against your balance until the chargeback is resolved. If you lose, the amount is permanently debited.
The card scheme charges Mando Network a £15 chargeback fee to process the dispute. This fee is charged whether you eventually win the dispute or not — the scheme keeps it either way.
Mando Network charges a £5 chargeback administration fee on top, which covers the time our compliance team spends preparing and submitting evidence to the scheme on your behalf.
The total £20 chargeback fee is debited from your Mando balance immediately when the chargeback is filed, in addition to the disputed amount being held against your balance pending the outcome.

We operate a 10 percent rolling 90-day chargeback reserve on Business Accounts: on every incoming payment, we hold back 10 percent of the amount for 90 calendar days to cover any chargebacks or refunds that may arise. After 90 days the held amount is released automatically to your available balance. You can see your reserve balance and the release schedule in your dashboard.

You are responsible for chargebacks. Excessive chargebacks (more than 1 percent of your monthly volume or more than 100 chargebacks per month) may result in account suspension under Scheme Rules and under section 15 below. We are required to report merchants with excessive chargeback ratios to the card schemes under the Visa Dispute Monitoring Programme and Mastercard's Excessive Chargeback Merchant programme.

11. Card Issuing

Virtual and physical debit cards issued to you on your Mando Account are issued by us in partnership with an FCA-authorised card issuer operating under a BIN licence from Visa or Mastercard. By requesting a card you agree to the card issuer's technical terms as incorporated by reference here, to the applicable Scheme Rules, and to the card issuer's dispute and fraud handling procedures. Spending on your card debits your Mando GBP Account balance in real time.

12. Safeguarding and Protection of Your Money

All customer Funds are held as electronic money in one or more Safeguarded Accounts with UK-regulated credit institutions, in accordance with Regulation 20 of the EMRs 2011. This means that your Funds are ring-fenced from Mando Systems Ltd's own operating funds. In the unlikely event of Mando Systems Ltd's insolvency, customer Funds form an asset pool that is distributed to customers in priority to all other creditors, including secured creditors and HM Revenue & Customs (save for limited preferred claims).

Because Mando issues electronic money rather than accepting bank deposits, customer Funds are not covered by the Financial Services Compensation Scheme (FSCS). The protection described above under the EMRs 2011 is the statutory alternative. We reconcile the Safeguarded Account balances against our customer ledger on every Business Day and we engage independent auditors to verify the reconciliation annually.

13. Liability

Nothing in these Terms limits liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, or for any liability which cannot be limited or excluded under applicable law, including under section 2(1) of the Unfair Contract Terms Act 1977.

Subject to the foregoing, our aggregate liability arising out of or in connection with these Terms in any 12-month period is limited to the greater of (a) the total fees paid by you to us in the preceding 12 months, and (b) £500. We are not liable for indirect, consequential or special loss, loss of profit, loss of business, loss of goodwill, loss of anticipated savings, loss of data (save as required by UK GDPR), or for any loss arising from third-party network outages, scheme failures, force majeure, or acts of God.

This limitation does not affect your statutory rights as a consumer under the Consumer Rights Act 2015 where you are dealing as a consumer, nor your statutory rights under Part 7 of the PSRs 2017 where they apply.

14. Prohibited Use and Industries

You may not use your Account, directly or indirectly, for any of the following:

any activity that is unlawful under the laws of England and Wales or under the laws of any jurisdiction from which you operate;
money laundering, terrorist financing, sanctions evasion or proliferation financing;
any activity that breaches the Visa, Mastercard, American Express or other Scheme Rules, including those categories listed in the Brand Protection Standards and the Business Risk Assessment Mitigation Programme;
adult content involving minors, non-consenting adults, or any other content prohibited by UK law;
sale of unregistered or counterfeit pharmaceuticals, controlled drugs, anabolic steroids or prescription-only medicines without the required licences;
gambling services not licensed under the Gambling Act 2005;
firearms, ammunition, explosives or weapons of war;
investment or securities offerings that have not been approved under the Financial Services and Markets Act 2000;
pyramid schemes, multi-level-marketing schemes that rely on recruitment income, or Ponzi schemes;
deceptive, misleading or unfair trading practices prohibited by the Consumer Protection from Unfair Trading Regulations 2008;
IP-infringing goods including counterfeit clothing, luxury goods, software or media.

15. Suspension, Restriction and Termination

We may suspend, limit or close your Account, freeze Funds, or reverse transactions where we reasonably believe you have breached these Terms, applicable law, or Scheme Rules; where we are required to do so by a court order, regulator or law-enforcement agency; or where we reasonably suspect fraud, money laundering, financing of terrorism, or sanctions evasion. Where possible we will notify you, but we are not obliged to do so where notification would be unlawful (for example under the Proceeds of Crime Act 2002 tipping-off provisions) or would prejudice an investigation.

You may close your Account at any time by submitting a closure request through your dashboard or by writing to support@mando.network. On closure we will, after completing any required anti-money-laundering checks and subject to any ongoing disputes, return your remaining balance to a UK bank account you control. We may retain data necessary to comply with our legal and regulatory record-keeping obligations (typically for five years after closure, per MLR 2017).

16. Data Protection

We process personal data about you as a controller within the meaning of the UK GDPR and the Data Protection Act 2018. Our Privacy Policy explains what data we collect, how we use it, how long we keep it, your rights as a data subject, and how to exercise those rights. By entering into these Terms you acknowledge that you have read the Privacy Policy.

17. Complaints

If you are unhappy with any aspect of the service, please raise a complaint in accordance with our Complaints Procedure, which is written to the FCA Dispute Resolution (DISP) Sourcebook standard. If after our final response letter you remain dissatisfied, you may refer the matter to the Financial Ombudsman Service free of charge.

18. Force Majeure

Neither party is liable for any failure or delay in performance that results from acts beyond the reasonable control of that party, including acts of God, war, terrorism, pandemic, civil unrest, failure of public telecommunications networks, action of regulatory or governmental authorities, failure of card schemes, failure of the Bank of England Faster Payments Service, or any other event meeting the common-law definition of force majeure.

19. Changes to these Terms

We may change these Terms at any time. Where the change is in your favour or is required by law we may make the change immediately. For any other change we will give you at least two months' notice by email, dashboard notification, or both, in accordance with Regulation 50 of the PSRs 2017. If you object to the change you may close your Account, without charge, before it takes effect. Continued use of your Account after the change takes effect is treated as acceptance.

20. Assignment

You may not assign or transfer these Terms, in whole or in part, without our prior written consent. We may assign or transfer these Terms at any time to a successor entity or to an FCA-authorised third party, provided that the transfer does not materially reduce the protections available to you.

21. Entire Agreement and Third-Party Rights

These Terms, together with the Privacy Policy, the AML Policy, the Merchant Agreement (where applicable), the Risk Warning, the Cookies Policy, the Complaints Procedure and any schedule we publish on the website, constitute the entire agreement between you and Mando Systems Ltd and supersede all prior representations. No person other than a party to these Terms has any right to enforce any term under the Contracts (Rights of Third Parties) Act 1999.

22. Governing Law and Jurisdiction

These Terms, and any non-contractual obligations arising out of or in connection with them, are governed by the laws of England and Wales. You and we each submit to the exclusive jurisdiction of the courts of England and Wales for the resolution of any dispute arising out of these Terms, save that if you are a consumer resident in Scotland or Northern Ireland you may bring proceedings in the courts of your country of residence.

23. Contact

Mando Systems Ltd, a company registered in England and Wales under Company No. 17168657.
Support: support@mando.network
Complaints: complaints@mando.network
Data protection: dpo@mando.network
Website: mando.network

Schedule A — Apple App Store & Apple Media Services

Where you have downloaded the Mando iOS application from the Apple App Store (the "Licensed Application"), the following additional terms apply between you, us and Apple Inc. ("Apple"). These terms are incorporated because the App Store Paid Applications Agreement requires us to pass them on to you.

Licensor. The Licensed Application is licensed, not sold, to you by Mando Systems Ltd. Apple is not a party to this licence.
Scope of licence. You are granted a non-transferable licence to use the Licensed Application on any Apple-branded product that you own or control, subject to the Usage Rules in the Apple Media Services Terms and Conditions. The licence allows family sharing or purchase-sharing where permitted.
Maintenance and support. Mando is solely responsible for providing any maintenance and support services in respect of the Licensed Application. Apple has no obligation whatsoever to furnish any maintenance or support.
Warranty. Mando is solely responsible for any product warranties, whether express or implied by law, to the extent not effectively disclaimed. If the Licensed Application fails to conform to any applicable warranty, you may notify Apple and Apple may refund the purchase price (if any) for the Licensed Application; to the maximum extent permitted by law Apple will have no other warranty obligation.
Product claims. Mando, not Apple, is responsible for addressing any claims by you or any third party relating to the Licensed Application or your possession and/or use, including product-liability claims, claims that the Licensed Application fails to conform to any applicable legal or regulatory requirement, and claims arising under consumer-protection, privacy or similar legislation.
Intellectual-property claims. In the event of any third-party claim that the Licensed Application or your possession and use of it infringes that third party's intellectual property rights, Mando, not Apple, is solely responsible for the investigation, defence, settlement and discharge of any such claim.
Legal compliance. You represent and warrant that (a) you are not located in a country that is subject to a UK, US or other embargo, or that has been designated by relevant authorities as a "terrorist-supporting" country; and (b) you are not listed on any UK, US, EU or UN list of prohibited or restricted parties.
Third-party beneficiary. You acknowledge and agree that Apple and Apple's subsidiaries are third-party beneficiaries of this agreement in relation to the Licensed Application, and that upon your acceptance of these Terms Apple will have the right (and is deemed to have accepted the right) to enforce this agreement against you as a third-party beneficiary thereof.
Standard EULA. Where any provision of this Schedule is inconsistent with Apple's Standard End User Licence Agreement, the more restrictive of the two applies to the Licensed Application.
Account deletion. You may initiate deletion of your Mando account at any time from inside the Licensed Application at Settings → Legal & regulatory → Delete my account. Deletion takes effect after a 30-day grace period during which signing in restores the account. After the grace period your personal data is anonymised in accordance with our Privacy Policy and UK GDPR Article 17, save for records we are required to retain under MLR 2017 Regulation 40.
In-app purchases. Any subscription or in-app purchase made through the App Store is billed to your Apple ID and managed through your iOS Settings. Auto-renewing subscriptions renew automatically unless cancelled at least 24 hours before the end of the current period. Manage or cancel at Settings → [your name] → Subscriptions. Where refund is requested for an App Store purchase, refund is handled by Apple under its published policies.

Schedule B — Consumer Duty (FCA PRIN 2A)

Mando Network is committed to acting to deliver good outcomes for retail customers in line with the FCA's Consumer Duty (PRIN 2A) and Finalised Guidance 22/5. We will:

Act in good faith. We will act honestly, fairly and openly, and will not exploit behavioural biases, information asymmetries or the characteristics of vulnerable customers.
Avoid causing foreseeable harm. We will design products, set prices, communicate, and provide support in a way that avoids reasonably foreseeable harm, including financial, emotional, or digital-exclusion harm.
Enable and support customers to pursue their financial objectives. We will ensure our communications are clear, our products represent fair value, and our support is accessible, timely and effective.
Fair-value assessment. Each year we carry out a formal fair-value assessment of every retail product we offer, considering price, benefits, costs and the needs of the target market. A summary is available on request.
Support at times of need. We offer additional support for customers facing bereavement, financial difficulty, mental-health challenges, serious illness, and other vulnerabilities. See Schedule C.

Schedule C — Vulnerable Customers and Reasonable Adjustments

Consistent with the FCA's Finalised Guidance 21/1 on vulnerable customers, we identify and support customers whose circumstances make them less able to protect their interests. We look for signs of vulnerability arising from health, life events, resilience or capability, and we train every member of staff who speaks to customers to recognise and respond appropriately.

Reasonable adjustments we offer include: alternative communication formats (braille, large print, audio), additional time for decision-making, trusted-contact arrangements for vulnerable customers, breathing-space referrals for customers in problem debt, and warm-transfer referrals to Citizens Advice, StepChange, National Debtline and MoneyHelper. To request an adjustment please contact support@mando.network and mention "accessibility support".

Schedule D — Payment Authentication, Liability and the PSRs 2017

We operate in accordance with Part 7 of the Payment Services Regulations 2017. In practical terms this means:

Strong Customer Authentication. Where required by Regulation 100, we apply Strong Customer Authentication before granting account access, before initiating payments above the low-value exemption thresholds, and before any action that would be a risk of payment fraud. SCA in Mando is delivered using two of: (i) something you know (passcode, memorable word); (ii) something you have (your enrolled iOS device, bound by Apple App Attest); (iii) something you are (Face ID / Touch ID).
Unauthorised transactions — our liability. If a payment was not authorised by you, we will refund the full amount, including any associated fees and interest charges, by the end of the business day following the day on which you notified us, and restore your balance to the position it would have been in had the transaction never occurred, as required by Regulation 76. You must notify us without undue delay and in any event within 13 months of the debit (Regulation 74).
Your liability. Your liability for an unauthorised transaction arising from a lost, stolen or misappropriated payment instrument is limited to £35 (Regulation 77(3)), save where you have acted fraudulently or with gross negligence, or where you have failed to notify us without undue delay after becoming aware of the loss.
Zero liability after notification. You have no liability for any unauthorised transaction that occurs after you notify us of the loss, theft, misappropriation or unauthorised use of the payment instrument (Regulation 77(6)).
Incorrectly executed payments. If we execute a payment incorrectly we will, without undue delay, refund the amount and restore your account to the position it would have been in had the incorrect execution not occurred (Regulations 91–93), unless we can prove that the payment was received by the payee's provider on time.
Authorised push payment ("APP") fraud. Where you have been tricked into authorising a payment to a fraudster, we reimburse in accordance with the Payment Systems Regulator's mandatory reimbursement regime that took effect on 7 October 2024, subject to the statutory claim-excess and the exceptions for gross negligence.
Customer Authentication exemptions. We may rely on exemptions to SCA (low-value, trusted beneficiary, transaction-risk analysis, corporate payments) only where permitted by the PSR 2017 and FCA policy statement PS19/26.

Schedule E — Operational Resilience, Business Continuity and Accessibility

In line with FCA Handbook SYSC 15A and the Bank of England's operational-resilience policy, Mando has identified its important business services — account access, payment execution, customer support — and has set impact tolerances for each. We test our resilience against severe-but-plausible scenarios at least annually.

We maintain a documented business-continuity plan covering: loss of primary data centre, loss of banking partner, loss of card scheme access, supply-chain failure, cyber-security incident, and pandemic. We run disaster-recovery drills at least twice a year.

We are committed to the Web Content Accessibility Guidelines 2.2 at Level AA. A signed Accessibility Statement is published in the Licensed Application at Settings → Legal & regulatory → Accessibility statement, and at mando.network/legal/accessibility when that page is published.

Schedule F — Dormant Accounts

An Account is treated as "dormant" if there has been no customer-initiated activity for 24 consecutive months. We will attempt to contact you using the details we hold on file. If we are unable to re-establish contact and applicable law or the Dormant Assets Act 2022 permits, unclaimed balances may be transferred to the Reclaim Fund Limited, without prejudice to your right to reclaim the balance at any time.

Schedule G — Services Not Offered by Mando

For the avoidance of doubt, Mando does not offer, and nothing in these Terms should be read as our offering, any of the following: (a) deposit-taking services within the meaning of section 5 of FSMA 2000; (b) consumer credit or business lending regulated under CCA 1974; (c) residential or buy-to-let mortgages; (d) insurance distribution; (e) investment or pension advice, or any MiFID II investment service; (f) cryptoasset services (whether custody, exchange or issuance of cryptoassets, stablecoins, NFTs or other digital assets) — our services are strictly limited to GBP e-money and regulated payment services.

Schedule H — Whistleblowing and Raising Concerns

In line with the Public Interest Disclosure Act 1998 and FCA Handbook SYSC 18, any individual may raise a concern about suspected wrongdoing at Mando by writing to whistleblowing@mando.network. Concerns may be raised anonymously and are handled by the firm's Whistleblowers' Champion (a non-executive director or equivalent senior manager). Retaliation against anyone who raises a concern in good faith is strictly prohibited. You may also raise concerns directly with the Financial Conduct Authority at fca.org.uk/firms/whistleblowing.

Schedule I — Senior Management Accountability

Mando operates the Senior Managers and Certification Regime ("SMCR") in line with FCA Handbook SYSC 24–27. Each of the following prescribed responsibilities is allocated to a named Senior Manager: performance of obligations under the Senior Managers' regime; performance of obligations under the Certification Regime; compliance; money-laundering reporting; operational risk; data protection; and customer-complaints oversight. Contact regulatory@mando.network for details.

Schedule J — Safeguarding, FSCS and the Protection of Your Money

Your Funds are held as electronic money in a safeguarded bank account with a UK credit institution authorised by the Prudential Regulation Authority. Safeguarding is carried out under Regulation 20 of the Electronic Money Regulations 2011 and means: (i) Funds are never lent out or invested by Mando; (ii) they are held at all times in a client-money bank account segregated from Mando's own corporate funds; (iii) in the event of Mando's insolvency the safeguarded pool is paid out to e-money holders in priority to Mando's other creditors, under Regulation 24.

Because your Funds are electronic money, not bank deposits, they are not protected by the Financial Services Compensation Scheme up to £85,000 in the way that a bank current account is. Instead, they are protected by the EMR 2011 safeguarding regime described above. In the unlikely event of Mando's insolvency, payout from the safeguarded pool is typically quicker than an FSCS payout but is limited to the amount actually held in safeguarding at the time of the insolvency event.

Schedule K — Economic Crime and Corporate Transparency

Mando complies with the Economic Crime and Corporate Transparency Act 2023, the Proceeds of Crime Act 2002, the Terrorism Act 2000, the Terrorism Act 2006, the Counter-Terrorism Act 2008, the Bribery Act 2010, the Criminal Finances Act 2017, and the Sanctions and Anti-Money Laundering Act 2018. We screen every customer and every counterparty against the UK Consolidated List maintained by the HM Treasury Office of Financial Sanctions Implementation (OFSI), refreshed daily, and we will freeze funds and file reports to the National Crime Agency where legally required.

Schedule L — Regulatory Register

For verification purposes, the relevant public registers and contact points are:

FCA Register: register.fca.org.uk
Companies House: find-and-update.company-information.service.gov.uk
Information Commissioner's Office (ICO): ico.org.uk — Mando Systems Ltd is registered as a data controller.
Financial Ombudsman Service (FOS): financial-ombudsman.org.uk, 0800 023 4567 (free from landlines), 0300 123 9123 (free from mobiles).
Financial Services Compensation Scheme (FSCS): fscs.org.uk.
OFSI (UK sanctions): gov.uk/government/organisations/office-of-financial-sanctions-implementation.
HMRC (tax and AML supervision of non-FCA firms): gov.uk/government/organisations/hm-revenue-customs.
National Crime Agency (suspicious-activity reports): nationalcrimeagency.gov.uk.
Payment Systems Regulator (APP-fraud reimbursement): psr.org.uk.
Apple Media Services Terms: apple.com/legal/internet-services/itunes/.

Payment services provided by our FCA-authorised regulated payment partner (Electronic Money Institution, FRN 900461). Card issuance facilitated by our authorised card issuing partner.