Legal & Regulatory
Compliance & Regulation
Next Opay is built on a foundation of regulatory compliance and responsible financial practice — so you can collect payments with confidence.
Company Registration
Next Opay is a trading name of Next Oasis Group Ltd, a private limited company incorporated and registered in England and Wales.
Legal Name
Next Oasis Group Ltd
Companies House Number
14976174
Jurisdiction
England and Wales
Registered Office
15 Rockstone Place, Southampton, SO15 2EP
Payment Processing
All payments processed through the Next Opay platform are handled exclusively by Stripe, which is authorised by the Financial Conduct Authority (FCA) as an Electronic Money Institution (EMI) under the Electronic Money Regulations 2011.
Stripe's FCA reference number can be verified on the FCA Register. Next Opay acts as a platform connecting organisations to Stripe Connect — we do not hold, store or process card data, and we do not hold customer funds.
Next Opay operates as a Stripe Connect platform. Connected organisations are subject to Stripe's own terms and may be subject to Stripe's identity verification requirements.
Data Protection
Next Oasis Group Ltd is registered with the Information Commissioner's Office (ICO) as a data controller. We are fully compliant with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Anti-Money Laundering
Next Opay maintains an Anti-Money Laundering (AML) policy in accordance with the Proceeds of Crime Act 2002 and the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.
Transaction Monitoring
Automated checks applied to transactions based on configured thresholds. Unusual patterns are flagged for review.
Large Transaction Flags
Transactions above defined thresholds are automatically flagged and may require enhanced due diligence.
Suspicious Activity Reporting
We are required by law to report suspicious activity to the National Crime Agency (NCA) where applicable.
PCI DSS Compliance
Next Opay maintains PCI DSS (Payment Card Industry Data Security Standard) compliance through our exclusive use of Stripe's hosted payment pages and Stripe Connect embedded components.
Card data never passes through our systems. When a customer enters payment details, that data goes directly to Stripe's PCI DSS Level 1 certified infrastructure — our servers are never in scope for card data.
This architecture means our PCI DSS scope is minimal, reducing risk for you and your customers while maintaining full compliance with card scheme requirements.
Complaints
Formal Complaints Process
We take all complaints seriously and aim to resolve them fairly and promptly. If you have a complaint about the Next Opay platform or our services:
Complaints email: compliance@nextopay.co.uk
Ready to Transform Your
Payment Collections?
Join businesses using Next Opay to collect payments the smart way.