Lendio Achieves SOC 2 Compliance

Lendio recently achieved SOC 2 compliance. Short for Service Organization Control 2 and pronounced “sock two,” the voluntary designation for Lendio, which focuses on data security, is not commonly sought by its peers.

SOC 2 is defined by American Institute of Certified Public Accountants (AICPA) guidelines and issued by outside auditors. The AICPA itself is an association that provides educational guidance materials, develops and grades the Uniform CPA Examination, and monitors and enforces compliance within the profession.

“We focus on small and medium sized business owners and their businesses,” said Ethan Hanson, SVP, General Counsel at Lendio, “and they benefit because they know they’re dealing with a company that is secure and takes their information seriously and handles that information with care.”

The process in obtaining this certification takes months of preparation and covers data security, data privacy, HR and accounting functions, making this an all-encompassing certification.

“The process is you engage with an audit party, they come in, and they review all of your policies, all of your systems, how our database is set up and the framework that you have and ensure that all those policies cover our business operations, and that they are also in line with the standards of the AICPA,” said Hanson.