FinMkt Successfully Completes SOC 2 Assessment 2026

At FinMkt, we continually invest in security best practices to ensure that our clients' data stays safe and secure. As part of our ongoing commitment to excellence, we are excited to announce that we've completed our SOC 2 report for 2026.

The examination was conducted by A-LIGN, a leading provider of high-quality, efficient cybersecurity compliance programs trusted by organizations worldwide to help mitigate cybersecurity risks.

What is a SOC 2 Report?

A SOC 2 report addresses risks associated with the handling and access of data, and can be used by a variety of organizations of any size (e.g., SaaS, colocation, data hosting, etc.). Rather than a cybersecurity assessment that evaluates specific technical configurations, a SOC 2 report focuses more on how an organization implements and manages controls to mitigate identified risks across different parts of an organization.

The SOC 2 audit testing framework is based on the Trust Services Criteria (TSC), which are used to identify various risks (points of focus) an organization should consider addressing. Based on the TSCs the organization selects to be in-scope, the third-party compliance and audit firm (in our case, A-LIGN) evaluates whether the organization has the appropriate policies, procedures, and controls in place to manage the identified risks effectively.

There are five Trust Services Criteria. The first criteria, Security, must be included with every SOC 2 report and is referred to as the "Common Criteria." The remaining four are optional to include:

1. Security (required)
2. Availability (optional)
3. Processing Integrity (optional)
4. Confidentiality (optional)
5. Privacy (optional)

In order to pass a SOC 2 examination and receive a letter of attestation successfully, it means an organization is addressing controls in areas such as information security, access control, vendor management, system backup, business continuity, disaster recovery, and more.

‍

Who Should Get a SOC 2 Examination?

Organizations of all sizes and industries can benefit from a SOC 2 examination, as the audit can be performed for any organization that provides a variety of services to its customers. A SOC 2 report highlights the controls in place that protect and secure an organization's system or services used by its customers. The scope of a SOC 2 examination extends beyond the systems that have a financial impact, reaching all systems and tools used in support of the organization's system or services.

Why Do I Need a SOC 2?

Today, many organizations outsource their business operations and services to third-party vendors, possibly putting client data at risk. For this reason, organizations request that their vendors achieve SOC 2 compliance to demonstrate rigorous IT security standards. Some additional reasons to consider a SOC 2 report for your organization include:

1. Clients will most likely request a SOC 2 sooner or later.
2. SOC 2 can bring a competitive advantage to your business.
3. Enhanced information security practices.
4. SOC 2 helps you gain customer trust.
5. Ensures your employees understand best practices.

Know Your Data is Safe and Secure with FinMkt

FinMkt will make the SOC 2 report available to current or potential customers upon execution of a non-disclosure agreement. We hope the steps we have taken help you and your team remain confident in knowing that your data is secure with FinMkt.

About FinMkt

FinMkt is revolutionizing digital lending and payments technology with a fully customizable, multi-lender, full credit spectrum, embedded SaaS solution. FinMkt's award-winning, API-driven platform offers both end-to-end and modularized consumer financing, loan origination, and payments technology that empowers lenders, merchants, and enterprise partners to control their destiny with a customized solution tailored to their unique brand. FinMkt's proprietary, omni-channel, and product-agnostic SaaS platform is optimized for home improvement, healthcare, and retail.

To learn more about FinMkt, please visit FinMkt.io or reach us by email at info@finmkt.io.

‍

About A-LIGN

A-LIGN is a leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services, including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is trusted by organizations worldwide to help mitigate cybersecurity risks through comprehensive assessments and attestations.

‍