Compliance Certifications
SOC 1 Type II
April 2024 – Change Financial completed its SOC 1 Type II audit, as performed by KirkpatrickPrice.
A SOC 1 audit provides an independent, third-party validation that a service organization’s information security practices meet industry standards as stipulated by the AICPA and SSAE 18. During the audit, a service organization’s controls that are relevant to ICFR are tested. The SOC 1 report delivered by KirkpatrickPrice verifies the suitability of the design and operating effectiveness of Change Financial’s controls to meet the standards for these criteria.
PCI DSS Compliance
Change Financial holds a PCI DSS compliance certification.
PCI DSS compliance refers to adherence to the Payment Card Industry Data Security Standard (PCI DSS), which is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.
The PCI DSS is a global standard and includes a set of requirements for enhancing payment account data security.
