Compliance Certifications

SOC 1 Type II

April 2024 – Change Financial completed its SOC 1 Type II audit, as performed by KirkpatrickPrice.

A SOC 1 audit provides an independent, third-party validation that a service organization’s information security practices meet industry standards as stipulated by the AICPA and SSAE 18. During the audit, a service organization’s controls that are relevant to ICFR are tested. The SOC 1 report delivered by KirkpatrickPrice verifies the suitability of the design and operating effectiveness of Change Financial’s controls to meet the standards for these criteria.

PCI DSS Compliance

Change Financial holds a PCI DSS compliance certification.

PCI DSS compliance refers to adherence to the Payment Card Industry Data Security Standard (PCI DSS), which is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

The PCI DSS is a global standard and includes a set of requirements for enhancing payment account data security.

Last updated June 2024