Strengthening Trust Through Security: Quiltt Achieves SOC 2 Type 2 Compliance

We are proud to announce that Quiltt has successfully achieved SOC 2 Type 2 compliance for our Unified API for Open Banking. This significant milestone reflects our unwavering commitment to maintaining the highest standards of security for our customers and their data.

What This Means for Our Customers

SOC 2 compliance is widely recognized as a gold standard for organizations, particularly those handling sensitive customer data. By achieving this certification, we demonstrate that our controls and processes meet the rigorous Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA) for security.

This certification verifies that Quiltt has implemented comprehensive controls to:

• Protect against unauthorized access
• Ensure system availability for operation and use
• Process information completely, accurately, and in a timely manner
• Maintain the confidentiality of sensitive information

A Rigorous Assessment Process

Through the rigorous auditing conducted by Insight Assurance, we've confirmed our adherence to the stringent requirements of the SOC 2 framework. The examination period covered November 1, 2024, to January 31, 2025, during which our systems, policies, and procedures were thoroughly evaluated against the Trust Services Criteria for Security.

The independent assessment verified that our control environment, risk assessment processes, information and communication systems, control activities, and monitoring practices all align with industry best practices.

Our Commitment to Security

At Quiltt, security isn't just a checkbox—it's a core element of our business. We understand that as a Unified API for Open Banking, we're entrusted with facilitating access to sensitive financial data. This responsibility drives our continuous investment in robust security measures.

Our control environment includes:

• Comprehensive security policies and procedures
• Regular security awareness training
• Vulnerability assessments and penetration testing
• Encryption of data at rest and in transit
• Multi-factor authentication
• Continuous monitoring and logging
• Formal incident response procedures

Looking Forward

Achieving SOC 2 Type 2 compliance represents not the end but a milestone in our ongoing security journey. We remain committed to continually enhancing our security posture and maintaining compliance with evolving security standards.

We extend our sincere appreciation to Insight Assurance for their thorough evaluation and validation of our compliance efforts. Their expertise and impartial assessment have been instrumental in verifying our adherence to the SOC 2 framework.

We thank our customers for their trust and partnership as we continue to provide secure, reliable open banking solutions that empower innovation while protecting sensitive financial data.