Finch achieves SOC 2 Type 2 compliance

Finch achieves SOC 2 Type 2 compliance

Finch is proud to announce that we are SOC 2 Type 2 compliant and have released a security whitepaper detailing how we are keeping our customers’ data secure.

According to the AICPA (American Institute of CPAs), which sets the standards for data security and compliance, a SOC 2 report provides “detailed information and assurance” around factors related to user data, confidentiality, and privacy.

Finch has received a SOC 2 Type 2 report, which represents the most in-depth certification available. A Type 2 report involves collecting data over many months to confirm that a service organization is following proper procedures.

Security is paramount at Finch given that we provide access to confidential employee data, including Social Security numbers, addresses, birth dates, and bank account information.

Finch’s industry-leading tools employ various measures to safeguard sensitive data:

  • We’re permission-based, meaning Finch puts employers in control and allows them to grant application access to specific employment records.
  • We take data privacy seriously and do not share data with any unauthorized third parties.
  • We grant full transparency to employers through Finch Connect.

With Finch, employers can be confident about how their employees’ data is being shared—and how it’s being protected. We’re committed to staying at the forefront of security, from additional certifications to tokenization and other cutting-edge practices.


To learn more about our comprehensive, multi-layer approach to security, please read our Security Whitepaper or use the Request Access button on our website to contact Finch today.