Security is a Core Value for Treasure Financial

AICPA Service Organization Control badge
Scott Williams
November 1, 2021

Treasure recently completed AICPA Service Organization Control (SOC) 2 Type I Audit, which demonstrates our commitment to protecting client data.

When discussing the corporate values that are most important to Treasure and our clients, there is no question that principles related to security and compliance guide how we deliver our products and services. Treasure’s commitment to these values enables our customers to simply and securely access the digital world with their important financial data.

Secure Personnel

Treasure is vigilant about the security of our clients’ data, as well as our own. We ensure that only vetted and approved personnel are given access to these resources. Our embedded culture of security includes annual employee security training, as well as ongoing testing using current and emerging techniques and attack vectors. Some examples of how Treasure prioritizes security as a core value include:

- All of our employees and contractors undergo background checks prior to being engaged or employed at Treasure in accordance with local laws and industry best practices.

- Confidentiality agreements or other types of NDAs are signed by all of our employees, contractors, and others who access sensitive or internal information.

Cloud Security

To ensure clients always have peace of mind when using our platform, Treasure’s cloud provides maximum security with complete customer isolation in a modern, multi-tenant cloud architecture.

Our cloud leverages the native physical and network security features and requires providers to maintain the infrastructure, services, and physical access policies and procedures.

All Treasure customer cloud environments and data are isolated using a proprietary isolation approach. That means that each customer environment is stored within a dedicated trust zone to prevent any accidental or malicious co-mingling. All of our customer data are also encrypted at rest and in transmission to prevent any unauthorized access or data breaches. The entire Treasure platform is also continuously monitored by dedicated, highly trained experts.

We separate each customer’s data from Treasure’s data by utilizing unique encryption keys to ensure all of the data are protected and isolated. Our client’s data protection complies with SOC 2 standards to encrypt data in transit and at rest, ensuring customer and company data and sensitive information are protected at all times. Lastly, we implement role-based access controls and the principles of least privileged access and revoke access as needed.  

Compliance Security

Treasure is committed to providing secure products and services to safely and easily manage billions of digital identities across the globe. Our external certifications provide independent assurance of our dedication to protecting our customers by regularly assessing and validating the protections and effective security practices that we have implemented for our clients.

SOC 2 Type 1

We are excited to announce that Treasure successfully completed the AICPA Service Organization Control (SOC) 2 Type I Audit. The audit confirms that Treasure’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security.

To prepare for the SOC 2 Audit, we utilized the Vanta automated security platform.  Treasure was audited by Prescient Assurance, a leader in security and compliance certifications for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting firm in the U.S. and Canada and provides risk management and assurance services, which includes but is not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, CSA STAR, etc.

This SOC 2 Type I audit report demonstrates to Treasure’s current and future customers that we manage their data with the highest standard of security and compliance. Customers and prospects can request the SOC2 audit report.  

For Treasure, ensuring security for our customers is the first pillar in building a trusting, successful relationship. Treasure will continue to pursue appropriate certifications like the SOC 2 Audit, as well as maintain ongoing testing and ensure compliance to all appropriate security regulations. Treasure customers can rest assured that security is our priority and that we’ve taken every available step to protect them and their data.

Scott Williams (Chief Compliance Officer)

Treasure Investment Management, LLC

Disclaimer: The views and opinions in this piece are just the authors' own, offered to the public at large and not to any one particular investor.

More from the Blog

Stay Updated with Finance and Economy News | The Weekly Treasure
The Weekly Treasure, Week of November 27th, The $100k Tool Bag Orbiting Around the Earth

Explore the latest economic trends, finance insights, and fintech updates. Housing paradox, EU warnings, S&P earnings, Fintech insights, and a quirky $100k tool bag orbiting Earth!

Read More
Resourcesembedded financial services
From Niche to Norm: The Evolving Landscape of Embedded Financial Services

Examine the evolving landscape of embedded financial services, tracing its journey from a niche concept to a norm in the financial industry.

Read More
Resourcesembedded investments
Unlocking Value with Embedded Investments: Opportunities and Challenges

Delve into the concept of embedded investments, exploring both the opportunities and challenges they present in the financial landscape.

Read More
Treasure Technologies Inc.
1324 Clement St
San Francisco, CA 94118
* Returns are projected based on current performance and are gross of fees. Treasure's fee is 35 basis points on Assets Under Management. There is no fee for Treasure Cash. Returns are subject to change daily.

** Treasure Cash accounts are held at Grasshopper Bank, N.A., our FDIC partner bank. Return differentials based on national average checking account rates as of 5/24/2023. Source: FDIC

Website is operated by Treasure Investment Management, LLC ("Treasure"), a wholly-owned subsidiary of Treasure Technologies, Inc., and an investment adviser registered with the U.S. Securities and Exchange Commission ("SEC"). Brokerage services are provided to clients of Treasure by Apex Clearing Corporation ("Apex"), an SEC-registered broker-dealer and member FINRA.

Investing involves risk, including loss of principal. The contents of this website are provided for information purposes only and do not constitute an offer to sell or a solicitation to buy securities. Past performance is no guarantee of future returns.