Kaizen Achieves SOC 2 Type II and SOC 3 Information Security Attestations

Latest Attestations Complement Kaizen’s ISO 27001 Information Security Management System and Reinforce Global Compliance and Data Security Excellence

London, 27 November 2025 – Kaizen, a leading provider of regulatory compliance solutions for global financial institutions, today announced it has successfully achieved System and Organization Controls (SOC) 2 Type II and SOC 3 attestations, further strengthening its commitment to the highest standards of information security and data protection for its global client base.

The attestations, conducted by an independent American Institute of Certified Public Accountants (AICPA) accredited Certified Public Accountant (CPA) firm, validate the operational effectiveness of Kaizen’s security controls over a 12-month period. This achievement complements the company’s existing ISO 27001:2022 certified Information Security Management System (ISMS), creating a robust dual-framework approach that addresses the diverse compliance requirements of financial institutions across the UK, EU, US and APAC.

“Achieving SOC 2 Type II and SOC 3 attestations represents a significant milestone in our continuous journey to provide world-class information and data security to our clients,” said Dario Crispini, Founder and CEO at Kaizen. “While our ISO 27001 certification has long demonstrated our systematic approach to information security management, these SOC attestations provide the detailed operational validation that our North American clients particularly value. Together, these frameworks create a comprehensive security system that meets and exceeds expectations of our global client base.”

The SOC 2 Type II attestation evaluated Kaizen’s controls across all five Trust Services Principles – Security, Availability, Processing Integrity, Confidentiality, and Privacy – providing detailed assurance on the effectiveness of controls protecting client data throughout Kaizen’s ReportShield platform. The accompanying SOC 3 report enables Kaizen to publicly demonstrate its commitment to security excellence.

Financial institutions are facing increased scrutiny from regulators worldwide on information security. Therefore, by maintaining both ISO 27001 certification and SOC 2 Type II attestation, the company is addressing the wide range of data security requirements across different regulatory jurisdictions, from prescriptive ISMS focused requirements in Europe and APAC, to the detailed control validation  required by US institutions. While the ISO 27001 certification provides a framework for continuous improvement in data security and risk management, SOC 2 Type II provides operational evidence and control testing for our security practices.

(Ends)

For more information about Kaizen’s security certifications, please contact: communications@kaizenreporting.com