Fintech Plaid has been established on the principle that consumers need to be in control over where and how they share their financial details.
Core or central to this principle is the customer’s ability to share their data in a secure manner and with the peace of mind that the data is being handled in an appropriate way. As part of their ongoing commitment to security and privacy, the team at Plaid is pleased to confirm that they are now ISO27001 and ISO27701 certified.
The ISO27001 and ISO27701 are globally recognized standards; and these certifications will be part of Plaid’s Security and Privacy assurance program, which reportedly includes their yearly SOC 2 Type II report, as they continue to expand operations internationally.
With millions of clients depending on Plaid’s services to manage their everyday financial requirements, the Fintech firm invested considerable resources in order to ensure their security and privacy practices are top-notch.
To obtain these certifications, Plaid’s systems and practices have gone through many rounds of testing and evaluation through third-party auditors over the course of several months. The company says that it prioritizes these investments since there’s nothing that’s more important than earning the trust of their clients and other users.
The International Organization for Standardization (ISO) serves as an independent, non-governmental global organization that includes 163 national standards bodies across its membership.
The ISO27001 and ISO 27701 should be familiar to compliance, security and privacy professionals who are tasked with overseeing digital tools across different industry segments, but there’s additional context below for those who may be less familiar.
Although they are quite pleased to have acquired these certifications, Plaid says it will continue to evolve and refine their practices in order to accommodate change and growth of their business and the wider Fintech sector.
What’s ISO27001 & ISO 27701 Certification?
ISO/IEC 27001 is a global standard that specifies all the relevant best practices and outlines the security safeguards that may help with effectively managing/addressing information security risks.
ISO/IEC 27701 is a global privacy standard that extends the requirements of ISO/IEC 27001, which assists organizations with following international privacy frameworks and laws
Why is this important?
As part of the auditing process to obtain these globally recognized standards, Plaid underwent extensive evaluation by Schellman (their ISO auditor) in several key areas related to how they handle data.
As a result, these standards certify that Plaid:
- Has demonstrated commitment in our practices and policies, and dedicated appropriate resources to the privacy and protection of consumers’ data.
- Has a comprehensive set of management and operational controls to comply with privacy laws and regulations
- Has adequate framework and management support to continuously improve our privacy and security posture as the industry evolves
These certifications may help all firms with evaluating or assessing Plaid’s policies and practices and enhance their compliance processes, leading to quicker decisioning based on third-party analysis of crucial data security and privacy obligations.
All those reliant on Plaid’s network should keep benefiting from the firm’s ongoing commitment to robust data security and privacy practices as their ecosystem continues to scale.
Plaid further noted that it would continue to comply with the highest levels of privacy and security standards, as they focus on their goal of enabling financial freedom for everyone.