How Laika helped Pave get SOC 2 Type 1 compliant in 6 weeks

With the recent boom in fintech startups, more and more emerging markets now have access to financial services. However, getting a complete picture of a consumer’s finances requires significant engineering time and resources. Pave makes it easy for fintech developers to access a complete view of their end customers’ cash flow and financial profile. 

It’s no surprise that Pave began their SOC 2 journey right from the start. Based on the types of data Pave holds, a SOC 2 could provide their ecosystem with trust and confidence. In 6 weeks, they were able to get their SOC 2 Type 1 report. We spoke with Jack Tannenbaum, Head of Business Operations, about how seamless their experience was with Laika. 

Why SOC 2?

A SOC 2 report was crucial for Pave. As they began building their solution, they knew they needed security and compliance to shape their organization. There’s a critical amount of trust their customers have to have in them. From analyzing risk and building budget functionality to providing goal recommendations, they needed fintech businesses to feel confident that their solution could solve their problems with no risk. 

They recognized that with any company, security and compliance are the foundation. A SOC 2 report could chart a way forward for a more secure API — one that is optimized not just for greater accessibility, but for security and trust as well. 

When starting the search for a partner, Pave knew they needed a solution that could provide thoughtful security insight. Check-the-box solutions wouldn’t fit the bill. They realized that every business is nuanced, and compliance programs should be customized and built to scale with them. Pave turned to Laika to build a compliance program from scratch. 

5-week Implementation Period 

Pave’s implementation process began with onboarding and the gap analysis. Laika automatically integrated with pre-built applications and connected to all of Pave’s users, devices, and vendors. Then, Laika’s compliance architect team performed a gap analysis and instantly created customized policies and guided workflows to fill in any missing pieces. 

Pave’s compliance architect, Shawn Studholme, provided the team with insights along the way. He helped Pave approach compliance as a core capability for their company — understanding how to shape an organization to become security-minded. 

Customized SOC 2 Controls and Workflows

The Laika platform made it easy for Pave to understand the value behind each control. Instead of recommending controls that were too costly or unrelated, Laika’s stage-appropriate controls helped Pave:

1. Understand the purpose behind each control and what it’s meant to mitigate against 
2. Identify a compensation control that fulfills the purpose while making more sense for the current stage

Built-in Compliance Expertise

Laika’s built-in compliance expertise was a valuable resource for Pave throughout their Type 1 journey. Shawn helped the Pave team minimize complexity, move through workflows, and answer tough compliance challenges. 

In 5 weeks, the Pave team was ready to begin their audit process.

1-week Audit Period

Pave worked with Laika Compliance LLC, a leading CPA firm specializing in SOC reporting under AICPA standards. Laika’s partnership with Laika Compliance eliminates the uncertainty of an audit process and streamlines every step. Unlike other audits, each step of the audit was visible directly through the Laika platform. 

During the audit process, Shawn was Pave’s first point of contact. Any request that came from the auditor was first passed through Shawn and then to the Pave team if necessary.  In just 1 week, Laika Compliance was able to review, process, and draft a report. 

What’s Next?

Security is a top priority for Pave. As they embark on their SOC 2 Type 2 journey, they continue to update and evolve their compliance posture. The Pave team maintains 100% confidence in their program with Laika monitors. The platform automatically flags potential issues and provides suggestions for risk mitigation.

As Pave continues to grow, Laika stands by to answer questions and provide guidance on how to shape the future of Pave’s compliance.