Flourish completes SOC 2 Type 2 examination
May 9, 2023
Estimated reading time: 2 minutes
We’re proud to share that Flourish completed its System and Organization Control 2 (SOC 2®) Type 2 examination. The examination took place from December 1, 2021 through December 31, 2022 and was conducted by KPMG LLP, a “Big 4” independent third-party accounting and auditing firm. Flourish received its report on Monday, May 1, 2023.
Considered one of the most difficult examinations, the decision to seek a SOC 2 Type 2 report reflects Flourish’s longstanding commitment to security and risk management. The safety of client assets and personal information is a top priority for Flourish, and the receipt of the SOC 2 Type 2 report validates our efforts in this area. The completion of an SOC 2 Type 2 examination demonstrates that the organization has implemented effective controls to protect sensitive information and maintained these standards over an extended period of time.
The receipt of the report upon completion of the examination serves as independent verification that Flourish satisfies or exceeds the exacting security measures and industry standards relevant to security, availability, processing integrity, confidentiality, or privacy defined by the American Institute of Certified Public Accountants (AICPA). The report validated that Flourish met its selected criteria throughout the audit period.
The criteria covered:
- Security: Systems and the data stored are protected against unauthorized access and unauthorized disclosure
- Availability: Information and systems are available for operation and use
- Confidentiality: Confidential information is protected
The extensive duration of the audit, which took place over a 13-month period, allowed for a deeper and more thorough assessment that resulted in evidence that controls were properly implemented and continuously functioned as expected throughout the evaluation period.
In April 2022, Flourish completed its SOC 2 Type 1 audit and began to pursue the next level of examination. It is a voluntary step, but one that is critically important to the organization as we strive to ensure the safety and security of client assets and personal information.
Flourish will continue to undergo this examination with the aim to maintain a SOC 2 report each year. The report is available upon request. RIAs who are interested in receiving a copy can reach out to the Support team to place a request.
Flourish builds technology that empowers financial advisors, improves financial lives and retirement outcomes, and delivers new and innovative investment options to advisors. Today, the Flourish platform is used by more than 550 wealth management firms representing more than $1.5 trillion in assets under management. Flourish is wholly-owned by MassMutual. For more information, visit www.flourish.com.