Diligent AI Achieves SOC 2 Type II Compliance

Subscribe for Updates

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

We’re proud to share that Diligent AI has successfully completed a SOC 2 Type II audit.

We partnered with Oneleet to move efficiently through the process while maintaining a high standard of rigor and clarity.

For the fintechs, banks, and compliance teams we work with, trust is foundational.
SOC 2 Type II provides independent assurance that our security and operational controls are not only well designed, but consistently operated over time.

What SOC 2 Type II means

SOC 2 is an independent audit framework focused on how organizations protect customer data and operate critical systems.

A Type II report evaluates how controls perform over an extended period, not just at a single point in time.

In practice, this includes areas such as:

Access control and identity management
Secure software development and change management
Incident monitoring and response
Business continuity and disaster recovery
Vendor and risk management

From ISO 27001 to SOC 2

We achieved SOC 2 Type II shortly after completing ISO/IEC 27001 — within roughly two months.

This was possible because we had already earned ISO 27001 in May 2025 and had since embedded those controls deeply into our engineering and operational workflows.

As a result, completing SOC 2 mainly involved:

Mapping existing practices to SOC 2 criteria
Tightening control narratives
Ensuring evidence was structured and traceable

The incremental work was relatively small — just a few focused days.

Challenges we tackled

Even with strong foundations, moving quickly still required careful execution:

Operationalizing evidence: it’s not enough to do the right thing — controls must be consistently documented.
Maintaining engineering velocity: ensuring strong change management while shipping continuously.
Demonstrating consistency: SOC 2 Type II requires proving controls operate reliably over time.

What we learned

A few lessons stood out:

Security works best when embedded into daily workflows, not treated as a separate project.
Clear ownership and simple processes scale better than complex playbooks.
Good documentation is an operational advantage — it improves reliability, onboarding, and incident response.

What’s next

Compliance is not a milestone — it’s part of how we operate.

We will continue strengthening our security program as we expand our platform and support more regulated financial institutions globally.

If you’d like to learn more about our security posture you can visit https://trust.godiligent.ai/

‍

Keep Reading

News

Diligent AI Raises $2.5M to Empower KYC and Anti-Money-Laundering teams with AI Agents

Diligent AI, a Y Combinator-backed startup building autonomous AI agents for financial crime compliance, has raised $2.5 million in Seed funding led by Speedinvest alongside fintech investor Shapers, with participation from the CEOs and founders of N26, Allica Bank, IDnow, Billie, and Cybersource. The platform, already relied upon by global fintechs, banks, and publicly listed payment processors, is automating routine KYC/AML tasks.

News

New Launch: Automate Sanctions, PEP, and Adverse Media alerts with AI Agents

We're excited to announce our AML Screening AI Agent to address the high volume of false positives that burden KYC/AML teams by automatically investigating alerts and providing clear, auditable recommendations—reducing alert-handling time, delivering more consistent decisions and lower operational costs, while improving risk management.

Customers

How Alma accelerates merchant onboarding with AI agents

Alma was growing quickly and needed its merchant onboarding to stay fast and smooth without compromising risk, compliance, or customer protection. As volumes increased, manual reviews created operational strain and threatened to introduce delays for legitimate merchants. To solve this, Alma partnered with Diligent and introduced AI-driven checks to streamline routine work and prioritize higher-risk or more complex cases for human review. The result was a more scalable onboarding process, with greater operational efficiency and more consistent, auditable decision-making. Going forward, the partnership helps Alma keep pace with growth while maintaining trust and safeguards.