Case Study: Security to Grow for Four Eyes Financial

SOC Reporting Services for Fintech Provider to the Wealth Management Industry

About the Client

Four Eyes Financial (Four Eyes) is an award-winning technology provider focused on helping wealth management firms scale compliance with ever-changing regulatory requirements. Their cloud-native Intelligent Compliance Platform allows firms to input data once and use it across back, mid, and fron-toffice workflows related to KYC/KYP & Suitability. Their suite of software solutions include Trade Surveillance & Suitability, Digital Onboarding & KYC Maintenance, and Client Portal.

The Challenge

After jumping off to a fast start in 2015 as a successful AWS partner, Four Eyes started mapping their journey to SOC 2 certification early on, knowing they would need to demonstrate security procedures to an ever-growing list of clients.

Founder Lori Weir realized that as a relatively young company with a team of only 15 people, Four Eyes needed to find a SOC 2 provider that would help their team develop processes and understand what was needed to achieve various certifications.

As Lucas Loughead, General Manager put it, “We knew we needed to design our processes to achieve a SOC 2 Type II. We needed support from someone with a lot of experience working with companies like us, that were trying to prepare for certification at an early stage.”

The Solution

A search for a process-oriented, proven partner revealed Aprio to be the ideal firm to guide Four Eyes through the SOC process. Aprio’s depth of experience working with growing fintech firms separated it from the competition.

Lori Weir recalls, “I ran consulting offices and was a consultant myself, so I can tell what the experience will be like with a partner by looking at their methodology. We compared the methodologies of a number of potential partners, and Aprio’s stood out above the rest.”

Aprio’s SOC services include:

• SOC Readiness Assessment services to help companies identify the controls that they need in place for their SOC report as well as identifying any potential gaps or problem areas which might hold up their SOC report
• SOC 1 reports that demonstrate how your control environment affects your customers’ financial reporting
• SOC 2 reports that cover data security, availability, process integrity, confidentiality, and privacy
• SOC 3 reports for providing SOC compliance to a general use audience

---

“Aprio’s depth of experience working with companies like ours and their responsiveness made them the ideal partner for our growing fintech company.”

– Lori Weir, Co-Founder,
Four Eyes Financial

---

The Result

Aprio began work with Four Eyes by assessing the control environment and processes in place. Gaps and process improvements were identified, and with support from their dedicated Aprio audit team, Four Eyes pushed forward with implementing Aprio’s recommendations and achieved their first SOC 2 certification with an unqualified opinion.

Since then and through subsequent years working alongside Aprio, Four Eyes Financial has been able to proactively navigate changes in the security landscape, enabling the Company to continue demonstrating to their clients a priority and commitment to security, while having their SOC report continuously change as the Company grows.

Loughead notes, “As we started working with larger clients with more stringent security requirements, we find we already meet their requirements.”

The Future

Four Eyes continues to grow, winning awards like Best Innovative Technology Solution at the Canadian RegTech Awards.

According to Weir, “This is a journey for us. The team at Aprio understands the practical side as well as the knowledge, and they helped us through the process of assessing, identifying gaps and addressing needs, while looking ahead. We’re 51 people now and we see Aprio as a partner as we continue to grow.”