menu

March 17, 2021

We're Committed to Security: illumis is SOC 2 Certified

We are excited to announce that illumis is now officially SOC 2 certified.

The SOC 2 certification demonstrates a commitment to best-in-class security controls in order to comply with the AICPA’s Trust Services Criteria. This accreditation highlights our adherence to one of the most stringent, industry-accepted auditing standards on the market, and provides assurance to our customers that our business process, information technology, and risk management controls are correctly designed.

The official audit report provides a thorough review of our internal controls, policies, and processes for both our monitoring and search platforms. It also reviews illumis’ processes relating to risk management and vendor due diligence, as well as illumis’ entire IT infrastructure, software development life cycle, change management, logical security, network security, and computer operations.

In today’s world, data security is ever more important. Securely managing our customers’ data has always been a top priority at illumis, and now we have the gold standard certification to demonstrate it.

At illumis, we provide the leading solutions to help our customers reduce risk and increase transparency. Our platforms continue to set the standard, with cutting-edge technology and comprehensive public datasets. Interested in a demo? Email us at solutions@illumis.com!
ComplySci and illumis: Two regulatory compliance solutions joining together to benefit clients’ regulatory needs

In November of 2021, ComplySci announced the acquisition of illumis, a premier data aggregator and technology provider whose solutions are used by financial services firms to identify and mitigate risk from employee political contributions. While the initial acquisition saw the firms operating as two independent organizations, we are thrilled to announce the merging of the illumis and ComplySci brands. With this initiative, we aim to arm our clients with a more comprehensive solution to mitigating compliance risk, which includes the increased risk associated with employee political contributions.

Why real-time data is essential to helping your investment firm avoid violating pay-to-play regulations, SEC rule 206(4)-5

Political contributions made by firm employees pose a significant threat to investment advisory firms. And even firms with the best compliance teams can be at risk of violating pay-to-play regulations, like the Securities and Exchange Commission’s (SEC) rule 206(4)-5, given the complexity of the rules and the myriad of regulations to which firms must comply.

Because of this, investment firms must arm themselves with the access to and support of real-time data, which can help identify potential violations and anomalies in the political donation process.

By leveraging real-time data, investment firms can quickly detect suspicious or unauthorized activities and take prompt action to prevent pay-to-play violations.

Beyond SEC Rule 206(4)-5: A look at state and local political contributions compliance regulations

SEC Rule 206(4)-5 is arguably the most well known regulation regarding political contributions compliance or pay-to-play compliance. However, it certainly isn’t the only regulation to which firms must comply.

In fact, beyond federal regulations, firms which take part in government contracted work must contend with numerous and varied state and local regulations as well. Such regulations present unique challenges because of the various requirements within each, which should they be neglected, can cause significant financial and reputational damage.