Phoebus Software has completed its Service Organisation Control (SOC) 2 Type II attestation, an achievement which it says underlines its commitment to data protection, operational security and governance across its loan and savings servicing technology platforms.

The SOC 2 framework, established by the American Institute of Certified Public Accountants (AICPA), is a globally recognised benchmark for information security. It evaluates a company’s ability to manage and protect customer data in line with the Trust Services Principles of security and availability.

Unlike a certification, the attestation confirms through independent audit that an organisation’s controls not only meet design requirements but also operate effectively over time.

Warren Higgins, chief information officer at Phoebus, said: “Compliance with SOC 2 shows our clients, partners and regulators that we treat security and data protection as a continuous process, not a one-off exercise.

“At a time when trust is everything, this attestation report provides independent verification that our service is built to handle security threats and operational disruptions, ensuring customer data remains safe and accessible.”

He added: “SOC 2 proves that controls are not only well-designed and maintained but effective in practice and constantly improved to stay ahead of new threats. This gives our clients confidence that security and reliability aren’t afterthoughts for us; they’re baked into everything we do, every single day.”

Phoebus said the attestation also sends a clear message to the market that institutions should prioritise technology partners capable of meeting stringent, independently verified standards of security and reliability.