VITROPAY is dedicated to maintaining a gold standard of Compliance within its industry, and as such, information security, privacy, and compliance are built into the core of all VITROPAY service offerings.  On an annual basis, VITROPAY completes an annual SSAE18 SOC1 Type II audit and an annual SSAE18 SOC2 Type II audit.  These audits attest to the operating effectiveness of VITROPAY controls applicable to financial reporting, privacy, security, system availability, processing integrity, confidentiality, and regulations applicable to VITROPAY services.  VITROPAY completes an annual Payment Card Industry Data Security Standards (PCI DSS) audit to attest to compliance with information security standards.  Additionally, VITROPAY completes an annual Nacha Rules Compliance Audit to attest to compliance with Nacha rules applicable to the handling of ACH transactions.

Please accept this statement as assurance of VITROPAY’s continued compliance with applicable regulations at the state and federal level.  For requests of audit copies and other compliance related documentation, please contact the Compliance Department at compliance@vitropay.com.