aicpa soc logo

Granite Escrow & Settlement Services has successfully completed our Statement on Standards for Attestation Engagement No. 18 (SSAE 18) SOC 1 Type 2, SOC 2 Type 2, and SOC 3 audit for more than 5 consecutive years.  Granite Escrow is only one of a handful of escrow companies in the state to have passed this specialized audit on all of our controls over security, availability, processing integrity, confidentiality, privacy, and financial reporting earning this prestigious attestation.

Granite Escrow’s policies and procedures, security principles and procedures are designed to protect our clients who entrust their private information and assets with our company.

SOC 1 Type 2 Audit

The SOC 1 type 2 for Service Organizations: Reports on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting. The escrow marketplace has been challenged to demonstrate adherence to the ALTA Best Practices Framework. Amid the fog of uncertainty, the SOC 1 audit is the prevailing compliance vehicle of choice when meeting the CFPB requirements. In response to the CFPB bulletin, many title and escrow companies have been in search of specific guidance to help them come into compliance. One of the more popular sources of guidance has come from the American Land Title Association® (ALTA®). ALTA® has created the Title Insurance and Settlement Company Best Practices. To test compliance with these best practices, we are using the SOC 1 audit as the “go-to” compliance vehicle of choice.

SOC 2 Type 2 Audit

The SOC 2 Type 2 Independent Service Auditor’s Report focuses on five criteria relevant to data security, availability, processing integrity, confidentiality and privacy. Companies completing the audit have the option to be judged on one or more of the five categories. Granite Escrow & Settlement Services has met or exceeded the industry-leading standard for the Security Trust Service Criteria. The Security criteria verifies Company systems are protected against unauthorized access, use, or modification to meet the entity’s commitments and system requirements. “Granite Escrow has implemented a robust set of internal controls to comply with ALTA Best Practices,” says Brad Cohen, president of Granite Escrow & Settlement Services.  “The successful completion of this audit is a testament to our internal team’s commitment to their customers.”

SOC 3— SOC for Service Organizations: Trust Services Criteria for General Use Report

The SOC 3 report is designed to meet the needs of clients who want assurance about the controls at a service organization relevant to security, availability, processing integrity confidentiality, or privacy without the need for confidentiality or Non-Disclosure agreements normally associated with the SOC 1 & SOC 2 attestations.

aicpa soc logo