Compliance

Finn is built with security and regulatory compliance in mind. We work with trusted, audited partners and follow industry best practices.

Security Standards

• AES-256 encryption for data at rest and in transit.
• Access controls, logging/monitoring, and regular security reviews.
• Read-only bank connections for data access and verification.

Certifications & Audits

• We operate on infrastructure that supports SOC 2 Type II and PCI DSS compliance.
• We conduct regular third-party assessments where applicable.

Data Handling

• We do not store bank credentials and do not hold customer funds directly.
• Payment operations are facilitated by regulated partners and insured institutions.

Responsible Disclosure

If you believe you have found a security vulnerability, please contact us at support@tryfinn.app.

Contact

For compliance inquiries, reach out at support@tryfinn.app.