Comply has announced its achievement of one of the most recognized certifications for information security management systems (ISMS), the ISO/IEC 27001 certification.
This certification demonstrates that the firm has implemented and independently audited controls to protect the confidentiality, availability, and integrity of client and regulatory data across all its internal operations and cloud infrastructure.
The certification ensures that operations and governance frameworks are not merely treated as paperwork but are embedded in the entire technology infrastructure of the firm.
The ISO/IEC 27001 certification requires formalized controls and rigorous risk assessment. ISMS has reinforced Comply’s position as a globally trusted RegTech provider. It raised the bar and helped Comply align itself with the expectations of clients and regulators.
The CEO, Michael Stanton, said: “ISO/IEC 27001 certification reflects the discipline, governance, and operational rigor compliance technology providers must meet to serve modern financial institutions. This milestone reinforces that Comply is built to operate at enterprise scale, in complex regulatory environments, where security and accountability are non-negotiable.” Mr. Stanton also added, “For our clients, trust is not aspirational, it’s foundational.”
Comply has launched the Trust Centre, jointly with the certification. The objective is to offer transparent access to compliance documentation, certifications, and security controls, along with ongoing material assurance, affirming the company’s commitment to accountability in operations, beyond point-in-time audits.
The Chief Information Security Officer, Jeremy Trinka, emphasized the everyday significance, saying, “ISO/IEC 27001 certification reflects the day-to-day reality of how our security program operates.” This requires formally governed controls, tested incident response, and disciplined vendor oversight. He added, “Our Trust Centre extends that operational rigor to our clients, providing clear visibility into how we manage security and risk in practice.”
The independent audit was conducted by A-LIGN, a globally reputed compliance firm trusted by over 4,000 organizations. The company is accredited by both the ANSI National Accreditation Board (ANAB) and the UKAS (United Kingdom Accreditation Service) to certify organizations against ISO/IEC 27001.
Emphasizing sustainable, time-tested, and reliable information security, the Chief Operating Officer at A-LIGN said: “ISO/IEC 27001 certification is a strong signal that an organization has established mature, sustainable information security practices”. Applauding Comply’s focus on operational excellence, COO Steve Simmons stated ‘Comply demonstrated a clear commitment to security governance, risk management, and operational excellence throughout the certification process.”
The clients of Comply include broker-dealers, private funds, global financial institutions, and RIAs.
The certification testifies to global best practices. It assures sensitive compliance, regulatory, and safety of personal data through formal governance and continuously audited security controls.
Building on a continued momentum and industry reputation, Comply has achieved this certification after being named RegTech of the Year at the 2025 U.S. FinTech Awards. The recognition had placed the company on the Inc. 5000-Fastest Growing Private Companies list. These milestones have emphasized the company’s ability to scale rapidly, while also maintaining the operational discipline required of a trusted compliance partner.
About Comply
Comply is an industry leader in providing financial service consulting and regulatory compliance software services. The company is widely trusted across the globe, with more than 5,000 organizations in the financial services, wealth management, investment banking, brokering deals, and private funds.
A-LIGN is a globally renowned cybersecurity compliance program provider. Widely acknowledged for their high standards for quality and efficiency, they combine experienced auditors and audit management technology. A-LIGN provides services spanning a wide range, both vertically and horizontally – including SOC 2, PCI, FedRAMP, and ISMS – ISO 27001. It is a forerunner in SOC 2 issuance and a leading assessor in HITRUST and FedRAMP. Visit a-lign.com to know more.
Source link: https://www.manilatimes.net/2026/01/26/tmt-newswire/globenewswire/comply-achieves-isoiec-27001-certification-setting-a-new-standard-for-trust-security-and-governance-in-regtech/2265318
