IMM successfully completes SOC 2® type 2 examination

eSignature provider completes rigorous audit reinforcing commitment to security, regulatory compliance

RAHWAY, NJ (June 7, 2021)IMM, the only eSignature provider that specializes in digital transaction solutions exclusively for financial institutions, today announced the successful completion of its 2021 Service Organization Control (SOC) 2 Type 2 examination, which ensures compliance with the leading industry standards for managing enterprise data. IMM opted to undergo this voluntary audit to further affirm its long-standing commitment to information and data security practices, ensuring policies, procedures and operations not only meet, but exceed the industry standards for security, availability and confidentiality.

Since its inception, IMM has been focused on supporting and providing eSignature and digital transaction solutions designed exclusively for financial institutions. The successful completion of the SOC 2 certification is yet another example of IMM’s commitment to providing banks and credit unions with advanced, innovative and secure technology that distinguish it from other eSignature vendors. Earning the SOC 2 certification attests that IMM is committed to protecting customer data and system resources against unauthorized access.

“We are extremely proud of this achievement,” said Nish Shah, CTO, IMM. “While most of our competition operates in multiple industries and verticals, our sole focus remains on the financial industry, giving us a unique perspective and the ability to better understand the security and regulatory pressures facing banks and credit unions in today’s environment. Thousands of financial institutions place their trust in our systems and technology offerings on a daily basis; and this certification demonstrates our ongoing commitment to securing their data with the highest level of protection and controls.”

System Organization Control (SOC2) is a technical auditing process conducted by independent auditors who measure the availability, security, and integrity of an organization’s unique data processing systems, and ultimately determine whether effective safeguards and controls are in place. To comply with SOC2, IMM demonstrated it had established rigorous policies and procedures in accordance with the AICPA Trust Services Criteria for security, availability and confidentiality. Additionally, the report verifies the existence of internal controls which have been designed and implemented to meet the requirements for the security principles. This independent validation of security controls is crucial for organizations operating in highly regulated industries such as financial services.

As part of the extensive and comprehensive auditing process, IMM worked with 360 Advanced, Inc.  to pass the SOC 2 audit. IMM considered several companies that provided a SOC certification and ultimately selected 360 Advanced based on their responses to the interview and the quality of their customer service.

Powering millions of end-to-end digital transactions each month, IMM eSign seamlessly interfaces with existing business systems to optimize back-office operations and provide a more dynamic and engaging customer experience. The transaction experience is frictionless and easy to use for financial institution employees while maintaining the safety and security for customers to sign documents remotely.

About IMM

CFM, IMM and NXTsoft have joined forces to provide the most open and connected integration platform for scaling innovation and accelerating transformation efforts. Today more than 2,500 banks and credit unions use this expanded suite of API connectivity, document workflow, teller workflow, analytics, and data connectivity solutions. By delivering access to innovation across 80+ fintechs and 40+ banking cores, we help financial institutions break down barriers, unlock new services, and enhance their competitive edge. For more information visit, or

About 360 Advanced
360 Advanced is “Making Better Businesses” through their national Cybersecurity and Compliance offerings. Services provided include SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, CSA STAR, HIPAA/HITECH, ISO 27001, CMMC, PCI-DSS, HITRUST CSF, Microsoft SSPA Attestation, Penetration Testing, GDPR, CCPA and more. In certain states, 360 Advanced may operate under the name of Hiestand, Brand, Loughran, P.A. to meet State Board of Accountancy requirements. To learn more about 360 Advanced, visit

For more information on compliance solutions, contact Jim Brennan at

For 360 Advanced inquiries, please contact:

Media Contact:
Eric Seward


Anna Stanley

Catherine Laws

More News