Why You Should Care
As technological solutions become more a part of dealer and auto lender operations, EFG took the proactive step in 2019 to achieve the Service Organization Control 2 (SOC 2) Certification under the Statement of Standards for Attestation Engagements 18 (SSAE 18) guidelines from the American Institute of Certified Public Accountants (AICPA). SSAE 18 is the most widely-recognized standard providing companies with a method for reporting information about the design and operation of internal systems and controls relating to privacy and security regulations. SOC 2 reports evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality and privacy.
Dealers work with a significant amount of consumer confidential information, including social security numbers, pay stubs, utility bills and more. In addition, the majority of dealers in the U.S. have migrated web-based platforms for conducting business, especially with regards to credit applications. Data security is mission critical to successfully conducting business in today’s market.
The SSAE 18 certification demonstrates to clients and contract holders that EFG has the necessary processes in place to ensure that personal and confidential information is more secure than almost any other product provider. With the amount of confidential consumer information collected in the retail automotive industry, data security is mission critical to successfully conducting business going forward.
Several years ago, EFG took proactive steps to secure its own data and achieved SSAE 16 certification in 2016. Since then, EFG continued its efforts to further augment the company’s security measures, investing close to a quarter of a million dollars annually on security enhancements, and achieving SSAE 18 certification in December, 2019.