Sphere Achieves SOC 2 Type II Certification

Sphere Achieves SOC 2 Type II Certification

Sphere has successfully completed its SOC 2 Type II audit, validating the effectiveness of our security, availability, and confidentiality controls over an extended review period.

This certification reflects Sphere’s ongoing commitment to building reliable, secure, and compliant financial infrastructure for businesses operating in regulated environments.

What SOC 2 Type II Means

SOC 2 Type II is an independent audit that evaluates not only the design of an organization’s controls, but also their operational effectiveness over time.

Unlike a point-in-time assessment, a Type II report demonstrates that controls are consistently implemented and monitored throughout the audit period.

For Sphere’s customers and partners, this provides assurance that our security and compliance practices are not aspirational, but operational.

Scope of the Certification

The SOC 2 Type II audit assessed Sphere’s systems, processes, and controls across key trust principles, including:

• Security
• Availability
• Confidentiality

These controls apply to the infrastructure and services that support Sphere’s platform and APIs.

Security and Compliance by Design

Security and compliance are foundational to how Sphere builds and operates its platform.

Our approach includes:

• Comprehensive access controls and monitoring
• Secure development and change management practices
• Continuous risk assessment and incident response procedures
• Ongoing third-party and vendor risk management

These practices are designed to meet the expectations of enterprise customers, regulated partners, and financial institutions.

Supporting Regulated Use Cases

Sphere works closely with regulated partners and operates within applicable regulatory frameworks across supported jurisdictions.

SOC 2 Type II certification complements this approach by providing third-party validation of the controls that underpin Sphere’s platform, helping customers and partners meet their own internal compliance and procurement requirements.

Continuous Improvement

SOC 2 compliance is not a one-time milestone. Sphere maintains an ongoing program of control monitoring, testing, and improvement to ensure our security posture evolves alongside our platform and the regulatory landscape.

We will continue to invest in security, compliance, and operational resilience as we scale.

Learn More

Customers and partners with security or compliance questions can contact the Sphere team or visit our Trust Center for additional documentation and information.

Sphere remains committed to building secure, transparent, and trustworthy financial infrastructure.

‍