1. Resource Library

Versapay Completes SOC1 and SOC2 Compliance Audits for Service Providers

Published on 4 min read

Toronto, ON – May 17, 2016 – Versapay Corporation (TSXV: VPY) (“Versapay” or the “Company”), a leading provider of cloud-based invoicing, accounts receivable management and payment solutions, is pleased to announce that it has successfully completed both a Service Organization Control 1 Audit (SOC1) and an Service Organization Control 2 Audit (SOC2), as it continues to expand its compliance regime as a SaaS provider of accounts receivable automation. This provides an additional level of assurance to Versapay customers that the Company proactively strives to exceed industry standards for security.

“We are pleased to have completed our Service Organization Control 1 and 2 audits - which, in combination with our annual PCI Level 1 Service Provider compliance, advances our security and compliance regime to further align VersaPay with the Cloud Security Alliance STAR Certification requirements,” commented Kevin Short, CIO of VersaPay.

SOC 1 and SOC 2 were created by AICPA and are designed for service organizations like Versapay to provide their customers proof that their service providers are meeting industry standards for security and operational controls, and have been audited by independent external auditors.

  • SOC 1 (SSAE 16) is a report on internal controls over financial reporting and testing of their operating effectiveness.
  • SOC 2 (AT 101) reports on controls relevant to security, availability, processing integrity and confidentiality of the service providers’ offering and testing of their operating effectiveness.

Cloud Security Alliance STAR Certification was designed to define best practices to help ensure a secure cloud computing environment. STAR consists of three levels of assurance, which are mapped to industry leading standards. Members include: Salesforce, Box.com, Microsoft, Amazon, Google, Cisco, EMC Adobe and many more service providers.


The American Institute of CPAs is the world’s largest member association representing the accounting profession, with more than 412,000 members in 144 countries, and a history of serving the public interest since 1887. AICPA members represent many areas of practice, including business and industry, public practice, government, education and consulting.

The AICPA sets ethical standards for the profession and U.S. auditing standards for private companies, nonprofit organizations, federal, state and local governments. It develops and grades the Uniform CPA Examination, and offers specialty credentials for CPAs who concentrate on personal financial planning; forensic accounting; business valuation; and information management and technology assurance. Through a joint venture with the Chartered Institute of Management Accountants, it has established the Chartered Global Management Accountant designation, which sets a new standard for global recognition of management accounting.

About Versapay

Versapay is a leading cloud-based invoice presentment and payment provider for businesses of all sizes. Versapay’s ARC software-as-a-service offering allows businesses to easily deliver customized electronic invoices to their customers, to accept credit card and EFT payments and automatically reconcile payments to their ERP and accounting software. Versapay is headquartered in Toronto, Canada and also has operations in Montreal.

Forward-looking and other cautionary statements

This news release contains “forward-looking information” which may include, but is not limited to, statements with respect to the activities, events or developments that the Company expects or anticipates will or may occur in the future. Such forward-looking information is often, but not always, identified by the use of words and phrases such as “plans,” “expects,” “is expected,” “budget,” “scheduled,” “estimates,” “forecasts,” “intends,” “anticipates,” or “believes” or variations (including negative variations) of such words and phrases, or state that certain actions, events or results “may,” “could,” “would,” “might” or “will” be taken, occur or be achieved.

These forward-looking statements, and any assumptions upon which they are based, are made in good faith and reflect our current judgment regarding the direction of our business. Management believes that these assumptions are reasonable. Forward-looking information involves known and unknown risks, uncertainties and other factors which may cause the actual results, performance or achievements of the Company to be materially different from any future results, performance or achievements expressed or implied by the forward-looking information. Such factors include, among others, risks related to the speculative nature of the Company’s business, the Company’s formative stage of development and the Company’s financial position.

Forward-looking statements contained herein are made as of the date of this news release and the Company disclaims any obligation to update any forward-looking statements, whether as a result of new information, future events or results, except as may be required by applicable securities laws. There can be no assurance that forward-looking information will prove to be accurate, as actual results and future events could differ materially from those anticipated in such statements. Accordingly, readers should not place undue reliance on forward-looking information.

Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

Always stay up-to-date

Join the 50,000 accounts receivable professionals already getting our insights, best practices, and stories every month