Manifest is now SOC 2 Type II certified.
Trust has always been something we build—not something we assume. From day one, we’ve treated security, accountability, and operational discipline as core infrastructure, not afterthoughts.
Now, as we deepen our relationships with financial institutions and scale the infrastructure behind modern retirement savings, SOC 2 Type II is simply one more signal that we’re ready for what comes next. It validates the systems and practices we’ve already built—and reinforces the standard we hold ourselves to as we grow.
Why It Matters (Especially in Fintech)
Compliance and credibility aren't optional when you’re building infrastructure to move and manage people’s retirement savings. Every integration, workflow, and data touchpoint has to reflect the care and discipline our partners expect—and our users deserve.
SOC 2 Type II affirms that we meet the industry’s highest security, reliability, and process maturity standards. It’s a clear benchmark for the trust we’ve already earned and the partnerships we’re ready to scale.
How We Got Here
We partnered with Vanta to streamline evidence collection and maintain visibility across our AWS-based infrastructure. From access controls and alerting to policy documentation and vendor reviews, we’ve built real, repeatable, and scalable security practices.
Getting here required cross-functional focus—not just from engineering, but across product, ops, and leadership. Instead of treating compliance as a project, we treated it like a product: iterative, precise, and always improving.
What’s Next
SOC 2 isn’t a badge—it’s a foundation. We’re building Manifest to support a growing ecosystem of partners, custodians, and recordkeepers. This milestone helps clear the path ahead but doesn’t change our north star: creating seamless, secure, participant-first retirement experiences at scale.
We’re just getting started.
