CreditRiskMonitor.com Achieves SOC 2 Type 1 Compliance

Rhea-AI Summary

CreditRiskMonitor.com (OTCQX:CRMZ) completed a SOC 2 Type I cybersecurity report covering CreditRiskMonitor, SupplyChainMonitor, and the company API as of December 5, 2025, audited by Sensiba LLP. The report evaluates controls for security, availability, and confidentiality. The company launched a Trust Center with access to security documentation and plans a SOC 2 Type II exam later in 2026 to assess operating effectiveness.

Positive

• Completed SOC 2 Type I audit for key SaaS services as of Dec 5, 2025
• Audit conducted by external firm Sensiba LLP
• Launched a Trust Center offering access to security documentation
• Planned SOC 2 Type II examination later in 2026 to demonstrate operating effectiveness

Negative

• None.

TARRYTOWN, NY / ACCESS Newswire / January 23, 2026 / CreditRiskMonitor.com, Inc. (OTCQX:CRMZ), a global provider of financial risk analytics and business intelligence, today announced the successful completion of its first System and Organization Controls (SOC) 2® Type I report for cybersecurity. This milestone underscores CreditRiskMonitor.com's dedication to ensuring data within our systems remains secure, private, and confidential through enhanced data protection and operational standards. The assessment was conducted by the audit firm Sensiba LLP.

The SOC 2® Type I report covers CreditRiskMonitor®, SupplyChainMonitor™, and CreditRiskMonitor.com's API services, evaluating controls relevant to security, availability, and confidentiality as of December 5, 2025. The Company plans to undergo a SOC 2® Type II examination to evaluate the operating effectiveness of its controls later this year, demonstrating its commitment to protecting current and prospective client data.

CreditRiskMonitor.com's newly available Trust Center provides information on our security posture and the ability to request access to our security documentation.

Created by the American Institute of Certified Public Accountants (AICPA), the SOC 2® framework evaluates a company's controls relevant to security, availability, processing integrity, confidentiality, and privacy. A SOC 2® Type I report examines the design of a business's internal controls at a specific point in time.

Overview

CreditRiskMonitor.com, Inc. (creditriskmonitor.com) sells a suite of web-based, SaaS subscription products providing access to comprehensive commercial credit reports, bankruptcy risk analytics, financial and payment information, and curated news on public and private companies worldwide. Our primary SaaS subscription products for analyzing commercial financial risk are CreditRiskMonitor® and SupplyChainMonitor™. These products help corporate credit and procurement professionals stay ahead of and manage financial risk more quickly, accurately, and cost-effectively. Our subscribers include nearly 40% of the Fortune 1000 and well over a thousand other large corporations worldwide.

To help subscribers prioritize and monitor counterparty financial risk, our SaaS platforms offer the proprietary FRISK® and PAYCE® Scores as well as the FAST Rating, the well-known Altman Z"-Score, agency ratings from key Nationally Recognized Statistical Rating Organizations ("NRSROs"), curated news, and detailed financial spreads & ratios. Our FRISK® and PAYCE® Scores are financial distress classification models that measure a business's probability of bankruptcy within a year. The FRISK® score also includes a risk signal based on the aggregate research behaviors of our subscribers, who control counterparty access to trade credit at some of the most sophisticated companies in the world. The inclusion of this risk signal boosts the overall accuracy of this bankruptcy analytic by lowering the false positive rate for the riskiest corporations.

Through its Trade Contributor Program, the Company receives monthly confidential accounts receivables data from hundreds of subscribers and non-subscribers, which it parses, processes, aggregates, and reports to summarize the invoice payment behavior of B2B counterparties without disclosing the specific contributors of this information. The size of the Trade Contributor Program's current annualized trade credit transaction data is approximately $3 trillion.

CONTACT:

CreditRiskMonitor.com, Inc.
Mike Flum, Chief Executive Officer
(845) 230-3037
ir@creditriskmonitor.com

SOURCE: CreditRiskMonitor.com, Inc.

View the original press release on ACCESS Newswire

FAQ

What did CreditRiskMonitor (CRMZ) announce on January 23, 2026 about SOC 2 compliance?

CreditRiskMonitor announced completion of a SOC 2 Type I report for its services, dated December 5, 2025, audited by Sensiba LLP.

Which CreditRiskMonitor services are covered by the SOC 2 Type I report for CRMZ?

The report covers CreditRiskMonitor, SupplyChainMonitor, and CreditRiskMonitor.com's API services.

Will CreditRiskMonitor (CRMZ) pursue further SOC 2 certification after the Type I report?

Yes; the company plans to undergo a SOC 2 Type II examination later in 2026 to evaluate controls' operating effectiveness.

How can prospective clients view CreditRiskMonitor's security posture for CRMZ?

CreditRiskMonitor launched a Trust Center that provides information on its security posture and a way to request security documentation access.

Who conducted the SOC 2 Type I assessment for CreditRiskMonitor (CRMZ)?

The SOC 2 Type I assessment was conducted by the audit firm Sensiba LLP.