Trust infrastructure built for regulated markets
Compliance-first architecture designed for institutional partners. Self-service due diligence, continuous monitoring, and examiner-ready documentation available on demand. We built the regulatory infrastructure first; the APIs followed.
Last updated: February 14, 2026
Select your role for a tailored view of our trust documentation.
Compliance and Certification Status
Current compliance posture across certifications, attestations, and regulatory alignments.
SOC 2 Type II
Third-party audit of security, availability, and confidentiality controls covering the Aaim lending platform. Using Drata for continuous compliance monitoring and automated evidence collection. Audit window targeting Q2 2026 completion.
certificationTrue Lender Architecture
Structural separation between technology provider and lender satisfying all six state-level True Lender statutory frameworks (California, Colorado, Illinois, Maryland, New Jersey, West Virginia) and common law tests in remaining 44 states. The institution makes all credit decisions, owns all loans, and bears all credit risk.
attestationUCC Perfection Engine
50-state UCC-1 filing automation with jurisdiction determination, debtor name validation, and collateral description generation. Control agreement workflows for UCC Article 8 securities and Article 12 digital assets. Continuation tracking with automated reminders before 5-year expiration.
attestationFFIEC IT Handbook Alignment
Security and operational controls aligned with FFIEC IT Examination Handbook guidance for technology service providers serving financial institutions. Comprehensive risk assessment documentation and control mapping available for examiner review.
certificationBSA/AML Compliance Support
Platform supports institutional BSA/AML compliance through comprehensive audit trails, transaction reporting capabilities, and sanctions screening integration. The partner institution maintains all BSA/AML program responsibility; Aaim provides compliant infrastructure and documentation.
attestationOCC Model Risk Management
Valuation methodology documented per OCC Bulletin 2011-12 requirements with complete model documentation, independent validation framework, and governance structure. Every assessment includes confidence scores, data sources, and full audit trail.
attestationAt a Glance
Trust Center Sections
Security
Encryption, access controls, infrastructure hardening, and penetration testing.
Compliance
SOC 2, FFIEC, BSA/AML, True Lender, and regulatory framework alignment.
Privacy
Data handling, retention, CCPA/GLBA compliance, and privacy-by-design architecture.
Infrastructure
Cloud architecture, redundancy, disaster recovery, and uptime guarantees.
Partners
Technology partners, integration security, and vendor management practices.
Quantum Verify
Identity verification, KYC/AML screening, and document authentication.
Documents
Compliance documentation, audit reports, and examiner support materials.
Incidents
Incident response history, transparency timeline, and status reporting.
Request compliance documentation
For due diligence packages, audit reports, examiner support materials, or vendor risk questionnaire responses, contact our compliance team. Documentation is available under NDA for qualified institutional prospects.