Getting a complete picture of a consumer’s finances requires significant engineering time and resources, and every new data source presents its own unique set of challenges. At the same time, millions of Americans are financially underserved, simply because their data is not recognized by the traditional financial system.

A SOC 2 report was crucial for Pave. As they began building their solution, they knew they needed security and compliance to shape their organization. In interacting with their end-user’s most sensitive data, there’s a critical amount of trust Pave customers must have. Pave knew they needed a solution that could provide thoughtful security and compliance insight. ‘Check-the-box’ solutions wouldn’t fit the bill. They turned to Thoropass to help build a high-quality compliance program that would develop trust and power their growth.


Pave’s assigned compliance architect helped them minimize complexity, move through guided workflows, and answer tough compliance challenges. He provided the team with compliance insights along the way and helped Pave approach security as a core function of their business — understanding how to shape procedures with compliance in mind.

“Our compliance architect was equally invested as us in getting our report. He would shoot me an email unprompted about something related to our conversation he was thinking about. The level of quality is just such a valuable resource.”

Head of Business Operations [ Pave ]

In 5 weeks, the Pave team was ready to begin their audit process.

Thoropass made it easy for Pave to understand the value behind each control. Instead of recommending controls that were too costly or unrelated, Thoropass’s customized controls helped Pave understand the purpose behind each control and identify an alternative that makes sense for their current stage.hey

“It took us roughly 5 weeks from when we first started implementing controls to entering the audit kickoff meeting. We would have weekly check-ins with our Compliance Architect where we check off boxes and work with our engineer team to understand what needs to be done. Our architect was there for us the whole way through to make sure we were on track.”

Head of Business Operations [ Pave ]


Security Audit Experience
Pave worked with Thoropass to complete their audit. During the audit process, any request that came from the auditor was first passed through our Compliance Architect and then to the Pave team if necessary. In just 1 week, Thoropass was able to review, process, and draft a report.

“Our Compliance Architect felt like a member of our company. Once in audit, he was really that first line of defense between us and the auditor. He was so on it that he would only come to us with very targeted tasks so we would know what exactly we needed to provide.”, said Jack Tannenbaum.

5 weeks

To Audit Kickoff





Company size



United States