Skip to main content

PayKeeper Licensing and Regulatory Compliance

PayKeeper, Inc. is a Licensed Escrow Company, and as such it engages in the control and/or disbursement of funds payable to laborers, contractors, subcontractors, material suppliers or others, for the purpose of satisfying bills incurred in construction projects. Additionally, PayKeeper manages the escrow process for various other applications and industries, in accordance with agreements between the parties.
For California residents, Paykeeper Fund Control, Inc. is licensed by the California Department of Financial Protection and Innovation, License Number 96DBO-181951.

Licensing and regulatory compliance:

  • Oversight by State regulatory entities that issue Escrow Company licenses. Requirements include but are not limited to:
    • filing of Escrow Call Reports
    • filing of Trust Fund Audit
    • Continuing Education
  • Annual GAAP corporate financial audit.
  • Surety Bonds at required minimums in accordance with each regulatory jurisdiction.
  • Liability Insurance at required minimums in accordance with each regulatory jurisdiction.

Security of Escrow Funds:

  • Escrow trust account held at JP Morgan Chase Bank, N.A. as Client Money Accounts, which carry FDIC insurance of $250,000 for each individual/entity depositing to an escrow account.

How PayKeeper Secures Your Data:

  • We are SOC 2 Type II compliant and can provide our report upon request. 
  • We use automated security and compliance tools to stay compliant by continuously monitoring our applications, employees, systems, and data to improve our security posture and to respond potential threats quickly and effectively
  • Our Application hosting and Data Center partners are ISO 27001 and SOC 2 Type 2 certified
  • Sensitive customer data is managed in controlled and audited environments that meet the rigorous standards of the American Institute of CPAs (AICPA)
  • Secure Financial Transactions:
    • We are SOC 2 Type II compliant and can provide our report upon request. 
    • We use automated security and compliance tools to stay compliant by continuously monitoring our applications, employees, systems, and data to improve our security posture and to respond potential threats quickly and effectively
    • All financial transactions are securely processed through SOC II TYPE II partners
    • We are PCI compliant and can provide our attestation upon request. PayKeeper systems never have access to or store credit card details. Cards are processed through a premium partner with PCI DSS certifications
    • Bank accounts require dual signing authority on approving and processing transactions with a full audit log of requests
  • Data is secured in transit (≥TLS 1.2) and at rest (≥256-bit AES-GCM)

Privacy:

  • Client data is never sold and is only shared when required to perform our services
  • We have Data Processing Addendums in place with our partners to comply with CCPA, CPRA and other data privacy laws and regulations
  • Employees are required to pass background checks
  • Employees receive security and privacy training
  • Employees are required to sign non-disclosure agreements
  • Strict access controls within PayKeeper applications