So, what does that really mean? If a company provides services to publicly-traded companies registered with the Securities and Exchange Commission (SEC), they need to produce an “Independent Service Auditor’s Report on a Description of a Service Organization’s System and the Suitability of the Design of Controls” in accordance with the American Institute of Certified Public Accountants (AICPA). Did you get all that? Those of us that speak in simple English refer to it as SSAE 16 & ISAE-3402 assessments.
So what’s the point of a company going through these assessments if they don’t directly benefit them? Think about what happens when a publicly traded company exerts poor control over the accuracy of their financial statements? Enron happens. Not only Enron, but other horrors you may remember from accounting scandal reporting. A service provider can choose to undertake its own SSAE 16/ISAE-3402 assessment, and then simply provide a copy of the SSAE 16 auditor’s report to any of their customer’s auditors who request it. Because it’s an “auditor-to-auditor” report, a customer’s auditors can rely on the report to verify the quality of your company’s controls, without having to assess them directly.
I invite you to read our press release that discusses the above information more in depth and shows how Beeline is working hard at keeping our client’s first, with becoming one of the first in the industry to become dual compliant.