Trust Center

Security and compliance, built into the lending stack.

Banks, platforms, and brokers trust Loanspark to move sensitive borrower and partner data. We hold ourselves to a SOC 2 Type II standard, monitor our controls continuously, and publish our security posture for review — so your diligence team can move quickly.

Security you can verify, not just trust.

Independently audited and continuously monitored.

01

Independently audited and monitored

SOC 2 Type II — audited by an independent firm and continuously monitored via Vanta, with our live posture published on the Trust Center.

02

Encrypted and access-controlled

Customer data encrypted in transit and at rest, with MFA-enforced, least-privilege access to all production systems.

03

Private by default — never sold

We never sell personal information. Data is handled under least-privilege, role-based controls across every environment we operate.

Built for your review

Security and compliance for the people who vet us.

Whether you run vendor risk for a bank or you're integrating our API, the answers you need are here — and verifiable on our live Trust Center, not just described on a page.

Checkmark icon
Diligence-ready by design
For risk & compliance: Active lending licenses across 47 states, a SOC 2 Type II report available under NDA, board-level security oversight, annual risk assessments, and documented policies — everything your vendor-review checklist asks for, in one place.
Checkmark icon
Controls your team can verify
For engineering & security: Encryption in transit and at rest, MFA-enforced least-privilege access, intrusion detection, a formal development lifecycle, and continuous control monitoring — published live through our Trust Center.
Company & licensing

Licensed, examined, and accountable.

Loanspark, LLC is a financial technology company supporting commercial and business-purpose lending programs through licensed capital providers and financial institutions. Loanspark does not operate as a consumer retail lender.

NMLS
NMLS ID

2260965

Lender status
Lender status

Equal Opportunity Lender (business-purpose and commercial credit)

Coverage
Coverage

Licensed in 47 U.S. states

State license
State license

California Finance Law Broker License #60DBO-155057

Certification
Certification

SDO-certified organization

Infrastructure
Infrastructure

Hosted on DigitalOcean, U.S.-based cloud infrastructure

Security program

A documented program, monitored continuously.

Our controls span infrastructure, product, organizational, and internal procedures — independently audited to a SOC 2 Type II standard and continuously monitored. A representative set is shown below; the full, live list is on our Trust Center.

Infrastructure security

Checkmark icon
Production database, network, and application access restricted to authorized users with a business need
Checkmark icon
Unique authentication enforced via credentials and SSH keys
Checkmark icon
Encryption-key access restricted to a documented business need
Checkmark icon
Remote access requires MFA over approved encrypted connections
Checkmark icon
Intrusion detection with continuous network monitoring

Product security

Checkmark icon
Sensitive customer data encrypted at rest
Checkmark icon
Confidential data encrypted in transit over public networks
Checkmark icon
Annual control self-assessments with SLA-bound remediation
Checkmark icon
Formal development lifecycle (SDLC) governing all changes

Organizational security

Checkmark icon
Anti-malware deployed, updated, and logged across systems
Checkmark icon
Mobile device management (MDM) on company devices
Checkmark icon
Portable and removable media encrypted
Checkmark icon
Visitor and physical-access procedures enforced

Internal procedures & governance

Checkmark icon
Annual risk assessments, including fraud risk
Checkmark icon
Board-level security oversight with a documented charter
Checkmark icon
Data-center access reviewed at least annually
Checkmark icon
Cybersecurity insurance maintained

See every control and its current status on the live Trust Center →

Your data is protected — and never sold.

We do not sell personal information. Data is encrypted in transit and at rest, access follows least-privilege and role-based controls, and systems are continuously monitored. These protections apply across every environment we operate - and all personnel complete security-awareness training.

Data protection illustration: shield and lock over an encrypted data motif, brand blue on pale blue
Diligence pack

Everything you need to complete your review.

Documentation for vendor onboarding, security review, and procurement. Need something specific? Email security@loanspark.com.

SOC 2 Type II report

Independently audited report and live control status, available via our Trust Center.

View on Trust Center →

Live Trust Center

Real-time control status and security posture, monitored via Vanta.

Open Trust Center →

Privacy Policy

How we collect, use, and protect personal and business information.

Read Privacy Policy →

Terms of Use

Terms governing access to and use of the Loanspark platform.

Read Terms of Use →

Cookie Policy

How cookies and similar technologies are used across our properties.

Read Cookie Policy →

Subprocessor list

Current data sub-processors for partner integrations, available on request.

Have a security or compliance question?

Our security team supports vendor reviews, due diligence, and procurement. Tell us what you need for your review and we'll get it to you.