# SOC 2 Compliance

Treza is designed to handle sensitive tasks — from delegated key access to autonomous execution — which is why security, privacy, and operational integrity are core to our infrastructure. As part of our long-term commitment to enterprise-grade trust, we are actively working toward **SOC 2 compliance**.

***

### What is SOC 2?

SOC 2 (System and Organization Controls 2) is a leading security and compliance framework developed by the American Institute of CPAs (AICPA). It assesses how a service provider handles customer data across five key trust principles:

* **Security**
* **Availability**
* **Processing Integrity**
* **Confidentiality**
* **Privacy**

***

### Our Path to Compliance

* **Status:** SOC 2 Type I process initiated
* **Partner:** Currently finalizing with a third-party auditor
* **Scope:** Treza's execution infrastructure, agent access systems, key management protocols, and monitoring services
* **Timeline:** Aiming to complete Type I certification prior to public rollout of enterprise and institutional features
* **Type II Assessment:** Scheduled for post-launch operational maturity (ongoing control verification)

***

### Transparency Commitment

Once certification is complete, we will:

* Publish a summary report and audit letter
* Share documentation on security practices for enterprise users
* Update this page with status and compliance updates

***

> Autonomous agents need secure foundations. SOC 2 is a key step in scaling Treza to support institutional-grade use cases across crypto, finance, and beyond.