Collect
Client intake — one link, no portal.
Connect
Auto-extract into UltraTax, Lacerte, Drake.
Deliver
8879 e-sign + Stripe in one close.
About Soraban
Who we are and why we build.
Life at Soraban
Team, culture, and open roles.
Careers
Open roles and working at Soraban.
Integrations
Security
Firm Stories
How firms use Soraban in practice.
Blog
Insights from the Soraban team.
Log InRequest a Demo
SECURITY & COMPLIANCE

Built for firms that handle sensitive client data.

Tax data is among the most sensitive financial information in existence. Soraban's infrastructure is designed around that fact — not bolted on afterward.

Request a demo

SOC 2

Type II certified — independently audited every year

NIST

IAL2 identity verification for IRS 8879 e-signatures

0

client documents retained after the defined retention period

SECURITY CONTROLS

Safe and secure by design.

Built using the most reliable infrastructure for handling sensitive financial data — with controls that go beyond the basics.

SOC 2 Type II Certified

Annual third-party audits verify controls across availability, confidentiality, and data integrity. Firm and account data independently confirmed.

Secure Password & MFA Policies

Multi-factor authentication and strong password enforcement protect firm accounts against unauthorized access.

Robust Logging & Audit Trails

Every action is logged with a complete audit trail. Full visibility into data access and changes for integrity verification.

Secure Cloud Infrastructure

Partnered with best-in-class cloud providers with enterprise-grade security, redundancy, and uptime guarantees.

Battle-Tested DDoS Protection

Firewall rules and traffic filtering protect the platform against distributed denial-of-service attacks and malicious traffic.

Ongoing Updates & Rapid Response

Systems are continuously patched and updated. Security vulnerabilities addressed rapidly to keep client data protected.

Your data is never used for model training.

Soraban's AI tools operate on your client data to do their job — and nothing else. Client documents, extracted fields, and firm information are not used to train models, improve third-party systems, or shared with any external AI provider for learning purposes.

No third-party trainingNo data resaleSOC 2 audited
COMPLIANCE

Meeting the standards tax firms require.

AICPA SOC 2 TYPE II

Security, Confidentiality & Availability
Soraban is compliant with AICPA SOC 2 to ensure Security, Confidentiality, and Availability controls align with Trust Service Criteria. Annual independent audits confirm that controls are operating effectively.

IRS-COMPLIANT E-SIGNATURE

Form 8879 — Legally Binding
IRS 8879 signature collection meets all requirements for identity verification at NIST IAL2 level. Legally binding, audit trail backed — no paper required. Every signature is timestamped and verifiable.

DATA RETENTION POLICY

No Data Retained Beyond the Season
Client documents are purged on a defined retention schedule. You control the timeline. Tax data doesn't sit in a third-party system indefinitely — it goes away when it should.

ENCRYPTION

Data Encrypted In Transit & At Rest
All client data is encrypted using TLS 1.2+ in transit and AES-256 at rest. Documents, extracted fields, and firm credentials never travel or sit in plaintext.
Soraban's Responsible Disclosure Policy →
GET STARTED

Security you can show your clients. Compliance you can count on.

See how Soraban handles client data — before you commit to anything. Under 30 days to your first live season.