Policies governing participation in Secure Broker™ certification.
Secure Broker™ is an independent certification program for brokers and ISOs in the alternative finance industry. Certification is based on verifiable safeguards applied consistently across participating organizations. Equivalent controls may be accepted when they satisfy the intent of a requirement and can be independently verified.
The program is designed for brokerages of all sizes and focuses on protecting merchant data, submission integrity, and the documents associated with them. Enrollment is voluntary.
Certification is not guaranteed. Participants must meet all program requirements. Open or pending litigation involving misuse, unauthorized sharing, or mishandling of merchant or customer data will pause the certification process. Certification status will not be granted while such matters remain outstanding.
Verification may be completed through either of the following methods:
All submissions, regardless of method, go through a final review before certification is granted.
Documents, video recordings, and other materials submitted during verification are retained on file following completion of the review process. All verification materials are stored in SOC 2–secured systems and remain accessible to participants through the Secure Broker™ portal.
Participants who prefer that submitted materials be deleted may submit a written request to Secure Broker™ at any time. Upon receipt of a valid request, the original materials will be removed and replaced with a written summary of the information that was provided. Deletion of original materials does not affect certification status, provided certification has already been granted.
This approach is intended to support both program integrity and the highest level of security and confidentiality for participant information.
Secure Broker™ treats non-public information shared during verification as confidential and uses such information solely for the purpose of conducting the verification review and administering the program.
Except as required by law, Secure Broker™ does not disclose internal materials, operational details, policies, procedures, or other non-public information obtained during verification to third parties. Access to submitted materials is limited to individuals directly involved in the verification process or program administration and only on a need-to-know basis.
Secure Broker™ does not publish internal documentation or detailed findings beyond an organization's participation status, verification status, or other limited program-related designation.
Safeguards are not required to be in place at enrollment, but must be fully implemented before verification. Verification must be completed within 90 days of enrollment. Listings may be removed if verification is not scheduled within that period, although extensions may be granted under special circumstances.
Annual program fees are based on organization size: $499 USD for brokerages with fewer than 10 salespeople, and $1,499 USD for brokerages with 10 or more salespeople. Monthly installments are available upon request. Payment must be remitted before a final review can be conducted.
No refunds are available once verification has commenced. This applies regardless of outcome, including if the participant does not pass verification or does not complete the verification process.
To support an efficient and fair review, participating organizations are expected to:
Verification depends on the accuracy and completeness of the information made available at the time of assessment. Misrepresentation of information during the verification process is grounds for immediate revocation of certification with no refund.
Digital certification badges are issued upon successful verification and remain valid for the duration of active membership. Badges may only be displayed while the organization holds active Secure Broker™ certified status.
Certification may be revoked if required safeguards are no longer maintained or if information provided during verification is found to be inaccurate. Upon revocation or lapse of certification, organizations must promptly remove all Secure Broker™ badges, marks, and references to certified status from their materials.
Secure Broker™ certification reflects alignment with program requirements at the time of review. It does not constitute:
Certification does not guarantee the prevention of data theft, unauthorized sharing, or misuse. A certification outcome reflects Secure Broker™'s determination that the participating organization demonstrated alignment with applicable program requirements based on the information available during the review period.
Secure Broker™ is designed to evolve alongside emerging regulation and compliance expectations so members can stay ahead of change. Program requirements, policies, and terms may be updated from time to time to reflect industry developments, regulatory changes, or operational improvements.
Participants will be notified of material changes in advance. Continued participation following notice of changes constitutes acceptance of updated terms.
Secure Broker™ collects information necessary to administer the certification program. This may include:
Information is collected through the following channels:
Information collected is used solely for the purpose of administering the Secure Broker™ certification program — including verification, certification status management, program communications, and billing. Information is not used for marketing, advertising, or any purpose unrelated to the program.
Secure Broker™ does not sell, share, or disclose personal or organizational information to third parties. Information is accessible only to individuals directly involved in program administration and verification, and only on a need-to-know basis. Disclosure may occur only if required by law.
Information is retained only for as long as reasonably necessary to support verification records and program administration. When information is no longer needed, it is securely deleted or destroyed.
Participants may request deletion of their personal information at any time by contacting Secure Broker™ using the information below. Requests will be processed promptly. Deletion of verification materials may affect certification status.
Under the California Consumer Privacy Act (CCPA), California residents have the right to know what personal information is collected, request its deletion, and opt out of any sale of personal information. Secure Broker™ does not sell personal information.
Secure Broker™ does not knowingly collect information from individuals under the age of 18. The program is designed for business organizations in the alternative finance industry.
The Secure Broker™ website may use essential cookies necessary for site functionality. No tracking cookies, advertising cookies, or third-party analytics cookies are used.
Questions regarding these terms, privacy practices, verification, or the handling of submitted materials may be directed to:
