In years past, the SAS 70 audit supported CPAs in reporting on controls at service organizations, such as transfer agents, that had an impact on the financial statements of user entities. But reporting on a cloud hosting provider’s practices and how they impacted user data security, on the other hand, was insufficient. Despite the fact that it was always of ambiguous value, SAS 70 was the norm for transfer agents until 2011.
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) and the Service Organization Controls (SOC) framework were created by the American Institute of Certified Public Accountants (AICPA) in response to this situation. SAS 70 was replaced as the standard for service firms, such as transfer agents and investor services providers, by this framework. SSAE No. 18 replaced SSAE 16 on May 1, 2017, and it became effective for service auditor reports on transfer agents issued after that date. SSAE 19 took the place of SSAE 18 on July 15, 2021.
SSAE 19 auditing standards are used to examine Phoenix American transfer agent services. The SSAE 19 audit focuses on service organization controls that are crucial to an audit of the financial statements a user entity such as a transfer agent. This standard now governs SOC reports for transfer agents and investor services organizations. The standard establishes that the controls and processes of a transfer agent are adequate.
The AICPA introduced SOC 1, SOC 2, and SOC 3 to suit the needs of service firms that previously relied on the SAS 70, such as transfer agents. All of these reports are overseen by an impartial third-party auditor.
Phoenix American maintains a SOC 1, Type II certification report for all transfer agent service processes. According to the AICPA, SOC 1 is an examination of transfer agent processes by a service auditor, a CPA, in accordance with the SSAE 19 standard on controls at a service organization, such as a transfer agent/investment services firm. The Phoenix American SOC 1 report is only available to current transfer agent clients (not potential or future clients) and their auditors.
A prestigious international accounting firm analyzes the design and efficacy of Phoenix American’s transfer agent controls on a yearly basis. In the creation and deployment of our service and control environment, we adhere to the transfer agent industry’s best practices. The report reassures Phoenix American transfer agent clients and the alternative investing community at large that the company has appropriately disclosed its transfer agent service controls and that they are in place and performing effectively to satisfy transfer agent client goals.
Alternative investment fund sponsors and their investors are increasingly requesting a successful SOC I, Type II examination of transfer agent service providers to meet their operational due diligence standards. Phoenix American has received an unqualified grade on our transfer agent control environment for the past fifteen years. This record attests to our transfer agent service offering’s world-class service levels and innovative technology, as well as the robustness of our transfer agent service controls.