Trust

TRUST CENTER.

Financial institutions require more than promises. This page consolidates everything you need to evaluate NUNO Inc as a vendor — our compliance posture, security practices, data handling, and platform integrity.

Last Updated: March 20, 2026

Compliance Status

NUNO Inc is currently in the SOC 2 Type II preparation process. We are transparent about where we are in that journey. In the meantime, we provide full security documentation and compliance attestations upon request.

GLBA — Gramm-Leach-Bliley Act

NUNO Inc handles consumer financial information in alignment with GLBA Safeguards Rule requirements. Our data protection practices, access controls, encryption standards, and incident response procedures are built to meet GLBA obligations.

FFIEC — Cybersecurity Guidelines

The NUNO platform architecture is consistent with FFIEC IT Examination Handbook guidance on authentication, access rights management, network security, and service provider oversight.

CISA — Cybersecurity Framework

Our security controls are mapped to CISA's Cybersecurity Framework functions: Identify, Protect, Detect, Respond, and Recover. This alignment ensures our platform meets federal cybersecurity guidance for critical financial infrastructure.

SOC 2 Type II — In Progress

We are actively pursuing SOC 2 Type II certification. This audit validates that our security controls are operational and effective over time. Expected completion: Q4 2026.

Data Handling Principles

  • We never sell customer data to third parties
  • We never use customer data for advertising or profiling
  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Data is retained only as long as necessary to fulfill service obligations
  • Customers may request deletion of their data at any time
  • Access to customer data is restricted to authorized personnel only

Platform Integrity

What Our Platform Does

  • Detects suspicious wire instructions and transaction patterns
  • Generates automated compliance documentation for every check
  • Intercepts and routes transaction authorization requests
  • Monitors behavioral anomalies across transaction flows

What Our Platform Does Not Do

  • Does not guarantee prevention of all fraud
  • Does not make final authorization decisions without human confirmation
  • Does not store wire transfer funds or have access to financial accounts
  • Does not share analysis results with any third party

Vendor Due Diligence

We understand that financial institutions have thorough vendor management requirements. Upon request, NUNO Inc can provide:

  • Security architecture documentation
  • Penetration test results
  • GLBA compliance attestation
  • Data flow diagrams
  • Incident response policy
  • Business continuity plan

Contact us through the inquiry form on our homepage to request any of these documents.

Incident Response

In the event of a security incident affecting customer data, NUNO Inc will:

  • Notify affected customers within 72 hours of discovery
  • Provide a detailed incident report including scope, impact, and remediation
  • Cooperate fully with any regulatory notification requirements
  • Implement corrective controls and provide written confirmation of resolution

Contact

For vendor due diligence packages, compliance documentation, security questionnaires, or any trust-related inquiry, contact the NUNO Inc team directly through the homepage.