How Belvo stays ISO 27001 compliant and continuously monitored with Vanta

Brazil and Spain
A group of people sitting around a table with laptops.
Improved visibility

Constant, real-time monitoring of all its information management systems

Enhanced collaboration

Policy templates allow access to other standards

Continuous monitoring

AWS integration for security controls

You want to be compliant every day, not just once a year. Vanta helps you achieve this without slowing your business down.

Giuseppe Ciotta
VP of Engineering | Belvo
The Company

Accelerating financial freedom in Latin America

Belvo powers the next generation of financial services in Latin America through technology and data. Belvo allows users to instantly access and enrich all financial data from multiple accounts through a single platform in order to better understand and serve your customers.

As a fintech company, Belvo prioritizes security at the center of all the company’s operations. The goal of Belvo is to allow access to your financial data no matter where it is. Belvo has created the technology infrastructure so that you can access data, interpret it, and incorporate it into your business to offer better services and products. With this open flexibility, Belvo understands the importance of protecting customer data.

The Challenge

Scaling sales and proving security 

Belvo was growing rapidly in 2020 and had started conversations with large clients and regulated entities as they started to scale. Prospective customers have compliance requirements within Latin America. ISO 27001 is the most widely accepted standard in the region and Belvo was getting asked more often about their ISO compliance status.

In order to get ahead of the security conversation with stakeholders, Belvo started the ISO 27001 certification process. 

The Solution

Prioritizing AWS integration and continuous monitoring

Being a deeply technical company, Belvo wanted to look for a solution that would simplify this process by automating their compliance management system. At the same time, they were deeply concerned with trying to avoid “point-in-time” compliance in favor of continuous monitoring.

Vanta provided a clear path toward compliance through its platform and customer success programs. Vanta’s deep integration with AWS was the standout feature compared to other vendors in the space. The integrated approach to security controls and the ability to do asset management across workstations, laptops, and servers provided the best unified solution for continuous compliance.


The Impact

Growing compliance beyond the audit

Vanta’s product expansion has scaled with Belvo to be the one-tool solution that solves various compliance use cases. Having built their security framework with Vanta’s policy templates, Belvo is able to leverage existing controls to pursue additional frameworks like GDPR and PCI DSS. 

The reduced time to achieve these certifications, while providing real time risk notifications to maintain compliance, has set Belvo apart from their competition and reduces the RFP process in new deals. Vanta is used daily across technical and HR teams to ensure Belvo remains compliant beyond the audit.

Obtaining ISO 27001 recognizes that our privacy and security practices conform to the highest international standards. This certification adds to all the efforts we have been making since the creation of Belvo and raises the bar in everything we do.

Giuseppe Ciotta
VP of Engineering | Belvo
Giuseppe Ciotta
VP of Engineering | Belvo

Get compliant and
build trust, fast.

Se mettre en conformité et instaurer la confiance, rapidement.

Two wind turbines on a white background.