• Home
  • Compliance & Security

Compliance & Security


Are You Sensitive?

You may not be, but your customer information is. EFG has you covered.



Dedication to Ongoing Security Compliance

Dealers work with a significant amount of consumer confidential information, including social security numbers, pay stubs, utility bills and more. In addition, the majority of dealers in the U.S. have migrated to web-based platforms for conducting business, especially with regards to credit applications. Data security is mission critical to successfully conducting business in today’s market.

It is for this reason that EFG has spent more than $5 million in technology and security enhancements over the last five years. Along with ongoing testing and optimization, employees undergo intensive security awareness training to keep them up to speed on the latest developments in cyber criminal methodology. Our investment in security compliance demonstrates that EFG has the necessary processes in place to ensure the security of its clients’ and contract holders’ personal and confidential information.


Certified and Compliant

As technological solutions become more a part of dealer and auto lender operations, EFG took the proactive steps to achieve both Service Organization Control (SOC) 1 and SOC 2 certifications. The company has also achieved Payment Card Industry Data Security Standard (PCI DSS) and New York Codes Rules and Regulations (NYCRR) compliance.

Administered by the American Institute of Certified Public Accountants under the Statement of Standards for Attestation Engagements (SSAE), the SOC 1 and SOC 2 certifications are the most widely-recognized standard providing companies with a method for reporting information about the design and operation of internal systems and controls relating to privacy and security regulations.

PCI DSS is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. 

NYCRR is a cybersecurity framework that demonstrates that EFG complies with all cybersecurity regulations implemented within one of the most influential states in the U.S. financial sector, the state of New York.


Protecting Your PII

EFG is ahead of the curve on data security initiatives to protect Personally Identifiable Information (PII). Lead by our internal Security Analytics Expert, EFG undergoes rigorous, yearly penetration and vulnerability testing to ensure your client data is safe. 


Infrastructure Redundancy

EFG’s internal information technology resources enable us to be nimble in providing 24/7 support for your business. With co-located servers, redundant back-ups, and ongoing infrastructure updates, we work to ensure that our systems stay up and operable to keep your business running.


Security Awareness

You take the security of your customer’s private information seriously. That’s why you’ve implemented stringent safeguards in your own dealership or lending institution. But, just how secure are you? Take our quiz to see your security awareness score.