Compliance Documentation

Expensify is committed to protecting your data and maintaining transparency around our security practices.

All compliance documentation, including SOC reports and insurance certificates — is available through our Trust Center.

How to access Expensify compliance documentation

You can request and download the latest compliance documents directly from the Expensify Trust Center:

https://trust.expensify.com/

The Trust Center includes:

  • SOC 1 Type 2 Report
  • SOC 2 Type 2 Report
  • SOC 1 and SOC 2 Bridge Letter
  • Certificate of Insurance
  • W-9
  • Additional security and compliance resources

You may be asked to submit a short access request form before downloading certain documents.

How to request Expensify’s SOC 1 Type 2 Report or SOC 2 Type 2 Report

If you need a SOC report for a vendor security review or procurement process:

  1. Go to https://trust.expensify.com/
  2. Select the SOC 1 Type 2 Report or SOC 2 Type 2 Report
  3. Click Request access
  4. Complete the request form
  5. Submit the form to receive access instructions

How to get Expensify’s SOC 1 and SOC 2 Bridge Letter

The SOC bridge letter provides coverage between the end of the last audit period and the current date.

To access the bridge letter:

  1. Visit https://trust.expensify.com/
  2. Select SOC 1 and SOC 2 Bridge Letter
  3. Click Request access (if prompted)
  4. Download the document once approved

How to get Expensify’s W-9 or Certificate of Insurance

For accounting, tax setup, or vendor onboarding:

  1. Go to https://trust.expensify.com/
  2. Select W-9 or Certificate of Insurance
  3. Request or download the document

When to contact Expensify about compliance documentation

If you’re unable to access a document in the Trust Center, or if your organization requires additional documentation for a vendor security review, reach out to your Account Manager or Concierge.

Include details about:

  • The document you need
  • Your company name
  • Any required deadline

This helps us respond as quickly as possible.

FAQ

Who can access Expensify’s SOC 1 Type 2 and SOC 2 Type 2 reports?

Anyone conducting a vendor security review or procurement evaluation can request access through the Trust Center. Approval may be required before downloading.

What is the SOC bridge letter used for?

The bridge letter provides coverage between the end date of the most recent SOC audit and the present date. It confirms there have been no material changes affecting control effectiveness.

Didn't find what you were looking for?

Concierge is here to answer all your questions.
Recommend a change to this page