ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

SOC-2

The AICPA Trust Services audit — a must-have for US B2B SaaS.

Definition

Two types: SOC 2 Type I (snapshot of a control at a moment in time) and SOC 2 Type II (observation over 6-12 months). Trust Services Criteria: Security (mandatory), Availability, Processing Integrity, Confidentiality, Privacy (optional). AICPA-certified auditor. For a cloud EDI SaaS, SOC 2 Type II Availability + Confidentiality is typically required.

Origin

Introduced by AICPA in 2010, updated 2017 (Trust Services Criteria revision).

Example in context

An AS2 SaaS publishing its annual SOC 2 Type II report under NDA to enterprise prospects.

Last updated: May 14, 2026