Fintech, ~800 employees

Three weeks cut from external-audit preparation at a European fintech

Customer's SOC 2 Type II audit preparation reduced by three weeks year-on-year after migrating to GetCheckmark's continuous-evidence mode.

The customer is a European fintech operating across three jurisdictions, regulated under DORA from 2025 onward. Their SOC 2 Type II audit is a contractual requirement for several enterprise customers and a critical input to their procurement-cycle conversations.

Pre-migration, the customer's annual SOC 2 audit preparation involved approximately six weeks of GRC-team effort each year, with two weeks of that effort consumed by translating the previous platform's reporting into the auditor's expected work-paper format.

Post-migration to GetCheckmark, the continuous-evidence mode produced a structured evidence trail throughout the audit period, with the standard reporting already in the auditor's expected format. The annual preparation effort dropped to three weeks; the two weeks of translation work eliminated entirely.

Year-two impact will compound as the auditor now relies on the continuous-evidence trail rather than the point-in-time evidence sampling, further reducing audit interview time.

Customer's GRC director publicly cited GetCheckmark in their year-end compliance review as the platform change that had the highest return on the GRC function's time investment.

Outcome

Three weeks of GRC-team time saved annually; SOC 2 Type II audit passed with no exceptions; ongoing two-year platform contract.