Client Login
Request Demo

Security & Compliance Center​

Questions, bug reports, feedback? – Our team of experts is here to help!

FundCount is designed to help funds and administrators operate confidently—while protecting sensitive data with layered security controls.

This hub summarizes our security approach and helps your team quickly find due-diligence materials.

Have a questionnaire or specific requirement? Use the request form and we’ll respond promptly.

Request documents

Use this form to request the latest security and compliance materials available (NDA may be required), such as:

  • Security overview
  • Policies summary (access, incident response, change management)
  • Subprocessor / vendor list
  • Pen test attestation / executive summary (as applicable)
  • Audit reports (if available)
This field is for validation purposes and should be left unchanged.

Contact Information

Tell us who to follow up with.
Full Name(Required)

Request Details

Help us route your request and respond faster.
Relationship to FundCount(Required)
Materials requested(Required)
Do you require an NDA before receiving documents?(Required)
Accepted file types: pdf, doc, docx, xls, xlsx, csv, txt, Max. file size: 25 MB.
Attach SIG, CAIQ, or any internal questionnaire.
Consent(Required)

We will not sell or share your information with outside parties. Privacy policy.

Security by design

Layered safeguards across access, encryption, SDLC, and operations.

Privacy & governance

Clear data handling practices, retention controls, and customer commitments.

Availability & resilience

Backups, monitoring, and recovery planning to support continuity.

Audit readiness

Documentation and evidence collection to support due diligence.

How we protect your data

Our security program is designed around defense-in-depth and least-privilege principles. Controls span people, process, and technology.

  • Identity & access: role-based access, MFA, and privileged access management practices.
  • Encryption: encryption in transit (TLS) and encryption at rest where applicable.
  • Secure development: code review, dependency hygiene, and change control.
  • Monitoring: centralized logging and alerting for anomalous behavior, implemented only with the client’s permission.
  • Vendor management: subprocessor oversight and risk review.

Note: specific control implementations may vary by environment and deployment option.

What you can expect

  • Security contact path for questionnaires and assessments
  • Evidence sharing workflow (NDA as needed)
  • Clear incident communication process
  • Support for customer security reviews
Start due-diligence request

Deployment options & data tenancy

Different firms require different operating models. FundCount supports multiple deployment approaches so you can align hosting and access to your internal policy and client requirements.

 

Deployment model Best for Notes to confirm in due diligence
On‑premises Firms requiring local control and strict network policies Identity, remote access, backup/restore, patching ownership
Private/public cloud Cloud flexibility with infrastructure alignment Network segmentation, logging, key management, operational roles
Managed/hosted Operational support + monitoring DR architecture, monitoring scope, incident workflow, support model

Core controls (example areas)​

Access controls

  • Role-based permissions aligned to job function
  • MFA and password policies
  • Joiner/mover/leaver processes
  • Single Sign-On (SSO) integration available as an option for centralized identity and access management 

Encryption & key management

  • TLS for data in transit
  • Encryption at rest where applicable

Operational security

  • Logging and alerting
  • Secure configuration baselines

Business continuity

  • Backups and recovery procedures
  • Resilience planning and testing cadence
  • Incident response playbooks
Start due-diligence request

Due‑diligence resources​

Security reviews move faster when everyone is aligned on the same set of materials. Common requests include:

  • Security overview deck
  • Data flow / hosting overview
  • Incident response summary
  • BC/DR summary
  • Subprocessors list
  • Pen test summary (as applicable)

If you have your own questionnaire (SIG, CAIQ, etc.), attach it in the request form or mention it in the message field.

Start due-diligence request

Send a request and our team will follow up with the latest materials available (NDA as required).

Frequently asked questions

Do you support SSO / MFA?

We can support authentication requirements such as MFA and SSO depending on your configuration and plan. Share your requirement in the request form and we’ll confirm the best approach.

Where is data hosted?

Hosting and data residency may vary by deployment option. We can provide an architecture overview and clarify subprocessor roles upon request.

How do you handle incidents?

We maintain an incident response process with defined escalation paths and communication practices. We can share an incident response summary under NDA where required.

Can you complete our security questionnaire?

Yes. Send your questionnaire (SIG, CAIQ, custom) through the request form, and our team will coordinate completion.

Ready to evaluate FundCount with confidence?

We can walk through our security approach, help with questionnaires, and provide documentation to support your review.

Book a security call