Architectural columns

A disciplined focus
on compliance,
risk management
and controls is
essential to our
shared success

Trusted Framework for
Regulatory Compliance

Our compliance management program ensures adherence to fair lending and consumer protection laws, including ECOA (Reg B), FCRA, UDAAP, and key legal, ethical, and regulatory standards like permissible purpose, true lender, and true sale. The program includes strong governance, clear policies and procedures, regular employee training, monitoring, and testing, all while fostering a culture of compliance across the organization. We operate with banks regulated by the Federal Reserve Board, OCC, and FDIC.

Architectural columns
Architectural columns
Architectural columns
Architectural columns
Architectural columns

¹ The logos above are owned by the U.S. government and the respective agencies. Their use is not intended as an endorsement by any of these agencies.

Compliance, Safety and Soundness

Fair Lending

Fair Lending

Pagaya maintains a robust Fair Lending program to ensure compliance with consumer protection laws like ECOA (Regulation B) and the Fair Housing Act. The program includes policies, employee training, internal monitoring and independent testing.

Fair Lending

Enterprise Risk Management

Pagaya's risk & control standards are designed for effective management of various categories of risk and with prudent focus on safety, soundness, and reputation.

Fair Lending

Data Security

Pagaya's data security program includes a comprehensive set of security controls covering data collection, processing, and retention. Data is encrypted at-rest and in-transit, access control privileges are strictly enforced, and compliance and retention practices are continuously reviewed and audited by a third party.

Fair Lending

Cyber Security

Pagaya has a comprehensive cybersecurity program that follows Zero Trust and Defense-in-Depth principles. It features 24/7 monitoring, cross-technology security controls, and adherence to compliance and regulatory standards. Pagaya is certified for SOC 2 Type II, ISO/IEC 27001:2022, ISO/IEC 27017:2015 (Cloud Security), and ISO/IEC 27018:2019 (Privacy in Cloud).

We value your privacy

We use cookies to enhance your browsing experience. By clicking "Accept", you consent our use of cookies. Cookie Policy

Ready to learn more? Let's chat.

Our sales team responds to new business inquiries within 2 business days.

Thank you!
We will be in touch shortly.

Sorry—we’re not able to process your request.

Reach out via email:info@pagaya.com