SOC 1 Type II
An independent examination of the controls relevant to your internal control over financial reporting (ICFR), for the AI Accounting Platform system.
Last updated: 10-07-2026
SOC 1 Type II reports address controls at a service organization that are likely to be relevant to a user entity's own internal control over financial reporting. It's the standard your auditors will look for when Light is in scope for your SOX or ICFR program. Light's SOC 1 Type II report was examined by AAFCPA, an independent CPA firm, and covers Light's AI Accounting Platform system.
System examined
AI Accounting Platform system
Audit period
Jul 1, 2025 – Dec 31, 2025
Independent auditor
AAFCPA
Opinion
Unqualified
Test results
No exceptions noted across all control objectives tested
Subservice organization
AWS (cloud hosting, physical data-centre security, compute, storage, and network infrastructure)
What this means for your audit
The report describes Light's control environment and tests the operating effectiveness of controls across the period, giving your auditors evidence they can rely on instead of re-testing Light's controls directly. As with any SOC 1 report, some control objectives depend on complementary user entity controls (things your own organization needs to have in place) and complementary subservice organization controls (controls AWS maintains on Light's behalf). Both are documented in the full report.
The full report is confidential and shared directly with customers and their auditors as part of due diligence; the summary above reflects its key facts and outcome.