A practical SOC 2 checklist for evaluating Voice AI Agents vendors and their telephony stack.
The average cost of a data breach hit $4.88 million in 2024, up ~10% year-over-year, the biggest jump since the pandemic. That alone explains why security and procurement teams are pausing Voice AI Agent rollouts until vendors can prove their controls hold up under audit.
SOC 2 is the attestation most buyers ask for first. But a SOC 2 report on a Voice AI Agent platform is not the same as a SOC 2 report on a SaaS dashboard. Voice AI runs across live PSTN calls, real-time media, call recordings, transcripts, LLM inference, and third‑party integrations. Any one of those layers can leak data, drop calls, or fail an audit.
This guide covers what SOC 2 proves for Voice AI Agents, what it does not, and the questions to put in front of every vendor.
SOC 2 is a framework from the American Institute of Certified Public Accountants (AICPA). It reports on controls at a service organization relevant to security, availability, processing integrity, confidentiality, and privacy, evaluated by an independent CPA firm. See the AICPA’s overview of SOC reporting and Trust Services Criteria (TSC) for background.
Those five domains are the Trust Services Criteria. Security is the only one required for every SOC 2 audit; the other four are optional, and vendors pick them based on what they sell. For Voice AI, you want at least security, availability, and confidentiality in scope. Privacy is strongly preferred if the vendor handles personal data, which almost every voice agent does by default.
There are two report types, and the distinction matters. A SOC 2 Type 1 report evaluates whether controls are designed properly at a single point in time. Type 2 evaluates whether those controls operated effectively over three to twelve months. Enterprise buyers almost always ask for Type 2. A Type 1 report is a snapshot. A Type 2 report is a video.
If a vendor only has Type 1, that’s not a dealbreaker, but it is a signal. Ask when their Type 2 observation period starts and what the scope looks like.
SOC 2 is a control attestation, not a compliance certification for every law that touches voice. It will not, on its own, prove:
Those gaps are where voice‑specific risk hides. A Voice AI vendor with a clean SOC 2 Type 2 can still expose you to CIPA lawsuits, TCPA penalties, or GDPR fines if the voice stack underneath is sloppy.
For context, the FCC confirmed in February 2024 that AI‑generated voices fall under the TCPA’s definition of “artificial voice”, meaning outbound AI voice calls require prior express consent. TCPA violations carry $500 to $1,500 per call with no cap. Recording those same calls in states like California, Illinois, Florida, and Pennsylvania triggers all‑party consent rules under .
On top of that, the EU AI Act is phasing in obligations for general‑purpose and high‑risk AI systems through August 2026, and NIST’s AI 600‑1 Generative AI Profile enumerates risk categories that SOC 2 does not directly address, including confabulation, information integrity, and data privacy in model training.
SOC 2 is necessary. It is not sufficient.
Work through this table with every vendor under consideration. Each row maps a SOC 2 control area to the voice‑specific evidence that actually proves it.
| Control area | What to verify | Voice‑specific evidence | Why it matters |
|---|---|---|---|
| Encryption in transit | TLS 1.2+ for signaling, SRTP for media, DTLS‑SRTP for WebRTC | Packet capture from a test call; SIP trunk config showing SIPS on port 5061 | An unencrypted SIP trunk leaks call audio and CDR metadata to anyone on the path |
| Access control | Least‑privilege RBAC; MFA for admin consoles; audit logs on every console action | Sample audit log export; role matrix; MFA enforcement policy | Compromised credentials are a leading breach vector and take ~292 days on average to identify/contain (per IBM) |
| Call recording and consent | Consent capture before recording begins; disclosure scripts; state‑by‑state logic | Sample pre‑call disclosure audio; architecture diagram showing consent gate before transcription |
These separate serious providers from the rest:
For a deeper look at how to score vendors across these dimensions, our enterprise voice AI platform comparison lays out the metrics that actually predict production readiness.
Most Voice AI vendors do not own their telephony network. They resell carrier minutes, bolt on a speech API, wrap an LLM, and call it a platform. Each handoff is a subprocessor, a new SOC 2 boundary, and a potential point of failure.
Telnyx is a Tier‑1 carrier with an owned IP network, a SIP trunking layer, and Voice AI Agents on one platform: AI Agent Infrastructure where telephony, inference, and voice synthesis share a single SOC 2 boundary. That means fewer subprocessors to vet, a shorter audit trail, and a single point of accountability when something goes wrong. SRTP, TLS, and media paths are under one roof rather than stitched across vendors. With telecom licenses in 40+ countries, the compliance footprint is built in rather than bolted on.
A vendor whose telephony, inference, and voice synthesis live under the same SOC 2 report is a faster sell to a security review board than a vendor whose stack is held together by five different DPAs.
The state of voice AI in 2026 shows that trust gaps, not model quality, are the biggest blocker to production deployment. Security reviews stall when the answer to "where does the data go?" takes more than one diagram to explain.
SOC 2 is the price of entry for Voice AI Agents in any regulated or enterprise environment. It is not the finish line. Real vendor evaluation combines the SOC 2 Type 2 report, voice‑specific controls on encryption, consent, and residency, and honest answers about subprocessors and call paths.
Start with the checklist above. Map it to your risk register. Then push every vendor to show you the evidence, not just the logo.
For a reference architecture that covers these controls end to end, the Voice AI optimization templates show five proven configurations. For regulated verticals, AI voice agents for healthcare covers the HIPAA and EHR overlays on top of SOC 2.
Security reviews do not have to block your rollout. The right vendor makes them the thing that accelerates it.
Telnyx is SOC 2 Type 2 attested, with telephony, inference, and voice synthesis under a single compliance boundary, so your security team reviews one vendor, not five. Talk to our team to walk through our most recent report, review the controls that matter for your deployment, and see how a full-stack voice AI platform shortens your path to production.
Related articles
| Several states require all‑party consent; CIPA allows statutory damages up to $5,000 per call |
| Data residency | Regional inference; regional storage; documented data flows for EU/US/APAC | System/data‑flow diagram; subprocessor list by region; DPA with data‑location clauses | Hosting in the EU ≠ GDPR compliance if inference or transcripts cross borders |
| Retention and deletion | Documented retention periods; verified deletion on request; no use in training without opt‑in | Retention policy; sample deletion log; written assurance that customer data is not used to train vendor models | Unmanaged copies (“shadow data”) derail deletion verification and extend risk exposure |
