A SOC 2 vendor checklist for voice AI agents. Covers the encryption, consent, residency, and call-path questions a real security review will ask.
Voice AI agents are SOC 2 compliant when the vendor's SOC 2 Type II report covers the actual call path layers, not just the API or orchestration layer. Most voice AI vendors do not own the PSTN side, so buyers chain multiple SOC 2 reports together to get full coverage. Telnyx holds SOC 2 Type II attestation as a Tier-1 carrier owning the full voice AI agent stack, putting the compliance footprint under one vendor relationship..
SOC 2 is a framework from the American Institute of Certified Public Accountants (AICPA). It reports on controls at a service organization relevant to security, availability, processing integrity, confidentiality, and privacy, with an independent CPA firm evaluating the controls. See the AICPA's overview of SOC reporting and Trust Services Criteria (TSC) for background.
Related articles
Those five domains are the Trust Services Criteria. Security is the only one required for every SOC 2 audit; the other four are optional, and vendors pick them based on what they sell. For voice AI, the report should explicitly cover call recordings, real-time media paths, transcripts, and LLM inference, not just the API dashboard.
Privacy is non-negotiable for voice AI: recordings, transcripts, and voiceprints are personal data under GDPR and most state privacy laws. Availability and Confidentiality are also essential for production. A vendor whose SOC 2 only covers Security has not thought through the voice AI use case.
There are two report types, and the distinction matters. A Type I report evaluates whether controls are designed properly at a single point in time. Type II evaluates whether those controls operated effectively over three to twelve months. Enterprise buyers almost always ask for Type II.
Voice AI failures show up in operation, not in design. A consent gate that misfires for 1% of calls passes a Type I design review and fails a Type II operating-effectiveness audit.
If a vendor only has Type I, that is not a dealbreaker but it is a signal. Ask when their Type II observation period starts and whether the call path layers (PSTN, media, transcripts, LLM inference) are in scope.
SOC 2 is a control attestation, not a compliance certification for every law that touches voice. It will not, on its own, prove:
Those gaps are where voice-specific risk hides. A voice AI vendor with a clean SOC 2 Type II can still expose you to CIPA lawsuits, TCPA penalties, or GDPR fines if the voice stack underneath is sloppy.
For context, the FCC confirmed in 2024 that AI-generated voices fall under the TCPA's definition of "artificial voice," meaning outbound AI voice calls require prior express consent. TCPA violations carry $500 to $1,500 per call with no cap. Recording those same calls in states like California, Illinois, Florida, and Pennsylvania triggers all-party consent rules under state wiretapping laws.
On top of that, the EU AI Act is phasing in obligations for general-purpose and high-risk AI systems through August 2026, and NIST's AI 600-1 Generative AI Profile enumerates risk categories that SOC 2 does not directly address, including confabulation, information integrity, and data privacy in model training.
SOC 2 is necessary. It is not sufficient.
For regulated voice AI deployments, SOC 2 alone falls short. Buyers in healthcare, fintech, payments, and EU markets need additional frameworks layered on top.
HIPAA applies the moment a voice AI deployment touches protected health information (PHI). Healthcare voice AI vendors must sign a Business Associate Agreement (BAA), encrypt PHI in transit and at rest, and prove they can purge PHI on request. SOC 2 does not require any of this.
PCI DSS Compliant is what payments-touching voice AI deployments need. PCI applies to vendors handling card data, including IVR flows that take payments by voice. Voice AI platforms that record calls capturing card numbers must hold PCI DSS Compliant attestation and demonstrate scope segmentation between the recorded audio and the cardholder data environment.
GDPR governs EU data subjects and adds residency, retention, and right-to-deletion requirements that SOC 2 does not enforce. EU-deployed infrastructure matters here. Hosting in the EU is not enough if inference, transcription, or call recording crosses borders during processing.
ISO 27001 is the international information security management standard, broader than SOC 2 in scope and often required by enterprise procurement teams in Europe and APAC. SOC 2 and ISO 27001 cover overlapping ground but neither replaces the other.
Telnyx's compliance posture covers SOC 2 Type II, HIPAA, PCI DSS Compliant, ISO 27001, and GDPR with EU-deployed infrastructure. The full stack falls under one vendor relationship, not five.
Work through this table with every vendor under consideration. Each row maps a SOC 2 control area to the voice-specific evidence that actually proves it.
| Control area | What to verify | Voice-specific evidence | Why it matters |
|---|---|---|---|
| Encryption in transit | TLS 1.2+ for signaling, SRTP for media, DTLS-SRTP for WebRTC | Packet capture from a test call; SIP trunk config showing SIPS on port 5061 | An unencrypted SIP trunk leaks call audio and CDR metadata to anyone on the path |
| Access control | Least-privilege RBAC; MFA for admin consoles; audit logs on every console action | Sample audit log export; role matrix; MFA enforcement policy | Compromised credentials remain a leading breach vector across enterprise breaches |
| Call recording and consent | Consent capture before recording begins; disclosure scripts; state-by-state logic | Sample pre-call disclosure audio; architecture diagram showing consent gate before transcription | Several states require all-party consent; CIPA exposes vendors to statutory damages per call |
| Data residency | Regional inference; regional storage; documented data flows for EU/US/APAC | System/data-flow diagram; subprocessor list by region; DPA with data-location clauses | Hosting in the EU is not the same as GDPR compliance if inference or transcripts cross borders |
| Retention and deletion | Documented retention periods; verified deletion on request; no use in training without opt-in | Retention policy; sample deletion log; written assurance that customer data is not used to train vendor models | Unmanaged copies ("shadow data") derail deletion verification and extend risk exposure |
These separate serious providers from the rest:
For a deeper look at how to score vendors across these dimensions, our enterprise voice AI platform comparison lays out the metrics that actually predict production readiness.
The same SOC 2 framework yields different answers depending on what each vendor actually owns.
Telnyx. SOC 2 Type II, HIPAA, PCI DSS Compliant, ISO 27001, and GDPR with EU-deployed infrastructure. Sub-200ms round-trip latency and 99.999% uptime on a Tier-1 carrier network. GPU clusters and the voice AI agent platform sit under one vendor relationship, putting telephony and AI under a single compliance footprint.
Vapi. SOC 2 Type II, HIPAA, and GDPR. Vapi is an orchestration layer; PCI and ISO coverage depends on which sub-vendor handles telephony and storage. Buyers chain Vapi's SOC 2 to a carrier's SOC 2 to get full call-path coverage.
Retell AI. SOC 2 Type I and Type II, HIPAA, and GDPR. Retell does not own the PSTN layer; calls run through third-party carriers, including Telnyx in some deployments. Same sub-vendor chaining issue as Vapi for PCI and ISO.
Bland AI. SOC 2 Type I and Type II, HIPAA, GDPR, and PCI DSS 4.0.1. ISO 27001 is not publicly listed. Verify network ownership and whether the SOC 2 scope covers the full call path before assuming PSTN is in.
ElevenLabs. SOC 2 Type II and GDPR. No HIPAA. No PCI. ElevenLabs is a voice generation provider rather than a voice agent platform, so call recording, telephony, and call-path coverage sit outside their scope. Useful as a TTS provider inside a larger stack, not as the full voice AI solution for regulated buyers.
The pattern: vendors that own only the API or orchestration layer leave telephony to a sub-vendor with its own SOC 2 report. Buyers chain multiple vendor relationships together. Vendors that own the full stack consolidate to one.
Most voice AI vendors do not own their telephony network. They resell carrier minutes, bolt on a speech API, wrap an LLM, and call it a platform. Each handoff is a subprocessor, a new SOC 2 boundary, and a potential point of failure.
Telnyx is a Tier-1 carrier with an owned IP network, a SIP trunking layer, and voice AI agents on one platform. Telephony, inference, and voice synthesis live under one vendor relationship. That means fewer subprocessors to vet, a shorter audit trail, and a single point of accountability when something goes wrong. SRTP, TLS, and media paths run under one roof rather than stitched across vendors. With telecom licenses in 40+ countries, the compliance footprint is built in rather than bolted on.
A vendor whose telephony, inference, and voice synthesis live under one vendor relationship is a faster sell to a security review board than a vendor whose stack is held together by five different DPAs.
The state of voice AI in 2026 shows that trust gaps, not model quality, are the biggest blocker to production deployment. Security reviews stall when the answer to "where does the data go?" takes more than one diagram to explain.
Are AI voice agents SOC 2 compliant?
Yes, voice AI agents can be SOC 2 compliant when the vendor holds a SOC 2 Type II report covering the layers in your call path. The catch: a SOC 2 report on a voice AI platform is not the same as a SOC 2 report on a SaaS dashboard. Voice AI runs across live PSTN calls, real-time media, recordings, transcripts, LLM inference, and integrations, and not every vendor's SOC 2 scope covers all of those. Verify the scope before assuming compliance.
What does SOC 2 Type II prove about a voice AI platform?
SOC 2 Type II confirms that an independent CPA firm verified the vendor's controls operated effectively over a three-to-twelve-month observation period. For voice AI, the report should cover the security, confidentiality, and availability Trust Services Criteria, and the scope should explicitly include call recordings, transcripts, and LLM inference if the vendor processes any of those. Type I reports are snapshots and carry less weight with enterprise buyers.
Are there SOC 2 certified speech-to-text providers?
Yes, several speech-to-text providers hold SOC 2 Type II attestation. The question to ask is whether the SOC 2 scope covers the actual transcription processing and storage, not just the API layer. Telnyx provides speech-to-text inside the voice AI agent platform as a single SOC 2 Type II attested vendor, rather than chaining multiple sub-vendors.
What compliance certifications should I look for when sharing lead data with a voice AI vendor?
For outbound voice AI handling lead data, look for SOC 2 Type II at minimum. Add GDPR if any leads are EU data subjects, HIPAA if any leads might disclose protected health information, and PCI DSS Compliant if the calls take payments. ISO 27001 is preferred for enterprise procurement. Confirm the vendor's data residency, retention, and deletion controls match your policies before sharing data.
Are AI voice agents HIPAA compliant for healthcare?
Voice AI agents can be HIPAA compliant when the vendor signs a Business Associate Agreement (BAA), encrypts PHI in transit and at rest, restricts access to authorized personnel, and supports verified deletion of recordings and transcripts on request. SOC 2 alone does not satisfy HIPAA. Healthcare buyers need both: SOC 2 Type II for the security controls, and a signed BAA covering the voice AI deployment.
What state-level consent rules apply to voice AI?
Outbound voice AI calls fall under the TCPA, which the FCC confirmed applies to AI-generated voices. TCPA requires prior express consent for AI voice calls. On top of that, call recording in all-party-consent states (California, Illinois, Florida, Pennsylvania, and several others) triggers state wiretapping laws like CIPA. Vendors must support state-by-state consent logic and disclosure scripts before recording begins.
Can voice AI platforms meet SOC 2, GDPR, HIPAA, and PCI DSS at once?
Yes, but few do. Most voice AI vendors hold some combination but rarely all four. Telnyx holds all four plus ISO 27001, with EU-deployed infrastructure as a baseline. The structural advantage comes from owning the network, GPUs, and voice AI platform on one stack, simplifying compliance from five DPAs to one.
SOC 2 is the price of entry for voice AI agents in any regulated or enterprise environment. It is not the finish line. Real vendor evaluation combines the SOC 2 Type II report, voice-specific controls on encryption, consent, and residency, and honest answers about subprocessors and call paths.
Start with the checklist above. Map it to your risk register. Then push every vendor to show you the evidence, not just the logo.
For a reference architecture that covers these controls end to end, the Voice AI optimization templates show five proven configurations. For regulated verticals, AI voice agents for healthcare covers the HIPAA and EHR overlays on top of SOC 2.
Security reviews do not have to block your rollout. The right vendor makes them the thing that accelerates it.
Telnyx holds SOC 2 Type II attestation. As a Tier-1 carrier owning the full voice AI agent stack, your security team reviews one vendor, not five.
