By Stu Stein, Head of Security & Governance, Fluent Inc.
TL;DR: Compliance in commerce media isn’t about red tape. It’s about trust. At Fluent, we treat compliance as part of how we care for our clients and their customers—building a foundation for growth that’s secure, transparent, and lasting.
The Stakes Have Changed—So Must the Standards
Commerce media has moved fast. It’s no longer just about ads. It now sits where advertising, finance, and data privacy meet.
That means performance alone isn’t enough. Today, trust, transparency, and care matter just as much as numbers.
Yet too many platforms are still playing catch-up. Without outside checks or clear audit trails, they ask you to take risks you can’t see until it’s too late.
Fluent: Public, Audited, and Proudly Accountable
As a publicly traded company, Fluent is audited annually through rigorous internal and external reviews to ensure Sarbanes-Oxley (SOX) compliance, FTC-reviewed, and officially SOC 2 Type 2 certified across critical systems. Every decision we make is accountable to shareholders, regulators, and—most importantly—our clients.
We’ve built a modern security stack with tools like AWS, Databricks, Vanta, Okta, Wiz, InTune, Kandji, Automox, and CrowdStrike. These aren’t just boxes to check—they reflect the care and diligence we bring to making data protection a standard practice, not an afterthought.
Since our last FTC review, we’ve had no reportable audit findings and no privacy issues. That consistency shows the diligence and care behind every decision we make.
What Sets us Apart:
- Public company with SOX internal controls and external audits
- FTC-reviewed
- SOC 2 Type 2 certified across critical systems
- Zero privacy violations or fines
- Cutting-edge security stack: AWS, Databricks, Vanta, Okta, Wiz, InTune, Kandji, Automox, CrowdStrike
Real-Time Compliance, Built into Every Transaction
When clients run post-purchase campaigns with Fluent, they’re not just buying media. They’re partnering with a team that:
- Enforces real-time consent management
- Avoids storing personal data beyond the active session
- Provides full auditability of transactions
- Aligns with evolving global regulations (GDPR, CCPA, etc.)
Our proprietary Identity Graph enables contextual targeting without the risky data hoarding that plagues much of the industry—delivering growth with integrity, at scale.
Don’t Trust What You Can’t Verify
Without audits and outside oversight, invisible risks pile up. And by the time they show, it’s often too late.
That’s why we encourage clients to ask:
- Does your partner disclose breach response protocols?
- Are their compliance programs tested by third parties?
- Do they share their compliance track record?
If the answer is no, it may not be a risk worth taking.
The Path Forward: Responsible Innovation
At Fluent, we’re not just maintaining compliance standards—we’re raising them. Our roadmap includes:
- AI-driven compliance automation
- Proactive fraud detection across ecosystems
- Ongoing alignment with global regulatory frameworks
- New product development that prioritizes both performance and protection
Because the future belongs to partners who play the long game.
Compliance is no longer a cost center—it’s a value driver.
Compliance in commerce media isn’t a burden. It’s a competitive advantage and a mark of respect for the customers we all serve. At Fluent, we take pride in being a trusted partner who helps clients grow while keeping integrity at the center.
Trust takes years to build, and only a moment to lose. We treat it with the care and diligence it deserves.
About the Author: Stu Stein is Head of Security & Governance at Fluent, Inc., where he leads compliance, data protection, and governance strategies across the organization.