What tools does Vervidex replace?

Vervidex replaces Inform Direct or filing agents for Companies House, standalone AML/KYC tools, deadline tracking spreadsheets, the Charity Commission portal, separate HMRC tax trackers, and manual GDPR checklists — consolidating 6+ tools into one platform.

What entity types does Vervidex support?

Vervidex supports 8 entity types: limited companies, LLPs, charities, CICs, trusts and estates, partnerships, registered societies, and overseas companies — each with entity-specific compliance rules and filing deadlines.

How much does Vervidex cost?

Vervidex offers 4 plans: Essentials at £199/month (25 entities, 1 user), Professional at £499/month (100 entities, 5 users), Business at £999/month (300 entities, 15 users with e-invoicing), and Enterprise at £2,499/month (unlimited). All plans include a 14-day free trial with no credit card required.

What compliance modules are included?

Vervidex includes 22 compliance modules: Compliance Calendar, AML/KYC, Statutory Registers, VAT Tracker, Corporation Tax, MTD ITSA, Annual Accounts, Dividends, PAYE/RTI, Pensions, CIS, GDPR, Audit Threshold, Registered Office, FRS 102, UK SRS Reporting, Late Filing Penalties, E-Invoicing, ACSP Compliance, CPD Tracking, PI Insurance, and Engagement Letters.

Vervidex — Replace 6+ Compliance Tools With One Platform for UK Accountants

Why security and accessibility matter for practices

Regulatory Obligation

The FCA, ICAEW, and ACCA expect member firms to exercise due diligence over technology suppliers handling client data. The Equality Act 2010 reinforces obligations around accessible services.

Professional Indemnity

PI insurers increasingly ask about vendor security posture during renewal. Demonstrating SOC 2-aligned practices reduces underwriting friction and evidences operational maturity.

Inclusive Workplaces

Staff across practices use screen readers, keyboard navigation, and high-contrast displays. WCAG 2.1 Level AA compliance ensures Vervidex works for the full breadth of your team.

SOC 2 Ready

Designed toward AICPA Trust Services Criteria

SOC 2 (System and Organization Controls) is an attestation framework developed by the American Institute of Certified Public Accountants (AICPA). It evaluates an organisation's controls against five Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. A formal SOC 2 Type II report requires an independent auditor to examine controls over a defined period.

Important clarification: We do not claim that Vervidex has completed a SOC 2 audit. “Ready” means the platform is architected to support the control expectations that SOC 2 examinations assess, so that progressing to a formal examination is a matter of evidence gathering and scope definition — not a fundamental redesign.

Data Governance

Multi-tenant architecture with practice-level data isolation. Every query is scoped to the authenticated organisation, aligning with the principle of least privilege outlined in NCSC Cyber Essentials guidance.

Authentication & Access Control

Industry-standard JWT authentication via Supabase Auth with role-based access control (RBAC). Enterprise API keys use SHA-256 hashing at rest, consistent with OWASP credential storage recommendations.

Audit Trail & Accountability

Append-only audit logging captures actor identity, action type, entity reference, and timestamp for every significant operation. This supports the monitoring criteria that SOC 2 Type II examiners assess under TSC CC7.x.

Transport Security

All production traffic is expected over TLS 1.2+ (HTTPS) end-to-end. CORS policies restrict API access to authorised frontend origins, and rate limiting protects public endpoints from volumetric abuse.

The final security posture also depends on your deployment configuration: secrets management, database networking, backup strategy, and administrative access controls. We publish this information so IT and risk teams can map product capabilities to their own control frameworks, whether SOC 2, ISO 27001, or Cyber Essentials.

WCAG 2.1 Level AA

Inclusive design as an engineering commitment

The Web Content Accessibility Guidelines (WCAG) 2.1, published by the W3C Web Accessibility Initiative, define how digital content should work for people with disabilities. Level AA is the conformance level most commonly referenced in procurement contracts, public sector accessibility statements, and professional standards bodies including ICAEW's guidance on inclusive service delivery.

Vervidex targets WCAG 2.1 AA across the product interface. This is an engineering commitment to accessible patterns, not a third-party certificate. We continuously review new features against the success criteria and treat accessibility regressions as product defects.

Accessibility implementation

Contrast ratios meet 4.5:1 for normal text per WCAG SC 1.4.3
All interactive elements are keyboard-navigable with visible focus indicators
Form controls use semantic labels, aria-invalid, and aria-describedby
Motion respects prefers-reduced-motion for users with vestibular sensitivities
Built on accessible primitives from Radix UI with screen reader testing

Continuous improvement

Accessibility requires ongoing attention: every new feature undergoes colour contrast review, focus order testing, and motion preference validation. If you encounter a barrier in Vervidex, please contact us — we treat these as priority defects and aim to resolve them within two development cycles.

Compliance Roadmap

Forthcoming programme milestones

Independent SOC 2 Type II examination when customer and partner demand warrants the investment

Scheduled accessibility sweeps (automated via axe-core plus manual screen reader testing) on high-traffic journeys

Published subprocessor register and data processing agreements as the compliance programme matures

ISO 27001 alignment assessment for enterprise customers with formal ISMS requirements

Questions for your IT or risk team?

Start a trial to explore the platform, or reach out for a detailed security questionnaire response.

Start Free Trial

Our commitment to security and inclusive design