Commerce Earns Quality Management ISO Certification and Tests Against Responsible AI ISO Frameworks

AUSTIN, Texas — September 23, 2025 — Commerce (Nasdaq: CMRC), an open, intelligent ecosystem of technology solutions that empower businesses to unlock data potential and deliver seamless, personalized experiences at scale, today announced that it has moved the mark toward security and AI program governance standards, gaining International Organization for Standardization (ISO): ISO 9001 for Quality Management certification and testing and certifying against ISO/IEC 42001 for Artificial Intelligence Management.

These new certifications, awarded by leading cybersecurity auditor Coalfire, strengthen Commerce’s competitive edge in security, reliability and ethical innovation. They also reinforce Commerce’s position as a values-driven organization, focused on innovation, compliance and customer trust. By aligning with ISO standards, the company ensures that its practices are transparent, well-governed and globally benchmarked.

“In today’s digital ecosystem, trust can’t simply be claimed. It must be proven,” said Dan Holden, chief information security officer at Commerce. “By achieving ISO 9001 and ISO 42001 certifications, Commerce is not only aligning with global best practices, we are demonstrating our commitment to quality, responsible AI implementation and end-to-end supply chain due diligence. This is about showing that security and governance are integral to how Commerce operates, and we are proving that commitment through a measurable, independently audited process.”

ISO 9001, a highly recognized global quality management standard, affirms that Commerce follows international best practices to ensure consistent product delivery and customer satisfaction. Coalfire examined Commerce’s internal business practices and found that the company follows international best practices for high-quality service and product delivery.

ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining and continually improving an Artificial Intelligence Management System (AIMS) within organizations. Achieving this certification reflects Commerce’s ethical approach to AI deployment and signals to merchants, partners and investors that it is proactively governing AI development with transparency, fairness and risk mitigation.

“These certifications, backed by comprehensive audits twice each year, provide transparency into the strength of our security and compliance posture,” Holden said. “Merchants using or considering Commerce can be confident that our product delivery follows high-quality standards and that we will not be training our AI models with their data.”

Commerce’s strong compliance record is often a competitive differentiator for businesses choosing an ecommerce platform. Earlier this year, the Marine Corps Community Services (MCCS) and its implementation partner Raven Solutions selected Commerce to support their entry into the digital commerce market.

“When Raven Solutions was helping the Marine Corps Community Services choose an ecommerce platform, Commerce was able to demonstrate a strong security posture and a transparent documented record of compliance that enabled us to trust the platform’s integrity,” said Ryan Pratt, CEO of Raven Solutions. “We evaluated multiple options and Commerce’s security- and privacy-first approach – built on NIST, OWASP and CIS frameworks – was a decisive advantage over competitors.”

“MCCS is critical to strengthening mission readiness and quality of life for Marines through our morale, welfare and recreation (MWR) and Exchange services,” said David Raley, CX digital program manager at MCCS. “Adding ecommerce functionality was an important part of our strategy to provide better service to Marines.”

Commerce’s regularly audited infrastructure and practices include:

Commerce’s full suite of certifications, including ISO 27001, ISO 22301, and multiple SOC attestations, can be found at the Commerce Security Trust Center.

Commerce (Nasdaq: CMRC) empowers businesses to innovate, grow, and thrive by providing an open, AI-driven commerce ecosystem. As the parent company of BigCommerce, Feedonomics, and Makeswift, Commerce connects the tools and systems that power growth, enabling businesses to unlock the full potential of their data, deliver seamless and personalized experiences across every channel, and adapt swiftly to an ever-changing market. Trusted by leading businesses like Coldwater Creek, Cole Haan, Harvey Nichols, King Arthur Baking Co., Mizuno, Perry Ellis, SportsShoes, and Uplift Desk, Commerce delivers the storefront control, optimized data, and AI-ready tools businesses need to grow, serve diverse buyers, and operate with confidence in an increasingly intelligent, multi-surface world. For more information, visit commerce.com or follow us on X and LinkedIn.