Concord Servicing manages the back end of consumer and commercial lending at scale - $50 billion in assets under administration across 5 million accounts. The portfolio spans automotive, solar, home improvement, vacation ownership, elective medical, and commercial finance. That's a broad attack surface: high-volume personally identifiable information, regulated financial data, and payment infrastructure layered across multiple verticals with distinct compliance regimes.
The company's proprietary platform, Concord Link, centralizes portfolio management with AI-driven insights and built-in compliance systems. The security challenge here is architectural - ensuring that data flows between lenders, servicers, and regulators stay encrypted, auditable, and access-controlled across a system designed for transparency and efficiency. Delinquency rates run below industry benchmarks, which suggests the data pipelines handling borrower status and payment processing are high-throughput and unforgiving of downtime or integrity failures.
For a cybersecurity team, the threat model is straightforward: protect financial data at rest and in transit, harden AI-driven decisioning layers against adversarial manipulation, and maintain compliance posture across sectors that each bring their own regulatory frameworks. The emphasis on operational excellence and regulatory compliance signals a company that treats security as a compliance and infrastructure problem, not a bolt-on - exactly the kind of environment where engineering and security have to be tightly coupled.