AUSTIN, Texas, Sept. 23, 2025 (GLOBE NEWSWIRE) -- Commerce (Nasdaq: CMRC), an open, intelligent ecosystem of technology solutions that empower businesses to unlock data potential and deliver seamless, personalized experiences at scale, today announced that it has moved the mark toward security and AI program governance standards, gaining International Organization for Standardization (ISO): ISO 9001 for Quality Management certification and testing and certifying against ISO/IEC 42001 for Artificial Intelligence Management.
These new certifications, awarded by leading cybersecurity auditor Coalfire, strengthen Commerceโs competitive edge in security, reliability and ethical innovation. They also reinforce Commerceโs position as a values-driven organization, focused on innovation, compliance and customer trust. By aligning with ISO standards, the company ensures that its practices are transparent, well-governed and globally benchmarked.
โIn todayโs digital ecosystem, trust canโt simply be claimed. It must be proven,โ said Dan Holden, chief information security officer at Commerce. โBy achieving ISO 9001 and ISO 42001 certifications, Commerce is not only aligning with global best practices, we are demonstrating our commitment to quality, responsible AI implementation and end-to-end supply chain due diligence. This is about showing that security and governance are integral to how Commerce operates, and we are proving that commitment through a measurable, independently audited process.โ
ISO 9001, a highly recognized global quality management standard, affirms that Commerce follows international best practices to ensure consistent product delivery and customer satisfaction. Coalfire examined Commerceโs internal business practices and found that the company follows international best practices for high-quality service and product delivery.
ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining and continually improving an Artificial Intelligence Management System (AIMS) within organizations. Achieving this certification reflects Commerceโs ethical approach to AI deployment and signals to merchants, partners and investors that it is proactively governing AI development with transparency, fairness and risk mitigation.
โThese certifications, backed by comprehensive audits twice each year, provide transparency into the strength of our security and compliance posture,โ Holden said. โMerchants using or considering Commerce can be confident that our product delivery follows high-quality standards and that we will not be training our AI models with their data.โ
Trust as a Deciding Factor
Commerceโs strong compliance record is often a competitive differentiator for businesses choosing an ecommerce platform. Earlier this year, the Marine Corps Community Services (MCCS) and its implementation partner Raven Solutions selected Commerce to support their entry into the digital commerce market.
โWhen Raven Solutions was helping the Marine Corps Community Services choose an ecommerce platform, Commerce was able to demonstrate a strong security posture and a transparent documented record of compliance that enabled us to trust the platformโs integrity,โ said Ryan Pratt, CEO of Raven Solutions. โWe evaluated multiple options and Commerceโs security- and privacy-first approach โ built on NIST, OWASP and CIS frameworks โ was a decisive advantage over competitors.โ
โMCCS is critical to strengthening mission readiness and quality of life for Marines through our morale, welfare and recreation (MWR) and Exchange services,โ said David Raley, CX digital program manager at MCCS. โAdding ecommerce functionality was an important part of our strategy to provide better service to Marines.โ
Commerceโs regularly audited infrastructure and practices include:
- Weekly patching with zero downtime
- Daily encrypted backups across four geographically dispersed data centers
- Mandatory secure development training for engineers
- Continuous third-party penetration testing and security monitoring
- Enterprise-grade business continuity certified by ISO 22301
Commerceโs full suite of certifications, including ISO 27001, ISO 22301, and multiple SOC attestations, can be found at the Commerce Security Trust Center.
About Commerce
Commerce (Nasdaq: CMRC) empowers businesses to innovate, grow, and thrive by providing an open, AI-driven commerce ecosystem. As the parent company of BigCommerce, Feedonomics, and Makeswift, Commerce connects the tools and systems that power growth, enabling businesses to unlock the full potential of their data, deliver seamless and personalized experiences across every channel, and adapt swiftly to an ever-changing market. Trusted by leading businesses like Coldwater Creek, Cole Haan, Harvey Nichols, King Arthur Baking Co., Mizuno, Perry Ellis, SportsShoes, and Uplift Desk, Commerce delivers the storefront control, optimized data, and AI-ready tools businesses need to grow, serve diverse buyers, and operate with confidence in an increasingly intelligent, multi-surface world. For more information, visit commerce.com or follow us on X and LinkedIn.
BigCommerceยฎ, the Commerce logo, and other brands are the trademarks or registered trademarks of BigCommerce Pty. Ltd. Third-party trademarks and service marks are the property of their respective owner.
Media Contact:
Brad Hem
pr@commerce.com
