← All integrations
Live integration

Accounting (QuickBooks, Xero, NetSuite, …)

GRC · merge_link · Daily

Unified accounting integration via Merge.dev. One connector reaches 20+ accounting systems. Pulls chart-of-accounts count and recent-transaction count for SOX-adjacent ITGC evidence and SOC 1 financial-reporting control mapping.

Authentication
merge_link
Sync cadence
Daily
Stale threshold
Every 2 days
Category
GRC

Evidence this connector produces

Every sync writes typed evidence rows linked to the controls below. Evidence is immutable once attached to an approved assessment, fingerprinted for de-dup, and surfaced in the control coverage calculation on your dashboard.

SOC 1SOX ITGC

How to connect

Click Connect to launch Merge Magic Link. Pick your accounting system, sign in, authorize read-only access.

  1. 1
    Pick your accounting system in Merge Link

    QuickBooks Online, Xero, NetSuite, Sage Intacct, Wave, FreshBooks, Zoho Books, MYOB, and more.

  2. 2
    Authorize read-only access

    Merge handles the provider's OAuth flow. We never see your raw credentials.

  3. 3
    First sync runs immediately

    Pulls account counts and aggregate transaction volume — no journal-entry detail. Daily syncs thereafter.

Security model

Every connector ships behind the same auditor-grade primitives — not just RBAC config, but architectural enforcement.

Credentials KMS-encrypted at rest

Tokens, client secrets, and service-account keys are encrypted under a per-tenant AWS KMS data key. The plaintext is never persisted, never logged, and never leaves the FastAPI process boundary.

Tenant-isolated by architecture

Every Connection, ConnectorRun, and emitted Evidence row carries an organization ObjectId. The scheduler never iterates without an org-scoped filter; cross-tenant evidence bleed is impossible at the data layer.

Audit log on every action

Connect, sync, sync-failure, re-auth, and revoke each write a row to the immutable AuditLog. The full lifecycle is reconstructable for any examiner.

Soft-delete on revoke

Revoking a connection sets deletedAt and clears the encrypted credential blob, but the historical evidence + sync log stays queryable for the retention window. Auditors can still trace what was attested when.

Stale-evidence degradation

If this connector hasn't synced in Every 2 days, control coverage degrades automatically and an alert fires. Auditors don't trust stale evidence — neither do we.

Least-privilege scopes only

We request the minimum read-only scopes needed for the listed evidence. No write scopes, no admin scopes, no scopes outside the documented set.

Ready to connect Accounting (QuickBooks, Xero, NetSuite, …)?

Connect from Settings → Integrations — typically under 5 minutes. Or talk to us first.

Request a demoSign in to connect