What is a T-12 in real estate?

A T-12 (Trailing Twelve Months) is an operating statement showing the last 12 months of income and expenses for a property. Lenders use it to calculate Net Operating Income (NOI) and determine loan amounts. Bhumi provides forensic T-12 audits that reconcile every line item to bank statements.

How long does a T-12 audit take?

Bhumi delivers a complete, lender-ready T-12 package within 48 hours of receiving your documents. Full forensic reconstruction typically takes 1-2 weeks. Deal closing support runs approximately 30 days.

What size multifamily portfolios does Bhumi work with?

Bhumi specializes in $500K to $5M multifamily portfolios with 5-50 units. This is the sweet spot where institutional lenders require documentation but owners often lack institutional-grade bookkeeping - too complex for most accountants, too small for institutional advisors.

What documents do I need to start a T-12 audit?

To start, Bhumi needs three things: 12 months of bank statements for all accounts touching the property, a current rent roll showing units, tenants, and rent amounts, and your most recent tax return or Schedule E for the property.

How much does a T-12 audit cost?

Bhumi charges a flat fee based on portfolio complexity - number of units, bank accounts, and document condition. No hourly billing surprises. Contact for a specific quote based on your situation.

What lenders does Bhumi work with?

Bhumi is lender-agnostic and has prepared packages for Freddie Mac Small Balance Loans, Fannie Mae Small Loans, regional banks, credit unions, and private lenders. The documentation standards are tailored to each lender's requirements.

What is NOI variance and why does it matter?

NOI variance is the gap between what your T-12 operating statement shows and what your bank deposits prove. Lenders require zero variance for loan approval. Bhumi's forensic reconciliation traces every dollar of revenue to a specific bank deposit, eliminating phantom income and protecting your loan amount.

Can Bhumi help with inherited real estate portfolios?

Yes. Bhumi specializes in inherited portfolios where the previous generation ran operations manually. We've handled portfolios with Venmo payments, cash deposits with no paper trail, commingled personal and business expenses, and decades of accumulated documentation gaps.

← Back to Legal

Security

Last Updated: January 10, 2026

Our Commitment to Security

At Bhumi, we understand that you trust us with sensitive financial information. Protecting that information is fundamental to our business. We implement industry-standard security measures to safeguard your data throughout its lifecycle.

Data Protection Measures

Encryption

In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher
At Rest: Customer data stored on our systems is encrypted using AES-256 encryption
Email: We recommend using secure file transfer methods for sensitive documents; contact us for secure upload options

Access Controls

Role-based access controls limit data access to authorized personnel only
Multi-factor authentication required for all administrative access
Access logs maintained and regularly reviewed
Principle of least privilege applied to all system access

Infrastructure Security

Cloud infrastructure hosted on SOC 2 compliant providers
Regular security updates and patch management
Firewall protection and intrusion detection systems
Regular backups with secure, encrypted storage

Data Handling Practices

Document Security

Secure upload portal available for document submission
Documents processed in isolated, secure environments
Automatic deletion of working files after engagement completion
Secure deletion methods used for all data removal

No AI Training on Your Data

We do not use your documents or data to train artificial intelligence or machine learning models. Your data is used solely to provide the services you have requested.

Data Retention

Customer data retained only as long as necessary for business purposes
Standard retention period of 7 years for completed engagements
Data deletion available upon request, subject to legal requirements
Secure destruction of data at end of retention period

Personnel Security

Background checks conducted on personnel with access to customer data
Confidentiality agreements required for all team members
Regular security awareness training
Immediate access revocation upon personnel changes

Incident Response

We maintain an incident response plan to address potential security events:

24-hour monitoring for security anomalies
Documented incident response procedures
Prompt notification to affected customers in the event of a data breach
Post-incident analysis and remediation

Third-Party Security

We carefully evaluate the security practices of our third-party service providers:

Vendors selected based on security certifications and practices
Data processing agreements in place with all vendors who handle customer data
Regular review of vendor security posture
Limited data sharing with vendors on a need-to-know basis

Your Role in Security

Security is a shared responsibility. We recommend the following practices:

Use strong, unique passwords for any accounts
Be cautious of phishing attempts—we will never ask for sensitive information via unsolicited email
Use secure methods when transmitting sensitive documents
Report any suspicious activity to us immediately
Keep your own systems and software up to date

Reporting Security Concerns

If you discover a security vulnerability or have concerns about the security of your data, please contact us immediately:

Bhumi LLC
Email: [email protected]
Subject: Security Concern

We take all security reports seriously and will respond promptly to investigate and address any issues.