Crypto Exchange Gemini Completes SOC 2 Security Compliance Review 

Announcements, News | January 30, 2019 By:

Gemini, a New York-based crypto exchange founded by the Winklevoss twins, has reportedly completed a SOC 2 – SOC for Service Organizations Type 1 examination.

Founded in 2014, Gemini is a crypto exchange and custodian that allows customers to buy, sell, and store cryptocurrencies such as bitcoin, ether, Litecoin, Bitcoin Cash, and Zcash. As a New York-based entity, the company is subject to the capital reserve requirements, cybersecurity requirements, and banking compliance standards set forth by the New York Department of Financial Services (NYDFS).

In a press release, Gemini said that it has secured a SOC 2 Type 1 certification, which requires companies to establish and follow strict information security policies and procedures, encompassing the security, availability, and confidentiality of customer data. The SOC 2 Type 1 report can be distributed by Gemini to authorized users of the Gemini system.

The SOC 2 Type 1 examination was performed by an independent, third-party assurance provider, Deloitte & Touche LLP, and covers the security and availability of Gemini’s exchange and custody platform. According to Gemini, these controls have been independently inspected to meet the trust services criteria established by the American Institute of Certified Public Accountants (AICPA).

Gemini said that the goal of the examination is to meet the needs of users that require detailed information and assurance about the controls implemented within the Gemini exchange and custody platform. It is also seeking to obtain a SOC 2 Type 2 certification, a higher level of SOC 2 assurance, within this year to further test the effectiveness of its internal controls.

“Gemini is the world’s first cryptocurrency exchange and custodian to demonstrate this level of security compliance,” said Yusuf Hussain, Gemini’s Head of Risk. “The SOC 2 Type 1 Report issued by Deloitte & Touche LLP further demonstrates our commitment to safeguarding our customer’s cryptocurrency and data. Achieving this level of compliance across both our exchange and custody platform raises the bar for security and compliance standards of the crypto industry and is what retail and institutional consumers should require of any cryptocurrency exchange and custodian they do business with. Going forward, we will perform a SOC 2 examination on an annual basis in order to demonstrate our ongoing commitment to safeguarding your data and cryptocurrency.”