Leading cryptocurrency exchange, Gemini announced the completion of its independent SOC 2 Type 2 examination.
SOC 2 Type 2 examination essentially covers the security compliance of the platform and Gemini Custody. In the latest blog post, Yusuf Husain, Head of Risk at Gemini, stated,
“Going forward, we will be completing a SOC 2 Type 2 on an annual basis. We believe this kind of assurance, in addition to other safeguards we have implemented, such as digital asset insurance for our hot wallet and Gemini Custody™ helps protect our customers data and cryptocurrency and further our mission to empower the individual through crypto.”
According to the American Institute of Certified Public Accountants (AICPA), System and Organization Controls (SOC) 2 examination is essentially “designed to address controls at a service organization relevant to the systems at the service organization used to process users’ data.”
Previously, Gemini’s SOC 2 Type 1 examination was inspected by the Big Four auditor Deloitte & Touche LLP [Deloitte] to execute SOC for Service Organizations Type 1 examination.
To further “validate the effectiveness” of the platform’s internal controls, Gemini had earlier revealed that it was committed to perform a SOC 2 examination on an annual basis.
Husain emphasized on the need for third-party evaluation and stated,
“Taking this further, simply saying you are secure is not the same as demonstrating you are secure to an independent third party. We feel that everyone should require these standards for any cryptocurrency exchange and custodian they use”
According to the official release, while SOC Type 1 evaluates the design and implementation of system controls at a point in time, SOC 2 Type 2 analyzes whether these system controls have been operating effectively over a period of time.