The Winklevoss brothers' Gemini cryptocurrency custodian and substitution has obtained a new security qualification, SOC ane Blazon i.

According to an April 21 web log post past the company's caput of gamble, Yusuf Hussain, Gemini became the world'south beginning digital currency custodian and exchange that was granted a Service Organization Control (SOC) one Blazon ane certification. The exam was carried out by Big Four bookkeeping firm Deloitte.

Meeting high security standards

Passing an SOC one review means that Gemini'south fiscal operations and customer reporting controls comply with requirements set by the American Institute of Certified Public Accountants. Basically, the examination proved that Gemini is capable of mitigating the risk of significant error, omission and information loss. Hussain noted:

"While vital to both our exchange and custody platform, the SOC 1 Type 1 is particularly important to our substitution operations, which execute a significant book of complex fiscal transactions for our customers. The SOC 1 Type one validates the design and implementation of those operations and the integrity of their corresponding reports."

In January 2022, Gemini completed an SOC two security review.

SOC standard-compliant crypto companies

Some other crypto projects have also undergone SOC evaluationz. About recently, the crypto custody arm of major United States-based cryptocurrency exchange Coinbase, Coinbase Custody, procured an SOC 1 Type 2 and a SOC two Type ii report past major bookkeeping firm Grant Thornton.

Concluding September, concern advisory company Aprio confirmed major crypto payment services provider BitPay's compliance with the SOC 2. Last April, blockchain security firm BitGo, which gained an SOC 2 Type ane certification from Deloitte in 2022, upped its procedures to conform to the Type 2 requirements of the same standard.

While an SOC 1 report provides information on the internal controls relevant to a user organization's financial reporting, SOC 2 reports provide information on "security, availability, processing integrity, confidentiality and privacy."