Gemini Crypto Exchange Undergoes Security Compliance and Data Protection Audit
Gemini crypto exchange, founded by brothers Cameron and Tyler Winklevoss, completed a SOC 2 Type 1 security compliance review, according to a post made on their Medium blog on Jan 29.
An organization that undergoes a Service Organizational Control (SOC) 2 audit aims to ensure that it has met the service criteria set by the American Institute of Certified Public Accountants (AICPA). These criteria pertain to standards of confidentiality, security, privacy, processing integrity and availability.
According to the announcement, Gemini is the first in the cryptocurrency industry to undergo such an audit. The audit was conducted by ‘Big Four’ auditing firm Deloitte, which reviewed Gemini’s exchange application, infrastructure, underlying customer database, and its cryptocurrency storage systems that hold the keys of Gemini’s online and offline wallets.
Gemini also noted that, in addition to the SOC 2 Type 1 test, it would undergo an SOC Type 2 review in 2019, in order to further assure compliance and a high security standard. It added that, “This additional level of assurance will further validate the effectiveness of our internal controls.”
In October 2018, Gemini secured insurance coverage for custodied digital assets from lending services firm Aon. The digital insurance coverage complemented the already available Federal Deposit Insurance Corporation-insured U.S. dollar deposits on the exchange.
Earlier this month, Gemini started a new ad campaign calling for better regulation of the crypto space. Placards on taxis and in the New York City subway contained slogans like “crypto needs rules” while others stated that “money has a future” and touted Gemini as “crypto without chaos.” The head of marketing at Gemini, Chris Roan, told the Wall Street Journal:
“We believe that investors coming into cryptocurrency deserve the exact same protections as investors in more traditional markets, adhering to the same standards, practices, regulations and compliance protocols.”