Gemini announced Thursday it completed an independent SOC 2 Type 2 examination conducted by consulting firm Deloitte, a year after it completed an SOC 2 Type 1 examination. Where the previous examination evaluated Gemini’s design and system control implementation, the Type 2 exam looks at operations across a period of time.
“We believe this kind of assurance, in addition to other safeguards we have implemented, such as digital asset insurance, helps protect our customers data and cryptocurrency,” said Yusuf Hussain, head of risk at Gemini, in a statement.
The firm will be completing a SOC 2 Type 2 on an annual basis, Hussain said.
The American Institute of Certified Public Accountants (AICPA) introduced the cybersecurity risk management examinations, named SOC for Cybersecurity, in April 2017.
The examinations are designed to help organizations meet the growing challenge of communicating the design and effectiveness of cybersecurity risk management programs to interested parties, according to a white paper from the AICPA.
“Simply saying you are secure is not the same as demonstrating you are secure to an independent third party,” Hussain said. “We feel that everyone should require these standards for any cryptocurrency exchange and custodian they use.”