Gemini Completes SOC 2 Review — A World’s First For a Cryptocurrency Exchange and Custodian
In 2018, Gemini engaged with Big Four auditor Deloitte & Touche LLP (Deloitte) to execute a SOC 2® — SOC for Service Organizations Type 1 examination. After months of preparation and an in-depth external review, we are pleased to announce that Gemini has successfully completed its SOC 2 Type 1 examination. This makes Gemini the world’s first cryptocurrency exchange and custodian to demonstrate this level of security compliance in protecting customer data and funds.
Providing you with a safe and secure platform to buy, sell, and store your cryptocurrency is paramount to our mission to build the future of money. In the traditional financial and technology industries, SOC 2 reviews have become an industry standard for demonstrating security compliance. Our SOC 2 review — coupled with our digital asset insurance — is another step we’ve taken towards raising the bar for consumer protection, safeguards, and industry best practices.
Gemini’s exchange and custody platform was built with a “security-first” mentality from the start. Continuing that approach, Deloitte performed an independent evaluation of the design and implementation of Gemini’s security controls. These controls have been independently inspected to meet the trust services criteria set by the American Institute of Certified Public Accountants (AICPA). This included a review of Gemini’s exchange application, infrastructure, and underlying customer database, as well as its institutional-grade cryptocurrency storage system that custodies the private keys of Gemini’s online and offline wallets.
We feel strongly that this standard of compliance is what all retail and institutional consumers should expect of their cryptocurrency exchange and custodian. We know what’s at stake when you trade and store crypto. That is why, in addition to our SOC 2 Type 1 review, we are also committed to obtaining our SOC 2 Type 2 review in 2019. This additional level of assurance will further validate the effectiveness of our internal controls.
Going forward, we will perform a SOC 2 examination on an annual basis in order to demonstrate our ongoing commitment to safeguarding your data and cryptocurrency.
For questions, please reach out to firstname.lastname@example.org.
Onward and Upward,
Yusuf Hussain, Head of Risk