Crypto Exchange Gemini Passes Security Compliance Audit
Announcing the news on Tuesday, Cameron and Tyler Winklevoss-founded Gemini claimed to be the first crypto firm to have successfully completed the System and Organization Controls (SOC) 2 Type 1 examination.
“SOC 2 examinations are specifically designed to address controls at a service organization relevant to the systems at the service organization used to process users’ data,” according to the American Institute of Certified Public Accountants (AICPA).
Gemini said Deloitte independently inspected and evaluated the design and implementation of its security controls to ensure it meets the trust services criteria set by the AICPA, which includes “security, availability, processing integrity, confidentiality or privacy” of the controls.
“This included a review of Gemini’s exchange application, infrastructure, and underlying customer database, as well as its institutional-grade cryptocurrency storage system that custodies the private keys of Gemini’s online and offline wallets,” the firm added.
Gemini said it is also committed to clearing the SOC 2 Type 2 examination this year to “further validate the effectiveness of our internal controls,” and will take SOC 2 exams on an annual basis.
The difference between Type 1 and Type 2 examinations is that the former requires a report of a service organization’s internal controls at a specific point in time, while the latter requires it over a period of time.
Last month, Gemini also published an attestation report from auditing firm BPM to validate that it held fiat currency to back its stablecoin, the Gemini Dollar (GUSD). The firm had about $91 million fiat reserves to back GUSD circulation as of Dec. 31, 2018.