While a series of global incidents has severely damaged trust in cryptography, some still hope to restore that trust by undergoing processes that ensure compliance with certain business standards, such as the proper handling of customer data.
Several companies have published press releases announcing their compliance with the Service and Organization Controls (SOC) Type 2 audit, which was created to demonstrate their companies’ prowess in security and data handling.
To find out more about what this type of security audit means for the industry, Cointelegraph reached out to Eric Lister, director of service delivery at audit firm A-LIGN.
In a statement, Lister highlighted some of the elements A-LIGN looks for during this audit, what this means for the crypto space, and how this helps crypto companies do better. According to Lister: “At a very basic level, we are looking for the policies and procedures that define the business routines that guide the operation of the company.”
In addition, auditors look for documents that spell out the controls that ensure the procedures are working effectively, as well as the protection of the company’s system and corresponding data. He said:
Crypto has been challenged with news of exchange control issues over the past 12 months. SOC 2 audits allow crypto companies to demonstrate trust and transparency with customers, particularly when it comes to protecting customer data and assets.”
Lister noted that a successful SOC 2 audit will demonstrate the security of the data and the system. Moreover, the executive said that it will also certify the security of clients’ funds which is the top concern of clients and government agencies.
Related: BitGo completes SOC 2 compliance certification a year after receiving a Deloitte award
While auditing provides assurance, Lister made it clear that it does not improve business systems. “SOC certification does not improve business systems, but it provides relief to users and interested parties that controls are in place and operating effectively,” he explained.
Several notable crypto companies have already passed this vetting process. On July 6, crypto lending company Nexo said it had strengthened the security of its data by going through this process. According to Nexo, this event is a new milestone that enhances user security within their platform.
️ Nexo is now SOC 2 Type 2 compliant, as audited by aligncompliance.
An independent audit certifies that our operations comply with the most stringent data protection and privacy standards worldwide.
Strengthening our commitment to your peace of mind.https://t.co/HC82oXFSNB
– Nexus July 6, 2023
In 2022, crypto exchange crypto.com too announce It passed an SOC 2 type 2 audit. At the time, the company highlighted that passing the audit proves its commitment to meeting highly regulated standards.
Collect this article as an NFT To preserve this moment in history and show your support for independent crypto journalism.
magazine: Tornado Cash 2.0: The race to build safe and legal cryptocurrency mixers