Gemini Completes High-Level Security Evaluation

Cryptocurrency exchange and custodian Gemini has completed a new evaluation of its security system controls, the company said in a blog post on 23 January.

According to the announcement, the exchange completed an independent SOC 2 Type 2 evaluation, conducted by auditing giant Deloitte, only a year after it finished a SOC 2 Type 1 inspection. The company has also said that it will start completing a SOC 2 Type 2 examination on an annual basis from now on.

The Head of Risk at Gemini, Yusuf Hussain, said in a statement:

“We believe this kind of assurance, in addition to other safeguards we have implemented, such as digital asset insurance for our hot wallet and Gemini Custody™ helps protect our customers data and cryptocurrency and further our mission to empower the individual through crypto.”

The difference between the two examinations is that while Type 1 focuses on the company’s design and system control implementation “at a point in time”, Type 2 evaluates whether the system controls have been operating effectively “over a period of time”.

According to a white paper from the American Institute of Certified Public Accountants (AICPA), the SOC examinations are meant to demonstrate the design and effectiveness of cybersecurity risk management programs. These cybersecurity risk management examination, or simply SOC for Cybersecurity, were first introduced in April 2017.

With the completion of the SOC 2 Type 2 examination, Gemini can now say that it is the “world’s first crypto exchange and custodian to demonstrate the highest level of security compliance in the industry”.

Last week, Gemini launched its own insurance company to cover up to $200 million for Gemini Custody, reportedly the highest amount for any crypto custody service. Called Nakamoto, Ltd., the firm is a captive insurance company licensed by the Bermuda Monetary Authority (BMA).