Nexo has demonstrated its strong commitment to data security by renewing its SOC 2 Type 2 audit and achieving a new SOC 3 Type 2 assessment with no exceptions. The company expanded the audit’s scope to include additional Trust Service Criteria, focusing on Confidentiality. These achievements underscore Nexo’s dedication to protecting sensitive user information, making data protection a core aspect of its mission.
The audits were conducted by A-LIGN, an independent auditor with 20 years of experience in security compliance. The SOC 2 and SOC 3 reports confirmed Nexo’s flawless compliance with the stringent Trust Service Criteria of Security and Confidentiality. This was a continuation of the company’s efforts from the previous year, demonstrating its ongoing commitment to safeguarding customer data.
SOC 2, a standard set by the American Institute of Certified Public Accountants (AICPA), evaluates an organization’s internal controls for security and privacy. For a detailed understanding of SOC 2 and SOC 3’s implications for client data security, Nexo has provided information on its blog.
Milan Velev, Chief Information Security Officer at Nexo, expressed pride in the company’s achievements: “Completing the gold standard in client data protection for the second consecutive year brings me great pride and a profound sense of responsibility. It is crucial for Nexo customers to have compliance peace of mind, knowing that we diligently adhere to security regulations and remain committed to annual SOC audits. These assessments provide further confidence that Nexo is their partner in the digital assets sector.”
Nexo’s commitment to operational integrity is further evidenced by its adherence to the CCSS Level 3 Cryptocurrency Security Standard for asset storage, along with ISO 27001, ISO 27017, and ISO 27018 certifications, granted by RINA, and the CSA Security, Trust & Assurance Registry (STAR) Level 1 Certification.
