Nexo Cements User Data Security with SOC 3 Assessment and SOC 2 Audit Renewal

Nexo has renewed its SOC 2 Type 2 audit and completed a new SOC 3 Type 2 assessment, both with no exceptions. Demonstrating its dedication to data security, Nexo expanded the audit scope to include additional Trust Service Criteria, specifically Confidentiality.

—

Nexo is a digital assets institution, offering advanced trading solutions, liquidity aggregation, and tax-efficient asset-backed credit lines. Since its inception, Nexo has processed over $130 billion for more than 7 million users across 200+ jurisdictions.

The SOC 2 Type 2 audit and SOC 3 report were conducted by A-LIGN, an independent auditor with two decades of experience in security compliance. The audit confirmed Nexo's adherence to the stringent Trust Service Criteria of Security and Confidentiality, with flawless compliance noted.

This marks the second consecutive year Nexo has passed the SOC 2 Type 2 audit. These audits, set by the American Institute of Certified Public Accountants (AICPA), assess an organization’s internal controls for security and privacy. For a deeper dive into what SOC 2 and SOC 3 mean for client data security, check out Nexo's blog.
"Completing the gold standard in client data protection for the second consecutive year brings me great pride and a profound sense of responsibility. It is crucial for Nexo customers to have compliance peace of mind, knowing that we diligently adhere to security regulations and remain committed to annual SOC audits. These assessments provide further confidence that Nexo is their partner in the digital assets sector.”

Milan Velev, Chief Information Security Officer at Nexo
Ensuring Top-Tier Protection for Sensitive Information

Nexo’s commitment to operational integrity is further evidenced by its substantial track record in security and compliance. The platform boasts the CCSS Level 3 Cryptocurrency Security Standard, a rigorous benchmark for asset storage. Additionally, Nexo holds the renowned ISO 27001, ISO 27017 and ISO 27018 certifications, granted by RINA.

These certifications cover a range of security management practices, cloud-specific controls, and the protection of personally identifiable information in the cloud. Furthermore, Nexo is certified with the CSA Security, Trust & Assurance Registry (STAR) Level 1 Certification, which provides an additional layer of assurance regarding the security and privacy of its services.

For more information, visit nexo.com.