Achieving SOC 2 Type 2 Certification: Setting a New Standard for the Digital Asset Industry

In an ecosystem brimming with promise yet marred by security lapses and operational inefficiencies, trustworthiness is the currency of survival. Today, I'm excited to announce a pivotal achievement: OSL has received an unqualified SOC 2 Type 2 certification, covering not only our custody operations but also our exchange services, more to come.

What is SOC 2 and Why It's So Important

In case you’re wondering, SOC 2 stands for “System and Organisation Controls 2” and is a framework that defines a set of rules and standards an organisation must follow to ensure that the information it holds is safe and secure. It is an assurance report that is vitally important because it enables our customers and partners to trust us to keep their information private and protected. Our banks, institutional, and audited customers often require assurance reports like SOC 2 to complete their due diligence or fulfil their audit requirements.

The Longstanding Commitment to SOC 2 at OSL

We received the SOC 2 Type 1 report last year, and now, our 145-page SOC 2 Type 2 report takes it a step further, providing assurance to our customers that these controls are not just on paper but are operating effectively over a period of time.

Why SOC 2 Type 2 Certification Matters, Multiplied

The SOC 2 Type 2 Certification validates that a company is taking all necessary measures to protect client data through stringent independent third-party audits. While several digital asset platforms have achieved SOC 2 Type 2 accreditation, their reports typically cover only their custody operations. In contrast, OSL's certification encompasses the full breadth of our services — from custody to exchange, and soon, SaaS.

This broader scope of certification offers our clients unparalleled assurance: it signifies that the interactions they have with OSL’s custody or exchange services — are managed under the highest standards of controls, security and operational efficiency.

Learning from the Past, Building for the Future

The digital asset industry's history is pockmarked with instances of compromised security, loss of client assets, and eroded market confidence. We've learned from these hard lessons that others have faced. As a result, OSL has not only prioritized regulatory compliance—as evidenced by our recent SFC license uplift—but also operational excellence and security through a SOC 2 Type 2 Certification.

More Than an OSL Milestone, An Industry Benchmark

While this certification is a crowning achievement for OSL, its ramifications go beyond our platform. It serves as a concrete example that the digital asset industry can operate under the same stringent operational and security standards that govern traditional financial institutions. We're not just making history; we're making a safer, more transparent future for the industry at large.

What Lies Ahead: Expanding the Horizon

Following our SFC license uplift and this comprehensive SOC 2 Type 2 Certification, OSL is poised to lead the digital asset industry into a future where safety, transparency, and operational excellence are not just desirable traits but expected norms.

We're laying down the groundwork for what promises to be a transformative period in the digital assets industry. Our commitment to you remains firm: as the landscape evolves, so will we, steadfast in our pursuit of excellence, compliance, and above all, the secure and transparent management of your digital assets.

Thank you for entrusting us with your business and your belief in a more secure and reliable future for digital assets.


Eugene Tan, Head of Operations, OSL