Secure and regulated: Bitpanda attains SOC 2 Type 1 report

Security is everything 

At Bitpanda, the security and protection of our customers’ data and assets is our highest priority. We believe that to be a safe and rigorously regulated company, our systems must equal or exceed industry standards and be validated by achieving the highest levels of compliance. While the process is demanding, the assurance it provides to our customers and partners is invaluable.

We continuously strive to build and operate a best-in-class information security management system (ISMS). This ISMS governs and aligns the numerous advanced security controls and processes we apply to protect our customers’ data and assets, including completing industry-leading security examinations, such as SOC2.

What is SOC 2?

SOC 2 is a security and compliance framework developed by the American Institute of CPAs (AICPA). It is designed to help organisations assess and report on the effectiveness of their security controls carried out by an independent third-party auditor. The SOC 2 Type 1 report provides a snapshot of our security controls at a specific point in time.

What does it mean that Bitpanda is SOC 2 compliant?

SOC 2 Type 1 report demonstrates full compliance with the selected Trust Services Criteria (TSC) related to Security, Confidentiality, Availability and Privacy. This enforces our commitment to the security and protection of our customers’ data and assets. Which is why we’re proud to share that our security controls have been independently verified to meet the high standards set by the AICPA.

Benefits of SOC 2 compliance for Bitpanda

There are a number of benefits gained from being SOC 2 compliant, including:

• Increased trust and confidence
  Understandably, many customers are hesitant to do business with organisations that do not have a strong security posture. By further demonstrating our commitment to security and compliance, we aim to increase the trust and confidence of our customers.
  
  
• Enhancing security and prevention of other security incidents
  Through the application and maintenance of advanced security measures, we substantially mitigate the potential for security incidents. This safeguards both our reputation and our financial stability.
  
  
• Improved operational efficiency
  Securing SOC 2 compliance helps in the thorough assessment and enhancement of our security measures. This not only improves operational efficiency but also pinpoints potential risks and vulnerabilities.

What’s next?

The next stage is to secure our SOC 2 Type 2 compliance. Type 1 was the first step to independently verify the establishment of robust controls. SOC 2 Type 2 is an additional examination by independent auditors to affirm that we’re consistently upholding  these controls over time. We move forward in this process with confidence, and anticipate a positive affirmation of our commitment to security and compliance.

Investing on a highly regulated platform 

The safety of you and your assets has been and always will be our top priority. The Bitpanda Group diligently follows European law and regulation. Bitpanda GmbH is a registered virtual asset service provider (VASP) with the Austrian, French, Spanish, Italian, Czech, Swedish and Norwegian competent authorities and in 2022, we became the first European retail investment platform to receive a full licence from the German regulator BaFin for custody and proprietary trading of crypto assets. 

Bitpanda Payments GmbH is an E-Money Institute and holds a payment service provider licence under PSD2. Bitpanda Financial Services GmbH holds a MiFID II investment firm licence. It is essential to our operational integrity that the Bitpanda Group is fully compliant with AMLD5 and other applicable EU regulations. Beyond this, Bitpanda Group diligently adheres to EU’s General Data Protection Regulation (GDPR), upholding stringent security measures that satisfy international security standards. 

Disclaimer

This article is for general information purposes only and does not constitute investment advice, nor is it an offer or invitation to purchase any digital assets.

Furthermore no representation or warranty, either expressed or implied, is made as to, and no reliance should be placed on the fairness, accuracy, completeness or correctness of this article or opinions contained herein.

Investing carries risks. Make sure to conduct your own research before making any investment.