OSL achieves SOC 2 Type 2 certification for second consecutive year and changes release cycle to annual

shapanqqcceqd · Post by **shapanqqcceqd** » Sun Jan 19, 2025 6:13 am

Change the release cycle of SOC 2 Type 2 reports to once a year to provide a more comprehensive and comprehensive review of data security controls and operational effectiveness.

The report examines OSL's hosting, automated trading services (ATS) and software as a service (SaaS) operations.
HONG KONG OSL, a licensed digital asset trading platform owned by OSL Group (863.HK) , today announced that it has successfully completed its SOC 2 Type 2 report for the second consecutive year, covering the company's custody, Business areas such as Automated Trading Services (ATS) and Software as a Service (SaaS).

In accordance with industry best practices, OSL has extended the observation period for SOC 2 Type 2 reports to 12 months to more comprehensively and strategically assess the management controls and effectiveness of data security, highlighting OSL’s commitment to transparency and compliance. A firm commitment to privacy and data security protection.

OSL's SOC 2 Type 2 certification was audited by the purchase stock holder user data famous Big Four accounting firms, proving that its hosting, ATS and SaaS solutions have high standards of security, availability and confidentiality. This certification is an important assurance for clients who require third-party verification to complete due diligence and compliance requirements.

Cui Song, CEO of OSL, said: "Protecting and maintaining data security is crucial to the digital asset industry. We have been sparing no effort and investing a lot of resources in promoting operational excellence and regulatory compliance, and maintaining SOC 2 Type 2 certification will is a key part of this. Our ultimate goal is to continue to lead and improve the security and compliance standards of the digital asset industry.”

SOC 2 is the abbreviation of "System and Organizational Controls 2". It sets out a series of information security management and protection rules and standard frameworks that organizations must follow. It is an authoritative verification report that is particularly important for institutional clients such as banks and auditing companies.