In today’s digital age, trust is a necessity. At FundsDLT, we're committed to delivering cutting-edge solutions while upholding the highest standards of data protection, privacy, and system integrity. This unwavering commitment is reflected in our in our achieving a SOC 2 Type II attestation.
As the fund distribution landscape continues to evolve, the significance of security and compliance cannot be overstated. This commitment has led us at FundsDLT to consistently strive for robust security standards and operational transparency. After successfully obtaining SOC 2 type I attestation, we took a step further and underwent a successful SOC 2 Type II assessment audit (6-month period of 140 controls) underscoring our dedication to maintaining the highest standards.
Understanding SOC 2 assessments
SOC 2 assessments come in two types. The first, known as SOC 2 Type I, offers a snapshot of an organisation's controls at a specific point in time. It determines the presence of appropriate controls but doesn't assess their ongoing effectiveness.
In contrast, SOC 2 Type II delves deeper. Spanning a defined period, usually 12 months, it subjects control design and effectiveness to rigorous testing. The objective? To validate the robustness of internal controls in crucial areas.
Earning this attestation is a formidable achievement, as it involves exhaustive assessments performed by external auditors asserting that not only are controls in place, but they also function as intended, day in, day out. The SOC 2 Type II assessment encompasses crucial aspects such as security, availability, confidentiality, privacy, and processing integrity.
Our journey
Our SOC 2 Type II audit ran from October 1, 2022 to March 31, 2023. The positive outcome of this assessment stands as a testament to our commitment to safeguarding customer, stakeholder and company data. The magnitude of this achievement cannot be overstated, specifically for a fintech firm offering SaaS solutions for a variety of clients.
"The Board of Directors and management of FundsDLT are committed to having a strong control environment throughout the organisation."
Why does this matter for our clients?
In securing both SOC 2 Type I and Type II attestations, FundsDLT sends a clear message: we don't just talk about security and compliance, we embody it.
Prospective and current clients can confidently engage with us, knowing their data is in capable hands, secure in the knowledge is safe and that we have not only met but exceeded industry standards for system controls.
Our comprehensive approach: Using SOC 2 Type II as a framework
The controls we adhere to originate from various sources, including regulatory requirements (such as CSSF and EU regulations), legal requirements (like GDPR), international standards (such as NIST, CIS, ISO) and internal control frameworks designed to mitigate operational risks.
We use the SOC 2 type II assessment as a well-defined framework encompassing approximately 140 controls, which is much more than what is typically done and shows our commitment to maintaining numerous strict controls.
This framework aids us in consolidating our controls, derived from various stakeholder, legal, and voluntary requirements and standards, providing a checklist for assessing their adequacy and compliance.
This approach ensures comprehensive coverage of our internal controls, fostering transparency and alignment with diverse regulatory and industry demands.
Want to read our SOC 2 report in full?
Join us in this journey of excellence and security. Contact FundsDLT to receive the report.
Reach out to us if you have any questions about our security measures and controls.
In conclusion
Our SOC 2 type II attestation is more than just badge of honour; it is proof of our dedication to excellence. At FundsDLT, the security, confidentiality and privacy of your data are paramount. We continue to fortify our systems and processes, ensuring that we remain at the forefront of technology, compliance, and trustworthiness.