Digital asset custody technology provider Paribu Custody successfully completed SOC 1 Type 2 and SOC 2 Type 2 audits.
With this milestone, Paribu Custody’s multi-layer security architecture ColdShield® became Türkiye’s first crypto asset custody technology to be audited under SOC 1 and SOC 2. In addition, Paribu and its affiliates earned ISO 27001 certification granted within the scope of “Ensuring Information Security for Crypto Asset Services.”
What this means for Paribu users
Paribu safeguards and stores user assets on the platform using its proprietary technology, ColdShield®. By bringing together HSM, Secure Enclave, and MPC within a single, robust architecture, ColdShield® forms the backbone of transaction and asset security at Paribu.
ISO 27001 certification, together with the successful completion of SOC 1 Type 2 and SOC 2 Type 2 audits, shows that ColdShield®’s alignment with globally recognized information security standards has been independently validated. Put simply, Paribu’s proprietary custody technology protects and stores user assets in line with global standards. It also reinforces Paribu’s full alignment with Türkiye’s legal requirements and criteria that set out the operating principles for crypto asset service providers.
Paribu’s technology strength is independently validated through audits
SOC 1 and SOC 2 audits cover not only ColdShield®, but also Paribu technologies such as Hyper Engine, which sits at the heart of the crypto trading experience on Paribu and delivers millisecond-level matching. In other words, SOC 1 and SOC 2 assurance reports show that Paribu users execute crypto asset transactions on a platform that meets global standards, with its operational effectiveness and robustness independently verified by auditors.
What is ISO 27001?
ISO 27001 defines the requirements an Information Security Management System (ISMS) must meet and is among the most widely recognized standards for information security management. It provides guidance for organizations of all sizes and sectors on establishing, implementing, maintaining, and continually improving an ISMS.
What are SOC 1 and SOC 2?
SOC, short for System and Organization Controls, is the umbrella term for an assurance framework established by the American Institute of Certified Public Accountants (AICPA).
SOC 1 Type 2 is an audit report focused on business process and information technology controls and testing. SOC 2 Type 2 report evaluates the design and operating effectiveness of controls against the AICPA Trust Services Criteria, including Security, Availability, Processing Integrity, Confidentiality, and Privacy.
Accelerating Paribu Custody’s global journey
ColdShield®’s ISO 27001 certification and successful SOC 1 and SOC 2 audit outcomes represent a new milestone for Paribu Custody, Türkiye’s first and only digital asset custody provider powered by its proprietary technology.
ISO 27001 certification and SOC 1 Type 2 and SOC 2 Type 2 audit results strengthen Paribu’s compliance posture in Türkiye, while demonstrating that ColdShield® has the maturity to meet regulatory expectations across international markets and different regulatory environments.
