Derivatives risk analytics company OpenGamma has received a Service Organisation Controls (SOC) 2 Type 1 Certificate.
Ernst & Young (EY) certified the RegTech following a period of extensive auditing, exploring its security capabilities and its commitment to protecting customer data.
SOC 2 was implemented by the American Institute of Certified Accountants (AICPA) and is focused on the security of hosted service providers. As per the regulation, firms must show their ability to design and implement controls, policies, procedures and practices which protect the interests of clients.
Past that, SOC 2 compliance providers must assure high levels of organisational maturity everywhere from internal processes around customer commitments through to professional development of employees.
OpenGamma will continue to host SOC 2 examinations in years to come, guaranteeing ongoing compliance and security, as well as find ways to expand on the standards.
This certificate comes just weeks after OpenGamma closed a $10m investment round led by Dawn Capital. Other backers to the round included Accel and CME Ventures, with capital planned to support the expansion of its London, New York and Singapore teams. Funds are also set aside to support the launch of new products and services.
OpenGamma CTO Jon Senior said, “This certification marks a significant step towards achieving our long-term goals. Managing customer data has always been a top priority and this independent validation demonstrates just how seriously we take handling our clients’ sensitive position files.”
The RegTech company gives banks, hedge funds, asset managers, and pension funds data analytics tools to identify opportunities, monitor risks, view margins and costs, and act upon insights. Additionally, its technology supports MiFID II compliance by enabling immediate response to investor cost requests, reporting costs over the past three years, and a cumulative impact of costs on investment returns.
Last year, software-as-a-service security platform Luminate Security received its SOC 2 certificate following a period of audits. The company gives CISOs, CIOs and CTOs the tools to manage access to their corporate assets and resources from anywhere in the world, whether its one-time or longer.
Copyright © 2018 RegTech Analyst
