Casa Blog - Bitcoin Security Made Easy
Security custody

Announcing SOC 2 Type I Certification

by Jameson Lopp 2 min read

At Casa, the safety of our clients is top priority. That's why we're proud to announce that we've achieved SOC 2 Type I certification - this is a significant milestone that reflects our unwavering commitment to the security, integrity, and availability of our self custody service.

This certification isn't just about compliance - it's about demonstrating that we've built our infrastructure from the ground up to protect our clients' data and assets with the highest standards in the industry.

What is SOC 2 Type I and Why Should You Care?

System and Organization Controls 2 (SOC 2) is a widely respected auditing framework developed by the American Institute of Certified Public Accountants (AICPA). It sets standards for how service providers should manage customer data, with specific focus on five trust principles: security, availability, processing integrity, confidentiality, and privacy.

A SOC 2 Type I report is compiled by an independent third party auditor (in our case, Prescient Assurance) and evaluates whether the design of our systems and controls meets those standards as of a specific point in time. In the context of Casa's systems, this means:

  • Controls are in place to prevent unauthorized access to sensitive infrastructure.
  • Operational policies and procedures are documented, tested, and enforced.
  • Safeguards are in place to protect both customer data and wallets from threats.

Why This Matters to Our Clients

Although Casa is architected with trust minimization in mind, users of our platform benefit from additional transparency and assurance. Our SOC 2 Type I certification is more than a badge, it's an independent verification that:

  • Your account data is stored securely using institutional-grade, audited controls.
  • Our platform was built with risk management in mind, including rigorous protections against both cyber and physical threats.
  • We are serious about operational integrity, business continuity, and access control across our entire organization.
  • In an industry where blind trust is dangerous, we believe in proving our trustworthiness with processes that are measurable, repeatable, and verified by professional auditors.

What's Next: SOC 2 Type II and Beyond

SOC 2 Type I is just the beginning. We're actively working toward SOC 2 Type II, which will assess how effectively our controls operate over time. In parallel, we're expanding our compliance roadmap to include additional certifications relevant to financial institutions, digital asset managers, and enterprise clients.

As expectations evolve in the custody space, so will we. Because safety isn't just a feature, it's our fundamental responsibility.

If you have any questions about our monitored controls, subprocessors, or audit status, please visit our Compliance Center for further details.

Read more posts by this author

Jameson Lopp

Jameson Lopp is co-founder and Chief Security Officer of Casa. He is passionate about creating tools to empower individuals; he has been building bitcoin wallets since 2015.

The link has been copied!