Explore key terms and concepts in crypto auditing and compliance
Anti-Money Laundering Regulation
EU regulation to prevent money laundering
Basel III / BCBS 239
Financial regulations for risk data aggregation and reporting.
Control Objectives for Information and Related Technologies
Framework for IT governance and management.
Committee of Sponsoring Organizations
Internal control frameworks
Digital Operational Resilience Act
EU framework for digital operational resilience
European Market Infrastructure Regulation
EU regulation for OTC derivatives
Gnosis Safe & Treasury Controls
Controls for managing assets with multisignature wallets.
Internal Control System
Framework for risk management, compliance, and asset protection.
ISAE 3402 / SOC 1
Audit standard for outsourced service providers.
International Organization for Standardization 27001
Information security management
IT General Controls
Foundational controls over the IT environment.
Key Management Controls
Controls for secure handling of crypto private keys.
Markets in Crypto-Assets
EU regulatory framework for crypto-assets
Markets in Financial Instruments Directive
EU directive for financial markets
NIST Cybersecurity Framework
Internationally recognized model for improving cybersecurity.
NIS2 Directive (EU)
EU regulation strengthening cybersecurity for critical infrastructure.
Swiss CO Art. 728a – ICS Obligation
Statutory requirement for ICS existence check in Switzerland.
Swiss Audit Standard PS 890 – ICS Review
Standard for auditing the existence of an Internal Control System in Switzerland.
Payment Services Directive 2
EU directive for payment services
Payment Services Directive 3
Proposed update to EU payment services regulation
Swiss Auditing Standard 890
Swiss internal control system audits
Smart Contract Audits
Security review of blockchain contract code.
Sarbanes-Oxley Act
Financial reporting & IT compliance
Swiss Data Protection Act (revDSG)
Swiss law requiring protection of personal data.
Transfer of Funds Regulation
EU regulation on crypto-asset transfers
Token Treasury Management
Control processes for managing organizational token holdings.