XREX Becomes Taiwan’s First ISO/IEC 27001:2022 Certified Crypto Exchange

TAIPEI, May 26, 2023 /PRNewswire/ -- XREX has once again been first! The crypto-fiat exchange's information security management systems have been recognized, making XREX  the first Taiwan business to be ISO/IEC 27001:2022 certified with the British Standards Institution's (BSI) audit.

USD-Crypto exchange XREX becomes Taiwan’s first ISO/IEC 27001:2022 certified business audited by the British Standards Institution
USD-Crypto exchange XREX becomes Taiwan’s first ISO/IEC 27001:2022 certified business audited by the British Standards Institution

Last August, XREX obtained the previous version of ISO/IEC 27001:2013 certification. Its security team completed the latest version of ISO/IEC 27001:2022 within four months, surpassing banks, other Virtual Asset Service Providers, and businesses in various sectors in Taiwan. XREX is the first of its kind to receive such certification in Taiwan.

This achievement signifies that XREX is compliant and continues to uphold the highest global standards for cybersecurity. This milestone not only highlights XREX's security governance capabilities but also provides users with an added layer of trust and confidence.

 "Ensuring uninterrupted services is the core objective for the XREX exchange," XREX's Chief Information Security Officer and General Manager Sun Huang said. Sun Huang led the team to complete the ISO certification project,  "We have proactively implemented the new version of the system, significantly strengthening the design of our business continuity plan. Audited by BSI, an independent third-party organization, we became the pioneer to obtain ISO/IEC 27001:2022 certification. This guarantees the sustainability of our services and the stability of products offered by XREX. I am proud of the XREX security team!"

The latest version ISO/IEC 27001:2022 was issued on October 25, 2022 jointly by ISO and the International Electrotechnical Commission (IEC). Notably, this update comes after a gap of nine years since the previous revision, emphasizing the evolving nature of information security practices. Once again,the standard of international information security management systems for corporations is defined.

The latest version of ISO/IEC 27001:2023 has undergone significant changes, reducing the original 114 control measures to 82, while adding 11 additional measures to address current technological advancements. In total, there are now 93 integrated control measures.

Last year, XREX achieved the certification with zero faults across all 114 criteria in its application process;  and in the latest certification process, XREX once again achieved zero nonconformities, setting an outstanding record.

"An important aspect of this new version is system configuration management," said Helen Lai, XREX's information security engineer. "XREX's security team directly incorporated the 'GCB Government Configuration Baseline' from the NICS (National Institute of Cyber Security), which represents the highest standard for cybersecurity management mandated for the Taiwanese government. This demonstrates XREX's commitment to maintaining the most stringent standards as a crypto-fiat exchange."

XREX has always adhered to rigorous internal controls, especially when it comes to protecting user information and wallets, in addition to adopting external audits. In this latest certification, XREX has implemented several new control measures to enhance  masking  sensitive data. Only employees with relevant responsibilities are able to access certain information;  through data masking, further improvements were made to strengthen cybersecurity defenses and protect user privacy.

Being ISO/IEC 27001:2022 certificated empowers XREX to move forward with greater confidence in terms of security and compliance.

Currently, XREX operates under multi-licenses and registrations, including in the United States, Canada, and Lithuania. XREX has also completed the Anti-Money Laundering (AML) declaration with Taiwan's Financial Supervisory Commission in Taiwan and is in the process of applying for a Major Payment Institution license in Singapore.

Through close communication with regulatory authorities worldwide and collaborations with international banking partners, the XREX exchange is able to facilitate USD deposits and withdrawals in over 120 countries, bridging the gap between traditional finance and blockchain finance.

About XREX

XREX is a blockchain-enabled financial institution working with banks, regulators, and users to redefine banking together. We provide enterprise-grade banking services to small to medium-sized businesses (SMBs) in or dealing with emerging markets, and novice-friendly financial services to individuals worldwide.

Founded in 2018 and operating globally under multiple licenses, XREX offers a full suite of services such as digital asset custody, wallet, cross-border payment, fiat-crypto conversion, cryptocurrency exchange, asset management, and fiat currency on-off ramps.

Sharing the social responsibility of financial inclusion, XREX leverages blockchain technologies to further financial participation, access, and education.