SINGAPORE, 3 July 2023 - Amber Group, a leading provider of digital wealth management and crypto-native liquidity solutions, announced that it has obtained multiple certifications for information security and privacy protection, including ISO 27001, ISO 27701, and ISO 29151, as well as conforming to NIST Privacy Framework. These globally recognized certifications, coupled with their achievement of SOC 2 Type II compliance and NIST Cyber Security Framework last year, attest to Amber Group’s exceptional capability in information security and demonstrate their unwavering commitment to upholding the highest standard of security and compliance.
ISO 27001, ISO 27701, and ISO 29151 are internationally recognized gold standards developed by ISO and IEC that outline best practices for information security and privacy management. ISO 27001 provides best practice advice and guidance on implementing, maintaining, and continually improving an information security management system (ISMS) to mitigate security risks and protect information assets. It is complemented by ISO 27701, which extends the standard into a privacy information management system (PIMS), providing guidelines on protecting personal data and ensuring compliance with data protection regulations. Additionally, ISO 29151 is the universal standard on personal identifiable information (PII) protection, specifying security control measures and risk handling guidelines.
To qualify for the ISO certifications, Amber Group underwent a thorough independent audit of its security controls conducted by DNV GL, the accredited international certification body. The audit validates the effective operationalization of security controls that have been designed and implemented in compliance with the required standards for ongoing information security management. Amber Group has not only adopted the data security framework in actual management but also implemented the most efficient and relevant technologies to ensure data security across all critical operation touchpoints, including data classification, PII encryption, and protection, separation of duties and responsibilities, and endpoint security management.
Furthermore, Amber Group has voluntarily sought to test the strength of its privacy program through an independent assessment, guided by the US Department of Commerce’s National Institute of Standards and Technology (NIST) Privacy Framework. The company achieved the top-tier NIST Privacy Framework, a testament to its strong ability to address privacy risks and demonstrates its aptitude and maturity in privacy protection.
Thomas Zhu, Chief Technology Officer and Co-founder of Amber Group, said: "Our SOC 2 Type II compliance achievement last year was a significant milestone, and we are thrilled to continue this momentum by adding ISO 27001, ISO 27701, and ISO 29151 certifications to our list of achievements. These certifications reflect our unwavering dedication to embedding security and customer protection throughout our operations. We believe that trust is an essential element in the digital asset industry, and we will continue to prioritize security and customer protection as we grow and evolve."
About Amber Group
Amber Group is a leading crypto finance services provider, specializing in digital wealth management and crypto-native liquidity solutions. The firm offers a comprehensive range of digital asset services, spanning liquidity provisioning, trading, financing, and investing. It is backed by prominent investors including Fenbushi, Sequoia, Paradigm, Tiger Global, Dragonfly, Pantera, Coinbase Ventures, and Blockchain.com.