TAIPEI, May 26, 2023 /THETECHMUSK=TTM/ — XREX has once again been first! The crypto-fiat exchange’s information security management systems have been recognized, making XREX the first Taiwan business to be ISO/IEC 27001:2022 certified with the British Standards Institution’s (BSI) audit.
Last August, XREX obtained the previous version of ISO/IEC 27001:2013 certification. Its security team completed the latest version of ISO/IEC 27001:2022 within four months, surpassing banks, other Virtual Asset Service Providers, and businesses in various sectors in Taiwan. XREX is the first of its kind to receive such certification in Taiwan.
This achievement signifies that XREX is compliant and continues to uphold the highest global standards for cybersecurity. This milestone not only highlights XREX’s security governance capabilities but also provides users with an added layer of trust and confidence.
“Ensuring uninterrupted services is the core objective for the XREX exchange.We have proactively implemented the new version of the system, significantly strengthening the design of our business continuity plan. Audited by BSI, an independent third-party organization, we became the pioneer to obtain ISO/IEC 27001:2022 certification. This guarantees the sustainability of our services and the stability of products offered by XREX. I am proud of the XREX security team!”Sun Huang, Chief Information Security Officer and General Manager, XREX
The latest version ISO/IEC 27001:2022 was issued on October 25, 2022 jointly by ISO and the International Electrotechnical Commission (IEC). Notably, this update comes after a gap of nine years since the previous revision, emphasizing the evolving nature of information security practices. Once again,the standard of international information security management systems for corporations is defined.
The latest version of ISO/IEC 27001:2023 has undergone significant changes, reducing the original 114 control measures to 82, while adding 11 additional measures to address current technological advancements. In total, there are now 93 integrated control measures.
Last year, XREX achieved the certification with zero faults across all 114 criteria in its application process; and in the latest certification process, XREX once again achieved zero nonconformities, setting an outstanding record.
“An important aspect of this new version is system configuration management. XREX’s security team directly incorporated the ‘GCB Government Configuration Baseline’ from the NICS (National Institute of Cyber Security), which represents the highest standard for cybersecurity management mandated for the Taiwanese government. This demonstrates XREX’s commitment to maintaining the most stringent standards as a crypto-fiat exchange.”Helen Lai, XREX’s information Security Engineer
XREX has always adhered to rigorous internal controls, especially when it comes to protecting user information and wallets, in addition to adopting external audits. In this latest certification, XREX has implemented several new control measures to enhance masking sensitive data. Only employees with relevant responsibilities are able to access certain information; through data masking, further improvements were made to strengthen cybersecurity defenses and protect user privacy.
Being ISO/IEC 27001:2022 certificated empowers XREX to move forward with greater confidence in terms of security and compliance.
Currently, XREX operates under multi-licenses and registrations, including in the United States, Canada, and Lithuania. XREX has also completed the Anti-Money Laundering (AML) declaration with Taiwan’s Financial Supervisory Commission in Taiwan and is in the process of applying for a Major Payment Institution license in Singapore.
Through close communication with regulatory authorities worldwide and collaborations with international banking partners, the XREX exchange is able to facilitate USD deposits and withdrawals in over 120 countries, bridging the gap between traditional finance and blockchain finance.