SOC 2, MiFID II RTS-22, and zero-trust for a crypto trading desk
Security architecture and compliance for trading firms: SOC 2 Type II audit preparation, zero-trust networking, supply chain security, credential management, insider threat controls, and MiFID II transaction reporting.
Regulated trading infrastructure requires security controls that hold up to auditor scrutiny, not just penetration tests. These eight posts cover the gap between "we are secure" and "we can prove we are secure to a regulator, a counterparty, or an institutional investor."
I passed a SOC 2 Type II audit at an ICO platform with $500M+ in client funds. Here is what auditors actually looked for - and the three findings that almost failed us.
At ZeroCopy we run BeyondCorp-style access - no VPN, device certificate verification on every connection. Here is the full architecture.
The Bybit hack was a supply-chain attack. After it, I rewrote our dependency security posture. Here is the full model: SLSA levels, Sigstore, hash pinning, and the DPRK threat.
ZeroCopy uses Infisical and AWS KMS. The secret-zero problem was the hardest design challenge. Here is the full secrets management architecture for a trading firm.
At Upside, every security control was designed assuming a compromised insider. This changes the architecture significantly - here is what that looks like in practice.
ZeroCopy runs its policy engine in a Nitro Enclave. This is the architecture that separates custodians that can prove their controls from those that only claim them.
I implemented the full MiFID II transaction reporting pipeline at Upside. One of the few engineers in crypto who has actually shipped this. Here is the complete guide.
I run this exercise for every major system I build. Here is the complete STRIDE threat model for a typical crypto trading infrastructure - the document that earns trust at any trading firm.