Finder makes money from featured partners, but editorial opinions are our own.

CoinSpot is Australia’s first ISO27001 certified cryptocurrency exchange


Picture not described

How do you gauge exchange security standards without being an expert?

CoinSpot is Australia's first ISO27001 certified cryptocurrency exchange.

We now present some context.


ISO27001 is the international standard for information security management. It lays out a series of best practices for managing and securing information assets.

Naturally, it's especially applicable to cryptocurrency exchanges where cryptocurrency itself is an information asset that needs to be secured.

But as of 2018, there were only an estimated 264 ISO267001 certificates in Australia. And today there is only one Australian exchange certified to that level – that's CoinSpot.

While you can follow ISO27001 standards without being certified, getting certified is how a company confirms that it is following those best practices, as verified by an accredited standards auditor.

This isn't just for the sake of impressing customers. The certification is a legitimately practical exercise for a company that wants to prove to itself that it's following information security best practices.

Gemini got ISO27001 certified in 2013 because it's frankly a bit of a show-off when it comes to anything security or compliance related.

But most exchanges wait until something bad happens before they get certified. Binance only got ISO27001 certified in September 2019, in the wake of a $40 million hack, and a couple of years ago South Korean exchanges Korbit and GoPax obtained the certification after a series of exchange hacks.

Bithumb, one of South Korea's largest exchanges at the time, didn't get certified. And guess what happened (twice) next?

After being hacked multiple times, Bithumb decided to go for the certification.

Meanwhile in Australia

CoinSpot is unique as the only Australian cryptocurrency exchange to get certified, but it's also quite unusual internationally in that it's getting certified even though as far as anyone knows it's never been hacked.

For the end user, that certification could be a good way of separating the certifiably high-security exchanges from potential pretenders, without being a cybersecurity expert.

As we've seen from incidents like Cryptopia, QuadrigaCX and many more, all exchanges will claim to be completely secure even if they're not. You can't take exchange security claims at face value, but you can trust legitimate ISO27001 certificates.

If South Korea's certification race is any indication, Australian exchanges might start moving to keep up with the new benchmark.

But until then, it looks like CoinSpot might certifiably be Australia's most secure cryptocurrency exchange.

Also watch

Disclosure: The author holds BNB, BTC at the time of writing.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Get started with crypto

Ask an Expert

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and 6. Finder Group Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Go to site