Home · Security

Engineered to be trusted — and to prove it.

Security is designed in, not bolted on. From custody architecture to regulatory alignment, every layer is built to institutional standards and independently reviewed.

View the audit report
Defence in depth

Custody, identity and controls — layered so no single point can fail.

Institutional custody

MPC / HSM key management to FIPS 140-2 Level 3, segregated off-exchange ledgers and multi-signature withdrawal controls.

4-tier identity & AML

Risk-based KYC/KYT with sanctions and Travel-Rule screening, applied where it matters most.

Hardened authentication

PBKDF2 · AAL2 credentials with two-factor and step-up verification on sensitive actions.

Off-exchange ledger

Client balances are segregated and reconciled continuously, independent of trading venues.

Action confirmations

2FA, password, email and withdrawal changes require confirmation before they take effect.

Independent audit

BDO assessment — 89/100, qualified-positive, with no critical or high-severity findings.

Compliance

Aligned with global standards.

  • MiCA & DORABuilt toward EU markets-in-crypto-assets and operational-resilience frameworks.
  • GDPR / KVKKPrivacy-by-design data handling with strict retention controls.
  • AML / Travel RuleContinuous transaction monitoring and counterparty screening.
89/100
BDO audit
99.97%
Settlement reliability
L3
FIPS 140-2
24/7
Monitoring
SourceX is a technology provider, not a financial institution. Capital is at risk.
Independently audited

Read the full assessment.

The independent BDO report covers security, compliance and operations in detail.

View audit report Compliance overview