Security

Building the institutional standard for digital asset security.

Copper prioritises security. Our comprehensive approach adheres with international standards (including NIST Cybersecurity Framework, ISO 27001, and SOC2) ensuring robust protection. By integrating Defensive-in-Depth strategies, conducting regular penetration tests, and continuously training our teams in the latest cybersecurity best practices, we maintain a fortified defence across all fronts.

Building the institutional standard for digital asset security.

Certified international standards.

We adhere to international standards and benchmarks to ensure a robust security management framework.

SOC2 certificate

SOC2

We adhere to the Trust Principles set out in the SOC2 framework, demonstrating to stakeholders a robust control framework, and a focus on Security in Operations.

ISO 27001

ISO 27001

We adhere to ISO 27001 when building out Security Controls to ensure our approach is coherent and effectively managed.

NIST Cybersecurity Framework

NIST Cybersecurity Framework

We adhere to NIST guidelines for mitigating organisational cybersecurity risks and assess our maturity against its expected baseline to defend and react accordingly.

Cyber Essentials

Cyber Essentials

We are certified under the Cyber Essentials Plus scheme to guard against the most common cyber threats and demonstrate our commitment to cybersecurity.

Industry leading technology backed by robust security first business processes.

Our approach is to detect and respond. This allows us to maintain the effectiveness of our Defensive-in-Depth strategy. Through regular reporting, we assess core components of our controls, enabling the Security Management group to validate through a risk-based methodology.

Regular penetration testing.

Regular penetration testing.

Internal and independent penetration testing is performed across our technology to identify and correct vulnerabilities.

AI/ML enabled incident management.

AI/ML enabled incident management.

Our incident management processes are enhanced with Artificial Intelligence and Machine Learning, enabling us to effectively detect and respond to security events.

Security operations centre.

Security operations centre.

We maintain a 24/7 Security Operations capability and operate dedicated Application Security, Infrastructure Security, Security Architecture, and Assurance teams. We also have a dedicated team who support our Information Technology Infrastructure.

Employee training at all levels.

Employee training at all levels.

Copper employees undertake regular mandatory training around cyber threats to ensure awareness of phishing attempts inherent in this industry.

Accredited InfoSec & Compliance team.

Copper's security framework is anchored by an accredited, skilled team, ensuring the safety of our operations. Our Security Operations Centre (SOC) operates around the clock, providing vigilant incident response and maintaining system integrity. Additionally, our Security Committee is dedicated to overseeing and managing Information Security policies and practices, ensuring global compliance and robust control infrastructure.

Tim Neill, Chief Risk Officer

Tim Neill

Chief Risk Officer

Tim has over 20 years’ experience in operations and risk, with a focus on payments, open banking, financial services and technology. He joined Copper from Mastercard where he was Chief Risk Officer for their new payments platforms division and Head of Risk for product and engineering, covering new payments platforms and digital banking and CBDCs. Prior to Mastercard, Tim held senior risk and operations positions at London Stock Exchange Group, Standard Chartered Bank, Deutsche Bank amongst others.

Dr Stephen Strickland, Chief Compliance Officer

Dr Stephen Strickland

Chief Compliance Officer

Steve is the Group Chief Compliance Officer for Copper Technologies and UK MLRO/Member of Board for Copper Markets UK. Steve holds a Doctorate in economic crime, with a focus on fraud and strategic leadership. This led to him being attributed as having designed the blueprint for Action Fraud (National Fraud Reporting Centre) for the UK government. Prior to joining Copper, Steve was Chief Compliance Officer for Elements Digital, a pioneering Fintech firm where he was responsible for building and running operations for group-wide systems and controls, covering both Tradfi and DeFi solutions.

Luke Somerville, Head of Security

Luke Somerville

Head of Security

Luke has over seventeen years’ experience in information security and joined Copper after spending several years building and maturing cyber security capabilities within the defence sector. Prior to this, he worked in research and consultancy roles for organisations across public, private, and financial sectors including Deutsche Bank, Forcepoint, and Team Cymru.

Stringent and regular assessments run by experts.

Copper's security approach is meticulously managed by four key committees. Each one plays an essential role in ensuring our operations remain secure and professional. This multi-faceted structure allows for a comprehensive and dynamic approach to risk management and security within the company.

Tick icon

Security Committee

Reporting to the Risk & Compliance Committee, this committee is dedicated to managing Information Security (InfoSec) risks and related policies, playing a crucial role in guiding the Board on InfoSec risk management and governance.

Global Financial Crime Governance Committee

Global Financial Crime Governance Committee

Reporting into the Risk & Compliance Committee and then to the Board, the FCGC promotes a compliance culture, manages financial crime risks, and ensures adherence to global regulatory standards and industry best practices in financial crime governance.

Risk & Compliance Committee

Risk & Compliance Committee

Independent and reporting to the Board, this committee oversees the risk management policies and practices of Copper's global operations and the operation of the global risk management framework.

Robust insurance coverage.

Copper purchases insurance in partnership with AON, the leading global insurance broker. Copper holds best-in-class risk-transfer policies that are most suited to the digital asset sector. These include a bespoke Crypto Crime policy and $500m Specie market-based insurance, placed in the Lloyd’s of London market.

$500M

specie market-based insurance

See why pioneering institutions use Copper.

Book a demo with a member of our team.

Most awarded digital asset infrastructure provider.

Hedge Week awards logo

Best digital asset custodian

European awards 2021, 2022, 2023, 2024

Best technology

US digital assets awards 2022

Best digital assets custodian

APAC awards 2023

Best digital asset custodian

US awards 2021, 2022

With Intelligence awards

Best digital asset custodian

HFM US service awards 2023

Best digital asset provider

HFM Asian service awards 2022, 2023

Best digital asset custodian

HFM European service awards 2018, 2019, 2020, 2021, 2022, 2023

Best digital assets custodian

HFM asian services 2023

50 Blockchain 2022 CB Insights award
GC logo
Top Startups UK
City AM
Sifted logo
250 FinTech 2021 CB Insights

Global partnership

ISDA logo
Swiss Blockchain Federation logo
techUK logo
perfORM logo
AIMA logo
GBBC logo