Home > How It Works > FAQ > What kind of controls in GoldMoney are ...

What kind of controls in GoldMoney are reviewed and verified in the ISAE 3402 audit report?

The following controls are reviewed by the Big Four accounting firm and then verified to have been in place during the reporting period:

1. Governance

1.1 Controls provide reasonable assurance that the total amount of goldgrams, silver ounces, platinum grams and palladium grams circulating within the GoldMoney system equal the total fine weight of gold, silver and platinum stored in a vault.
1.2 Controls provide reasonable protection against the risk of unauthorised changes to both the total amount of gold, silver, platinum and palladium within the GoldMoney system and the total amount with in customer holdings, that would compromise the one-to-one goldgram-to-gold ratio or the one-to-one ratio of silver, platinum and palladium.
1.3 Controls provide reasonable assurance that funds held by GoldMoney on behalf of its customers are held in separate customer designated bank accounts, and are segregated from GoldMoney's own corporate funds.

2. Processing Customer Instructions

2.1 Controls provide reasonable assurance that customer orders and payment instructions will be executed timely and accurately.
2.2 Controls provide reasonable assurance that account, storage and payment fees are correctly and promptly charged to customers' accounts in accordance with the published fee tariffs.
2.3 Controls provide reasonable assurance that customer orders to buy or sell bullion are executed at a price that reasonably reflects the spot market price at the time each order is placed.

3. Technology & IT Security

3.1 Controls provide reasonable assurance that physical access to computer networks and equipment is restricted to authorised individuals.
3.2 Controls provide reasonable assurance that access to computer systems, programs, master data, transaction data and parameters is restricted to authorised individuals (including access by administrators to applications, databases, systems and networks).
3.3 Controls provide reasonable assurance that the IT infrastructure is protected from external malicious electronic attack.
3.4 Controls provide reasonable assurance that data and systems are backed up regularly and such backups are available to be used to recover the systems and data in the event of a disaster.
3.5 Controls provide reasonable assurance that IT hardware and software issues are promptly identified and resolved.
3.6 Controls provide reasonable assurance that significant changes to code are appropriately tested and authorised prior to implementation and unauthorised changes would be promptly detected and responded to.
3.7 Controls provide reasonable assurance that third parties' access to the GoldMoney IT environment is controlled and closely monitored.

4. Prevention of Money Laundering and Financing of Terrorism

4.1 Controls provide reasonable assurance that customers' identity and source of funds are verified in accordance with the Customer Acceptance Policy.
4.2 Controls provide reasonable assurance that training on the prevention and detection of money laundering and terrorist financing is provided on a regular basis to those with responsibility for the acceptance of new customers and monitoring customer activity.