Zand Achieves Banking First, with SOC 2® Type II Attestation Covering Web3

17 April 2026, Dubai, United Arab Emirates – In a significant first for a bank, Zand, an AI and blockchain-powered digital bank in the United Arab Emirates, announces today that it has successfully achieved System and Organization Controls (SOC) 2 Type II attestation, covering digital and blockchain-based products, escrow services, and digital asset infrastructure.

The SOC 2 Type II attestation is a gold standard for information security and operational controls, and was completed against all the Trust Services Criteria. This independently validated assessment underscores Zand's ongoing commitment to safeguarding client data and maintaining robust governance, risk management, and control practices.

The attestation covers Zand Bank and its wholly-owned subsidiary, Zand Trust, and follows a comprehensive independent audit conducted in accordance with standards established by the American Institute of Certified Public Accountants (AICPA). The audit assessed Zand's policies, procedures, and control environment, providing third-party assurance over its approach to security, availability, confidentiality, processing integrity, and privacy, where in scope.

This milestone builds on Zand's existing certifications for Information Security Management Systems (ISO 27001) and Privacy Information Management Systems (ISO 27701), including coverage of advanced digital and Web3 services, such as digital asset custody and smart contract governance.