Auexus
Auexus
Security & Trust

Accounted for
to the cent.

Your money sits on a double entry ledger that the database itself keeps honest, behind signed deposits, maker checker withdrawals and segregated custody. Not a promise on a page, but controls you can inspect.

  • Double entryLedger
  • 2FA + backupCodes
  • KYC L1–L3Verification
  • Maker checkerApprovals
The money engine

Every balance is a proof, not a number

Here is a real withdrawal as the ledger records it. The client wallet is debited, the payout and fee are credited, and the database will not accept the entry unless the two sides match to the cent.

Account · reasonDebitCreditRunning balance
Client wallet · USDwithdrawal.debit5,000.0012,640.20
Settlement · payoutswithdrawal.payout4,985.00
Revenue · network feewithdrawal.fee15.00
debits 5,000.00=credits 5,000.00 Σ balanced
Money integrity

The funds engine, built to be checkable

Four controls keep the money truthful: balanced entries enforced in the database, daily reconciliation, signed and idempotent payment webhooks, and a fully reason tagged history.

Double entry, enforced at the database

Every balance change posts as a balanced debit and credit pair. Database triggers reject any entry that does not balance, so a wallet balance is always a provable projection of the ledger, never a number edited by hand.

Σ ledger = wallet balance

Daily reconciliation with drift alerts

A reconciliation job recomputes balances from the ledger and compares them to the stored wallets. If a single cent drifts, it raises an alert rather than papering over the difference.

Reconciled · alert on any drift

Signed, idempotent webhooks

Payment provider callbacks are HMAC-SHA256 signed and verified in constant time, then deduplicated on their reference. A redelivered webhook is recognised and ignored, so a deposit can never be credited twice.

HMAC-SHA256 · idempotent on reference

Reason tagged, with balance snapshots

Each entry records why it was written and the running balance at the moment it posted. The history reads as a complete, ordered account of every movement, not a bare list of numbers.

Reason tag · running balance

Account security

Your login, locked down by default

Strong authentication, full visibility of where you are signed in, and scoped credentials for anything programmatic, so control of the account stays firmly with you.

2FA with backup codes

Time based one time passwords to RFC 6238, with single use backup codes issued at setup so a lost device never locks you out of your own funds.

Sessions and devices

Every active session and known device is listed with its last activity, and any of them can be revoked on the spot. A full login history sits alongside it.

Scoped, hashed API keys

Programmatic keys are scoped to read or trade, stored only as a hash, and revocable at any time. The secret is shown once and never again.

Anti phishing code

A private phrase you choose appears in genuine Auexus emails, so a message that lacks it is a forgery you can spot at a glance.

Withdrawal whitelisting

Funds leave only to addresses you have added to your whitelist, closing the door on a payout being redirected to somewhere you never approved.

Compliance

Oversight that is built in, not bolted on

Tiered identity verification, a worked anti money laundering process, role based access with maker checker on sensitive actions, and an audit log that cannot be quietly edited.

KYC, levels L1 to L3

Identity is verified in tiers through multi document review, with higher limits unlocked as more is confirmed. Verification depth is matched to activity.

AML alerts and resolution

Anti money laundering alerts carry a severity and move through a defined resolution workflow, so nothing flagged is left without an owner or an outcome.

Role based access, maker checker

Five roles across six permission keys govern who can do what, and sensitive actions require maker checker: one person requests, a second approves.

Immutable audit log

Every administrative action is written to an append only audit log, recording who acted, what changed and when, so the record can be reviewed but never quietly rewritten.

Assurance

Your capital, kept at arm's length from ours

The strongest safeguard is structural. Client assets are segregated from company funds and held with regulated custodians, while independent auditors and the ISO 27001 framework hold the controls to an outside standard rather than our word.

Independently audited · ISO 27001 aligned
  • Segregated client assets

    Client funds are held separately from company funds, so your capital is never commingled with the operating balance of the business.

  • Regulated custodians

    Assets are held with regulated custodians, keeping safekeeping in the hands of supervised institutions rather than the platform alone.

  • Independently audited

    The platform is reviewed by independent auditors, so the controls described here are checked by parties with no stake in the answer.

  • ISO 27001 aligned

    Information security is run to the ISO 27001 framework, applying a recognised standard to how data and systems are protected.

Trust is a thing you can audit.

Open an account on a platform where every balance reconciles, every withdrawal is checked, and every administrative action is on the record.

The Auexus Briefing

Market intelligence, in your inbox.

Insights, real payout proofs and product updates — in your language. Unsubscribe anytime.

© 2026 Auexus. All rights reserved.Trading carries risk to your capital. Past performance is not indicative of future results.