Without naming names, there are specific well known fintechs who were not SOC or ISO compliant when they were 2 years old. And SOC compliance is self determined anyway I believe. Plenty of people did business with them because their customers were small businesses (mostly startups) who didn't think about such matters. These were/are good companies, doing the right thing, but not doing things they didn't need to do.
Plenty of businesses did business with FTX. The things large enterprise want in a vendor or counterparty are generally not a consideration outside large enterprise. I used to be involved with oil price hedging where our counterparties were small/mid sized oil and gas producers - it didn't even occur to them that they were taking credit risk on us or that they should know if we had a credit rating.
Plenty of businesses did business with FTX. The things large enterprise want in a vendor or counterparty are generally not a consideration outside large enterprise. I used to be involved with oil price hedging where our counterparties were small/mid sized oil and gas producers - it didn't even occur to them that they were taking credit risk on us or that they should know if we had a credit rating.