Introduction

Security is at the heart of everything we do and build at Yieldstreet. Our security leadership brings over 20 years of experience in Fintech, digital financial platforms and regulated industries. We care deeply about your security, and go the extra mile to protect the data and privacy of our users and safety of their portfolios and transactions.

Of course, in an era where website hacks, data compromises, and commerce on the dark web are a matter of daily news, and a security breach in one place can render your accounts at other unrelated places vulnerable and open to compromise, we also do our best to educate our users on best practices to follow to protect their data, both at Yieldstreet and other digital platforms.

Read on to learn more about how we approach platform security at Yieldstreet.

The Yieldstreet Secure Platform

The Yieldstreet platform is architected from the ground up with a central focus on security. We follow top industry standards and guidelines for all aspects of the platform, spanning secure coding, data encryption and privacy management, segmented and containerized cloud infrastructure, advanced perimeter security and fine-grained access control. In addition, we integrate with a set of vendors for specific security purposes like Two-Factor Authentication, account level security, continuous monitoring and many others, providing bank-grade security for the protection of our users and their data.

Account and portfolio security

Application security at Yieldstreet starts from secure coding practices, enforced via both process and automated controls. We follow OWASP guidelines for secure application development, for both frontend and backend systems. Our continuous delivery pipeline ensures all code commits are auto-scanned for insecure code. The platform also deploys a set of security features to ensure the account-level security of our end users:

Two-Factor Authentication (2FA) is a mandatory requirement for all users.

Account level security controls incorporate heuristic and AI-based controls for detection and prevention of account takeovers. including (but not limited to) auto-lockouts on repeated login failures, access pattern violation detections and suspicious logins.

Transaction level security is implemented at multiple levels via risk scoring algorithms that combine heuristic rules with pattern recognition algorithms to detect and escalate potential fraud.

Data security and privacy

Data is the most valuable and sensitive commodity for any enterprise, and at Yieldstreet we are resolutely committed to the privacy, security and loss protection of this commodity, both Yieldstreet’s enterprise data and our users’ private data. As stewards of the data provided to us by our users, we employ a variety of systems and controls to help ensure the privacy and security of this data:

  • All data in transit is encrypted end to end with a minimum of 128-bit encryption. This is deployed on data in transit even within our internal private subnets.
  • All data at rest is encrypted via FIPS-140-2 compliant encryption technology.
  • Account passwords are cryptographically one-way hashed with a multi-iteration 16-byte random salt.
  • All data stores are cross-region replicated across Amazon’s AWS infrastructure to provide high availability and redundancy, and protect against data loss.
  • Access to internal systems handling user information is strictly restricted and managed through a centralized, fine-grained entitlement system, following the Principle of Least Privilege, managed centrally by Yieldstreet’s Security Office.

More information on Yieldstreet’s privacy policies can be found here.

Infrastructure security

Yieldstreet’s systems are hosted in Amazon’s AWS cloud infrastructure, across multiple regions and availability zones to provide redundancy. AWS is an industry-leading SOC-2, ISO27001, and FEDRAMP certified secure cloud infrastructure provider, providing a wide range of functionality and features for securing and monitoring an enterprise’s cloud infrastructure. We leverage all of these technologies provided by AWS for securing our infrastructure, and have developed a sophisticated containerized physical architecture with security as a core driving concern.

Some highlights of this architecture:

  • We are protected at our perimeter by Cloudflare’s Web Application Firewalls (WAF), DDoS protection and Bot detection systems.
  • All transport is secured end to end with TLS transport layer security (128-bit minimum) across all tiers of the stack. Yieldstreet’s website uses an Extended Validation SSL certificate for its public web properties.
  • Network segmentation provides defense in depth for the systems and data tiers, providing separation between services and data stores.
  • FIPS-140-2 compliant encryption is used to protect all data at rest.
  • Intrusion detection and endpoint protection systems run 24/7 in our infrastructure, alerting us to any potential security incidents.
  • In addition, our infrastructure is continuously monitored for its security posture against CIS Benchmarks.

To ensure we keep the platform secure at all times, we perform annual third-party audits of our applications, networks and infrastructure. In addition, our vendor management policy requires all vendors that handle secure user data to provide reports of their annual security audits.

Assurance

Yieldstreet has a SOC 2 Type 2 report from the American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC). SOC reports give assurance over control environments as they relate to the retrieval, storage, processing, and transfer of data. Our SOC 2 reports cover controls around all five trust services criteria (TSC): security, availability, processing integrity, confidentiality and privacy of customer data.

Service Organization Controls Logo

We believe our 10 alternative asset classes, track record across 470+ investments, third party reviews, and history of innovation makes Yieldstreet “The leading platform for private market investing,” as compared to other private market investment platforms.

1 Past performance is no guarantee of future results. Any historical returns, expected returns, or probability projections may not reflect actual future performance. All securities involve risk and may result in significant losses.

3 "Annual interest," "Annualized Return" or "Target Returns" represents a projected annual target rate of interest or annualized target return, and not returns or interest actually obtained by fund investors. “Term" represents the estimated term of the investment; the term of the fund is generally at the discretion of the fund’s manager, and may exceed the estimated term by a significant amount of time. Unless otherwise specified on the fund's offering page, target interest or returns are based on an analysis performed by Yieldstreet of the potential inflows and outflows related to the transactions in which the strategy or fund has engaged and/or is anticipated to engage in over the estimated term of the fund. There is no guarantee that targeted interest or returns will be realized or achieved or that an investment will be successful. Actual performance may deviate from these expectations materially, including due to market or economic factors, portfolio management decisions, modelling error, or other reasons.

4 Reflects the annualized distribution rate that is calculated by taking the most recent quarterly distribution approved by the Fund's Board of Directors and dividing it by prior quarter-end NAV and annualizing it. The Fund’s distribution may exceed its earnings. Therefore, a portion of the Fund’s distribution may be a return of the money you originally invested and represent a return of capital to you for tax purposes.

5 Represents the sum of the interest accrued in the statement period plus the interest paid in the statement period.

6 The internal rate of return ("IRR") represents an average net realized IRR with respect to all matured investments, excluding our Short Term Notes and Structured Notes programs, weighted by the investment size of each individual investment, made by private investment vehicles managed by YieldStreet Management, LLC from July 1, 2015 through and including June 30, 2024, after deduction of management fees and all other expenses charged to investments.

7 Investors should carefully consider the investment objectives, risks, charges and expenses of the Yieldstreet Alternative Income Fund before investing. The prospectus for the Yieldstreet Alternative Income Fund contains this and other information about the Fund and can be obtained by emailing [email protected] or by referring to www.yieldstreetalternativeincomefund.com. The prospectus should be read carefully before investing in the Fund. Investments in the Fund are not bank deposits (and thus not insured by the FDIC or by any other federal governmental agency) and are not guaranteed by Yieldstreet or any other party.

8 This tool is for informational purposes only. You should not construe any information provided here as investment advice or a recommendation, endorsement or solicitation to buy any securities offered on Yieldstreet. Yieldstreet is not a fiduciary by virtue of any person's use of or access to this tool. The information provided here is of a general nature and does not address the circumstances of any particular individual or entity. You alone assume the sole responsibility of evaluating the merits and risks associated with the use of this information before making any decisions based on such information.

9 Statistics as of the most recent month end.

300 Park Avenue 15th Floor, New York, NY 10022

844-943-5378

No communication by YieldStreet Inc. or any of its affiliates (collectively, “Yieldstreet™”), through this website or any other medium, should be construed or is intended to be a recommendation to purchase, sell or hold any security or otherwise to be investment, tax, financial, accounting, legal, regulatory or compliance advice, except for specific investment advice that may be provided by YieldStreet Management, LLC pursuant to a written advisory agreement between such entity and the recipient. Nothing on this website is intended as an offer to extend credit, an offer to purchase or sell securities or a solicitation of any securities transaction.

Any financial projections or returns shown on the website are estimated predictions of performance only, are hypothetical, are not based on actual investment results and are not guarantees of future results. Estimated projections do not represent or guarantee the actual results of any transaction, and no representation is made that any transaction will, or is likely to, achieve results or profits similar to those shown. In addition, other financial metrics and calculations shown on the website (including amounts of principal and interest repaid) have not been independently verified or audited and may differ from the actual financial metrics and calculations for any investment, which are contained in the investors’ portfolios. Any investment information contained herein has been secured from sources that Yieldstreet believes are reliable, but we make no representations or warranties as to the accuracy of such information and accept no liability therefore.

Private placement investments are NOT bank deposits (and thus NOT insured by the FDIC or by any other federal governmental agency), are NOT guaranteed by Yieldstreet or any other party, and MAY lose value. Neither the Securities and Exchange Commission nor any federal or state securities commission or regulatory authority has recommended or approved any investment or the accuracy or completeness of any of the information or materials provided by or through the website. Investors must be able to afford the loss of their entire investment.

Investments in private placements are speculative and involve a high degree of risk and those investors who cannot afford to lose their entire investment should not invest. Additionally, investors may receive illiquid and/or restricted securities that may be subject to holding period requirements and/or liquidity concerns. Investments in private placements are highly illiquid and those investors who cannot hold an investment for the long term (at least 5-7 years) should not invest.

Alternative investments should only be part of your overall investment portfolio. Further, the alternative investment portion of your portfolio should include a balanced portfolio of different alternative investments.

Articles or information from third-party media outside of this domain may discuss Yieldstreet or relate to information contained herein, but Yieldstreet does not approve and is not responsible for such content. Hyperlinks to third-party sites, or reproduction of third-party articles, do not constitute an approval or endorsement by Yieldstreet of the linked or reproduced content.

Investing in securities (the "Securities") listed on Yieldstreet™ pose risks, including but not limited to credit risk, interest rate risk, and the risk of losing some or all of the money you invest. Before investing you should: (1) conduct your own investigation and analysis; (2) carefully consider the investment and all related charges, expenses, uncertainties and risks, including all uncertainties and risks described in offering materials; and (3) consult with your own investment, tax, financial and legal advisors. Such Securities are only suitable for accredited investors who understand and are willing and able to accept the high risks associated with private investments.

Investing in private placements requires long-term commitments, the ability to afford to lose the entire investment, and low liquidity needs. This website provides preliminary and general information about the Securities and is intended for initial reference purposes only. It does not summarize or compile all the applicable information. This website does not constitute an offer to sell or buy any securities. No offer or sale of any Securities will occur without the delivery of confidential offering materials and related documents. This information contained herein is qualified by and subject to more detailed information in the applicable offering materials. Yieldstreet™ is not registered as a broker-dealer. Yieldstreet™ does not make any representation or warranty to any prospective investor regarding the legality of an investment in any Yieldstreet Securities.

YieldStreet Inc. is the direct owner of Yieldstreet Management, LLC, which is an SEC-registered investment adviser that manages the Yieldstreet funds and provides investment advice to the Yieldstreet funds, and in certain cases, to retail investors. RealCadre LLC is also indirectly owned by Yieldstreet Inc. RealCadre LLC is a broker-dealer registered with the Securities and Exchange Commission (“SEC”) and a member of the Financial Industry Regulatory Authority (“FINRA”) and the Securities Investor Protection Corporation (“SIPC”). Information on all FINRA registered broker-dealers can be found on FINRA’s BrokerCheck. Despite its affiliation with Yieldstreet Management, LLC, RealCadre LLC has no role in the investment advisory services received by YieldStreet clients or the management or distribution of the Yieldstreet funds or other securities offered on our through Yieldstreet and its personnel. RealCadre LLC does not solicit, sell, recommend, or place interests in the Yieldstreet funds.

Yieldstreet is not a bank. Certain services are offered through Plaid, Orum.io and Footprint and none of such entities is affiliated with Yieldstreet. By using the services offered by any of these entities you acknowledge and accept their respective disclosures and agreements, as applicable.

Investment advisory services are only provided to clients of YieldStreet Management, LLC, an investment advisor registered with the Securities and Exchange Commission, pursuant to a written advisory agreement.

Our site uses a third party service to match browser cookies to your mailing address. We then use another company to send special offers through the mail on our behalf. Our company never receives or stores any of this information and our third parties do not provide or sell this information to any other company or service.

Read full disclosure