IR Hotline Numbers:

+44 20 3318 1470
+60 154 877 0076
+61 2 7908 1745
+65 3165 8788
caution icon

Experienced a breach? Reach us now

company logo

Compliance

Licence Application for a Rising Cryptocurrency Exchange

Licence Application for a Rising Cryptocurrency Exchange

The Background

Pionex is a cryptocurrency exchange established in 2019 with more than 100,000 users. The exchange stands out amongst its competitors by having 16 built-in, free and powerful trading bots that users can take advantage of to get the best trades. Pionex offers highly competitive fees and has the best user experiences and security any exchange platform can offer. They are well regulated and currently licenced by FinCEN, a United States regulator.

The Process

One of Pionex's goals is to position itself to be one of the leading cryptocurrency exchanges in the market by offering a competitive platform with robust, multi-layered security for its users. To achieve that level of recognition from their stakeholders and continue operating in Singapore, Pionex needed to obtain a licence from The Monetary Authority of Singapore, one of the strictest financial regulators in the world. On top of that, they need support in complying with the requirements under the MAS Technology Risk Management Guidelines, MAS Payment Service Notice PSN05 and MAS PSN06 Cyber Hygiene.

With a tight licencing deadline to meet, Pionex knew they had to work with a knowledgeable cybersecurity and regulations partner with significant experience who could support them throughout the entire application process.

The Result

Pionex chose to work with Pragma based on Pragma's current portfolio and similar successful engagements. Pragma was able to help Pionex navigate the regulatory space and meet compliance to the MAS Payment Services Act (PSA). Pionex has asked Pragma to assist them during MAS interviews, develop policies and procedures necessary to comply with the MAS TRM Guidelines, perform Penetration Tests on their platform and conduct a Security Audit.

Pragma conducted a workshop to document their critical systems and supporting vendors, which forms part of the due diligence process to ensure third party vendors apply the same level of controls as Pionex has implemented. Pragma also worked closely with Pionex in creating over twenty-five policies and procedures to comply with all applicable guidelines and licencing requirements, such as Asset Management Policy and Technology Risk Management Framework.

As ancillary support to meet MAS's licencing requirements, Pragma designed a secure and robust cloud architecture document and advised Pionex on implementing appropriate controls. The architecture document has been integral in streamlining Pionex's technology operations and articulating how the exchange operates securely. The architecture document contains information relating to Wallet Implementations, Segregated environments and SSO and IAM accounts.

Pragma's Security Testing team also carried out penetration testing and network vulnerability assessment to identify and analyse security vulnerabilities in their website, platform and mobile applications.

During the license application interview, Pragma also provided advisory support to Pionex for any technology risk related queries that arose.

To maintain compliance with MAS regulations, in the long run, Pionex outsourced its Anti Money Laundering (AML) and risk management activities to Pragma on a retainer basis. Pragma's Technology Risk Manager and compliance team will manage Pionex risk management and compliance activities such as responding to inquiries on AML, security and controls, reviewing compliance to regulations and standards and maintaining an inventory of risk and controls.

Tags:

Cryptocurrency Exchange
Licence Application
Regulatory Compliance
Monetary Authority of Singapore
Technology Risk Management
Cybersecurity Regulations
MAS Payment Services Act
Security Audit
Penetration Testing
Cloud Architecture
Asset Management
Technology Risk Framework
AML Compliance
Risk Management
Compliance Activities
Anti Money Laundering
Network Vulnerability Assessment
Financial Regulations
Security Controls

Join the Pragma Community Today

Email


Solutions

Cyber Advisory

Technology Risk

Compliance, Conduct, and Regulatory Risk

IT Audit

Insights

Pragma Logo

Terms & conditions

Privacy Policy