Licence Application for a Rising Cryptocurrency Exchange
Pionex is a cryptocurrency exchange established in 2019 with more than 100,000 users. The exchange stands out amongst its competitors by having 16 built-in, free and powerful trading bots that users can take advantage of to get the best trades. Pionex offers highly competitive fees and has the best user experiences and security any exchange platform can offer. They are well regulated and currently licenced by FinCEN, a United States regulator.
One of Pionex's goals is to position itself to be one of the leading cryptocurrency exchanges in the market by offering a competitive platform with robust, multi-layered security for its users. To achieve that level of recognition from their stakeholders and continue operating in Singapore, Pionex needed to obtain a licence from The Monetary Authority of Singapore, one of the strictest financial regulators in the world. On top of that, they need support in complying with the requirements under the MAS Technology Risk Management Guidelines, MAS Payment Service Notice PSN05 and MAS PSN06 Cyber Hygiene.
With a tight licencing deadline to meet, Pionex knew they had to work with a knowledgeable cybersecurity and regulations partner with significant experience who could support them throughout the entire application process.
Pionex chose to work with Pragma based on Pragma's current portfolio and similar successful engagements. Pragma was able to help Pionex navigate the regulatory space and meet compliance to the MAS Payment Services Act (PSA). Pionex has asked Pragma to assist them during MAS interviews, develop policies and procedures necessary to comply with the MAS TRM Guidelines, perform Penetration Tests on their platform and conduct a Security Audit.
Pragma conducted a workshop to document their critical systems and supporting vendors, which forms part of the due diligence process to ensure third party vendors apply the same level of controls as Pionex has implemented. Pragma also worked closely with Pionex in creating over twenty-five policies and procedures to comply with all applicable guidelines and licencing requirements, such as Asset Management Policy and Technology Risk Management Framework.
As ancillary support to meet MAS's licencing requirements, Pragma designed a secure and robust cloud architecture document and advised Pionex on implementing appropriate controls. The architecture document has been integral in streamlining Pionex's technology operations and articulating how the exchange operates securely. The architecture document contains information relating to Wallet Implementations, Segregated environments and SSO and IAM accounts.
Pragma's Security Testing team also carried out penetration testing and network vulnerability assessment to identify and analyse security vulnerabilities in their website, platform and mobile applications.
During the license application interview, Pragma also provided advisory support to Pionex for any technology risk related queries that arose.
To maintain compliance with MAS regulations, in the long run, Pionex outsourced its Anti Money Laundering (AML) and risk management activities to Pragma on a retainer basis. Pragma's Technology Risk Manager and compliance team will manage Pionex risk management and compliance activities such as responding to inquiries on AML, security and controls, reviewing compliance to regulations and standards and maintaining an inventory of risk and controls.