Application Security and Secure Software Development
Assisting a Fintech Comply with the MAS TRM Regulations
The client is the first regulated platform for digitised securities in Asia that was established in 2017.
Licensed by the Monetary Authority of Singapore (MAS) under the Securities and Futures Act (Cap 289), the company is recognised as a known market operator. The client provides investors access to the capital markets in a secure, compliant and cost-effective manner through a platform for issuance, settlement, custody, and secondary trading of digitised securities.
The client approached Pragma to support them in achieving the MAS license. The scope of service was focused on securing their development framework and operational environment.
Pragma's Cloud Security Architects and DevSecOps team helped them secure their platform's architecture covering the application design, network infrastructure design and security design of the processes.
Pragma then performed multiple penetration tests to ensure the platform is tested and robust against attacks.
Pragma also supported the Client in addressing audit requirements and queries when they had an independent assessment performed by an audit firm.
Prior to going live, Pragma performed an application source code review as part of the requirements. In total, Pragma documented 77 policies, procedures and processes. These policies and procedures are linked with MAS TRM and Outsourcing Guidelines.
Our collaborative efforts enabled the client to obtain the coveted MAS license (RMO, CMS) to operate in Singapore.