What does it mean to be on the MAS alert list?

To be on MAS alert list means that there have been some complains that is related to investment, but they are not licensed by MAS, it may also mean that there are promises of returns, but they are not financial advice.

What does MAS not regulate?

Tax and estate planning are not covered by the regulatory jurisdiction, according to mas.gov.sg. All financial planning activities related to securities, futures, and insurance are regulated by MAS.

What is the function of MAS?

The main three functions of MAS- 1. Supervision of Financial Services 2. Controls the Government’s Financial Reserves 3. Issues Government Securities

MAS Regulation | Compliance Audit

What is MAS?

The Monetary Authority of Singapore (MAS) is the central bank and the financial regulatory authority of Singapore that published Technology Risk Management (TRM) Guidelines to help financial firms establish sound technology risk management, strengthen system security, and safeguard sensitive data and transactions. MAS recognizes cloud services as a form of outsourcing. The TRM guidelines contain the best practices that financial institutions should adopt while conducting business in Singapore. While MAS compliance is voluntary, the benchmark is used while assessing the risk of financial institutions.

MAS + Cloud

The primary focus of MAS-TRM is access control and encryption of confidential data. Since MAS recognizes cloud services as a form of outsourcing, it is the customer’s job to ensure they follow the best practices. MAS guidelines state encrypting sensitive or confidential information before it is transported offsite for storage. MAS guidelines also recommend that confidential information stored on IT systems, servers, and databases should be encrypted and protected through strong access controls, bearing in mind the principle of “least privilege”. Grant access rights and privileges should be given based on job responsibility. As such, no one should have any intrinsic right to access confidential data by virtue of rank or position. MAS recommends financial institutions maintain audit logging of system activities performed by privileged users and, at the same time, disallow privileged users from accessing systems logs in which their activities are being captured.

Schedule A Demo

Why Cloudanix?

The TRM guidelines by MAS are not legally binding, but since they form the benchmark while assessing financial institutions' risk, they become extremely important. Even if your organization isn’t a financial institution, being MAS guidelines compliant will only help you in the long run. Having privileged access management and access control will protect your organization from malicious insider attacks like breaches and leaks of the sensitive data your company stores. And in the event of such a tragedy, you may face a massive financial and reputational loss. Cloudanix helps you achieve MAS compliance and make your cloud infrastructure secure by ensuring you implement the TRM guidelines. Cloudanix automates audits that perform various checks consisting of different rules on a wide variety of recipes that we provide. For instance, our AWS recipe of EKS Audit contains rules like Non-public Endpoints, EKS Security Groups, ECR Private Repo, and many more. These audit rules help you comply with MAS by detecting any infringement in the access control and privilege management. We have many other recipes and rules that ensure you follow the best security practices specified by the MAS-TRM guidelines while we are taking care of your security audits!

Cloudanix Audit Recipes Get Compliance Ready

Insights from Cloudanix

Case Studies

The real-world success stories where Cloudanix came through and delivered. Watch our case studies to learn more about our impact on our partners from different industries.

Read Case Studies >

Checklist for you

A collection of several free checklists for you to use. You can customize, stack rank, backlog these items and share with your other team members.

Go to checklists

Streamline Your MAS TRMG Compliance

Our guide explains ISMS, benefits, AWS considerations, requirements, compliance vs certification, costs, certification & maintainance

Check MAS TRMG

Cloudanix docs

Cloudanix offers you a single dashboard to secure your workloads. Learn how to setup Cloudanix for your cloud platform from our documents.

Take a look

Learn repository

List of curated cloud security and cybersecurity topics with detail information for understanding, learning and evolving. Don't miss this!