Why MAS Compliance is Still a Real MUST

Morey Haber, Chief Technology Officer
November 12th, 2014

As reported in our blog earlier this year MAS guidelines are set to change the way financial institutions conduct business in Singapore.

Now, nearly four months past the compliance date of July 2014, we are revisiting the guidelines that surround the regulations. Non-compliance was said to result in the following implications for financial institutions:

  • Financial penalties
  • Reputational damage
  • Revocation of licence to operate in Singapore

How many have fallen fowl of the penalties to date? We aren’t sure, but what we do know is if you are late in meeting the TRM Guidelines how BeyondTrust can help.

The TRM Guidelines specify technology processes and controls that financial institutions should implement in a range of functional areas, including risk management oversight and framework, system reliability, availability and recoverability, access control, provision of online services and payment mechanisms. The guidelines are broad and detailed—to a level previously only seen in the PCI DSS industry standards.


BeyondTrust offers an integrated IT Risk Management Platform that helps financial institutions in their compliance efforts across two key areas:

  • Privileged account management to enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity
  • Vulnerability management to identify exposures, analyse business impact, and plan and conduct remediation across diverse IT infrastructure

BeyondTrust in partnership with Bloor Research Analysts’ Fran Howarth have prepared BeyondTrust’s MAS TRM solution overview applicable to financial institutions worldwide. This document will provide you with a high level overview of everything you need to know about becoming MAS Compliant.

Download your copy

Morey Haber, Chief Technology Officer

With more than 20 years of IT industry experience and author of Privileged Attack Vectors, Mr. Haber joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology for both vulnerability and privileged access management solutions. In 2004, Mr. Haber joined eEye as the Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was a Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. Mr. Haber began his career as a Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelors of Science in Electrical Engineering from the State University of New York at Stony Brook.