What can we help you with?

Supercharged PAM

Combine the best of Session Management and Credential Management solutions at a new, incredible value!

Learn More Learn More

What is BeyondTrust?

Get a closer look inside the BeyondTrust identity & access security arsenal.

Learn More Learn More

Gartner Peer Insights

Find out how customers & analysts alike review BeyondTrust.

Learn More Learn More

Go Beyond Customer & Partner Conference

Our biggest customer conference of the year is happening in Miami and virtually on May 1-5, 2023.

Learn More Learn More

Watch Our Video

Find out more about our integrations.

Learn More Learn More

Leader in Intelligent Identity & Secure Access

Learn how BeyondTrust solutions protect companies from cyber threats.

Learn More Learn More

Effective as of July 2014, the Monetary Authority of Singapore (MAS) has imposed updated Technology Risk Management (TRM) Guidelines on all financial institutions that have any form of operations in the territory, no matter where in the world they are based. At the same time, MAS published several related TRM Notices, which are legally binding. Non-compliance can result in the following for financial institutions:

  • Financial penalties
  • Reputational damage
  • Revocation of licence to operate in Singapore

Previously only applying to banks with online operations, the guidelines were updated to address the need for all financial institutions to adopt sound operational practices for managing technology risks, given factors including:

  • Reliance on increasingly complex IT systems
  • Recent, high-profile security incidents and system failures
  • Emerging technology risks such as the increased use of mobile devices and virtual environments
  • Growing concern regarding risks posed by rogue insiders

The updated guidelines are intended to ensure that all financial institutions manage risk in a way that supports MAS’ approach of promoting a sound and progressive financial services sector. They aim to ensure that every financial institution establishes a sound and robust technology risk management framework by ensuring that technology controls are effective and resilient. They place a focus not only on resiliency, but also on availability and recoverability in the case of a serious security incident or systems outage. Further, they place an emphasis on ensuring that customers and sensitive data are adequately protected.

The TRM Guidelines specify technology processes and controls that financial institutions should implement in a range of functional areas, including risk management oversight and framework, system reliability, availability and recoverability, access control, provision of online services, and payment mechanisms. The guidelines are broad and detailed—to a level previously only seen in the PCI DSS industry standards.