Licence Application for a Rising Cryptocurrency Exchange
Pionex is a cryptocurrency exchange established in 2019 with more than 100,000 users. The exchange stands out amongst its competitors by having 16 built-in, free and powerful trading bots that users can take advantage of to get the best trades.
Pionex offers highly competitive fees and has the best user experiences and security any exchange platform can offer. They are well regulated and currently licenced by FinCEN, a United States regulator.
One of Pionex's goals is to position itself to be one of the leading cryptocurrency exchanges in the market by offering a competitive platform with robust, multi-layered security for its users. To achieve that level of recognition from their stakeholders and continue operating in Singapore, Pionex needed to obtain a licence from The Monetary Authority of Singapore, one of the strictest financial regulators in the world. On top of that, they need support in complying with the requirements under the MAS Technology Risk Management Guidelines, MAS Payment Service Notice PSN05 and MAS PSN06 Cyber Hygiene.
With a tight licencing deadline to meet, Pionex knew they had to work with a knowledgeable cybersecurity and regulations partner with significant experience who could support them throughout the entire application process.
Pionex chose to work with Pragma based on Pragma’s current portfolio and similar successful engagements. Pragma was able to help Pionex navigate the regulatory space and meet compliance to the MAS Payment Services Act (PSA). Pionex has asked Pragma to assist them during MAS interviews, develop policies and procedures necessary to comply with the MAS TRM Guidelines, perform Penetration Tests on their platform and conduct a Security Audit.
Pragma conducted a workshop to document their critical systems and supporting vendors, which forms part of the due diligence process to ensure third party vendors apply the same level of controls as Pionex has implemented. Pragma also worked closely with Pionex in creating over twenty-five policies and procedures to comply with all applicable guidelines and licencing requirements, such as Asset Management Policy and Technology Risk Management Framework.
As ancillary support to meet MAS’s licencing requirements, Pragma designed a secure and robust cloud architecture document and advised Pionex on implementing appropriate controls. The architecture document has been integral in streamlining Pionex's technology operations and articulating how the exchange operates securely. The architecture document contains information relating to Wallet Implementations, Segregated environments and SSO and IAM accounts.
Pragma's Security Testing team also carried out penetration testing and network vulnerability assessment to identify and analyse security vulnerabilities in their website, platform and mobile applications.
During the license application interview, Pragma also provided advisory support to Pionex for any technology risk related queries that arose.
To maintain compliance with MAS regulations, in the long run, Pionex outsourced its Anti Money Laundering (AML) and risk management activities to Pragma on a retainer basis. Pragma's Technology Risk Manager and compliance team will manage Pionex risk management and compliance activities such as responding to inquiries on AML, security and controls, reviewing compliance to regulations and standards and maintaining an inventory of risk and controls.
A financial licence helped build customer confidence in Pionex to become a world-class cryptocurrency exchange.
Focus On Growth
By outsourcing the application process and long term risk and compliance management activities to an established cybersecurity partner, Pionex had a higher chance of success in their application and is able to focus on expanding other areas of their business.
Pionex is now more confident in its Technology Risk Management processes and Security Architecture.
We are more than fortunate to have Pragma along with us and us with them. Their professional guidance and advice have inevitably brought us a few notches higher with an unparallel advantage to concentrate on other core areas like business development and improving client experiences.
Case Study: Technical Review on Third-party Risks For Insurer
Case Study: Establishing Compliance with SOC 2 Security Implementation
Trusted Cybersecurity Partner
Pragma is a CREST approved global provider of cybersecurity solutions. We help organisations strengthen cyber resilience and safeguard valuable information assets with a pragmatic approach.
Currently, Pragma is the trusted partner of some of the world's most successful organisations across a wide range of industries, including 4 of Forbes Most Valuable Brands, 3 of Singapore's Hottest Fintechs, the Best Global Crypto Exchange and 10 of the Top 100 Insurance Companies.
Headquartered in Asia and Europe, and with regional offices around the world, we provide Cyber and Regulatory Consultancy, Incident Response, Cloud Security and Security Testing services.
What Our Clients Say
“The service, the clarity of understanding of the regulation and recommendations improved our platform.”
No-Surprise Competitive Fees
We get our cost structure right so that the fees proposed to you are transparent and competitively priced without impairing our objectivity and quality.
A Solution For You
We understand that no one business is identical. Our solutions are bespoke and aim to empower your business with the right tools and technology to grow.
This means having a collaborative approach while working with your team and listening to you.
The team dedicated to you has deep cybersecurity knowledge and experience across financial services, technology, media, telecommunication and government agencies.
“Choosing a cybersecurity solution partner is like going to a tailor. There’s no one size that fits all. At Pragma, solutions are tailored for your organisation.”
- Geoff and Manish, co-founders of Pragma