TAINA's FATCA, CRS & QI Compliance Platform Aces Penetration Test

Here at TAINA Information security remains our top priority, demonstrated by our ISO27001 certification status. We continuously test our platform to ensure the highest of security standards and best practices are always adhered to, using external consultants to verify its excellence. One such case of this is undertaking a recent round of CREST approved Penetration Testing (Pen Testing). The TAINA FATCA, CRS and QI Compliance Platform undergoes annual external pen tests to ensure from a data protection compliance and data security perspective that we continue to achieve a clean bill of health.

What is Penetration Testing?

Penetration testing, or more widely referred to as Pen Testing, is a simulated real world attack on a network, application, or system or in this such case the TAINA FATCA, CRS and QI Compliance Platform. Pen Testing is a software industry recognised approach that involves an external team of CREST certified experts, who actively try to ethically hack into an organization's system to expose and exploit potential vulnerabilities and weaknesses. 

Why does the TAINA Platform undergo Penetration Testing?

Compliance with global data protection regulations remains a top priority for our clients which include global financial institutions of all types including Big 4. By undergoing pen testing we show our clients, partners and investors the following:

• Firstly, we show them that we take cyber security very seriously and we are always ready and able to answer any of their information security team's concerns and questions regarding their data protection requirements.

• Secondly, we also help manage and reduce our clients' risk, by identifying and remediating any software vulnerabilities that could potentially lead to cyber breach.

TAINA Penetration Testing Score

In an external penetration test of an organization's infrastructure and software platform, an organisation can receive one of five risk ratings namely; critical, high, medium, low and info. TAINA passed their Pen Test with flying colours receiving a phenomenal score of 4 lows and 1 info. Meaning the external CREST approved consultant found that the TAINA FATCA, CRS and QI Platform has no major vulnerabilities and continues to meet industry benchmark standards and complete routine maintenance tasks.

TAINA Approach to Internal Testing:

TAINA prioritises both Quality Assurance testing and Information Security testing.  Our internal testing approach is not just about identifying bugs within the product, but also ensuring our product meets the business and data protection requirements of our clients and their customers and investors.

“Protecting company and customer information and data is paramount to our business.” said Michael Wall, Infrastructure Engineer at TAINA Technology. “Security is always number one on our list with any projects or tasks undertaken and constantly reviewed."

TAINA Authent-A-Link Information Security

This year’s Pen Test was particularly important as it focussed on TAINA's new capability, TAINA Authent-A-Link. Working together with our clients’ the TAINA platform has grown and evolved to meet their increasing market demands and emerging challenges, with a new capability that allows for secure authentication of customers and investors. 

TAINA Authent-A-Link is a standalone or integrated registration journey solution that allows financial institutions and their service providers to authenticate customers without an existing online portal.This new innovative capability allows our clients’ to provide a new customer or investor journey that enables their new customers/investors to complete their w-series and CRS tax forms using a reference code that could simply be created by the financial organisation. Using multi-factor/ two factor authentication (2FA) our clients’ are able to ensure KYC by verifying these new customers and investor’s identity.

For more information on how our fully automated FATCA and CRS Validation platform can add value to your business, get in touch or request a demo to see it in action.