Fintech Company Cyber Architecture Review

In response to further scrutiny from the Financial Crimes Enforcement Network
(FinCEN) a FINTECH company initiated a cybersecurity architecture review to ensure
their policies, processes, procedures, and controls were in compliance with recent
FinCEN guidance to avoid fines.

  • The team held a kickoff meeting with key stakeholders. The purpose of the meeting was to agree on the project scope and Rules of Engagement (ROE).
  • The team requested and reviewed relevant cybersecurity architecture documentation, diagrams, work/desk instructions.
  • The team requested and reviewed screenshots and in appropriate instances shoulder surfed engineers to view technical procedures and logs.
  • The team performed extensive analysis alongside Anti Money Laundering (AML) and Bank Secrecy Act (BSA) experts to ensure that all possible technical controls and measures were in place to restrict transactions from high-risk jurisdictions.
  • The team developed and presented details and high-level findings reports to the client technical and leadership teams for review with recommendations.
  • The team worked with the client to create a remediation roadmap and provided technical assistance.

The client was able to take proactive steps to comply with FinCEN cyber guidance and implement appropriate cybersecurity controls and measures to protect its network and prevent access from sanctioned entities.