Compliant IT for financial services
Regulatory compliant IT infrastructure for financial services, with regulator-ready embedded auditing.
With roots in one of the world’s financial capitals Penta has specialized in providing IT services to the financial sector for almost two decades.
Banks, private banks, family offices, investment houses – they all trust Penta to provide stable and secure IT infrastructure that meets their regulatory requirements and the high expectations of their own clients.
Financial IT Services
Built for financial services
IT auditing for regulatory compliance is completely taken care of. One less thing to worry about.
Hover over the diagram to read more.
Independent compliance auditor
Penta entire infrastructure and methodologies are audited by third-party independent auditors every year.
The auditor is always one of the Big Four auditing companies and is changed regularly to ensure independence.
The lastest audits were performed by EY (Ernst & Young).
Auditing and audit report
Penta takes care of the whole auditing process:
- Sourcing the requirements from the financial regulator
- Interpreting and defining the auditing requirements
- Commissioning and producing the independant auditors report
The financial regulator and you
You simply hand over the ready-packaged auditor's report to your financial regulator knowing that all the IT requirements for your industry have been met, with no hassle and at no extra cost.
Penta’s entire infrastructure is audited yearly by EY (Ernst & Young) to international standards (ISAE 3402 Type 2). The audits meet all major financial regulators’ IT compliance requirements, and are available to every client for compliance needs and peace of mind.
Secure dedicated fiber connections between offices and data centers. Remote connectivity secured by VPN and multi-factor authentication. Continuous off-site backups and disaster recovery in any required configuration.
Clear ownership structures with no exposure to uncertain legal jurisdictions. Independent penetration testing by rotating external cyber security experts. Data-at-Rest, Data-in-Use, and Data-in-Motion encryption to FIPS 140-2 standards.
Team of network security engineers on-call 24/7/365. Specialists dedicated to anti-virus systems and spam blocking. Staff vetting, monitored on-boarding and continuous skills improvement.