Compliance and Security for Financial Services

AWS understands the unique security, regulatory, and compliance obligations financial services institutions face on a global scale. AWS customers can access controls that have been tested and validated by third-party auditors across ISO, PCI, SOC, and other certifications. Internal AWS Financial Services security and compliance experts can also help customers to create scalable, secure cloud platforms specially designed to complement the organization’s security goals, strategies, and tactics, while meeting the strictest regulatory requirements.

Infrastructure and services to elevate security in the cloud

Security and resiliency are our highest priority. We listen closely to our customers to offer both a highly secure cloud computing environment and a range of tools and resources they can leverage to build and implement their own application-level security measures. AWS has achieved a number of internationally recognized certifications and accreditations, demonstrating compliance with third-party assurance frameworks, including those that impact most financial services organizations such as PCI-DSS, SEC Rule 17-a-4(f), Reg SCI, EU Data Protection Directive, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171.

AWS also offers numerous security services to manage access, analyze data for irregular activity with machine learning capabilities, mitigate DDoS attacks, encrypt data, and send alerts whenever changes are made to AWS resources. AWS customers also have access to governance-focused, audit-friendly service features to meet regulations and audit standards.

The same world-class security experts who monitor AWS core infrastructure also build and maintain the broad selection of innovative security services, which help customers simplify meeting their security and regulatory requirements.

Learn more »
 

Resources

AWS Compliance Center

The AWS Compliance Center is an interactive tool that offers a central location to research cloud-related regulatory requirements in 54 countries. The tool helps customers browse country-specific resources, identify local regulatory requirements, and view AWS compliance programs that may apply to that country. As more countries update their technology guidelines, they will be added to the tool to help financial services professionals understand regulatory requirements for adopting the cloud in the geographies where they operate.

Learn more »

AWS Cloud Governance for Financial Services

AWS Cloud Governance for Financial Services is a framework to guide customers in establishing processes and selecting tools to manage and govern their AWS environment. Financial institutions are able to define requirements for security, cost, and ongoing oversight for their cloud journey; ensure processes are optimized and consistently followed; and implement solutions to measure cloud health at scale.

Learn more »

AWS Security Documentation

The security documentation repository shows customers how to configure AWS services to meet their organization’s security and compliance objectives. AWS customers benefit from data centers and network architectures that are built to meet the requirements of the most security-sensitive organizations.

Learn more »

AWS Well-Architected Framework

The AWS Well-Architected Framework has been developed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. Based on five pillars—operational excellence, security, reliability, performance efficiency, and cost optimization—the framework provides a consistent approach for customers and partners to evaluate architectures and implement designs that will scale over time.

The Financial Services Industry Lens for AWS Well-Architected Framework provides additional best practices for the resiliency, security, and operational performance requirements of financial institutions based on our experience working with global customers in a highly regulated environment.

Download the Financial Services lens whitepaper PDF | Kindle

AWS Artifact tool

The AWS Artifact tool is a globally available customer portal that provides on-demand access to information on AWS policies, processes, and controls. It offers documentation of controls relevant to specific AWS services and validation that AWS controls are operating effectively. Customers can use the reports to align AWS controls to their own control frameworks and verify that AWS controls are performing successfully. View AWS Services in Scope by Compliance Program or access AWS Artifact from the AWS Management Console.

Amazon CloudWatch
Monitor resources and applications
Amazon GuardDuty
Managed threat detection service
AWS CloudTrail
Track user activity and API usage
AWS Config
Track resource inventory and changes
AWS Systems Manager
Gain operational insights and take action
AWS Trusted Advisor
Optimize performance and security
AWS Control Tower
Set up and govern a secure, compliant, multi-account environment
AWS Security Hub
Unified security and compliance center

Related content

To learn more about how AWS Global infrastructure is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment, visit Infrastructure.AWS

Get started

Leading companies in the financial services industry are already using AWS. Contact our experts and start your own AWS Cloud journey today.

Contact Sales