This document describes the system architecture and security features of CRS/FATCA One. It highlights that the platform is designed for financial institutions to streamline FATCA/CRS compliance through a cloud or on-premise setup. Key features includ
System Requirements:
-
CRS/FATCA One™ is designed for Foreign Financial Institutions (FFIs) seeking simplified FATCA/CRS compliance.
-
Available as a cloud or on-premise software solution.
-
Enables:
-
Identification of reportable records
-
Data remediation for completeness and accuracy
-
XML schema conversion
-
Reporting to tax authorities
-
Architecture and Platform:
-
Minimum 8 GB RAM for Linux; 12 GB for Windows (more is better).
-
5 GB storage (varies based on dataset and backups).
-
64-bit processor (memory is more important than processing power).
-
Can run on a single machine or distributed across multiple servers.
-
VM ready.
Security Features:
-
Encryption:
-
256-bit SSL encryption for all data in motion and at rest.
-
-
Access Controls:
-
Role-based security levels:
-
IT Admin
-
Business Admin
-
Reporting
-
Super-User
-
Business Analysts
-
-
Configurable session timeouts and password policies.
-
LDAP-based single sign-on (SSO) supported.
-
Scalability
-
Uses Hazelcast for scaling data loading and processing.
-
Uses Sharding to scale the MongoDB database.
-
Code is optimized for:
-
Data loading
-
Data retrieval
-
Data processing
-
-
Front-end and back-end can be distributed across multiple servers.
-
Fully indexed and extensively load tested.
Security Testing
-
Trans World Compliance applies best practices and continuous security testing, including:
-
Monitoring US-CERT alerts
-
Applying patches and updates
-
Intrusion detection systems (IDS)
-
Continuous auditing and testing
-
-
Compliance with OWASP (Open Web Application Security Project) standards.
-
Uses Spring Security for role-based access.
-
Employs Jenkins for continuous integration/testing.
-
Performs monthly penetration testing using:
-
OWASP ZAP
-
Qualys
-