Canonical FrameworkCompliance & Audit

MAS TRM

MAS TRM control-mapping starter for Singapore financial institutions operating AI-enabled digital services. It references technology risk, cyber hygiene, data, continuity, incident, provider, and adjacent AI risk-management expectations, with gateway controls where applicable.

This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.

Regions

SG

References

3 references

Mapped Control Domains

7 mapped domains

Deployment

Regulated SaaS, Sovereign Region, Financial (Cache Disabled)

Referenced Frameworks, Standards & Obligations

MAS Technology Risk Management Guidelines (2021)MAS Notice on Cyber HygieneProposed MAS Guidelines for Artificial Intelligence Risk Management (2025 consultation)

Mapped Control Domains

ICT Risk Management
Access Control
Audit Logging
Incident Response
Third Party Oversight
Business Continuity
Data Management

Deployment profiles

Regulated SaaS
Sovereign Region
Financial (Cache Disabled)

Get started in 3 steps

1

Open the template

Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.

2

Adapt the configuration

Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.

3

Validate before rollout

Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.