Murex Strengthens Internal Controls, Security Best Practices Commitment with SOC 1, SOC 2 Compliance

Murex is proud to announce it has successfully obtained Service Organization Controls (SOC) 1 Type 2 and SOC 2 Type 2 attestation reports with no exception noted for its software-as-a-service offering, MXSaaS.

The examination, conducted by KPMG, covers the period from July to December 2024.

This significant milestone underscores Murex’s commitment to security, internal controls, transparency and market best practices. SOC 2 has become a key standard with a cybersecurity compliance framework developed by the American Institute of Certified Public Accountants (AICPA). SOC 1 is crucial in providing services that affect financial reporting. 

SOC 2 Type 2 builds on the SOC 2 Type 1 attestation Murex received in July 2024. While Type 1 evaluates the service organization’s data and security controls at a single point in time, Type 2 evaluates them over a set period. The SOC 2 report examines the service organization’s controls related to the Trust Services Criteria of security, availability, confidentiality, processing integrity, or privacy.  

“In today’s digital landscape, ensuring the security and integrity of our clients’ data is paramount,” said Murex Global SaaS Director Jonathan Coyle. “At Murex, security, compliance and trust are at the core of everything we do. As a leading SaaS provider in the finance industry, we understand the critical importance of safeguarding data, ensuring operational integrity, and adhering to the highest industry standards.” 

“This progression of our independent, third-party probing of MXSaaS demonstrates our focus on the security of our clients and our software-as-a-service platform,” said Murex Deputy Chief Information Security Officer Gauthier Lulka. “We are proud of this latest step in our security journey.”

“MXSaaS serves clients of all sizes and across sectors, including major global financial institutions, to provide them with a peace-of-mind experience, as Murex experts fully manage the run and evolution of their MX.3 instance end-to-end, leveraging the power of the cloud,” Coyle said. “As regulatory and compliance frameworks in finance markets grow in complexity, it is crucial that we maintain and keep evolving the security of our platform and services to adhere to the highest standards in data protection and operational integrity. Our SOC 1 and SOC 2 Type 2 achievement underscores the confidence being built around MXSaaS.”

Murex remains committed to proactive risk management, operational excellence, and delivering secure and reliable solutions that empower clients in an ever-evolving financial ecosystem.