AWS Security Blog
2024 FINMA ISAE 3000 Type II attestation report available with 179 services in scope
Amazon Web Services (AWS) is pleased to announce the issuance of the Swiss Financial Market Supervisory Authority (FINMA) Type II attestation report with 179 services in scope.
The Swiss Financial Market Supervisory Authority (FINMA) has published several requirements and guidelines about engaging with outsourced services for the regulated financial services customers in Switzerland.
An independent third-party audit firm issued the report to assure customers that the AWS control environment is appropriately designed and operating effectively to support adherence with FINMA requirements.
The latest report covers the 12-month period from October 1, 2023 to September 30, 2024, for the following circulars:
- 2018/03 “Outsourcing – banks, insurance companies and selected financial institutions under FinIA”
- 2023/01 “Operational risks and resilience – banks”
- Business Continuity Management (BCM) minimum standards proposed by the Swiss Insurance Association
AWS has added the following 10 services to the current FINMA scope:
- Amazon DataZone
- AWS Entity Resolution
- AWS Mainframe Modernization
- AWS Payment Cryptography
- Amazon Q Business
- Amazon Q Developer
- Amazon Application Recovery Controller
- Amazon Security Lake
- AWS Verified Access
- Amazon WorkSpaces Thin Client
Customers can find the FINMA ISAE 3000 report on AWS Artifact. To learn more about the complete list of services in scope, see AWS Compliance Programs and AWS Services in Scope for FINMA.
AWS strives to continuously bring new services into the scope of its compliance programs to help you meet your architectural and regulatory needs. Contact your AWS account team for questions about the FINMA report.
To learn more about our compliance and security programs, see AWS Compliance Programs. As always, we value your feedback and questions; reach out to the AWS Compliance team through the Contact Us page.
If you have feedback about this post, submit comments in the Comments section below.