More information on AWS for Financial Services

The Financial Services industry attracts some of the most hostile information security threats and is one of the most regulated industries in the world. AWS understands these obligations and has worked with the most complex Financial Services organizations to meet security and compliance requirements at every stage of their respective cloud journeys. Protecting your data is AWS’ number one priority and our global infrastructure is designed and managed according to security best practices, as well as a variety of compliance standards.

AWS also offers numerous security services to manage access and keys, analyze data for irregular activity with machine learning capabilities, mitigate DDoS attacks, encrypt data, and send alerts whenever changes are made to your AWS resources. AWS customers also have access to governance-focused, audit-friendly service features to meet security compliance regulations and audit standards.

Capital One

As part of our commitment to protecting your data, AWS offers capabilities to design security into your cloud environment. All customers have access to services that strengthen security in the following areas: Identity and Access Management, Detective Control, Infrastructure Security, Data Protection, and Incident Response.

These security areas are outlined as areas of importance in the AWS Cloud Adoption Framework (AWS CAF). The AWS CAF provides guidance around cloud adoption and specific security best practices. Learn more about the AWS' security services that can help you drive transformative change to your organization's security culture to be more agile, innovative, and robust.

Learn more about the AWS products and services that can help you design security into your cloud environment.

AWS Security Resources

AWS Security & Compliance Quick Reference Guide

The Center for Internet Security (CIS) issued security best practices specific to a cloud service provider that go beyond the high-level security guidance already available from AWS.

AWS: Overview of Security Processes

As an AWS customer, you have access to a suite of security, identity, and compliance services to protect and create controls for your data. Learn more about these services.   

AWS Cloud Security

Learn about the benefits of AWS Security, capabilities to increase security postures, resources for guidance to design for security at the AWS Cloud Security Center.

The AWS Cloud Compliance program provides information on all the controls in place that demonstrate security assurance and meet regulatory compliance requirements of the AWS platform and its respective users.

By tying together AWS governance-focused, audit-friendly features with applicable AWS Security services, customers can design a cloud environment that is compliant to their respective regulatory and organizational obligations. We offer workbooks, guidelines for national privacy considerations, government-issued compliance guidance, best practices, and trainings.


Stripe relies on AWS' infrastructure security and compliance to strengthen their own compliance program.

AWS Compliance Resources

CIS Best Practices

The AWS Security & Compliance Quick Reference Guide provides an overview of how to maintain a compliance-ready environment through control validation, demonstration of security assurance, and activity monitoring on AWS.


AWS’ NIST compliant cloud infrastructure services have been validated by third-party testing performed against the NIST 800-53 Rev. 4 controls plus FedRAMP requirements. Visit our NIST resource page to learn more.

Compliance Center

AWS provides information and regular updates about its risk and compliance program to enable customers to incorporate AWS controls into their governance framework. Learn more at the AWS Cloud Compliance Center.

Compliance Center

Find more workbooks, audit guides, and best practices at the AWS Financial Services Resource Center.

Governance, risk, and control of an organization's technology is critical for the performance of any assurance management process and when meeting audit requirements. Through automation, IT departments and compliance teams can efficiently support numerous audit demands imposed on organizations within highly regulated industries like Financial Services.

AWS offers services, resources, and best practices on infrastructure-as-code design, auditing a cloud environment for regulatory compliance, and setting up automatic updates and real-time notifications to take human error out of administrative tasks—all to demonstrate comprehensive governance of your business.

Capital One

AWS shares best practices around automating compliance in the cloud. Watch the recorded webinar.

Automation and Auditing Resources

Infrastructure as Code

With AWS, infrastructure is defined through code, and subsequently compliance is as well. Organization are now able to enforce compliance through automation and at scale. Learn more about infrastructure as code.


The AWS Federal Financial Institutions Examination Council (FFIEC) audit guide is for Financial Services customers, examiners, and audit advisors. It provides guidelines on the implementation and subsequent examinations of AWS.    

AWS Service Catalog

The AWS Service Catalog allows for central management of commonly deployed IT services and helps achieve consistent governance for compliance, while enabling users to deploy the approved services they need.

To assist in your cloud adoption journey, AWS has built automated reference deployments called Quick Starts, each of which includes AWS CloudFormation templates and solution deployment guides.

Because compliance is such a complex aspect of cloud adoption, we have developed Quick Starts called AWS Enterprise Accelerators — Compliance, which are specifically designed to streamline, automate, and implement specific governance, risk, and compliance requirements.

Capital One

Learn how Simple, a cloud-first online bank, uses AWS to meet PCI-DSS compliance requirements.

AWS Enterprise Accelerators — Compliance

Standardized AWS architecture that supports PCI DSS compliance.

Learn more »

AWS architecture that supports NIST, DoD, FedRAMP standards.

Learn more »

NIST High-Impact
AWS architecture for NIST high-impact controls, featuring Trend Micro.

Learn more »

AWS Marketplace

AWS Marketplace is an online software store for organizations to find, buy, and immediately start using popular business software and applications running on the AWS cloud.

Learn more about AWS Marketplace »

To support the integration and deployment of Financial Services-specific solutions, AWS established the Financial Services Partner Competency Program to identify Consulting and Technology APN Partners with deep industry experience and expertise.

Learn more about Financial Services APN solutions »

We can help you get started with a consultation from our sales and architecture organization, or you can begin your own pilot today.

Contact AWS Sales | Create an AWS Account