Bank-Grade Security

Compliant infrastructure to securely and efficiently tokenize assets

micobo Software Solutions & Services are compliantly available in Europe & Asia, and expanding to other jurisdictions, to drive asset tokenization operations at an optimal level.

Our services have passed extensive technical and regulatory considerations , to deliver stronger capability, financial compliance, protection of data, notice to data residency, and latency.

micobo services are built for resiliency including high availability and disaster recovery. There are no services that are dependent on a single logical data center (to avoid single points of failure). All Microsoft Azure services that store customer data are compliant with the European framework (Regulation EU 2016/679 General Data Protection Regulation - GDPR ) and national implementations allow the customer to specify the specific regions in which their data will be stored.

In accordance with our legal domicile and company registry in Germany, this documentation provides micobo’s technical and organizational resources on the basis of section 25a (1) of the German Banking Act (Kreditwesengesetz) – in particular for IT resource management and IT risk management, implementing the European Directive 2013/36. This is without prejudice to the requirements contained in the Minimum Requirements for Risk Management (Mindestanforderungen an das Risikomanagement – MaRisk).

The depth and scope of the topics addressed in this documentation are not exhaustive, and follow the legal requirements established by AT 5 and 6 of MaRisk. Hence, pursuant to section 25a (1) number 4 of the German Banking Act in conjunction with AT 7.2 number 2 of MaRisk, we observe and apply generally established standards to the arrangement of the IT systems and the related IT processes, as the IT Baseline Protection manuals (Grundschutz) issued by the Federal Office for Information Security (BSI) and standard ISO/IEC 2700X of the International Organization for Standardization.

Two Factor Authentication
Advanced DevSecOps
Logging and Monitoring
Secure Data Encryption
Authentication & Access Control
Data Backups
Service Resilience & Risk Avoidance
Decentralized Issuing
How We Secure Ourselves

Data Backups

According to AT. 2.3.3 of MaRisk, the initial issue of securities does not generally constitute trading. However, the first-time purchase of newly issued securities does constitute a trade within the meaning of the regulation, and hence we offer compliant management of the underlying software provided to perform these actions. In the case of first-time purchases, market conformity is verified following BTO 2.2.2 of MaRisk.

micobo advises its clients to subject their security token trades to ongoing controls. In particular, we offer support to comply with regulatory demands, providing verification on whether:

  • The transaction records are complete and quickly available.
  • The information supplied by traders is correct and complete and matches the details on broker confirmations, printouts from trading systems, or the like, where these are available.
  • The transactions are within the defined limits with respect to their type and scope.
  • Usual market conditions have been agreed upon.
  • Any deviations from prescribed standards (eg master data, delivery channels, payment methods) are agreed upon.

Being a DLT-based provider, we ensure security by storing complete transaction records on the blockchain.

How We Ensure The Safety Of Your Assets

Secure Network Architecture

Our networks are segregated based on criticality levels, with development and testing environments hosted in an entirely separate Microsoft Azure project from our production environment. All networks are carefully segmented using tightly-defined firewall rules defined on a per-port and protocol level, both externally and internally

State-of-the-Art Security Procedures

Security is the core of our operations, for which we are committed to ensuring the utmost account of every safety measure required by the regulators to provide compliant software. micobo stays ahead of the latest IT methods to provide transparent and protected services, guaranteeing security management to prevent risks and mitigate breaches.

 

We perform regular penetration tests by a recognized party, to make sure that our solution is built in full compliance with the latest requirements for IT-Security. We have made our audited smart contracts standard open-source for the community to check it and contribute.

 

We secure our clients by providing software escrow services that allow our clients to operate micobo’s enterprise solution under all circumstances (i.e., business continuity ensured).

State-of-the-Art Security Procedures

Security is the core of our operations, for which we are committed to ensuring the utmost account of every safety measure required by the regulators to provide compliant software. micobo stays ahead of the latest IT methods to provide transparent and protected services, guaranteeing security management to prevent risks and mitigate breaches.

 

State-of-the-Art Security Procedures

Security is the core of our operations, for which we are committed to ensuring the utmost account of every safety measure required by the regulators to provide compliant software. micobo stays ahead of the latest IT methods to provide transparent and protected services, guaranteeing security management to prevent risks and mitigate breaches.

 

Contact us