Murex SaaS Receives Significant Independent Security Compliance Attestation

Service Organization Controls (SOC) 2 Type 1 designation, completed by KPMG, underscores IT, security standards

PARIS, July 11, 2024—Murex is pleased to announce its software-as-a-service offering, Murex SaaS, has received a Service Organization Controls (SOC) 2 Type 1 attestation.

The designation and achievement are significant third-party confirmations of the information security and confidentiality of Murex SaaS and MX.3.

KPMG conducted an audit that encompassed an examination of Murex SaaS security controls, adhering to the Trust Services Criteria (TSC) established by the American Institute of Certified Public Accountants (AICPA).

According to the report, Murex SaaS is designed and implemented to meet specified, demanding security criteria—namely, that user entity data is protected from unauthorized disclosure and unauthorized access.

“This intensive probe of Murex SaaS concretely demonstrates the emphasis we place on the security of our clients, of our software-as-a-service offering and our platform,” said Murex Chief Information Security Officer Gauthier Lulka. “This is not the end of the security journey for Murex. We will continue to sustain the high standards that we have put in place and keep supporting our customers' security needs.”

SOC 2 Type 1 measures whether company controls are designed properly at a specific point in time. Murex’s goal is to keep investing to protect confidentiality and privacy, along with parallel efforts to retain and extend third-party attestations, including the SOC 2 Type 2 designation, Gauthier Lulka said.

“Murex clients choose Murex SaaS for peace of mind, as Murex experts fully manage the run and evolution of your MX.3 instance end-to-end, leveraging the power of the cloud,” said Global SaaS Director Jonathan Coyle. “Peace of mind is also linked to the confidence in the security of Murex SaaS, which our SOC 2 Type 1 achievement underscores.”