FSI Compliance Checker

Overview

Maps a concrete change (code diff, architecture design, IaC, pipeline config) to the specific controls it touches in financial services compliance frameworks — PCI-DSS v4.0 for payment card data and MAS TRM for Singapore-regulated institutions — and reports gaps with actionable remediation. This is engineering-level compliance triage: it helps teams catch violations before audit, but it does not replace a qualified assessor (QSA) or the institution's compliance function. Say so in every report.

When to Use This Skill

• Use when a change touches payment card data (PAN, CVV, track data) and needs a PCI-DSS check
• Use when reviewing changes at a Singapore-regulated financial institution against MAS TRM expectations
• Use when someone asks "is this compliant", "does logging this violate PCI", or requests a banking-regulation review of a diff, design, or Terraform change
• Do NOT use for generic security review (no framework involved), GDPR/SOC2/HIPAA (out of bundled scope), or legal advice

How It Works

Step 1: Select the framework

Load only the reference file(s) the engagement needs: