Live Webinar | 26 June 2025 9AM PT
From Black Box to Boardroom: Operationalizing Trust in AI Governance

Building PCI DSS compliance from scratch

Location:
Kuala Lumpur, Malaysia
Industry:
Financial Services
3x
increase in departments actively driving compliance
100%
of 12 core PCI DSS requirements fulfilled
50%
reduced effort in policy management
100%
infrastructure coverage via daily automated scans
Discover why 1500+ companies trust Scrut
Book a Demo
Book a Demo
“Scrut simplified our PCI DSS journey, giving us control, visibility, and the clarity needed to approach compliance methodically.”
Nandakumar Rangasamy
,
Engineering Lead & India Site Leader, GoMobi

THE COMPANY

Deliberate approach to building trust in fintech

GoMobi is a fintech platform operating under the regulatory oversight of Malaysia. As a company, they embed security deeply into their operations. However proving this via a compliance certification was essential.

THE CHALLENGE

Achieving PCI DSS without prior compliance experience

Since GoMobi were not compliant with any industry framework to begin with, there was a steep learning curve involved. This meant re-evaluating security posture from the ground up.

  • Setting up compliance operations from scratch: With no clear roles established or policies approved across departments, there were gaps in ownership.
  • Time-draining manual collection of evidence: Teams had to manually track evidence submissions and validity, increasing complexity and the likelihood of inaccuracies.
  • Reactive approach to remediating issues: Gaps in monitoring the overall security and compliance posture meant that there were delays in fixing any issues coming up.
  • Avoiding short-term tick-the-box compliance: GoMobi did not want to achieve certification as a stamp of approval, but instead tailor its processes to sustain it continuously to build trust.

THE SOLUTION

Built-in expertise, automation, and audit readiness

With Scrut’s unified platform to manage policies, automate evidence collection, and prep confidently for audits; GoMobi quickly transitioned to a structured, audit-ready compliance program.

POLICY MANAGEMENT

Consolidated compliance monitoring and management

Scrut’s central dashboard allowed HR, IT, and governance teams to collaborate seamlessly. Policies were created easily using the in-line editor and auditor-vetted templates. Further, automated recurrence schedules for updating policies were set up. Employee policy acceptance was streamlined with timely automated reminders. All this was done with collaboration enabled by the platform’s task management capability. Lastly, detailed audit logs tracked every minute action in real time for comprehensive visibility during audits.

CLOUD TEST MONITORING

Automated cloud scans and evidence collection

Scrut’s multi-cloud integrations helped enforce role-based access controls and monitor cloud security across AWS and Azure AD. Daily automated scans flagged potential vulnerabilities in real-time, and the automated metadata remediation enabled the closing of such issues swiftly. Evidence from across the tech stack was also automated. Code repositories and MDM were routinely scanned to pull in evidence in the required format. Further, the dashboards provided comprehensive visibility into current gaps and progress.

AUDIT CENTER

End-to-end audit preparation and support

Scrut’s expert infosec team with over 50 years of experience, provided extensive support in creating and managing compliance documentation. Corrective actions were minutely tracked and implemented via the platform and any other compliance gaps or vulnerabilities were instantly identified and mitigated. Structured guidance throughout the audit preparation process helped them enter the certification phase with confidence, knowing that all necessary controls and the 12 core requirements of PCI DSS were robustly in place.

THE IMPACT

Strengthening security maturity for long-term fintech growth

  • Improved security alignment across departments: Scrut’s methodical approach and intuitive platform led to an organization-wide culture of compliance and accountability, leading to better cross-functional operations.
  • Comprehensive visibility of compliance progress: Proactive tracking of compliance from cloud to evidence and even audits, led to greater transparency in progress and gaps and ensured that appropriate steps were taken to maintain constant compliance.
  • Reduced overhead, increased compliance maturity: GoMobi avoided additional tooling costs of having an additional HRMS by using Scrut to automate employee access control, policy acknowledgment tracking, and security trainings.
  • Future-proofed compliance for scalable growth: Pursuing PCI DSS with a methodical, security-first approach has laid the foundation for sustainable growth. This aided market expansion, especially across regulated geographies.
“We were building from scratch. Scrut gave us the playbook to roll out compliance operations across teams without the chaos. Everything from policy to evidence to even security trainings were streamlined to an extent we did not think was possible”

Nandakumar Rangasamy
Engineering Lead & India Site Leader, Gomobi
Explore why our customers trust Scrut for their compliance needs
Book a Demo
Book a Demo
Table of contents
Example H2
h3
Example H3
h4
Example H4
h5
Example H5
h6
Example H6
Subscribe to our newsletter
Get monthly updates and curated industry insights
Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Success stories from the GRC frontlines

Market expansion with a
security-first approach
Market expansion with a security-first approach Location: Wilmington, Delaware, USA Industry
Read Case Study
LiveTiles Upgrades to ISO 27001:2022 with Scrut
LiveTiles Upgrades to ISO 27001:2022 with Scrut Location: New York, USA Industry
Read Case Study
Simplifying Compliance Across Global Markets
Simplifying Compliance Across Global Markets Location: Bangalore, India Industry: Edtech The Context
Read Case Study

Ready to see what security-first GRC really looks like?

The Scrut Platform helps you move fast, stay compliant, and build securely from the start.

Book a Demo
Book a Demo
Platform
Why ScrutExplore the PlatformSimplify ComplianceStreamline AuditsEmpower Your EmployeesMonitor Cyber RiskAssess Third-Party RiskValidate User PrivilegesManage Asset InventoryDemonstrate TrustAI-Powered GRCIntegrate Your Tech Stack
Frameworks
SOC 2ISO 27001GDPRPCI DSSHIPAANIST AI RMFCustom FrameworksAll Frameworks
Company Stages
StartupGrowthEnterprise
Industry
Enterprise SoftwareFinancial ServicesHealthcareTravel and TourismEducation
Resources
BlogEbooksPodcastSuccess StoriesWebinarsEventsGlossaryFAQs
Hubs
SOC 2 HubISO 27001 HubHIPAA HubExplore All Hubs
Partners
Become a PartnerFind a Partner
Company
CustomersAboutCareersNewsroomSecurity
TrustTerms of UsePrivacy PolicyCookies Policy
© 2024 Scrut Automation. All Rights Reserved.