Centre For Cybersecurity Institute Centre For Cybersecurity Institute
Menu
Corporate training · Financial services

Cyber awareness training for financial services

Regulators expect your people trained. Attackers expect them tired. We deliver live security awareness training that satisfies the auditors and actually changes what your staff click, sign and approve.

Why financial services get targeted

These are the attack patterns we train against in this sector, drawn from live campaigns rather than textbook examples.

Business email compromise

Payment redirection and vendor bank-detail fraud remain among the costliest scam types reported by Singapore businesses, and finance teams are the prime target.

Deepfake executive fraud

Finance staff have been talked into eight-figure transfers by deepfake video calls in the region. Verification protocols only work when every approver actually uses them.

Credential phishing at scale

Fake login pages and MFA-fatigue attacks target your staff because one set of credentials opens client data, payment systems and email at once.

Third-party and client impersonation

Spoofed custodians, fund administrators and clients pressure-test your people daily. The habit of verifying out-of-band has to be trained, not assumed.

The rules your people operate under

Training is the control every one of these frameworks expects, and our engagement report is the evidence they ask for.

MAS TRM Guidelines

The Technology Risk Management Guidelines expect a security awareness programme for all staff, refreshed regularly and evidenced.

MAS cyber hygiene

MAS cyber hygiene requirements set the control baseline; your people are the layer those controls depend on.

PDPA

Client and investor personal data carries protection obligations, with staff training the expected safeguard.

Audit and insurance

Internal audit, external audit and cyber insurers all ask the same question: show us the training and the results.

Tailored curriculum

What we build for financial services

Everything in the core Cyber Safety workshop, live hacking demonstrations included, plus sector-specific depth:

  • BEC and payment-fraud drills for finance, operations and client-servicing teams
  • Deepfake and voice-clone fraud: verification protocols that survive pressure
  • Phishing analysis with lures drawn from financial-sector campaigns
  • Data handling for client and investor information under the PDPA
  • Incident escalation aligned to your TRM obligations and reporting lines
Always included
  • Pre-workshop consultation
  • Post-training phishing simulation
  • Before-and-after awareness measurement
  • Board-ready engagement report
  • Certificates for all participants

Measured results

70%

reduction in phishing incidents across recurring yearly workshops

Over the years we have seen a 70% reduction in phishing incidents, thanks to the vigilance these yearly workshops build.
200+ employee organisationRecurring annual client, Singapore
+69

Net Promoter Score across 56 organisations trained, with trainer clarity rated 4.72/5

PETRONAS PETRONASLarge-scale awareness programme, delivered with AWS

Where to start

Mid-size institutions typically run the Professional annual programme: quarterly touchpoints and simulations produce the evidence trail MAS-facing audits expect, and the executive briefing keeps leadership inside the loop.

Pilot Workshop

Your first engagement, any team size

From S$2,800single session
  • Live 2-hour virtual (S$2,800) or half-day on-site workshop (S$5,400)
  • Curriculum tailored to your sector in a pre-workshop consultation
  • Live hacking demonstrations and hands-on exercises
  • Post-training phishing simulation with analytics
  • Board-ready engagement report and debrief

The pilot fee is credited in full against any annual programme signed within 90 days.

Scope this with us
Recommended for you

Professional

Organisations of 301 to 800 staff

S$42,000per year
  • Four live sessions across sites or departments
  • E-learning seats for every employee
  • Four phishing simulations with analytics
  • Executive briefing for your leadership team
  • Annual report plus a next-year roadmap
Scope this with us
See every programme and the cost estimator

Financial questions, answered

Does this satisfy the MAS TRM training expectation?

The programme is built to evidence a security awareness programme in practice: documented curriculum, attendance, before-and-after measurement and simulation results, reported annually. Your compliance team maps our report directly into audit responses.

Can you run separate sessions for front, middle and back office?

Yes. Scenarios differ by desk: client-facing teams get impersonation and data-handling depth, finance and operations get payment-fraud depth. The annual programmes are built for exactly this split.

We are a small fund manager, not a bank. Is this proportionate?

Yes. A boutique manager usually starts with a half-day workshop plus simulation, then an Essentials programme. You get the same evidence pack, sized to a smaller headcount and budget.

How current are the fraud scenarios?

Live. The curriculum is refreshed continuously with the campaigns circulating in Singapore and the region, including AI-generated phishing and deepfake approval fraud.

Not sure where you stand? Take the free two-minute check: Do I need cyber awareness training for my team?

Ready to train your financial team?

Book a 30-minute scoping call. We will map your headcount, sites and regulatory context to the right format and give you a clear quote.

Chat with us