TransactIG · Security

Regulator-defensible by architecture

TransactIG processes general-ledger, bank, tax-authority, and statutory data for finance teams that answer to statutory auditors, internal audit committees, and — for regulated entities — the RBI, IRDAI, SEBI, and CAG.

Security is not a feature bolt-on. It is the operating envelope inside which every architectural and product choice is made.

This page sets out the certifications, the operating controls, and the regulator-engagement posture a CFO, internal-audit head, or board risk committee can rely on before signing.

ISO 27001:2022

Certified, annually surveilled

DPDP Act 2023

Aligned by design

RBI IT Governance

Aligned operating model

AWS Mumbai

India data residency

TLS 1.2+

Every integration surface

Tamper-evident

Statutory-grade audit trail

Certifications and frameworks

ISO 27001:2022 certified. DPDP and RBI aligned.

Three frameworks shape the security operating model. Each is independently evidenced inside the customer due-diligence pack.

ISO 27001:2022 certified

Information security management system certified against the 2022 revision of the ISO standard. Terra Insight's controls cover the organisational, people, physical, and technological domains specified in ISO 27001:2022 Annex A. Certification is audited annually by an accredited registrar. Evidence is available to evaluating customers under NDA — the certificate, the statement of applicability, and the most recent surveillance audit report all sit inside the customer due-diligence pack.

DPDP Act 2023 aligned

The Digital Personal Data Protection Act's consent, purpose-limitation, retention, and fiduciary-duty requirements shape every product surface in TransactIG. Where the engine processes personal data inside ledger entries — employee TDS deductions, vendor PAN, customer GSTIN — processing runs under documented purposes consented by the data principal through the customer as data fiduciary. Erasure, access, and correction requests are supported through the customer's fiduciary workflow without out-of-band coordination.

RBI IT Governance aligned

RBI Master Directions on Outsourcing of IT Services and IT Governance shape TransactIG's operating model. Data localisation, vendor due-diligence, exit management, concentration-risk posture, and incident-reporting obligations are built into how the service is delivered to regulated finance teams. The customer due-diligence questionnaire response, the outsourcing risk pack, and the exit-portability evidence are all NDA-available — and updated each surveillance cycle.

Make in India · Indian-domiciled

Terra Insight Pvt. Ltd. is an Indian-domiciled software product company. Development, operations, support, and management all sit within India. There is no offshore data plane, no foreign-parent override on data access, and no jurisdictional ambiguity for a CFO or board risk committee to navigate at procurement.

Data residency

AWS Mumbai. India data plane. Every tier.

Cross-link to deployment for the three-tier delivery shape.

Across all three TransactIG deployment tiers — managed cloud, private-tenant, and on-premise — customer data stays inside the India data plane. No general-ledger entry, no bank statement, no reconciliation output ever leaves the country.

For managed and private-tenant customers, the storage layer is AWS Mumbai (ap-south-1). For on-premise customers, the data never leaves the customer's own data centre. There is no shared services tier — billing, telemetry, or backup — that egresses Indian jurisdiction at any point.

The RBI Master Direction on IT Governance, the SEBI cyber resilience framework, and the IRDAI information and cyber security guidelines all expect data localisation. TransactIG meets that expectation by architecture, not by procedural exception waiting to break under audit.

Encryption posture

Encrypted at rest. Encrypted in transit. Documented end-to-end.

Encryption is a control surface the due-diligence questionnaire walks through line by line — what algorithm, what key source, what rotation cadence, what evidence on request.

At rest

Customer data is encrypted at rest using managed keys on the underlying storage layer. Ledger extracts, bank statements, TDS files, and reconciliation outputs all live behind the same encryption boundary — no carve-outs, no plaintext staging tier.

In transit

TLS 1.2 or higher is enforced across every integration surface — SFTP ingestion, S3 push, scheduled API fetch, ERP connector, administrative console, and operator access. Plaintext fall-back paths are not configurable by customers or operators.

Key management

Key management practices — generation, rotation, custody, revocation — are documented in the due-diligence pack and evidenced for the customer at the contracting stage. The ISO 27001:2022 statement of applicability covers the cryptographic control set the registrar audits.

Operating controls

Tenant isolation and access control

The controls are designed to withstand customer due-diligence, third-party audit, and regulator review — not just a marketing checkbox.

Data residency

Across every deployment tier — managed cloud, private tenant, and on-premise — customer data stays inside the India data plane. No ledger entry, no bank statement, no GSTR extract, no reconciliation output ever leaves the country. RBI IT governance direction on data localisation is met by architecture, not by process exception.

Encryption

Data at rest is encrypted with managed keys on the underlying storage layer. Data in transit uses TLS 1.2 or higher for every integration surface — ingestion (SFTP, S3, scheduled fetch), API, ERP connector, and administrative access. Key management is documented and customer-evidenced in the due-diligence pack.

Tenant isolation

Managed-tier customers are logically isolated at the data layer. Private-tenant customers receive a dedicated single-tenant data plane. On-premise customers control their own access boundary entirely. Cross-tenant data access is not possible in any shape by design — not by policy, by architecture.

Access control

Administrative access is role-based, MFA-enforced, and auditable per operator action. Break-glass pathways are documented, logged, and time-bounded. No standing production shell access is granted to Terra Insight personnel against managed-tier customer data — every elevation is a recorded event with an attached ticket.

Audit trail

Every reconciliation TransactIG processes carries a tamper-evident audit record — which ingestion source, which engine configuration version, which match pass cleared the entry, which operator (if any) intervened, which variance code (if unmatched) was assigned, and how it was resolved. The same trail serves statutory audit, ICFR attestation, and regulator-directed review.

Vulnerability management

Continuous dependency scanning, container image scanning, and periodic third-party penetration testing on the managed-tier surface. Findings are triaged within documented SLAs. Remediation evidence is retained for audit and surfaces in the surveillance cycle for the registrar.

Audit trail

Tamper-evident. Statutory-grade. One trail, every consumer.

Statutory audit, internal audit, ICFR attestation, SOX-equivalent reporting, CAG inspection, and RBI-directed review all consume the same trail. There is no parallel evidence pipeline to assemble under timeline pressure. Cross-link to variance taxonomy for the typed code surface the trail records against.

What the trail captures per reconciliation

Ingestion source

ERP, bank, gateway, NACH, TRACES, GSTN — with timestamp and integrity hash

Engine configuration version

Tolerance bands, industry preset, variance taxonomy snapshot at the moment of run

Match pass outcome

Which pass cleared the entry, against which counter-record, with what tolerance applied

Operator intervention

Manual override, suppression, re-classification — by named operator, with timestamp and reason

Variance code

Typed code assigned to the unmatched residual (TDS, MDR, settlement lag, rounding, duplication, unidentified)

Resolution path

How the variance was closed — recovered, written off, escalated, deferred — with attached evidence reference

Exportable in formats the audit firm can ingest without bespoke parsing. Retention is configurable and contractually fixed in the MSA.

Regulator-engagement posture

When the regulator, auditor, or data principal comes asking

The customer is the regulated entity. TransactIG supports the customer's response — predictably, on documented timelines, with evidence already assembled.

Regulator-directed reviews

If the RBI, IRDAI, SEBI, or CAG directs a review of the customer that touches the reconciliation vendor, TransactIG cooperates through the customer's formal regulator engagement — audit-trail production, configuration evidence, control documentation. The customer is the regulated entity; TransactIG supports their response. The audit trail is the same one statutory audit already consumes, so there is no parallel evidence pipeline to assemble under timeline pressure.

Statutory audit and ICFR

Statutory auditors, internal auditors running ICFR walkthroughs, and concurrent auditors at regulated entities all consume the same audit trail — by reconciliation, by match pass, by variance code, by operator action. SOX-equivalent reporting for Indian subsidiaries of foreign-listed parents is supported through the same surface. The trail is exportable in formats the audit firm can ingest without bespoke parsing.

DPDP data-principal rights

Erasure, access, and correction requests from data principals are routed through the customer as data fiduciary. TransactIG's operating model supports the timely execution of these requests without interrupting live reconciliation cycles. The fiduciary workflow is documented in the DPDP alignment pack — what the customer asks, what TransactIG returns, what evidence is retained.

Incident reporting

TransactIG's incident-response playbook includes direct-to-customer notification paths with materiality thresholds documented in the MSA. Relevant RBI cybersecurity incident reporting timelines are met without needing customer-side coordination — TransactIG does not wait for the customer to ask before disclosing.

Exit and data portability

At contract end, the customer receives a documented extraction of their data, their reconciliation configurations, and their variance taxonomy customisations. The exit pathway is contractually defined, not ad-hoc. This addresses the RBI guidance on concentration risk and escape velocity directly — the customer is never trapped by a custom export they cannot reproduce.

Symmetric with TransactIQ

This is the same posture TransactIQ takes for lender-regulated customers. Terra Insight runs one security operating model across both products — one ISMS, one incident playbook, one regulator-engagement posture. A customer evaluating both products at once does not navigate two different control surfaces.

More about TransactIG

Architecture → Matching engine → Variance taxonomy → Integrations → Deployment →

→ TransactIQ security posture (symmetric for lender-regulated customers) → Terra Insight certifications (umbrella view) → Site-wide security overview

Need the full due-diligence pack?

The vendor due-diligence questionnaire response, ISO 27001:2022 certification evidence, DPDP alignment workbook, and RBI outsourcing governance documentation are available to evaluating customers under NDA.

Request due-diligence pack Why TransactIG