Contrary to lots of compliance restrictions, SOC compliance is typically not mandatory to operate inside a provided market like PCI DSS compliance is for processing payment card information. On the whole, providers need a SOC audit when their buyers request one. Many rival insurance corporations have adhered on the Code. https://www.nathanlabsadvisory.com/blog/nathan/mas-technology-risk-management-in-singapore-ensuring-cyber-hygiene-and-compliance/