Frequently Asked Questions

We design and deliver production-grade crypto and fintech infrastructure — matching engines, payment rails, KYC/AML modules, automated trading systems and market-data integration. We also provide custom software development and 24/7 managed operations for clients who need a long-term engineering partner rather than an off-the-shelf product.

Our primary offices are in Singapore (APAC HQ and engineering), Hong Kong (exchange and markets operations) and Dubai (MEA partnerships and compliance). We serve clients globally but have deep in-jurisdiction expertise in these three financial hubs and their regulatory frameworks.

Both. Some of our longest-running relationships began at Series A — we scaled the infrastructure alongside the business. We also work with mid-market exchanges, licensed PSPs and subsidiaries of global financial groups. What matters is a real use case and a commitment to building it correctly from day one.

It depends on scope. A focused module — say, a KYC onboarding flow or an AML screening pipeline — can go live in 8–14 weeks. A full exchange platform with wallet custody, matching engine and operations console typically takes 16–32 weeks depending on regulatory requirements and the depth of integrations needed. We publish a milestone plan at the start of every engagement.

Yes. Every solution is designed to work standalone or as part of a larger architecture. You can start with, for example, our payment-rail module and add AML tracking later, or integrate only the market-data gateway into your existing front-end. Our APIs are designed for composability from the ground up.

We implement a layered hot/cold custody architecture: hot wallets are HSM-backed and hold only the minimum liquidity required for operations, while cold wallets are air-gapped and multi-signature. All key generation, rotation and destruction ceremonies are documented and auditable. We support both self-custody models (client controls keys) and managed custody arrangements with leading custodians.

Our infrastructure is built to align with MAS (Singapore), SFC (Hong Kong) and VARA (Dubai) regulatory expectations as applicable. On the payments side, components follow PCI-DSS principles. KYC and AML modules comply with FATF Travel Rule requirements and support integration with licensed data providers for sanctions screening and adverse-media checks. We produce compliance-ready audit trails and reporting artefacts as standard.

Yes. Every engagement includes internal code review with automated SAST/DAST tooling, and production deployments undergo penetration testing by independent third-party auditors before go-live. Smart contract code, where applicable, is subject to a separate audit track. We provide clients with full audit reports and work through any findings collaboratively.

Our managed-operations tier targets 99.99% uptime, backed by a contractual SLA with defined RTO and RPO for critical-path services. Incident response follows a tiered playbook: P1 alerts page on-call engineers within 5 minutes, with client notification within 15 minutes. Historical platform uptime measured across our production estate exceeds 99.99% over the past 36 months.

Our platform APIs expose REST and WebSocket endpoints as the primary integration surface, with gRPC available for low-latency internal service communication. Market-data streaming uses a normalized WebSocket feed compatible with TradingView's datafeed specification. We also provide FIX protocol support for institutional order-routing integrations on request.

Most standard integrations — connecting to a major exchange's REST API, a payment gateway, or a core banking system — are completed within 2–4 weeks. Custom integrations with bespoke legacy systems may take longer and require a discovery sprint. We maintain a growing library of pre-built connectors for the most common platforms in our jurisdictions.

Yes. Every client receives a fully isolated sandbox environment that mirrors the production API surface, seeded with realistic synthetic data. Sandbox credentials are provisioned on Day 1 of onboarding, allowing your development team to begin integration work in parallel with our build track. We also run a public, rate-limited demo environment for initial evaluation.

Our market-data gateway normalizes feeds from NASDAQ-listed equities, major indices, FX, commodities and over 500 crypto trading pairs into a single streaming API. You get both real-time ticks and deep historical archives for backtesting and compliance reconstruction. Embeddable charting widgets are available for web and mobile front-ends, saving significant front-end engineering effort.

Absolutely. We have pre-built integrations with leading identity-verification vendors (document scanning, biometrics, liveness detection) and sanctions-screening data providers. If you have an existing provider relationship you wish to retain, we can accommodate it. Our KYC module is designed as a configurable pipeline, not a closed product.

We use three primary engagement models: fixed-scope projects with a defined deliverable and milestone-based payment; retainer arrangements for ongoing feature development and managed operations; and time-and-materials for exploratory or rapidly evolving scopes. We do not publish standardized list prices because scope, compliance requirements and integration complexity vary significantly — we provide a detailed proposal after a discovery conversation.

We do not have a formal minimum. In practice, our smallest standalone engagements (a single module or a focused integration) typically start at five figures. Full-platform builds sit at a higher order of magnitude. We are candid about fit: if your scope would be better served by an off-the-shelf product, we will say so.

All projects include a hypercare period immediately after go-live, with our engineering team on heightened watch. After that, clients can choose from tiered managed-operations packages that include SLA-backed monitoring, incident response, regulatory reporting support and continuous improvement cycles. We also offer standalone support retainers for teams that have their own engineering resources but want access to our specialists.

Yes, and we encourage it for complex or novel use cases. A bounded PoC — typically 4–6 weeks — lets both parties validate technical assumptions, agree on architecture and build confidence before the main engagement. PoC work is scoped and priced separately, with clear success criteria defined upfront.