CASE 100 · BURROW · 2025
Key custody that the regulator certifies, not promises.
A financial market infrastructure firm needed FIPS 140-2 Level 3 key custody for signing trade settlement messages. KMS Level 3 hadn’t quite landed for this customer’s region. We deployed CloudHSM Cluster with a custom integration layer and got regulator sign-off in twelve weeks.
Financial market infrastructure
SECURITY
2025
RESULTS
What changed, by the numbers.
FIPS 140-2 LEVEL
L3
REGULATOR SIGN-OFF
12w
SIGNING THROUGHPUT
8K ops/s
KEY MATERIAL EXPOSURE
NONE
HOW IT WENT
The legal threshold for FIPS Level 3 is precise: the key material must never exit the HSM boundary in a form usable by anything outside it. CloudHSM gives us that property at the hardware level; the integration work is making sure the application uses the HSM correctly without ever caching the keys client-side.
We built a thin signing service in front of CloudHSM that exposes a constrained API — sign this digest with this named key. Application code calls the service rather than the HSM directly. KMS Custom Key Store provided the bridge for the operations that used the KMS API surface. PKCS#11 handled the direct integration for the high-throughput signing path.
Signing throughput peaked at 8,000 operations per second — well above the peak load model. Regulator sign-off came in week twelve, with three rounds of architectural questions that the documented design answered cleanly. Key material has never left the HSM boundary.
RELATED · SAME DOMAIN
Other engagements in this space.
READY WHEN YOU ARE
Let's get your AWS bill (and architecture) in order.
The discovery call is free. You walk away with at least one concrete idea — even if we never work together.