Axis AMC Transforms Risk Analytics with AWS | Rapyder Case Study

Introduction:

Axis Asset Management Company Limited (Axis Mutual Fund) is one of India’s leading asset management companies, founded in 2009 and headquartered in Mumbai, Maharashtra. It offers a wide range of mutual fund schemes — equity, hybrid, and debt funds — to investors across India. As a SEBI-regulated entity, Axis MF operates under strict compliance and infrastructure standards for all its technology platforms.

Client:

Axis Asset Management Company Ltd. (Axis Mutual Fund)

Industry:

Capital Markets — Asset Management / Mutual Funds

Offering:

24/7 Managed Services & Consulting

AWS Services:

1. Amazon EC2
2. Amazon RDS MySQL (Multi-AZ & Single-AZ)
3. Amazon S3
4. AWS EBS GP3
5. AWS Transit Gateway
6. Amazon CloudWatch
7. AWS CloudTrail
8. AWS IAM
9. AWS KMS
10. AWS Config
11. Amazon Inspector
12. AWS Secrets Manager
13. Amazon GuardDuty
14. EC2 AMI Backups
15. RDS Read Replica

The Challenge:

Axis MF needed to host its ICRA application, a critical financial risk modelling and credit assessment platform — on AWS to meet SEBI compliance requirements.

The key challenges were: 

• No existing AWS infrastructure for the ICRA application; everything had to be built from scratch with compute capable of supporting risk modelling and financial data processing workloads 

• The platform had to meet SEBI’s regulatory hosting requirements, with security, governance, and monitoring built in from day one 

• High availability was mandatory — a single server failure could not bring down the system, especially during end-of-day risk calculation and reporting cycles 

• A Disaster Recovery environment was required in a separate AWS region to ensure business continuity in the event of a regional failure 

• The new VPCs needed to integrate securely with Axis MF’s existing AWS Landing Zone, which already had Checkpoint firewall and F5 WAF in place 

The Solution: Strategic Implementations

Rapyder designed and delivered a complete greenfield AWS infrastructure across three environments — Production, UAT, and DR — built to AWS best practices with security, compliance, and monitoring at the core: 

• Multi-AZ Production Setup:

  Two EC2 instances (m6i.xlarge, Windows Server) deployed across multiple Availability Zones for high availability, with a Utility Server and RDS MySQL (Multi-AZ, db.m6g.xlarge, 400 GB GP3) sized for structured financial data including fund NAVs, credit scores, and risk metrics 

• UAT Environment:

  Two EC2 instances in Multi-AZ with RDS MySQL Single-AZ, supporting application testing and go-live validation 

• Disaster Recovery in Hyderabad (ap-south-2):

  EC2 AMI backups restored to the Hyderabad region, RDS Read Replica, Transit Gateway attachment, and automated DR failover/failback scripts enabling recovery without engineering intervention 

• Network Integration:

  New ICRA VPCs connected to Axis MF’s existing Landing Zone via Transit Gateway, with Checkpoint firewall policies updated for both Production and UAT environments 

• Security by Design:

  IAM least-privilege roles, MFA enforcement, AWS KMS encryption for EBS and RDS, AWS Config standard rules, Amazon Inspector vulnerability scanning, GuardDuty threat detection, CloudTrail audit logging, and Secrets Manager for credential management — all following the AWS Startup Security Baseline (SSB) 

• Monitoring & Visibility:

  CloudWatch alarms, dashboards, and logs configured for real-time visibility into CPU, memory, database, and network health during peak risk calculation periods 

• Storage:

  AWS EBS GP3 for consistent IOPS on compute-intensive workloads; Amazon S3 Standard with lifecycle policies for model outputs, files, and backups 

Technical Impact:

• Three fully operational environments (Production, UAT, DR) delivered within the project timeline 

• Multi-AZ EC2 and RDS Multi-AZ in Production eliminate single points of failure during critical end-of-day risk modelling and NAV calculation cycles 

• Automated DR failover scripts enable the customer team to trigger recovery independently — no dependency on engineering support during an incident 

• All servers and databases placed in private subnets with no direct internet exposure, meeting SEBI and AWS best practice standards 

• Amazon Inspector findings delivered pre-go-live, giving Axis MF a clear security posture assessment before production cutover 

• CloudWatch dashboards provide real-time operational visibility across all infrastructure layers 

• Transit Gateway integration seamlessly connected new ICRA VPCs into the existing Landing Zone without disrupting other workloads 

The Business Impact:  Impact Engineered by Rapyder

• SEBI Compliance Achieved:

  ICRA application is now hosted in a fully compliant, auditable AWS environment — meeting SEBI regulatory requirements for production hosting of risk management and credit assessment workloads 

• High Availability:

  Multi-AZ architecture ensures the application remains operational even during an Availability Zone failure — protecting uninterrupted completion of financial reporting and risk modelling jobs 

• Disaster Recovery Ready:

  Tested DR environment in the Hyderabad region with automated failover means the business can recover rapidly from any regional failure 

• Secure by Design:

  Full encryption, least-privilege IAM, private subnets, and continuous security scanning embedded from day one — not retrofitted 

• Full Infrastructure Visibility:

  CloudWatch dashboards and alarms give the operations team real-time insight into platform health during peak processing periods 

• Seamless Network Integration:

  ICRA VPCs cleanly integrated into Axis MF’s existing AWS Landing Zone via Transit Gateway, preserving the security boundary of the existing Checkpoint firewall setup