Published: Nov 06, 2024

enhancing efficiency and security in customs regulatory operations on the cloud

Singapore Customs plays a proactive role in strengthening Singapore’s position as a global trade hub. It maintains the trade regulatory compliance, facilitation, and security. Singapore Customs had the vision for a more efficient and streamlined customs regulatory operations, backed by real-time insights. Together with NCS, Singapore Customs embarked on a cloud-first transformation, re-platforming their legacy on-premises regulatory operations system onto the cloud. This not only alleviated the burden of maintaining physical data centres, but also allowed Singapore Customs to further improve regulatory operations and achieve cost savings. The innovations and improvements continue to solidify Singapore’s leading position in global trade.

Facing limitations with the increasingly costly legacy system

In an environment where digital agility and operational efficiency are essential to support highly dynamic customs regulatory operations, Singapore Customs encountered limitations with their on-premises legacy system. The legacy system had become increasingly inefficient to maintain and costly to operate.

To empower operational efficiency and facilitate real-time insights, there was a critical need for Singapore Customs to evolve. The goal was to transition from a traditional, on-premises model to a modern, cloud-first approach leveraging on cloud-native technologies.

Singapore Customs partnered with NCS on a journey to re-platform the existing on-premises infrastructure onto the Amazon Web Services Government on Commercial Cloud (AWS GCC 2.0). This empowered Singapore Customs to harness the power of cloud computing to innovate and deliver enhanced operational regulatory efficiency with greater speed and flexibility.

Designing a tailored cloud-native migration pathway on AWS GCC2.0

Alongside NCS’ proven track record in executing large-scale migrations onto GCC, and our deep domain expertise from years of managing multiple systems for Singapore Customs, NCS was chosen as the partner for their cloud-first transformation journey.

Keeping in mind the need for a secure and future-proof solution, NCS designed a tailored cloud-native migration and modernisation pathway that features cloud-native technologies on AWS for Singapore Customs’ regulatory operations. NCS also redeveloped the Singapore Customs Inventory Control System eServices to enhance traders’ experience.

This project was one of the largest AWS GCC2.0 migrations in 2023. We re-platformed multiple applications with over 1 million lines of code and implemented over 30 sets of security controls to secure the systems. This was accomplished within the planned project timeline, without any schedule delays and major issues. Solution highlights include:

• Designed and redeveloped the Inventory Control System eServices, compliant with the Singapore Government’s Digital Service Standards (DSS), enhancing the digital experience for traders.
• Migrated over 4 billion records from Db2 on IBM Z Mainframe and IBM Power Systems to IBM Db2 on Linux. This optimised the operating costs by removing costly mainframe hardware and specialised manpower costs for managing mainframes and Power Systems servers.
• Migrated onto AWS GCC2.0 with a cloud-first approach featuring cloud-native capabilities with services such as AWS ElastiCache and AWS Fargate. This allowed the application to scale in response to dynamic operational demands quickly, and without worrying about the underlying infrastructure.
• Established a Link Landing Zone design on GCC2.0 which adopts cloud-native next-gen firewall products to maintain highly secure communications for incoming traffic from external agencies.  
• Implemented zero-trust by adopting a micro-segmentation approach, ensuring that continuous verification is applied on every resource across the networks via next-gen firewall products, to ensure high security and prevent data breaches.
• To ensure a reliable and high system resiliency, the team implemented chaos engineering, by injecting faults into the system via AWS Fault Injection. This allowed for rigorous stress testing under real-world conditions across all applications, middleware, and third-party security products.
• Providing proper guardrails to ensure security and simplify policy clearance with DevOps practices. It comprises of automating CI/CD pipelines, including container deployment via AWS Fargate; implementing Infrastructure-as-Code (IaC) through Terraform and the Singapore Government’s SHIP-HATS DevOps platform.
• Customised integration with Jira and GitLab for an advanced release workflow allowing for an automated and efficient release process with enhanced visibility and control.
• Implemented Open Liberty application server – a lightweight, modular, and cloud-native Java runtime that dramatically simplifies the development and deployment of applications, allowing faster time to market and frees up developer’s time for application improvements.

A dependable and responsive solution with significant cost savings

The move towards a cloud-first approach for regulatory operations represented a significant leap in Singapore Customs’ ongoing commitment to embrace cutting-edge technologies to maintain Singapore’s prime position as a global trading hub.

The collaboration between Singapore Customs and NCS has resulted in a more efficient and secure regulatory operations.

• Uplifted user experience for traders via the Singapore Customs Inventory Control System eServices, by making it seamless and easy to use, in compliance with the Singapore Government’s Digital Service Standards (DSS).
• Substantial cost savings of at least S$3 million annually are projected, primarily through optimised licensing costs and improved resource scalability in the cloud environment (pay-for-what-you-use model). This includes a shift towards more cost-effective cloud-native services rather than costly third-party solutions.
• Savings in manpower costs by adopting a highly available, multi-availability zone architecture and eliminating the need for a costly cold DR environment.
• Accelerated time to market for new features by 67% through automated Infrastructure-as-Code (IaC) and CI/CD pipelines.
• Reduction of ad hoc deployment time by 75% through a more streamlined deployment process and CI/CD integration.
• Heightened security with zero-trust architecture by adopting a micro-segmentation security approach that ensures continuous verification at every layer.
• Increased visibility and reduced mean time to resolution for application developers by enabling them to perform end-to-end diagnostics and troubleshooting with cloud-native services.