Black Bear Merchant Services Limited

Mastering Information Security in Payment Solutions Provision

Black Bear Merchant Services Limited (BBMSL) is an early mover and market leader in payment solutions provision in Hong Kong. Founded in 2017, BBMSL has seen enormous growth in the Financial Technology (Fintech) sector, benefitting over 10,000 local and international business partners with tailor made payment solutions and excellent merchant services beyond imagination.

To further satisfy customer expectations for the highest level of information security, BBMSL invited TQM to review their current practices, establish BBMSL’s first ISO/IEC 27001:2022 Information Security Management System around their operations and existing PCI DSS certification, to successfully attain the certification to solidify their prominent position as a trusted leader in the industry.

Project Scope:

  • Conduct thorough assessment of existing information security practices
  • Identify gaps on the current practices to certification
  • Mapped and aligned BBMSL’s information security practices with standard’s requirements
  • Developed a comprehensive set of ISMS Documents embedding existing information security policies and procedures to minimize redundant paperwork
  • Provide training and guidance on the system implementation
  • Conduct internal audits for the team and provide corresponding improvement suggestions and guidelines


  • Successfully implemented ISMS
  • Enhanced staff’s awareness & ability to cope with information security risks
  • Provide practical advice for improvement to meet ISO requirements
  • Provide unlimited support to the team in the process of ISO 27001 Certification
  • Fostered a culture of information security management & continual improvement among BBMSL staff