SPA — From Custom Build to Multi-tenant SaaS

The story of how one custom project for the Defence Agency (ADIMS) became a multi-tenant platform now serving 2 production clients: defence agency and SAINS NS. The pivot from custom build to SaaS was our most important business decision in the last 2 years.

Active Tenants

2 production tenants: ADIMS (Defence) + SPASAINS (SAINS NS)

Timeline

Month 1 to month 18 (10 months build + 8 months productize)

Scope

Custom Build → Multi-tenant SaaS

Status

Live Production · spa.tech-lead.my + iams.sainswater.com

Month 1: The Original Brief

Defence agency briefed us: build a system to manage their thousands of ICT assets. Computers, printers, network equipment across all formations. Mandatory compliance with KEW.PA and KEW.PS, two official Malaysian Treasury circulars for government asset lifecycle. Before this system, asset officers spent hundreds of staff hours monthly compiling KEW.PA and KEW.PS forms manually from Excel. When auditors arrived, panic. When assets went missing, no audit trail. Classic government asset management problem.

“Treasury circulars are maps that many vendors do not read carefully. If you understand KEW.PA and KEW.PS deeply, you understand the Malaysian government enterprise market. Not just reading the circulars. Understanding the operational implications of every clause.”

Insight from the research phase

Project Timeline

18 months divided into 4 major phases:

Months 1-6: Build for anchor client (ADIMS)

6 months custom build for defence agency. Asset registry with QR per asset, lifecycle workflow (acquisition → in-use → maintenance → disposal), auto-generate KEW.PA and KEW.PS forms, integration with finance modules for budget tracking. Production go-live at . Hundreds of thousands of enterprise assets now trackable. Asset officers stop spending hundreds of hours on manual work. Client happy. Most vendors stop here.

Months 7-8: Discovery — KEW circulars are universal

After ADIMS go-live, we researched KEW.PA and KEW.PS more deeply. Realization that changed strategy: Treasury form formats, asset lifecycle, audit requirements are STANDARD for EVERY Malaysian government agency. Not defence-specific. The newly built ADIMS has 80 percent functionality reusable for other agencies. Only 20 percent is truly custom per agency. We had just solved one client's problem and could solve the entire market with the same platform.

Months 9-12: Multi-tenant pivot

4 months refactoring. Database tenant isolation via row-level security, scoped routing per tenant, isolated file storage in S3. Each tenant gets their own sandbox but shares the same infrastructure. Per-tenant cost drops drastically. We continued supporting ADIMS as the first tenant during refactor. Zero downtime for existing client. Multi-tenant architecture ready, but no second tenant yet to validate flexibility.

Months 13-18: Validate with SAINS NS

Onboarded SAINS NS (Sistem Air Negeri Sembilan) as second tenant. Utility sector, asset workflow slightly different from defence agency. Pumps, pipes, water treatment equipment instead of ICT assets. System flexed to handle different asset categories without custom code. Onboarding took 2 weeks (vs 6 months for custom build). SPASAINS go-live at iams.sainswater.com. Multi-tenant architecture proven. Now ready to scale to third, fourth, tenth tenant.

Before vs After

Before SPA

Excel files scattered between asset officers
KEW.PA and KEW.PS forms manually typed every month
When assets went missing, no audit trail to verify
Custom build per agency cost RM 100K to RM 300K and took 6-12 months

After SPA

Single source of truth, real-time, accessible by all asset officers
KEW.PA and KEW.PS forms auto-generated from database, just sign
Full audit trail for every asset change, not just last edit
SaaS subscription with onboarding in 2 weeks, no custom build needed

Architecture

Multi-tenant Architecture We Built

Foundation is Laravel 12 with multi-tenant isolation at database level. Each tenant has tenant_id scoped on every query, plus row-level security in MariaDB as second layer protection. Authentication via Laravel Sanctum with tenant-aware tokens so a user with access to multiple tenants stays bound to one tenant context per session. Queue jobs (Laravel Horizon) tag every task with tenant_id for properly isolated async processing. File uploads (asset photos, KEW forms, audit documents) stored in S3 with per-tenant bucket prefixes, providing storage isolation at filesystem level too. Vue 3 with PrimeVue for dashboards. Complete modules: Budget, Storage, Assets, Transfers, Maintenance, Disposal with KEW.PA and KEW.PS auto-generation from a template engine reverse-engineered from official Treasury circulars.

Stack We Used

Laravel 12Vue 3PrimeVueTailwind CSSMariaDBRedisLaravel SanctumLaravel HorizonS3 StorageQR/Barcode GenerationLinuxDocker

Results After 18 Months

Active Production Tenants

ADIMS (Defence) + SPASAINS

Auto

KEW.PA + KEW.PS Forms

Generated from database

Hundreds of Hours

Staff Time Saved /month

Per tenant

2 Weeks

Onboarding Time

Vs 6 months custom build

5-10x

Cost Reduction

Subscription vs custom

Impact for Each Stakeholder

A product serving many stakeholders. Each in a different way.

Field Asset Officers

Audit prep from months to hours
QR per asset for phone scan and real-time info
Mobile-first for field work, not desk-bound
Complete audit trail for every asset change

Agency Management

Cost drops 5-10x vs custom build per agency
New tenant onboarding in 2 weeks
KEW.PA and KEW.PS compliance audit-ready always
Vendor management with financial reconciliation built-in

Tech Lead Management

Recurring SaaS revenue, not one-off custom builds
Product-market fit confirmed with 2 production tenants
Knowledge moat from deep KEW circular expertise
Low marginal cost for third, fourth, tenth tenant

Malaysian Industry

Sets new standard for government asset management
Reduces burden on asset officers across adopting agencies
Promotes Treasury circular compliance systematically
Makes the case for Malaysian vendors to productize, not just custom-only

What I Learned From This Pivot

→A single anchor client provides validation. Productize after the pattern emerges, not before. Many vendors try to build speculative platforms without a first paying user. They usually fail.
→Treasury circulars are maps that many vendors do not read carefully. Each circular reveals universal patterns common to all government agencies.
→Multi-tenant architecture is earned, not assumed. Start with one, validate, then refactor once the pattern is confirmed.
→Pivoting from custom build to SaaS requires substantial commitment. 4 months of extra effort we invested refactoring ADIMS into multi-tenant. But cost economics changed drastically. Second and subsequent clients cost 5-10x cheaper, and revenue model became recurring instead of one-off.
→Vendor management in asset systems is underrated. Government clients need vendor screening, financial reconciliation tracking, audit for every transaction. Asset systems that ignore vendor management are asset systems that fail on day one of audit.

Is your agency still using Excel for asset management?

SPA is ready to onboard. 2 weeks from contract to production. 30-minute demo where I show how the system handles KEW.PA and KEW.PS for your agency size.