[CM] [RYT] [E3] [CRA] [T1] List of Threats and Crisis Scenarios

Crisis Type

Type of Threats / Crisis Scenario

Description of Threats

Country Level (Malaysia)

Organisation Level ( Ryt Bank)

Denial of Access – Natural Disaster

Flood

Seasonal monsoon floods and flash floods in urban areas, such as Kuala Lumpur, may restrict access to offices, data centres, or key vendor premises.

High flood-risk zones in Malaysia, especially during the monsoon season (Nov–Feb), are severe in city lowlands.

Disruption to physical access to operational hubs, vendor sites, or cloud co-location facilities; possible delays in service delivery

Earthquake

Though rare, minor tremors could affect operations or trigger cascading infrastructure failures.

Low seismic risk but rising concern due to regional activity (Sumatra faultline)

Impact on office or vendor facilities with compromised power, infrastructure, or employee safety

Haze / Air Pollution

Transboundary haze is causing hazardous air quality, health risks, and denial of access to physical work locations.

Recurring issue from forest fires in Indonesia, especially from Jun to Oct

Absenteeism due to health concerns or air quality alerts; business continuity activation required

Denial of Access – Man-made Disaster

Terrorist Threat / Bomb Threat

Threats to high-profile or central business district buildings that host YTL Digital Bank or its vendors.

Malaysia remains on alert for extremist threats, especially in urban and financial centres.

Building evacuation or lockdown, service downtime if physical BCP sites or shared infrastructure are affected

Civil Unrest / Riot

Political demonstrations or unrest disrupting public transportation or access to digital infrastructure providers.

Possible during elections or sensitive national issues

Employee access to office locations, third-party support centres, and logistics vendors was disrupted

Unavailability of People

Pandemic / Infectious Disease Outbreak

Outbreaks (e.g., COVID-19, dengue) are impacting workforce availability, especially digital operations and customer support teams.

Endemic dengue and threat of new pandemics (e.g., COVID-19 variants, avian flu)

Remote working fatigue, talent concentration risk, or high absenteeism in critical support functions

Transportation Strike / Blockade

Strikes or blockades affecting commuting employees or operational vendors.

Road closures or fuel price protests can paralyse urban movement

Delayed incident response, lack of on-site support at IT/vendor facilities

Labour Shortage / Resignation Spike

Competition from other digital banks or fintechs is leading to talent drain and reduced operational resilience.

Talent scarcity in tech and digital finance in Southeast Asia

Reduced capacity to manage crises, patch systems, or support peak loads during incidents

Disruption to the Supply Chain

Third-Party Vendor Failure

Failure of managed service providers, cloud services, or outsourced support functions.

Increasing reliance on regional providers, including Singapore and Indonesia

Disruption to core banking systems, app uptime, customer onboarding/servicing platforms

Cloud Infrastructure Outage

Outage at primary or secondary cloud provider (e.g., AWS, Azure) supporting digital banking systems.

Cloud outages regionally (especially in Singapore) have affected Malaysian clients.

Unavailability of digital banking portal, payment processing, or data backups

Logistic / Courier Disruption

Delay in delivery of IT equipment, secure tokens, or compliance documents to customers or branches.

Occurs during regional shipping disruptions, customs backlog

Affects KYC processes, physical backup transport, or recovery activation

Equipment and IT-Related Disruption

Cyberattack / Ransomware

Malicious attack causing data breaches, system lockdown, or service disruption.

National-level concern; Malaysia Cyber Security Strategy prioritises the financial sector

Compromise of customer data, suspension of online banking, regulatory breach, and reputational damage

System Failure / Hardware Crash

Malfunction or degradation of critical IT infrastructure (e.g., core banking system, mobile app backend).

Electrical grid instability or data centre faults

Affects customer login, fund transfers, and core transaction services

Software Bugs / Deployment Errors

Production errors from code updates or API failures affecting key services.

Risk amplified by rapid release cycles is standard in digital banking

Outage of myRytBank mobile/web, issues with digital wallet integration, failed payment routing

Data Corruption / Data Loss

Accidental deletion, system misconfiguration, or corruption from malware or human error.

Poor data management practices in third-party vendors can escalate country risk.

Transaction errors, KYC/AML reporting issues, prolonged downtime during data recovery

Crisis Management Blueprint for Ryt Bank