![x [OR] [AUB] Title Banner](https://no-cache.hubspot.com/cta/default/3893111/ece32642-be56-464d-aae4-e4aa6a7f1734.png)
![[OR] [AUB] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/66320b0d-ae53-45f1-91bf-f3d96663dc50.png)
CBS-1 Deposit & Account Services
Introduction
![[OR] [AUB] [PH] [E3] [CBS] [1] [MD] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/c4b0a569-fbce-4bc0-a1d6-6707a9e2a306.png)
For Asia United Bank Corporation (AUB), CBS-1 Deposit and Account Services is a foundational critical business service because it supports customers onboarding, account opening, deposit-taking, withdrawals, balance access, servicing, reporting, and ongoing regulatory compliance across branch, ATM, internet, and mobile channels.
Publicly available information shows that AUB is a Philippine universal bank that offers deposit products accessible through branches, ATMs, internet, and mobile banking, and operates a mobile app built on its online banking capabilities.
These characteristics make deposit services highly dependent on connected people, processes, technology, and third parties, which is exactly the type of end-to-end mapping expected under operational resilience practice.
Purpose of the Chapter
The purpose of this chapter is to map the interconnections and interdependencies that enable AUB’s Deposit and Account Services to operate as a critical business service.
In line with the BCM Institute guidance, dependency mapping should create a holistic view of the people, processes, information, technology, facilities, and third-party service providers that support each critical business service.
BSP Circular No. 1203 likewise expects BSFIs to identify critical operations, map interconnections and interdependencies, assess third-party and public-infrastructure dependencies, and test critical operations under severe but plausible scenarios.
The table below is therefore presented as a recommended dependency map for AUB’s CBS-1, inferred from AUB’s publicly visible service channels and from the operational resilience requirements applicable to Philippine banks.
![Banner [Table] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/8a44ad9d-681b-48ff-90b1-b994a1c12a64.png)
Table P2: Map Dependency for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Dependency Type |
Dependency Detail (What/ Who is involved) |
Connectivity (How it connects/ interacts with the CBS or other components) |
|
People |
Branch sales staff, customer service officers, relationship managers, and contact centre staff |
Initiates the deposit-service lifecycle by capturing customer information, product selection, and documentary requirements for downstream KYC and account opening |
||
|
Process |
Application intake, product suitability checks, document collection, customer consent capture |
Feeds complete application data to KYC/CDD, approval, account setup, and initial funding processes |
||
|
Technology |
Branch onboarding platform, CRM/front-end capture tools, document imaging, workflow queue |
Transmits onboarding data into core banking and compliance review workflows |
||
|
Third Party |
ID/document verification utilities, courier/fulfilment support for forms and kits |
Supports validation and fulfilment activities that allow onboarding to proceed without manual delay |
||
|
People |
Compliance officers, branch operations staff, AML reviewers |
Validate identity, screen risk, and approve customer due diligence before the account can be opened |
||
|
Process |
Customer identification, sanctions screening, risk rating, AML/CFT checks, enhanced due diligence |
Acts as a mandatory control gate before account approval, deposit activation, and transaction enablement |
||
|
Technology |
KYC screening tools, AML monitoring systems, watchlist databases, case management tools |
Interfaces with onboarding data, compliance records, and customer master data |
||
|
Third Party |
External screening data providers, identity-verification sources |
Enhances the detection of sanctions, fraud, and customer risk indicators relevant to regulatory compliance |
||
|
People |
Branch managers, operations approvers, centralized account-opening team |
Authorise creation of customer accounts after onboarding and KYC conditions are satisfied |
||
|
Process |
Maker-checker approval, account creation, CIF linkage, product assignment |
Converts verified applications into live deposit accounts and passes details to funding and servicing functions |
||
|
Technology |
Core banking system, customer information file repository, workflow/ authorisation engine |
Creates the official account record that all later deposit, withdrawal, servicing, and reporting activities depend on |
||
|
Third Party |
None or limited direct dependency beyond supporting utilities |
Mostly bank-controlled, but may depend indirectly on external data validation already completed upstream |
||
|
People |
Tellers, branch cash custodians, branch operations staff |
Receive the first deposit and ensure correct booking to the newly opened account |
||
|
Process |
Cash acceptance, fund validation, transaction posting, and receipt generation |
Activates the account financially and connects account opening to transaction processing and ledger updates |
||
|
Technology |
Teller system, core banking posting engine, cash transaction modules |
Post funds to the deposit ledger and update the available balance for downstream customer access |
||
|
Third Party |
Cash-in-transit providers, note authentication equipment, and vendors |
Support physical cash handling and branch cash operations where applicable |
||
|
People |
Product management, deposit operations, and system administrators |
Define and maintain rates, fees, account rules, limits, and product parameters |
||
|
Process |
Product configuration, parameter approval, rate updates, maintenance governance |
Determines how interest, fees, dormancy rules, access limits, and reporting behave across all active accounts |
||
|
Technology |
Product catalogue engine, core banking parameter tables, and admin consoles |
Drives downstream transaction validation, pricing, statement generation, and ATM/digital-channel behaviour |
||
|
Third Party |
Limited direct dependency; may include managed software support vendors |
Supports controlled deployment of parameter changes into bank systems |
||
|
People |
Tellers, back-office operations staff, and branch supervisors |
Execute over-the-counter deposits, transfers, and related account credit transactions |
||
|
Process |
Transaction validation, posting, balancing, and exception review |
Keeps customer balances accurate and connects front-office transactions to the general ledger and reconciliation |
||
|
Technology |
Core banking transaction engine, teller platform, channel transaction switch |
Processes customer-initiated deposit activity across the branch and connected service channels |
||
|
Third Party |
Payment/switching counterparties where transfers feed deposit accounts |
Enables external transaction inflows and inter-system messaging affecting deposit balances |
||
|
People |
Tellers, branch approvers, operations control staff |
Authenticate withdrawal requests and control cash/fund release |
||
|
Process |
Signature verification, balance check, withdrawal authorisation, limit control |
Links account balances with fund access rules, fraud checks, and liquidity handling |
||
|
Technology |
Core banking, teller application, card/ATM switch, online/mobile banking access controls |
Supports cash withdrawal, transfer-out, and other debit transactions across physical and digital channels |
||
|
Third Party |
ATM network participants, cash logistics providers |
Support external cash access and service continuity beyond AUB branches |
||
|
People |
Branch service staff, customer care, operations, and maintenance teams |
Handle updates to address, contact details, signatures, mandates, and account instructions |
||
|
Process |
Customer maintenance requests, profile update checks, record amendments, service request fulfilment |
Maintains data quality essential for transaction monitoring, reporting, statement delivery, and customer communications |
||
|
Technology |
CRM, core banking customer master, service-request workflow tools |
Updates propagate to compliance, statements, digital access, and customer-notification systems |
||
|
Third Party |
Document handling or notification-service vendors |
Assist with customer communications and fulfilment linked to servicing changes |
||
|
People |
Product operations, finance, and deposit operations analysts |
Oversee rate tables, charges, accrual checks, and exception resolution |
||
|
Process |
Interest accrual, fee calculation, batch posting, and reversal handling |
Impacts customer balances, product profitability, disclosures, and complaint volumes |
||
|
Technology |
Core banking batch engine, pricing tables, and accounting interfaces |
Automates scheduled calculations and posting to customer accounts and financial records |
||
|
Third Party |
Limited direct dependency; possible vendor support for core applications |
Supports continuity of pricing and batch processing tools |
||
|
People |
Branch staff, operations support, customer service teams |
Generate or assist with passbook updates, account inquiries, and statement fulfilment |
||
|
Process |
Statement generation, passbook printing, balance inquiry, and report distribution |
Delivers account transparency to customers and supports dispute resolution and audit trails |
||
|
Technology |
Statement engine, passbook printers, document archive, online/mobile inquiry functions |
Connects transaction history and balances from core systems to customer-facing outputs |
||
|
Third Party |
Print/mail vendors, e-statement delivery providers |
Support physical or electronic statement fulfilment where outsourced |
||
|
People |
Digital banking team, IT operations, cybersecurity staff, and customer support |
Maintain the availability and security of internet and mobile banking access to deposit accounts |
||
|
Process |
User authentication, session management, channel support, release/change management |
Extends deposit services from core banking into online and mobile customer journeys |
||
|
Technology |
Internet banking platform, AUB mobile app, API/ integration middleware, IAM controls |
Connects customer devices to account information, transfers, and service requests; AUB publicly states fund access is available through internet and mobile banking, and its mobile app is built from its online banking application |
||
|
Third Party |
Telecoms, internet connectivity providers, app-store ecosystems, security vendors |
External connectivity and platform services are essential for customer reach and continuity |
||
|
People |
Card operations staff, ATM support teams, fraud monitoring staff |
Manage card issuance, activation, access controls, and ATM service support |
||
|
Process |
Card lifecycle management, PIN management, ATM availability monitoring, and withdrawal authorisation |
Enables deposit customers to access funds and account services outside branches |
||
|
Technology |
ATM switch, card-management system, host authorisation interface, ATM terminals |
Interfaces deposit accounts with ATM withdrawals, balance inquiry, and card controls |
||
|
Third Party |
ATM network providers, hardware maintainers, and card personalisation vendors |
Support interoperability, device maintenance, and card production |
||
|
People |
Finance operations, branch operations, controllers, and reconciliation analysts |
Investigate unmatched transactions, balancing issues, and posting anomalies |
||
|
Process |
Daily reconciliation, suspense-account review, break resolution, root-cause correction |
Ensures accuracy between channels, core banking, general ledger, and settlement records |
||
|
Technology |
Reconciliation tools, core banking extracts, GL interface, exception dashboards |
Consolidates transaction data across systems for control and financial integrity |
||
|
Third Party |
Switching counterparties and settlement-related service providers |
External data feeds may be needed to resolve breaks on interbank or network transactions |
||
|
People |
Deposit operations, compliance staff, branch approvers |
Apply or release dormancy tags, legal holds, restrictions, and account controls |
||
|
Process |
Dormancy review, hold placement, account restriction governance, and release authorisation |
Protects the bank and customer by controlling access according to legal, fraud, compliance, or inactivity triggers |
||
|
Technology |
Core banking control tables, case management tools, and compliance systems |
Restriction status affects transactions, digital access, ATM use, and service requests |
||
|
Third Party |
Legal notice channels, government/legal counterparties, where applicable |
External instructions may trigger account controls or supporting documentation flows |
||
|
People |
Fraud analysts, AML investigators, cyber/fraud operations teams |
Monitor suspicious activity, investigate alerts, and escalate confirmed risk events |
||
|
Process |
Alert generation, investigation, case escalation, blocking/freezing decisions |
Interfaces continuously with transaction processing, digital channels, card access, and complaint handling |
||
|
Technology |
Fraud monitoring systems, AML systems, SIEM/logging, case-management tools |
Detects anomalous behaviour across branch, ATM, mobile, and internet transactions |
||
|
Third Party |
Fraud-data vendors, consortium data, security-service providers |
Supplement internal monitoring with external intelligence and specialised detection support |
||
|
People |
Customer care, branch managers, dispute-resolution staff, operations specialists |
Receive complaints, investigate account issues, and coordinate remediation |
||
|
Process |
Complaint logging, dispute investigation, customer communication, remediation, and compensation |
Provides a recovery path when failures occur in transactions, statements, digital access, card use, or servicing |
||
|
Technology |
CRM/ticketing platforms, call-centre tools, case-tracking systems |
Consolidates service incidents and connects with operational teams for resolution |
||
|
Third Party |
Network counterparties, delivery vendors, and outsourced service desks, where applicable |
Some disputes require external evidence, transaction traces, or shared resolution workflows |
||
|
People |
Compliance officers, AML officers, finance/regulatory reporting teams, internal audit |
Oversee adherence to BSP, AML/CFT, consumer protection, and operational resilience requirements |
||
|
Process |
Regulatory report preparation, compliance monitoring, control testing, and issue escalation |
Aggregates data from onboarding, transaction processing, fraud, complaints, and incident management for regulatory oversight |
||
|
Technology |
Compliance reporting tools, data warehouse, MIS/reporting systems, document repositories |
Produces management and regulatory views of performance, risk, and control compliance |
||
|
Third Party |
Regulatory connectivity utilities, external compliance content providers, and audit support firms |
Support report preparation, interpretation of requirements, and independent assurance |
||
|
People |
Crisis management team, business continuity coordinators, IT disaster recovery teams, senior management |
Lead disruption response, invoke recovery plans, coordinate communications, and restore critical deposit services |
||
|
Process |
Incident escalation, BCP invocation, DR failover, crisis communications, recovery validation |
Encompasses every preceding Sub-CBS because it protects the continued delivery or timely restoration of deposit services during disruption |
||
|
Technology |
DR environment, backup systems, monitoring tools, communication platforms, cyber-response tooling |
Supports failover, recovery, investigation, and controlled resumption of branch, ATM, internet, mobile, and back-office functions |
||
|
Third Party |
Telecom providers, data centre/cloud providers, managed security partners, critical service vendors |
Recovery depends on external infrastructure and third parties with continuity arrangements and exit/alternate service options |
Regulatory Requirements and Examples for a Philippine Bank
BSP Circular No. 1203 requires BSFIs to use existing governance structures to oversee operational resilience, identify critical operations, set tolerance for disruption, map interconnections and interdependencies, and test their ability to deliver critical operations under severe but plausible scenarios.
The Circular also states that identified critical operations should drive later steps, such as setting tolerance for disruption and mapping dependencies, and that boards should review and approve the relevant criteria.
For dependency mapping specifically, the Circular expects banks to map the chain of activities involved in delivering critical operations and to understand the vulnerabilities arising from those interconnections.
It also requires banks to assess risks from third-party service arrangements and public infrastructure such as telecommunications, transportation, and energy.
In practice, for AUB’s deposit services, this means the bank should not only map branch staff, tellers, deposit operations, core banking, ATM switching, internet/mobile channels, and fraud/compliance functions, but also the telecom links, external screening providers, ATM networks, and critical vendors that support those services.
The Circular further requires that business continuity be integrated into the operational resilience framework, with business impact analyses, recovery strategies, incident recovery plans, communication programs, and periodic exercises covering critical operations and their key dependencies.
It gives examples of severe but plausible scenarios, such as a major earthquake like the “Big One,” severe typhoons, failure of a critical third-party service provider, disruptions to payment and settlement systems, and coordinated cyberattacks or ransomware incidents across banks.
For AUB, those examples translate directly into deposit-service testing scenarios involving branch unavailability, mobile/internet banking outages, ATM switch disruptions, telecom failures, third-party service disruptions, and cyber compromises affecting account access or transaction integrity.
![Banner [Summing] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/d9c4296b-54cd-48e0-ae66-b7f4a8a03ff7.png)
This dependency map shows that AUB’s Deposit and Account Services is not a single process but an interconnected operating chain spanning customer-facing staff, control functions, core and channel technologies, public infrastructure, and third-party service providers.
That is the central message of operational resilience mapping: weaknesses usually emerge not only within a single process step but also at the connection points among onboarding, KYC, transaction processing, digital access, fraud monitoring, reporting, and recovery capabilities.
For operational resilience purposes, the value of this chapter is that it provides Asia United Bank Corporation with a structured basis for the next steps in the methodology: mapping resources in more detail, setting impact tolerances, identifying severe but plausible scenarios, and conducting scenario testing.
Under BSP Circular No. 1203, dependency mapping is not merely documentation; it is a supervisory expectation that helps a Philippine bank identify vulnerabilities, prioritise remediation efforts, strengthen third-party oversight, and improve its ability to continue delivering critical deposit services during disruptions.
![[OR] [AUB] [PH] [E3] [CBS] [1] [DP] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/ad189b59-9714-422a-8f70-20f125f2cafa.png)
![[OR] [AUB] [PH] [E3] [CBS] [1] [MPR] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/7f4f751f-3ddd-432e-8de9-03b9907dadfe.png)
![[OR] [AUB] [PH] [E3] [CBS] [1] [ITo] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/3cd097d6-6ff0-4904-8177-0932f07a9d36.png)
![[OR] [AUB] [PH] [E3] [CBS] [1] [SuPS] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/12b25a4b-3be3-4c87-a750-db91e0872c64.png)
![[OR] [AUB] [PH] [E3] [CBS] [1] [ST] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/0e4c1f75-8c29-40b7-8747-92ccb947a8d2.png)
Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
