![[OR] [BB] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/bbedab3d-a991-4956-b3f1-f5d4aa873c6e.png)
CBS-1 Digital Account Access & Management
Introduction
Mapping the interconnections and interdependencies of CBS-1 Digital Account Access & Management enables Boost Bank to clearly understand how its digital and physical banking services are 
delivered end-to-end.
This Critical Business Service encompasses deposits, withdrawals, account management, transaction exception handling, and fraud prevention across branches, ATMs, and online platforms.
In line with Operational Resilience principles, dependency mapping identifies the people, processes, technology, and third parties that collectively enable this service.
By visualising these relationships, Boost Bank gains clarity on concentration risks, single points of failure, systemic interconnections, and upstream/downstream impacts.
This structured mapping strengthens the bank’s ability to anticipate disruption, respond effectively, and recover within defined impact tolerances.
Below is a detailed dependency mapping table for: CBS-1: Digital Account Access & Management – Boost Bank
This mapping aligns with Operational Resilience principles described in “Mapping the Interconnections and Interdependencies”, identifying how people, processes, technology, and third parties interconnect to deliver and sustain the Critical Business Service (CBS).
![Banner [Table] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/8a44ad9d-681b-48ff-90b1-b994a1c12a64.png)
Table P2: Map Dependency for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Dependency Type |
Dependency Detail (What/Who is involved) |
Connectivity (How it connects/interacts with the CBS or other components) |
|
1.1 |
Cash Deposit at Branches |
People |
Branch tellers, branch managers, customer service officers |
Direct customer interface; initiate deposit transaction into Core Banking System (CBSys) |
|
|
|
Process |
Cash acceptance, KYC verification, transaction recording, and receipt issuance |
Follows branch SOP; transaction posted in real-time to Core Banking |
|
|
|
Technology |
Teller terminal, Core Banking System (CBSys), secure branch network, cash counting machines |
Teller terminal connects via secure WAN to Core Banking for account update |
|
|
|
Third Party |
Cash-in-transit (CIT) vendors, security service providers |
CIT collects excess cash; interacts with branch vault management process |
|
1.2 |
Deposit via ATMs |
People |
ATM operations team, maintenance engineers |
Monitor ATM uptime; replenish cash and deposit bins |
|
|
|
Process |
ATM deposit validation, reconciliation, settlement |
ATM transaction transmitted to Core Banking for account credit |
|
|
|
Technology |
ATM machines, ATM switch, Core Banking System, network connectivity, encryption modules |
ATM connects via ATM switch to Core Banking; encrypted transaction messaging |
|
|
|
Third Party |
ATM vendor, network provider, payment switch provider |
Provide ATM hardware support and secure communications |
|
1.3 |
Online/Internet Banking Deposits |
People |
IT operations, digital banking team, cybersecurity team |
Oversee platform performance and security |
|
|
|
Process |
User authentication, funds transfer validation, and transaction posting |
Customer initiates deposit via web/app; processed through middleware to Core Banking |
|
|
|
Technology |
Mobile app, web portal, API gateway, authentication server (MFA), Core Banking |
APIs connect digital channels to the Core Banking and the payment gateway |
|
|
|
Third Party |
Cloud hosting provider, payment gateway provider, SMS OTP vendor |
Enable hosting, payment processing, and authentication alerts |
|
1.4 |
Cash Withdrawal at Branches |
People |
Branch tellers, branch manager, security personnel |
Verify customer identity; approve large withdrawals |
|
|
|
Process |
Identity verification, cash disbursement, transaction logging |
Withdrawal request validated in Core Banking before disbursement |
|
|
|
Technology |
Teller system, Core Banking, vault management system |
Real-time balance check and debit via Core Banking |
|
|
|
Third Party |
CIT vendor, security services |
Provide vault cash replenishment and physical security |
|
1.5 |
ATM Withdrawals |
People |
ATM monitoring team, fraud monitoring team |
Monitor suspicious withdrawal patterns |
|
|
|
Process |
PIN authentication, balance verification, transaction authorisation |
ATM communicates via switch to Core Banking for authorisation |
|
|
|
Technology |
ATM network, card management system, Core Banking, encryption system |
Card data is routed through the ATM switch and the card network to the Core Banking |
|
|
|
Third Party |
Card scheme provider (e.g., Visa/Mastercard), telecom provider |
Process card authorisation and network connectivity |
|
1.6 |
Online/Internet Banking Withdrawals |
People |
Digital banking operations, cybersecurity team |
Monitor suspicious online withdrawal activity |
|
|
|
Process |
MFA authentication, funds transfer validation, and settlement processing |
Transaction routed via API gateway to Core Banking and external payment rails |
|
|
|
Technology |
Mobile banking app, web portal, payment gateway, API middleware, Core Banking |
Secure, encrypted API communication between the digital front-end and Core Banking |
|
|
|
Third Party |
Interbank transfer network (e.g., DuitNow/FPX equivalent), cloud hosting provider |
Execute external transfer settlement |
|
1.7 |
Failed Deposits or Withdrawals |
People |
Customer support, IT support, dispute resolution team |
Investigate and resolve transaction discrepancies |
|
|
|
Process |
Incident logging, reconciliation, reversal process, and customer notification |
Exceptions logged in the incident management system; reconciliation with Core Banking |
|
|
|
Technology |
Transaction monitoring system, reconciliation engine, ticketing system |
Pulls transaction logs from Core Banking and ATM/digital channels |
|
|
|
Third Party |
Payment processor, ATM vendor |
Assist in cross-system reconciliation and fault resolution |
|
1.8 |
Fraud Detection and Prevention |
People |
Fraud risk team, AML team, cybersecurity analysts |
Monitor fraud alerts and investigate suspicious transactions |
|
|
|
Process |
Real-time transaction monitoring, AML screening, and account freezing procedure |
Fraud engine integrated with Core Banking and digital channels |
|
|
|
Technology |
Fraud detection system, AI/ML monitoring tools, SIEM, Core Banking |
Real-time API integration to flag/block transactions |
|
|
|
Third Party |
AML database provider, cybersecurity service provider, credit bureau |
Provide sanctions screening and threat intelligence feeds |
Key Interconnections Across the CBS
The following shared dependencies support all Sub-CBS components:
- Core Banking System (CBSys) – Central transaction processing engine
- Network Infrastructure (WAN, VPN, Firewalls) – Enables secure communication
- Cybersecurity Controls (SIEM, SOC monitoring, MFA) – Protect digital services
- Cloud/Data Centre Infrastructure – Hosts digital banking services
- Power Supply & Backup (UPS/Generators) – Maintain service continuity
- Regulatory Compliance Framework (Bank Negara Malaysia or relevant authority) – Governs operational standards
All Sub-CBS elements are interconnected through the Core Banking System, meaning failure in CBSys, authentication systems, or network infrastructure may disrupt multiple services simultaneously.
![Banner [Summing] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/d9c4296b-54cd-48e0-ae66-b7f4a8a03ff7.png)
The dependency mapping of CBS-1 demonstrates that Digital Account Access & Management is a highly interconnected ecosystem supported by multiple operational layers.
The Core Banking System, digital platforms, ATM networks, fraud monitoring tools, telecommunications infrastructure, and third-party providers form a tightly integrated service architecture.
Operational resilience depends not only on the robustness of individual components but also on understanding how failures cascade across interconnected systems.
By systematically mapping dependencies across people, processes, technology, and third parties, Boost Bank enhances its ability to identify vulnerabilities, manage third-party risks, reduce single points of failure, and ensure continuity of critical banking services.
This mapping exercise forms the foundation for scenario testing, impact tolerance setting, and resilience strategy development — ensuring that Boost Bank can continue delivering secure and reliable digital account access even during severe but plausible disruptions.
For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
