Any disruption to this service has immediate implications for financial harm, consumer confidence, systemic stability, and regulatory compliance.
This chapter establishes impact tolerances for CBS-1 Deposit and Withdrawal Services by defining the maximum level of disruption Bank Islam can tolerate before causing intolerable harm to customers, the bank, or the financial system.
The tolerances are set across time, data integrity, customer outcomes, and regulatory obligations, in line with operational resilience expectations.
The purpose of this chapter is to:
Define clear, measurable impact tolerances for each Sub-CBS within Deposit and Withdrawal Services.
Support severe but plausible disruption planning and scenario testing.
Enable management to prioritise investment, remediation, and response actions based on risk to customers and regulators.
Demonstrate compliance with operational resilience principles as articulated in “What is Impact Tolerance in Operational Resilience?” by focusing on harm-based outcomes rather than system recovery alone.
|
Sub-CBS Code |
Sub-CBS |
Maximum Tolerable Downtime (MTD) |
Maximum Tolerable Data Loss (MTDL) |
Customer Impact |
Regulatory Impact |
Impact Type |
Current Resilience Status |
Action Required |
|
1.1 |
Cash Deposit at Branches |
≤ 8 hours |
No loss of transaction records |
Inability to deposit funds; business and retail inconvenience |
Breach of service availability expectations |
Customer Harm, Operational |
Generally resilient with manual fallback |
Enhance branch contingency staffing and manual logging controls |
|
1.2 |
Deposit via ATMs |
≤ 4 hours |
≤ 15 minutes transaction data |
Missed deposits, delayed account crediting |
Potential complaints and reporting scrutiny |
Customer Harm, Reputational |
Moderately resilient |
Improve ATM monitoring and faster reconciliation processes |
|
1.3 |
Online / Internet Banking Deposits |
≤ 2 hours |
≤ 5 minutes data loss |
Digital customers are unable to transact; trust erosion |
Digital banking service disruption risk |
Customer Harm, Reputational |
Moderately resilient |
Strengthen real-time failover and transaction queuing |
|
1.4 |
Cash Withdrawal at Branches |
≤ 4 hours |
No data loss |
Customers are unable to access cash physically |
Heightened supervisory concern |
Customer Harm, Systemic |
Generally resilient |
Improve cash continuity plans and alternative branch routing |
|
1.5 |
ATM Withdrawals |
≤ 2 hours |
≤ 5 minutes transaction data |
Immediate financial hardship for retail customers |
High regulatory sensitivity |
Customer Harm, Systemic |
Key vulnerability during peak periods |
Expand ATM network redundancy and cash forecasting |
|
1.6 |
Online / Internet Banking Withdrawals |
≤ 1 hour |
Zero tolerance for incorrect balances |
Loss of confidence in account integrity |
Serious regulatory breach risk |
Customer Harm, Data Integrity |
Partially resilient |
Enhance transaction validation and real-time controls |
|
1.7 |
Failed Deposits or Withdrawals |
≤ 24 hours to resolve |
Zero tolerance for unresolved discrepancies |
Financial distress, disputes, complaints |
Mandatory complaint and incident reporting |
Financial Harm, Conduct |
Moderately resilient |
Automate exception handling and customer notifications |
|
1.8 |
Fraud Detection and Prevention |
≤ 30 minutes |
Zero tolerance |
Financial losses, Shariah, and trust implications |
Severe regulatory and enforcement risk |
Financial Crime, Reputational |
High-priority capability |
Continuous improvement of real-time fraud analytics |
Establishing impact tolerances for CBS-1 Deposit and Withdrawal Services enables Bank Islam to anchor resilience planning around customer harm and regulatory outcomes, rather than internal recovery metrics alone.
The tolerances defined in this chapter clarify where disruption becomes unacceptable, guiding investment decisions, scenario testing, and response prioritisation.
By embedding these impact tolerances into operational resilience governance, Bank Islam strengthens its ability to:
• Protect customers’ continuous access to funds,
• Maintain data integrity and trust in Shariah-compliant services,
• Meet regulatory expectations during severe but plausible disruptions.
This foundation supports subsequent resilience activities, including dependency mapping, scenario testing, and remediation planning, ensuring Deposit and Withdrawal Services remain robust under stress and aligned with the bank’s strategic and regulatory obligations.
|
Implementing Operational Resilience for Bank Islam: Aligning with BNM and Global Best Practices |
|||||
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit, Savings, and Current Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|