Impact tolerance defines the maximum level of disruption that Equicom Savings Bank is willing to accept before harm to customers, the bank, or the financial system becomes intolerable.
For CBS-1 Deposit and Account Services, tolerances should cover service downtime, data loss, customer impact, regulatory impact, and the bank’s ability to continue critical deposit functions during severe but plausible disruptions.
BSP Circular No. 1203 requires BSP-supervised financial institutions to identify critical operations, set tolerances for disruption, map interconnections and interdependencies, and test tolerances against severe but plausible scenarios.
The BSP also expects tolerances to include at least a time-based metric and, where appropriate, other measures such as the number of customers affected or transaction value impacted.
Impact tolerance should not be confused with RTO; impact tolerance focuses on the maximum acceptable harm or disruption to the business service, while RTO is a recovery target used by technology and BCM teams.
Table P4: Establish Impact Tolerance for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Maximum Tolerable Downtime (MTD) |
Maximum Tolerable Data Loss (MTDL) |
Customer Impact |
Regulatory Impact |
Impact Type |
Current Resilience Status |
Action Required |
|
1.1 |
Customer Onboarding and Account Application |
1 business day |
4 hours |
New customers unable to open accounts; onboarding backlog |
Moderate if prolonged onboarding delays affect fair customer treatment |
Customer, Operational, Reputational |
Partially resilient through branch-based processing |
Enable alternative onboarding workflow and manual intake controls |
|
1.2 |
Customer Identification and Verification (KYC/CDD) |
4 hours |
Near-zero for completed KYC records |
Account opening delayed; higher friction for customers |
High due to AML/CFT and customer due diligence obligations |
Regulatory, Financial Crime, Compliance |
High dependency on KYC and screening systems |
Strengthen backup screening, escalation, and manual compliance review |
|
1.3 |
Account Approval and Opening |
4 hours |
1 hour |
Approved customers cannot receive account numbers or begin banking |
Moderate to high if account records are incomplete or inaccurate |
Customer, Operational, Compliance |
Dependent on core banking availability |
Define manual approval queue and post-recovery validation |
|
1.4 |
Initial Funding and Deposit Booking |
2 hours |
Near-zero for deposit transactions |
Customer funds not reflected; customer confidence affected |
High if customer balances or ledger postings are inaccurate |
Financial, Customer, Regulatory |
Requires strong core banking and teller controls |
Prioritise transaction integrity, reconciliation, and exception queues |
|
1.5 |
Product Terms Setup and Account Parameter Maintenance |
1 business day |
4 hours |
Incorrect interest, fees, limits, or product conditions |
Moderate if customers are charged incorrectly |
Operational, Financial, Conduct |
Controlled through the maker-checker process |
Tighten change controls and parameter validation |
|
1.6 |
Deposit Transactions Processing |
2 hours |
Near-zero |
Customers cannot deposit funds; balances are not updated |
High if ledger integrity or customer funds are affected |
Customer, Financial, Operational |
Critical dependency on branch and core banking platforms |
Strengthen alternate posting, offline teller procedures, and reconciliation |
|
1.7 |
Withdrawal and Funds Access Processing |
1 hour |
Near-zero |
Customers are unable to access funds through the branch, ATM, or card channels |
High if access to funds is materially disrupted |
Customer, Liquidity, Reputational |
High dependency on core banking, ATM, and card switch |
Establish channel failover and emergency cash access procedures |
|
1.8 |
Account Servicing and Customer Maintenance |
1 business day |
4 hours |
Customer profile updates delayed; service requests accumulate |
Moderate if customer records become inaccurate |
Customer, Operational, Conduct |
Partially resilient through branch service channels |
Maintain manual service request logging and backlog prioritisation |
|
1.9 |
Interest, Fees, and Charges Processing |
End of processing day |
4 hours |
Incorrect interest or charges; customer complaints |
Moderate to high if systemic fee or interest errors occur |
Financial, Conduct, Regulatory |
Batch-dependent process |
Strengthen batch recovery, recalculation, and customer remediation controls |
|
1.10 |
Statement, Passbook, and Balance Reporting |
1 business day |
4 hours |
Customers cannot confirm balances or transactions |
Moderate if reporting delays affect transparency |
Customer, Conduct, Reputational |
Available through branch and digital channels, subject to system availability |
Ensure alternate balance enquiry and statement regeneration capability |
|
1.11 |
Digital Account Access and Channel Integration |
2 hours |
Near-zero for completed transactions |
Customers are unable to view balances, transfer funds, or manage accounts online |
High if the outage affects a large customer base or e-channel availability |
Customer, Technology, Reputational |
Dependent on online banking and network services, Equicom offers online/phone banking services |
Strengthen digital channel monitoring, failover, and customer notification |
|
1.12 |
ATM and Card-Based Access Management |
2 hours |
Near-zero |
Customers are unable to withdraw cash or use card-linked account access |
High if widespread cash access is impaired |
Customer, Operational, Third Party |
Dependent on ATM/card networks, Equicom deposit products include ATM/debit card access via BancNet/VisaPlus ATMs |
Validate ATM switch resilience, network escalation, and alternate cash access |
|
1.13 |
Account Reconciliation and Exception Handling |
End of processing day |
Near-zero for financial exceptions |
Unresolved mismatches; risk of incorrect balances |
High if reconciliation breaks affect financial reporting |
Financial, Operational, Regulatory |
Daily reconciliation expected |
Implement same-day exception triage and ageing thresholds |
|
1.14 |
Dormancy, Holds, Restrictions, and Account Control Administration |
4 hours |
1 hour |
Restricted or dormant accounts may be mishandled |
High if legal, fraud, AML, or court-related restrictions fail |
Compliance, Fraud, Legal |
Control-sensitive process |
Strengthen dual control and emergency restriction procedures |
|
1.15 |
Fraud Monitoring and Transaction Surveillance for Deposit Accounts |
1 hour |
Near-zero for alerts and cases |
Fraudulent activity may continue undetected |
Very high due to AML, fraud, and customer protection implications |
Fraud, Regulatory, Customer |
Requires continuous monitoring |
Ensure alert continuity, manual monitoring, and cyber-fraud escalation |
|
1.16 |
Complaints, Disputes, and Service Recovery |
1 business day for intake; regulatory timelines for closure |
4 hours |
Complaints unresolved; customer dissatisfaction escalates |
High if regulatory complaint timelines are breached |
Customer, Conduct, Regulatory |
Case management-dependent |
Maintain manual complaint register and priority dispute process |
|
1.17 |
Regulatory Reporting and Compliance Monitoring |
Regulatory deadline-driven; no missed statutory deadline |
Near-zero for submitted regulatory data |
Limited direct customer impact but high institutional impact |
Very high if BSP reports are late, incomplete, or inaccurate |
Regulatory, Compliance, Reputational |
Dependent on data extraction and compliance review |
Establish reporting fallback, data validation, and senior sign-off protocol |
For a Philippine bank, BSP Circular No. 1203 requires tolerances for disruption to be set for each identified critical operation.
These tolerances should be reviewed, challenged, and approved by the board of directors and remain responsive to changes in the business and threat environments.
Examples for Deposit and Account Services include:
|
Regulatory Expectation |
Example for Equicom Savings Bank |
|
Identify critical operations |
Deposit taking, account opening, cash withdrawals, balance reporting, and fraud monitoring are considered critical because they affect customers’ access to funds. |
|
Set tolerance for disruption |
Digital account access may have a 2-hour MTD, while withdrawal access may have a tighter 1-hour MTD due to direct customer harm. |
|
Use quantitative and qualitative metrics |
Metrics may include downtime, number of customers affected, volume of failed transactions, value of impacted deposits, and customer complaints. |
|
Test against severe but plausible scenarios |
Test core banking outage, ATM switch failure, cyberattack on online banking, third-party network failure, or unavailable KYC screening provider. |
|
Use results to strengthen resilience |
Where tolerance is breached, Equicom should improve failover, manual workarounds, vendor escalation, reconciliation, and customer communication. |
Setting impact tolerances for CBS-1 Deposit and Account Services allows Equicom Savings Bank to define how much disruption it can absorb before customer harm, regulatory breach, financial loss, or reputational damage becomes unacceptable.
These tolerances provide practical thresholds for prioritising recovery, allocating resilience investment, designing scenario tests, and strengthening operational controls.
The proposed tolerances should be validated by business owners, risk management, compliance, IT, operations, and senior management before board approval.
Once approved, they should be tested regularly against severe but plausible scenarios and updated whenever there are material changes in systems, products, customer channels, third-party dependencies, or BSP regulatory expectations.
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit and Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SbPS | CBS-1 ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|