For operational resilience implementation at Equicom Savings Bank, identifying Severe but Plausible Scenarios (SbPS) for CBS-1 Deposit and Account Services helps determine whether the bank can continue delivering essential deposit and account services during significant disruptions.
SbPS are not extreme “black swan” events; rather, they are realistic disruptions that may reasonably occur and create material impact to customers, operations, financial stability, and regulatory obligations.
The exercise supports the BSP requirement for supervised financial institutions to identify critical operations, establish tolerance for disruption, map dependencies, and conduct scenario testing to validate resilience capabilities.
For Equicom Savings Bank, a medium-sized Philippine savings bank offering deposit products, online banking, ATM services, and branch banking, resilience scenarios should include technology failures, cyber incidents, third-party disruptions, operational failures, and external events.
BSP Circular No. 1203 expects banks to assume disruption will occur and assess resilience under severe but plausible conditions. Scenario design should therefore integrate cyber resilience, ICT risks, third-party dependencies, and proactive controls.
Table P5: Identify Severe but Plausible Scenarios for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenario |
Impact / Effect |
Proactive Risk Management Action |
Link to Integration of Cyber and ICT Risks |
|
1.1 |
Customer Onboarding and Account Application |
Branch and digital onboarding systems are unavailable due to a core application outage |
Customers are unable to open accounts; backlog, and customer dissatisfaction |
Alternate manual onboarding process; BCP procedures; secondary application platform; staff cross-training |
Core banking application outage, infrastructure failure, endpoint compromise |
|
1.2 |
Customer Identification and Verification (KYC/CDD) |
The national identity verification platform is unavailable, or API failure |
Delayed onboarding; inability to meet regulatory KYC requirements |
Multiple verification channels; fallback verification procedures; periodic failover testing |
Third-party API outage, integration disruption, DDoS attack |
|
1.3 |
Account Approval and Opening |
Workflow engine failure or unauthorised approval manipulation |
Inability to create customer accounts; fraud risk |
Segregation of duties; approval workflow monitoring; dual authorisation |
Identity and access management compromise |
|
1.4 |
Initial Funding and Deposit Booking |
Deposit booking records were corrupted during a database failure |
Customer balances inaccurate; reconciliation problems |
Real-time replication; transaction rollback mechanisms; recovery testing |
Database corruption due to malware or ransomware |
|
1.5 |
Product Terms Setup and Account Parameter Maintenance |
Erroneous mass parameter updates by privileged user |
Incorrect interest rates and product settings are affecting many customers |
Change management approval; maker-checker process; configuration monitoring |
Privileged account misuse or cyber compromise |
|
1.6 |
Deposit Transactions Processing |
Core banking platform outage during peak transaction periods |
Deposits unavailable; transaction failures; customer impact |
High-availability architecture; alternate processing site; load testing |
Ransomware attack, infrastructure failure, network disruption |
|
1.7 |
Withdrawal and Funds Access Processing |
Payment network disruption affecting branch, ATM, and digital withdrawal channels |
Customers are unable to access funds |
Redundant connectivity; emergency cash withdrawal process |
ATM switch attack, payment network DDoS, telecom outage |
|
1.8 |
Account Servicing and Customer Maintenance |
Customer records are inaccessible due to a system failure |
Customer requests cannot be processed |
Replicated customer database; alternate servicing channels |
Data corruption, cloud service disruption |
|
1.9 |
Interest, Fees, and Charges Processing |
Batch processing failure during the end-of-day cycle |
Incorrect balances and customer complaints |
Automated reconciliation and exception reports |
Batch processing malware infection or system crash |
|
1.10 |
Statement, Passbook, and Balance Reporting |
Reporting engine outage during statement cycle |
Customers unable to receive statements; regulatory reporting delays |
Backup reporting platform; alternate statement generation |
Cyberattack on reporting servers |
|
1.11 |
Digital Account Access and Channel Integration |
Mobile and internet banking are unavailable due to a DDoS attack |
Large customer disruption; reputational damage |
Web application firewall; DDoS mitigation; resilience testing |
DDoS, credential attacks, and application vulnerabilities |
|
1.12 |
ATM and Card-Based Access Management |
ATM switch provider outage or malware attack |
ATM withdrawals unavailable; customer inconvenience |
Secondary provider arrangements; ATM failover testing |
ATM malware, third-party ICT failure |
|
1.13 |
Account Reconciliation and Exception Handling |
Reconciliation systems fail after a large transaction processing error |
Unreconciled balances; financial exposure |
Automated reconciliation controls; exception escalation procedures |
Data integrity compromise |
|
1.14 |
Dormancy, Holds, Restrictions, and Account Control Administration |
Unauthorised release of restricted accounts due to access compromise |
Fraud and compliance breaches |
Access reviews; privileged monitoring; transaction alerting |
IAM compromise and insider cyber threat |
|
1.15 |
Fraud Monitoring and Transaction Surveillance for Deposit Accounts |
Fraud monitoring engine unavailable during coordinated fraud attacks |
Fraudulent transactions undetected |
Redundant fraud systems; real-time SIEM monitoring; manual monitoring procedures |
AI-enabled fraud attack; SOC monitoring failure |
|
1.16 |
Complaints, Disputes, and Service Recovery |
Customer service platform outage during widespread incident |
Complaints backlog; customer dissatisfaction |
Alternate communication channels; crisis communication procedures |
CRM application disruption; cyber incident |
|
1.17 |
Regulatory Reporting and Compliance Monitoring |
Reporting data unavailable before the BSP submission deadline |
Non-compliance penalties; supervisory attention |
Regulatory reporting validation; backup reporting procedures |
Data warehouse attack or corruption |
BSP Circular No. 1203 requires banks to identify critical operations proportionate to business size and complexity, establish tolerance for disruption, and periodically reassess vulnerabilities and lessons learned.
Scenario testing must assume disruptions occur under severe but plausible conditions.
Examples relevant to Equicom Savings Bank include:
BSP also expects operational resilience to integrate with governance, cyber resilience, business continuity, and risk management frameworks.
The Severe but Plausible Scenario exercise for CBS-1 Deposit and Account Services enables Equicom Savings Bank to move from theoretical planning toward practical operational resilience implementation.
The scenarios above deliberately combine operational disruptions with cyber and ICT failures because modern banking services increasingly depend on interconnected technologies and third-party providers.
This integrated approach reflects regulatory expectations and aligns resilience planning with realistic threats faced by Philippine financial institutions.
By linking each process to proactive risk actions and cyber dependencies, Equicom Savings Bank can use these scenarios to support impact tolerance validation, dependency mapping, testing exercises, and continuous improvement initiatives.
Repeated testing and refinement will strengthen the bank’s ability to maintain critical deposit services and protect customers during future disruptions.
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit and Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SbPS | CBS-1 ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|