Mapping dependencies for CBS-1 Deposit and Account Services helps Land Bank of the Philippines (LBP) identify the people, processes, technologies, facilities, and third-party relationships that must work together for deposit services to remain available through disruption.
BCM Institute’s mapping guidance explains that dependency mapping should give the organisation a holistic view of the systems and processes that support each critical business service, including those outside its direct control, so that weaknesses and points of fragility can be identified early.
For Philippine banks, this is not just good practice; it is a regulatory expectation. BSP Circular No. 1203 requires BSFIs to identify critical operations, set tolerance for disruption, and map interconnections and interdependencies so they can identify vulnerabilities in delivering critical operations.
The Circular also makes clear that supporting assets include people, technology, information, facilities, internal processes, IT systems, clearing and settlement facilities, and outsourced services, and that third-party arrangements, public infrastructure, BCM, and testing should all be considered in resilience planning.
Assumption: The table below is an operational resilience mapping model for LBP’s deposit and account services, aligned to BSP Circular No. 1203 and typical Philippine universal-bank operating structures.
It is illustrative and should be validated against LBP’s actual operating model, application landscape, branch processes, outsourced arrangements, and board-approved critical operations inventory.
|
Sub-CBS Code |
Sub-CBS |
Dependency Type (People, Process, Technology, Third Party) |
Dependency Detail (What/Who is involved) |
Connectivity (How it connects/interacts with the CBS or other components) |
|
1.1 |
Customer Onboarding and Account Application |
People, Process, Technology, Third Party |
Branch sales staff, customer service officers, relationship managers, onboarding approvers; account application workflow, product disclosure, document intake, customer consent capture; branch onboarding platform, CRM, document imaging, queue system; ID validation utilities, courier/scanning support where used |
Entry point to the deposit-service value chain. Feeds customer data and documentary records into KYC verification, account approval, CIF creation, and downstream account setup. Any breakdown delays all subsequent deposit-account activities. |
|
1.2 |
Customer Identification and Verification |
People, Process, Technology, Third Party |
Compliance staff, branch officers, AML reviewers; KYC/CDD, sanctions screening, politically exposed person checks, beneficial ownership verification, documentary exception handling; screening engines, customer master records, case-management tools; external identity databases, sanctions/watchlist content providers |
Validates customer legitimacy before account opening and transaction enablement. Connects onboarding with approval, fraud monitoring, regulatory reporting, and ongoing customer maintenance. |
|
1.3 |
Account Approval and Opening |
People, Process, Technology, Third Party |
Branch managers, operations approvers, maker-checker staff; approval matrix, product eligibility rules, CIF/account number generation, signature capture; core banking system, workflow engine, image/signature repository; managed print/card/passbook vendors where applicable |
Converts application and KYC-cleared records into a live deposit account. Connects directly to initial funding, product parameter setup, digital enablement, statement generation, and downstream servicing. |
|
1.4 |
Initial Funding and Deposit Booking |
People, Process, Technology, Third Party |
Tellers, branch operations staff, treasury/settlement support; cash acceptance, cheque receipt, float handling, transaction validation, GL posting; teller platform, core banking, cheque capture, cash management devices; cash-in-transit, correspondent/clearing channels for cheque settlement |
Activates the account financially and creates the first ledger entries. Connects with transaction processing, reconciliation, ATM/card funding availability, and exception handling. |
|
1.5 |
Product Terms Setup and Account Parameter Maintenance |
People, Process, Technology, Third Party |
Product managers, deposit operations, system administrators, control officers; rate table maintenance, fee setup, account class rules, dormancy thresholds, sweep or linkage parameters; product parameter engine, core banking configuration tables, audit logs; vendor-supported core banking modules |
Governs how accounts behave after opening. Connects with interest and fee processing, account controls, statements, digital channels, and regulatory treatment of specific account types. |
|
1.6 |
Deposit Transactions Processing |
People, Process, Technology, Third Party |
Tellers, branch and back-office operations staff, payments support; cash deposits, cheque deposits, inter-branch credits, posting controls, cutoff and end-of-day handling; teller systems, core banking ledger, branch connectivity, interface middleware; clearing/settlement participants, telecom providers |
Central transaction engine for the CBS. Connects to balance updates, reconciliation, fraud surveillance, statements, customer servicing, and channel availability across branch and digital touchpoints. |
|
1.7 |
Withdrawal and Funds Access Processing |
People, Process, Technology, Third Party |
Tellers, branch supervisors, authorization staff; cash withdrawal workflow, cheque encashment, hold checks, large-amount approval, signature verification; teller platform, signature verification tools, core banking, branch cash devices; cash-in-transit, ATM network operators, interbank cash support where applicable |
Enables customer access to deposited funds. Strongly interconnected with fraud controls, account restrictions, ATM/card access, digital channels, branch cash availability, and incident escalation. |
|
1.8 |
Account Servicing and Customer Maintenance |
People, Process, Technology, Third Party |
Customer service officers, branch operations, contact center, data-maintenance approvers; update of address/contact details, account linking, replacement credentials, signature refresh, mandate changes; CRM, customer-information file, document repository, service-request tools; SMS/email notification providers, print/mail service providers |
Maintains the accuracy of customer and account records. Connects with fraud controls, statements, digital enablement, complaints handling, and compliance review for refreshed KYC data. |
|
1.9 |
Interest, Fees, and Charges Processing |
People, Process, Technology, Third Party |
Product operations, finance, deposit operations, control staff; accrual rules, batch interest runs, service fee charging, waiver processing, tax treatment; core banking batch engine, product tables, GL interfaces, reconciliation reports; tax reporting utilities or vendor modules where used |
Applies commercial and contractual terms to deposit accounts. Connects with parameter maintenance, statements, customer disputes, reconciliations, and regulatory/customer fairness controls. |
|
1.10 |
Statement, Passbook, and Balance Reporting |
People, Process, Technology, Third Party |
Branch staff, operations reporting teams, customer contact center; statement production, passbook update, balance inquiry, report distribution, archival retrieval; statement engine, passbook printers, online/mobile display services, archival storage; print-and-mail vendors, email/SMS providers |
Provides customers with account visibility and evidence of transactions. Consumes posted transaction and fee data and connects with complaints handling, dispute resolution, compliance requests, and audit trails. |
|
1.11 |
Digital Account Access Enablement |
People, Process, Technology, Third Party |
Digital banking teams, customer support, information security, operations; user enrollment, credential issuance, MFA registration, activation/deactivation controls; internet/mobile banking platforms, IAM, MFA tools, API/middleware, cybersecurity monitoring; OTP/SMS providers, app vendors, telecom/internet providers |
Extends deposit services into digital channels. Connects directly with transaction processing, balance reporting, account servicing, fraud monitoring, and incident response for cyber and channel disruptions. |
|
1.12 |
ATM and Card-Based Access Management |
People, Process, Technology, Third Party |
Card operations, branch staff, ATM support, fraud teams; card issuance, PIN management, ATM limit maintenance, hotlisting, replacement workflow; card management system, ATM switch, HSM, core banking interfaces, monitoring tools; card personalization vendors, ATM managed service providers, network scheme/switch participants |
Enables card-based access to deposit balances and cash withdrawal. Connects with withdrawals, fraud controls, customer servicing, reconciliation, and BCM for ATM/channel outages. |
|
1.13 |
Account Reconciliation and Exception Handling |
People, Process, Technology, Third Party |
Operations control teams, finance, branch operations, investigation staff; suspense reconciliation, unmatched item investigation, break resolution, settlement variance follow-up; reconciliation engine, GL systems, exception queues, reporting dashboards; clearing houses, settlement agents, vendor support for recon tools |
Detects and resolves posting, settlement, and balance discrepancies across deposit operations. Connects with transaction processing, fees/interest, ATM/card activity, complaints, fraud review, and financial reporting. |
|
1.14 |
Dormancy, Holds, Restrictions, and Account Control Administration |
People, Process, Technology, Third Party |
Deposit operations, branch officers, legal/compliance, authorized approvers; dormancy tagging, freeze/unfreeze, garnishment, deceased account controls, watchlist restrictions; core banking controls, workflow tools, legal hold registers; court/law-enforcement interfaces, external notice channels where applicable |
Applies operational and legal restrictions to deposit accounts. Connects with withdrawals, digital access, fraud review, customer servicing, and regulatory compliance to prevent unauthorized access or unlawful release of funds. |
|
1.15 |
Fraud Monitoring and Transaction Surveillance for Deposit Accounts |
People, Process, Technology, Third Party |
Fraud analysts, AML investigators, branch escalation points, cybersecurity staff; alert review, transaction pattern analysis, case escalation, card/deposit fraud investigation, blocking actions; fraud-monitoring engine, AML monitoring tools, SIEM/cyber tools, case management; consortium data providers, telecom/SMS providers, law-enforcement coordination channels |
Acts as a protective layer across the full CBS. Connects with onboarding/KYC, withdrawals, digital access, ATM/card services, complaints, account controls, and incident response for suspicious or confirmed events. |
|
1.16 |
Complaints, Disputes, and Service Recovery |
People, Process, Technology, Third Party |
Contact center, branch service teams, complaints officers, operations investigators; complaint intake, dispute logging, root-cause review, refund/reversal handling, escalation and closure; CRM/case management, call center platforms, workflow tools, knowledge base; outsourced call center support, courier or notification providers |
Captures service failures experienced by customers and drives remediation. Connects with statements, transaction processing, fraud review, reconciliation, account maintenance, and resilience lessons learned. |
|
1.17 |
Regulatory Reporting and Compliance Support for Deposit Services |
People, Process, Technology, Third Party |
Compliance, regulatory reporting teams, finance, operations control, AML teams; report preparation, exception review, audit trail extraction, compliance attestations, issue remediation; reporting systems, data marts, core banking extracts, document repositories; regtech tools, reporting software vendors where used |
Converts deposit-service data into regulatory submissions, management information, and compliance evidence. Connects with KYC, fraud monitoring, reconciliation, account controls, and board/senior management oversight. |
|
1.18 |
Business Continuity and Recovery for Deposit Services |
People, Process, Technology, Third Party |
BCM team, IT DR teams, branch continuity coordinators, crisis management teams, senior management; BIA, recovery strategies, invocation criteria, manual workarounds, alternate site procedures, exercise management; DR site, backup systems, communication tools, incident management platforms, recovery runbooks; telecom providers, alternate-site providers, critical IT and facilities vendors |
Cross-cutting resilience layer for the entire CBS. Connects to every Sub-CBS by defining how LBP continues or restores deposit services during branch outage, cyber incident, power/telecom failure, third-party disruption, or broader crisis. |
For a Philippine bank such as LBP, BSP Circular No. 1203 gives several clear requirements that shape the dependency map.
First, the bank must identify its critical operations and the supporting assets required to deliver them, including people, technology, information, facilities, internal processes, and outsourced services. That is why the map above treats each Sub-CBS as more than a process flow; it also identifies enabling resources and external dependencies.
Second, BSP expects banks to map interconnections and interdependencies so they can identify vulnerabilities in the delivery chain of critical operations.
In practice, for deposit and account services, this means tracing how onboarding feeds KYC, how KYC gates account opening, how account opening enables funding and transactions, and how channels such as branch, ATM, and digital banking depend on the same core ledger, authentication, fraud controls, and telecom connectivity.
Third, BSP requires banks to set a tolerance for disruption for each identified critical operation, using at a minimum a time-based metric and, where appropriate, additional metrics such as affected customers or transaction values.
For deposit services, that means the dependency map should support later decisions on acceptable restoration times for account opening, withdrawal processing, ATM access, digital access, reconciliation, and complaint resolution.
Fourth, the Circular specifically highlights third-party service providers, public infrastructure, and technology/security as material resilience considerations.
For LBP, that translates into mapping dependencies on telecommunications, energy, ATM/network connectivity, managed service providers, SMS/OTP providers, card vendors, print-and-mail vendors, and any outsourced or intragroup services that support deposit delivery.
BSP also expects third-party arrangements affecting critical operations to include provisions for continuity during disruption or viable exit/alternative arrangements.
Fifth, BSP requires BCM and testing to be integrated into the operational resilience framework.
The Circular calls for forward-looking BCM, incident recovery guidance, clear roles and succession, communication and crisis management programs, and periodic exercises covering critical operations together with their interconnections and key dependencies using severe but plausible scenarios.
Examples given in the Circular include pandemic events, failure of key service providers, and major cyber incidents. For deposit services, those scenarios would reasonably include core banking outage, telecom failure affecting ATM and digital channels, branch unavailability, cash supply interruption, fraud attack, or a third-party identity/OTP service disruption.
Finally, BSP’s self-assessment annex shows the kinds of questions supervisors will expect a bank to answer: who is responsible for the mapping, whether interconnections and interdependencies have been identified, what key sources and resources support the mapping, whether key roles have backups, and whether third-party providers are managed to meet operational resilience expectations.
That makes this chapter not only a design artefact, but also evidence for governance, challenge, and compliance review.
The dependency map for CBS-1 Deposit and Account Services shows that LBP’s deposit operations are not a single process but a connected service ecosystem spanning branch staff, compliance and fraud teams, product and operations units, core banking and channel technologies, public infrastructure, and multiple third-party providers.
Mapping these relationships makes it easier to identify concentration risk, single points of failure, weak handoffs, and recovery priorities across the full deposit-service chain.
In operational resilience terms, this map should be used as the working foundation for the next implementation steps: validating critical resources, setting tolerance for disruption, identifying severe but plausible scenarios, and designing realistic testing and recovery actions.
Under BSP Circular No. 1203, the value of mapping is not merely documentation; it is to help the bank sustain or restore critical deposit services through disruption while minimising material harm to customers, the institution, and the wider financial system.
|
Strengthening Operational Resilience in Land Bank of the Philippines: A Practical Implementation Guide |
|||||
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit & Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST |
| |
|
||||
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|