For Land Bank of the Philippines (LBP), identifying
These scenarios represent extreme but realistic disruptions that could threaten the delivery of CBS-1 Deposit and Account Services.
In line with the methodology described in the BCM Institute’s OR guidance, SuPS must test the bank’s ability to remain within defined impact tolerances, especially under compounded operational, cyber, and third-party failures.
This section outlines scenario design aligned with regulatory expectations, including end-to-end service disruption, cyber compromise, data integrity failures, and third-party outages, with explicit linkage to Cyber and ICT risk integration, as mandated by regulators.
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenario |
Impact / Effect |
Proactive Risk Management Action |
Link to Integration of Cyber and ICT Risks |
|
1.1 |
Customer Onboarding and Account Application |
Prolonged outage of onboarding systems due to cloud service provider failure |
Inability to onboard customers; revenue and reputational loss |
Multi-channel onboarding fallback; offline forms; alternate cloud region |
Cloud resilience, third-party ICT dependency risk |
|
1.2 |
Customer Identification and Verification |
National ID verification API unavailable due to cyberattack |
Delayed KYC; regulatory non-compliance risk |
Alternative ID verification methods; cached verification protocols |
API security, identity system cyber resilience |
|
1.3 |
Account Approval and Opening |
Internal workflow system compromised by ransomware |
Halt in account approvals; operational backlog |
Segregated approval systems; rapid system isolation and recovery |
Endpoint security, ransomware defence |
|
1.4 |
Initial Funding and Deposit Booking |
Core banking system data corruption during peak transactions |
Incorrect balances; financial loss exposure |
Real-time reconciliation; backup restoration procedures |
Data integrity controls, database resilience |
|
1.5 |
Product Terms Setup and Maintenance |
Misconfiguration due to system patch failure |
Incorrect interest/fees applied to accounts |
Automated validation checks; configuration rollback capability |
Change management, patch governance |
|
1.6 |
Deposit Transactions Processing |
Distributed Denial-of-Service (DDoS) attack on transaction systems |
Transaction delays/failures; customer dissatisfaction |
DDoS protection; traffic rerouting; load balancing |
Network security, availability protection |
|
1.7 |
Withdrawal and Funds Access Processing |
ATM network outage due to telecom provider failure |
Customers unable to access funds |
Multi-network ATM routing; branch cash contingency plans |
Telecom dependency risk, network redundancy |
|
1.8 |
Account Servicing and Maintenance |
CRM system outage caused by system upgrade failure |
Inability to update customer records; service delays |
Rollback procedures; manual servicing processes |
Application resilience, release management |
|
1.9 |
Interest, Fees, Charges Processing |
Batch processing failure due to system overload |
Incorrect financial postings; reconciliation issues |
Parallel batch processing; monitoring thresholds |
System capacity management, processing resilience |
|
1.10 |
Statement and Balance Reporting |
Data extraction failure due to a reporting system bug |
Customers receive incorrect/missing statements |
Independent reporting validation; secondary reporting systems |
Data pipeline integrity, reporting system resilience |
|
1.11 |
Digital Account Access Enablement |
Mobile banking app compromised by malware injection |
Unauthorised access risk; service suspension |
App security testing, forced updates, and MFA enforcement |
Mobile app security, authentication controls |
|
1.12 |
ATM and Card-Based Access Management |
The card management system was breached, leading to card cloning |
Fraudulent withdrawals; customer trust erosion |
Card blocking automation; fraud monitoring systems |
Card security, fraud analytics systems |
|
1.13 |
Account Reconciliation and Exception Handling |
Failure of the reconciliation engine due to a data mismatch |
Undetected financial discrepancies |
Automated reconciliation alerts; manual override procedures |
Data validation, reconciliation system resilience |
|
1.14 |
Dormancy, Holds, Restrictions Management |
Unauthorised lifting of account restrictions due to an access control breach |
Fraudulent access to restricted funds |
Strong access controls, audit trails; periodic reviews |
Identity access management (IAM), insider threat control |
|
1.15 |
Fraud Monitoring and Surveillance |
AI fraud detection system failed during a cyber incident |
Increased fraud losses due to undetected anomalies |
Backup rule-based monitoring; real-time alerts escalation |
AI system resilience, cyber incident integration |
|
1.16 |
Complaints, Disputes, Service Recovery |
Contact centre outage due to cyberattack |
Inability to handle complaints; regulatory breaches |
Alternate contact channels; crisis communication plans |
Communication system resilience, cyber recovery |
|
1.17 |
Regulatory Reporting and Compliance Support |
Regulatory reporting system unavailable during submission deadline |
Non-compliance penalties; supervisory action |
Pre-submission validation; backup reporting channels |
RegTech system resilience, compliance, and data protection |
|
1.18 |
Business Continuity and Recovery |
Major disaster affecting primary data center (e.g., flood, fire) |
Full service disruption; breach of impact tolerances |
DR site activation; regular BCP testing; scenario exercises |
DR infrastructure, ICT recovery capability |
The identification of Severe but Plausible Scenarios for CBS-1 Deposit and Account Services enables the Land Bank of the Philippines to move beyond traditional risk assessment into forward-looking resilience testing, as required by BSP Circular No. 1203.
These scenarios demonstrate how operational, cyber, and third-party risks can converge to disrupt critical services and must therefore be tested holistically.
By embedding proactive risk management actions and explicitly linking each scenario to Cyber and ICT risk integration, LBP ensures that resilience capabilities are not only documented but operationalised.
This approach strengthens the bank’s ability to remain within defined impact tolerances, maintain customer trust, and meet regulatory expectations even under extreme but plausible conditions.
|
Strengthening Operational Resilience in Land Bank of the Philippines: A Practical Implementation Guide |
|||||
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit & Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST |
| |
|
||||
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|