The "Identify Severe but Plausible Scenarios" chapter for CBS-1 Deposit and Withdrawal Services focuses on identifying and understanding potential extreme but credible disruptions that could affect Metrobank’s key deposit and withdrawal services.
These disruptions could stem from various risks, including natural disasters, cyber threats, technical failures, and human factors.
The purpose of identifying these scenarios is to enhance operational resilience, ensure preparedness, and minimize impact during a crisis, all while complying with regulatory requirements for operational resilience.
Here is the table showing the recommended "Severe but Plausible Scenarios" for each detailed process of Metrobank's CBS-1 Deposit and Withdrawal Services:
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenarios |
Integration of Cyber and ICT Risks |
Evidence of Proactive Risk Management Action |
|
1.1 |
Cash Deposit at Branches |
Natural disasters (e.g., earthquakes or floods) render branches inaccessible |
Cyber-attacks are disrupting the branch's internal systems |
Deployment of resilient infrastructure, continuity planning, and regular disaster recovery drills |
|
1.2 |
Deposit via ATMs |
ATM network failure due to a cyber-attack or a technical malfunction |
Cybersecurity breach compromising ATM systems |
Regular cybersecurity audits, real-time monitoring systems, and secure ATM software updates |
|
1.3 |
Online/Internet Banking Deposits |
DDoS attacks or system overloads cause temporary unavailability |
Data breaches, phishing attacks targeting online customers |
Multi-layered authentication, fraud detection mechanisms, and DDoS protection protocols |
|
1.4 |
Cash Withdrawal at Branches |
Power failure affecting cash withdrawal systems at multiple branches |
Remote attack on internal servers affecting branch operations |
Backup power generators, failover systems, and operational resilience training for branch staff |
|
1.5 |
ATM Withdrawals |
ATM skimming or cash-out attacks resulting in financial loss |
ATM hacking and malware affecting user data |
Encryption of ATM transaction data, transaction monitoring, and regular physical security checks |
|
1.6 |
Online/Internet Banking Withdrawals |
Account takeover fraud through phishing or credential stuffing attacks |
DDoS attacks or data leaks compromising user accounts |
Two-factor authentication, fraud monitoring, and continuous user education programs |
|
1.7 |
Failed Deposits or Withdrawals |
System errors or technical faults are causing transaction failures or delays |
Cybersecurity threats affecting transaction processing |
Robust transaction reconciliation processes, system redundancy, and incident response protocols |
|
1.8 |
Fraud Detection and Prevention |
Advanced persistent threats (APT) targeting fraud detection systems |
Data manipulation or false reporting of fraudulent activities |
Artificial intelligence in fraud detection, threat hunting, and continuous monitoring |
By identifying severe but plausible scenarios for each process under CBS-1 Deposit and Withdrawal Services, Metrobank can proactively strengthen its risk management strategies, integrate cybersecurity practices, and implement disaster recovery measures.
This approach ensures that the bank can continue to deliver critical services despite disruptions, maintaining trust with its customers and securing its financial stability in an increasingly complex risk landscape.
Proactive planning and continuous improvement in risk management are essential to ensuring resilience against these scenarios.
|
Building Resilient Banking Operations: The Metrobank Operational Resilience Implementation Guide |
|||||
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit and Withdrawal Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|