While earlier chapters establish service identification, impact tolerances, dependencies, and resources, this chapter moves the organisation from design to validation.
Scenario testing enables Metrobank to assess whether its critical services can remain within defined impact tolerances under severe yet plausible disruptions.
For a diversified banking institution operating across digital, retail, wholesale, payment, and third-party ecosystems, scenario testing provides evidence that resilience arrangements are not only documented but also operationally effective under stress.
The purpose of this chapter is to guide readers in understanding how scenario testing is systematically designed, executed, and evaluated across all critical business services.
It explains the rationale for selecting scenarios, the types of threats tested (e.g. technology failures, cyber incidents, third-party outages, people risks, and process breakdowns), and how testing outcomes inform management decisions.
By the end of this chapter, readers are expected to appreciate how scenario testing supports regulatory expectations, strengthens risk ownership, and enables Metrobank to identify vulnerabilities, prioritise investments, and continuously enhance its operational resilience posture.
Table P6: Perform Scenario Testing for CBF-1 to CBF-12
|
Sub-CBS Code |
Name of Sub-CBS |
Recommended Scenario Testing |
Evidence of Proactive Risk Management Action |
|
1.1 |
Cash Deposit at Branches |
Test disruptions due to system failures, branch connectivity issues, or ATM network failures |
Backup systems, manual deposit processing protocols, and system redundancy checks |
|
1.2 |
Deposit via ATMs |
Test network failures, security breaches, or ATM software malfunctions |
ATM monitoring systems, real-time security patches, and machine diagnostics |
|
1.3 |
Online/Internet Banking Deposits |
Test server overload, unauthorised access attempts, or data breaches |
Two-factor authentication (2FA), DDoS mitigation protocols, and encryption methods |
|
1.4 |
Cash Withdrawal at Branches |
Test service disruption due to ATM failure, power outage, or human error |
Backup power sources, emergency staffing plans, and cash handling training |
|
1.5 |
ATM Withdrawals |
Test ATM downtime, card reader failure, or unauthorised withdrawal attempts |
ATM remote diagnostics, fraud detection alerts, and maintenance schedules |
|
1.6 |
Online/Internet Banking Withdrawals |
Test user authentication failures, system outages, or malicious software attacks |
Secure login protocols, transaction logging, anomaly detection systems |
|
1.7 |
Failed Deposits or Withdrawals |
Test recovery process for transaction failures, user errors, or gateway issues |
Customer support protocols, system alerts for failed transactions, and backup data systems |
|
1.8 |
Fraud Detection and Prevention |
Test false-positive fraud alerts, unauthorised access, or compromised transactions |
Machine learning fraud models, 24/7 monitoring, fraud case simulations |
|
2.1 |
Transaction Initiation |
System downtime during initiation; high-volume requests |
Incident response drills, regular system updates, and system redundancy |
|
2.2 |
Transaction Validation |
Fraudulent/invalid transaction tests |
Automated validation tests, machine learning fraud detection |
|
2.3 |
Transaction Authorisation |
MFA failure; overloaded authorisation systems |
MFA stress tests, response to load requests |
|
2.4 |
Transaction Settlement |
Delayed/incorrect settlements |
Reconciliation checks, automated monitoring |
|
2.5 |
Reconciliation |
Mismatch or data corruption |
Regular audits, automated data checks |
|
2.6 |
Dispute Resolution |
Incorrect/ delayed dispute resolution |
Clear workflows, user training |
|
2.7 |
Compliance and Reporting |
Crashes during reporting; data issues |
Compliance monitoring tools, data backups |
|
2.8 |
System Maintenance and Monitoring |
Maintenance failures; monitoring alerts |
Scheduled maintenance audits, real-time monitoring |
|
3.1 |
ATM Cash Withdrawal Services |
ATM downtime due to power failure, cyberattack, or cash shortage |
Regular penetration testing; real-time monitoring systems |
|
3.2 |
Branch Cash Withdrawal Services |
Branch closure due to hazards; network disruptions |
Contingency planning; backup communications |
|
3.3 |
Cash Deposit Services |
Machine failure; high-volume delays |
Cash machine checks; high-volume monitoring |
|
3.4 |
Cash Handling and Replenishment |
Replenishment delays; fraud |
Inventory tracking; training |
|
3.5 |
ATM Maintenance and Troubleshooting |
Slow repair response; software access issues |
Maintenance schedules; remote monitoring |
|
4.1 |
Corporate Account Setup and Onboarding |
Surge in onboard requests; phishing & outages |
Anti-phishing exercises; KYC throughput stress tests |
|
4.2 |
Receivables Management |
File corruption; ransomware |
Backup environment; ransomware simulation |
|
4.3 |
Payables & Disbursement Services |
Payments interface failure; malware |
API failover testing; network segmentation |
|
4.4 |
Electronic Banking & Treasury Support |
Platform outages; DDoS |
DDoS playbooks; capacity scaling exercises |
|
4.5 |
Cash Concentration & Liquidity |
Liquidity stress; fraudulent transfers |
Anomaly monitoring; liquidity stress simulations |
|
4.6 |
Cheque Clearing & Settlement |
Clearing disruption; malware |
Manual settlement drills; secure recovery |
|
4.7 |
Corporate Deposits & Cash Vault |
Vault outages; system breach |
Vault failover testing; audit trails |
|
4.8 |
Collections Reconciliation & Reporting |
Engine latency; data breach |
Backup validation; exception drills |
|
4.9 |
Complaint, Exception & Dispute Mgmt |
Dispute surge; data breach |
Incident response testing; overflow capability |
|
4.10 |
Regulatory & Compliance Monitoring |
Compliance feed breakdown: cyberattacks |
Continuous dashboards; immutable logs |
|
5.1 |
Retail Loan Origination & Assessment |
Cyber-attack on loan portals |
Penetration testing; MFA enhancements |
|
5.2 |
Corporate & Commercial Credit Underwriting |
Data breach exposure |
Encryption; access controls |
|
5.3 |
SME Financing & Credit Processing |
System outage in approvals |
Backup systems; disaster recovery drills |
|
5.4 |
Credit Approval & Sanctioning |
Decision system failure |
Monitoring; cybersecurity measures |
|
5.5 |
Loan Documentation & Contract Execution |
Signature malfunction/fraud |
Verification; fraud detection |
|
5.6 |
Collateral Management & Security Registration |
Registration system failure |
System audits; cyber integration |
|
5.7 |
Loan Disbursement & Account Setup |
Disbursement platform failure |
Redundant systems; manual backups |
|
5.8 |
Loan Servicing & Customer Support |
Support system crash |
Increased capacity; AI tools |
|
5.9 |
Credit Monitoring & Risk Review |
Data inaccuracy glitch |
System audits; AI anomaly detection |
|
5.10 |
Collections & Delinquency Mgmt |
System breach |
Monitoring; secure gateways |
|
5.11 |
Regulatory Reporting & Compliance |
Reporting platform failure |
Automated backups; compliance checks |
|
5.12 |
Loan Portfolio Analytics & Strategy |
Data corruption |
Data audits; AI detection |
|
6.1 |
Liquidity & Cash Management |
Liquidity stress; payment outages |
Documented liquidity simulations; emergency playbooks |
|
6.2 |
Money Market Operations |
Interest-rate shock; platform compromise |
Stress models; alternative pricing test logs |
|
6.3 |
FX Trading & Settlement |
Volatility spikes; terminal breach |
Failover test logs; dual-settlement evidence |
|
6.4 |
Fixed Income & Securities Trading |
Liquidity freeze; pricing feed attack |
Stress pricing reports; failover results |
|
6.5 |
Derivatives Trading & Risk Mgmt |
Margin calls spike; CCP disruption |
Stress results: cyber simulation logs |
|
6.6 |
Treasury Operations & Back-Office Support |
Settlement disruptions; ransomware |
BCP activation logs; manual workaround tests |
|
6.7 |
Collateral & Margin Management |
Collateral shortfall; margin breach |
Stress reports; cyber-forensics documentation |
|
6.8 |
Treasury Risk Monitoring & Compliance |
Reporting disruption: MIS outage |
Regulatory stress templates; cyber drill records |
|
6.9 |
Investment Portfolio Management |
Significant market losses; data tampering |
Stress reports; valuation audits |
|
6.10 |
Market Data & Pricing Support |
Price feed outage; DDoS |
Failover tests; alternate data logs |
|
7.1 |
Online Banking Platform Management |
Simulate a major core system outage caused by database corruption or load balancer failure during peak transaction hours. |
Post-test enhanced database replication and failover testing implemented. |
|
7.2 |
Mobile Banking Application Services |
Conduct a simulation of widespread mobile app downtime caused by a faulty release or a DDoS attack. |
Strengthened DevSecOps pipeline with pre-deployment integrity checks. |
|
7.3 |
Digital Account Access and Authentication |
Test MFA failure/compromise due to phishing or credential stuffing. |
Deployment of adaptive authentication and user anomaly tools. |
|
7.4 |
Online Funds Transfer & Payment Processing |
Scenario of delayed/failed payments due to API malfunction with payment gateways. |
Backup APIs and continuous monitoring implemented. |
|
7.5 |
Digital Customer Onboarding & e-KYC |
Simulate KYC verification downtime resulting from a third-party provider failure. |
Established alternate KYC provider arrangements and enforced vendor SLAs. |
|
7.6 |
Digital Customer Support & Service Channels |
Test chatbot/live chat unavailability due to cloud provider degradation. |
Multi-cloud fallback strategy & documentation. |
|
7.7 |
CNP & e-Commerce Transaction Processing |
Simulate fraudulent CNP surges that result in false-positive blocks. |
Continuous tuning of fraud detection models. |
|
7.8 |
ATM & Electronic Channel Management |
Test the ATM network loss due to telecom outage. |
Redundant comms channels & enhanced network monitoring. |
|
7.9 |
Cybersecurity & Fraud Monitoring for Digital Channels |
Conduct red-team/blue-team cyberattack simulation targeting online channels. |
Refined incident playbooks and SOC escalation criteria. |
|
7.10 |
Digital Banking Data Management & Reporting |
Scenario of corrupted reporting data due to ransomware/data loss. |
Air-gapped backups and regular restore testing. |
|
8.1 |
Client Onboarding and Profiling |
Test data breaches, fraudulent data entry, and system downtime. |
MFA, encryption and robust data validation. |
|
8.2 |
Investment Advisory & Portfolio Management |
Simulate market crashes, algorithm failures, and data corruption. |
Software updates, diversified strategies, portfolio stress tests. |
|
8.3 |
Trust Account Establishment & Administration |
Test account setup failure, data corruption, and access issues. |
Backup systems and access controls. |
|
8.4 |
Fund & Asset Management Operations |
Simulate liquidity crises, valuation errors, and operational failures. |
Real-time monitoring & contingency plans. |
|
8.5 |
Wealth & Estate Planning Services |
Simulate records loss, inheritance errors, and compliance issues. |
Regular audits, system updates, and compliance training. |
|
8.6 |
Regulatory & Fiduciary Compliance Management |
Test failures to meet regulatory deadlines/reporting. |
Real-time compliance tracking and audits. |
|
8.7 |
Client Reporting & Relationship Management |
Simulate errors in reports/communication failures. |
Automated reporting with error checks. |
|
8.8 |
Custodial & Safekeeping Services |
Simulate security breaches & asset loss. |
Strong security checks and asset recovery planning. |
|
9.1 |
Credit Card Application & Onboarding |
System outages and data corruption; phishing attacks. |
Penetration tests & onboarding redundancy. |
|
9.2 |
Card Issuance & Fulfilment |
Vendor outage/logistics failure; data compromise. |
Dual vendor sourcing & encrypted personalisation. |
|
9.3 |
Transaction Authorisation & Processing |
Switch failure; DDoS attacks. |
Backup transaction routes; failover systems. |
|
9.4 |
Merchant Acquiring & Onboarding |
Integration errors with merchant platforms; risks associated with KYC data. |
Third-party testing and encryption verification. |
|
9.5 |
Merchant Transaction & Settlement Services |
Gateway failure/settlement delays or ransomware. |
Settlement failover tests; offsite replication. |
|
9.6 |
Cardholder Servicing & Collections |
Contact centre outage; customer data compromise. |
Crisis communication tests & endpoint security. |
|
9.7 |
Fraud Detection & Security Monitoring |
Fraud system compromise; insider data manipulation. |
Cyber drills & anomaly detection backup reviews. |
|
9.8 |
Compliance & Regulatory Management |
Reporting tool failures; delayed submissions. |
Backup reporting platforms and secure audits. |
|
10.1 |
International Remittance Processing |
System failure from high volumes/cyber-attack. |
Infrastructure redundancy, DDoS protection and monitoring. |
|
10.2 |
Remittance Partner & Correspondent Bank Mgmt. |
Comms disruption with correspondent banks. |
Alternative communication protocols tested. |
|
10.3 |
FX Conversion & Rate Management |
Flash volatility or rate-fixing system failure. |
Automated alerts, contingency plans & stress tests. |
|
10.4 |
OFW Remittance Facilitation |
System failure during peak periods. |
Load balancing, capacity testing & support. |
|
10.5 |
Cross-Border Compliance & Sanctions Screening |
False positives or delayed screening. |
Real-time screening improvements & testing. |
|
10.6 |
Customer Enrolment & KYC for Remittance |
Fraudulent identity breaches. |
Biometric VER and continuous training. |
|
10.7 |
Dispute Resolution & Trace Requests |
Inability to track remittances/resolve disputes. |
24/7 trace team & digital case systems. |
|
10.8 |
FX Transaction Settlement & Reporting |
FX settlement disruptions or reporting errors. |
Enhanced reconciliation & automated error detection. |
|
11.1 |
Regulatory Reporting Framework |
Regulatory changes, inspection failures. |
Regular reviews & regulatory change management. |
|
11.2 |
Compliance Monitoring & Auditing |
System failure; erroneous third-party audit data. |
Automated tools and cross-verification. |
|
11.3 |
Submission of Regulatory Reports |
Cyberattack; human error in submission. |
Backups, error-proofing and crisis plans. |
|
11.4 |
Risk Assessment & Mitigation in Reporting |
External risk & misaligned thresholds. |
Real-time risk monitoring & stress tests. |
|
11.5 |
Reporting Systems & Technology |
Downtime/data breaches; integration gaps. |
Cybersecurity measures & redundancy. |
|
12.1 |
Vendor Risk Management |
Vendor insolvency; supply chain/cyber breaches. |
Vendor audits, risk scoring and performance reviews. |
|
12.2 |
Third-Party Contract Management |
Contract non-compliance/legal disputes. |
SLA monitoring & legal integration. |
|
12.3 |
Outsourced Service Monitoring |
Provider downtime or reporting gaps. |
Monitoring tools & escalation protocols. |
|
12.4 |
Service Continuity Planning |
Vendor interruption; natural disaster. |
Continuity plans, backups & regular drills. |
|
12.5 |
Compliance & Regulatory Assurance |
Data privacy/ regulatory non-compliance. |
Automated reports & staff training. |
|
12.6 |
Incident Management & Response |
Multi-vendor incidents; ransomware/ system failure. |
Incident plans, tabletop exercises & cyber drills. |
The scenario testing performed across CBS-1 to CBS-12 demonstrates Metrobank’s ability to translate resilience principles into practical, evidence-based assurance.
Through structured and repeatable testing, Metrobank gains visibility into how disruptions propagate across processes, technology, people, facilities, and third-party dependencies.
Importantly, the outcomes of these tests do not end at observation; they drive corrective actions, design improvements, and strengthened controls that enhance the bank’s ability to remain within impact tolerances during real-world events.
In conclusion, this chapter confirms that scenario testing is not a one-off exercise, but a continuous learning mechanism embedded within Metrobank’s operational resilience lifecycle.
The insights generated from these tests provide senior management and regulators with confidence that critical business services can be protected, customers can be served, and financial stability can be preserved during periods of severe disruption.
As Metrobank matures its resilience capability, scenario testing will remain a cornerstone for validating preparedness, reinforcing accountability, and supporting informed decision-making at all levels of the organisation.
|
Building Resilient Banking Operations: The Metrobank Operational Resilience Implementation Guide |
|||||
| eBook 3: Starting Your OR Implementation |
|||||
| Consolidated Report | |||||
| P1 DP | P2 MD | P3 MPR | P4 ITo | P5 SuPS | P6 ST |
| Detailed Processes for Critical Business Services for Metrobank [CBS 1 - CBS 12] | |||||
| CBS 1 | CBS 2 | CBS 3 | CBS 4 | CBS 5 | CBS 6 |
| CBS 7 | CBS 8 | CBS 9 | CBS 10 | CBS 11 | CBS 12 |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|