![[OR] [MIB] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/3f6f3532-eeed-4a2f-a703-09465c567f80.png)
CBS-1 Securities Trading & Execution
Introduction
![[OR] [MIB] [E3] [CBS] [1] [ITo] Establish Impact Tolerances](https://no-cache.hubspot.com/cta/default/3893111/86a15235-66bf-4ff2-a2fc-aefe29518d19.png)
Operational resilience requires financial institutions to define the maximum level of disruption they can tolerate before causing intolerable harm to customers, market integrity, financial stability, or regulatory compliance.
For Maybank Investment Bank, the Critical Business Service CBS-1 Securities Trading & Execution is highly time-sensitive and market-facing, making it essential to establish clear, measurable impact tolerances.
This chapter defines appropriate impact tolerances for each Sub-CBS under CBS-1.
The tolerances align with operational resilience principles by setting measurable thresholds for Maximum Tolerable Downtime (MTD), Maximum Tolerable Data Loss (MTDL), customer impact, and regulatory consequences.
These thresholds represent the point at which disruption would result in unacceptable harm and must therefore not be exceeded under severe yet plausible scenarios.
![Banner [Table] [OR] [E3] Establish Impact Tolerance](https://no-cache.hubspot.com/cta/default/3893111/627c33a8-714d-40af-9a2b-0d7957fb8afa.png)
Table P4: Establish Impact Tolerance for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Maximum Tolerable Downtime (MTD) |
Maximum Tolerable Data Loss (MTDL) |
Customer Impact |
Regulatory Impact |
Impact Type |
Current Resilience Status |
Action Required |
|
1-1 |
Client Onboarding for Trading |
24 hours |
1 hour |
Delayed account activation; revenue loss |
KYC/AML breach risk |
Compliance / Reputational |
Adequate with manual fallback |
Enhance e-KYC redundancy |
|
1-2 |
Order Capture & Validation |
30 minutes (market hours) |
Near-zero (<5 mins) |
Clients unable to place trades |
Market conduct breach |
Financial / Regulatory |
High resilience; monitored |
Strengthen peak-load testing |
|
1-3 |
Pre-Trade Risk Controls |
15 minutes |
Zero tolerance |
Unauthorised or excessive exposure |
Breach of capital/market rules |
Financial Stability / Regulatory |
Strong controls in place |
Implement secondary real-time engine |
|
1-4 |
Trade Execution (Exchange-Traded) |
15 minutes |
Near-zero |
Missed market opportunities; financial loss |
Exchange rule violations |
Financial / Market Integrity |
Resilient with the DR site |
Improve active-active setup |
|
1-5 |
Trade Execution (OTC / Structured Products) |
1 hour |
<15 minutes |
Pricing disputes; failed trades |
Counterparty disputes |
Financial / Legal |
Moderate resilience |
Strengthen pricing system redundancy |
|
1-6 |
Algorithmic & Electronic Trading Management |
10 minutes |
Zero tolerance |
Market disruption risk |
Severe regulatory sanctions |
Systemic / Regulatory |
High monitoring coverage |
Enhance kill-switch automation |
|
1-7 |
Trade Confirmation & Client Notification |
4 hours |
<30 minutes |
Client uncertainty; disputes |
Reporting non-compliance |
Reputational / Regulatory |
Generally stable |
Automate backup notification channel |
|
1-8 |
Trade Capture & Booking |
2 hours |
<15 minutes |
Ledger inaccuracies |
Financial misstatement |
Financial / Regulatory |
Moderate |
Real-time replication enhancement |
|
1-9 |
Clearing & Settlement Processing |
2 hours (T+0/T+1) |
Near-zero |
Settlement failure; penalties |
Central counterparty breach |
Financial / Systemic |
Strong integration |
Enhance STP monitoring |
|
1-10 |
Custody & Safekeeping Coordination |
4 hours |
<30 minutes |
Asset misreporting |
Fiduciary breach |
Legal / Reputational |
Adequate |
Strengthen custodian connectivity |
|
1-11 |
Margin & Collateral Management |
30 minutes (volatile market) |
<5 minutes |
Under/over-collateralization risk |
Capital adequacy breach |
Financial Stability |
Strong but stress-sensitive |
Improve intraday margin recalculation |
|
1-12 |
Corporate Actions Processing |
24 hours (non-critical events) |
<1 hour |
Incorrect entitlements |
Disclosure breaches |
Reputational / Compliance |
Adequate |
Enhance automation & reconciliation |
|
1-13 |
Reconciliation & Exception Management |
End-of-day (EOD) |
<1 hour |
Undetected trade breaks |
Regulatory reporting errors |
Financial / Regulatory |
Moderate |
Increase intra-day reconciliation |
|
1-14 |
Regulatory Reporting & Surveillance |
Regulatory deadline dependent (same-day) |
Zero tolerance for report data |
Regulatory fines; enforcement action |
Direct breach of BNM/SC rules |
Regulatory / Legal |
Strong compliance framework |
Add parallel reporting validation |
|
1-15 |
Business Continuity & System Recovery for Trading |
1 hour RTO |
Zero data loss (real-time replication) |
Prolonged trading outage |
Market-wide reputational impact |
Strategic / Systemic |
Mature BCP framework |
Conduct more frequent live simulations |
Key Considerations in Setting Impact Tolerances
- Market Hours Sensitivity – Several Sub-CBS functions (e.g., order capture, execution, margin management) have significantly lower tolerances during trading hours.
- Zero Data Loss Principle – For trading, risk, settlement, and regulatory reporting processes, the tolerance for data loss is effectively zero due to financial and regulatory exposure.
- Customer Harm Threshold – Tolerances are calibrated at the point where disruption leads to financial loss, loss of access to markets, or fiduciary failure.
- Regulatory Threshold – Impact tolerance aligns with requirements from securities regulators and central bank expectations on market integrity and financial stability.
- Systemic Risk Consideration – Algorithmic trading, clearing, and margin management have the lowest tolerance levels due to potential systemic implications.
![Banner [Summing] [OR] [E3] Establish Impact Tolerance](https://no-cache.hubspot.com/cta/default/3893111/5e80e50f-5e3e-44ea-8c43-16bf42d4f3b5.png)
The mapping of processes and resources for CBS-1 Securities Trading & Execution demonstrates the complexity and interconnectivity of Maybank Investment Bank’s trading ecosystem.
Each Sub-CBS is supported by a layered structure of people, technology, infrastructure, and third-party providers, forming a tightly integrated front-to-back value chain.
This structured mapping enables the identification of concentration risks, third-party reliance, system interdependencies, and potential single points of failure.
By clearly linking operational processes to supporting resources and dependencies, Maybank Investment Bank strengthens its ability to conduct scenario testing, assess impact tolerances, and respond effectively to severe disruptions.
This mapping serves as a foundational element of operational resilience, ensuring that securities trading and execution services remain sustainable, recoverable, and compliant under stress conditions.
![[OR] [MIB] [E3] [CBS] [1] [DP] Securities Trading & Execution](https://no-cache.hubspot.com/cta/default/3893111/7a960cf5-5f8f-4795-8e2d-941b62c49b0e.png)
![[OR] [MIB] [E3] [CBS] [1] [MD] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/4818366e-86d1-4625-b282-e17bd7e87a6d.png)
![[OR] [MIB] [E3] [CBS] [1] [MPR] Map Processes and Resources](https://no-cache.hubspot.com/cta/default/3893111/aef19608-353c-48cd-89b2-f76601598a32.png)
![[OR] [MIB] [E3] [CBS] [1] [SuPS] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/dc813894-8c9d-4277-a496-5f45b220f990.png)
![[OR] [MIB] [E3] [CBS] [1] [ST] Perform Scenario Testing](https://no-cache.hubspot.com/cta/default/3893111/d9e1fd27-e41f-4735-9e4f-a98355d23bbb.png)
Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
