Scenario testing is a core pillar of operational resilience.
In line with industry guidance and the principles outlined in the BCM Institute blog “[OR] [P2-S4] What is Scenario Testing in Operational Resilience?”, scenario testing enables Maybank Investment Bank to assess whether its Critical Business Service (CBS-1 Securities Trading & Execution) can remain within defined impact tolerances during severe but plausible disruptions.
Rather than testing isolated systems, scenario testing examines end-to-end service continuity across people, process, technology, third parties, and market infrastructure.
For CBS-1, scenario testing ensures that trading, execution, clearing, settlement, custody, and regulatory obligations continue to operate within acceptable thresholds even under cyberattacks, ICT outages, market volatility, third-party failures, or data integrity incidents.
The following table outlines recommended scenario test themes for each Sub-CBS, highlighting impact assessment, integration of cyber and ICT risks, and evidence of proactive risk management actions.
|
Sub-CBS Code |
Sub-CBS |
Recommended Scenario Test Themes |
Impact / Effect |
Evidence of Proactive Risk Management Action (Including Cyber & ICT Risk Integration) |
|
1-1 |
Client Onboarding for Trading |
Cyber breach of KYC system; AML screening system outage; Third-party eKYC provider failure |
Delayed account activation; regulatory breach; onboarding backlog |
Periodic penetration testing; dual AML screening engines; fallback manual onboarding procedures; third-party SLA monitoring; KYC data encryption controls |
|
1-2 |
Order Capture & Validation |
Trading front-end system outage; FIX gateway disruption; market data feed corruption |
Inability to capture orders, rejected trades, and client dissatisfaction |
Active-active trading platform; redundant FIX connections; real-time data validation controls; incident response playbooks |
|
1-3 |
Pre-Trade Risk Controls |
Risk engine malfunction; limit file corruption; latency spike during high volatility |
Breach of risk appetite; exposure beyond limits; regulatory non-compliance |
Automated limit monitoring; daily risk parameter validation; independent risk oversight; cyber hardening of risk engine servers |
|
1-4 |
Trade Execution (Exchange-Traded) |
Exchange connectivity loss; DDoS attack; algorithm malfunction during volatility surge |
Trade execution failure; financial loss; reputational damage |
Multi-exchange connectivity; DDoS protection; kill-switch controls; algorithm testing under stressed market simulation |
|
1-5 |
Trade Execution (OTC / Structured Products) |
Counterparty system outage; pricing model error; data tampering |
Mispricing; failed trades; contractual disputes |
Independent price verification; model validation governance; encrypted deal capture systems; counterparty contingency agreements |
|
1-6 |
Algorithmic & Electronic Trading Management |
Rogue algorithm deployment; unauthorised code change; cyber intrusion into trading engine |
Market disruption; regulatory sanctions; financial loss |
Change management controls; segregation of duties; real-time algo monitoring dashboards; periodic red-team testing |
|
1-7 |
Trade Confirmation & Client Notification |
SWIFT/email server outage; confirmation system data mismatch |
Client disputes, delayed settlement, and reputational risk |
Automated reconciliation between trade blotter and confirmation engine; secure communication channels; disaster recovery testing |
|
1-8 |
Trade Capture & Booking |
Core trading ledger corruption; database ransomware attack |
Inaccurate books; P&L misstatement; audit findings |
Real-time replication; immutable backup storage; quarterly data restoration drills; database access controls |
|
1-9 |
Clearing & Settlement Processing |
Clearing house connectivity disruption, payment system outage, and cyberattack on the settlement platform |
Settlement failure; liquidity strain; penalties |
Alternate clearing routes; pre-funding liquidity buffer; SWIFT contingency arrangements; ICT recovery time objectives tested |
|
1-10 |
Custody & Safekeeping Coordination |
Custodian bank outage; asset misposting; cross-border settlement delay |
Asset segregation risk; regulatory breach |
Custodian SLA reviews; daily position reconciliation; contingency custodian arrangements; secure data exchange protocols |
|
1-11 |
Margin & Collateral Management |
Margin call calculation error; collateral valuation feed failure; market shock liquidity stress |
Under-collateralization; counterparty default risk |
Stress testing collateral under extreme volatility; automated margin recalculation; diversified collateral pool |
|
1-12 |
Corporate Actions Processing |
Corporate action event misinterpretation; vendor feed failure; data corruption |
Incorrect entitlement processing; financial loss to clients |
Dual-source corporate action feeds; maker-checker approval; automated entitlement reconciliation; vendor risk assessments |
|
1-13 |
Reconciliation & Exception Management |
Reconciliation engine outage; delayed exception resolution; cyber manipulation of records |
Unresolved breaks; financial misstatement; audit impact |
Daily automated reconciliation; exception escalation matrix; forensic audit logging; independent operations oversight |
|
1-14 |
Regulatory Reporting & Surveillance |
Surveillance system failure; trade reporting file corruption; regulatory gateway outage |
Late/misreported trades; regulatory fines |
Parallel reporting environment; automated validation checks; compliance monitoring dashboards; periodic regulatory simulation drills |
|
1-15 |
Business Continuity & System Recovery for Trading |
Primary data centre outage; ransomware attack; pandemic-related staff unavailability |
Trading halt; breach of impact tolerance; systemic disruption |
Tested DR site (RTO/RPO defined); cyber incident response plan; cross-trained staff; tabletop crisis simulation exercises |
By subjecting each Sub-CBS to severe but plausible cyber, ICT, operational, third-party, and market stress events, the Bank ensures its critical trading services remain within defined impact tolerances.
Importantly, scenario testing integrates cyber resilience, ICT recovery, liquidity preparedness, and governance oversight into a unified resilience framework.
Through structured testing, evidence gathering, and remediation tracking, Maybank Investment Bank demonstrates proactive risk management, regulatory alignment, and a strong operational resilience posture.
This approach strengthens stakeholder confidence, protects market integrity, and ensures continuity of securities trading and execution services even during major disruptions.
|
Designing a Resilient Investment Banking Model: The Maybank Investment Bank Journey |
||||||
| eBook 3: Starting Your OR Implementation |
||||||
| CBS-1 Securities Trading & Execution | ||||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST | eBook 2 |
| |
||||||
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|