In line with operational resilience principles and the concept of “Severe but Plausible Scenarios” as articulated in the BCM Institute methodology, this chapter identifies extreme yet credible disruption events that could materially impact CBS-1 Securities Trading & Execution.
Severe but plausible scenarios are not theoretical extremes; rather, they represent realistic, high-impact disruptions that financial institutions must be able to withstand within defined impact tolerances.
For Maybank Investment Bank, Securities Trading & Execution is a mission-critical service involving client onboarding, trade lifecycle processing, clearing and settlement, custody coordination, margining, reconciliation, regulatory reporting, and system recovery.
The scenarios below integrate operational, cyber, ICT, third-party, and market infrastructure risks to ensure holistic resilience planning, including proactive controls and evidence of preparedness.
Table P5: Identify Severe but Plausible Scenarios for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenario |
Impact / Effect |
Proactive Risk Management Action (Evidence) |
Link to Integration of Cyber & ICT Risks |
|
1-1 |
Client Onboarding for Trading |
Core KYC/AML system outage due to ransomware attack |
Inability to onboard new clients; regulatory breach risk |
Periodic cyber penetration testing; segregated onboarding environment; offline KYC fallback procedures; RTO defined |
Cyber attack on customer data systems; ICT resilience for onboarding platforms |
|
1-2 |
Order Capture & Validation |
OMS (Order Management System) failure during peak trading hours |
Orders cannot be captured or validated; revenue loss |
Active-active OMS architecture; real-time monitoring; manual order-taking protocol; DR drills |
ICT system resilience; network redundancy; application failover controls |
|
1-3 |
Pre-Trade Risk Controls |
Risk limit engine malfunction, causing incorrect limit validation |
Exposure to unauthorised risk positions |
Automated limit reconciliation; daily parameter review; independent risk oversight |
Cyber manipulation of risk parameters; data integrity controls |
|
1-4 |
Trade Execution (Exchange-Traded) |
Exchange connectivity disruption or DDoS attack |
Inability to execute client trades; market exposure risk |
Dual connectivity to exchange; alternative broker routing, market disruption playbooks |
DDoS resilience; telecom redundancy; exchange API security |
|
1-5 |
Trade Execution (OTC / Structured Products) |
Counterparty default during volatile market conditions |
Financial loss; settlement disputes |
Counterparty credit monitoring; CSA agreements; exposure limits; stress testing |
ICT systems supporting exposure calculation; secure communication channels |
|
1-6 |
Algorithmic & Electronic Trading Management |
Algorithm malfunction due to corrupted code deployment |
Erroneous trades; market abuse risk |
Pre-deployment testing; kill-switch controls; real-time trade surveillance; change governance logs |
Secure DevOps lifecycle; code integrity controls; privileged access management |
|
1-7 |
Trade Confirmation & Client Notification |
Messaging system outage or email server compromise |
Clients not informed of executed trades; dispute risk |
Automated confirmation reconciliation; SMS backup channel; secure messaging gateway |
Email server security, encryption, business communication platform resilience |
|
1-8 |
Trade Capture & Booking |
Trade capture system database corruption |
Inaccurate books and records |
Real-time data replication; hourly backup; reconciliation with front-office system |
Database integrity monitoring; backup encryption; ICT disaster recovery |
|
1-9 |
Clearing & Settlement Processing |
Central clearing house system failure or payment gridlock |
Failed settlements; liquidity stress |
Liquidity buffer monitoring; alternate settlement bank; settlement cut-off controls |
SWIFT security controls, payment gateway redundancy, and third-party infrastructure resilience |
|
1-10 |
Custody & Safekeeping Coordination |
Custodian bank cyber breach affecting securities records |
Client asset integrity concerns; reputational damage |
Custodian due diligence; periodic SOC report review; reconciliation frequency increase |
Third-party ICT risk management; secure data exchange protocols |
|
1-11 |
Margin & Collateral Management |
Extreme market volatility is causing the margin calculation system overload |
Margin shortfall; liquidity strain |
Stress testing, automated margin calls, collateral buffer policies |
Risk engine scalability; cloud resilience; cyber protection of collateral systems |
|
1-12 |
Corporate Actions Processing |
Failure to process high-volume corporate action due to a system error |
Incorrect entitlement allocation |
Maker-checker controls; automated CA feeds; reconciliation with custodian |
Secure API feeds; ICT monitoring of data feeds; third-party data risk |
|
1-13 |
Reconciliation & Exception Management |
Reconciliation tool failure during the month-end |
Undetected breaks; financial misstatement risk |
Independent reconciliation platform; escalation matrix; audit trail logs |
Data integrity assurance; access control; ICT monitoring |
|
1-14 |
Regulatory Reporting & Surveillance |
Regulatory reporting platform compromised or corrupted |
Regulatory breach; fines and penalties |
Pre-submission validation checks, dual control approval, and periodic compliance audit |
Secure regulatory reporting system; encryption; audit logging; cyber monitoring |
|
1-15 |
Business Continuity & System Recovery for Trading |
Primary data centre outage due to fire or major cyber incident |
Full trading disruption |
Secondary DR site (geographically separate); annual full failover testing; board-approved BCP |
ICT disaster recovery architecture; cyber incident response integration |
Across all Sub-CBS processes, severe but plausible scenarios are closely linked to cyber threats (ransomware, DDoS, insider threats), ICT infrastructure failures (data centre outage, network disruption, database corruption), third-party technology risk (custodians, exchanges, clearing houses), and digital system vulnerabilities (algorithmic trading platforms, regulatory reporting systems).
The integration ensures:
Identifying severe but plausible scenarios for CBS-1 Securities Trading & Execution enables Maybank Investment Bank to move beyond traditional business continuity planning into a proactive resilience posture.
By stress-testing each stage of the trade lifecycle against credible high-impact events—including cyberattacks, system failures, third-party disruptions, and extreme market volatility—the Bank strengthens its ability to remain within defined impact tolerances.
The integration of cyber and ICT risk considerations into every Sub-CBS ensures that resilience is not siloed but embedded across technology, people, processes, and external dependencies.
This structured scenario identification supports regulatory expectations, enhances client trust, and reinforces Maybank Investment Bank’s commitment to operational resilience in Malaysia’s capital markets ecosystem.
|
Designing a Resilient Investment Banking Model: The Maybank Investment Bank Journey |
||||||
| eBook 3: Starting Your OR Implementation |
||||||
| CBS-1 Securities Trading & Execution | ||||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST | eBook 2 |
| |
||||||
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|