![x [OR] [PBCOM] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/8411b9c7-8ede-4f5f-b20e-a2c6767234a0.png)
CBS-1 Retail Deposit & Account Services
Introduction
![[OR] [PBCOM] [E3] [CBS] [1] [ITo] Establish Impact Tolerances](https://no-cache.hubspot.com/cta/default/3893111/008171cf-041b-4253-89e1-cca9382c1802.png)
Establishing impact tolerance for CBS-1 Deposit and Account Services means defining the point at which a disruption to a deposit-related service becomes unacceptable for customers, the bank, or the wider financial system.
BCM Institute describes impact tolerance as the maximum tolerable level of disruption for a critical business service, defined using outcome-based measures such as downtime, data loss, customer harm, and other business impacts, rather than relying solely on recovery-time targets.
The methodology also recommends identifying impact types, setting tolerances for each type, aligning them to risk appetite, and documenting and reviewing them regularly.
For Philippine banks, this aligns directly with BSP Circular No. 1203, which requires BSFIs to identify critical operations and set a tolerance for disruption for each.
BSP says that, at a minimum, tolerance should include a time-based metric for restoring delivery before material risk arises, and should also consider other metrics, such as the maximum number of customers affected and the volume or value of affected transactions.
BSP further requires these tolerances to be tested against severe but plausible scenarios, reviewed and approved by the board, and monitored by assigned personnel or units.
PBCom’s public channels indicate that Deposit and Account Services are delivered through branch and ATM access, account opening, mobile banking, online fund access, and card-control features.
That makes CBS-1 highly customer-facing and suitable for a structured Sub-CBS impact-tolerance view. The table below is therefore a recommended operational resilience summary for PBCom, not a statement of PBCom’s internal approved thresholds.
![Banner [Table] [OR] [E3] Establish Impact Tolerance](https://no-cache.hubspot.com/cta/default/3893111/627c33a8-714d-40af-9a2b-0d7957fb8afa.png)
Table P4: Establish Impact Tolerance for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Maximum Tolerable Downtime (MTD) |
Maximum Tolerable Data Loss (MTDL) |
Customer Impact |
Regulatory Impact |
Impact Type |
Current Resilience Status |
Action Required |
|
1.1 |
Customer Onboarding and Account Application |
24 hours |
4 hours |
Delayed new account opening; moderate inconvenience |
Low to moderate if backlogs impair fair customer treatment or onboarding controls |
Service availability customer harm |
Moderate |
Provide manual capture fallback, alternate branch processing, and daily backlog clearing |
|
1.2 |
Customer Identification and Verification (KYC/CDD) |
8 hours |
1 hour |
Customers cannot complete onboarding; high delay sensitivity |
High, because KYC/CDD failures create AML/CFT and compliance risk |
Compliance / customer harm |
Moderate |
Implement offline verification procedures, alternate screening route, and escalation for deferred approvals |
|
1.3 |
Account Approval and Opening |
8 hours |
1 hour |
Customers cannot activate accounts or access newly opened relationships |
Moderate to high if controls are bypassed or approvals are delayed excessively |
Service availability / control failure |
Moderate |
Strengthen maker-checker backup, pre-approved fallback workflow, and urgent queue prioritization |
|
1.4 |
Initial Funding and Deposit Booking |
4 hours |
15 minutes |
Customers may deposit but not see funds correctly reflected; trust impact rises quickly |
High if posting errors or unavailable funds handling becomes material |
Financial / customer harm |
Moderate |
Ensure branch suspense procedures, same-day reconciliation, and alternate posting capability |
|
1.5 |
Product Setup and Account Parameter Maintenance |
24 hours |
4 hours |
Mostly indirect unless wrong settings affect pricing, limits, or access |
Moderate if incorrect terms, charges, or disclosures are applied |
Control / financial / compliance |
Moderate |
Tighten change control, maintain golden parameter baseline, and validate post-change outcomes |
|
1.6 |
Deposit Transactions Processing |
2 hours |
Near-zero to 15 minutes |
Severe impact: deposits, credits, transfers, and balance updates are disrupted |
High, as this is core deposit-taking activity and may affect broader confidence |
Service availability / financial / systemic |
Needs strengthening |
Prioritize active-active or rapid failover, transaction replay, and queue recovery procedures |
|
1.7 |
Withdrawal and Funds Access Processing |
1 hour |
Near-zero |
Severe and immediate customer harm because access to funds is impaired |
High, especially if large numbers of customers lose access to cash or balances |
Customer harm / liquidity access |
Needs strengthening |
Build alternate branch cash access, ATM/network contingency, and emergency access procedures |
|
1.8 |
Account Servicing and Customer Maintenance |
24 hours |
4 hours |
Moderate inconvenience for profile updates, maintenance requests, and service changes |
Moderate if customer records or notices become inaccurate |
Customer service / data integrity |
Moderate |
Maintain controlled manual servicing forms and timed batch update recovery |
|
1.9 |
Interest, Fees, and Charges Processing |
24 hours |
1 hour |
Usually delayed rather than immediate, but inaccurate charges cause complaints and trust issues |
Moderate to high if fees/interest are wrong or disclosures are breached |
Financial / conduct risk |
Moderate |
Introduce fee/interest validation checks and compensating adjustment workflow |
|
1.10 |
Statement, Passbook, and Balance Reporting |
24 hours |
1 hour |
Moderate to high impact; customers lose visibility of balances and history |
Moderate if reporting records are incomplete or customer evidence is impaired |
Information availability / customer harm |
Moderate |
Provide emergency balance inquiry channels and regenerate statements after recovery |
|
1.11 |
Digital Account Access Enablement |
4 hours |
15 minutes |
High impact for customers relying on mobile or online onboarding and access |
Moderate to high if authentication or security controls degrade |
Channel availability / customer harm |
Moderate |
Maintain alternate enrollment support, fallback OTP/authentication routes, and branch-assisted access |
|
1.12 |
ATM and Card-Based Access Management |
2 hours |
Near-zero |
High to severe; customers may lose cash access or card usability |
High if disruption is widespread or linked to third-party concentration risk |
Channel availability / customer harm |
Needs strengthening |
Increase ATM/network redundancy, alternate cash access, and urgent card blocking/replacement capability |
|
1.13 |
Account Reconciliation and Exception Handling |
End of day / 24 hours |
1 hour |
Indirectly at first, but unresolved breaks can lead to incorrect balances and disputes |
High if unreconciled items accumulate or financial/regulatory records are affected |
Data integrity / financial control |
Moderate |
Enforce daily cutoffs, aged-break thresholds, and rapid exception escalation |
|
1.14 |
Dormancy, Holds, and Account Restrictions Management |
8 hours |
30 minutes |
Wrong restrictions can deny legitimate access or fail to block improper access |
High because legal, fraud, and compliance controls may be compromised |
Control failure/customer harm / legal |
Moderate |
Add dual authorization backup, manual hold register, and urgent release/placement procedures |
|
1.15 |
Fraud Monitoring and Transaction Surveillance |
1 hour |
Near-zero |
Fast-rising harm if suspicious transactions continue undetected |
Very high due to fraud, AML, customer-protection, and reporting implications |
Fraud/compliance/customer harm |
Needs strengthening |
Maintain 24/7 alerting fallback, manual blocking authority, and critical-rule continuity during outages |
|
1.16 |
Complaints, Disputes, and Service Recovery |
24 hours |
4 hours |
High reputational impact if customers cannot report or resolve issues after a disruption |
Moderate to high if complaint handling standards are breached |
Conduct/reputation / customer harm |
Moderate |
Stand up disruption-era complaint triage, customer communications templates, and priority-case routing |
|
1.17 |
Regulatory Reporting and Compliance Monitoring |
24 hours to regulatory cutoff |
1 hour |
Usually, indirect customer impact, but failures can amplify trust issues |
Very high if reports, issue escalations, or compliance monitoring are missed |
Compliance / supervisory |
Moderate |
Predefine fallback reporting packs, manual sign-off chain, and regulator communication triggers |
|
1.18 |
Business Continuity and Service Recovery |
30 minutes to activate; 4 hours to stabilise priority services |
Near-zero for critical transaction data |
Enterprise-wide customer harm if the continuity response is delayed or ineffective |
Very high, because tolerance breaches, weak recovery, and governance failures affect all critical operations |
Resilience/ enterprise control |
Needs strengthening |
Define activation triggers, service-priority sequence, crisis communications, and recovery testing against BSP scenarios |
Regulatory requirements and examples for a Philippine bank
BSP Circular No. 1203 states that once a bank has identified its critical operations, those operations should drive the next steps of setting tolerance for disruption and mapping interconnections and interdependencies.
BSP requires clearly defined tolerances using quantitative and qualitative indicators, including at least a time-based metric, and says banks should also consider metrics such as the number of customers affected and the volume or value of disrupted transactions.
That fits CBS-1 particularly well because deposit-taking and withdrawal servicing are explicitly part of banking activities that, when disrupted, can cause material harm.
BSP also says tolerance for disruption should be tested against severe but plausible scenarios, used to assess resilience capabilities, and to drive improvements when tolerances are breached.
The Circular’s self-assessment questions ask whether the board approved the tolerance, whether the bank has a methodology for setting it, and whether responsible personnel or units have been assigned to monitor whether the bank is operating within tolerance.
For PBCom’s Deposit and Account Services, relevant scenario examples from BSP include a critical third-party failure, a disruption of payment and settlement systems, and a simultaneous or coordinated cyberattack or ransomware incident affecting multiple banks.
Those scenarios are especially relevant to Sub-CBS, such as deposit transaction processing, ATM and card access, fraud surveillance, digital access enablement, and service recovery.
BSP also expects BCM, incident response, and recovery planning to support the delivery of critical operations through disruptions and keep them within tolerance levels.
![Banner [Summing] [OR] [E3] Establish Impact Tolerance](https://no-cache.hubspot.com/cta/default/3893111/5e80e50f-5e3e-44ea-8c43-16bf42d4f3b5.png)
The impact-tolerance view for CBS-1 Deposit and Account Services should distinguish between Sub-CBS that can tolerate delay and those that cannot.
In practice, deposit transaction processing, withdrawals and funds access, fraud monitoring, ATM/card access, and continuity activation require the tightest tolerances because they are the most likely to create immediate customer harm, financial loss, or systemic concern if disrupted.
By contrast, onboarding, statements, routine maintenance, and some servicing functions can usually tolerate longer outages, provided controls remain intact, and customer backlogs are actively managed.
This approach is consistent with BCM Institute’s emphasis on outcome-based tolerances and BSP’s requirement to define acceptable levels of disruption using both time and non-time metrics.
For PBCom, the next practical step would be to validate these draft tolerances with business owners, operations, compliance, fraud, technology, digital banking, branch banking, and BCM teams, then test them against severe but plausible scenarios.
That is the point at which each draft entry in the table should be confirmed, tightened, or supported by new resilience measures, so the bank can remain within tolerance and reduce material harm to customers and the wider system.
![[OR] [PBCOM] Title Banner](https://no-cache.hubspot.com/cta/default/3893111/97a5a5ca-090f-4ff6-88e1-74f83df74b8a.png)
![[OR] [PBCOM] [E3] [CBS] [1] [DP] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/9ce02257-0280-4ea4-a5ad-4951ba0d07fd.png)
![[OR] [PBCOM] [E3] [CBS] [1] [MD] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/f33f70bb-40b6-4baa-8100-90b2b4b5c95e.png)
![[OR] [PBCOM] [E3] [CBS] [1] [MPR] Map Processes and Resources](https://no-cache.hubspot.com/cta/default/3893111/a9cd33e1-a816-4986-bb34-1447a7f67422.png)
![[OR] [PBCOM] [E3] [CBS] [1] [SuPS] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/e7d74cf4-d2d4-42b7-91ff-4f3940baee4a.png)
![[OR] [PBCOM] [E3] [CBS] [1] [ST] Perform Scenario Testing](https://no-cache.hubspot.com/cta/default/3893111/9beaea6d-89b2-41ea-893c-63c6c173b036.png)
Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
