![x [OR] [PBCOM] Legal Disclaimer Banner](https://no-cache.hubspot.com/cta/default/3893111/8411b9c7-8ede-4f5f-b20e-a2c6767234a0.png)
CBS-1 Deposit & Account Services
Introduction
![[OR] [PBCOM] [E3] [CBS] [1] [MD] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/f33f70bb-40b6-4baa-8100-90b2b4b5c95e.png)
For CBS-1 Deposit and Account Services, the dependency mapping should show how the service is delivered end-to-end, from customer initiation through processing, posting, access, monitoring, reporting, and recovery.
BCM Institute’s mapping guidance describes this as identifying the interconnections and interdependencies among people, processes, technology, facilities, information, and third-party service providers so that weaknesses and concentration risks can be understood before a disruption occurs.
BSP Circular No. 1203 takes the same direction for Philippine BSFIs: it expects banks to map critical operations end-to-end, identify the key resources that keep them running, and understand the dependencies that can affect service delivery during disruption.
For The Philippine Bank of Communications (PBCom), a practical dependency map for Deposit and Account Services should reflect the bank’s public operating channels, including account opening, branch and ATM access, mobile banking, access to funds via POP, and card control capabilities.
These public touchpoints strongly suggest that PBCom’s deposit service is delivered through an interconnected operating model spanning branch operations, customer servicing, compliance controls, digital channels, cards/ATM services, and supporting partners.
The table below is therefore a recommended operational resilience mapping model for PBCom’s CBS-1, not a claim about undisclosed internal system architecture.
![Banner [Table] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/8a44ad9d-681b-48ff-90b1-b994a1c12a64.png)
Table P2: Map Dependency for CBS-1
|
Sub-CBS Code |
Sub-CBS |
Dependency Type |
Dependency Detail (What/ Who is involved) |
Connectivity (How it connects/ interacts with the CBS or other components) |
|
People |
Branch sales officers, customer service officers, relationship managers, and contact centre staff |
Frontline staff initiates the deposit service by capturing customer intent, product choice, and application data for downstream KYC, approval, and account creation. |
||
|
Process |
Account opening workflow, product selection, document capture, consent taking, and initial screening |
Serves as the entry point to CBS-1 and feeds data to KYC/CDD, approval, account setup, and channel enablement. |
||
|
Technology |
Branch onboarding platform, digital account opening interface, document imaging, CRM/workflow tools |
Captures application records and transmits them to compliance review, CIF creation, and core deposit processing. |
||
|
Third Party |
ID verification utilities, courier/document delivery support, telecom/network providers |
Supports remote or assisted onboarding and ensures documents, connectivity, and external validations are available. |
||
|
People |
Compliance officers, branch operations staff, AML analysts, and onboarding reviewers |
Validate identity, customer risk profile, and documentary completeness before the account can be opened. |
||
|
Process |
KYC, CDD, sanctions screening, watchlist checks, beneficial ownership validation, customer risk rating |
Controls whether onboarding may proceed, be escalated, or be rejected; directly affects account approval and regulatory compliance. |
||
|
Technology |
KYC screening tools, AML systems, customer master file, document repository |
Receives customer data from onboarding and returns risk/clearance status to account approval and monitoring teams. |
||
|
Third Party |
External screening databases, government/industry verification sources |
Provides independent validation and screening inputs that strengthen regulatory compliance and fraud prevention. |
||
|
People |
Branch approvers, operations supervisors, compliance signatories, maker-checker reviewers |
Authorise the opening decision and ensure account controls, customer class, and approval limits are applied properly. |
||
|
Process |
Maker-checker approval, CIF creation, account number generation, product assignment |
Converts a validated application into a live account and triggers initial funding, statements, and channel setup. |
||
|
Technology |
Core banking/CASA platform, customer information file system, workflow engine |
Creates the official deposit account record that all later transactions, balances, fees, and reporting depend on. |
||
|
Third Party |
Network/service providers supporting connectivity or e-sign workflows |
Enable continuity of approval and account activation where remote or electronic processing is used. |
||
|
People |
Tellers, branch operations, treasury settlement support, and customer service staff |
Accept and validate initial cash, check, transfer, or clearing-based funding of newly opened accounts. |
||
|
Process |
Cash receipt, check acceptance, transfer posting, float/hold rules, booking, and validation |
Activates the account economically and links onboarding to balance availability, reconciliation, and fraud controls. |
||
|
Technology |
Teller platform, cash transaction system, core banking ledger, clearing/payment interfaces |
Post opening balances to the account and update available versus ledger balances for downstream use. |
||
|
Third Party |
Payment/clearing rails, correspondent institutions, armoured cash/logistics support |
External settlement and cash-handling services affect when funds become available and how exceptions are resolved. |
||
|
People |
Product management, deposit operations, system administrators, and branch operations control |
Maintain account features, limits, dormancy rules, interest basis, fee structures, and control parameters. |
||
|
Process |
Product configuration, parameter maintenance, limit setting, and authorisation matrix updates |
Provides the set of rules that govern account behaviour across transactions, fees, restrictions, and reporting. |
||
|
Technology |
Product table configuration in core banking, parameter libraries, and change control tools |
Drives system behaviour for all downstream processing, including postings, charges, statements, and restrictions. |
||
|
Third Party |
Vendors supporting core banking configuration or managed application services |
Changes by service providers may affect account functionality, making change governance and rollback capability critical. |
||
|
People |
Tellers, branch operations, back-office operations, transaction monitoring staff |
Execute and supervise routine deposits, credits, transfers, and ledger updates for customer accounts. |
||
|
Process |
Deposit posting, batch and real-time transaction processing, exception routing, and end-of-day balancing |
Forms the daily operating backbone of CBS-1 and feeds balances, statements, fraud rules, and reconciliation. |
||
|
Technology |
Core banking engine, teller system, digital channel interface, transaction switch, middleware |
Moves transactions between customer channels and the official deposit ledger in near real time or scheduled batches. |
||
|
Third Party |
Payment processors, telecom/network providers, and outsourced operations support were used |
External connectivity or processor failure can delay posting, create backlogs, or increase manual workarounds. |
||
|
People |
Tellers, branch cash custodians, ATM support teams, and branch approvers |
Facilitate over-the-counter withdrawals and controlled access to customer funds. |
||
|
Process |
Cash withdrawal workflow, signature/credential validation, balance verification, hold checking |
Connects customer access requests to balance controls, fraud checks, and channel authorisation logic. |
||
|
Technology |
Teller application, core banking balance engine, ATM/switch interface, channel authentication tools |
Confirms the available balance and restrictions before granting cash or debit access. |
||
|
Third Party |
ATM network operators, cash logistics providers, telecom providers |
Support customer access outside the branch and affect availability during outages or cash shortages. |
||
|
People |
Branch service teams, call centre, and back-office maintenance staff |
Handle changes to customer information, account status, contact details, and service requests. |
||
|
Process |
Customer data maintenance, account update workflow, request verification, and audit trail logging |
Keeps customer and account records accurate, ensuring statements, alerts, access rights, and compliance records remain reliable. |
||
|
Technology |
CRM, customer master maintenance tools, imaging/archive system, service request workflow |
Synchronises updates across customer records, digital channels, cards, and reporting systems. |
||
|
Third Party |
Messaging providers, document fulfilment vendors |
Support the delivery of notices, confirmations, and requested servicing outputs to customers. |
||
|
People |
Product operations, finance, deposit operations control, and system support |
Oversee rate changes, fee application logic, exception handling, and customer adjustments. |
||
|
Process |
Interest accrual, capitalisation, service charge computation, waiver, and reversal control |
Affects customer balances, product profitability, complaint handling, and financial reporting. |
||
|
Technology |
Core deposit engine, batch scheduler, rate tables, and fee configuration modules |
Calculates and posts recurring credits/debits based on product parameters and account activity. |
||
|
Third Party |
Vendors supporting rate feeds or managed application support |
External support issues can delay scheduled runs or require manual compensating adjustments. |
||
|
People |
Branch staff, operations reporting teams, customer service, print/mail support |
Produce and respond to customer requests for balances, statements, and transaction history. |
||
|
Process |
Statement generation, passbook update, report extraction, customer balance inquiry, and servicing |
Converts posted transaction data into customer-facing records and evidence for disputes and audits. |
||
|
Technology |
Statement engine, passbook printer/update devices, online balance inquiry tools, and archive repository |
Pulls data from core banking and delivers it to branches, mobile channels, or printed output. |
||
|
Third Party |
Print and mail vendors, SMS/email notification providers |
Influence the timeliness and availability of customer communications and the delivery of physical statements. |
||
|
People |
Digital banking operations, branch onboarding staff, customer support, and IT access administrators |
Enrol customers into mobile/online access and resolve activation issues. |
||
|
Process |
User registration, credential issuance, device binding, OTP/authentication setup, channel enrollment |
Extends CBS-1 delivery beyond branches and links deposit accounts to self-service access. |
||
|
Technology |
Mobile banking platform, online banking gateway, IAM/authentication services, API/middleware layer |
Connects live deposit accounts to PBCom’s digital channels and customer self-service functions. |
||
|
Third Party |
OTP/SMS providers, authentication vendors, cloud or managed hosting services were used |
Failure here can prevent login, enrollment, or secure transaction authorisation even if the core account remains available. |
||
|
People |
Card operations, ATM support teams, fraud staff, and branch customer service |
Issue, replace, block, and monitor debit card access associated with deposit accounts. |
||
|
Process |
Card issuance, PIN management, activation, blocking, replacement, and limit maintenance |
Provides a customer-access route to deposit balances and interacts with fraud monitoring and complaint handling. |
||
|
Technology |
Card management system, ATM switch, PIN/authentication controls, card-control platform |
Links the deposit account to card credentials and ATM channel transactions. |
||
|
Third Party |
Card personalisation vendors, network schemes, and ATM service providers |
External partners affect issuance turnaround, authorisation routing, and channel uptime. |
||
|
People |
Operations control, finance, branch operations, settlement, and recon analysts |
Review unmatched items, breaks, suspense entries, and posting discrepancies. |
||
|
Process |
Daily balancing, suspense management, transaction investigation, correction, and adjustment workflow |
Restores ledger integrity and ensures that downstream statements, fees, and regulatory records are accurate. |
||
|
Technology |
Reconciliation tools, core ledger reports, exception queues, and settlement matching utilities |
Compare branch, channel, switch, and ledger records to identify breaks that require remediation. |
||
|
Third Party |
External clearing/switch reports, vendor-managed recon platforms |
Third-party data feeds are needed to validate end-to-end completeness and timing of transaction records. |
||
|
People |
Compliance, branch operations, legal support, and deposit operations control |
Decide and administer restrictions such as holds, freezes, dormancy controls, and release actions. |
||
|
Process |
Dormancy tagging, hold placement, lien/restriction maintenance, release/override approval |
Protects the bank and customers by controlling access based on legal, compliance, or inactivity conditions. |
||
|
Technology |
Core banking restriction codes, case management tools, and customer master controls |
Restriction flags interact with withdrawals, digital access, card usage, and account servicing. |
||
|
Third Party |
External legal notices, law enforcement/judicial communications, outsourced records support |
External instructions may trigger holds or releases, thereby affecting account availability. |
||
|
People |
Fraud analysts, AML monitoring teams, security operations, and branch escalation contacts |
Monitor unusual account activity and coordinate controls, blocking, investigation, and escalation. |
||
|
Process |
Fraud rule monitoring, alert triage, customer confirmation, temporary blocking, and investigation workflow |
Protects CBS-1 from losses and customer harm while addressing restrictions, complaints, and regulatory reporting. |
||
|
Technology |
Fraud monitoring engine, AML surveillance, card/channel monitoring tools, case management |
Consumes transaction and channel data from deposit, ATM, and digital systems to identify anomalous behaviour. |
||
|
Third Party |
Fraud intelligence feeds, card network alerts, and managed security providers were used |
External threat indicators improve the detection of broader attack campaigns and compromised credentials. |
||
|
People |
Contact centre, branch service teams, dispute resolution officers, operations managers |
Receive complaints, investigate disputes, and implement service correction or goodwill remedies. |
||
|
Process |
Case intake, investigation, turnaround tracking, customer communication, corrective posting, or reversal |
Links failures in any Sub-CBS back to customer impact and reputational recovery. |
||
|
Technology |
CRM/case management, call centre systems, complaint tracking tools, evidence archive |
Aggregates transaction, statement, fraud, and channel information needed to resolve issues end-to-end. |
||
|
Third Party |
Network partners, card processors, print/mail, or messaging providers |
Third-party evidence and response timing often determine the speed and completeness of resolution. |
||
|
People |
Compliance, AML officers, regulatory reporting teams, and senior management oversight |
Monitor adherence to rules and prepare required returns, issue escalations, and management reporting. |
||
|
Process |
Regulatory return preparation, exception review, AML/compliance reporting, policy monitoring |
Converts account, transaction, KYC, fraud, and service data into supervisory and management outputs. |
||
|
Technology |
Compliance reporting platforms, data warehouses, MIS/reporting tools, document repositories |
Draws from core banking, KYC, fraud, and reconciliation systems to produce supervisory information. |
||
|
Third Party |
Regulatory portals, external data/reporting utilities, and audit support providers |
External interfaces support submission, validation, and independent review of compliance outputs. |
||
|
People |
Business continuity coordinators, IT disaster recovery teams, crisis management teams, and business owners |
Coordinate continuity responses, workarounds, recovery priorities, and stakeholder communications for CBS-1. |
||
|
Process |
Incident response, alternate processing, manual workaround, service restoration, recovery communication, lessons learned |
Provides the cross-cutting recovery layer that protects all prior Sub-CBS when disruptions affect people, processes, technology, or third parties. |
||
|
Technology |
DR environment, backup infrastructure, alternate connectivity, resilience monitoring, and incident tools |
Supports the restoration of account servicing, transaction processing, channels, and reporting within an acceptable disruption tolerance. |
||
|
Third Party |
Alternate site providers, telecom carriers, cloud/hosting partners, critical service vendors |
The resilience of third parties directly affects the bank’s ability to restore customer access and maintain service within tolerance. |
Regulatory Requirements and Examples Relevant to the Mapping
BSP Circular No. 1203 expects BSFIs to identify critical operations, set tolerance for disruption, determine severe but plausible scenarios, and then map interconnections and interdependencies end-to-end.
The Circular expressly says banks should identify the resources that keep critical operations running, including people, processes, technology, information, facilities, and resources under third-party service arrangements.
In the self-assessment annex, BSP also asks whether the BSFI has identified the personnel responsible for mapping, mapped the interconnections and interdependencies, identified the key sources and resources supporting the mapping, considered third-party involvement, identified vulnerabilities from the mapping exercise, and kept the mapping up to date.
For a Philippine bank such as PBCom, the regulator’s examples are directly relevant to Deposit and Account Services. BSP strongly encourages severe but plausible scenarios such as the “Big One”, a severe typhoon, failure of a critical third-party service provider, disturbance in payment and settlement systems, and a simultaneous or coordinated cyberattack/ransomware incident affecting multiple banks.
-BSP also expects banks to assess the substitutability of critical third parties, including the option to revert to in-house arrangements, and to integrate BCM, incident response, recovery planning, and testing with critical operations and disruption tolerance.
In practical terms, for CBS-1, that means mapping must show not only normal operations but also fallback paths for account opening, transaction posting, ATM/card access, digital login, reconciliations, and customer servicing when a major dependency fails.
![Banner [Summing] [OR] [E3] Map Dependency](https://no-cache.hubspot.com/cta/default/3893111/d9c4296b-54cd-48e0-ae66-b7f4a8a03ff7.png)
The dependency map for CBS-1 Deposit and Account Services should be read as a resilience tool, not just a process inventory.
Its value lies in revealing where PBCom’s customer-facing service depends on a small number of people, a single process checkpoint, a fragile technology component, or a concentrated third-party relationship.
That is exactly the purpose described by BCM Institute’s mapping approach and reinforced by BSP Circular No. 1203: to understand end-to-end delivery, identify vulnerabilities, and prioritise action before disruption turns into material customer harm. (BCM Institute Blog)
For PBCom, the most important next step after preparing this map would be to validate it with business owners, operations, compliance, IT, digital banking, card operations, fraud, and continuity teams; identify single points of failure; and align the findings to disruption tolerance, scenario testing, third-party resilience expectations, and recovery playbooks.
In BSP terms, the map should remain dynamic, regularly updated, and linked to vulnerability assessment, change management, BCM, and testing so that Deposit and Account Services can continue, degrade safely, or recover quickly under severe but plausible events.
If you want this converted next into a Map Processes and Resources table or an Impact Tolerance table for the same CBS, I’ll keep the same Sub-CBS structure.
![[OR] [PBCOM] Title Banner](https://no-cache.hubspot.com/cta/default/3893111/97a5a5ca-090f-4ff6-88e1-74f83df74b8a.png)
![[OR] [PBCOM] [E3] [CBS] [1] [DP] Deposit and Account Services](https://no-cache.hubspot.com/cta/default/3893111/9ce02257-0280-4ea4-a5ad-4951ba0d07fd.png)
![[OR] [PBCOM] [E3] [CBS] [1] [MPR] Map Processes and Resources](https://no-cache.hubspot.com/cta/default/3893111/a9cd33e1-a816-4986-bb34-1447a7f67422.png)
![[OR] [PBCOM] [E3] [CBS] [1] [ITo] Establish Impact Tolerances](https://no-cache.hubspot.com/cta/default/3893111/008171cf-041b-4253-89e1-cca9382c1802.png)
![[OR] [PBCOM] [E3] [CBS] [1] [SuPS] Identify Severe but Plausible Scenarios](https://no-cache.hubspot.com/cta/default/3893111/e7d74cf4-d2d4-42b7-91ff-4f3940baee4a.png)
![[OR] [PBCOM] [E3] [CBS] [1] [ST] Perform Scenario Testing](https://no-cache.hubspot.com/cta/default/3893111/9beaea6d-89b2-41ea-893c-63c6c173b036.png)
Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
