[OR] [WFP] [E3] [CBS] [1] [ITo] Establish Impact Tolerances

Wells Fargo’s Philippines organisation forms part of the company’s Asia Pacific and India & Philippines delivery network, supporting a broad portfolio across business operations, corporate functions, and technology.

Wells Fargo states that its India & Philippines organisation supports most of the company’s lines of business, with Manila as one of its strategic delivery locations.

That makes payment and transaction processing a reasonably critical business service for operational resilience analysis, particularly where service continuity, risk management, and infrastructure support are tightly linked.

Under BSP Circular No. 1203, BSFIs are expected to identify critical operations, set tolerance for disruption, map interconnections and interdependencies, and test those tolerances against severe but plausible scenarios.

The Circular also says that tolerance settings must include, at a minimum, a time-based metric and should consider other metrics, such as the number of customers affected and the volume and value of affected transactions; it further requires board review and approval of the criteria used.

BCM Institute’s impact tolerance guidance is consistent with this, describing impact tolerance as the maximum tolerable level of disruption to a critical business service and recommending that organisations define impact types, set tolerances, link them to risk appetite, document them, and review them regularly.

Purpose of the Chapter

This chapter proposes recommended impact tolerances for each Sub-CBS under CBS-1 Payment & Transaction Processing for Wells Fargo Philippines.

The tolerances below are management benchmarks for operational resilience design, not Wells Fargo-disclosed internal thresholds.

They are intended to help the reader understand how to translate regulatory expectations into measurable recovery limits, data-loss expectations, customer and regulatory harm indicators, and resilience improvement actions for a payment-processing environment.

The chapter also helps connect impact tolerance decisions to scenario testing, third-party dependency oversight, and incident response planning.

Table P4: Establish Impact Tolerance for CBS-1

Sub-CBS Code	Sub-CBS	Maximum Tolerable Downtime (MTD)	Maximum Tolerable Data Loss (MTDL)	Customer Impact	Regulatory Impact	Impact Type	Current Resilience Status	Action Required
1.1	Payment Initiation and Capture	30 mins	Near-zero; ≤ 5 mins	Customers unable to submit payments; queue buildup across channels	Medium-High if payment instructions are delayed or lost	Service availability/ transaction integrity	Moderate	Harden channel failover, add capture-queue resiliency, validate manual fallback
1.2	Customer Authentication and Authorization	15 mins	Zero for auth decisions; ≤ 1 min session-state loss	Customers are locked out or unable to authorise time-sensitive payments	High due to fraud, access-control, and security exposure	Security/access/customer harm	Moderate	Strengthen MFA redundancy, token service failover, privileged access controls
1.3	Payment Validation and Compliance Screening	20 mins	Zero screening result loss	Delayed payment release; possible false holds	Very High due to sanctions, AML, and screening-control failure	Regulatory / compliance / financial crime	Needs strengthening	Implement active-active screening, rules synchronization, and evidence logging
1.4	Transaction Routing and Network Integration	15 mins	≤ 1 min	Payments unable to reach internal or external rails	High where routing failure causes missed settlement windows	Connectivity/market infrastructure	Moderate	Diversify network paths, pre-approved alternate routing, monitor rail connectivity
1.5	Funds Availability Check and Reservation	20 mins	Zero balance-reservation loss	Incorrect declines, duplicate reservations, and overdraft exposure	High because financial accuracy and customer fairness are affected	Financial integrity/customer harm	Moderate	Improve core balance-service resilience and reconciliation triggers
1.6	Payment Processing and Execution	15 mins	Zero executed-payment loss	Failed or duplicated payments; direct customer disruption	Very High for payment execution breakdown on critical operations	Execution / financial / customer harm	Needs strengthening	Add execution controls, duplicate-payment prevention, real-time restart procedures
1.7	Interbank Clearing and Settlement Processing	1 hour	Zero settlement-file loss	Delayed clearing, downstream payment delays	Very High due to market, clearing, and settlement obligations	Financial system / regulatory / liquidity	Moderate	Protect clearing interfaces, cut-off management, settlement contingency playbooks
1.8	Cross-Border Payment Processing	2 hours	≤ 5 mins for non-finalized items; zero for finalized transactions	Delayed international payments, FX, and beneficiary issues	Very High due to sanctions, correspondent, and cross-border obligations	Cross-border/compliance / reputational	Needs strengthening	Enhance correspondent fallback, FX-rate controls, and cross-border exception workflows
1.9	Transaction Monitoring and Fraud Detection	30 mins	≤ 5 mins alerting lag	Fraudulent activity may go undetected; customer losses may rise	Very High due to fraud risk and control weakness	Fraud/security/customer harm	Moderate	Improve real-time analytics resilience and alert backlog recovery
1.10	Exception Handling and Repair Processing	4 hours	≤ 15 mins	Backlogs in rejected, suspended, or malformed payments	Medium-High if unresolved items affect customer outcomes or reporting	Operational backlog/service recovery	Moderate	Expand repair teams, workflow automation, aged-item escalation
1.11	Reconciliation and Ledger Balancing	End of business day; max 8 hours	Zero ledger data loss	Customers may see posting discrepancies later	High due to financial statement and control implications	Financial integrity/accounting	Moderate	Tighten automated reconciliation, break management, and suspense-account controls
1.12	Payment Status Notification and Reporting	4 hours	≤ 15 mins	Customers and operations lose visibility into the payment state	Medium if service-impact communications are delayed	Communication/transparency	Moderate	Add resilient notification channels and reporting cache
1.13	Customer Dispute and Claims Handling	1 business day	≤ 30 mins	Slow complaint handling; potential customer dissatisfaction	Medium-High due to complaints-handling and restitution expectations	Conduct/customer fairness / reputational	Moderate	Define surge procedures, evidence retention, and claims triage rules
1.14	Regulatory Reporting and Compliance Monitoring	4 hours for critical reports; otherwise by regulatory deadline	Zero reportable data loss	Limited immediate retail impact but high institutional risk	Very High for missed, inaccurate, or late reporting	Regulatory/legal / governance	Needs strengthening	Build reporting lineage, maker-checker controls, regulatory deadline dashboard
1.15	Liquidity and Settlement Risk Management	30 mins	Zero liquidity-position loss	Payment queues or settlement delays can affect many customers	Very High due to prudential, liquidity, and settlement exposure	Liquidity / prudential/systemic	Needs strengthening	Improve treasury data resilience, intraday liquidity dashboards, contingency funding triggers
1.16	Third-Party and Correspondent Bank Coordination	2 hours	≤ 15 mins for coordination records	Delays where external providers or correspondent banks are involved	High because third-party failure can disrupt critical operations	Third-party / dependency/service continuity	Needs strengthening	Update exit and substitution strategies, strengthen SLAs and contact trees
1.17	System Availability and Infrastructure Support	15 mins for critical production services	Near-zero; ≤ 1 min for non-transaction telemetry	Broad payment disruption across channels and operations	Very High because infrastructure underpins all critical operations	Technology/infrastructure / systemic	Moderate	Increase active-active resilience, recovery drills, observability, cyber hardening
1.18	Incident Response and Service Recovery	15 mins to mobilise; 1 hour to stabilise priority service	Zero incident log loss; ≤ 5 mins diagnostic data lag	Prolonged disruption if response is slow or uncoordinated	Very High, where delayed response breaches tolerance for disruption	Crisis response/resilience governance	Moderate	Refine playbooks, command structure, communication protocols, and exercise cadence

Regulatory Requirements and Philippine Banking Examples

BSP Circular No. 1203 makes several points especially relevant to this chapter.

First, identified critical operations should drive the next steps of setting tolerance for disruption and mapping interconnections and interdependencies.

Second, the tolerance must include at least a time-based measure, but should also consider broader impact metrics such as customers affected and transaction values.

Third, those tolerances should be tested against severe but plausible scenarios.

Fourth, third-party arrangements affecting critical operations must specify how services will be maintained during disruption or how exit/substitute arrangements will work.

For a Philippine bank, this means that a Sub-CBS such as Payment Processing and Execution would typically warrant a very short MTD, as failed or duplicate payments can quickly harm customers and trigger broader operational and regulatory issues.

Likewise, Payment Validation and Compliance Screening should normally have a near-zero tolerance for screening-result loss, as a service may resume only if sanctions, AML, and fraud controls remain effective.

For Third-Party and Correspondent Bank Coordination, the BSP guidance supports requiring documented substitution and exit arrangements, particularly where dependencies on clearing, messaging, telecoms, cloud, or correspondent banks could prevent the bank from maintaining service within tolerance.

These examples are inferred from the Circular’s requirements and are presented as good-practice interpretations rather than regulator-issued numeric thresholds.

Establishing impact tolerance for CBS-1 Payment & Transaction Processing turns operational resilience from a broad principle into a set of measurable service commitments.

For Wells Fargo Philippines, the most critical Sub-CBS generally warrant very low tolerance for downtime and near-zero tolerance for transaction data loss because payment disruptions can rapidly affect customers, compliance obligations, liquidity, and the wider payment ecosystem.

This is consistent with BSP Circular No. 1203’s emphasis on protecting critical operations, setting defined disruption tolerances, understanding dependencies, and testing resilience under severe but plausible conditions.

The table should therefore be used as a working management baseline for further validation by business, operations, technology, compliance, treasury, and third-party risk owners.

The next step is to confirm these tolerances through scenario testing, control validation, dependency mapping, and board-approved remediation priorities so that resilience capability is demonstrably aligned with the institution’s risk appetite and regulatory expectations.

Wells Fargo Title Banner

eBook 3: Starting Your OR Implementation
CBS-1 Payment & Transaction Processing
CBS-1 DP	CBS-1 MD	CBS-1 MPR	CBS-1 ITo	CBS-1 SuPS	CBS-1 ST

Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.

More Information About OR-5000 [OR-5] or OR-300 [OR-3]

To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.