[OR] [WFP] [E3] [CBS] [1] [SuPS] Identify Severe but Plausible Scenarios

In alignment with the expectations of Bangko Sentral ng Pilipinas under BSP Circular No. 1203, financial institutions are required to identify severe but plausible (SbP) scenarios that could disrupt their critical business services.

For CBS-1 Payment & Transaction Processing, these scenarios must reflect high-impact, low-frequency events that test the institution’s ability to remain within defined impact tolerances.

Drawing from the BCM Institute’s operational resilience methodology, SBP scenarios incorporate disruptions across technology, cyber threats, third-party dependencies, and operational failures, ensuring integration with Cyber and ICT Risk Management frameworks.

The table below outlines recommended SBP scenarios for each Sub-CBS, including expected impacts, proactive mitigation measures, and linkages to cyber resilience.

Table P5: Identify Severe but Plausible Scenarios for CBS-1

Sub-CBS Code	Sub-CBS	Severe but Plausible Scenario	Impact / Effect	Proactive Risk Management Action	Link to Integration of Cyber and ICT Risks
1.1	Payment Initiation and Capture	Prolonged outage of digital banking channels due to front-end system failure	Customers are unable to initiate payments; backlog accumulation	Implement multi-channel redundancy (branch, mobile, API); real-time monitoring	Digital channel resilience, DDoS protection
1.2	Customer Authentication and Authorization	Compromise of the authentication system (e.g., MFA bypass attack)	Unauthorised transactions; reputational damage	Strengthen MFA, adaptive authentication, and anomaly detection	Identity & Access Management (IAM), cybersecurity controls
1.3	Payment Validation and Compliance Screening	Failure of the AML screening engine during peak processing	Non-compliant transactions processed; regulatory breach	Deploy failover AML systems; real-time screening validation checks	RegTech resilience, data integrity controls
1.4	Transaction Routing and Network Integration	SWIFT or payment gateway connectivity disruption	Payment delays or failures across networks	Establish alternate routing channels; network redundancy	Network resilience, secure communication protocols
1.5	Funds Availability Check and Reservation	Core banking database latency or corruption	Incorrect balance validation; transaction rejection	Database replication; real-time integrity checks	Data resilience, database security controls
1.6	Payment Processing and Execution	Batch processing engine failure during high-volume period	Delayed or failed transaction execution	Active-active processing setup; workload balancing	Application resilience, system performance monitoring
1.7	Interbank Clearing and Settlement Processing	Clearing house outage or settlement delay	Liquidity strain; settlement risk exposure	Pre-funded accounts; contingency settlement arrangements	Financial market infrastructure (FMI) resilience
1.8	Cross-Border Payment Processing	Geopolitical disruption affecting correspondent banks	Cross-border transaction failures; customer dissatisfaction	Diversify correspondent banking network; contingency routing	Third-party risk, geopolitical risk monitoring
1.9	Transaction Monitoring and Fraud Detection	Failure of the fraud detection engine due to a system crash	Increased fraud losses; undetected suspicious activities	AI-based backup monitoring; manual review escalation	Cyber fraud analytics, threat intelligence integration
1.10	Exception Handling and Repair Processing	Surge in transaction exceptions due to upstream failure	Processing backlog; delayed customer resolution	Automated exception workflows; surge staffing plans	Workflow system resilience, operational risk controls
1.11	Reconciliation and Ledger Balancing	Reconciliation engine failure or data mismatch	Financial misstatements; regulatory reporting errors	Daily automated reconciliation; independent validation checks	Data integrity, audit trail controls
1.12	Payment Status Notification and Reporting	Notification service outage (SMS/email/API)	Customers are unaware of the transaction status	Multi-channel notification redundancy; status dashboards	Communication system resilience
1.13	Customer Dispute and Claims Handling	Case management system outage during dispute surge	Delayed resolution; customer dissatisfaction	Manual fallback procedures; distributed case handling teams	CRM system resilience, data protection
1.14	Regulatory Reporting and Compliance Monitoring	Failure to generate timely regulatory reports due to system issues	Regulatory penalties; compliance breaches	Automated reporting pipelines; regulatory reporting backup systems	Regulatory technology (RegTech), data governance
1.15	Liquidity and Settlement Risk Management	Liquidity monitoring system failure during market stress	Inability to manage settlement obligations	Real-time liquidity dashboards; stress testing scenarios	Treasury system resilience, financial risk systems
1.16	Third-Party and Correspondent Bank Coordination	Critical vendor outage (e.g., payment processor or SWIFT service bureau)	Disruption of the payment processing chain	Third-party redundancy; contractual SLAs with recovery requirements	Third-party cyber risk management
1.17	System Availability and Infrastructure Support	Data centre outage due to power or environmental failure	Full service disruption; system downtime	Active-active data centres; disaster recovery (DR) testing	Infrastructure resilience, DR, and backup systems
1.18	Incident Response and Service Recovery	Delayed incident detection and response to cyberattack	Extended downtime; increased impact severity	24/7 SOC monitoring; incident response playbooks; regular drills	Cyber resilience, incident response capability

The identification of severe but plausible scenarios enables Wells Fargo Philippines to rigorously test the resilience of its Payment & Transaction Processing services against extreme but credible disruptions.

In line with BSP Circular No. 1203, these scenarios support the institution in validating its ability to remain within impact tolerances and ensure continuity of critical services.

By integrating Cyber and ICT risk considerations, strengthening third-party risk management, and implementing proactive controls, the organisation enhances its preparedness against evolving threats.

Ultimately, these scenarios form the foundation for scenario testing, continuous improvement, and regulatory compliance, reinforcing a resilient and customer-centric financial ecosystem.

Wells Fargo Title Banner

eBook 3: Starting Your OR Implementation
CBS-1 Payment & Transaction Processing
CBS-1 DP	CBS-1 MD	CBS-1 MPR	CBS-1 ITo	CBS-1 SuPS	CBS-1 ST

Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.

More Information About OR-5000 [OR-5] or OR-300 [OR-3]

To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.