Any prolonged disruption to its operations could have far-reaching consequences for customers, businesses, government agencies, and the overall financial stability of the Maldives.
In this context, effective Business Continuity Management (BCM) is not merely an operational requirement, but a strategic imperative.
By clearly defining the functions essential to delivering critical products and services, this chapter establishes the foundation for subsequent Business Impact Analysis (BIA), continuity strategy formulation, and recovery planning.
Readers will gain a structured understanding of which banking functions must be prioritised during disruptions and why their resilience is vital to maintaining public confidence, regulatory compliance, and uninterrupted financial services.
|
CBF Code |
Critical Business Function (CBF) |
Description of the Function |
Why This Function Is Critical (BCM Rationale) |
Primary Impact Areas |
Key ISO 22301 Alignment |
|
CBF-1 |
Retail & Corporate Banking Services |
Provision of deposit accounts, savings, loans, credit facilities, and customer account servicing for individuals and corporates. |
Disruption would immediately affect public access to funds, customer confidence, and financial stability across the Maldives. |
Financial, Regulatory, Reputational, Customer |
Clause 8.2 (Business Impact Analysis), Clause 8.3 (BC Strategy) |
|
CBF-2 |
Payment & Settlement Services |
Processing of domestic and international payments, fund transfers, ATM transactions, card payments, and clearing activities. |
Failure would halt cashless transactions nationwide, disrupt commerce, and trigger systemic financial risk. |
Financial, Operational, Reputational |
Clause 8.2.3 (Impact over Time), Clause 8.4 (BC Plans) |
|
CBF-3 |
ATM & Digital Banking Operations |
Operation of ATMs, internet banking, mobile banking, and digital payment platforms. |
These channels are essential for nationwide accessibility, especially across dispersed islands. |
Customer, Operational, Reputational |
Clause 8.3.2 (Resource Requirements), Clause 8.4.2 |
|
CBF-4 |
Treasury & Liquidity Management |
Management of liquidity, cash flow, interbank transactions, and foreign exchange activities. |
Ensures solvency, liquidity sufficiency, and compliance with central bank requirements during disruptions. |
Financial, Regulatory |
Clause 8.3 (BC Strategy), Clause 9.1 (Performance Evaluation) |
|
CBF-5 |
Core Banking System Operations |
Operation and availability of core banking systems supporting account management, transactions, and reporting. |
System unavailability would cascade across nearly all banking services. |
Operational, Financial, Regulatory |
Clause 8.3.3 (Technology), Clause 8.4 |
|
CBF-6 |
Customer Support & Call Centre Services |
Handling customer enquiries, complaints, fraud reporting, and service requests. |
Critical during crises to maintain trust, manage misinformation, and support affected customers. |
Reputational, Customer, Legal |
Clause 8.4.1 (Response Structure), Clause 7.4 (Communication) |
|
CBF-7 |
Credit Risk & Loan Management |
Monitoring credit exposure, loan approvals, repayments, restructuring, and recovery processes. |
Disruption could lead to unmanaged credit risk and regulatory noncompliance. |
Financial, Regulatory |
Clause 6.1 (Risk-Based Thinking), Clause 8.2 |
|
CBF-8 |
Compliance, AML & Regulatory Reporting |
Monitoring regulatory compliance, AML/CFT controls, sanctions screening, and statutory reporting. |
Failure exposes the bank to legal penalties, licence risk, and reputational damage. |
Legal, Regulatory, Reputational |
Clause 4.2 (Interested Parties), Clause 5.1 (Leadership Commitment) |
|
CBF-9 |
IT Infrastructure & Cybersecurity Operations |
Management of data centres, networks, cybersecurity monitoring, and system resilience. |
Technology failure or cyber incidents directly threaten service continuity and data integrity. |
Operational, Legal, Reputational |
Clause 7.1 (Resources), Clause 8.3.4 (ICT Continuity) |
|
CBF-10 |
Branch Operations & Cash Handling |
Operation of physical branches, teller services, and cash logistics across islands. |
Essential for financial inclusion, especially in locations with limited digital access. |
Customer, Financial, Operational |
Clause 8.2.2 (Maximum Acceptable Disruption), Clause 8.4 |
The identification of the Bank of Maldives’ Critical Business Functions is a cornerstone of an effective and compliant Business Continuity Management System.
The functions outlined in this chapter reflect the bank’s core service obligations, regulatory responsibilities, and operational dependencies, all of which must be sustained or recovered within acceptable timeframes during disruptive incidents.
By aligning these Critical Business Functions with ISO 22301 requirements, Bank of Maldives is positioned to conduct meaningful impact assessments, establish appropriate recovery objectives, and design proportionate continuity strategies that address both operational and systemic risks.
This clarity enables informed decision-making during crises, supports regulatory expectations, and reinforces the bank’s commitment to service continuity.
As subsequent chapters build on this foundation, the identified functions will serve as the reference point for developing resilient processes, technologies, and response capabilities that ensure the bank can continue to serve the nation under adverse conditions.
Ensuring Service Continuity and Compliance: ISO 22301 BCMS at Bank of Maldives
|
|||||
| eBook 1: Understanding Your Organisation: Bank of Maldives | |||||
| C1 | C2 [x] | C3 [x] | C4 [x] | C5 [x] | C6 [x] |
| C7 [x] | C8 [x] | C9 [x] | C10 | C11 [x] | C12 [x] |
|
If you have any questions, click to contact us.
|
||