![BB OR [C] 11](https://blog.bcm-institute.org/hs-fs/hubfs/BB%20OR%20%5BAi%20Gen%20Blog%20Photo%5D/OR%20Pictures%20A/BB%20OR%20Folder%20C/BB%20OR%20%5BC%5D%2011.jpg?width=2000&height=1333&name=BB%20OR%20%5BC%5D%2011.jpg "BB OR [C] 11")
Chapter 11
Establishing Impact Tolerance – Stage 3 of the Implement Phase of BSN’s Operational Resilience Planning Methodology
Introduction
As part of the Implement phase in the Operational Resilience Planning Methodology, the stage of “Establishing Impact Tolerance” is a critical milestone for Bank Simpanan Nasional (BSN) in safeguarding its essential services.
This stage focuses on determining the maximum tolerable level of disruption that BSN can endure before its services result in intolerable harm to customers, the financial ecosystem, or regulatory obligations.
Establishing impact tolerance empowers BSN to set realistic recovery objectives and design proportionate resilience measures aligned with its mission to provide accessible financial services to all Malaysians.
Understanding Impact Tolerance in the Context of BSN
Impact Tolerance refers to the point at which a disruption to a critical business service would cause intolerable harm to stakeholders or threaten the viability of the bank.
Unlike Recovery Time Objectives (RTOs), which focus on internal recovery capabilities, impact tolerance is externally oriented and reflects stakeholder expectations, regulatory compliance, and systemic stability.
For BSN, a development bank with a mandate to promote financial inclusion, the failure of services such as ATM network availability, online banking for benefit disbursement, or over-the-counter transactions in rural branches could significantly affect low-income and underserved communities.
Therefore, the bank’s impact tolerance thresholds must reflect not only financial risk but also social, reputational, and regulatory consequences.
Implementation Steps and Examples
Step 1: Identify Critical Business Services
Before setting impact tolerances, BSN must identify which business services are “critical” — those whose disruption would pose a risk to its customers, operations, or systemic stability.
Example:
BSN identifies “Government Aid Disbursement via MyBSN Platform” as a critical service. This platform is used to transfer monthly subsidies and welfare payments to beneficiaries.
Step 2: Define Harms and Consequences of Disruption
BSN must outline the types of harm that disruption could cause, including financial loss, legal breach, customer distress, reputational damage, and systemic impact.
Example:
A 24-hour disruption in the MyBSN Platform during aid disbursement cycles could lead to:
- Delay in financial support for over 2 million B40 households.
- Escalation of public complaints and social media backlash.
- Breach of contractual SLA with the Ministry of Finance.
- Loss of public confidence in BSN as a reliable government-linked bank.
Refer to the impact Types
Step 3: Determine Maximum Acceptable Duration of Disruption
This is the core of impact tolerance — defining the duration and extent of disruption BSN can tolerate before consequences become unacceptable.
Example:
BSN determines that a maximum impact tolerance of 6 hours is acceptable for any disruption to its aid disbursement service. Beyond this point, significant societal and regulatory harm is anticipated.
Refer to content in Table 11-2: Maximum Impact Tolerance
Step 4: Engage Internal and External Stakeholders
Gather input from operational teams, risk management, regulators (e.g., Bank Negara Malaysia), and key partners to validate the impact tolerance levels.
Example:
BSN’s operational risk committee collaborates with the Ministry of Finance to align the impact tolerance for the aid disbursement platform with national social safety net policies.
Step 5: Document and Calibrate Impact Tolerances
BSN must clearly record impact tolerance thresholds and align them with Business Continuity Plans, Incident Response procedures, and Service Level Agreements.
Example:
BSN documents impact tolerances in the Operational Resilience Register. For each critical business service, the associated tolerance levels are linked to corresponding recovery plans and tested through scenario simulations.
Step 6: Conduct Scenario Testing and Validate Thresholds
Validate impact tolerance thresholds through plausible disruption scenarios. Adjust tolerances if test results show excessive risk or impractical recovery times.
Example:
A scenario test simulating a cyber-attack on BSN’s MyBSN platform shows recovery within 4 hours. However, system-wide load testing reveals potential delays in peak periods. As a result, BSN tightens monitoring controls and revises capacity planning to meet the 6-hour tolerance.
Step 7: Integrate into Operational Resilience Framework
The established impact tolerances should drive prioritisation in BSN’s investment decisions, controls, third-party risk assessments, and resilience initiatives.
Example:
Impact tolerances inform the upgrade of BSN’s disaster recovery infrastructure and the procurement of high-availability cloud services for critical digital platforms.
Table 11-1: Critical Business Services and Their Impact Tolerance
|
CBS |
Critical Business Service |
Impact Tolerance (Max Tolerable Disruption) |
Key Factors Used to Derive Impact Tolerance |
|
CBS-1 |
Retail Banking Services |
24 hours |
- Daily transaction volumes - Customer dependency on over-the-counter services - Availability of alternative channels |
|
CBS-2 |
Government Aid and Disbursement Services |
6 hours |
- Number of recipients (e.g., B40 segment) - National disbursement schedule tied to social programmes - Reputational and regulatory obligations |
|
CBS-3 |
ATM and Self-Service Banking Infrastructure |
8 hours |
- Public reliance for cash withdrawals - Rural branch coverage - Cash management risk |
|
CBS-4 |
Digital Banking (myBSN Online and Mobile Banking App) |
4 hours |
- High user adoption for balance checks, transfers - Key service during non-branch hours - Real-time access expectations |
|
CBS-5 |
Loan Disbursement and Repayment Processing |
24 hours |
- Scheduled vs. real-time processing - Customer service commitments - Interdependency with regulatory and internal accounting systems |
|
CBS-6 |
Agent Banking (BSN Banking Agents) |
12 hours |
- Coverage in remote/underserved locations - Service level agreements with partners - Cash delivery/collection dependency |
|
CBS-7 |
Treasury and Liquidity Management |
4 hours |
- Real-time fund movement across BSN accounts - Interbank settlements and exposure management - Market risk implications |
|
CBS-8 |
Core Banking System (CBS Infrastructure) |
2 hours |
- System-wide dependency - Host to all real-time transactions - Foundation for all other CBSs |
|
CBS-9 |
Customer Complaint and Dispute Resolution |
48 hours |
- Service recovery and regulatory timelines - Ombudsman requirements - Escalation thresholds |
|
CBS-10 |
Regulatory Reporting and Compliance |
24–48 hours (depending on reporting cycle) |
- Report submission deadlines - Breach penalties - Bank Negara Malaysia (BNM) mandates |
Notes on Derivation Methodology
- Regulatory Requirements: Services linked to compliance and national mandates (e.g., CBS-2, CBS-10) have shorter tolerances to avoid legal and reputational consequences.
- Customer Impact: Tolerances consider the criticality of the service to customers’ financial well-being (e.g., CBS-1, CBS-4).
- Service Interdependency: Infrastructure services like CBS-8 (Core Banking) affect multiple downstream functions, requiring tight tolerances.
- Volume & Frequency: High-frequency services (e.g., ATM usage, online transfers) are given stricter tolerance due to widespread impact.
- Business Continuity Capabilities: Consideration of recovery and alternate delivery mechanisms (e.g., agent banking, digital channels).
Table 11-2: Maximum Impact Tolerance
|
CBS ID |
Critical Business Service |
Maximum Impact Tolerance |
Impact Types |
Key Justifications / Assumptions |
|
CBS-1 |
Retail Banking Services |
24 hours |
Customer, Operational, Reputational |
Customers can use alternative channels; branch operations can manage delays within 1 day |
|
CBS-2 |
Government Aid and Disbursement Services |
6 hours |
Social, Regulatory, Reputational |
Serves B40 population; tied to government aid timeline; failure impacts social stability |
|
CBS-3 |
ATM and Self-Service Banking Infrastructure |
8 hours |
Customer, Operational, Reputational |
ATM downtime affects cash access; alternative channels (branches, agents) are available temporarily |
|
CBS-4 |
Digital Banking (myBSN Online & Mobile App) |
4 hours |
Customer, Reputational, Financial |
High customer dependency; critical for 24/7 access; failure leads to high contact centre load |
|
CBS-5 |
Loan Disbursement and Repayment Processing |
24 hours |
Financial, Operational, Reputational |
Delays can be absorbed for 1 day before impacting credit assessments and customer service |
|
CBS-6 |
Agent Banking (BSN Banking Agents) |
12 hours |
Social, Customer, Operational |
Used in rural areas; moderate impact due to physical accessibility; SLA with agents provides a buffer |
|
CBS-7 |
Treasury and Liquidity Management |
4 hours |
Financial, Regulatory, Systemic |
Supports interbank settlements and liquidity control; a breach may impact market exposure |
|
CBS-8 |
Core Banking System (CBS Infrastructure) |
2 hours |
Systemic, Operational, Reputational, Financial |
Core system dependency across services; failure triggers crisis response; full functionality required |
|
CBS-9 |
Customer Complaint and Dispute Resolution |
48 hours |
Regulatory, Reputational, Legal |
Less time-sensitive; governed by SLA/regulatory timelines; reputational risk if unresolved for too long |
|
CBS-10 |
Regulatory Reporting and Compliance |
24–48 hours |
Regulatory, Legal, Reputational |
Reporting aligned with regulatory deadlines; varies by report frequency (daily/monthly/quarterly) |
Notes for Use:
- Maximum Impact Tolerance: The longest time a service can be disrupted before causing intolerable harm.
- Impact Types: Categorises the types of consequences from disruption.
- Justifications / Assumptions: Provides reasoning behind the tolerance, useful for audits, updates, and scenario validation.
Table 11-3: Impact Types by Critical Business Services – Bank Simpanan Nasional
|
CBS |
Critical Business Service |
Impact Types from Disruption |
|
CBS-1 |
Retail Banking Services |
- Customer dissatisfaction and loss of trust - Operational backlog at branches - Reputational damage - Reduced revenue from service fees |
|
CBS-2 |
Government Aid and Disbursement Services |
- Failure to deliver aid to vulnerable populations (B40) - Breach of service-level agreements with the government - Regulatory penalties - National reputational risk |
|
CBS-3 |
ATM and Self-Service Banking Infrastructure |
- Public inconvenience and cash access issues - Security risks (e.g., cash hoarding or theft) - Increased pressure on branches |
|
CBS-4 |
Digital Banking (myBSN Online and Mobile Banking App) |
- Customer frustration and attrition - Loss of digital transactions revenue - Surge in contact centre inquiries - Reputational and brand impact |
|
CBS-5 |
Loan Disbursement and Repayment Processing |
- Delays in fund release to individuals and SMEs - Late repayment posting affecting credit standing - Reconciliation errors - Regulatory reporting discrepancies |
|
CBS-6 |
Agent Banking (BSN Banking Agents) |
- Disruption to rural and unbanked populations - Partner dissatisfaction - Cash handling inefficiencies - Potential loss of outreach and inclusion credibility |
|
CBS-7 |
Treasury and Liquidity Management |
- Cash flow mismatch and liquidity shortfall - Market exposure and financial loss - Regulatory non-compliance - Systemic risk to internal and external parties |
|
CBS-8 |
Core Banking System (CBS Infrastructure) |
- Total service outage across BSN - Data integrity risks - Severe financial and operational disruption - Crisis communications with regulators and customers |
|
CBS-9 |
Customer Complaint and Dispute Resolution |
- Non-compliance with FSA or customer charter - Escalation to the financial ombudsman - Loss of customer trust - Reputational impact due to social media exposure |
|
CBS-10 |
Regulatory Reporting and Compliance |
- Non-compliance with regulatory timelines - Financial penalties - Audit findings and sanctions - Damage to BSN’s standing with Bank Negara Malaysia (BNM) |
Key Impact Type Categories Referenced:
- Customer Impact – inconvenience, trust erosion, dissatisfaction
- Financial Impact – revenue loss, penalties, liquidity challenges
- Reputational Impact – negative media, stakeholder confidence loss
- Operational Impact – service bottlenecks, data issues, backlog
- Legal/Regulatory Impact – compliance breaches, reporting failures
- Systemic/Social Impact – disruption to national or community-level services
Summing Up ...
Establishing impact tolerance provides Bank Simpanan Nasional with a structured understanding of how much disruption its critical services can endure without causing unacceptable harm.
This ensures that resilience efforts are targeted and measurable. By embedding these thresholds into its broader operational resilience framework, BSN not only enhances its ability to serve vulnerable populations during crises but also reinforces public trust in its reliability as a national financial institution.
Moving forward, regularly reviewing and testing these tolerances will be key to sustaining a resilient and responsive banking environment in Malaysia.
![[OR] [BSN] [E2] [C8] Five Stages of the "Implement" Phase](https://no-cache.hubspot.com/cta/default/3893111/bccc6742-067a-468a-bdc1-cbb2e1f67000.png)
![[OR] [BSN] [E2] [C9] Identifying Critical Business Services](https://no-cache.hubspot.com/cta/default/3893111/397bed2b-ad4e-4707-812a-3bd747fd4470.png)
![[OR] [BSN] [E2] [C10] Mapping of Processes and Resources](https://no-cache.hubspot.com/cta/default/3893111/23518034-ce47-4782-9a05-c9606b02cc91.png)
![[OR] [BSN] [E2] [C12] Performing Scenario Testing](https://no-cache.hubspot.com/cta/default/3893111/b2e7e3d2-0e92-460f-acdf-9dc193b02589.png)
![[OR] [BSN] [E2] [C13] Improving Lessons Learnt](https://no-cache.hubspot.com/cta/default/3893111/35a4faf2-ffcb-4e5f-9596-d90482e8e1fd.png)
Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.
More Information About Blended Learning OR-5000 [BL-OR-5] or OR-300 [BL-OR-3]
To learn more about the course and schedule, click the buttons below for the OR-3 Blended Learning OR-300 Operational Resilience Implementer course and the OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
