Back Custom print Link Text Only Rich Text Print

  • OM-3.3 OM-3.3 Other Systems and Controls

    • OM-3.3.1

      Licensees must ensure that appropriate measures are in place to promote adequate segregation of duties within electronic funds transfer and e-banking systems, databases and applications.

      Added: January 2020

    • OM-3.3.2

      Licensees must ensure that proper authorisation controls and access privileges are in place for electronic funds transfer and e-banking systems, databases and applications.

      Added: January 2020

    • OM-3.3.3

      Licensees must ensure that appropriate measures are in place to protect the data integrity of all transactions, records and information.

      Added: January 2020

    • OM-3.3.4

      Licensees must ensure that clear audit trails exist for all electronic funds transfer and e-banking transactions.

      Added: January 2020

    • OM-3.3.5

      Licensees must establish and document the log retention requirements, including the identification of the source of each request, time synchronization of all related systems and all meta-data related to each request.

      Added: January 2020

    • OM-3.3.6

      Licensees must take appropriate measures to preserve the confidentiality of information. Measures taken to preserve confidentiality must be commensurate with the sensitivity of the information being transmitted and/or stored in databases.

      Added: January 2020

    • OM-3.3.7

      Licensees must ensure that adequate information is provided on their websites to allow potential customers to make an informed conclusion about the licensee's identity and regulatory status of the licensee prior to entering into e-banking transactions.

      Added: January 2020

    • OM-3.3.8

      Licensees must take appropriate measures to ensure adherence to customer privacy requirements applicable to the jurisdictions to which the licensee is providing e-banking products and services.

      Added: January 2020

    • OM-3.3.9

      Licensees must have effective capacity, business continuity and contingency planning processes to help ensure the availability of e-banking systems and services.

      Added: January 2020

    • OM-3.3.10

      Licensees must develop appropriate incident response plans to manage, contain and minimise problems arising from unexpected events, including internal and external attacks, that may hamper the provision of e-banking systems and services.

      Added: January 2020

    • OM-3.3.11

      Licensees must have in place customer awareness communications, pre and post onboarding process, using video calls, short videos or pop-up messages, to alert and warn natural persons applying to open current or saving accounts, credit, debit or prepaid cards or digital wallets about the risk of electronic frauds, and emphasise the need to secure their personal account details and not share them with anyone, online or offline.

      Added: January 2021