UBI AML RFP

  • Upload
    zamanbd

  • View
    216

  • Download
    0

Embed Size (px)

Citation preview

  • 8/18/2019 UBI AML RFP

    1/9

     Annexure – C (Technical Compliance Sheet)Please specify S/C in the table below to indicate how the solution meets the Banksrequirement.All the below requirements are mandatory. The bidder has to specify complied by markingS Standard!. "f any of the technical specification is not complied by the bidder then itshould be customi#ed without any e$tra cost. Such point shall be marked as CCustomi#ed!.

    S. %o  Technical Specifcation ComplyS/C!& The system should be three tier 'eb/App/(B! web based and should

    able to support simultaneous use of the system by multiple users.A)ailable

    * The proposed solution should be able to increase or decrease processingresources as per business needs+ without the necessity of re,writingcode+ or undertaking other ma-or efforts.

    A)ailable

    The Proposed Solution should be able to store data as per Banksretention policy. (uring this period+ (ata recall should not require anyadditional coding or additional retrie)al procedure. The archi)al andretrie)al programs should facilitate easier analysis of old data.

    A)ailable

    The system should be able to archi)e transactional database records.Archi)ed data should always be a)ailable in the system. The user at allpoints of time should be able to access and print archi)ed data.

    A)ailable

    0 System should support archi)ing of data that are beyond a specifiedtime hori#on. This should be parameteri#able.

    A)ailable

    1 2$port of data to secondary storage de)ice should be supported by thesystem.

    A)ailable

    3 The system should be able to pro)ide intuiti)e and current onlinedocumentation.

    A)ailable

    4 The system should ha)e flat file import/e$port functionality to e$porttransaction data and static data in the following formats and as per the

    regulatory requirements5 6icrosoft 2$cel 7ormat .89S/.89S8! 6icrosoft'ord 7ormat .(:C/.(:C8! Comma separated )alues .CS;!Te$t file .T8T!+ P(7+ 869 etc

    A)ailable

    < The proposed solution should allow users to be controlled creation+acti)ation+ deacti)ation+ deletion etc.! by a specific administrator.

    A)ailable

    &= Addition of features should be allowed only through a properly re)isedupgrade and data migration method.

    A)ailable

    && The system should enable profiling of users and definition of controlle)els > passwords.

    A)ailable

    &* The system should enable creation of different access groups withdifferent access control. ?sers may belong to multiple groups.

    A)ailable

    & 9og on to the system should require users to pro)ide unique useridentity and form of personal identification e.g. a password.

    A)ailable

    & Bank’s Password management features like length and pattern+ passwordencryption+ e$piry+ disabling after unsuccessful attempts+ time,out+force password change for e)ents etc.

    A)ailable

    &0 System Administration should pro)ide for creation+ deletion andmodification of users+ upgrade users and assigning dataaccess/modification rights of )arious user groups.

    A)ailable

  • 8/18/2019 UBI AML RFP

    2/9

    &1 Access only to designated users+ and user set, up should be centrallycontrolled through a specific administration module.

    A)ailable

    &3 6aker Checker concept for all type of transactions. A)ailable

    &4 @eneration of detailed audit trails with following features5 9ist of all users logged on to the system

    9ist of attempted unauthori#ed logins (etails of databases accessed and modified by the users. @eneration of daily audit trails. Separate audit trail for e$ceptionaltransactions.9

    &< Pro)ide adequate backup and reco)ery features. A)ailable

    *= (atabase locking features in the situation that there are multipleaccesses and updates on the same record.

    A)ailable

    *& ?nified online )iew for each transaction record. Customi#ation

    ** (ata e$traction/fetching from other databases should be done usingrele)ant 2T9 tools like :racle "ntegrator or S9 Ser)er "ntegration

    Ser)ices etc.

    A)ailable

    * 6apping of transaction records to support transaction+ account+customer and household dimensions

    A)ailable

    * Support for multiple data types nonmonetary e)ent data+ geographicdata+ risk lists+ third,party data+ associate data and a )ariety ofcustomer information data! in addition to transaction data

    A)ailable

    *0 (ata model for efficient data upload from Core Banking Solution andother applications of Bank like 6S 6"S+ (ata warehouse etc.

    Customi#ation

    *1 S6S and 2mail Alerts as per the regulatory requirements A)ailable

    *3 The application must ha)e :pen 'eb Application Security Pro-ect:'ASP! compliance

    A)ailable

    *4 "ntegration with e$isting and future )ersions of Core Banking Solution Customi#ation*< The solution should work successfully on all reputed web Browsers with

    their current and future )ersionsA)ailable

    = There should not be any loop hole/)ulnerability in the product+ whichcan leads to any kind of attack.

    A)ailable

    & All the modules of the software should be fully integrated and nomanual inter)ention should be needed for inter,modules operations.

    A)ailable

    * Capable to support processing on real time+ online+ off,line+ batchmode+ etc. should also support scheduling and defining of -obs.

    A)ailable

    Should support centrali#ed+ distributed as well as hybrid databases. Customi#ation

    Support encryption > hashing of data during e$change internally andwith e$ternal systems. Customi#ation

    0 Passwords must be kept encrypted in the database and should not be)isible using any source.

    A)ailable

    1 Access to the system for all the users should be a)ailable only throughmenu selection of the user interface.

    A)ailable

    3 'ell defined purging policy mechanism to do from front end. A)ailable

    4 Should ha)e the ability to capture non,financial e)ents such as change A)ailable

  • 8/18/2019 UBI AML RFP

    3/9

    of address etc.

    < Should offer facility for load balancing w.r.t. application ser)er anddatabase ser)er. (ata replication functionality across databases.

    A)ailable

    = Support automatic switcho)er to alternate/standby/failo)er ser)er. A)ailable

     Annexure – C1 (Functional Compliance Sheet)Please speciy S/C in the table below to indicate how the solution meets the

    Banks requirement. All the below requirements are mandatory. The bidder has to

    speciy complied by markin S !Standard". # any o the technical specifcation is

    not complied by the bidder then it should be customi$ed without any e%tra cost.

    Such point shall be marked as C !Customi$ed".

    & 'eneral (equirements Comply!S/C"

    &.& The licenses or the proposed solution should

    be enterprise unlimited licenses. There shouldbe no restriction on the license in terms o no.o users) no. o transactions) no. o channels)no. o Bankin products) no. o branches andasset si$e o bank.

    A)ailable

    &.* Capable to +iew circular und transer betweencustomers and linked entities. This inormationshould be +iewable in raphical and tabularormat.

    A)ailable

    &. Capable to see the customer turno)er details for the

    past years along with the date of a/c opening andclosure as per bank‟s requirement.

    A)ailable

    &. @eneration of ST alerts+ for details refer point *.& ofSection """

    A)ailable

    &.0 Capable of generating alerts on all the scenariosprescribed by "BA/B"/7"?,"ndia and other regulatorybodies+ for details refer point *.* of Section """

    Customi#ation

    &.1 Capable of generating any future scenarios prescribedby "BA/B"/7"?,"ndia and other regulatory bodies fromtime to time.

    A)ailable

    &.3 Capable of reporting of alerts by branches of the Bankon the offline scenarios pro)ided by "BA/B"/7"?,"ndiaand other regulatory bodies+ based on e)entshappening in the Branch or across the counter+ fordetails refer point *. of Section """

    A)ailable

    &.4 Capable of )erification of e$isting customers+ the newcustomers to be added in future! and walk incustomers against )arious negati)e lists prescribed bythe egulatory Authorities ?%+ :7AC etc.! 7or detailsrefer point *.0 of Section """

    A)ailable

  • 8/18/2019 UBI AML RFP

    4/9

    &.< Capable of capturing scenario under Trade based moneylaundering+ for details refer point *. of Section """

    A)ailable

    &.&= Capable of uploading custom lists into the applicationelectronically and checking the names of customerswith the data base of negati)e list to be acquired from

    the ser)ice pro)ider )i#. 7acti)a+ 'orldcheck+ BankersAquity+ (ow Dones+

    Customi#ation

    &.&& Capable of pro)iding online PA% )erification of thecustomers from %S(9 site on real time basis while onboarding as well as )alidating the e$isting customers.

    Customi#ation

    &.&* Capable of adding/deleting a scenario as per Bank‟srequirement.

    A)ailable

    &.& Capable of changing limits/thresholds/)alues as perBank‟s requirement.

    A)ailable

    &.& Capable of sorting of daily ST alerts on differentparameters like scenario+ turno)er+ egion+ Branch+@eographical area etc.

    A)ailable

    &.&0 Capable of ha)ing proper mechanism for distribution ofalerts to different users/screening officer at A69(i)ision and to different locations )i#.E:/:/Branches.

    A)ailable

    &.&1 Capable of ha)ing ierarchy for escalation of alerts todifferent le)els as per Bank‟s requirement.

    A)ailable

    &.&3 Capable of pro)iding ST case in the required fileformat of 7"?,"%( for uploading in their site.

    Customi#ation

    &.&4 Capable of pro)iding details like Bio data of thecustomer in a single screen+ transactions in theaccount/s for two years+ to the Principal :fficer P:! to

    enable the P: to help in drawing a conclusion of thesuspicion of the transaction.

    A)ailable

    &.&< Capable of pro)iding details of progress of the work ofscreening/scrutiny by the P: and the alerts undercorrespondence with the Branches.

    Customi#ation

    &.*= Capable of pro)iding the position of alert scrutiny inthe form of (ash Board as per bank‟s requirement.

    Customi#ation

    &.*& Capable of maintaining proper record of the generatedST alerts and after scrutiny closer and the STs filed.

    Customi#ation

    &.** Capable of generating alerts on all the scenarios forwashing of 7und as per bank‟s requirement.

    Customi#ation

    &.* Capable of ha)ing audit trail for all the acti)ities by allthe users. A)ailable

    &.* Capable of @enerating CT cash Transactions eport!as per prescribed format of 7"? "ndia.

    Customi#ation

    &.*0 Capable of @enerating %T %on,Profit originationsTransactions eport! as per prescribed format of 7"?"ndia.

    Customi#ation

    &.*1 Capable of @enerating CC Counterfeit Currency Customi#ation

  • 8/18/2019 UBI AML RFP

    5/9

    eport! as per prescribed format of 7"? "ndia.Branch/Currency chest should be able to feed the CCdetails online at their end and FGC,A69 di)ision shouldgenerate them for final submission.

    &.*3 Capable of @enerating CB'T Cross Border 'ire

    Transfer eport! as per prescribed format of 7"? "ndia.

    Customi#ation

    &.*4 Capable of highlighting the cases on which ST isalready filed and )iewable to the Central office users.

    Customi#ation

    &.*< Capable to display egion 'ise/Eone 'ise no. of STgenerated in graphical and tabular forms.

    Customi#ation

    &.= Capable of highlighting the CT submitted Accountsalong with their frequency of CT transactions.

    Customi#ation

    &.& Capable to display egion 'ise/Eone 'ise no. of CCgenerated in graphical and tabular forms.

    Customi#ation

    &.* Capable of highlighting the CB'T reported Accountsalong with their frequency of transactions.

    Customi#ation

    &. Capable to display Country wise along with Eone/:wise %o. of CB'T reported Accounts.

    Customi#ation

    &. Access to Branch users to )iew CT accounts of theirrespecti)e branch.

    A)ailable

    &.0 2nables the analysts to scan the historical data andretrace hidden patterns in the account profiles.Analysts can pre)iew the complete incident detailsalong with all other in)estigation tools and mo)e suchincidents into their in)estigation dash boards.

    Customi#ation

    &.1 A69 officer to perform Hwhat ifI analysis and assessthe number of alerts that would result based onspecified thresholds. Capable of enabling alert floodcontrol by facilitating )isuali#ation of more practicalthreshold )alues.

    Customi#ation

    &.3 Capable to Support for S'"7T messages 6T 0+ 313+&

  • 8/18/2019 UBI AML RFP

    6/9

    customer and account by selecting from the parametersin the report.

    &.* Access to Branch users to )iew FGC %on,complaintaccounts and certifying the geniuses of transactions intheir constituent accounts online as required by FGC,

    A69 di)ision. Alerts should be thrown to B6‟

    s "( incase of non,compliance.

    A)ailable

    &. The solution should ha)e capability but not limited toallow the super)isor to recheck the closed alerts ofusers on random basis.

    A)ailable

    &. Capable to select multiple alerts for a single customeror multiple customers for a specific case action by userthrough a single button click

    Customi#ation

    &.0 Capable to assign alerts based on ules5 a. Alertassignment to users based on amounts b. Assignment ofbranch/region specific alerts to specific users. c. Bulkassignment/ eassign of alerts.

    A)ailable

    &.1 The transaction data should ha)e the capability to doneural analysis i.e. predict possible money launderingbeha)ior in the future.

    Customi#ation

    &.3 System should be able to trace links betweencustomers in the bank. The system should also ha)e thefacility to record and sa)e established relationships.

    Customi#ation

    &.4 Should offer multi currency support. A)ailable&.< Should be possible to generate list of accounts at a

    gi)en address.A)ailable

    &.0= System should support wire transfer sur)eillance withthe following features5 "dentify wire transfers

    originating in correspondent or agent banks+ identifysuspicious acti)ity based on patterns of multiple wiretransfers+ automatically generate reports on blockedand re-ected items+ monitor internal/e$ternal anddomestic/international wire transfers.

    Customi#ation

    &.0& System should ha)e a alert scoring mechanism withproduct ha)ing a relati)e score for each alert+ the alertscores be modified through the applications of rules+pro)ide for the categori#ation of alerts into groups forsimilar suspicious acti)ity and pro)ide the user to drilldown into the details of the transactions on which the

    alert was generated.

    Customi#ation

    &.0* Bank should be able to create watch list of customers >non,customers. Batch upload of customi#ed list shouldbe possible. There should be a pro)ision to assign riskto the watch list. Changes to this watch list should alsobe tracked+ with complete audit trail.

    A)ailable

    &.0 Bank should be able to reduce false positi)es bycreating a white list in which user can add customers

    A)ailable

  • 8/18/2019 UBI AML RFP

    7/9

    who ha)e matched with list but are not deemedsuspicious. Should also ha)e the ability to make aKfu##y logicI match with the list.

    &.0 Should compare the additions to :S7"+ :7AC or othernegati)e

    Customi#ation

    &.0* Bank should be able to create watch list of customers >non,customers. Batch upload of customi#ed list shouldbe possible. There should be a pro)ision to assign riskto the watch list. Changes to this watch list should alsobe tracked+ with complete audit trail.

    A)ailable

    &.00 Any missing mandatory fields for an account holdershould be detected > reported.

    A)ailable

    &.01 The system should ha)e pro)ision to define benchmarksfor alert scenarios based on customer type+ nature ofbusiness+ branch+ and country > account risk. Shouldinclude structured transactions+ wire transfers+ analysisof unstructured te$t instructions contained in wire

    transfers+ patterns in multiple wire transfers+ etc.+ highrisk geographies+ high risk entities+ transactions with noapparent business purpose+ funds transfer+ transactionsthat may indicate fraud rings+ money market funds+lines of credit+ credit cards+ installment loans+ etc.

    Customi#ation

    &.03 System should be capable of handling real time alerts. A)ailable&.04 "dentify multiple wire transfers transactions with

    common suspicious characteristics.A)ailable

    &.0< Automatically generate alerts/reports on blocked andre-ected items.

    A)ailable

    &.1= "t should be possible to re,run any rule at any time and

    Kas,of ‟ any past date.

    A)ailable

    &.1& Should be possible to manually change priority or riskscore of a suspicious transactions or e)ent.

    A)ailable

    &.1* Should be possible to either assign a risk score orchange the status of a suspicious transactions or e)ent.

    A)ailable

    &.1 Should ha)e facility to store alerts+ emails and allnecessary information recorded by the sur)eillanceofficer to substantiate the case. This includes pro)isionto scan documents and attach them to specific cases.

    A)ailable

    &.1 Application should track key milestone dates in a casee.g. date open+ date closed!L

    A)ailable

    &.10 The system should ha)e complete audit trail of thealerts generated. A)ailable

    &.11 System should generate 6"S reports such as most acti)eaccounts based on parameters such as depositfrequency+ withdrawal frequency+ and transactionfrequency.

    A)ailable

    &.13 System should ha)e a special interface for auditors and"T users

    A)ailable

  • 8/18/2019 UBI AML RFP

    8/9

    &.14 ?se of link analysis is desirable which is a moreeffecti)e way to disco)er money,laundering acti)ities9ink analysis uses mathematical algorithms to findcommon denominators and patterns in massi)e amountsof data across the organi#ation!.

    A)ailable

    &.1< The user should ha)e the facility of filtering alertsbased on parameters such as time+ customer+instrument+ product and alert type.

    A)ailable

    &.3= Should be possible to do an age,wise analysis and )iewalerts at a summary le)el+ like no. of days open+ etc.

    Customi#ation

    &.3& Should be possible to generate 6"S reports such assuspicious transactions as a percentage of totaltransactions+ etc.

    A)ailable

    &.3* The solution should ha)e automated case processing. A)ailable

    &.3 The solution should be capable of pro)iding a free formte$t comments bo$ on working case screens.

    A)ailable

    &.3 The solution should be able to differentiate betweencases which were created from alerts )ersus thosewhich were created manually.

    A)ailable

    &.30 The solution should ha)e the ability to delete orremo)e workflows if they become redundant as perbank‟s requirement.

    A)ailable

    &.31 The solution should ha)e ability to integrate rd partydata/system as per bank‟s requirement.

    A)ailable

    2 Risk Categorization A)ailable

    *.& Capable of e)iewing isk categori#ation of the entire

    customers e)ery si$ months through a system based oncertain parameters set by the Bank as prescribed bythe egulatory Authorities. The parameters aredynamic and Administrator should be able to changethe same as per requirement of egulator.

    A)ailable

    *.* Capable of ha)ing mechanism for e$ercising 2nhanced(ue (iligence in case of igh isk Customers and alsogenerating Audit trail.

    A)ailable

    *. "f any account is to be compulsorily categori#ed in aparticular risk like high risk+ the system must ha)e thecapability to o)erride the normal parameteri#ation andcategories the account in high risk.

    A)ailable

    3 Unique Customer Identification Code A)ailable

    .& Capable of identifying multiple C"7s of a singlecustomer on parameters like (ate of Birth+ PA%%umber+ Aadhar Card+

    A)ailable

    .* Capable of grouping of the data of multiple C"7s intoBranch wise and egion wise for de,duplication

    A)ailable

    . Capable of keeping track record of de,duplication A)ailable

  • 8/18/2019 UBI AML RFP

    9/9

    process/progress.

    4 Customer Profile Updation / KYC Compliance A)ailable

    .& Capable of generating reports of Branch wise Cust "(sdue for FGC updation as per periodicity prescribed by

    B" i.e. * years for igh risk+ 4 years for 6edium riskand &= years for 9ow risk customers and capable ofgenerating customi#ed letter for each eligiblecustomer.

    A)ailable

    .* Capable of pro)iding different reports regarding thedeficiencies in FGC details/documents which will behelpful in customer profile updation

    A)ailable

    . Capable to generate > send letter as per bank templateformat to branches through email.

    Customi#ation