Professional Documents
Culture Documents
SOP For FRM
SOP For FRM
Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy
Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy
Responsibilities:
FRM Dept:
- Keep a 24*7*365 watch on the FRM system and its alert generated during each and
every slot.
- Take actions on alerts generated by system.
- Confirm the suspicious alert/activity either genuine or fraud.
- Record proper evidences and remarks on the observation for the alerts generated
by system.
- Follow the standard procedures when a fraud is detected.
- Escalate the observation of alerts as per the Escalation matrix.
- Review the rule set as per the decided frequency.
- Report IT team on any technical issues found in FRM application.
- Share the observation and requirement to IT team.
IT Dept:
Involve in Review meeting to fulfill the functional requirement.
Provide technical support on day to day operations or on any observation received
from FRM Team.
Provide support in Drill
Follow standard process in implementation/changes of business logic in FRM
application.
Procedures:
1. Daily observation and actions on Slots generated by system
Slots are generated and displayed inside the FRM application. Check each and
every alerts as per the business logic implemented in rule set.
Perform details analysis for the generated alerts by checking CBS transaction
and other related settings
Call customer if the suspicious behavior found.
Identify the stage of alert.
Stage:
a) Suspicious
b) Genuine
Classification | CONFIDENTIAL
Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy
c) Fraud
Take proper action as per the above stage.
Record the actions and capture the evidences.
FRM team will report the FRM escalation matrix and IT escalation matrix
immediately for the further actions.
Only one call attempt is made to escalation matrix person. In case of
person unavailability, moved to next escalation matrix.
The last escalation will be CEO.
b. Yellow Tag:
Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy
c. Green Tag:
Internal review of FRM team members by Dept Head/ Relevant team head.
Purpose of the review should include operational issue, technical issue and
personal life.
Report the review observation to CEO/Risk committee.
8. FRM drill
- FRM drill to be carried out on yearly basis.
- IT team will implement a fake scenario in system which lead to alert generation
- Actions taken by FRM team will be recorded.
Classification | CONFIDENTIAL
Dombivli Nagari Sahakari Bank Ltd. (Multi-State) - Information Technology and Information
Security Policy
Version Control:
Sr Version Title Version No Date
No
1. Fraud and Risk Management Process 1.0
Document
Approval Block
Approvals Title Signature/Date
Prepared By
Review By
Approved By