Business Analyst

Only available on StudyMode
  • Download(s) : 113
  • Published : April 11, 2013
Open Document
Text Preview
Saudi Arabian Monetary Agency

e-Banking Rules

Banking Technology Department
APRIL 2010

Table of Contents

1Introduction:4
1.1Electronic Banking Definition:4
1.2E-banking Evolution:5
1.3E-Banking Rules:5
1.4Objective of the Rules:6
1.5Scope of Application:6
1.6Effective Date:6
2Supervision of E-Banking:7
2.1Supervisory Approach:7
2.2New E-banking Products:7
2.3Legal and Regulatory Requirements:7
2.4Enforcement Mechanism:8
2.5Reporting Requirements:8
3Customer Protection and Education:9
3.1Rights and Liabilities of Banks and Customers:9
3.2Customer Security and Education:9
3.3Banks’ Obligations:10
4E-Banking Risks:12
4.1Types of Services:12
4.2Risk Profiles12
4.3Associated Risks:13
4.4Risk Management Approach:15
4.4.1Risk Identification15
4.4.2Risk Analysis and quantification16
4.4.3Risk treatment16
4.4.4Risk monitoring and review16
4.4.5Summary17
5Risk Management Principles for E-Banking:18
5.1Principles 1-3: Board and Management Oversight:18
5.2Principles 4-10: Security Controls:20
5.3Principles 11-14: Legal and Reputational Risk Management:23 Appendix 126
Glossary26
Appendix 232
Security Controls Requirements32
Appendix 336
Incident Reporting36

1
Introduction:

2.1 Electronic Banking Definition:

The term “Electronic Banking” or “e-banking” is defined as remote banking services provided by authorized banks, or their representatives through devices operated either under the bank's direct control and management or under the outsourcing agreement. In other words, e-banking is an umbrella term for the process by which a customer may perform banking transactions electronically without visiting a branch and includes the systems that enable customers of banks, individuals or businesses, to access accounts, transact business, or obtain information on financial products and services through a public or private network, including the Internet.

A “remote banking service” is defined as a:

* Dedicated banking service for which the Customer has explicitly registered and authorized. * Service supplied using devices that are not under the control of the Provider; * Service which demands the authentication of the Customer.

Cross-border e-banking is defined as the provision of transactional on-line banking products or services by a bank in one country to authorized customer in other countries. This definition would include situations where a foreign bank provides e-banking products or services to residents in a foreign country from (i) a location in the bank’s home country, or (ii) an “onshore” physical establishment in another foreign country.

The following terms used to describe the various forms of e-banking are often used interchangeably: personal computer (PC) banking; Internet banking; virtual banking; online banking; home banking and remote electronic-banking.

Services Exclusions
Usually, e-banking also involves phone banking and the use of automated teller machines (ATMs) but these are not covered under the above e-banking definition for the purpose of these Rules.

Furthermore, individual communications such as e-mail (digitally signed or otherwise) received by the Provider from a Customer outside the context of a remote banking service, are also not covered under this definition.

Various other related terms are defined in the Glossary at Appendix 1 to these Rules.

2.2 E-banking Evolution:

Technology developments and innovations are having a significant impact on the banking business. Banks face the challenge of adapting, innovating and responding to the opportunities provided by the technological advancements. The growth of e-banking has benefited enormously to banks and their customers. It has allowed banks to expand outreach, reduce transaction costs, improve efficiency, and provide virtual banking...
tracking img