Saturday , March 29 2025
Bangladesh Bank

Bangladesh bank published CBS guideline Version 2.0

The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and the aim for sustainability have advanced the industry to grow with a faster pace and in a well- structured manner.

The industry has undergone many changes on providing the services to their customers. Most of the banks have adopted automated banking environment for faster services, better control in operations and established alternative delivery channels to facilitate services at door-steps. Core Banking Solution (CBS) is playing a vital role for this technology driven banking services.

FBI investigating cyberattack at Oracle, Bloomberg News reports

The Federal Bureau of Investigation (FBI) is probing the cyberattack at Oracle (ORCL.N), opens new tab that has led to...
Read More
FBI investigating cyberattack at Oracle, Bloomberg News reports

OpenAI Offering $100K Bounties for Critical Vulns

OpenAI has increased its maximum bug bounty payout to $100,000, up from $20,000, to encourage the discovery of critical vulnerabilities...
Read More
OpenAI Offering $100K Bounties for Critical Vulns

Splunk Alert User RCE and Data Leak Vulns

Splunk has released a security advisory about critical vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These issues could lead...
Read More
Splunk Alert User RCE and Data Leak Vulns

CIRT alert Situational Awareness for Eid Holidays

As the Eid holidays near, cybercriminals may try to take advantage of weakened security during this time. The CTI unit...
Read More
CIRT alert Situational Awareness for Eid Holidays

Cyberattack on Malaysian airports: PM rejected $10 million ransom

Operations at Kuala Lumpur International Airport (KLIA) were unaffected by a cyber attack in which hackers demanded US$10 million (S$13.4...
Read More
Cyberattack on Malaysian airports: PM rejected $10 million ransom

Micropatches released for Windows zero-day leaking NTLM hashes

Unofficial patches are available for a new Windows zero-day vulnerability that allows remote attackers to steal NTLM credentials by deceiving...
Read More
Micropatches released for Windows zero-day leaking NTLM hashes

VMware Patches Authentication Bypass Flaw in Windows Tool

On Tuesday, VMware issued an urgent fix for a security flaw in its VMware Tools for Windows. CVE-2025-22230 allows a...
Read More
VMware Patches Authentication Bypass Flaw in Windows Tool

IngressNightmare
Over 40% of cloud environments are vulnerable to RCE

Kubernetes users of the Ingress NGINX Controller are advised to fix four newly found remote code execution ( RCE) vulnerabilities,...
Read More
IngressNightmare  Over 40% of cloud environments are vulnerable to RCE

(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass

Next.js, a widely used React framework for building full-stack web applications, has fixed a serious security vulnerability. Used by many...
Read More
(CVE-2025-29927)  Urgently Patch Your Next.js for Authorization Bypass

Oracle refutes breach after hacker claims 6 million data theft

A hacker known as “rose87168” claims to have stolen six million records from Oracle Cloud servers. The stolen data includes...
Read More
Oracle refutes breach after hacker claims 6 million data theft

Today, the role of CBS is not just as a transaction processing engine; it is the key repository of information to further analyze and detect risks. A standard and flexible CBS is a significant contributor to a bank’s ability to respond quickly to the diversified business including compliances with changing regulations.

Apart from the CBS, banks are using different important solutions for different business portfolios like Trade Finance, Remittance, Asset Liability Management, Anti-Money Laundering, Card Management, etc. Though these business operations may be done using separate solutions, the reporting to stakeholders and regulators is done in a consolidated manner. Most of the commercial banks have already implemented CBS and the rests are on the way of implementation. Different commercial banks of Bangladesh are using different outsourced or self-developed CBS. Due to the variations in development architecture, support service, modality and flexibility in these systems, stakeholders are facing challenges in collecting the necessary and intended information at the right time.

This necessitates a uniform set of instructions that should be accommodated as a minimum requirement in any CBS. This document is developed in a collaborative approach to guide the commercial banks in Bangladesh in maintaining the minimum required features and controls in their CBS and other related banking solutions so that the banks can comply with most of the stakeholders’ requirements. The document covers the necessary features and controls of banking services like General Banking, Bills and Remittance, Deposits, Loans/Credit/Investment, Trade Service, Treasury, System Administration and Reporting.

Each bank has its own way of management reporting and regulators also have their different query and reporting requirements which are changing over time, as such fixed reporting formats and demands could not be stated in the reporting module. It is expected that the reporting tools used in the banking system shall be capable and flexible enough to generate new format of reports as required.

Bangladesh Bank reserves the right to amend or review document as and when necessary. In case of Islamic Banking, for all kinds of operations including profit and loss calculation will be based on Shariah principles and relevant guidelines of Bangladesh Bank.

Objectives:

Core banking operations involve managing transactions, processing payments, handling loans, and many other activities. It facilitates online banking, automated teller machines (ATMs), telebanking, and immediate or remote fund transfers through mechanisms like immediate payment service (IMPS), electronic fund transfer (EFT), and real-time gross settlement (RTGS). Application Programming Interfaces (APIs) are becoming more common in core banking systems to facilitate easy integration with third-party services. It facilitates a broader range of services and enhances the customer experience. For instance, through APIs, banks can integrate with FinTech services, payment gateways, or even other banks for seamless interbank and inter platform transactions.

Some basic objectives of this guideline are:

a) Ensuring proper due diligence while using Core Banking Solutions.
b) Ensuring quicker services at the bank counters for routine transactions like cash deposits, withdrawal, passbooks, statements of accounts, demand drafts, etc.
c) Ensuring anywhere banking by eliminating dependency with branch banking.
d) Ensuring provision of banking services 24 X 7.
e) Ensuring fast payment processing through Internet banking, mobile banking.
f) Ensuring anytime anywhere banking through ATMs, CRMs.
g) Ensuring that all branches access applications from central servers/datacenter, so deposits made in any branch reflect immediately and the customer can withdraw money from any other branch throughout the world.
h) Ensuring easy transfer of funds from the cities to the villages and vice versa.
i) Ensuring process standardization within bank & branches.
j) Ensuring retention of customers through better customer service.
k) Ensuring accuracy in transactions & minimization of errors.
l) Ensuring improved management of documentation & records – having centralized databases results in quick gathering of data & MIS reports etc.

Scope and Applicability:

This guideline is applicable to all Banks of Bangladesh. It addresses the approach and principles necessary for adoption of Core Banking Solution by the Bank. However, this guideline does not prescribe or recommend any specific Core Banking Solution, service arrangement, service agreement, service provider or deployment models. The Bank must perform their own analysis to determine if CBS meets their strategic aims whilst managing any associated risks and compliance with regulatory requirements.

Compliance and Dispensation:

a) The bank shall assign a Team/Committee/Entity to monitor compliance with this guideline. A Team/Committee/Entity shall provide the initial observation of any non-compliance issue to the competent authority. b) The bank shall take initiatives to rectify the non-compliance activities as per guidelines within a specific time frame.
c) For non-compliance issues, compliance plans shall be submitted to Bangladesh Bank. If any noncompliance issue persists due to exceptional cases, then dispensation can be taken from
Bangladesh Bank for a specific period.
d) If the bank fails to rectify the non-compliance activities within the time frame, the bank shall seek permission for dispensation from Bangladesh Bank. After the compliance failure multiple times, a penalty may be imposed on the bank depending on the impact of business or any adverse impact on customers’ interest.

The updated Guidelines on Core Banking Solution (CBS) Features and Controls (Version 2.0) is available in Bangladesh Bank website (www.bb.org.bd). This guidelines shall come into force with immediate effect. However, its full compliance must be ensured by 30 June 2025.

 

Check Also

NVDP

BCSI officially announce National Vulnerability Disclosure Program (NVDP)

Bangladesh Cyber Security Intelligence (BCSI) officially launch the National Vulnerability Disclosure Program (NVDP) to enhance …

Leave a Reply

Your email address will not be published. Required fields are marked *