Enforcement viaPolicies and Procedures
Processes and Procedures
These are boring, tedious, time consuming……
BUT THEY ARE ESSENTIAL
They must be written and updated regularly
Every member of staff must
Be trained in their use
Read them as part of their job
Keep up to date on changes
What are They
Operational procedures are documents that describethe way in which the Issuer or Acquirer operatesthroughout their operation.
They cover every aspect of the process of cards andevery interface inwards and outwards. To cardschemes, bank systems, partner systems, centralbanks etc:
Why do you need them
They are needed to ensure that the card processesalways operate in the same way, regardless of when,were or what the situation is.
They become base documents for:
Training new staff
Upgrading existing systems
Introducing new systems
What Areas are Covered
They cover every single area of the Issuer or Acquirerprocess within the bank and outside it.
![MC900059322[1]](data/images/img6.png)
Security and Access
Who can access, see and update data and what theycan do with it
Directors
Managers
Supervisors
Operators
![MC900439359[1]](data/images/img7.jpg)
Risk Processes
KYC (Know Your Customer)
Profiling for Risk exposure of:
Applications
Authorisations and Limits
Collections
Fraud
New Products
![MC900056614[1]](data/images/img8.png)
Authorisations
Who can authorise what
How far can a limit be exceeded
Criteria around breaking limits
Reporting processes
![MC900304793[1]](data/images/img9.png)
Account Management
Application Processing
Account Maintenance
Account Opening
Account Closure
Detail Changes
Statement Production
![MC900279126[1]](data/images/img10.png)
Settlement
Settlement processes:
Internally
Externally to
Card Schemes
Partners
Customers
![MC900150533[1]](data/images/img11.png)
Disputes
Stages involved in a dispute process:
Copy of the voucher, till roll, signature or any otheracceptable proof
Chargeback
Representment
Arbitration
![MC900078807[1]](data/images/img12.png)
Collections
Process to be followed on non-payment
30 days, 60 days, 90 days, and so on
Collections Agencies
Litigation
Dunning Letters
Write Offs
Fraud
Process to be followed:
Identification of where the faulty lies
Chargeback if appropriate
Notification of authorities
Reporting to card schemes / central banks
Write Offs
![MC900290865[1]](data/images/img14.png)
Customer Service
Who can you talk to
What can you say
How do you follow up
What are the limits of your job
![MC900047864[1]](data/images/img15.png)
Security
Key Management
System Security
Access
Passwords
![MC900412764[1]](data/images/img16.png)
Audit
What data to be recorded on each transaction:
Date
Time
Operator / workstation ID
Details of changes
Before image
After image
Compliance
Compliance with:
Central Banking Regulations
National Regulations
Anti-Money Laundering Rules OFAC
Card Scheme mandates and regulations
Any other specific compliance issue e.g. move to EMV,use of fraud checking etc:
Contract Must Haves
Contracts with Who
Schemes
Partners
Suppliers
Customers
![MC900297161[1]](data/images/img17.png)
Contract Must Haves
Contracts are as boring as anything canbe:
But
Make sure that the legal eagles haveactually written in what you want
It actually does do what you need to do
Never be afraid to question anything
If its not right nor will your business beright
Goldfish
![MC900078818[1]](data/images/img18.png)
Scheme Business Interfaces
Compliance with scheme rules
Submission of waivers
Settlement and reconciliation
Disputes and Chargebacks
Rules agreement
Product launches
Brand enhancement
Scheme Technical Interfaces
Online authorisations
Offline Clearing and Settlement
Certifications
Online
Offline
Chip card certification
New Product Launch
Licences and Approvals
Scheme Certifications
Banking Licences
EMoney Licences
FSA Approvals
Central Bank Agreements
![MM900172640[1]](data/images/img19.gif)