Executive SummaryThere has been a revolution in the communication media in Bangladesh through the introduction of Internet and other forms of secure dial up media. This has an enormous impact on the banking sectors of the country. Now due to electronic Banking except for cash customers are no longer require coming at the bank. It has not only benefited the customers but the bank as well. rom the Banks point of view this has helped prevent customers queuing up at the bank counters thus helping to minimi!ing the cost as well as the workload for the employees. "#B$ has been one of the pioneers in %lectronic banking in Bangladesh. "#B$ has been a pioneer in %lectronic banking in Bangladesh. &t "#B$ electronic banking comes in two modes "exagon and "#B$net. Both of them are developed by "#B$. "exagon is access through a dial'up mode by the customers. "#B$net on the other hand is Internet based. &t the moment "#B$ has more than hundred corporate customers using the electronic banking facility. "#B$ maintains one of the world(s largest private data communications networks and one of our most successful customer service driven technological innovations is "exagon."exagon provides corporate and institutional customers with )$ access to cash management services* trade services* securities services and other information through a single'platform using a fully integrated proprietary system.There are about +,*,,, "exagon users worldwide* with more than -., corporate users in Bangladesh. "exagon is able to offer a wade range of solution such as &ccount information* )ayments / transfer* )ay order / 0emand draft issuing* Telegraphic transfer* 1$ application opening and amendment* Trade enquiry* 2arket information* 3ffline services* Integration with %xcel* #alary )ayments* $heque writer to its clients. "#B$net is and Internet platform that provides a single point of entry to the online solutions offered by our $orporate* Investment Banking and 2arkets business. These solutions include "#B$4s award'winning research* plus a range of cash management and treasury and capital markets products and services* presented in a format that can be personali!ed to meet the individual needs of our customers. The core benefits to be offered to "#B$ clients* via "#B$netare &ccess The $ustomer(s account from &N56"%7% with Internet )$* improved security and audit controls* multiple user access levels for different functions 8balance inquiry* payment preparation* payment authori!ation etc.9 and #mart$ards and #mart$ard readers for extra security for payment authori!ers. The $ore "#B$net eatures are balance and transactions reporting* account #tatements viewing* in 7%&1 TI2%:* account and transaction inquiries by date* amount* and other criteria* daily statement download and printing capability for long term record;reconciliation* variety of reports in a wide variety of formats in 3N% platform* for every banking service we provide 8collections and payments of all types9 and upcountry collections and payments reports. The future of Internet banking is enormous. Now banks are not .+J of its banknotesand has been appointed #ettlement Institution for the F# dollar clearing system in "ong Iong* the first non'&merican bank in the world to win F# dollar clearing business. The Bank and its subsidiaries have some BC, offices in >, countries and territories in the &sia')acific region and employ over A,*,,, people. ''' 2SB- 2ol"ings plc:&lthough the ?roup4s holding company* "#B$ "oldings plc* was formed as recently as -CC-*many of its principal constituent companies opened for business over a century ago and havelongexperienceintheirhomeandinternational markets.6ithlistingsonthe1ondon* "ongIong* New 5ork and )aris stock exchanges* around -C,*,,, shareholders in some -,, countriesand territories hold shares in "#B$ "oldings plc. The shares are traded on the New 5ork #tock%xchange in the form of &merican 0epository 7eceipts.DThrough an international network linked by advanced technology* including a rapidly growing e'commercecapability* "#B$providesacomprehensiverangeof financial services@ personalfinancial services= commercial banking= corporate* investment banking and markets= private banking= trade services= cash management= insurance= consumer andbusiness finance= pension and investment fund management= trustee services= and securities andcustody services.''( 2SB- 0roup 3ision:The"#B$groupvisionisKTobecometheworld(sleadingfinancial servicescompanyandbalance group earnings between the 3%$0 and the emerging marketsL.The essence of "#B$ brand is integrity* trust and excellent customer service. It gives confidenceto customers* value to investors / comfort to colleagues.'') 2SB- 0overning #b&ective:"#B$(s governing ob"#B$ Trinkaus / Burkhardt I?a&Trinkaus " Burkhardt #Ga0Nsseldorf -DEB -CC>-,"#B$ ?uyer!eller Bank &?Bank Guyer$eller GOurich -ECA -CC>"#B$ Bank 2alaysia BerhadHongkong Bank Malaysia BerhadIuala1umpur-CCA -CCA"#B$ Bank Brasil #.&.' Banco 2PltiploBan!o Bamerindus do Brasil S..$uritiba -CB> -CCD"#B$ Bank &rgentina #.&.Ban!o %o&erts S..Buenos&ires-C,. -CCD"#B$ Bank F#&%epu&li! Ne' (ork CorporationNew 5ork -C++ -CCC"#B$ 7epublic Bank 8#uisse9 #&%epu&li! National Bank of Ne' (ork )Suisse* S?eneva -CEE -CCC''8 2istory o$ 2SB- 0roup: The "#B$ ?roup4s name is derived from The "ongkong and #hanghai Banking $orporation 1imited* the founding member of the modern ?roup. The bank owed its origins to the business communities of the $hina coast in the -E+,s. &t that time* the finance of trade in the region was not well developed and most transactions were still handled by the %uropean trading houses* or hongs* rather than by professional banks. By the early -E+,s* local businessmen needed larger and more sophisticated facilities. In "ong Iong* in particular* business leaders required specialist'banking services ' preferably from a bank that was locally owned and managed. The founding of the bank in -E+B answered this need. The new company was the inspiration of Thomas #utherland* then the "ong Iong #uperintendent of the )eninsular and 3riental #team Navigation $ompany* who produced a prospectus for a locally based bank operating on sound 4#cottish banking principles4. The prospectus attracted the support of a broad spectrum of "ong Iong interests* including &merican and Indian trading houses as well as %uropean firms* and theinitial capital of "IGB million was quickly taken up in "ong Iong* #hanghai and $alcutta. 3n this basis* the bank opened for business in "ong Iong on . 2arch -E+B. Then* as now* the bank4s headquarters were at - Queen4s 7oad. 3ne month later* on . &pril -E+B* the bank4s #hanghai office opened for business. Initial response from customers in the two cities was favorable* both from the foreign business community and from the compradors* the influential --$hinese intermediaries in charge of local staff and business dealings in the $hinese community.The new bank4s commitment to local ownership and management required a special arrangementfor incorporation. 7ather than operate under existing British or colonial regulations ' which would have required a 1ondon head office ' the bank4s directors persuaded the Treasury in 1ondon to accept incorporation under a special "ong Iong ordinance. This allowed the bank to maintain a head office in "ong Iong without losing the privilege of issuing banknotes and holding government funds. In this way* the bank 8which had started life under a local $ompanies 3rdinance as the "ongkong and #hanghai Banking $ompany 1imited9 assumed the name The "ongkong and #hanghai Banking $orporation in 0ecember -E++. Thereafter* the bank4s statutory framework remained basically unchanged until -CEC* when registration under the "ongIong $ompanies 3rdinance was completed. ''19 Early business "evelopment: #oon after its formation in "ong Iong and #hanghai* the bank established a network of agents and branches around the world. In many of its branches and agencies in &sia* The "ongkong and#hanghai Banking $orporation was the pioneer of modern banking practices. rom the outset* trade finance was a strong feature of its local and international business* an expertise that has been recogni!ed throughout its history. Bullion and exchange businesses were also important in the early years. In Hapan* where a branch was opened at 5okohama in -E++* the bank acted as an adviser to the government on banking and currency. In -EEE* it was the first bank to be established in Thailand* where it printed the country4s first banknotes. By -C,,* the branch network in &sia extended to India 8-E+D9* the )hilippines 8-EDB9 and #ingapore 8-EDD9* and to cities in what are now 2alaysia* 2yanmar* #ri 1anka and Mietnam. In the -Cth century* international banking of this kind required innovation and high levels of risk.In its early years* the bank had its share of setbacks* including over'commitment to a number of local industrial ventures. rom the mid'-ED,s* however* the bank renewed its focus on trade finance. Thomas Hackson* $hief 2anager on three occasions between -ED+ and -C,>* dominated this period of the bank4s growth and led it to become the foremost financial institution in &sia. In ->achieving this reputation* Hackson and his successors were supported by a distinctive cadre of managers and staff. These officers* many of whom had begun their careers with %nglish or #cottish * "#B$ "oldings announced that it would make a recommended offerfor 2idland. In late &pril* 1loyds Bank* one of the other British clearing banks* indicated that itwasalsoconsideringanofferfor2idland.That possibleofferwasdroppedshortlyafterthe"#B$ ?roup announced its final offer in Hune -CC>* valuing 2idland at R..C billion. The offer-.became unconditional in Huly* lifting the ?roup4s total assets from RE+ billion in -CC- to overR-D, billion in -CC>. The ?roup4s acquisition of 2idland created one of the largest financialorgani!ations of its kind in the world. &ttention immediately turned to integrating andconsolidatingthebusinessof theenlarged?roup. The?roupwasespeciallykeentoseeasynergyoftheinterestsofthema* the?roup4snewdealingroomatThames %xchange* 1ondon* became the largest treasury trading operation in %urope. In the sameyear* "#B$ Investment Banking was formed to co'ordinate the merchant banking* securities andasset management 8through "#B$ &sset 2anagement9 activities of the entire ?roup. In -CC.and -CCA* the ?roup enhanced its special strengths in private banking and securities strengths inprivate banking and securities business* the enlarged ?roup benefited from a greater level of co'ordination and a commitment to effective technology and training. The results of these effortswere reflected in the ?roup4s performance* with profits attributable to shareholders increasingfrom RBE+ million in -CC- to more than R>*,,, million in -CCA and F#GB*A,E million 8R.*.A>million* "IG+-*C.> million9 in -CCC. &n important result of the acquisition of 2idland was the transfer in Hanuary -CC. of the ?roup4shead office ' but not that of The "ongkong and #hanghai Banking $orporation ' from "ongIong to 1ondon to meet the requirements of the FI regulatory authorities. &lthough the Bank of%ngland now became the lead regulator for "#B$ "oldings* the banking subsidiaries continuedto be regulated locally in their country of operation. The ?roup4s traditional concern for rapid?roup4s traditional concern for rapid meant that the new ?roup "ead 3ffice in 1ondon providedonlytheessential central functions* suchasstrategicplanning* humanresourcemanagement*legal and company secretarial* and financial planning and control. In -CCE* "#B$ announcedthat these head office functions* together with most of the ?roup4s 1ondon'based businesses andoperations* would be relocated to a new headquarters building in 1ondon4s 0ocklands district.The AA'floor tower* designed for "#B$ by oster and )artners* will be ready for occupation in>,,>. Inthelate-CC,s* "#B$vigorouslydevelopedits roleas oneof theleadingbankingandfinancial services organi!ations in the world. Its strategy of 4managing for value4 emphasi!es the?roup4s uniquebalanceof businessandearnings betweentheolder* matureeconomies andfaster'growing emerging markets. The commitment to ma,, branches -+in the city. >,,- also saw the opening of the only branch in the "#B$ network that is open .+B days a year ' in )une in 6estern India.In &pril* "#B$ announced a F#G-- billion recommended offer for $rSdit $ommercial de rance8$$9. %stablished in -ECA* $$ brought into the ?roup a network of +B, branches in rance and long experience of personal* corporate* investment and private banking* greatly strengthening "#B$(s presence in the euro !one. The deal was completed in Huly and in that month "#B$ "oldings plc was listed on the )aris #tock %xchange for the first time.0uring the year "#B$ launched "#B$ )remier* a new international service for "#B$(s most valuable personal customers.''1( -ommercial Banking:$ommercial Banking in "ong Iong teamed up with "#B$ &sset 2anagement and Treasury tocross'sell investment funds. These focused on capital guaranteed funds and high yield depositsand resulted in a -BE per cent increase in fee income. Initiatives were launched in 2alaysia toensure that "#B$ captures the trade business resulting from the 2alaysian businesscommunities4 growinginterest in$hinaandIndia. #ingaporelaunchedBusiness Mantage* apackaged account service and delivery product* in India launched Business Insurance #ervices with tailored products* including policies covering fire*burglary*money'in'safeand public liability*anditroduceda $ash )lus#weepfacility*whichautomatically sweeps idle or surplus funds into a higher yielding money market mutual fund."#B$BankplcincreaseditsshareoftheFI4sbusinessstart'upmarket* helpingmorethanE,*,,, new businesses get off the ground* and reported a strong increase in customers switchingto "#B$. 2ore established businesses moved their accounts to "#B$ too* helping to swell thecustomer base by D per cent. "#B$4s business Internet banking is now live in $anada* the "ongIong #&7* India* &rgentina* the FI ed #tates with over >,,*,,, registered users. -DPART-(( 2SB- in Bangla"es%: The "#B$ &sia )acific group represents "ongkong and #hanghai Banking $orporation* "#B$in Bangladesh. The bank opened its first branch in 0haka in -Dth 0ecember to provide personalbankingservices* tradeandcorporateservices* andcustodyservices. TheBank'"#B$wasawarded I#3C,,> accreditation for itspersonal an" business banking services* which covertra"e services, securities an" sa$e custo"y, corporate banking, 2exagon an" all personalbanking3ther services of thebankincludecas%management, treasury, securities an"custo"ial service "#B$ is an I#3 certified organi!ation. This I#3 C,,> designation is the firstof its kindfor abankinBangladesh. The"ongIongand#hanghai Banking$orporationBangladesh 1td* primarily limited its operations to help garments industry and to commercialbanking. 1ater* it has expanded its business relations in sectors such as' pharmaceuticals* ,,, the bank launched a wide array of personalbanking products designed for all kinds 8middle and higher middle income9 individualcustomers. #ome such products are personal loans* car loans etc.7ecently the bank launchedthree of its personal bankingproducts Taxloan* )ersonal securedloan/&utomatedTeleBanking service 8&TB9. These products are designed to meet the diverse customer needs morecompletely."#B$ in Bangladesh is also speciali!es in self' service banking through providing >A hour &T2services. 7ecently it opened two new &T2(s at #hantinagar and Banani to better satisfy thosegeographic segments. In total the branch currently has C &T2(s located at various geographicalarea of 0haka and $hittagong.(1 #rgani;ational Structure at 2SB-, Bangla"es%:"#B$ follows a A'layer management philosophy in Bangladesh. These are 2anagers*%xecutives* officers and assistant officers. The $%3 is the top most authority of all the levels.2angers are the departmental heads that are responsible for the activities of their departments.They are the heads of the department and formulate strategies for that department such as "uman7esources 2anager. The executives have the authority next to managers and they are basicallyresponsible for certain activities and organi!ational functions like* &dmin %xecutive. These twolayers represent the management level of "#B$ Bangladesh.3fficers arethenext persons tostandinthehierarchylist. Theyarethetypical mid'levelemployees of "#B$ organi!ational hierarchy. These officers are responsible for managing theoperational activities and operating level employees.The operating level employees of "#B$who are ranked as &ssistant 3fficer fill the last layer of this hierarchy. They perform the day'to'day operational activities of "#B$. -CThe organi!ational structure of "#B$ Bangladesh is designed according to the various serviceandfunctional departments. The$hief %xecutive 3fficer 8$%39 heads the chief executivecommittee* whichdecidesonall thestrategicaspect of"#B$. The$%3isthepersonwhosupervises the heads of all the departments and also is the ultimate authority of "#B$Bangladesh and responsible for all kinds of activities of "#B$Bangladesh and all itsconsequences. "e admires all the functional departments and communicates with the departmentheadsforsmoothfunctioningoftheorgani!ation. The"#B$$hief%xecutive$ommitteeisformed with the heads of all departments along with the $%3. The structure of this top'mostauthority is shown in the following'- -ommercial Banking:$ommercial banking is a traditional strength of the "#B$ ?roup. In Bangladesh* "#B$ is apopular choiceforcustomersbecauseofthe?roup(sinternational reachandwiderangeoffinancial services andproducts. Its customers range fromsole proprietors topublic listedcompanies and foreign companies. "#B$ has an offshore banking unit 83BF9 license and cantherefore also provide foreign currency financing to qualifying customers. &bove all "#B$ is arelationship driven bank. -orporate an" !nstitutional Banking:$orporateandinstitutional bankingprovides dedicatedrelationshipmanagement services to"#B$(s clients in ma>K& transaction between two parties in which one 8the creditor or lender9 supplies money* goods*servicesorsecuritiesinreturnforapromiseoffuturepayment bytheother 8thedebtororborrower9.#uch transactions normally include the payment of interest to the lender.LIn the case of a commercial bank* credit means lending or advances made by it.The bank itselfis the lender and the borrowers are the various types of customers of the bank.The cost to thecustomers of borrowing from a bank is the interest and;or commission charge that they have topay throughout the life of the advance. Banks normally provide credit in the following forms@a #ver ,ra$ts:&n overdraft provides a limit up to which a customer may overdraw his current account at anytimeuptoacertaindate. Interest iscalculateddailyontheoverdrawnamount anddebitedmonthly to the customer(s current account.b /oans:6hen a loan is granted the full amount of the loan is debited to a 1oan &ccount and credited tothecurrent account ofthecustomer.7egularrepaymentsarethenmadetothedebit oftheborrower(s current account.Interest covering the full period of the loan may be taken in advancebefore the proceeds are credited to the customer(s account or alternatively debitedmonthly;quarterly* etc. in arrears.c Bill ,iscount:By discounting a bill* it means that we buy the bill 8i.e. Bill of %xchange or )romissory Note9before it isdueand creditthe face valueof the billless a discount charge to the customer(saccount. Thetransactionis practicallyanadvanceagainst thesecurityof thebill andthediscount represents the interest on the advance from the date of purchase of the bill until it is duefor payment 8the maturity date9." !mport an" Export . . It activelycreates riskpositions togenerate tradingincome. or example* oreign%xchange... It satisfies customer needs by offering an efficient and competitive service.The primary function of each of the Bank4s Treasury centers throughout the world is the detailedmanagement of the Bank4s assets and liabilities that fall within their sphere of responsibility.They have specific responsibility for@2aximising profitability through trading and marketing treasury products.$ontrolling interest rate risk.$ontrolling exchange risk.$ontrolling credit risk* where it arises from treasury activity.$ontrolling cash flows and liquidity.0eveloping our Treasury capabilities and our presence in the market place.It is important to stress that it is Treasury4s responsibility to control all aspects of the above and to ensure that all risk positions created in other areas of the Bank are taken'in underthe Treasury umbrella. -orporate Pro"ucts an" Services:The financial products of "#B$ can be categori!ed into two groups' 1> Asset pro"ucts'>/iability pro"uctsAsset Products:&sset products are the various types of credit and loan schemes offered to consumers.Liability Products:The liability products consist of all savings and deposit schemes offered to customers. Corporate Credit:>B6hen customers choose a bank to help support their business they want to be sure that it can tailor solutions to meet their specific finance needs. &t "#B$* they have a full range of products and services* which include@i. #ver"ra$t:&convenient andflexibleformof short'termfinancingfor routineoperatingexpenses andoverheads of the company.ii !mport an" Export /oans:1oans against import are available to customers when they purchase under 0ocumentary $reditor 0ocumentary$ollections terms. )re'shipment financeis availabletothemtomeet theirworking capitalrequirements.&dvancesare granted upon production of a buyer4scontractorexport 0$.iii ,P ? ,A Purc%ase:&cash advance made to customers when they have exported goods to a buyer through0ocumentary $ollections* either on a 0ocument against &cceptance 80&9 or 0ocuments against)ayments 80)9 basis.iv /ong-term /oans:"#B$ can customi!e a Term 1oan to finance the fixed assets that customers( business needs8such as land* new premises* equipment and machinery9.It may be a greenfield pro+vi Pre $rom o -s%ipment Epayment after receipt of titles and other documents that should fully comply with the terms of thecredit. $ustomers canen,, transactions every second* >A hours a day* .+B days a year.In -CCC;,,* we spent more than F#0>.> billion on developing and running computer systems and a further F#0A,, million on hardware and software purchases. ?lobally* the "#B$ ?roup employs over +*,,, I.T. professionals and is one of the largest originators of #6IT traffic in the+-world. Technology is vital to our future success and our overriding aim is to deliver faster* user'friendlier and more attractive services with enhanced functionality. "#B$ maintains one of the world(s largest private data communications networks and one of ourmost successful customer service driven technological innovations is He,agon."exagon provides corporate and institutional customers with )$ access to cash management services* trade services* securities services and other information through a single'platform using a fully integrated proprietary system.There are about +,*,,, "exagon users worldwide* with more than-., corporate users in Bangladesh.The system(s principal features are discussed in the following paragraphs..1' #perating Environment an" 2ar"1are Speci$ication "exagon operates under 2icrosoft 6indows ..-* 6indows ..-- for 6orkgroup*6indows CB* 6indows CE* windows >,,, or 2icrosoft 6indows NT 6orkstationA., and 6indows NT #erver A.,. 2ulti'site access is possible* for stand'alone* 6&N or 1&N access by all entities. It requires an IB2'compatible AE+0T++ )$ and operates on all standard modembaud rates 8"ayes compatible9. The "exagon system is continually undergoing enhancements to keep pace withadvances in technology and to meet our customers( ongoing requirements.&s andwhen these enhancements are made and packaged* free upgrades are provided toall users. ., megabytes of free drive space. "ayes'compatible modem baud rate AE,,;C+,,;-AA,,;>EE,,;..+,,;B+,,,..1( ,ata Security standards are also supported. or customers who have purchased translation software* %T7# will accept %0I standard files for transmission.0reater $lexibility an" control 1it% t%e combine" bene$its o$ 2exagon an" ETRS&s a "exagon user with %T7#* The $ustomer can issue electronically letters of credit 8documentary credits9 as well as transfer funds and make payments. Therefore* by integrating %T7# with The $ustomer(s back'office system* The $ustomer can automate the entire trade cycle from initial purchase order to final payment and delivery of goods.urthermore* "exagon offers The $ustomer a range of other banking and financial services. The $ustomer can easily check forex positions which means The $ustomer can quickly monitor and review trading contracts* positions and the relevant profit and loss of each of The $ustomer(s contracts. -ompre%ensive support $rom t%e 2SB- 0roup"#B$ staff will install the system* train all The $ustomer(s staff and set up all mapping tables for the automation of trade documentation. $onsultancy and advice on back office integration will also be provided if required..111 !nter$acing$ompatible with the vast maE'bit encryptionDBo Fser name and password for information accesso #mart$ard security for appropriate transactional services61 2o1 2SB- can %elp T%e -ustomer over t%e !nternet"#B$net is a range of products and services that encompass our $orporate* Investment Banking and 2arkets business* delivering tailored financial solutions to The $ustomer via the Internet. These solutions include cash management and treasury and capital markets and are expanding to include more products and services. The solutions are accessed online through an Internet page that is customisable for each individual user. It provides access to "#B$ sourced information and* when appropriate* will provide the ability to execute certain tasks such as manage The $ustomer(s liquidity across the world. It provides a single point of entry to our Internet solutions and complements our other channels.T%e personal pageD+6e understand that different roles in The $ustomer(s organi!ation have different needs* so we enable each user to personalise their Internet page to show content that is relevant to them. or example The $ustomer(s treasurer may wish to see content ranging from cash management to research* through to securities* whereas one of The $ustomer(s payment initiators may A;D by a centrali!ed security'monitoringgroup.F Penetration testingIndependent third party penetration testing is performed on our systems on a regular basis* simulating attacks against them in a controlled environment to see how they cope.F Access controlTo control necessary access to our systems* all "#B$ technical personnel require two'factor authentication to gain access to devices within the secured perimeter and the Internet services infrastructure. &lthough we cannot detail the nature of this access methodology* twofactor authentication works on the principle that staff are required not only to know something 8e.g. password9 but also to possess something 8e.g. a #mart card9 to enable them to obtain access. Thisrepresents a significant strengthening of security over traditional singlefactor authentication.!nternet services in$rastructure:EA%qually important a goal as denying unauthorised access to our systems is ensuring that those systems are strictly controlled. 2easures to achieve this include@F Server buil"s&ll servers are loaded and configured according to standard build requirements* including standard security toolkit. &ll servers are hardened and minimised according to functional requirements* and tested for security vulnerabilities prior to deployment 8with all deficiencies resolved9. 3nce deployed* all services are tested for security vulnerabilities on a regular basis. #ecurity patches are implemented in line with a formal risk'based approach.F Access control6e use access management software to manage access to all infrastructure devices on a >A;D basis. Non privileged access is only provided to those "#B$ support personnel who require it and can provide the relevant "#B$ specified approvals. #upport personnel do not have standing privileged access. 3nce provided* privileged access is only granted for a period of time approvedby "#B$= once that time has elapsed* access is revoked.F 2ost-base" intrusion "etection @2!,S>:"#B$ has implemented an industry'standard hostbased intrusion detection system 8"I0#9. "I0# is implemented on all servers within the Internet services infrastructure and* similar to NI0#* monitors server activity to identify harmful code or unusual activity. It is monitored >A;D by a centralised securitymonitoring group.F -%ange management6e monitor and approve any changes to infrastructure using our $hange 2anagement 6orkflowapplication.F !n$rastructure security testingIn addition to testing of the secured perimeter* regular independent vulnerability testing is also performed on resident Internet services.F Aeb-applications security testingEBMulnerability testing of web'based applications is performed prior to the implementation of new code in the Internet service environment. This means that any new functionality introduced to the"#B$net #ervice will have been checked to assess its integrity before it is offered to The $ustomer.#t%er measuresF Be1 vulnerability noti$ication an" response& prominent nature of the Internet security risk is how quickly it evolves and changes. 6e aim toensure that when new vulnerabilities are discovered or new methods of attacking systems are developed we are aware of them and can take prompt action. To this end* "#B$ has implemented a centrally managed alert system that receives newly published security vulnerability notices 8for all products used9 and sends them to the responsible party based onpre'defined profiles.F 3irus protectionThe increasing proliferation of malicious code* viruses* worms and hybrids is an unfortunate fact of the Internet environment. #uch code has the potential to be highly destructive. "#B$ employsindustry'standard virus protection.F Security inci"ent response program0espite all precautions* it is a fact of Internet security that intrusions can occur. 3ur aim in dealing with intrusions is to have the ability to identify and respond rapidly in the event that an incident does arise. "#B$ has a centralised dedicated Incident 7esponse team providing >A;D coverage which manages all aspects of any incident in conCE' Entitle users to general 2SB- net services( Entitle users to speci$ic 2SB- net services) Assign signature limits $or payments& step'by'step guide to the above steps will be provided in this section. )lease note that if The $ustomer(s company has chosen to operate under dual authority* a second #& will need to authorise The $ustomer(s actions. 6hen setting up "#B$net* please keep in mind The $ustomer(s answers to the following questions@Y 6ho needs access to "#B$net and what should they be allowed to do[Y "ow should payments be authorised[Y 6hat contingency is required for user absences[Y 0o users have sufficient authority to perform their role efficiently[Before an I#& begins the "#B$net entitlement process* please ensure The $ustomer have the following@Y The $ustomer have received The $ustomer(s smart card reader* smart card and )IN.Y The $ustomer have installed The $ustomer(s smart card reader.Y The $ustomer have saved the welcome e'mail sent to The $ustomer by cibm'support\hsbc.com.Y &ll the other users 8i.e. additional #&s and end users9 have completed the registration.6)' !nitial system a"ministrator entitlementThe $ustomer as the Initial #ystems &dministrators 8I#&s9 are required to entitle The $ustomer(sselves to the relevant "#B$net services so that The $ustomer have access to the appropriate tools and services.Entitle users to general 2SB- net servicesSet-up user entitlementIt is the Initial #ystem &dministrator(s 8I#&9 responsibility to entitle other users to the reporting and transaction tools available through "#B$net The I#& will need to specify entitlements for each service available by entering the entitlement for each tool the user is to have access to. #ome services only require Wmacro( entitlement at the tool level* while others allow a greater detail of entitlement at the Wmicro( level.CC*o"i$y user entitlementThe steps for changing the user access level of an existing user are very similar to setting up theirinitial user entitlements. or #ystems &dministrators 8#&s9 operating under dual authority* pleaseask another #& to perform the following steps to complete the modification of usersaccess rights. No changes will be effective until then.Entitle users to speci$ic 2SB- net servicesFnder the *aintain Gser Access /evel screen* The $ustomer can click on the Gser Pro$ile an" Entitlement *anagement 8this tool is only available to #ystem &dministrators9 to set micro entitlement for #ystem &dministrators on defining ; changing users( access rights and other user management tools.System A"min - !nitiate Registration3nce The $ustomer select the category KSystem A"min - !nitiate RegistrationL* the defaulted rights will be as follows@System A"min - Approve Registration3nce The $ustomer select the category System A"min - Approve Registration* the defaulted rights will be as follows@System A"min - -. &ccess The $ustomer(s account from &N56"%7% with Internet )$.>. Improved security and audit Aeaknesses @A>-. $ustomers are yet prepared foraccepting such web base bankingsolution in Bangladesh.>. #ome customers still feel insecure--Ccontrols.. 2ultiple user access levels for different functions 8balance inquiry*payment preparation* payment authori!ation etc.9A. #mart$ards and #mart$ard readers for extra security for payment authori!ers.B. Tailor to the customer(s need.about it... 0elegation of functions to subordinateis sometime risky.A. Need to carry #martcard / reader.B. "igh cost in developing the product. #pportunities @#>-. Fsetheproduct asadeliverychannelfor other product.>. %asier to keep pace with theenhancement of the Internet... Fnlimited access through website.A. Fsing it as a delivery channel of otherproducts. T%reats @T>-. 2ore banks are coming up with web'based products.>. The risk of security is increasing withthe development... #ubstituteproductdevelopedbynon'financial institution.A. )rice war.Besides* the strengths* as every organi!ation* "#B$ also do have some weaknesses. Their basicweaknessinthelocal bankingmarket ofBangladeshistheirlateentryinthemarket. Theirmanagement system is also very centrali!ed for which they are not being able take big decisionsinformally. 2oreover* because of Bangladesh Bank(s strict regulations for 2ultinational Banksand the cost development convenient products and services are causing them to charge high priceof the services they provide. There are also many threats in the banking industry and mostly in this sector. 3ther Banks arecoming up with more enhanced products these days and as such price war is on in the market.->,2oreover* there is a threat of developingproducts by the )$Bs. The local banks* if they developproducts and services they will be market leaders as they have large network in the coutry* theycan grab big segment of corporate and can charge lower price. If "#B$ can fight with its threats existing in the market and can utili!e the opportunities by itsstrengths andwiththereduction ofweaknesses they can beable to have goodcorporate portfolio in the banking sector with their wide range of products andservices.8' ."exagon provides such security service to the "#B$ customer that enables them to en:%very financial institution has to maintain some kind of low value payments and collection forthe clients. "#B$ does this through a service called KBatc% Payment ServiceL in their deliverymanagement and #tandard $hartered Bank does it through their #PSPAM service. The Batch )ayment #ervice is very easy to use* convenient and time'saving. The main differencebetween3)#)&5andBatch)ayment is' inBatch)ayment* it nolonger needs todothecollection or payments instruction in the form of paper lists* floppy 0iskette or tapes* while it canbe done through effective instructions given electronically if also required and directly from theback'office* thereby* this will help to avoid the time consuming repetition and errors. 3ntheother hand* 3)#)&5alsouser friendlyandprovide widerangeof servicebut allinstructions are done through loppy 0iskette* e'mail. In this case there is a chance of damagingthe instruction that is downloaded into the loppy 0iskette or can be leaked somewhere elsefrom the diskette* which might create insecurity among the customers. 6e can also understand the difference with the help of the table below@DPART-1919 ,,A-.."#B$net brochureIssued by "#B$ in >,,B#ecurity brief "#B$netIssued by "#B$ in >,,B"#B$net Fser ?uideIssued by "#B$ in >,,B"exagon ?lobal %lectronic Banking BrochureIssued by "#B$ in >,,,6ebsite address@http@;; www.hsbc.comhttp@;; www.hsbc.com.bdhttp@;; www.standardchartered.com;bdhttp@;;www.ffiec.gov;ffiecinfobase;booklets;e_banking;ebanking_,,_intro_def.htmlhttp@;;www.ffiec.gov;ffiecinfobase;booklets;e_banking;e_banking.pdfhttp@;;www.ffiec.gov;ffiecinfobase;html_pages;gl_,-a.htmlhttp@;;www.mtk.ut.ee;doc;febawb.,.pdfhttp@;;www.valuenotes.com;asps;Industry&rticles.asp[IdZ-.>http@;;www.forumforthefuture.org.uk;uploadstore;Barclays_case_study.pdf-.A