Centralised Funds Management System (CFMS)

typoweheeElectronics - Devices

Nov 8, 2013 (3 years and 9 months ago)

162 views

Centralised Funds Management System (CFMS)

Operating Guidelines


1. The Centralised Funds Management System (CFMS), is a system set up, operated and maintained by
the Reserve Bank of India (hereinafter referred to as the ‘Bank’) to enable operations on cu
rrent accounts
maintained at various offices of the Bank, through standard message formats in a secure manner.


2. The CFMS comprises two components


the Centralised Funds Enquiry System (CFES) and
Centralised Funds Transfer System (CFTS). These have bee
n made available through the following sub
-
systems :

-

the Apex Level Server (ALS),

-

the Local Funds Management System (LFMS),

-

the Bank Level Funds Management System (BLFMS), and,

-

the Local Banks Funds Management System (LBFMS).


3. The ALS is the s
oftware component which resides in the mainframe computer systems currently
housed in at Mumbai, while the LFMS is the software component which would be functioning from the
server systems at the Regional Offices of the Bank where the Deposit Accounts Depa
rtment (DAD) is
existent. The BLFMS is the software component provided by the Bank to the members of the CFMS and
would be used by the Treasury Department / Central Accounts Department, while the LBFMS is the
software component which would be given by the
Bank to the CFMS members for accessing the facilities
at each local DAD.


4. Time stamps, affixed by the ALS on the transactions and events, will be deemed to be the applicable
time stamp in all cases and in all matters.


Eligibility Criteria


5. Each enti
ty, which maintains a current account with the Bank and is a member of INFINET, will be
eligible for membership to the CFMS.


6. Admission to the CFMS may be granted, suspended or revoked by the Bank at its sole discretion. All
applications for the CFMS m
embership shall be addressed to the Regional Director, Reserve Bank of
India, Deposit Accounts Department, where the Current Account of the Institution is maintained with. The
respective
DAD shall duly process the application and grant access subject to:

a
. Declaration on site readiness by an officer not below the rank of a General Manager

b. Certificate of INFINET Membership

c. Maintains a current account with DAD

No reference in this regard shall be made to any Central Office Department for the purpose o
f granting
the membership.


Transaction Types

8. The following types of facilities shall be available through CFMS:

a) Enquiries relating to the operation of its current account/s maintained with any of the DADs

b) Funds Transfers between accounts of the s
ame account holder at different DADs.

CFMS Operation Sessions


9. The CFMS will normally be operational on all days on which at least two Deposit Accounts
Departments of Reserve Bank of India are working.


10. The Bank may, at its discretion, change the o
perating calendar. Any changes to the operating
calendar or any declaration of unscheduled holidays will be communicated by the RBI to the members by
means of a broadcast message or otherwise.


11. The Bank, may at is discretion, and in the interest of the

system as well as its members, effect
changes in the hours of operation of the CFMS for a particular period which may be for a part of a day or
be across days or for any period as may be decided by the Bank. Such changes will be notified by the
Bank to th
e members through a broadcast message or otherwise.


System Administration

12. Each member shall at its own cost install and maintain in good order such computer/s, servers,
telecommunication equipment and other electronic equipment as required / prescribe
d for the purpose.
The Bank may require the members to upgrade / modify / replace such computer / telecommunication
servers and other associated components in this regard from time to time. The servers shall be located
securely within each member’s premise
s in such a manner that access is restricted to the authorised
personnel. A member shall notify the address of the location of each of its nodes being part of the CFMS
and the list of such authorised personnel whenever required to be submitted by the Bank.


13. All telecommunication and maintenance and other charges including the replacement charges in
respect of the members' computer systems and other associated products, used for the purpose, shall be
borne by the respective members only.


14. Each member

must maintain Backup BLFMS / LBFMS facilities. The Backup BLFMS / LBFMS must
be able to emulate fully the primary BLMS / LBFMS with respect to the functions and capacity and must
afford the same level of message authentication security as the primary BLFM
S / LBFMS.


15. Installation and Configuration of any new versions/patches distributed by Bank shall be completed by
the member on or before the date and / or time as may be indicated by the Bank. The enhancement on
the system shall not be used till the sp
ecified date and / or time as indicated by the Bank in order to
ensure uniformity.


16. The Bank shall not be liable for any losses incurred by a user institution which may have resulted from
delays caused by system failures, change in operational paramet
ers etc.


17. Each member shall ensure compliance with the procedures laid down by the Certifying Authority (i.e.
IDRBT CA) in regard to the generation and use of the digital signatures and or encryption/decryption
methodologies and shall abide by the Certi
ficate Practice Statement.

18. Members shall comply with any guidelines relating to security, issued by the Bank, in respect of the
operations of the CFMS.


General Guidelines


19. All communication will be duly authenticated on the basis of such security
infrastructure requirements
as may be decided by the Bank from time to time and would incorporate features such as PKI, digital
signatures, etc.


20. All funds transfer messages received by the Central system for debiting of any current account should
be d
igitally signed by the authorised signatories only. If the users operating on current accounts are the
same as those who have been otherwise authorised to operate on the current accounts by the Chairman,
while opening the current account or subsequently, t
hen no separate authorization is required for CFMS.
Bank has no responsibility, in so far the authority of the individual originating the transaction, with regards
to the messages received by the central system. The account holders will ensure that the mes
sages
emanating from their LFMS are orignated only by authorized personnel.


21. Each message would be identified by a unique identifier which shall form the basis for its tracking at a
future point of time. The CFMS would provide for Confirmation numbers

which would be used for
processing of the contents. If any message is received twice, then the message with the communication
number which has been received in the first would be processed and the subsequent message would not
be processed.


22. Every mess
age, received by the CFMS from the BLFMS / LBFMS / LFMS, will be acknowledged by
the CFMS, after subjecting the message to a set of security, format and operational validations. A positive
CFMS acknowledgement will be sent updating the flag at the BLFMS /
LBFMS originating the message
indicating that the message has been accepted for further processing. A rejected CFMS
acknowledgement will be sent by way by changing the status to 'R' for messages which fail the tests. In
case the message cannot be accepted
for further processing, an appropriate reason code indicating the
reason for the failure of acceptance by the CFMS will be specified in the acknowledgement. A positive
CFMS acknowledgement does not, in any manner, indicate that the transaction has been pro
cessed. The
message will not be taken up automatically for further processing, unless the further authentications /
validations / controls are passed for the respective message.


23. A transaction may be rejected by the system for reasons such as validati
on failure on account of not
passing through the security filters or due to authentication failure,



24. A negative CFMS acknowledgement, which indicates a potential security breach, may result in the
CFMS BLFMS / LBFMS link being logically severed after
a control message is sent, indicating the reason
for the link severance. The reasons, among others, include:



Failure of signature authentication;



Receipt of a message with the same Confirmation Number;



Receipt of a message with a sequence number, which is

not the same as the next expected
sequence number; and



Receipt of a message with a sequence number, which is the same as in the case of a previously
received message, but with a different message content.

25. On the successful completion of a transaction
, the status of completion would be reported by the
CFMS to the originator of the message, through the member’s BLFMS / LBFMS.