- Purpose of the system development
At present the commercial banks of Azerbaijan, which have a lot of branches, store their payment documents on paper carrier at the head office. To carry out the inter-bank accounts they send their payment documents to the National Bank of Azerbaijan (NBA) via consolidated registers. In that case the banks face the necessity of preparation of payment messages for their sending to S.W.I.F.T. terminal of the payment system.
In view of putting the system of inter-bank electronic accounts into operation at the mode of real-time existing order of accounts must undergo great changes for the following reasons:
1. There is a new system of consolidation of correspondent accounts for commercial banks in Azerbaijan.
2. The connection between commercial bank and the inter-bank electronic payment system of NBA can only be carried out via SWIFT-terminal which is in the head office of the commercial bank..
3. The branches of the bank will get payment documents on paper carrier from their clients and send them to the head office that will increase the working load SWIFT-terminals operators in the head office to a marked degree.
- System destination
The system will automate the preparation of standard S.W.I.F.T.-messages, their sending to S.W.I.F.T.-network and generation of standard reports as well as formation of random database queries according to users' criteria.
The proposed solution shall allow cutting down expenses, time and efforts for payment messages processing of bank head office branches. This solution provides payment messages preparation by electronic method in S.W.I.F.T.-compatible format and corresponding data protection (encoding, decoding) in the bank branches. The message will be delivered to the head office by means of electronic facilities of data transmission. The message received by the head office either immediately is to be transmitted to S.W.I.F.T.-network for processing or rejected and sent back to the branch for correction. It's also possible to send all these messages to the address of the branch via SWIFT after they have been received at the head office.
The system shall be able to support the information with the required level of detailing which content is defined by quantity of transactions up to 2000 per day.
The payment documents will be stored in real time at least within a month. The copy of the sent or received message will be stored in the database in addition to the information about the message. So, all the important information is being duplicated and this will decrease the possibility of the on-line data to be lost.
- System architecture
Type of the system is client/server.
The system includes the workstations of operators, verificators and authorizator that are being connected by LAN. The operators prepare the messages according to the existing paper documents. The system sees that everything should be input correctly and averts the possibility of making mistakes in SWIFT-format.
The verificators retype the information to "amount" and "date" fields according to the requirements of analogous SWIFT systems. The verificators and autorizator are not able to edit the messages. The authorizator controls the work of the operators and verificators, makes the final test of the messages' content and gives permission for sending messages. Selected messages will be zipped to one file that will be encrypted before sending. Time of creating and sending this file to the head office from each branch will be fixed by the system itself. It's being recommended to send the zip-file with messages once a day and to verify time of connect with the head office for each branch. After the preparation of these files has been finished the program will set the connection with the head office via communicational channel of FTP protocol. After the notification of the file's successful delivery to the head office has been received, the system will copy the sent messages to the separate directory and delete the encrypted duplicates in order to prevent their cracking.
- Security and integrity of the system
All the workstations are being identified by user's name that will be set by authorizator and by password. In addition to this the keys of message's encryption code for sending via FTP-channel are inaccessible for users and even for autorizator, as for as it's being generated automatically and being switched up as encrypted binary file. After the
new keys be sent to all the branches via reliable encrypted channel or by courier on a floppy disc. All the databases tables are protected against unathorised access of other database viewers. That's why only the registered users of "SWIFT PC-Link" complex can add and change data in database.
The protocols used in global and local area networks are IPX, TCP/IP.
With the purpose of minimizing user errors that would cause malfunction of service, the software shall be automated as far as possible with check of successful termination of work before implementation of the next task.
The system is secure and reliable and it provides access only for the authorized staff. The system is protected against unauthorized access and occasional improper use.
Incoming files shall be checked as follows:
· Type and format
· Authorization
· Date
· Whether it is a repeated file
Check of outgoing files.
· Delivery of all files is guaranteed
· If delivery is impossible, a signal shall be received
Repeated delivery is impossible except recovery procedures when both parties are notified about duplicated message.
All the actions of the authorizator are being logged to the following criteria: sending signal, delivering, receiving, archiving, error, start and shutdown of system. Each record in this log includes all the necessary detailed information about the processing. So, it is possible to control the work of the authorizator and see to unathorized access to the system.
Monitoring and measuring.
The following monitoring and submission of reports are available:
· Totals control of day processing
· Input of erroneous attempts of access at terminals and erroneous files
Requirements for data collection facilities.
Data collection facilities shall provide a unique technology irrespective of operating information systems and databases as well as telecommunication facilities. For that it is necessary to implement:
· Unique forms and formats for input information acceptable both for automated data formation out of the operating systems and for manual filling;
· Receipt facilities of user input data through a network, by e-mail and on computer carriers;
· Structures, algorithms and organization measures for support of unique data classifiers;
· Tools for input data control;
· Efficient procedures for transformation and pumping of input data to S.W.I.F.T.- network.
Requirements for shared users work.
The system provides for the centralized administration of all workstations and users in the network including remote ones.
|
