Directive No. 02/2004/CT-NHNN of the State Bank of Vietnam requires strengthening safeguard measures for electronic banking payment activities through compliance with regulations on security safety, data control, and implementation of technical solutions. This directive applies to credit organizations, departments/offices under the State Bank of Vietnam, and provincial/city branches of the State Bank of Vietnam.
Đối tượng áp dụng
Credit organizations, departments/offices under the State Bank of Vietnam, and provincial/city branches of the State Bank of Vietnam.
Các điểm cốt lõi
- Credit organization → comply with regulations on security safety in electronic payment activities
- Credit organization → control, reconcile, and update business data according to prescribed timeframes
- Credit organization → inspect storage of programs, data, and backup solutions to ensure uninterrupted operations
- Credit organization → General Director is responsible for strictly controlling all stages of business processing, applying advanced technological solutions
- Departments/offices under the State Bank of Vietnam → review mechanisms and policies related to ensuring safety in electronic payment activities
- Department of Information Technology → establish, issue, and change periodically security codes
- Accounting and Finance Department → strengthen inspection of establishment, issuance, and periodic changes of security codes in the electronic fund transfer system
🌐 Tác động xã hội từ văn bản này
- Positive impact: Enhance security safety in electronic payment activities, reduce risks for credit organizations and customers
- Negative impact: May increase operational costs for information technology systems for credit organizations
❓ Câu hỏi thường gặp
What security regulations must credit organizations comply with in electronic payment activities?
Credit organizations must comply with regulations stipulated in Decree No. 64/2001/NĐ-CP, Decision No. 44/2002/QĐ-TTg, and other decisions of the Governor of the State Bank of Vietnam regarding security safety in electronic payment activities.
What must individuals who are issued security codes do?
Individuals who are issued security codes must keep them carefully, change them periodically, and absolutely not share one code among multiple users.
What actions must departments/offices under the State Bank of Vietnam undertake?
Departments/offices must review related mechanisms and policies, strengthen inspections of establishment, issuance, and periodic changes of security codes.
What responsibilities do credit organizations have regarding safety in payment activities?
Credit organizations are responsible for rectifying internal inspection and control work, applying advanced technological solutions to prevent risks.
What role do provincial/city branches of the State Bank of Vietnam play?
The Director of the State Bank of Vietnam branch is responsible for safety and accuracy of figures and assets at their unit, regularly organizing monitoring and inspections of credit organizations within their jurisdiction.
Toàn văn
DIRECTIVE OF THE GOVERNOR OF THE STATE BANK OF VIETNAM
On Strengthening Work to Ensure Safety in
Electronic Banking Payment Activities
In recent years, banking payment activities have been continuously consolidated and upgraded through investment in modern technical equipment and gradually improving a suitable legal framework. This has facilitated payment operations, prevented capital stagnation, accelerated the turnover of capital for businesses; met all payment capabilities for economic and social needs; contributed to stabilizing the value of currency, macroeconomic stability, creating favorable conditions for capital mobilization, effectively serving the development of the economy and society, improving people's living standards, and promoting overall economic development. At the same time, it has strengthened the State Management role of the State Bank of Vietnam (SBV) over banking activities and created a favorable environment for Vietnamese banks to gradually integrate into regional and international financial communities. However, in managing electronic banking payment activities, some credit organizations have shown signs of not fully complying with certain regulations on safety and security, such as: assigning one person to perform multiple stages of business processing that should be assigned to multiple people; using shared security codes that were issued separately for each user; authorization mechanisms in the approval stage of payment orders...
To strengthen work to ensure safety and security, prevent and limit potential risks in electronic banking payment activities, the Governor of SBV requests units under SBV and credit organizations to implement the following contents:
I. FOR CREDIT ORGANIZATIONS
1. Fully comply with all regulations on safety and security in electronic banking payment activities as stipulated in the following documents: Decree No. 64/2001/ND-CP dated September 20, 2001 of the Government on payment activities through service providers, Decision No. 44/2002/QD-TTg dated March 21, 2002 of the Prime Minister on the use of electronic documents as accounting vouchers for capital transactions of service providers, Decision No. 353/1997/QD-NHNN2 dated October 22, 1997 of the Governor of SBV on the issuance of the Regulation on Electronic Money Transfer, Decision No. 309/2002/QD-NHNN dated April 9, 2002 of the Governor of SBV on the issuance of the Regulation on Interbank Electronic Payment, and Decision No. 349/2002/QD-NHNN dated April 17, 2002 of the Governor of the State Bank of Vietnam on the Regulations for Building, Issuing, Managing, and Using Security Codes in Interbank Electronic Payment.
2. Control, reconcile, and update business data within the prescribed timeframe. Timely detect and handle errors and discrepancies to ensure accurate accounting and safety.
3. Check the implementation of regulations on storing programs, data, and backup solutions to ensure uninterrupted operation of the electronic banking payment system when incidents occur.
4. The General Directors (Directors) of credit organizations are responsible for:
- Rectifying and strengthening internal audit and control at their units to ensure strict control over every stage of business processing to avoid incidents causing asset losses. Increase the application of advanced technological solutions to prevent and limit potential risks in payment activities.
- Strictly check the implementation of procedures for issuing, managing, and using security codes (electronic signatures) for data exchange on networks and access codes for business processing programs. Individuals receiving security codes must keep them carefully, change them regularly, and absolutely not share one code among multiple users.
- Be responsible for the safety and accuracy of accounting and payment operations applying electronic documents in their systems and internal accounting data transferred to the interbank electronic payment system.
- Check and fully implement all procedures according to the law regarding the authorization mechanism in the payment order approval stage.
II. FOR DEPARTMENTS AND BUREAUS UNDER SBV
1. Within their functional and mission scope, Departments and Bureaus need to review related mechanisms, policies, and legal documents to ensure the safety of electronic banking payment work.
2. Department of Banking Information Technology:
- Need to strengthen inspection and properly implement the construction, issuance, and regular change of security codes for approval in the interbank electronic payment system.
- Study and propose advanced technical solutions to ensure safety and security during data exploitation and business processing.
3. Accounting and Finance Department:
- Strengthen inspection and properly implement the construction, issuance, and regular change of security codes in the electronic money transfer and clearing systems.
4. Banking Inspection:
- Strengthen inspection and supervision of credit organizations in compliance with safety and security mechanisms in payment activities.
- Coordinate with the Department of Banking Information Technology to build and effectively implement advanced technological solutions for remote monitoring and risk warning prevention for credit organizations.
III. FOR PROVINCE AND CITY BRANCHES OF SBV
The Directors of SBV branches in provinces and cities are responsible for the safety and accuracy of data and assets at their units and regularly organize monitoring, inspection, and urging credit organizations in their areas to strictly follow regulations on the management and use of security codes and business processing procedures, ensuring safety in payment activities at their units and throughout the area.
Heads of units under the State Bank of Vietnam, Chairmen of the Board of Management, General Directors (Directors) of credit organizations are responsible for thoroughly implementing this Directive.
Any issues arising during implementation should be reported to the Governor of the State Bank for consideration and resolution./.
Tải văn bản
Văn bản này đang được cập nhật văn bản gốc, vui lòng xem nội dung toàn văn và kiểm tra lại sau.
Bản đồ quan hệ
Bấm vào một văn bản để mở. Viền đỏ = quan hệ làm thay đổi hiệu lực.