DIRECTIVE

ON THE ENHANCEMENT OF PRUDENCE WORK IN THE INTER-BANK ELECTRONIC PAYMENT OPERATION

During recent years, the payment activity made through banks has been continuously reinforced, upgraded by the investment in the modern technological and technical equipment and the step-by-step perfection of appropriate legal system that makes the payment operation open and clear without funds stagnation, increases the capital turnover of enterprises; fully satisfies required liquidity for social-economic demands; contributes to the stability of currency value, stability of macro economy, creates favourable conditions for funds mobilization, efficiently serves social-economic development requirements, improves people's lives, speeds up the development of the entire economy. At the same time it has enhanced the State management role of the State Bank of Vietnam (SBV) in respect of banking activities and facilitates Banks of Vietnam to step by step integrate in international and regional financial community. The management of the electronic payment activity of several Credit Institutions, however, has shown signs of unsatisfied compliance with several provisions on prudential security such as: one person has been assigned to perform several processes of operation that should have been assigned to several persons in accordance with applicable laws; common use of secrecy code that has been separately granted to each user; authorization regime in the approval process of payment orders, etc.

With the view to enhancing the prudence, preventing and restricting potential risks in the inter-bank electronic payment activity, the Governor of the State Bank requires units of the SBV and Credit Institutions to take following actions:

I. IN RESPECT OF CREDIT INSTITUTIONS

1. To fully comply with provisions on the prudence in the inter-bank electronic payment activity stated in following legal documents: the Decree No. 64/2001/ND-CP dated 20 September, 2001 of the Governor on the payment activities through payment services suppliers, the Decision No. 44/2002/QD-TTg dated 21 March, 2002 of the Prime Minister on the use of electronic vouchers as accounting vouchers for funds accounting and payment by payment services suppliers, the Decision No. 353/1997/QD-NHNN2 dated 22 October, 1997 of the SBV's Governor on the issuance of the Regulation on electronic money transfer, the Decision No. 309/2002/QD-NHNN dated 9 April, 2002 of the SBV's Governor on the issuance of the Regulation on the inter-bank electronic payment and the Decision No. 349/2002/QD-NHNN dated 17 April, 2002 of the Governor of the State Bank providing for the setting up, issuance, management and use of secrecy codes in the inter-bank electronic payment.

2. To control, reconcile and update operational data within stipulated time. Timely discover, deal with errors, differences to ensure the accurate and safe accounting.

3. To examine the compliance with provisions on program and data preservation and backup methods to ensure the continuity of the operation of the inter-bank electronic payment system in the event of the occurrence of any breakdown.

4. General Directors (Directors) of Credit Institutions shall be responsible

- To regulate and intensify the internal examination, auditing and control at their unit, to ensure the strict control of all operational processes, avoid the occurrence of breakdown, which causes the loss of asset. To intensify the application of advanced technological, technical solutions for preventing, restricting potential risks in payment activity.

- To strictly verify the compliance with the procedure of the issuance, management and use of secrecy codes (electronic signatures) used for online data exchange, accessing codes of operational programs. Person, who is granted with a secrecy code, must keep it carefully, periodically change the key code and it is absolutely prohibited for a key code to be used by many users.

- For the safety, accuracy of accounting, payment operations for which electronic vouchers are applied within their system and of data transferred from the internal accounting to the inter-bank electronic payment system.

- To verify and fully comply with procedures in accordance with provisions of applicable laws on the authorization regime applicable to the approval process of payment orders.

II. IN RESPECT OF DEPARTMENTS OF THE SBV

1. Departments, within the scope of their function, assignment, should review policy, regimes, legal documents relating to the prudence of the inter-bank electronic payment.

2. Banking Information Technology Department shall:

- Intensify the verification and well perform the setting up, issuance and periodical change of the approved secrecy code in the inter-bank electronic payment system.

- Study and recommend solutions applying advanced technique, ensure the safety, secrecy during the process of data exploitation and banking operations settlement.

3. Finance- Accounting Department shall:

- Intensify the verification and well perform the setting up, issuance and periodical change of the secrecy code in the electronic money transfer system and inter-bank clearing system.

4. The State Bank Inspection shall:

- Intensify the supervisory activities in respect of their compliance with prudential, secrecy regime in the payment activity of credit institutions.

- Cooperate with the Banking Information Technology Department to set up and efficiently deploy solutions applying advanced technique, technology for the off-site supervision and early warning of risks to credit institutions.

III. IN RESPECT OF BRANCHES OF SBV IN PROVINCES, CITIES

General Managers of the branches of SBV in provinces, cities shall be responsible for the safety, accuracy of data and assets of their units and regularly monitor, verify, speed up local credit institutions to well perform provisions on the management, use of secrecy code and procedures for operations, ensure the safety in the payment activity at their unit and in respective locality.

Heads of units of the SBV, Chairperson of the Board of Directors, General Directors (Directors) of Credit Institutions shall be responsible for thorough deployment and good implementation of this Directive.

Any obstacle, which may arise during the implementing process, should be reported to the SBV's Governor for consideration and settlement.