The system of interbank electronic payments in Ukraine. How it works

The Interbank Electronic Payment System (EPA) of Ukraine is the main payment system between banks and state treasury institutions in Ukraine. It is through it that the bulk of payments between individuals and legal entities in the country occur. BOT is a closed RTGS-system in which money circulates in a closed financial space and is under the issuing control of the National Bank. So - how it works ...



')
It would seem, what does Luzhkov Yushchenko do with it? It was Yushchenko who was at the forefront of the formation of the banking system of Ukraine during his tenure as chairman of the National Bank (NBU) in 1993-1999. At that time, quite a lot of intrabank instruments were developed and introduced, systems and a wide regulatory framework was developed. Then the BOT was developed and launched.

As of January 1, 2014, 423 institutions participated in the BOT, of which:

• 180 - banks (as of January 1, 2014, there were 183 banks in Ukraine)
• 178 - branches of banks
• 28 - bodies of the State Treasury Service
• 37 - National Bank institutions

In 2013:

• 347.6 million payments were made
• worth 12.7 trillion uah (1.5 trillion dollars)

Average figures for the day in 2013

• 1.4 million payments
• in the amount of 50.5 billion UAH. (6 billion dollars)
• balance of funds on the accounts of participants of the BOT: 27.8 billion UAH. (3.5 billion dollars)

How is the bank doing the calculations

Each bank has a correspondent account, which is open at the NBU. This is a general consolidated account. Subordinate institutions (branches, offices) do not have a correspondent account. The exceptions are the so-called. "Balance" branches, which have their own MFI code and are almost a full-fledged bank in miniature. However, the majority of banks in the last 10 years have been leading the policy towards centralization and reducing the number of subordinate balance sheet institutions. The own funds of the bank are deposited to the correspondent account, which are used as operating funds for interbank payments. This way it is guaranteed that the bank can use only the funds it has for settlements.

The BOT participants work for the most part in the so-called. A “third model” of servicing a consolidated correspondent account, according to which the bank has a correspondent account and an intrabank interbranch payment system, which ensures the transfer of money between branches of the bank and interaction with EPF for interbank transfer of money by branches of the bank (there are seven models in total) .

Payments in BOT are irrevocable. Neither the initiator nor anyone else can withdraw a completed transaction. The initiator of the transaction is only the bank holding the account. The priority of transaction processing is in the order of a live queue. There are no other priorities.

On practice

When you pay money at a bank cash office for services / goods to an enterprise from another city, then - your money goes to the bank’s internal bank account. Then the accountant confirms the payment and the amount goes to the internal correspondent account of this bank. The BOT operator at the bank confirms that the payment has been sent and the payment is received by the NBU's territorial office of clearing house to which this bank is subordinate. Then, the payment goes to the National Clearing House of the National Bank of Ukraine of Kiev - after - to the NBU's territorial office in the payee’s bank region - then to the beneficiary’s bank and is finally credited to the beneficiary’s account. From the moment a payment is sent from bank A to the time it is credited to the beneficiary’s account at bank B, it takes an average of 1-4 hours (I don’t take into account the time it takes for your payment to be processed by the cashier and accountant, which can take up to a day depending on the bank) . The entire payment process is fairly automated, but there is a significant role of manual control.

The scheme is simplified if the payer and the recipient are located in the same area, or even at all within the same bank (then the BOT is not used, if these units of the bank are off-balance) .

Important note - BOT operates in real time. Thus, every day from 8:00 to 18:00 there is a processing of payments. All payments sent must be processed and delivered to the recipients. There should be no "frozen" payments. Therefore - if you are told that “ I sent a payment ”, and you never received it on that day, then the interlocutor is lying, or (very rarely) the bank is guilty and did not send its payment due to its problems. But the latter is extremely rare, since threatens with quite serious sanctions from the NBU.

There are reserve transit accounts for the display of transactions that were initiated but not completed on that day. This makes it possible to work out in exceptional cases in asynchronous mode.

If there are any technical problems in the bank (for example, the intrabank payment system fails - which is a major capital in itself) and the bank does not have time to meet the closing time of the EPS, the bank writes a request to the NBU with a request to extend the operation time of the EPS -2 hours. And then all of Ukraine is sitting and waiting for these deer until they solve their problems. If they do not keep within the allotted time - then this is a great sorrow, but this is a separate topic - I'll tell you about it next time. On weekends BOT does not work.

Equipment

The BOT was introduced quite a long time ago (since 1996) - even at the dawn of a computer boom - and its requirements for hardware are very democratic. In practice, payments are transferred in the form of files (batch mode) . The file with a special structure (the so-called "pack") contains 1-1000 payments. After receiving the file - the recipient reports on it and processes the file. Each recipient (participant of the BOT) has its own letter encoding (4 Latin alphabet characters / numbers) . Files are named and numbered in a special way. Payments are prepared in the domestic banking system (ODB - Bank Operating Day) . It is the ODB that should ensure the correct formation of settlement documents and service messages.
Thus - you can successfully be a member of the BOT, having only a 486 computer with a network on board.

Globally:

• At the highest level, the ARM-1 software and hardware complex operates in the Central Settlement Chamber of the NBU. It is designed to manage the work of the clearing house across the country. Checks the correct operation, the synchronization of the BOT, speed control, protection against unauthorized access and identify such attempts.
• At the second level - in the regional clearing houses of the NBU - the “ARM-2” complex operates. These are information exchange for banks in the region, exchange of settlement documents with “ARM-2” of other regions, synchronization of BOT for participants within the region, control over payments, protection from unauthorized access.
• At the third level - at banks - the ARM-3 complex. Information exchange and transfer of payments from ARM-2, interaction with the bank’s internal payment system.

The file exchange is carried out through a set of software and hardware called “ E-mail of the NBU ”. All banking institutions of Ukraine, as well as a number of governmental and commercial organizations, have access to it.

Security

By itself, the banking system of Ukraine is well thought out and from a technological point of view is very reliable. I will touch upon two points of security - technical and organizational.

First is the cryptographic hardware. Each participant of the BOT receives encryption equipment and cryptography keys in the NBU directorate (closed symmetric keys) . Also used hardware encryption systems in technological communication channels. I will not talk about them - I will only say that they are and they are quite serious, albeit compact. Periodically (although extremely rarely) the NBU makes changes in protection technologies.

The second aspect is the already mentioned corrected account. All customer funds "as a whole" form the bank wallet. Calculations are made from it, payments are received. An intelligent specialist in money circulation (“cashier”) of a bank does not allow for a lot of money on a corr. Account - free cash resources are sold to the NBU or other banks for a certain period to close their gaps on a corr. interbank market to close its holes. This is profitable - by buying resources at 3% at the interbank market and issuing loans at 18% you can feel good. On the contrary - when you have a lot of money on the correspondent account - it does not mean that the bank is rich - it means that the "money holder" is stupid and does not earn income on free resources. But back to safety. Practice shows that the majority of all banking crimes are committed by bank employees - and, as a rule, by very clever employees of IT departments, who in this case are boots in accounting and banking, in particular - that is why they “burn” on elementary ignorance. No, of course, there are unique people who successfully combine these areas, but we will not tell you about them.



So - the attacker, who decided that he is a connoisseur of banks, carries out a physical adjustment of the base of the intrabank payment system. Getting to the base at the NBU is short, so the maximum is inside your bank. We take the controlled enterprise and in the field "remainder" add a zero to the side. As a result, instead of 100 thousand we have 1 million left over balance. Now - satisfied - we make a payment in order to withdraw this money to the side and get ready to give money to meet the sunrise on a beautiful island. Only these Krivorukovs do not understand that because of their changes - there was no money added to the bank’s correspondent account. And their payment is frozen at the exit, or the “yellow balance” in the NBU - more money is needed than it is now available and everything has already been put on the ears and will not be removed from the ears until the cause of this event is established. In general, all that can be “nakhimich” will be revealed maximum - the next morning, because the banking day inside the bank will be closed / opened and a discrepancy will be revealed on this particular account, since you can not just change the balance. At the close of the day, balances from past days, daily turnover, total balances by groups of accounts, etc. are checked. etc. In general - you need to be a very big specialist to turn the scam of similar complexity. There are much simpler methods of fraud, not related to the technical component.

Internal kitchen

There are no limits on transaction amounts. Technologically, the amount of the transaction is limited by the balance on the correspondent account of the bank - the initiator of the transaction.

The calculations are carried out in real time and thanks to this, the BOT participants are able to quickly receive information for liquidity planning.

Overdraft on the account is not possible. And this is an additional protection against a systemic crisis in banks.

BOT is owned by the National Bank of Ukraine. For each operation in the EPC, the bank pays the NBU commission. The total amount depends on the number of transactions per month and the time when payments were made - before 16:00, from 16 to 18 (one-and-a-half tariff) and after 18:00 (double) . The cost is extremely low, because the goal of the NBU is not to get to come, but to get the economic effect from the work of the BOT throughout the country.

For each of the currencies, the BOT participant opens a separate correspondent account (and only one for such a currency) . There are practically no differences in payment technology at all, except that the correspondent accounts are opened for commercial banks only in one place - in the Center for Interstate Settlements of the NBU and thus there are no interregional calculations. Conversion is not provided. Calculations in different currencies are conducted separately.

BOT is not isolated. It has gateways and connects with the payment systems of the ex-USSR and SWIFT countries

A situation of “ red balance ” is possible, when some penalties are imposed on the bank, bypassing the standard BOT tools, and there is not enough money for a correspondent account. Then all outgoing payments will be impossible until the moment the payments are received and the negative balance is closed. This situation is more theoretical - I personally have not heard of this.

Conclusion

As a conclusion, I would like to note that incl. due to the fact that Ukraine - lives in one time zone - managed to build a very reliable and flexible banking system that opens / closes the banking day every day and reduces balance sheets, which gives high technological reliability.

A separate topic - when everything goes awry - communication channels and financial servers fail (and there are no backups as usual) , programmers consciously / unconsciously lay down banking systems and then the exciting period called “Emergency banking system functioning” begins. But that's another story.