Signature Engine & Administrative Rules
For SMEs and corporate customers, the application enables the possibility to define simple and complex joint signature schemas.
Signature Engine allows the definition of rules, the granularity of the setup can include:
- Specific/all accounts
- Specific/all transaction types (Foreign Currency Payments, Domestic Payments, Own Account Transfers, etc.)
- Specific/no limits per each transaction
- Specific currency for any limit set-up.
The engine allows the definition of up to 4 joint signatures, covering any complex case in the corporate area.
The rules are defined based on lists and multiple users can be added to a list. This simplifies the rule administration and also reduces the number of changes in the system (e.g., whenever a user leaves the company and needs to be replaced).
The engine can be parametrized to either allow the signatures to be done in the exact same order as the lists are defined or in any order, as long as all signatures in the rule are present.
After a payment was initiated, it must be signed. To sign a payment, there is a rule (or multiple rules in place) deciding who signs it depending on the amount of the transfer and the users. These users have three roles in relation to the transaction:
- Initiator (can view and input payments, but not authorize any payments. An initiator has access to Account balance & Details, Account statements, and initiate payments)
- Viewer (can only view account information such as Account balance & Details, Account statements, but cannot initiate payments or authorize them)
- Authorizer (can authorize payments. An authorizator has access to Account balance & Details, Account statements, Initiate payments, Own Account transfers, Domestic payments, Budget Payments, Foreign currency payments, Bulk payments, Open New Products).
Example
A company has within the financial department five employees. Those employees have various levels of authority within the department. One bookkeeper and his trainee and several other accountants. With the aid of the signature engine, a bookkeeper can initiate a transaction and one of the accountants who is responsible for the type of transaction can approve it, while the trainee can never approve a payment. A trainee can only view the account and bank statements. The bookkeeper initiates the salaries bulk payment and the accountant who is responsible for the employee budget can approve it.
There are several configurations done in the back-office to allow the user to successfully authorize a payment:
- set the amount up to which an authorizer can sign
- set the people signing the type of transaction and the amount, i.e. the transaction types granted on certain accounts
- set the list to which an authorizer belongs.
Example
| Transaction Types | Accounts | Amount (Maximum value) | Authorizer |
|---|---|---|---|
|
Bulk Payments |
BGXXX8745 |
EUR 5,000 |
One person from List 1 has to sign. |
| Foreign Currency Payments | ROXXX092323 | EUR 10,000 | Two people from List 1 have to sign. |
| Foreign Currency Payments | ROXXX093452 | EUR 100,000 | One person from List 3 and one person from List 4 have to sign. |
| Foreign Currency Payments | BGXXX6745 | EUR 9999999,999 | One person from List 1. |
This engine allows up to n authorizations on any transaction on any account, however, the solution has it set to a maximum of 4 (list 1, 2, 3, 4). When defining an administrative rule as defined below on this page, a user is placed in one of those lists.
Signature Schema
- Single signature
- Standard joint signatures
- Joint signatures and multiple limits
- Mixed signatures – Multiple S’s (Si Case)
- Mixed signatures S, A, B Case
- Mixed signatures multiple limits - Si, Aj, Bk
- Mixed Restricted joint signatures
A signature group is made of multiple levels of authorization for a payment, minimum 2 levels of authorization.
| Type | Number of signatures and people | Flow | Limits |
|---|---|---|---|
| Single Signature | One signature: one or many persons with authorization rights with equal signature rights. To authorize a payment, one signature is required. | The user initiates a payment, a person with authorization rights approves it. | Since there is one authorization needed to sign, only one limit for the amount can be set or no limits at all for those persons. |
| Standard joint Signature | Two signatures per payment are needed minimum 2 users, each with one level of authorization. | The user initiates the payment and two people approve it, two people with two different authorization levels part of the same signature group. |
|
| Joint signatures and multiple limits | Two signatures per payment are needed. Many people with authorization rights minimum 3, with two-level signatures. Each level contains one or many persons with the same signature type. | The user initiates the payment. The 1st level authorizer signs the payment within their limit. The second level authorizer signs the payment within their limit. |
|
| Mixed signatures – Multiple S’s (Si Case) | To authorize a payment, one signature is required. Each signature has a different limit. Above a specified limit, a joint signature is required. | The user initiates the payment. Any of the authorizers signs the payment within the limit. The user inputs the payment. Only the authorizer within the limit can sign the payment. The user inputs the payment. The first single signature authorizer signs the payment within their limit. The second single signature authorizer signs the payment within their limit. | One limit per signature single signature and over individual limits the combination of the combined signatures. Business-wise, limits are defined on signature combinations. Limits applied: • Payments under 200,000 S1 or S2 (single) • Payments between 200,001 and 500,000 S2 (single) • Payments over 500,001 S1 & S2 (joint) |
| Mixed signatures S, A, B Case | Single and joint signatures and multiple limits. Users with single signature right have no limit. Above a specified limit, the joint signature is required. | The user inputs the payment. Only the authorizer within the limit can sign the payment. The user inputs the payment. The first single signature authorizer signs the payment within their limit. The second single signature authorizer signs the payment within their limit. | • In case no limits are set for any of authorizer users, the combination rule will be respected, single signature will fully authorize the payment and for the joint signature the 1st level and 2nd level signatures are expected as following next. • No limit per single signature. One limit per signature group is possible. • Business-wise, limits are defined on signature combinations. Limits applied:
|
| Mixed signatures multiple limits - Si, Aj, Bk | Single and joint signatures and multiple limits. Users with single signature right have no limit. Under a specified limit, single authorization scheme. Above a specified limit, joint signature is required. | The user inputs the payment. Only the authorizer within the limit can sign the payment. The user inputs the payment. The first single signature authorizer signs the payment within their limit. The second single signature authorizer signs the payment within their limit. | Limits applied: Payments under 10,000 S1, S2, A1A2, A1B1, A1B2, A1B3, A2B1, A2B2, A2B3 Payments between 10,001 and 100,000 S1, S2, A1A2, A1B2, A1B3, A2B2, A2B3 Payments between 100,001 and 200,000 S1, S2, A1A2, A1B3, A2B3 Payments between 200,001 and 500,001 S2, A2B3 Payments over 500,001 S1S2 |
A user can be an authorizer having the rights to view an account and a rule in Administration Rules enabling them to sign.
Scenarios of authorization of payments
Authorizer has rights to view and initiate, and has a rule for authorizationIf an Authorizer has rights granted in the section tab Accounts/Transactions selection to view and initiate a certain transaction type and doesn’t have rights for authorization based on the transaction types, however in Signature Engine (Administrative Rules) they are part of a rule which enables that, the rule has priority and they are able to sign according to the rights in Signature engine.
Authorizer has rights to view and initiate, but no authorization ruleIf an Authorizer has rights granted in the section tab Accounts /Transactions selection to view and initiate a certain transaction type, but in Signature Engine (Administrative Rules) they have some rules which do not include explicitly those types of operations (view and initiate), then they cannot see the transaction and are not able to sign a payment.
Authorizer has no right to view, but has authorization ruleIf an Authorizer doesn’t have rights granted in the section tab Accounts/Transactions selection to view a certain account, but in Signature Engine (Administrative Rules) they are part of a rule which is enabled on All accounts, they cannot view the payment for authorization and are not able to authorize because they do not have rights to view on that account.