Security Roles for Service Insurance
FintechOS security architecture is a unified security design aimed at empowering FintechOS clients to address the necessities and potential risks involved in a certain scenario or environment. The security roles are an inbuilt part of the FintechOS Platform security architecture, designed to help you mitigate cyber crime related risks and keep data secure across all your business flows. Consequently, you use security roles to protect sensitive data and configure various organization layers to allow for better communication, collaboration, or reporting.
The following roles are available for the Service Insurance solutions to restrict access to users only to the actions that they are allowed to do:
Policy Administration
The following security roles are available for Policy Administration allowing the users to only perform the actions attributed to them:
| Security Role | Description |
|---|---|
| Policy info | Users with this security role only have view rights for the Policies and Masterpolicies list and form (and the Policies + Masterpolicies menu entry), without having the possibility to edit. |
| Policy user | Users with this security role have read-only rights for Policies and Masterpolicies. They also have rights for policy versioning process, and rights to insert a cancellation request, without the possibility to approve it. |
| Policy superUser | Users with this security role have the rights to insert Policy alterations and edit them. Reinitiate and make payment returns (last buttons on the Cancellation form). The Policy superUser has the right to either make a payment return or reinitiate payment return. |
| Policy manager | Users with this security role can make cancellation approvals and returns approvals. |
The following are the defined security privileges per every role (view, insert and edit):
| Functionality | Policy info | Policy user | Policy superUser | Policy manager |
|---|---|---|---|---|
| Masterpolicies | View | View | View | View |
| Policies | View |
View Edit |
View | View |
| Installments | View | View |
View Edit |
View |
| Installment payment allocation | View | View | View | View |
| Invoices | View | View | View | View |
| Policy coverages | View | View | View | View |
| Alterations |
View Insert Edit |
View | ||
| Cancellations |
View Insert Edit |
View Edit |
View
Edit |
|
| Request approval cancellation | View | View |
View Edit (approval) |
|
| Premium Reimbursements | View |
View Edit |
View Insert |
|
| Return approvals | View | View |
View Edit |
The table below presents which menu items are accessible for every security role:
| Menu item | Policy info | Policy user | Policy superUser | Policy manager |
|---|---|---|---|---|
| Masterpolicies | x | x | x | x |
| Policies | x | x | x | x |
| Alterations | x | x | ||
| Cancellations | x | x | x | |
| Premium Reimbursements | x | x | ||
| Policy Versionning | x |
Billing & Collection
The following are the defined security roles for the Billing & Collection solution:
| Security role | Description |
|---|---|
|
Operations user |
This is the user role for performing imports in the system. For example, you use this role for uploading bank statements, notification files from online payment processors and direct debit notification or instruction files. Please see the table below for the available access privileges for this user role. |
|
Operations superUser |
This is the user role for operating with payment data. For example, you use this role for allocating or deallocating payments, initiating outgoing payment requests, or delete installments. Please see the table below for the available access privileges for this user role. |
|
Operations manager |
This is the user role for approving payment requests. Please see the table below for the available access privileges for this user role. |
The following are the defined security privileges per every role:
| Functionality | Operations User | Operations SuperUser | Operations Manager |
|---|---|---|---|
| Invoices | View | View Edit |
View |
| Installments | View | View Edit (can remove installments) |
View |
| Premiums collected - Payments | View Insert |
View Insert Edit |
View |
| Bank statements | View Insert |
View | View |
| Payments - Incoming and Outgoing | View Insert |
View Insert Edit |
View |
| Payment returns and Unallocated payments | - | View Insert Edit |
View |
| Outgoing Payment Request Approval | - | - | View Insert Edit |
| Payments Allocation | View | View Insert Edit |
View |
| Outgoing Payment Requests | View | View Insert Edit |
View |
| DIDE Mandates | View Insert Edit |
- | View |
| DIDE Notification file | View Insert |
- | View |
| DIDE Payment Instructions file | View | - | View |
| DIDE Payment Confirmations | View Edit |
- | View |
| DIDE Payment Denied | View Edit |
- | View |
For the UK flow:
|
Security role |
Description |
|---|---|
|
Operations user |
This user has the rights to see the DIDE files (External Reports) menu, lists and forms, also having the possibility to import new files: ADDACS and ARUDD files. FTOS_PYMT_ADDACSReasonType - read FTOS_PYMT_DIDE_ADDACSDetail - read FTOS_PYMT_DIDE_ADDACS - create, read, update FTOS_PYMT_ARUDD - create, read, update FTOS_PYMT_ARUDDDetail - create, read, update FTOS_PYMT_DIDEMandateInstruction - read FTOS_PYMT_DIDEMandateInstructionDetail - read FTOS_DFP_FlowSettings - read |
|
Operations manager |
View rights for all new DIDE entities: FTOS_PYMT_ADDACSReasonType - read FTOS_PYMT_DIDE_ADDACSDetail - read FTOS_PYMT_DIDE_ADDACS - read FTOS_PYMT_ARUDD - read FTOS_PYMT_ARUDDDetail - read FTOS_PYMT_DIDEMandateInstruction - read FTOS_PYMT_DIDEMandateInstructionDetail - read |
Claims Management
The security roles for Claims Management are described below:
| Security Role | Description |
|---|---|
| FNOL User | This user has the rights to insert in the FNOL list + Claim insert, at user level. |
| Claim superUser | This user has the rights to insert new Claims and process the entire flow without the possibility to validate the loss values, approve claim payments and approve declining proposals. |
| Claim manager | This user has the rights to validate loss values, rights to approve claim payments and the rights to approve declining proposals. |
The following are the defined security privileges per every role (where V=view, I=insert, E=edit):
| Functionality | FNOL user | Claim superUser | Claim manager |
|---|---|---|---|
| FNOL | View Insert Edit |
View | View |
| Claims | Insert | View Edit |
View |
| Loss value valdiation | - | View Insert |
View Edit (approval) |
| Payments | - | View Insert |
View Edit (approval) |
| Declining proposals | - | View Insert |
View Edit (approval) |
| Claim payments | - | View | View Edit (approval) |
| Reserves | - | View | View |
The table below presents which menu items are accessible for every security role.
|
Manu item |
FNOL user |
Claims superUser |
Claim manager |
|---|---|---|---|
| FNOL | x | ||
| Claims | x | x | |
| Reserves | x | x | |
| Claims payments | x | x | |
| Declining proposals | x | x |
Reinsurance Admin
The following are the defined security roles for the Reinsurance Admin solution, and their privileges:
| Security role | Description |
|---|---|
| Reinsurance info | This user has the right to see the reinsurance menu, list and form (in all statuses), without having the possibility to edit. |
| Reinsurance manager | This user has the right to see the reinsurance menu and list. This user also has the right to perform CRUD operations on a reinsurance contract. |