| A detailed description of the product or service: |
| |
| Product or Service Risk Classification (For example: High, medium, low risk): |
| |
| Did The bank completed the independent evaluation required under clause (7.1) ? |
| ☐Yes | ☐No |
| Evaluation date: Day/Month/Year |
| Is the bank complied with the required maturity level in the frameworks mentioned in clause (7.1) ? |
| ☐Yes | ☐No |
| Notes: |
| Product or service objectives: |
| |
| Product or service features: |
| |
| Product or service offering journey: |
| |
| Product or service delivery channel(s): |
| ☐ Bank branches |
| ☐ E-Channels ( ☐ Phone Banking, ☐ Mobile Banking, ☐ Bank's Website) |
| ☐ Relationship Mangers |
| ☐ Other: |
| Targeted customers: |
| ☐ Existing bank customers | ☐ Non-existing bank customers |
| Targeted segment: |
| ☐ Retail | ☐ Small/Medium enterprises | ☐ Corporate | ☐ Government sector | ☐ Non-profit sector |
| ☐ Other: |
| Customer identity verification mechanism: |
| |
| Fees, commissions and any other additional amounts might be incurred by the customer: |
| |
| Product or service launching plan in the local market: |
| |
| Similar products or services offered in the local market (if any): |
| |
| The potential impact on the bank's liquidity ratios (SAMA Liquidity Ratio, CAR, LCR & NSFR) and any other regulatory indicators: |
| |
| Technological requirements, details and the integration method with third parties and other technological systems, including but not limited to Robot, Cloud, Biometrics: |
| |
| System classification by the entity, whether it is a main or secondary system: |
| |
| In case of storing data, clarify the location of the data storage, the storage method and the type of data shall be clarified in detail, with reasons and justifications: |
| |
| In case of contracting with third parties, the details of the third parties shall be provided, including the name, location, duties, responsibilities, and any relevant information. |
| |
| Third-party remote access method (if applicable): |
| |
| In case of contracting with third parties, what are the type of data will be shared, and what measures will be taken to maintain information privacy and security: |
| |
| Has the verification method been clarified for the product/service, e.g. two factor authentication (2FA) using the password and the one-time password (OTP): |
| |
| Has the product/service been added to fraud monitoring systems with the ability to directly add and modify scenarios: |
| |
| Do third parties comply with the cloud computing cybersecurity controls (in the case of using cloud computing technology): |
| |
| In case of technological integration, explain the integration method in detail: |
| |
| The internal bank function responsible for monitoring the product or service: |
| |
| The method of cancelling the product or service by the customer and cancelation fees (if applicable): |
| |
| Information/correspondences with SAMA regarding the above product or service(If any): |
| |
| Additional information: |
| |
| Product or service developer name and contact information (email, mobile phone, landline): |
| |
