View Tend

REQUEST FOR PROPOSAL (RFP)
FOR
IMPLEMENTATION OF
ENTERPRISE FRAUD RISK MANAGEMENT

SOLUTION FOR CBS AND DELIVERY CHANNELS
Date of commencement of RFP 05/07/2017 at 11.00 hours

Pre bid meeting 14/07/2017 at 15.00 hours
Last date of receipt of Bidder Queries 18/07/2017 at 17.00 hours
Last date for receipt of RFPs 04/08/2017 at 16.00 hours
Opening of RFPs 04/08/2017 at 16.15 hours
Rs.10000.00 /- (Rupees Ten Thousand
Fees for RFP document (non-refundable) only)
Earnest Money Deposit (Bid Security) Rs. 50,00,000/- (Rupees Fifty Lacs only)
Activity Details
1. Release of RFP 05-07-2017 at 11.00 hours
2. Bid Price Rs. 10000/- by way of Demand Draft issued by
any scheduled Bank and in favour
of Union Bank of India, payable at Mumbai
3 Address for The General Manager, Technology
Receipt/submission Center, 5th Floor, 1/1A, Adi Shankaracharya
of Bid Marg, (JVLR) Andheri East, Mumbai, 400072
4. Bid submission
Bids as per RFP terms to be submitted in 2 different
Sealed envelope marked:
a) ―TECHNICAL BID FOR IMPLEMENTATION OF FRAUD
RISK MANAGEMENT SOLUTION FOR CBS AND
DELIVERY CHANNELS‖
b) ―INDICATVE COMMERCIAL BID FOR IMPLEMENTATION
OF FRAUD RISK MANAGEMENT SOLUTION FOR CBS
AND DELIVERY CHANNELS‖.
5. Last date & time for bid
04-08-2017 at 16.00 hours
Submission
6. Bid security Bid security in the form of:
Account payee Demand Draft (DD) for Rs.

50,00,000/- (Rupees fifty Lacs) only, as Earnest
Money Deposit (EMD), payable at Mumbai in favour of
Union Bank of India issued by a Scheduled Bank, which
would carry no interest.
OR
With an equivalent amount of Bank Guarantee (BG)
issued by a Scheduled Commercial Bank (other than
Union Bank of India) valid for 180 days from the date
of opening of the Tender as per format given in the
format section.
7. Bid opening date and place 04-08-2017 at 16:15 hours
UNION BANK OF INDIA, TECHNOLOGY CENTER, 1/1A,

Adi Shankaracharya Marg, (JVLR), MUMBAI- 400072.
8. Methodology for
Reverse Auction
commercial selection
of bidder
Page 2 of 155
Table of Contents
SECTION I: REQUIREMENT DESCRIPTION ...................................................................................................5
1. INTRODUCTION ................................................................................................ 5
2. PROJECT OBJECTIVE .......................................................................................... 5
3. REQUEST FOR PROPOSAL ...................................................................................... 6
SECTION II: ELIGIBILITY CRITERIA ..............................................................................................................9
1. SCOPE OF WORK ............................................................................................. 11
2. PROJECT IMPLEMENTATION METHODOLOGY .................................................................. 42
2.1 BUSINESS REQUIREMENT DOCUMENT ......................................................................... 42
2.2 SYSTEM SPECIFICATION REQUIREMENT STUDY ................................................................ 43
2.3 DEVELOPMENT METHODOLOGY ............................................................................... 44
2.4 ACCEPTANCE TESTING........................................................................................ 45
2.5 PERFORMANCE TESTING AND BENCHMARKING ................................................................ 46
2.6 TRAINING .................................................................................................... 46
2.7 COMPLETENESS OF PROJECT ................................................................................. 47
2.8 PROJECT TIMELINE ........................................................................................... 47
2.9 CONTINUAL IMPROVEMENT ................................................................................... 53
SECTION III: BID GUIDELINES .....................................................................................................................54

1. BID PRICE .................................................................................................... 54
2. BID SECURITY ............................................................................................... 54
3. TECHNICAL BID............................................................................................... 55
4. INDICATIVE COMMERCIAL PRICE BID ........................................................................ 56
5. PRICE COMPOSITION......................................................................................... 56
7. OFFER VALIDITY PERIOD.................................................................................... 56
8. ERASURES OR ALTERATIONS ................................................................................ 57
9. RIGHT TO ALTER QUANTITIES / REPEAT ORDERS ............................................................. 57
10. NUMBERING OF PAGES ....................................................................................... 57
11. BIDDER QUERIES.............................................................................................. 57
12. RFP OWNERSHIP ............................................................................................ 57
13. PROPOSAL OWNERSHIP ...................................................................................... 57
14. CONFIDENTIALITY & SUB-CONTRACT ....................................................................... 58
15. ORDER CANCELLATION ...................................................................................... 58
16. EXIT CLAUSE ................................................................................................. 58
17. TENDER / RFP CANCELLATION ............................................................................. 58
18. NO COMMITMENT TO ACCEPT LOWEST OR ANY TENDER .................................................. 59
19. EVALUATION PROCESS ...................................................................................... 59
20. SCORING FOR APPROACH METHODOLOGY & PRESENTATION................................................ 60
21. SITE VISIT ................................................................................................... 60
22. PAYMENT TERMS............................................................................................ 60
23. ARBITRATION ................................................................................................ 62
24. REPORTING AND COMPLIANCE ............................................................................... 62
25. LIQUIDATED DAMAGES AND SERVICE LEVEL AGREEMENT................................................... 64
26. PROJECT PERIOD ............................................................................................ 68
27. TEAMING ARRANGEMENT ................................................................................... 68
28. PATENTS RIGHTS ............................................................................................ 69
29. DISASTER RECOVERY & BUSINESS CONTINUITY PLANNING (BCP) ......................................... 69
30. TECHNOLOGICAL UP GRADATION ............................................................................ 69
31. AUDIT BY THIRD PARTY .................................................................................... 69
32. CONFIDENTIALITY ........................................................................................... 69
Page 3 of 155
SECTION IV: TERMS AND CONDITIONS......................................................................................................71
1. TERMS OF EXECUTION OF WORK .............................................................................. 71
2. PERFORMANCE BANK GUARANTEE (PBG OR BG) ............................................................. 71
3. ADDITIONAL MONITORING REQUIREMENT FOR OTHER CHANNELS............................................... 71
4. INDEMNITY ................................................................................................... 71
5. PUBLICITY .................................................................................................... 73
6. FORCE MAJEURE ............................................................................................. 73
7. LIMITATION OF LIABILITY ..................................................................................... 73
8. COMPLIANCE WITH LAWS ..................................................................................... 74
9. END OF SALE & END OF SUPPORT ............................................................................ 74
10. CORRUPT AND FRAUDULENT PRACTICE ....................................................................... 74
11. INFORMATION OWNERSHIP .................................................................................... 75
SECTION IV: EVALUATION MATRIX ...........................................................................................................76

I. EVALUATION MATRIX -- FUNCTIONAL AND TECHNICAL REQUIREMENTS ....................................... 76
SECTION V: ANNEXURE ..............................................................................................................................78

ANNEXURE – A (COVERING LETTER) .................................................................................. 78
ANNEXURE – B (TECHNICAL PROPOSAL) .............................................................................. 79
ANNEXURE – C (TECHNICAL COMPLIANCE SHEET) .................................................................... 80
ANNEXURE – D (REFERENCE SITE DETAILS) ......................................................................... 117
ANNEXURE – E (COMMERCIAL OFFER) – COMMERCIAL BID .......................................................... 118
ANNEXURE – F UNDERTAKING FOR PROVIDING PERFORMANCE BANK GUARANTEE .................................. 125
ANNEXURE – G: UNDERTAKING (TO BE SUBMITTED BY ALL BIDDER’S ON THEIR LETTER HEAD) ...................... 126
UNDERTAKING (TO BE SUBMITTED BY ALL BIDDER’S ON THEIR LETTER HEAD) ....................................... 126
ANNEXURE -H FORMAT FOR BANK GUARANTEE ................................................................... 127
ANNEXURE – I COMPLIANCE TO RFP TERMS & CONDITIONS ......................................................... 128
ANNEXURE J (REVERSE AUCTION PROCESS) ........................................................................ 130
BUSINESS RULES FOR REVERSE AUCTION .................................................................... 130
ANNEXURE –K: LETTER FORM CONSORTIUM MEMBERS ...................................................... 139
ANNEXURE – L: PRE BID QUERY FORMAT .......................................................................... 140
ANNEXURE – M: PROPOSED HARDWARE AND SOFTWARE ........................................................... 141
ANNEXURE –N: LETTER FROM OEMS ............................................................................... 142
Annexure –O (KYE Letter) ........................................................................................................................... 143
ANNEXURE –P: CONFIDENTIALITY / NON DISCLOSURE AGREEMENT ...................................... 144
ANNEXURE – Q: INTEGRITY PACT ............................................................................... 149
Page 4 of 155
Section I: Requirement Description
1. Introduction
1.1 Union Bank of India (hereinafter referred to as THE BANK), is one of the
leading Nationalized banks in India having a network of over 4200+ branches /
offices with 35,000 employees and 7500+ ATMs spread across the country,
with its business mix of over Rs.6.5 lac Crores. Presently bank has foreign
branches in Hongkong, Dubai, Belgium, Sydney and London.
1.2 Bank has implemented a centralized Core Banking Solution (Finacle from
Infosys) covering all its branches and is extending Banking services to its
customers through a number of delivery channels like ATM, debit/credit card,
Internet banking, Mobile banking, POS, E-commerce etc. The primary data
centre of the Bank is located at Mumbai and DR Site at Bangalore.
1.3 Bank has deployed robust security set-up and process for securely providing
banking services to customer through e-channels. Further to develop the real
time/near real time fraud detection and prevention capabilities, bank intends
to procure real time Enterprise Fraud Risk Management Solution for Core
Banking Solution(CBS) and all e-channels such as Internet Banking Services,
ATM, Debit card, Credit card, Mobile Banking ,e-commerce , Point of Sale
etc.
2. Project Objective
2.1 The Bank intends to implement an enterprise fraud risk management solution
with the real time/near real time detection and prevention capability with the
following objectives:
 Fraud Prevention
 Early Fraud Detection
 Anti-Fraud Strategy
 Periodic Assessment of fraud risk
 Fraud risk training and awareness
 Fraud alerts
 Internal Fraud Risk Management
 Forensic Support
2.2 The Solution should cover the risks associated with the below mentioned
indicative list of channels and products under online mode. The solution should
cover detection and prevention of frauds at different process stages of the
below mentioned products and channels for all types of transactions such as
card present, card not present, financial and non-financial transaction etc.
A. Branch Banking (Domestic)

I. Deposits (all types)
II. Loans
 Corporate Loans
 Retail Loans
 MSME Loans
 Agriculture Finance
Page 5 of 155
III. Trade Finance / Non-Fund Credits
 Guarantees
 Letter Credits
 Bill Finance (Bill discounting, Bill purchase etc.)
IV. Remittances (NEFT, RTGS, SWIFT Domestic)
V. Forex Business
B. Branch Banking (Overseas)
C. Other Banking products
I. Service Branch (Cheque Processing / ECS processing )
Operations
II. Treasury Operations
III. Cash Management System and Channel Financing
IV. Financial Inclusion Banking
D. e-Channels
I. Internet Banking
II. Mobile Banking applications such as Umobile, Digipurse, UPI,
selfie and mpassbook, Aadhaar pay
III. ATM
IV. All types of Card such as Credit card, Debit card, Prepaid cards,
wallets etc
V. POS (Point of Sale)
VI. Cash Deposit machines
VII. Payment Gateway and E-commerce transactions
VIII. FI (Financial Inclusion) Gateway
IX. IVR (Interactive voice response)
X. Any other delivery channel introduced by the Bank during the
contract period
E. Internal Frauds (employee initiated /involvement)
3. Request for Proposal

3.1. Bank invites Bids for Enterprise Fraud Risk Management solution (EFRM). The
implementation of EFRM solution is required to secure the customers,
safeguard the interest of Bank and its customers and to comply with the RBI
guidelines laid out in working group report on Information Security, Electronic
Banking, Technology Risk Management and Cyber Frauds & Security Issues and
Risk mitigation measures related to Internet Banking, CBS, Mobile Banking,
ATM, Debit Cards, Credit Card, Point of Sale, e-commerce etc. transactions.
The EFRM solution will monitor the transactions being carried out by the CBS
and channels on real time basis.
3.2. The proposed solution should be an integrated EFRM solution for all banking
channels (including CBS), other banking applications and all e-channels. The
proposed EFRM solution has to be integrated with core banking, Internet
banking, ATM switch, Debit Cards, Credit Card, POS switch, e-commerce and
other channels, if any, required in future without hampering the routine
operations of the bank. The bidder should accomplish the job in coordination
Page 6 of 155
with existing System Integrator of the CBS and Internet Banking solution and
bidders of other applications. Also, the proposed solution should support new
versions of all the applications. The major systems deployed for various
channels are as under:
i. CBS - The Bank has implemented a Centralized Core Banking Solution
(Finacle from Infosys) covering all its branches and is extending Banking
services to its customers through a number of delivery channels like
ATM, Debit Card, Internet banking, Mobile banking, POS and e-
commerce etc.
ii. ATM Switch –The ATM switch of the Bank (managing 7500+ ATMs) is
Base24 Switch (OEM-M/s ACI) located at Bank‟s Data Centre (DC) in
Mumbai. The Disaster Recovery (DR) of ATM switch is installed at
Bangalore. At present, Bank is using above mentioned ATM switch
however the proposed solution should be covering any other ATM switch
implemented by the Bank during the contract period without any
additional cost.
iii. Credit card Switch and POS - The credit card authorization Switch and
POS driving of the Bank is located at Vendor Data Centre (DC) in vendor
premises in Mumbai. Both the switches are being managed by ATOS
world line India Pvt. Ltd. (AWL). The Disaster Recovery (DR) switches
are installed at Bangalore and are being managed by ATOS world line.
iv. Internet Banking - Bank has implemented Internet banking application
(Finacle eBanking from Infosys) located at Bank‟s Data center, Mumbai.
v. Mobile Banking- The Bank has implemented mobile banking, Digipurse
and UPI application which are located at the data center of Financial
Software Systems Pvt. Ltd. (FSS).
vi. E-Commerce- All card not present transactions, online payments
through debit cards/ATM cards/Credit cards through different payment
gateways
vii. Financial Inclusion solution/gateway solution provided and managed
by M/s Coromandel Infotech however bank is in the process of migrating
FI gateway from opex model to capex model to be implemented by M/s
Integra.
3.3. The selected bidder can provide either a single solution for both CBS and
delivery channels or two different solutions, one for CBS and other for
delivery channels. However in both the cases, the selected bidder has to
provide a single interface for full view of CBS as well as all the channels. The
solution/all proposed solutions should have proven integration capabilities
with the bank‟s CBS and bidder should ensure that the EFRM solution does not
have a performance impact on the CBS solution. The solution must have cross
pollination of data between CBS and all e-channels as a built in functionality.
3.4. The bidder is expected to detail out technical architecture, infrastructure
requirement, detection techniques employed including alert mechanism and
optimal strategy for detection of fraud and prevention of scenarios applicable
to indicative products and channels along with their combinations (in case of
Page 7 of 155
syndicated fraud). The bidder is also expected to validate the solution
outlines with case studies based on their experience.
3.5. Bidder should also ensure that the product OEM is involved in the
implementation of the project till its completion. A letter from the product
OEM confirming the same has to be submitted in the bid. The bidder will be
selected after completion of the evaluation process which is given under
Evaluation Criteria section of this document. The OEMs have to give the
certificate to the Bank post implementation, confirming the implementation
of their products with best industry practices and the standards.
Page 8 of 155
Section II: Eligibility Criteria
Only those Bidders who fulfill the following criteria are eligible to respond to the RFP.
Offers received from the bidders who do not fulfill any of the following eligibility
criteria are liable to be rejected.
For Bidder
The bidder shall submit the proofs of minimum eligibility criteria as given below-
1. The bidder & EFRMS OEM should be a registered company in India and should be in
existence for minimum of Five years as on the date of RFP.
2. The bidder & EFRM OEM should have minimum annual turnover of Rs.100 Crores in
the last three financial years (i.e. 2012-13 & 2013-2014 & 2014-15). Audited
Balance Sheet and Profit & Loss accounts are to be submitted as a proof. In case
last financial year i.e. 2016-17 annual reports are not audited, bidder must submit
previous three financial years audited annual reports i.e. 2013-2014, 2014-15 and
2015-16
2.3. The bidder and EFRMS OEM should have annual turnover of Rs.100 crores or more
and makingbe in net profit during two of the last three financial years (i.e. 2014-
15, 2015-16 and 2016-17) out of which profit in last financial year is mandatory.
Audited Balance Sheet and Profit & Loss accounts are to be submitted as a proof.
In case last financial year i.e. 2016-17 annual reports are not audited, bidder must
submit previous three financial years audited annual reports i.e. 2013-2014, 2014-
15 and 2015-16.
3.4. Bidder/OEM should have experience of having implemented EFRM Solution in:
a. At least one Commercial Bank (excluding RRBs & Co-operative Bank) in India
having business mix of minimum Rs. One lac crore or a Bank in abroad with
minimum business mix of USD 15 bn as of last financial year. (Business mix
is Total assets + Total Deposits)
b. Has experience of implementing minimum 4 of the following areas:

i. Internet Banking
ii. ATM
iii. POS
iv. e-commerce
v. CBS
vi. Mobile Banking
Out of the sevenix areas mentioned above, mandatory experience is

required in any three of following four areas:
I. Internet Banking
II. ATM
III. Mobile Banking
IV. CBS
Page 9 of 155
4.5. Bidder should be Original Equipment Manufacturer (OEM). In case the bidder is an
Authorized Representative of OEM, Bidder has to submit the authorization letter as
per Annexure-N from the OEM to bid on their behalf along with technical and
commercial bid.
5.6. The companies or firms, bidding for tender, should have not been black listed by
any of Government Authority or Public Sector Undertaking (PSUs). The bidder shall
give an undertaking (on their letter head) that they have not been black listed by
any of the Govt. Authority or PSUs. In case, in the past, the name of their Company
was black listed by any of the Govt. Authority or PSUs, the name of the company or
organization must have been removed from the black list as on date of submission
of the tender, otherwise the bid will not be considered. Please refer Annexure-G
6.7. Bidder and their associate/partner/consortium members/OEMs, whose

hardware/software is proposed to be supplied to the Bank, must have presence in
India and should be able to support the project in Mumbai during contract period.
7.8. The bidder/OEM should be having a team of at least 10 skilled resources

who have experience in implementing at least one EFRM solution to be able to
deliver and support the proposed solution. Bidder has to provide self declaration
along with profile of skilled staff for the same.
Note1: In case, the bidder does not have the required experience, they can form the
consortium of not more than 3 partners (including prime bidder) for implementation. If a
consortium is proposed to bid for EFRM solution, the Bank will deal only with the prime
bidder as a single point of contact. In case of consortium, following rules will be
applicable:
- The prime bidder has to provide the proof that they are authorized to bid with
the products that they do not own/deal. Bidder must also confirm that all the
members of consortium are agreeable for terms of RFP offered by the bidder.
The bidder must also furnish letters from other members in support of the
above as per „Annexure-K‟ letter from consortium members.
- The prime bidder will be responsible for delivering all contractual services end
to end that includes all consortium members including himself and will be a
single point of contact.
- The bank expects the bidder not to sub-contract any of its services to fulfill his
contractual obligations.
Note2: The Bidder must comply with all the above mentioned criteria. Non-compliance of
any of the criteria will entail rejection of the offer summarily. The requirements
mentioned above are mandatory.
Bidder should fulfill all the Eligibility criteria. Only those who fulfill all the eligibility
criteria will qualify for further evaluation.
Documents required to be submitted along with those mentioned in eligibility criteria
above:
 Photocopies of relevant documents / certificates should be submitted as proof in

support of the claims made. The Bank reserves the right to verify / evaluate the
claims made by the Bidder independently.
Page 10 of 155
 Reference Site Customer Name and Contact information to be provided to the Bank
with whom discussion can be done.
 Audited Balance sheet for last three years.
 The list of skilled staff with their qualification and certification. (Copy of the
certificates of the staff should be submitted).
1. Scope of Work
The scope of work would include design, supply, configuration, customization,
integration, testing, user acceptance, documentation, training, warranty support and
post warranty maintenance support, it contracted for all the solution components
including software/hardware/database/licenses/tools required for the fulfillment of
the scope.
The EFRM product solution will cover enterprise wide fraud detection and prevention
covering core banking solution and different channels and banking products as
mentioned in point no. 2.2 at page 5. Bidder may be a System Integrator or Product
OEM. The proposed solution should be a single integrated EFRM solution for all banking
channels (including CBS) and all banking applications. The solution should have proven
integration capabilities with the CBS and bidder should ensure that the EFRM solution
does not have a performance impact on the CBS or any other channel. At each stage of
implementation, OEM has to submit a letter on their letter head mentioning that the
product has been implemented with industry best practices.
The bidder shall be responsible for carrying out all the required activities including day
to day operational activities to achieve the scope mentioned in RFP during the
contract period. The bidder will be responsible for involvement and commitment of
other partners for the successful execution of the project. The bidder in this regard is
required to enter into a back to back agreement (including NDA agreement) with
partners that it is conformity with deliverables and other service/uptime commitments
the bidder makes to the Bank under the contract to be entered into. Whenever
requested by the Bank, the bidder has to share the copy of such agreements.
The broad scope of work for the bidder under this RFP shall be –
1.1. The Solution should cover the risks associated with the below mentioned
indicative list of channels and applications under online mode. The solution
should cover prevention and detection of frauds at different process stages of the
below mentioned applications and channels for all types of transactions such as
card present, card not present, financial and non-financial transaction etc.
I. Online Mode: - The Fraud detection is to be done on real time basis. The
authorization/decline of the In-flight transaction should not affect
performance of the source systems. Real time monitoring and actioning on
transactions pertains following products:-
i. E-Channels
a. Internet Banking
b. Mobile Banking
c. ATM
d. All types of Card such as Credit card, Debit card, Prepaid cards,
wallets etc
Page 11 of 155
e.
POS (Point of Sale)
f.
Cash Deposit machines
g.
Payment Gateway and E-commerce Transactions
h.
FI (Financial Inclusion) Gateway
i.
Aadhar Enabled Payment systems
j.
IVR (Interactive voice response)
k.
Any other delivery channel introduced by the Bank during the
contract period
II. Near Real Time/Real Time monitoring:- The Fraud detection is to be done on
Near Real Time/ Real Time basis. The authorization/decline of the In-flight
transaction should not affect performance of the source systems. Near real
time/Real time monitoring and actioning on transactions pertains following
products. It is to be noted that proposed solution should also have capabilities
of real time detection and prevention of following frauds, however, bank may
at its discretion will deploy solution in real time/near real time monitoring
and prevention mode:-
i. Branch Banking (Domestic)

a. Deposits (all types)
b. Loans
 Corporate Loans
 Retail Loans
 MSME Loans
 Agriculture Finance
c. Trade Finance / Non-Fund Credits
 Guarantees
 Letter Credits
 Bill Finance (Bill discounting, Bill purchase etc.)
d. Remittances (NEFT, RTGS, SWIFT)
e. Forex Business
ii. Branch Banking (Overseas)
iii. Other Banking products
a. Service Branch (Cheque Processing / ECS processing ) Operations
b. Treasury Operations
c. Cash Management System and Channel Financing
d. Financial Inclusion Banking
v. Internal Frauds (employee initiated /involvement)
1.2. The Bidder is expected to integrate the solution with the existing transactional
and other systems deployed by the Bank without impacting the performance of
the source systems. The major systems deployed for various channels are as
under:-
A. Infosys Finacle Core Banking Software (Branch Banking, Service Branch
Operations etc.). The delivery channel integrator is Connect 24 of Finacle.
B. Infosys Finacle Internet Banking Solution
C. ATM Switch
D. Mobile Banking Solution
Page 12 of 155
E. Lending Automation System
F. POS Switch
G. Cash Management and Channel Financing
H. Treasury Application
I. Financial Inclusion solution / gateway solution
J. Data Warehouse
K. Integrated Risk Management Solution
1.3. Overall Solution Requirements

1.3.1 Bank intends to implement enterprise wide fraud risk management
solution covering core banking and delivery channels.
1.3.2 The proposed solution should be able to comply with various RBI and
other regulatory guidelines related to Electronic payments.
1.3.3 The proposed solution should comply with bank Information Security
Policy. Information Security Policy will be provided to finally selected
bidder.
1.3.4 The bidder should regularly track alert generated by system as well as
global feeds and accordingly advise the Bank about global security
threats and vulnerabilities. Bidder should advise the bank for upgrades
/changes in the security infrastructure of the Bank against evolving
threats and responsibilities.
1.3.5 The bidder should install, integrate and customize proposed solution
with Bank‟s existing Core banking System (Finacle), Internet banking
application (Finacle eBanking from Infosys), Mobile Banking application,
Bank‟s ATM switch, Bank's credit card processing system, Debit cards
and other transaction systems/ delivery channels etc. without
hampering the routine operations of the bank. The bidder should
accomplish the job in coordination with existing System Integrator of
the CBS and Internet Banking solution and other applications. Also, the
proposed solution should support new versions of all the applications.
1.3.6 Bidder should provide interface requirements, if any, for delivery
channels and CBS.
1.3.7 The proposed solution should be able to integrate with banks existing
authentication SMS OTP and 2FA infrastructure for stronger
authentication.
1.3.8 The proposed solution should also be able to identify and prevent
fraudulent transactions which are linked to non-monetary transaction
such as ATM pin change, address/mobile no. change request, balance
enquiry, etc.
1.3.9 The licenses for the proposed EFRM solution should be enterprise
unlimited licenses covering all the channels (present and future),
Banking products, overseas operations including subsidiaries. There
should be no restriction on the license in terms of no. of users, no. of
transactions, no. of channels, no. of Banking products, no. of branches
and asset size of bank.
Page 13 of 155
1.3.10 The proposed solution should provide the capability to detect, discover,
prevent and investigate the frauds in real time not only restricted to
only one channel but across all the channels mentioned i.e. CBS, ATM,
Internet Banking ,Mobile banking , Credit Card and POS.
1.3.11 Solution should support automated interactive outbound call based
alerts on 24X7 basis to intimate and confirm with customer in case of
high risk transaction.
1.3.12 Solution should support automated interactive SMS based alert facility
on 24X7 basis to intimate and confirm with customer in case of high risk
transaction.
1.3.13 Solution should have an interactive mobile alerting and payment
platform that provides a flexible interface between mobile channels and
transaction systems. It should be used for transaction push as well as
pull services and use SMS, Email, mobile browser, voice, or applications
as delivery platform. The system should support the receipt of a request
via any mobile channel and connects with a range of host systems to
process. The result should be communicated back to the originator as
well as trigger a message to the proposed solution. Push data feeds
should be obtained from different channels which will be processed in a
business flow and should be resulted in alert messages to the users.
1.3.14 The bidder should take care of all aspects of Installation on existing set-
up, De-Installation, Configuration, Re-configuration, enhancements,
updates, upgrades, problem analysis, on–site, as well as off-site support
to ensure smooth operations during and post implementation till end of
contract period.
1.3.15 Bidder will have to ensure the troubleshooting in all forms like
technical, administrative and customer related issues etc.
1.3.16 The bidder has to ensure that any equipment (Hardware/Software/
Database) proposed as a part of RFP response will not have reached the
End of sale/End of support/End of life during the contract period.
1.3.17 The proposed solution should support the existing customer base
/transaction base on each of the channel including CBS and must
support scalability to add additional future growth without the need to
discard the earlier set-up. The present customer base /transaction base
with the channels are as below:-
S. Channel/ Customer No. of Expected Expected Active

No e-Channel Base Transaction/Ye Growth of Growth of Customers*
ar Transaction user base
Per Year Per Year
1 CBS 8.40 Cr 1,83,64,84,464 25% 20% 2.85 Cr
2 ATM card 2.07 Cr 39,72,00,000 25% 25% 1.31 Cr
holders
3 Internet Banking 16.30 Lacs 1,80,00,000 35% 30% 6.5 Lacs
4 Mobile Banking 12.70 Lacs 4,00,00,000 150% 50% 6.8 Lacs
Page 14 of 155
5 Credit Card 1,83,000 15,00,000 30% 20% 90,000
holders
6 POS terminals 51960 6,00,00,000 50% 50% 42,000
*The active Customers are those users who have done any financial or non-financial
transaction within 6 months using any of channels as CBS (Branch Banking)/Internet
banking/ATM/Credit card/Debit card/Mobile Banking/e-commerce etc.
1.3.16. The proposed solution should be able to monitor and detect frauds in
real-time for all channels and CBS.
1.3.17. The proposed solution should have the capability for cross-channel fraud
monitoring and prevention.
1.3.18. The proposed solution should be provided with High availability within
the primary site and replication of configuration, history data, polices
etc between primary site and DR site. There should be synchronization
between DC and DR under bank‟s specified Recovery Point Objective
(RPO) of 15 Mins and Recovery Time Objective (RTO) of 30 Mins. To
meet the RTO, the bandwidth requirement has to be mentioned in the
technical bid.
1.3.19. The bank wishes to have a dedicated infrastructure for
development/testing, and Production environment. The bidder should
accordingly design the solution.
1.3.20. Overall scope must ensure full coverage of 24*7 monitoring and fraud
detection for integrated channels and products.
1.3.21. The selected bidder should provide sizing of the hardware, Operating
Systems, standard middleware if any, RDBMS licenses if any required for
the implementation of the solution for both the locations Primary Site
(DC) and DR. Bidder will provide all the required hardware and OS. The
bidder has to keep into account the year on year anticipated growth in
the customer base while giving the sizing of the hardware and
software/application. The bidder will also be responsible for any
Upgradation/maintenance/patch management for delivered hardware
during contract period.
1.3.22. The proposed solution should provide robust fraud detection and risk
scoring capabilities using following approach but not limited to as
below:
 Advanced rule/scenario based detection
 Identity Resolution
 Dynamic Behavior Profiling and anomaly detection
 Machine Learning based Predictive Scoring models (including
Neural Networks and Support Vector machine)
1.3.23. The proposed solution should provide pre-packaged scenarios or have
the flexibility to create such scenario with minimal efforts as and when
required for multiple products and channels.
1.3.24. The proposed solution should provide web based scenario authoring tool
to configure new fraud schemes as and when required.
Page 15 of 155
1.3.25. The proposed solution should allow configuring various business policies
like approve/decline/challenge/hold transaction based on the fraud risk
score.
1.3.26. The proposed solution should provide advanced case management
system with rich client software for link analysis and visualization of
complex networks that can be integrated across source systems for case
investigation.
1.3.27. Proposed case management system should support configurable work
flow based on the case type and built-in auto case routing mechanism.
1.3.28. Proposed advanced case management tool should be integrated with the
case investigation, link analysis and visualization tool for the case
investigation.
1.3.29. Proposed case management solution should support case escalation
feature based on business policies configured.
1.3.30. The proposed solution should support watch list management for various
black lists and white lists.
1.3.31. The proposed solution should support entity link analysis tool to detect
organized fraud rings and collusions.
1.3.32. The proposed entity/network link analysis tool should support both
static link analysis based on customer/account demographics and
dynamic link analysis based on transaction parameters.
1.3.33. The proposed solution should provide complete evidences for why a
transaction was declined/hold by the fraud management system.
1.3.34. The proposed solution should provide complete audit trail.
1.3.35. The proposed solution should support built-in maker checker
functionality to ensure dual commit to critical system changes.
1.3.36. The proposed solution should provide MIS dashboard and reports for
tracking fraud cases, investigators‟ performance and system
performance.
1.3.37. Bidder will have to ensure the troubleshooting in all forms like
technical, administrative and customer related issues etc.
1.3.38. Bidder should provide SLA based services and the SLA tracking system as
well as for maintaining operational workflow.
1.3.39. The OEM/bidder should have thorough understanding of technicalities of
Finacle CBS and should have an arrangement with Finacle Software
provider for information sharing on an ongoing basis. The OEM or SI has
to establish such arrangement in vogue. This is required as any release
of Finacle Patches should not isolate the EFRM solution which is
envisaged for tight integration with Finacle deployed in the Bank.
1.3.40. The bidder should provide enterprise case management for viewing of
all the channels.
1.3.41. The selected bidder should provide suitable backup solution along with
the required hardware sizing for taking backups.
1.4. Risk Based Fraud Monitoring for Internet and Mobile Banking
Page 16 of 155
1.4.1 The proposed solution should be able to integrate with Finacle
CDCI/Connect 24 channel integrator to monitor Internet and mobile
banking transactions with minimal/no support from the actual CBS
bidder. Solution should also support new versions of Finacle CDCI.
1.4.2 The proposed solution should be able to prevent existing and emerging
frauds as result of phishing attacks, malware attacks, denial-of-service
attack (DoS), Man-in-the-Middle (MITM) and Man-in-the-browser (MITB)
attacks etc.
1.4.3 The proposed solution should monitor and detect frauds for all pre-
login, login and post login related transactions.
1.4.4 The proposed solution should support advanced IP geo-location
capability to detect IP Country, IP City, Proxy IP and zone hopping.
1.4.5 The proposed solution should support site authentication capability with
personalized images and phrases.
1.4.6 The proposed solution should support wide range of 2FA techniques
including SMS/Email OTP, software tokens, hardware tokens,
transaction signing tokens, PKI certificates & Digital Signature
certificate.
1.4.7 The proposed solution should not require any download or installation
by the end user and should support all types of browser and operating
systems environments on all devices e.g. Personal Computers / Laptops
/ Smart phones/ other devices.
1.4.8 Solution should have capability to build and re-factor dynamic e-banking
user behavior profiles including but not limited to:-
i. Preferred Country
ii. Preferred City
iii. Preferred IP
iv. Preferred ISP
v. Preferred Device
vi. Preferred Payee
vii. Average Daily/Weekly/Monthly Funds Transfer amount /
frequency by payee / biller
viii. Preferred Transaction hour
1.4.9 The proposed solution should support IPV6 addressing.
1.5. Transaction Monitoring for Core banking transactions
1.5.1 The proposed solution should be able to integrate with Finacle CBS with
minimal/no support from the CBS vendor. Solution should also support
new versions of Finacle CBS.
1.5.2 The proposed solution should have the capability to detect and
block/hold suspicious fraudulent core banking transactions.
1.5.3 The proposed solution should not impact the performance of Finacle
core banking application and other applications.
1.5.4 The proposed solution should be able to monitor both financial and non-
financial transactions and detect frauds from core banking transactions.
Page 17 of 155
1.5.5 The proposed solution should support both transaction monitoring and
fraud prevention/transaction capability for core banking transactions.
1.5.6 The proposed solution should provide pre-packaged scenarios or have
the flexibility to create such scenario with minimal efforts as and when
required to detect various branch banking and employee frauds
including account take over, embezzlement, nepotism, suspicious
inquiries etc.
1.6. Real-Time Fraud Prevention for Payment Card transactions
1.6.1 The proposed solution should be able to integrate with Finacle

CDCI/Connect 24 channel integrator to monitor Debit card transactions
across ATM, POS, and E-Commerce channels with minimal/no support
from the CBS vendor. Solution should also support new versions of
Finacle CDCI.
1.6.2 The proposed solution should support payment card fraud prevention
against skimming, counterfeit cards, lost and stolen cards, Mass card
compromise, sudden surge and anomalous behavior, zone hopping.
1.6.3 The proposed solution should be able to combat both card present and
card not present frauds in real-time.
1.6.4 The solution should provide pre-packaged scenarios and scoring models
or have the flexibility to create such scenarios and models with minimal
efforts as and when required for debit cards and credit cards.
1.6.5 The proposed solution should have capability to detect common point of
compromise (CPC) for compromised ATM, POS, and Merchants.
1.6.6 The proposed solution should support customer looped fraud prevention
capabilities where customers can set their own rules regarding their
debit card usage using mobile banking or internet banking interface.
Sample customer defined rules/policies include: Block transactions from
particular country, Block transactions from particular channels for a
country, Block specific channel transaction exceeding a threshold
amount etc.
1.7. Scope of work for OEM
1.7.1 The OEM should be committed to the success of the project during
actual implementation by being involved in the implementation of the
project till its completion. The OEM should be involved in the overall
implementation, support, sustenance, etc. n each of the EFRM modules
proposed by the bidder as per the scope of work defined in RFP.
1.7.2 The following are the tentative expectations with respect to OEM
involvement during the contract period, however the bank reserves the
right to change the scope:
 Review of Business Requirements Specification (BRS) document,
taking into account all quantitative and qualitative aspects related
to configuration of the solution from an industry leading practices
perspective and in tune with regulatory guidelines.
Page 18 of 155
 Review of solution architecture to assess the extent to which same
will support business requirements and review gaps/ customizations,
if any
 Review of information requirements and supporting processes with
respect to completeness and quality
 Review of functional configuration by duly benchmarking against
defined scope and business requirements
 Review of test strategy, scenarios and test cases developed for
supporting the configuration for conducting UAT of the solution
configured
 Review of UAT environment, plans, mapping of test cases and
functional requirement specification and tracking mechanism for
resolution of issues
 Review transition plan and approach
 Bidder shall furnish teaming agreement with OEM for the above
scope of work and submit the same as part of the bid. This teaming
agreement should include but not limited to the ownership of the
activities, timelines and resources associated to the activities.
 For above scope of work, OEM shall produce following deliverables in
the course of implementation:
 BRS Review report with recommendations for resolution of gaps
across all modules of the EFRMS
 Review Report on solution architecture and information
requirements with recommendations for resolution of gaps
 Report on functional configuration check done containing the
observations on UAT test strategy, cases and scenarios, UAT
plan, etc
 The Bidder should further provide the deliverables and sign off for
each of the deliverables at various stages of migration, Upgradation,
customization and implementation.
 Further, the Bidder should arrange for sign-off by OEM for each of
the critical stages of migration, Upgradation, customization and
implementation
1.8. Software and Hardware Requirement

The bidder will be completely responsible for supply, installation, configuration,
customization and maintenance of the complete EFRM Solution for the period of
the contract. The bank at a later date will not make any additional payments for
the solution provided by the bidder. The bidder also needs to size the hardware
and include the necessary details in Annexure -M.
The recommended hardware and software should support the initial and
incremental EFRM Solution requirements for the contract period.
1.8.1 Software
The scope of work in the Request for Proposal (RFP) for the EFRM solution
would include supply, installation, implementation, maintenance and
Page 19 of 155
support for the tenure of the Contract at the DC and DRC. The solution
proposed by bidder should support high disk IOPS (Input Output Operations
per Second) to meet the banks requirement in terms of performance.
The Bidder‟s responsibility will also include designing, sizing, procuring
development, testing, implementation, training and maintenance of the
EFRM solution required as part of this RFP that includes all Software
Development Life Cycle activities (SDLC) including customization,
parameterization and implementation of application software, training, etc.
covering at minimum the below listed areas of the Bank‟s functions and
requirements.
 Detection & Rule Engine
 Case Management & Workflow
 Scoring
 Analytics
 Data Management
 BI (Business Intelligence) & Reporting
 Integration & Interface
 Integrated Fraud Management
 Forensic Support
Additionally, the Bidder will be responsible for
 The end to end Implementation of the solution (EFRMS) including
integration with various systems to meet the requirement of
Detection, Monitoring and Prevention of the Fraud
 The end to end software development life cycle of the EFRM Solution
 Customization, parameterization and implementation of application
software and solutions
 Facilities management services at the DC and DR
 Hand-over successfully either to the bank or any vendor appointed
by the bank at the end of the agreed upon contract period
 Setting up a IT Service desk
The services offered as part of the warranty and post-warranty support
must be in conformance with the specifications supplied in the Technical
Specification. During this period, the Bidder will be responsible for the
patch application / bug fixing / replacement / support of all software
supplied under this tender.
Oracle Database is preferred by Bank as Bank already has ULA (unlimited
license agreement) for Oracle database along with golden gate and it is
hereby explicitly stated that, bidder proposing Solutions/component of
solutions supporting Oracle Database should not quote for database in their
bid. Only Solutions/Component of Solutions which do not support Oracle
Database should specifically mention the database and quote in database
tab of Bill of Materials. The bank will consider quoted value for the TCO
1.8.2 Hardware
Page 20 of 155
The Bidder is required to size for adequate hardware based on the volumes
for the EFRM Solution Application & Database and other Applications. The
bidder is expected to deploy hardware for DC and DR separately as per the
timelines mentioned in Project Timeline Section. The bidder is expected to
quote the hardware in the TCO as a single entity for all hardware
components as per the format asked in the Hardware tab of BOM. The bank
will consider quoted value for the TCO.
The hardware technology proposed for the EFRM Solution should be the
enterprise class, best of the breed, latest, tested and stable release of OEM
and based on the latest platform enabling technology supporting the
complete EFRM Solution.
The production hardware must be enterprise class with adequate vertical
and horizontal scalability. If an appliance is proposed as part of the EFRM
Solution, there must be adequate CPUs, memory and storage available to
accommodate the sizing and growth aspirations of the Bank during the
contract period. During the contract period the Bank will not consider any
plea by the bidder for horizontally scaling the appliance in case the sizing is
inadequate. Hence the Bidder must propose an appliance having adequate
vertical headroom. In case any horizontal scaling of the appliance is
required then the Bank would not bear any cost and the cost will have to be
borne by the Bidder.
The Bidder is responsible to arrive at the sizing independently. The Bank is
not responsible for any assumption made by the Bidder not meet the
performance/service levels as desired in the document, the Bidder will at
their cost carry out the necessary upgrades / replacements. The Bank will
not pay any additional amount during the period of the contract.
The recommended hardware should have high reliability, fault tolerance,
redundancy and high availability having no single point of failure in the
hardware (NSPoF).
Bidder is required to provide the detailed configuration of the proposed
Hardware (Training, Test & Development, Production and DR server)
environments in Annexure- M and the proposed hardware must meet the
SLA as detailed in the Section II.
The system should be configured in high available (HA) mode in Active-
Active mode. The entire system should be configured in such a way that
there should not be any single point of failure. Bidder has to propose all the
hardware peripherals and quote for software required accordingly.
The Bidder will have to set up the DR site which must be capable of
handling 100% of the storage load of DC production. The CPU, memory and
other components can be sized at 100% of the DC. The DR will be used
during periodic DR Drills and when primary is not available.
1.8.2.1. Storage
While proposing the actual storage specifications, the sizing and parameters
should be taken into consideration and specification must be provided by
Page 21 of 155
the Bidder based on the application, architecture & the storing volume
requirement.
The proposed storage solution should be scalable to meet the sizing and the
growth requirements. However, the bidders should right size the solution to
meet the requirements provided in this RFP for the contract period of 5
years.
Bank expects the bidder to propose the storage hardware as per the
proposed solution.
The Bidder is required to provide the configuration details of the storage
system. Each node should run separate instance of operating system. Each
node should be connected to a dedicated storage (providing fixed number
of disks, cache memory and fiber channel or better ports) via high speed
fiber channel adapters.
1.8.2.2. Servers
Separate adequately sized hardware should be quoted for test &
development and training and applicable servers.
There should be three separate Training, Test and Development
environments. A development, test and Training servers must be configured
in the EFRM solution, which should be a separate server/node/resource.
The additional configuration towards this usage should be clearly indicated.
The test & Development servers should be sized to 20% capacity of the
respective production servers while the Training servers should be sized to
10% capacity of the respective production servers. The performance testing
server configuration will be mutually arrived with the Bidder based on the
volumes of transactions shared in the RFP.
UAT Environment will be used as Pre-Production environment by the bank
and it should be sized as 40% of the production server. The test &
development environment should be identical to the production
environment with respect to hardware and software (not limited to
database, appliance & data model). This is to avoid any issues during the go
live stage of each phase.
All servers are required to have a minimum of dual 1000 Mbps Ethernet
network interface cards (NIC) or a better equivalent installed on the board
itself or on different slots. Each NIC will be cabled from a different module
on the switch using gigabit speed cabling.
Application, Database and Web servers should be both vertically and/or
horizontally scalable and must be capable of incremental expansion to meet
the growth requirements of the Bank as defined above. The key server
hardware proposed must be enterprise wide class in their respective
category.
The specified servers must be current/ recent in the OEM‟s product line and
must be fully supported by the OEM for the duration of the project and for
the warranty and post warranty. The Bidder is required to provide the
configuration details of the server system. Each node should run separate
Page 22 of 155
instance of operating system. Each node should have multiple network ports
to communicate all application servers.
1.8.2.3 Additional Servers
All servers should be minimum 64 bit technology and support fiber channel
or better provide gigabit ports. The proposal must offer as many numbers of
additional servers as may be required to run one or more of the associated
software tools and products forming part of the solution.
In case one or more (or all) offered tools run on the main server system
itself, the appropriate configuration for that part of the load must be
additionally provided for in the solution clearly mentioning this distinct load
and configuration requirements.
1.8.2.4 Data Recovery Center
The solution provided by Bidder for the EFRM solution must support Disaster
Recovery plans as follows:
 Allow fail over as per the DR policy of the Bank
 Provide architecture and design for Disaster Recovery
 Bidder must detail out any licensing information related to Disaster
Recovery design
 Provide Active-Active Disaster Recovery
 Provide RTO of 30 minutes
 Provide RPO of 15 minutes
 Provision for data from DC to be automatically propagated online
through asynchronous replication to disaster recovery/failover sites.
 Size the DR at 100% capacity of the DC
1.9. Security
Bidder should review the information security risks in line with RBI guidelines, IT
Act etc. and other best security practices for the scope mentioned in the RFP and
provide its mitigates. Bidder should submit a certificate indicating that the
solution being proposed in the RFP, is complying all regulatory guidelines viz. RBI
Guidelines/IT Act etc.
1.10. Environment
I. Pre-Production
II. Production
III. Development
IV. UAT Environment configuration (will be mutually arrived with the
Bidder.)
1.11. License Requirement and Capacity Planning
I. The licenses should be enterprise licenses covering all the channels (present
and future), Banking products, overseas operations including subsidiaries.
II. Any additional channel/product introduced by the bank within the contract
period should be covered in EFRMS. The bank will not be liable to pay
additional cost for any such scenarios. The bidder is expected to integrate
such channels/products to the EFRMS at no additional cost to the Bank.
Page 23 of 155
III. The Software Licensing cost would only be applicable for production servers
both DC and DR. However, other software installations for internal purposes
such as Testing, Development and Training should be at no additional cost to
the Bank.
IV. These licenses should be made available within a month of issuance of
Purchase Order.
V. The Bidder is required to provide detailed information as how their solution
addresses capacity issues. As the data volume grows and more data is added,
ability of the solution to handle the ongoing load must be monitored.
Capacity planning means continuously determining the capability of the
hardware and software to support additional users.
VI. The Bank will not be responsible or liable for any infringements or
unauthorized use of the licensed products. In the event of any claims against
the Bank for any license related issues, the Bidder will have to act upon the
same and all liabilities and claims whatsoever will have to be settled by the
Bidder.
VII. Further if the Bidder has missed out providing any licenses to the Bank, then
the Bank will not bear any additional amount for procurement of such
licenses at a later date.
VIII. Bidder is required to consider the ATS of the Solution and related application
software for the period of contract from day one. The Bidder is required to
provide perpetual license in nature for all modules of the EFRM solution.
IX. The Bidder should consider the statistics as mentioned in RFP else where and
consider a growth of 25% year on year during contract period.
1.12. Project Deliverables

The Bidder in coordination with consulting organization must deliver, at the
minimum, documentation on the following for each solution implementation
under EFRMS:
 Business Requirements Document
 Detailed functional and technical scope document
 Functional Requirement Specification Manual
 Solution Architecture
 Proposed Project Plan
 Strategy Document for Testing, Training and Acceptance
 Software source code and customization documentation
 Integration Testing Plan
 System Performance Benchmarks
 Test Specifications
 User Acceptance Reports
 Maintenance Document
 Configuration and User Manuals
 Release Management Document
 Training Plan
 User Training Manuals
 Licenses for all the software components
 DR Document
Page 24 of 155
 Detailed Mapping Details
 Interfaces
 Case & Alert Creation
 User Defined variables
 Application Documentation: The following minimum documentation
(hardcopy and soft copy) for all the proposed software applications/
hardware components must be made available:
 General functional description
 Set up and installation guide
 User guide including:
 Screen layouts
 Report layouts
 Transaction processing rules
 Operation authorization descriptions
 Troubleshooting manual
 System administrator guide including:
 Data base administration guide
 Data backup guide
 System security and access guide
 System audit trail guide
 Glossary of terms
 Technical manuals and data dictionary.
The Bidder and the bank will jointly maintain a repository of all project artifacts
created as part of the project at the Bank‟s premises including but not limited to
project plan, architecture, design, code samples.
The Bidder will be setting up this repository for the entire duration of the
contract with the bank having read access to this repository at all times
Should there be a termination of contract this entire repository needs to be
handed over to the bank by the Bidder as part of contract termination
The security, integrity and data protection of this repository, which is established
in the Bank‟s premises, is the responsibility of the Bidder
The Bidder will be expected to deliver to the Bank for each installation site, one
(1) physical copy and one (1) electronic copy of documentation for each of the
deliverables and online context-sensitive help module included in the software to
enable the Bank‟s personnel to use and understand the operations of the
deliverables. The Bank may make additional copies of the Bank- specific
Documentation for their internal use.
Any impact on Production, Test & Development and Training environment sizing
has to be taken into account by the bidder during the contract period and the
bank will not be liable to pay for any additional cost.
However, the bidder should right size the solution to meet the requirements
provided in this RFP for the contract period of 5 years. In case the RFP
requirements are not met, then the selected bidder has to provide additional
components required to meet the RFP requirements, at no additional cost to the
bank.
Page 25 of 155
1.13. Facility Management and Service Requirement
The bidder will provide onsite operational and technical support for the solution
during the entire period of the project including warranty and post warranty
periods starting from go-live. The vendor should get the consent of the Bank for
the on-site engineers prior to their posting.
This section describes, but does not limit, the services required by the Bank. The
Bidder shall consider and envisage all services that will be required in the
maintenance of these facilities. The Bidder agrees that these services and the
management of these services will be provided for all the Head offices,
Zonal/Regional offices, etc of the Bank.
Considering the enormity of the assignment and the envisaged relationship with
the Bidder, any service, which forms a part of facility management that is not
explicitly mentioned in this RFP as excluded, would form part of this RFP. The
Bank will not accept any plea of the Bidder at a later date for omission of critical
services on the pretext that the same was not explicitly mentioned in the RFP.
1.13.1 Services to be provided
This section describes, but does not limit, the services required by the Bank
for the Solution proposed as part of this RFP at the Data Centre, Disaster
Recovery Site, Head Offices etc. The Bank intends that the contract which
is contemplated herein with the Bidder shall cover all deliverables and
services required to be procured or provided by the Bidder during such
period of contract. The Bidder needs to consider and envisage all services
that would be required in the maintenance of the facilities. FM for all
purposes means an Annual Maintenance Contract (AMC), warranties, ATS
(Annual Technical Support) for all applications and interfaces provided,
quoted and developed by the Bidder and all other costs necessary and
incidental for the maintenance and support of the infrastructure and
equipment provided by the bidder.
a) The Bidder is expected to develop a methodology for conducting the

FM for Bank based on the requirements. The personnel being
deployed by the Bidder for FM at the Bank should be having relevant
experience.
b) The Facilities Management services would at least include:
 The scope for the on-site engineers will include configuration

changes, version up-gradations, performance monitoring,
trouble shooting, patch installation, running of batch
processes, back-ups, application and data maintenance etc.
 Providing BANK with daily hardware utilization reports and
alerting BANK in case of any performance issues or hardware
upgradation requirements
Note: The threshold will be mutually defined at the time of
the requirements gathering phase. In case, if hardware
Upgradation is required, same will be done by the bidder
without any additional cost to the Bank.
Page 26 of 155
 Routing the transactions through the backup system in case
the primary system fails
 Switching to the DR site in case of system failure
 Handling of alerts and fraud cases.
 Performance Monitoring /Fine Tuning
 System/Application Administration
 Fixing any vulnerability
 Software Distribution
 Software License Management
 Software maintenance
 Updates/Upgrades/New releases/New versions
 Database Administration activities for Database
 Hardware Configuration Management
 Server Management , Planning and Operations
 Backup & Restore
c) The Bidder will be solely responsible for providing and maintaining
all services as mentioned above for all third party support
applications quoted by the Bidder as a part of their proposal.
1.13.2 Scope of Services
1.13.2.1 Software Maintenance

 Types of service include requirement analysis, assisting the Bank in
software product acquisition for testing, verification, and installation of
Bidder supported software, in accordance with bug fixes, emergency
changes and program changes initiated by the users.
 Prior to delivering any software to the Bank, the Bidder will be required
to test the software and the media on which it is to be delivered with a
current version of a leading anti-virus application in efforts to detect,
and if so detected, to eliminate, any “viruses” or “worms” designed to
damage, disrupt, disable, harm, or otherwise impede in any manner,
the orderly operation of the software.
 The Bidder shall also ensure that the software shall not contain any
computer code or any other procedures, routines or mechanisms to:
 disrupt, disable, harm or impair in any way the software (or other
applications installed on the system the software is installed or
interacts with) orderly operation based on the elapsing of a period
of time, exceeding an authorized number of copies, advancement
to a particular date or other numeral (sometimes referred to as
“time bombs”, “time locks”, or “drop dead” devices);
 cause the software to damage or corrupt any of the Banks‟ or its
clients‟ data, storage media, programs, equipment or
communications, or otherwise interfere with the Banks operations,
or
 permit the Bidder and/or its personnel and/or its licensors and/or
any other third party, to access the software (or any other software
or Banks computer systems) to cause such disruption, disablement,
Page 27 of 155
harm, impairment, damage or corruption (sometimes referred to as
“traps”, “access codes” or “trap door” devices).
Software Maintenance and Support Services during Warranty
 The Software Maintenance and Support Services contemplated herein
shall be provided for all Licensed Software implemented by the Bidder.
 The Bidder shall provide remote trouble shooting / customer support
mechanism from any single location like Head office of the Bank or
through Web based methodology.
 Extend annual maintenance and annual technical support during the
contract period after warranty for the EFRM Solution as required
including renewal of the licenses wherever applicable during the
contract period.
 The Maintenance and Support Services will cover:
 All product upgrades, modifications, enhancements that have to be
provided to the Bank at no additional cost to the bank.
 Enhancements would include changes in the software due to
Statutory and Regulatory changes and changes required due to
changes in industry and other Banking practices in India which
includes introduction of new products by the bank. It will also
include all the functionalities mentioned in Functional & Technical
Specifications.
 Modifications would include minor changes, bug fixes, error
resolutions and minor enhancements that are incidental to proper
and complete working of the application.
 Upgrades would include product releases made by the Bidder or
OEM to incorporate changes, consolidating all bug fixes,
consolidating all enhancement requests made by the Bank.
 No customization and subsequent implementation charges will be
payable by the Bank for enhancements, modifications and
upgrades.
 The Bidder agrees that any future upgrades, modifications or
enhancements shall not affect the current working of the licensed
software and all current functionality shall be migrated to the new
/ enhanced version.
 The Bidder shall implement the new/enhanced version and that the
Bank will bear no cost to migrate the existing functionality to the
new / enhanced version.
 The Bidder shall have the responsibility to ensure that the
designated OEM undertakes to perform all obligations with respect
to the project and all other software contemplated in the Solution,
upon the same terms and conditions as agreed to by the Bidder in
the event that
 OEM is unable to perform its obligations,
 OEM refuses to perform its obligations,
 Expiry of the agreement and
 Termination of agreement, with respect to the project for
any reason whatsoever.
Page 28 of 155
 The Bidder acknowledges that the rights mentioned herein
are without prejudice to the rights and the remedies
(under law or equity) that the Bank may have against the
Bidder.
 The Bidder shall apply regular patches to the licensed software
including the operating system, databases and other applications as
released by the Original Equipment Manufacturers (“OEM‟s”), for
which the Bank will bear no additional costs. The Bidder agrees that
the functioning of the EFRM SOLUTION of the Bank will not be
affected adversely as a result of any new releases, enhancements,
patches, etc.
 The Bidder agrees at all times to meet the service levels as
specified in this RFP document
 The Bidder shall maintain the entire IT infrastructure for all the
components implemented under this tender and subsequent
agreement as well.
 User support in case of technical difficulties in use of the software,
answering procedural questions, providing recovery and backup
information, and any other requirement that may be
incidental/ancillary to the above
 Prompt receipt, analysis and reporting of reported deficiencies in
the operation of the software and supply of information and advice
on such deficiencies
 Installing/commissioning the software at the designated
locations/changed designated location at no additional cost or fees
or expenses to the Bank.
 Installing/commissioning the upgrades / new versions/ new releases
of software at the designated locations/changed designated
location at no additional cost or fees or expenses to the Bank.
 The requirements that are finalized with the Bank post the gap
assessment phase and included in the business requirements
document, will need to be provided by the Bidder at no additional
cost to the Bank.
 Providing remedial support in case the software media is virus-
infected at no additional cost or fees or expenses to the Bank;
 Unscheduled, on call, corrective and remedial maintenance and
support services
 Providing “enhancements”
 Providing changes to the licensed software, which are of software
fine-tuning in nature
 Program Errors Correction
 The Bidder shall use its best efforts in remedying any program
error. All Program Errors shall be reported in accordance with the
procedure prescribed in respect thereof and shall be accompanied
by sufficient information including the input data that generated
the program error so as to enable the Bidder to reproduce and
verify the reported program error. On receipt of request together
with all such information and data the Bidder shall use all-out
efforts, consistent with the severity of the program error, to
Page 29 of 155
remedy such program error which is within the purview of the
system logic, that it has been able to reproduce and verify. Such
remedies may include providing instructions to the Bank to cure the
program error or delivering updates at no additional cost.
 The Bidder warrants that any or all program errors that are
reported will be remedied.
 In the event, the Bidder determines that the error reported/
problem notified in the support request in not a Program Error, it
shall advise the Bank whether it can correct or assist in resolving
such error/problem on a best effort basis.
1.13.2.2 Update/Upgrade/New Release/New Version

 The Bidder/OEM from time to time has to release
Updates/Upgrades/New releases/New versions and notify the Bank
about the same.
 The Bidder/OEM agrees that all such Updates/Upgrades/New
releases/New versions, as and when released during the term of
warranty or ATS shall be provided to the Bank at no additional cost or
fees or expenses including implementation cost during the contract
period. If the software update/patch/upgrade requires additional
resources to be used by the bidder at a later point, during the period of
contract, either of his own or the OEM, the cost of the same will be
borne by the bidder.
 Any costs incurred to upgrade the hardware to maintain the
performance of the EFRM solution during the period of the contract will
be borne by the bidder.
1.13.2.3 Enhancement
 All requests for Enhancements that may be required for any reason by
the Bank shall be made in accordance with the procedures to be
established by the Bank in this regard.
 Any service provided by the Bidder, which is within the purview of the
Software Maintenance and Support Services contemplated herein shall
be at no additional cost or fees or expenses to the Bank.
 The Bidder shall rectify any corruption in the application software or
media at no extra cost to the Bank.
 The Bidder shall ensure „nil‟ downtime of licensed software, prompt
execution of customization and enhancement requirements, version
control mechanism and also to develop smooth upgrades and version
changes, ongoing training, user group meetings and feedback
mechanism.
 The Bidder agrees that licensed software support will include update,
upgrade, technical guidance on usage of features and functionality,
problem solving, troubleshooting and operational errors/bug fixation,
rectification of bugs, enabling features of the licensed software already
provided exclusive of new software licenses, providing additional user
controlled reports, enabling parameterized features, future product
information, migration path details and consultancy.
Page 30 of 155
 The Bidder agrees that the support will be rendered in person in the
normal course and in emergencies, support will be extended through
telephone, fax, and email and that such instances should be an
exception
1.13.2.4 Software Support

 The Bidder shall provide complete technical support for software
problems (all licensed software provided by the Bidder as a part of this
tender or maintained by the Bidder as a part of this tender) and or
questions, defect and non-defect related to Bank office automation
products, systems and licensed applications.
 The Bidder shall provide licensed software support including but not
limited to problem tracking, problem source identification, problem
impact (severity) determination, bypass and recovery support, problem
resolution, management reporting and trend analysis and interfacing
with other suppliers (as required) on behalf of the Bank.
 Bidder shall respond to the initial service desk request from the Bank
within agreed service levels.
 Bidder shall log any reported incident, identify it as defect or non-
defect related, and tracks it till resolution. For all incidents, the Bidder
will ask the Bank to assign a severity rank and handle it according to
Service Levels given in Section related to “Service Level Agreement”.
 For a defect related problem, depending on the Software, Bidder shall
either:
 Issue defect correction information, a restriction, or a
bypass (provided the problem can be reproduced in that
Software's specified operating environment), or
 During resolution of a reported problem, Bidder shall provide the
Bank with periodic status updates and also provide the Bank with
a (monthly/weekly) report detailing the disposition of each
reported problem, and other contents as desired by the Bank
 The Bidder shall provide reasonable effort using available
resources to assist the End Users at the Bank with Non-Standard
Software support for problem determination and resolution
 In the event of any dispute and or the commencement of arbitration
proceedings the Vendor shall continue all facilities management
services.
1.13.2.5 Application Management

The Bidder should be able to provide Application Management services to
manage software applications of the Bank. Deliverables for Application
support should include:
 Performance Monitoring & Management of application.

 Installation & configuration of application
 Availability installation & configuration
 Application Patch management and version control.
 Capacity Management.
Page 31 of 155
 Deployment of objects in Application server.
 Up gradation & migration
 Trouble shooting Application server product related issues
 Troubleshooting Patch Management.
 Start, stop, and manage Application Server services.
 Configure and manage Application Web server.
 Configure and manage HTTP/HTTPS
 Configure & use monitoring tools provided for Application Server.
 Un-installation
 Performance management.
 Vendor management ( Logging a call with product Vendor)
 Version migration, testing and implementation
 File Level Backup for Application Server
 Backup & restoration management of application server.
 Portal/content management.
 User management
 Support to known errors and problems
 Monitor web / Application server availability
 Monitor alert notifications, checking for impending problems, triggering
appropriate actions.
Bidder is expected to provide relevant reports for the previous month in the
1st week of every month and same needs to be jointly reviewed by Bidder
and Bank in next 3 working days. The reports should be benchmarked
against the Service Levels defined in Service Level Agreement, and penalty
should be calculated based on the level of deviation from Service levels
defined. The Bidder is required to submit the list of reports to track
performance on service levels for all managed services under scope of this
tender.
1.13.2.6 Patch Management

Patch Management services will include but not limited to the following:
 Rollout planning.
 Obtain Sign-off for Patch release implementation.
 Communication, preparation and training to the team for Patch
implementation.
 Storage of controlled software in both centralized and distributed
systems.
 Patch Release, distribution and installation
 Compliance & Adherence to Information Security Policy of the Bank.
 Log history of patches applied is required to be maintained.
 Firmware updates
1.13.2.7 Backup/Restore
 The bidder has to provide backup solution including hardware/software/
license etc to take Backup of proposed application.
Page 32 of 155
 The bidder will ensure that periodic backup as per bank‟s policy should
be taken on tape for application logs, configuration, etc.
 Bidder also has to provide services for system administration services.
Examples of these services are:
 Client account maintenance - Creating users, groups, creating
user accounts, deleting user accounts, modifying user accounts,
etc. on the system;
 File/system/application access management - Maintaining file
and directory permissions on OS and application access
management like creating user accounts at application level,
assigning application access, setting application passwords, user
lockout, etc.;
 Performance optimization and reporting - Process and Memory
Management, monitoring CPU performance, monitoring Memory
performance, monitoring Input/output performance, monitoring
Ethernet traffic, etc.;
 Error detection and correction;
 Troubleshooting and client support
1.13.2.8 Hardware Configuration Management:

The Bidder shall provide services, which include requirement analysis,
assisting the Bank in hardware and system software platform acquisition,
testing, verification, and installation. The SI accepts that these services
allow access to business critical software. The Bidder agrees that services
provided include implementation and maintenance of the server, desktop
and peripherals as well as installation of the licensed software. The Bidder
shall provide for maintenance of Hardware, including preventive Hardware
support, as well as repair and / or replacement activity after a problem has
occurred, Warranty service management, including coordination and Vendor
management.
The Bidder shall provide a single-point-of-contact to End Users for the

resolution of Hardware related problem or to request an equipment upgrade
of consultation. If the Hardware supplied by the SI is to be replaced
permanently the Bidder shall replace the equipment of same
Make/Model/configuration or of higher configuration. However, the Bank
may accept different make/model/configuration at its discretion if the
original make/model/configurations are not available in the market due to
obsolescence or technological up-gradation, stoppage of the production of
the same make/model/ configuration by the manufacturer or cessation /
winding up of the Company.
Bidder shall provide Hardware maintenance services including preventive

maintenance (e.g., running standard diagnostics, machine cleaning,
checking cables and ports), corrective maintenance to remedy a problem,
and scheduled maintenance required to maintain the Hardware in
accordance with manufacturers' specifications and warranties
1.13.3 Warranty
Page 33 of 155
 All the hardware, software products supplied should carry a minimum
warranty of 1 years.
 The products & services offered must include comprehensive on-site
warranty as provided by the OEM Vendor from the date of installation and
acceptance of the solution by the Bank including all software, hardware,
parts, media, patches, updates and licenses. The Warranty will commence
from the date of acceptance and use of hardware.
 Bidder shall be fully responsible for the manufacturer's warranty in respect
of proper design, quality and workmanship of all hardware, equipment,
accessories etc. covered by the tender. Bidder must warrant all hardware,
equipment, accessories, spare parts etc. against any manufacturing defects
during the warranty period.
 During the warranty period Bidder shall maintain the systems and repair /
replace at the installed site, at no charge to the Bank, all defective
components that are brought to the Vendor's notice.
 Warranty should not become void, if Bank buys, any other supplemental
hardware from a third party and installs it within these machines under
intimation to the Bidder. However, the warranty will not apply to such
supplemental hardware items installed.
 In the event of system breakdown or failures at any stage, protection
available shall be specified which would include the following:
 Diagnostic for identification
 Protection of data entered
 Recovery / restart facilities o Backup facilities
 The Bidder shall carry out Preventive Maintenance (PM), including
cleaning of interior and exterior, of all hardware and testing for virus, if
any, once in a calendar quarter and should maintain proper records at
each site for such PM. Failure to carry out such PM will be a breach of
warranty and the warranty period will be extended by the period of
delay in PM.
 For implementing different versions of Application Software, if
adjustments / change in the configuration are to be made in base
memory the same should be carried out by the Vendor as a part of
warranty.
 If the Operating System or additional copies of Operating System are
required to be installed / reinstalled / de-installed, the same should be
done at no additional cost during the period of contract. The Bidder
shall provide or develop with the assistance of Bank
 Technical Standards;
 Security Requirements;
 Operating Procedures;
 Recovery Procedures;
 Perform an inventory of warranties and licenses in place as of the
Start Date.
 The Bidder shall ensure that the warranty complies with the agreed
Technical Standards, Security Requirements, Operating Procedures, and
Recovery Procedures
 The Bidder shall develop and maintain an inventory database to include
the registered hardware warranties and software licenses existing as of
Page 34 of 155
the Start Date, and the warranties and licenses for hardware and
software:
 Procured through the Bidder, or
 Procured by the Bank with notification to the Bidder for inclusion
in such data base
 The Bidder shall perform warranty and license registration, if any, with
the appropriate manufacturer, for hardware and software:
 Procured through the Bidder, or
 Procured by the Bank with notification to the Bidder for inclusion
in such data base
 Bidder shall monitor warranties to check adherence to preventive and
repair maintenance terms and conditions
 Bidder shall provide the Bank with access to Asset control information
 Bidder shall provide to the Bank, as reasonably requested, reports that
aid the Bank in performing asset management and financial
management functions of the Bank as these relate to hardware leases
and warranties and software licenses
 Bidder shall maintain data regarding entitlement for software upgrades,
enhancements, refreshes, replacements and maintenance; and
 Bidder shall provide technical information as reasonably requested by
the Bank for preparation and implementation of budgets and cost
benefit analysis.
 As far as possible, the equipment should be repaired at site. Where the
equipment is taken for repairs outside the Bank, a substitute should be
provided and data, if any, should be transferred to the substitute
machine besides creating back-up in one of the system‟s at the Bank‟s
office and the data in the machine should be got deleted and hard disk
should be degaussed.
 Bidders are bound by the following understanding of the Bank with
regards to Warranties, AMC and/or ATS pertaining to Software and
Hardware:
 Hardware Warranty
- Warranty of hardware at DC will start post installation,
commissioning and after acceptance by the bank within a
period not exceeding 30 days from the date of commissioning.
- Warranty of hardware at DRC will start post installation,
commissioning and after acceptance by the bank within a
period not exceeding 30 days from the date of commissioning.
The period of warranty for hardware is one years for both DC
and DRC
- Consequently the AMC for Hardware has to be quoted after the
expiry of warranty period
 Warranties pertaining to software/Applications
- Warranty for the Software/Applications should start post go
live of phase 3 of the EFRMS as per the implementation plan
- The period of warranty for software is one year
- Consequently the ATS for Software has to be quoted after the
expiry of warranty period
Page 35 of 155
The bidder is expected to maintain all the hardware and software which
will be deployed for EFRMS and will be held responsible for all the support
and implementation issues during the implementation period from the date
of sing-off to the satisfaction of the Bank Warranty
1.13.4 Annual Maintenance Cost (AMC) & Annual Technical Support (ATS)
The Bidder should provide Four years AMC & ATS support after the expiry of
warranty period of the solution and its components supplied as part of this
RFP. ATS for software, application, license or any other component should
be in range of 15%-20%. In similar manner AMC for hardware components
should be in range of 8%-12%.
The AMC shall cover the following:
 On-site, comprehensive, back-to-back from OEM for all hardware
and software products as a part of RFP for a period of 4 years from
the date of expiry of warranty.
 Software updates and upgrades at no additional cost to the Bank
 L2 and above support from OEM
 Replacement of failed hardware within 24hrs from the time call is
lodged. The penalties for any non-compliances defined under
Section SLA
 Comprehensive on-site support from bidder for day to day
operational issues as and when arises.
1.13.5 Mean Time Between Failure (MTBF)
 If during warranty period, any equipment has a hardware failure on four or

more occasions in a period of less than three months or six times in a period
of less than twelve months, it shall be replaced by equivalent or higher-
level new equipment by the Bidder at no cost to the Bank. However, if the
new equipment supplied is priced lower than the price at which the original
item was supplied, the differential cost should be refunded to the Bank.
 For any delay in making available the replacement and repaired
equipment‟s for inspection, delivery of equipment‟s or for commissioning of
the systems or for acceptance tests / checks on per site basis, Bank
reserves the right to charge a penalty and the Bidder agrees that the rate of
penalty would be as per section related to Service Level Agreement of this
document.
1.13.6 Obligation of Bidder

In the course of rendering the aforesaid Software Maintenance & Support services,
Bidder shall be responsible for the following:
 The Bidder shall render both on-site and off-site maintenance and support
services to the Bank. The Bidder shall provide troubleshooting / customer
support mechanism. The Software Maintenance and Support Services shall
be provided by the Bidder from the Bank‟s premises.
Page 36 of 155
 Bidder shall assign personnel of appropriate qualifications and experience to
perform the services in order to fulfill its obligations.
 Bidder shall designate one of its personnel as the Project Manager, to
interact with the Designated Customer Support Contact from the Bank for
the purposes of getting approvals, progress report, discussing and resolving
issues, arranging meetings, etc.
 Bidder shall exercise requisite control and supervision over its personnel in
the course of rendering the services and make best efforts to ensure that
the services are rendered in a continuous and uninterrupted manner.
 Though Bidder has the right to withdraw its personnel, Bidder will replace
the persons with other personnel having appropriate experience and skills
at no extra cost to the Bank.
 In the event that any person engaged/deputed/deployed for rendering
services, is, either-
 No longer available by reason of resignation or termination or the
like; or,
 Unable to render satisfactory services; or,
 Not acceptable to the Bank by reason of any misconduct or non-
performance on the part of such person, then Bidder will use all
reasonable endeavors to replace such individual(s) promptly by other
sufficiently skilled, qualified, and experienced person(s) at no extra
cost to the Bank. Bidder will in the discharge of its obligations use
all reasonable endeavors to minimize changes in personnel.
 Bidder will respect the confidentiality of all information given to it by the
Bank and will not divulge such information to any third party or other units
without the consent of the Bank.
 Bidder shall impart to the authorized employees of the Bank, additional
technical and/or user training in respect of any corrected licensed software
provided, if required by the Bank.
 The Bidder shall promptly install/implement the corrected licensed
software and/or maintenance releases provided at the Designated
Location(s) of the Bank at no additional cost or fees or expenses.
 The Bidder shall undertake regular preventive maintenance of the licensed
software.
 All bug fixations / modifications / enhancements relating to the licensed
software shall be done by the Bidder in a time bound manner as per the
SLA. The Bidder shall adopt a common, smooth, timely and effective and
satisfactory bug/enhancement handling mechanism. The Bidder agrees that
the errors resulting from the licensed software shall not be attributed to
alleged misuse, improper use, alteration or damage by users. The Bidder
shall compensate the Bank such financial loss suffered by the Bank if the
Bidder fails to fix bugs, provide the modifications / enhancements /
customization as required by the Bank as per the terms and conditions of
this tender and to meet the services level agreements as will be entered
into by the Bidder with the Bank.
1.13.7 IT Service Desk
Page 37 of 155
The bidder must note that the helpdesk services and managed services as a part of
facilities management should be available for all environments viz., production,
development and test, training. The bidders are required to account for onsite L1
Help Desk Agents and onsite L2 Help Desk Agents, starting from the acceptance of
first delivery of phase 1 of the project as per the implementation timeline, by the
bank.
Also, the Help Desk resources should be part of only the Help Desk team and not
shared resources between the Help Desk and Development teams. However, the
bidders should right size the number of Help Desk Agent licenses to meet the
requirements provided in this RFP. In case the RFP requirements are not met, then
the selected bidder has to provide additional Help Desk Agent licenses at no
additional cost to the bank.
It is hereby explicitly stated that Helpdesk & system Support services from the
Bidder will be mandatory for one year after go live of the phase 3. After one year,
the bank at its discretion will decide whether to continue helpdesk and system
support services. If the bank decides to continue for helpdesk & system support
services, same rate as quoted in the Bill of Materials will be considered.
The following table should serve as guidance as to the minimum expectation from
the Bank. If the Bidder has an opinion that is contrary, it should be explained.
Number of Resources for Number of Resources for Number of Resources for

First Shift ( 08.00 am to 04.00 Second Shift ( 04.00 pm to third Shift ( 12.00 am to
pm) 12.00 pm) 08.00 am)
L1 3 3 1
L2 2 1 -
L3 1 ( from 10:00AM to 06:00 PM)
The role based responsibilities of the IT Service Desk should include at a minimum:
Level One (L1) Support: L1 would typically address queries and all end user issues
pertaining to:
Business application related issues/queries, Enterprise applications (In-Scope),
Operating System (Windows, Linux & Unix), Printing, Generic IT Queries
Queries related to business process, reports generation, presentation layer
applications, etc
Other environmental software related to the EFRM Solution
The Bank reserves the right to increase or decrease the number of seats at L1
helpdesk depending on its requirements. The Bank also reserves the right to change
the locations of helpdesks at its discretion. The Bidder should also note that the
setup at the L1 helpdesk must provide for 1 supervisor and/or 1 support personnel
from the Bank. The Bank expects the Bidder to provide for L1 support for all
activities and services that are part of scope.
Page 38 of 155
The key activities that the bidder is expected to perform as part of Level 1
Helpdesk Support is:
 User Management
 Creation or modification of user profiles
 Assessment in case of specific rights assignment
 Provision for assigning user rights only for certain fixed period
 Periodic user right monitoring (at known frequency) must be specified and
implemented
 Categorization of requests into functional clarification, bug or change
request.
 Functional clarification / work around to be provided by Level 1 support
itself.
 Bug change requests to be logged and reported for further processing
 Provide telephonic and / or electronic mechanisms for problem reporting
requests as well as for service and status updates.
Level Two (L2) Support: The Bank expects the Bidder to provide L2 support for all
activities and services that are part of the scope.
The L2 support provided by the Bidder should be comprehensive and cover entire
management and support of all the solutions provided by the Bidder (EFRM Solution
and all third party solutions). The services specified herein are not exhaustive and
only indicative.
 Provide continuous onsite support for the all applications being
implemented and being procured through the bidder
 Troubleshoot online processing or batch processing activity at various levels
in the EFRM Solution
 Troubleshoot any query processing activity at various levels in the EFRM
Solution
 Resolve the call within stipulated timeframe as defined in Service Level
Agreement
 Coordinate with the L3 teams for resolution and provide necessary
information as may be required by the team to resolve the issues
 Escalate the unresolved calls as per escalation matrix
 Automatically log in calls during escalation
 Provide the timeframe for providing a solution of resolution of the
escalated calls
 Prepare a root cause analysis document with the resolutions provided for
major issues such as:
 Production issues
 Problems which have resulted in complete service disruptions or
downtime
 Delayed response times
 Data / table corruptions
 System Performance issues (high utilization levels)
 Liaise with the L1 support personnel for the call information and resolution.
Page 39 of 155
 All other activities as would be required by the Bidder to manage and
maintain the solutions.
 Perform the application audit on a quarterly basis or as mutually agreed
with the bank.
 Rectify any corruption in the software.
 Ensure patch releases are ported to the production environment with no
business disruption or business losses.
 Support quarterly BCP/DR drills.
 Provide application support from the Bank‟s data centre as mentioned
above for the Data centre and disaster recovery site.
 Routing the transactions through the backup system in case the primary
system fails
 Providing BANK with daily hardware utilization reports and alerting BANK in
case of any performance issues or hardware upgradation requirements
 Support for integrating any applications that need to be interfaced with the
EFRM solution in the future.
 Level 2 service desk agents would need to be deployed by the bidder at
DC/DR premise from where the Level 2 support is planned to be provided.
The bidder is expected to act upon the tickets routed from Level 1. The
bidder has to ensure that proficient and professional personnel are put to
handle the L2 support and resolutions are provided on a proactive basis
 The L2 helpdesk resources proposed should have adequate and relevant
experience in the areas mentioned. The Bank has a right to review and
reject resources whose competency levels are below expectations.
Support and maintain all interfaces to the EFRMS and other solutions part of this
scope document modifications to existing scripts, reports presentation to Bank
management on the critical issues reported, resolved, solution provided and the
suggested recommendations or leading practices as and when asked by the Bank or
on a monthly basis whichever is earlier.
Perform performance tuning of the applications mentioned in the Scope of Work of
this document including Solution tuning. The Bank‟s appointed consultant will
provide advice and points to be considered to the Bidder for performing any
hardware/OS tuning required as part of the performance tuning.
Level Three (L3) Support
Level 3: Critical code level changes or hardware failure related issues. This support
is required for all components that are expected to be provided by the Bidder as
part of this RFP.
The Bidder has to provide the resolution / service as per the defined service levels
in this RFP. The Bidder has to make sure that the methodology proposed for
addressing and resolving problems is aligned to the required and defined service
levels.
The Bidder should staff the service desk with persons who are conversant with the
solutions deployed and are capable of resolving routine problems and queries
through the service desk application or over the phone. The staffing needs of the
service desk will be decided by bank based on calls/ticket volumes and patterns.
Page 40 of 155
Brief description of the envisaged activities to be performed by Bidder at L3 is
enumerated as under. The services specified herein are not exhaustive and are
only indicative
 Resolve the call within the stipulated timeframe as defined under the
service level agreements
 Communicate the status of the call to the Bank and accordingly
update the status, resolution or workaround and date of resolution
 Prepare a root cause analysis document for issues referred to L3 support
and provide to the Bank along with the resolution
 Liaise with the L2 support personnel for the call information and resolution.
 Provide version upgrades.
 All other activities as would be required by the SI to manage and maintain
the solutions.
 Perform Version Migration - The services specified herein are not exhaustive
and only indicative.
 Perform version migration as per the version release plan of OEM and
agreed by the Bank.
 Version upgrades and migrations should also include porting of existing
customizations.
 Provide training to the Bank‟s core functional and technical team members
on the new version functionalities and technical aspects as and when
version upgrades and migrations are performed.
For any version migration to be performed, the Bank and the bidder will mutually
draw up an implementation plan and schedule for the same.
Educational Qualification for Onsite Engineer:-
L1 Engineer- BE/B.Tech/MCA/BCA/B.SC-IT with minimum 2 years of experience in

the field of IT Security or EFRM Solution.
L2 Engineer- BE/B.Tech/MCA/BCA with minimum 3 years of experience in the field
of IT Security or EFRM Solution.
L3 Engineer- BE/B.Tech/MCA with minimum 5 years of experience in the field of IT
Security. Engineer should be having minimum 2 year of experience on the proposed
EFRM Solution.
Above mentioned Project Personnel need to sign Non Disclosure Agreement

(NDA) with the Bank before the start of the project.
1.14. AMC ATS requirements
During AMC/ATS, bidder will be responsible for the following:
 Overall maintenance and working of the EFRM solution.

 The Bidder should fix the bugs and carry out the necessary rectifications
wherever necessary and deliver patches/ version changes effected. Provision
should be available for version control and restoring the old versions in case of
need by the Bank.
Page 41 of 155
 Bug fixing, enhancement, modifications, customization, patches, upgrades due to
statutory, regulatory, industry, Bank specific changes ( including installation of
new upgrades.).
 Providing tools for creating knowledge repository for the bugs identified,
resolution mechanism, version upgrade, future upgrade etc. of Application
software, OS, RDMS etc.
 Providing appropriate antivirus software including prevention of denial of service
for DC & DR. The same should be managed with periodical updates.
 Configuration changes, version up-gradations, performance monitoring, trouble
shooting, patch installation, running of batch processes, database tuning,
replacement / support, technical support for application and data maintenance,
taking backup of the database as required, recovery, query generation and
management etc. of all software supplied under this RFP.
 Undertake immediate bug fix actions in the event of software failure causing an
interruption of operation of the EFRMS as per the response / resolution times
defined by Bank. During the event of any failure (software /hardware /network
/etc), the solution should continue to function seamlessly.
 Notify all the detected software errors and correct them as per the agreed
Timelines.
 Support the Bank in integrating any new applications to the EFRM and provide
support in extending the model and creating analytics / reports from the same.
 The operational support staff should have onsite support experience for the EFRM
solution
 Provide Bank with daily hardware utilization/performance monitoring reports and
alerting Bank in case of any performance issues by suggesting future capacity
planning by way of suitable solution or hardware/software upgradation
requirements.
 Provide BCP/DR procedures and conduct DR drills in conjunction with the Bank‟s
policies/procedures.
 Routing the transactions through the backup system in case the primary system
fails Switching to the DR site in case of system failure.
 Service records must be maintained at the Helpdesk for software support. In
addition, calls to the Helpdesk must be tracked including the disposition and
subsequent resolution of problem. These records are to be reviewed monthly
with the Bank.
2. Project Implementation Methodology

The implementation of the SCOPE of WORK as per this RFP has to abide by the following
requirements:
2.1 Business Requirement Document

I. The Bidder is expected to carry out and document a detailed current assessment
by identifying the source systems, perform data mapping, integration options,
data quality and other relevant activities for all products and channels to gain
understanding of the Bank‟s existing business and operations.
II. The core team training conducted by the Bidder should reflect the
understanding of the Bank‟s current processes as a result of conducting the
current assessment.
Page 42 of 155
III. The Bidder would be responsible for ensuring that the BPD (Business Process
Design)/Parameterization exercise is as per the plan.
2.2 System Specification Requirement Study

The Bidder will conduct a detailed systems requirements study and provide a
Functional Requirements Specification Manual (“FRSM”) relating to the
functionalities as required to support the various products and services offered by
the Bank / to be offered by the Bank in the near future as responded by the Bidder
in Annexure C – Fraud Functional & Technical Compliance Sheet.
The Bidder shall provide the FRSM to the Bank for review and comment and any
comments or suggestions of Bank will be incorporated therein. The FRSM will deem
to be completed when signed off from the Bank.
Gap Identification and Resolution
The Bank‟s appointed consultant will carry out gap identification and will provide
the Bank with the gap identification report along with the necessary solutions to
overcome the gaps and the time frames. Based on gaps identified by consultant,
Bidder will provide resolution so as to:
 Provide all functionalities as mentioned in the Annexure C – Fraud Functional &
Technical Requirements and also provide all functionality available in the
proposed solution and added functionality found after gap analysis at no
additional cost to the Bank.
 Provide all functionalities as mentioned in the FRSM.
 The Bidder will ensure that all gaps identified during the UAT period or before
go-live all showstopper gaps need to be immediately resolved and for other gaps
the bidder may provide acceptable timelines. The Bidder shall resolve gaps by
proposing a suitable work around or customizing the proposed solution by way of
modifications / enhancements, as necessary, to the proposed software solution.
Such changes have to be presented to the bank for approval.
 The Bidder will give adequate time to the Bank for reviewing the gap report
 The Bidder will ensure that they have the necessary infrastructure and people in
place to resolve all the gaps within the time lines agreed, for the
implementation and roll out.
 The cost of all customizations is required to be included in the Price Bid and the
Bank will not make any additional costs for such effort.
Additional Customization beyond the RFP requirements:
The Bank may require the Bidder to address additional requirements that are not
either of the following:
 Bug fixes
 Regulatory Changes which is common for all the Banks in India.
 Gaps found during base version testing
 Gaps against the functionalities specified in Annexure C- Fraud Functional &
Technical Requirements.
Page 43 of 155
2.3 Development Methodology
The SCOPE OF WORK laid out in this RFP requires the Bidder to understand the
complex nature of the project and hence should use a strong methodology that
should be followed strictly
 The Bidder should follow a suitable SDLC (Software Development Life Cycle)
methodology waterfall/ iterative/ Agile/ proprietary methodology, etc. as part
of Bidder‟s response.
 Since the product is already available, the development in the SDLC
methodology means customization and integration.
 The Bidder should carry out implementation of the EFRM Solution in a phased
manner as mentioned in Section related to Project Timelines
 The methodology should clearly lay out the overall steps from Initiation to
Closure of this engagement. The methodology should address development,
customization, Managed services, Facilities‟ management services and
hardware/software installation/configuration services. Each of the steps should
detail the input, process and output in each step. The Bidder should further
detail how their tools/templates can be used to leverage them effectively. The
Bidder should further provide the deliverables and sign off process for each of
the deliverables at various stages.
 The Bidder should submit the detailed timeline as part of the response in
alignment with the Section related to Project Timelines
Customization process
 The Bidder shall ensure that the software provided as a part of the EFRM
solution meets all the requirements described in detail in this RFP and all such
customization or development work as may be required by the Bank is carried
out within the total cost proposed by the Bidder.
 The Bidder shall provide all the functionalities as per the requirements of the
Bank. The precise scope of the customization and development work to be
undertaken by the Bidder shall be as per the requirements of the Bank as
described in the above mentioned Appendices or Annexure.
 The Bidder shall carry out all the customization related work at the Project
Office of the Bank or offsite in case the customization cannot be carried out at
the Bank premises.
 The Bank shall be a party to the Functional Specifications requirement sign-off,
Installation sign-off, User acceptance test and User acceptance test sign-off.,
Implementation sign-off.
 The Bidder shall install and commission the software for customization and User
Acceptance Test as per Project Plan to be agreed with the Bank failing which
the Bidder shall be liable to pay the Bank penalty to be defined as per this RFP.
 The Bidder shall provide all tools, testing instruments, drivers, test cases,
consumables, etc. required to install and customize and test the software free
of any fees or charges or any expenses.
 The Bidder shall document and submit to the Bank all the testing activities,
procedures and results.
 The Bidder shall provide the Bank weekly progress report on the bugs/problems
reported/points taken up with schedule of date of reporting, date of resolving,
Page 44 of 155
and status for all kind of bugs and problems whether reported by branch/Zonal
Office/Regional Office/ Head Office or Bidder staff. In case of disputes relating
to resolution of problem relating to any site, the Bidder is required to send the
copy of call report pertaining to each visit of each of the engineer to the said
site indicating the purpose of call, when called, when visited, when problem
was resolved, how resolved, etc.
2.4 Acceptance Testing

The Bidder along with the Bank officials will carry out the acceptance tests for
testing of software, hardware and peripherals, system software, network
equipment, if any, other equipment and other IT infrastructure supplied by the
Bidder as a part of the EFRM solution. The Bidder shall assist the Bank in all
acceptance tests to be carried out by the Bank.
Delivering Base Version
 The Bidder will assist the bank to conduct a preliminary test to ascertain the
extent to which the software has met business requirements as furnished in
the RFP for carrying out analysis of business requirements.
 The testing also includes testing to ascertain whether the response time, the
bandwidth usage & performance of the application software are as per the
expectations of the Bank.
Pre – User Acceptance Test
 The Bidder after customizing software as per Gap analysis will deliver the
customized software to the Bank for conducting pre – User Acceptance Test in
a Non-production environment.
 Acceptance testing shall broadly cover the testing of the Alert Management,
Case Management, Rules Management, Workflow Management , Analytics and
reporting, and all such other applications and tools to verify the EFRM solution
conformity with the business & technical requirements and Gap analysis
Report, Bandwidth and response time.
 During the testing, the Bank will notify the Bidder at regular intervals the
Bugs/findings in writing.
 The Bidder shall fix the Bugs and carry out the necessary rectifications
wherever necessary and deliver patches/version towards changes effected.
The Bank shall test patches / version to ascertain the changes made, bugs
fixed and to ensure that there is no regression in the software.
 The Bank shall accept the application software only after the critical or major
Bugs are fixed, which are then ready for production Implementation.
Production Implementation
 The bank and/or the external testing agency shall carry out verification and
validation in production.
 30 days after successful conclusion of the deployment into production
Environment or after fixing the critical or major bugs whichever is later, the
EFRM Solution shall be accepted by the Bank.
 In the event the solution provided by the Bidder does not meet the acceptance
test and criteria; Bidder would at the discretion of the Bank have to re-
Page 45 of 155
perform the services to the satisfaction of the Bank. Non adherence to the
acceptance criteria may result in termination.
2.5 Performance Testing and Benchmarking

Bidder will provide Performance Benchmark of proposed EFRMS based on
their prior experience in the industry. Proposed application should be able to
handle 800 TPS (Transaction Per second) on the proposed hardware make and
model. Bidders needs to submit benchmarking reports in this regard.
Final selected bidder after the reverse auction will be required to perform a
benchmark/lab test for proposed EFRM solution with the proposed hardware
and database solution which will be arranged at the Bidder‟s cost and will
be conducted at the Vendor‟s/OEM‟s labs. Only after bidder meets the
stipulated benchmarks, will be given purchase order. The benchmark must
be performed for transaction volume, user base at present and projected in
the RFP for the contract period. The application should be able to handle
800 TPS (Transaction Per second) on the proposed hardware make and
model. The Bank reserves the right to disqualify any proposal that fails to
meet the expected TPS as mentioned in the RFP. The benchmark must be
performed in the presence of the Bank‟s officials/Bank‟s authorized third
party.
2.6 Training
The bidder will be responsible for training the Bank‟s employees in the areas of
implementation, operations, management, error handling, system administration
etc. The training should at least cover but not limited to the following Areas:
 Functionality available in the solution

 Customization development
 Parameterization
 Impact analysis
 Auditing techniques
 Advanced user training
 Advanced trouble shooting techniques
 Deployment of various products / packages as part of the solution
 Techniques of rule writing
 Development and deployment of new products using the proposed solution
 Using of all the auditing tools being provided
 Developing new audit reports / tools using the proposed solution
 Advanced training on the operating systems, database systems, EFRM system
and network systems to be used by the proposed solution
 Training for report writer facility to create new reports and modify existing
reports
 System and Application administration at branches
 Log analysis and monitoring
 Incidence analysis and reporting
 Backup administration guide
Page 46 of 155
The Bank will be responsible for identifying the appropriate personnel for all the
training requirements.
The Bidder will impart training to all the necessary users on the EFRM solution as
per schedule. The Bidder must ensure that proficient personnel conduct the
training at the respective training centers identified for the same.
The Bidder will be responsible to install the required applications / systems,
training server at DC and also ensure connectivity to the training server, for the
purpose of training at the training Centers. There will be no cost payable by the
Bank for the application, database and operating system software installation at
such training sites. The training hardware at the data Center should at a minimum
support 100 concurrent users.
The Bidder will be responsible for providing the users with the requisite training
material in both hard and soft copies for the core team/implementation training,
technical training, end user training and train the trainers. The onus of preparing
the training material will be on the Bidder.
The Bidder should provide training to personnel identified by Bank on functional
and technical of EFRM Solution. The Bidder needs to refer to Annexure E –Bill of
Materials for details. Training should include training aids such as online tutorials,
hard copies and soft copies of the manuals, etc.
2.7 Completeness of Project

The project will be deemed as completed only after project scope and
requirements are met in full and the EFRM Solution meets all technical
specifications and delivers all the functional requirements, as per the terms of
RFP.
The project will be deemed incomplete when the mutually agreed acceptance and
completion criteria are incomplete or not met or not fulfilled. The Bank reserves
the sole right to accept or reject the acceptance of any product / service in the
event the agreed acceptance and completion criteria are not met by the Bidder.
Project Review:
The progress in the project implementation of EFRM Solution will be closely
monitored and reviewed periodically by the Bank.
Escalation Matrix
The bank as well as the system Integrator will decide an escalation matrix to
resolve any issues that may crop up during implementation of the project. Both the
bank and Bidder including the consortium members shall inform the names of the
persons and their telephone numbers for the escalation matrix to be effective.
2.8 Project Timeline

Implementation timeline
Page 47 of 155
The implementation of this project is planned to be in the following phases. The
duration indicated is the time period required for the completion of the indicated
activity
Phase- I M1 M2 M3 M5 M5 M6 M7 M8 M9
Offline Monitoring
A1 e-Channel
A2 Branch Banking
A3 Other Banking Products
A4 Branch Banking (Overseas)
A5 Internal Frauds
Phase – II
Online Monitoring
B1 e-Channel
B2 Branch Banking
B3 Other Banking Products
B4 Branch Banking (Overseas)
B5 Internal Frauds
Phase – III
Online Prevention
C1 e-Channel
C2 Branch Banking
C3 Other Banking Products
C4 Branch Banking (Overseas)
C5 Internal Frauds
BRD, SRS, Design, Development and Testing
UAT & Training
GO Live
Stage - I is for DC Implementation comprises of Phase - I, Phase - II and Phase – III.

Stage - II is for DR Implementation.
*BRD- Business Requirement Document; SRS- Software Requirement Specification
Phases Total Duration

Individual
and Activity from date of
Activity Duration
Stages acceptance of PO
Stage – I Procurement and Configuration of Hardware. This 2 Months 2 Months

would also include conducting an inspection and
Phase – I acceptance testing of the Hardware delivered and
installed.
Page 48 of 155
BRD, Design, Mapping, implementation of Offline 5 Months 5 Months
Monitoring of Enterprise Wide Fraud Management
Solution which includes implementation of ETL
(extract transform load), integration with core
applications, Testing, UAT of the data.
a. Define, validate and complete requirements

across the Bank as per the Annexure C – Fraud
Requirements for
 Fraud Typologies
 Detection & Rule Engine
 Case Management & Workflow
 Scoring
 Analytical Capabilities
 Data Management
 BI & Reporting
 Integration & Interface
b. Complete source system study for source to
target data mapping for EFRM SOLUTION
c. Finalization of the comprehensive design
document and sign-off from the Bank
d. Data Cleaning Strategy document and signoff
from Bank as an outcome of the Data Quality
e. Setup ETL processes from source systems
f. Develop and implement the following for the
Bank as per the requirements defined in
Annexure C:
1. e-Channels
i. Internet Banking
ii. Mobile Banking
iii. ATM
iv. All types of Card such as Credit card,
Debit card, Prepaid cards, wallets etc
v. POS (Point of Sale)
vi. Cash Deposit machines
vii. Payment Gateway and E-commerce
Transactions
viii. FI (Financial Inclusion) Gateway
ix. IVR (Interactive voice response)
x. Any other delivery channel introduced
by the Bank during the contract period
2. Branch Banking (Domestic)
i. Deposits (all types)
ii. Loans
 Corporate Loans
 Retail Loans
 MSME Loans
iii. Trade Finance / Non-Fund Credits
 Guarantees
 Letter Credits
 Bill Finance (Bill discounting, Bill
purchase etc.)
Page 49 of 155
iv. Remittances (NEFT, RTGS, SWIFT
Domestic)
v. Forex Business
3. Other Banking products
i. Service Branch (Cheque Processing /
ECS processing ) Operations
ii. Treasury Operations
iii. Cash Management System and Channel
Financing
iv. Financial Inclusion Banking
4. Branch Banking (Overseas)
5. Internal Frauds (employee initiated
/involvement)
SIT, UAT of all the applications as part of phase I

including applicable signoffs & setting up of the
training applications and commencement of
training for Go live
1 e-Channel
2 Branch Banking
3 Other Banking Products
4 Branch Banking (Overseas)
5 Internal Frauds
Pilot Go live of the Offline Solution for EFRM
SOLUTION which form a part of the requirement as
mentioned above
Phase I – Pilot go live on Production 5 Months 5 Months
Stage – I BRD, Design, Mapping, implementation of 2 Months 7 Months

Near Real Time Monitoring of Enterprise Wide
Phase - II Fraud Management Solution which includes
implementation of ETL, integration with core
applications, Testing and UAT of the data.
a. Model Tuning
b. Reduction of False Positive
c. Amendment of Rules
d. Develop and implement the following for
the Bank as per the requirements
defined in Annexure C
1. e- Channels
i. Internet Banking
ii. Mobile Banking
iii. ATM
Transactions
Page 50 of 155
ii. Loans
 Corporate Loans
 Retail Loans
 MSME Loans
 Guarantees
 Letter Credits
purchase etc.)
Domestic)
v. Forex Business
Financing
/involvement)

1 e-Channel
2 Branch Banking
5 Internal Frauds
Pilot Go live of the Real Time Solution for EFRM

SOLUTION which form a part of the requirement
as mentioned above
PHASE II go live on Production 2 Months 7 Months
Stage I BRD, design, Mapping, implementation of Real 2 Months 9 Months

Time/Near Real Time Monitoring of Enterprise
Phase III Wide Fraud Management Solution which includes
implementation of ETL, integration with core
applications, testing UAT of the data.
a. Model Tuning
b. Reduction of False Positive
c. Amendment of Rules
Page 51 of 155
d. Real Time Response (Approve/Refer/
Decline)
e. Develop and implement the following for
the Bank as per the requirements defined in
Annexure C:
1. e-Delivery Channels
i. Internet Banking
ii. Mobile Banking
iii. ATM
Transactions
ii. Loans
 Corporate Loans
 Retail Loans
 MSME Loans
 Guarantees
 Letter Credits
purchase etc.)
Domestic)
v. Forex Business
Financing
/involvement)
1 e-Channel
2 Branch Banking
Page 52 of 155
5 Internal Frauds
Pilot Go live of the Real Time Solution for EFRM

SOLUTION which form a part of the requirement as
mentioned above.
Phase III Go live on Production 2 Months 9 Months
Stage 2 2 months after Post Go Live of

Phase I
Procurement of the hardware & components for

DRC setup of the EFRM SOLUTION complete the
Installation of Hardware and other components in
DR Site
A. DC & DR replication setup and acceptance 3 Weeks

by Bank
B. DC & DR drill completion 2 Months
Delivery, implementation and Roll out
The Selected Bidder shall be responsible for delivery; implementation and rollout
of all the solutions required under this RFP and also must agree to the timeline as
specified above.
In the event of Bidder‟s failure to deliver and/or implement all required

components of a fully functional system (pertaining to the scope of the project)
within the stipulated time schedule or by the date extended by the Bank, unless
such failure is due to reasons entirely attributable to the Bank, it will be a breach
of contract. In such case, the Bank would be entitled to charge a penalty or will
have the right to terminate the contract, as specified in this RFP.
2.9 Continual Improvement

Bidder will also be responsible for
 Improve the policies configured on an on-going basis to reduce the occurrence

of false positives.
 Periodic health check should be carried out on-site, by the OEM every year to
ensure the quality of implementation and operations.
 Bidder shall curtail the closure time for fraud incidents and events, also ensure
the periodic check-up reviews for the same.
Page 53 of 155
Section III: Bid Guidelines
1. Bid Price
1.1 RFP document can be purchased against payment of Rs.10,000.00 (Rupees Ten
thousands only) in the form of a demand draft issued by a scheduled
commercial bank favoring Union Bank of India, payable at Mumbai.
1.2 Alternatively, the RFP document can be downloaded from the Bank's website
www.unionbankofindia.com. However, bidder will have to pay, before
submission of their offer, a non-refundable fee of Rs.10,000.00 in the form of a
demand draft issued by a scheduled commercial bank favoring Union Bank of
India, payable at Mumbai.
1.3 In the event of non-payment of the fee of Rs.10,000.00 towards the RFP
document form before the submission of the offer, the offer will not be
opened/considered.
2. Bid Security
2.1 Bid security of Rs.50.00 lakh in the form of a demand draft or Bank Guarantee
(BG) issued by a scheduled commercial Bank other than Union Bank of India
favoring Union Bank of India, payable at Mumbai to be submitted along with the
offer.
2.2 The bid security must be submitted along with technical offer. In the event of
non submission of the bid-security of Rs.50.00 lakh, the proposals will be
rejected.
2.3 The Bid Security will be refunded to the unsuccessful bidders only after
completion of the bid process. Bid security of successful bidder will be
submitted only after submission of Performance Bank Guarantee (PBG) and
signing of agreement.
2.4 No interest will be payable on the Bid Security amount.
2.5 The Bid security amount will be forfeited if the selected bidder refuses to
accept assignment or having accepted the assignment, fails to carry out his
obligations mentioned therein.
 Within Ten (10) days of receipt of the format of Contract Form, which will
be sent along with the notification of award, the successful Bidder shall sign
and date the contract and return it to the Purchaser.
 Within Thirty (30) days of the receipt of format of notification of award
from the Bank, the successful Bidder shall submit the performance Bank
guarantee for the value equivalent to 10% total payout of the first year and
should be valid for an year (plus an additional grace period of 3 months) in
the format prescribed. The same should be renewed during contract period
before expiry of the BG.
 Failure of the successful Bidder to comply with the requirement of
executing Contract and submitting Performance Guarantee shall constitute
sufficient grounds for the annulment of the award and forfeiture of the bid
security, in which event the Bank may make the award to the next lowest
evaluated bidder or call for new bids.
Page 54 of 155
3. Technical Bid
3.1 The offer will be in two parts – Technical Bid and Indicative Commercial Bid.
3.2 Both parts must be submitted at the same time giving full particulars as per the
prescribed formats, in separate sealed covers duly super-scribed
3.2.1 ―TECHNICAL BID FOR ENTERPRISE FRAUD RISK MANAGEMENT

SOLUTION IN RESPONSE TO RFP DATED 13/06/2017‖
3.2.2 ―INDICATIVE COMMERCIAL BID FOR ENTERPRISE FRAUD RISK
MANAGEMENT SOLUTION IN RESPONSE TO RFP DATED 13/06/2017―
3.3 The envelopes must be addressed to the General Manager (DIT), Union Bank of
India, Technology Center, Union Bank of India, 1/1A Adi Shankaracharya Marg,
Opp. to Powai Lake, Andheri - East, Mumbai – 400 072 and on or before
08/07/2017 by 16.00 Hrs.
3.4 The Technical bid should contain the proof for the eligibility criteria, technical
solution and un-priced Technical bid and should contain all information asked
for in these documents. It should not contain any price information. However
there should be a confirmation that all required rates have been quoted in
Price bid, without showing the actual amounts.
3.5 It is mandatory to submit all the details in the prescribed pro-forma (Annexure-
C) duly filled in, along with the offer. The Bank, at its discretion, may not
evaluate a Technical Bid in case of non-submission or partial submission of
technical details.
3.6 The Technical Bid must be submitted in an organized and structured manner.
No brochures/leaflets etc. should be submitted in loose form.
3.7 The Technical Bid should comprise of following:
1. Covering letter on the prescribed format (Annexure-A).
2. Complete details with all the columns filled in (Annexure-B).
3. Functional and Technical Specifications Complete details with all the
columns filled in (Annexure-C).
4. Reference site details (Annexure-D) duly filled in with photocopies of
required certificates / documents / proof should be attached.
5. Indicative Commercial Offer (Annexure- E)
6. Undertaking for providing Performance Bank guarantees as and when
required (Annexure-F)
7. Undertaking that they have not been blacklisted by the Government
Authority or Public Sector Undertaking (PSUs) in India or any Financial
Institution in India as on date of submission of response as per Annexure-G.
8. Bank guarantees (Annexure- H)
9. Compliance to RFP terms and condition (Annexure-I)
10. Reverse Auction Process (Annexure-J)
11. Letter to be submitted by Consortium Members (Annexure K)
12. Pre Bid Query Format (Annexure L)
13. Details of proposed hardware and Software (Annexure M)
14. Letter from OEMs (Annexure N)
15. KYE (Annexure O)
16. Confidentiality/ Non-Disclosure Agreement (Annexure P)
17. Integrity Pact (Annexure Q)
Page 55 of 155
4. Indicative Commercial Price Bid
4.1 The Indicative Commercial Price Bid will give all relevant price information and
the bidder will quote prices only in Indian Rupees.
4.2 The Price Bid should not contradict the Technical Bid in any manner with
respect to terms and conditions mentioned in the RFP.
4.3 It is mandatory to submit the commercial Price Bid in the prescribed pro-forma
(Annexure-E) duly filled in, along with the offer.
4.4 On completion of the Tender process, the bidder will be required to submit
Annexure – E i.e. Bill of Material as per the last quoted price in reverse auction
by him.
5. Price Composition
5.1. The Charges/fees quoted should be in Indian rupees only. The Charges/fees
shall be on a fixed price basis and should not be linked to the Foreign
exchange.
5.2. The Charges/fees should be quoted with breakup as per the Bill of material
except Octroi. The Octroi would be payable at actual at the applicable rates.
5.3. The price quoted by Bidder shall be exclusive of GST (CGST/SGST/IGST), if any.
The same shall be payable by the Bank at actual on date of invoicing.
5.4. The Charges/fees should be quoted with breakup as per the Bill of
material.
6. No Price Variations
6.1. The commercial offer shall be on a fixed price basis. No upward revision in the
price would be considered on account of subsequent increases in GST
(CGST/SGST/IGST), etc. during the offer validity period. However, if there is
any reduction on account of government levies, during the offer validity
period, the same shall be passed on to the Bank.
6.2. Since Bank is looking at a contract period of 5 years, and avail the services over
a period, if there is any upward or downward revision on GST during the FIVE
year period of the contract, the same shall be to the Bank's account. Baring
service tax, no changes in other tax will be to Bank's account.
7. Offer Validity Period
The offer should remain valid for a period of at least 180 days from the date of
opening of technical bids.
Opening of Offers
1. TECHNICAL BID – FOR ENTERPRISE FRAUD RISK MANAGEMENT SOLUTION will be
opened on 08/07/2017 16.15 Hrs.
2. One representative of the bidder can be present for the opening of the Technical
Offers.
3. No separate intimation will be given in this regard to the bidders, for deputing
their representatives.
Page 56 of 155
8. Erasures or Alterations
The original offer (Technical Offer and Indicative Commercial Offer); shall be prepared
in indelible ink. There should be no hand-written material, corrections or alterations
in the offer. Any such corrections must be initialed by the persons or person who
sign(s) the proposals Technical details must be completely filled up. Correct technical
information of the product being offered must be filled in. Filling up of the forms using
terms such as “OK”, “accepted”, “noted”, “as given in brochure/manual” are not
acceptable to the Bank. The Bank may treat non-adherence to these guidelines as
unacceptable.
An authorized representative of the bidding firm should initial all pages of the offer.
9. Right to Alter Quantities / Repeat orders
The Bank reserves the right to alter the number of locations specified in the tender,
and to delete/substitute items from the ones specified in tender. Bank may also place
order for various services which are only part of this RFP in addition to the quantities
mentioned in this tender at the same rate terms and conditions including the cost
agreed upon
10. Numbering of Pages

All pages of the bid including Brochures are to be numbered as Page --- (current page)
of --- (total pages) in a seriatim along with proper index. The numbering shall be done
separately for Technical Bid, and not section-wise.
11. Bidder Queries

 All queries with regards to this bid, if any, must be sent to the Dy. General
Manager (Information Security), Union Bank of India, DIT, CO, Mumbai on or before
18/07/2017 (Email id – mkjha@unionbankofindia.com,
deepak.gupta@unionbankofindia.com, Vikram.gaikwad@unionbankofindia.com)
 The Bank is not obliged to divulge the nature and configuration of its IT/IT Security
Infrastructure.
The Bank at its sole discretion, reserves the right whether or not to respond to queries
raised by bidders or provide written clarifications. No oral responses to a clarification
request shall be constructed as amending this RFP document. No extension of any
deadline will be granted on the basis grounds that the Bank has not responded to any
question or provided any clarification.
All the queries should be as per defined format by banks in Annexure- L
12. RFP Ownership
The RFP and all supporting documentation are the sole property of Union Bank and
should NOT be redistributed without prior written consent of Union Bank. Violation of
this would be a breach of trust and may, inter-alia cause the bidders to be irrevocably
disqualified. The aforementioned material must be returned to Union Bank when
submitting the proposal, or upon request; however, bidders can retain one copy for
reference.
13. Proposal Ownership
The proposal and all supporting documentation submitted by the bidders shall become
the property of Union Bank unless the Bank agrees to the bidders‟ specific requests, in
Page 57 of 155
writing, the proposal and documentation to be returned or destroyed.
14. Confidentiality & Sub-contract
i. This document contains information confidential and proprietary to Union Bank.
Additionally, the bidders will be exposed by virtue of the contracted activities
of internal business information of Union Bank, affiliates, and/or business
partners. Disclosures of receipt of this RFP or any part of the aforementioned
information to parties not directly involved in providing the services requested
could result in the disqualification of the bidders, premature termination of the
contract, or legal action against the bidders for breach of trust.
ii. Selected bidders will have to sign a non-disclosure agreement with The Bank
before starting the project.
15. Order Cancellation
The Bank may at its discretion decide to cancel the order by giving 6 months notice
period in the event of one or more of the following conditions:
1. Delay in installation and commissioning beyond 12 weeks of the date of the
purchase order.
2. Failure to meet the performance standards mentioned in this document.
3. In addition to the cancellation of purchase order, Bank reserves the right to
appropriate the bid security given by the bidder.
4. However, during the notice period, the bidder is expected to deliver the same
level of services as prescribe in RFP and same payment terms will be applicable.
16. Exit Clause
The performance of bidder will be continuously reviewed by the Bank to maintain the
terms & conditions as specified in this document. Based on the review, if the selected
bidder fails to satisfy / maintain their commitment with respect to Uptime,
Performance, Timely implementation of the project etc. the contract may be
terminated by giving 6 months notice period. Bank‟s decision in this regard will be
final. In case of termination of this contract, the Bank shall have the right to avail
services of any other bidder / agency to continue the project without any let or
hindrance from bidder and the bidder has to provide necessary help for smooth switch
over. Bank will not pay any charges to the bidder towards packing / forwarding /
freight / transit insurance etc., for the equipment at the time of
termination/completion of the contract.
In addition to the cancellation of purchase order, Bank reserves the right to

appropriate the bid security / performance Bank guarantee given by the bidder.
17. Tender / RFP Cancellation

During the process of scrutiny, evaluation and comparison of offers, the Bank may, at
its discretion, seek clarification from all or any of the bidders on the offer made by
them. The request for such clarification and the bidder‟s response will necessarily be
in writing and should be submitted within time stipulated by the Bank. In the event of
any of the failure to submit the response for clarification sought within the stipulated
time, their bill is liable to be rejected.

The Bank reserves the right to cancel the Tender/RFP at any time without assigning
Page 58 of 155
any reasons whatsoever. In case of such cancellation the payment will be made to the
extent of satisfactory delivery of products & services. The value of such payment shall
be governed by completion certificates report and decision of Bank shall be final and
binding on the bidder.
18. No Commitment to Accept Lowest or Any Tender
The Bank shall be under no obligation to accept the lowest or any other offer received
in response to this notice and shall be entitled to reject any or all offers without
assigning any reason whatsoever.
19. Evaluation Process
The evaluation will be a two stage process. The stages are:
 Technical Bid Evaluation
 Commercial Bid Evaluation
A. Technical Bid Evaluation

The objective of this methodology is to facilitate the selection of the most optimal
solution that appropriately meets the business requirements of the Bank. All bids
shall be evaluated by an evaluation committee setup for this purpose by the Bank.
The Bank will evaluate the technical offers of the bidders in terms of eligibility
criteria and the proposals meeting the criteria will only be taken up for further
technical evaluation.
The decision on the Bank in regards to evaluation would be final and binding on all
the Bidders to this document. The Bank may accept or reject an offer without
assigning any reason whatsoever.
The Technical offers submitted by the bidder will be evaluated only if they
fulfill the eligibility criteria as per Section-I. Only those bidders, who qualify
eligibility Criteria will be considered for functional and Technical
evaluation. In case during functional and Technical evaluation, all the
bidders fails to score more than 75% marks, or less than three bidders obtain
more than 75% marks, then in that case top three bidder will be considered
for opening commercial bids provided marks obtained by them are more
than 50%. The decision of the Bank in this regard shall be final.
Technical Bid Evaluation

The technical bid would be rated on a total score of 6730 with the major areas as
follows and the ranking of technical score would be derived for each bidder.
S.No. Evaluation Maximum Score
1. Functional & Technical Evaluation Matrix 6730
Total 6730
The total scores arrived will be scaled according to the total marks allotted for
Functional & Technical Evaluation Matrix
Detailed Matrix is given in Annexure C
Page 59 of 155
B. Commercial Evaluation Process
The Bids which are qualified in Technical would be considered for next stage of
evaluation i.e. Indicative Commercial Bid evaluation and Reverse Auction. The
vendor should furnish their price for the project in their Indicative Commercial Bid to
facilitate the Reverse Auction process.
The contract will be awarded to the L1 bidder having lowest TCO (Total Cost of
Ownership) which is an outcome of Reverse Auction Process.
Bank reserves the right to select the next ranked Bidder if the selected Bidder
withdraws his proposal after selection or at the time of finalization of the contract
or disqualified on detection of wrong or misleading information in the proposal.
20. Scoring for approach methodology & Presentation
As part of technical bid, bidder will also submit their approach methodology covering
each of the activities and the proposed implementation schedule. The Bidders may
also be invited to the bank to deliver a presentation for about 60 minutes on the
solutions that are proposed. The presentations would be delivered to competent panel
chosen appropriately by the bank. The bidders are expected to submit the soft copy of
the presentation to the bank prior to the presentation.
21. Site Visit

Bank at its discretion may visit any or all reference sites where bidder/OEM has
implemented Fraud Risk Management Solution.
22. Payment Terms
The term of the contract will be 5 years. Hardware to be provided for execution of
project should be sized for Five years by considering functional & technical
requirements as per Phase I, II and III mentioned above.
However, if it is found that the hardware is not sized adequately or the hardware
utilization goes beyond the threshold limit of 80%, the Bidder has to provide
additional hardware at no additional cost to meet the performance parameters set by
the Bank.
The Bidder must accept the payment terms proposed by the Bank as proposed in this
Section.
The scope of work is divided in different areas and the payment would be linked to
delivery and acceptance. All/any payments will be made subject to LD/compliance of
Service Levels defined in the RFP document.
Procedure for claiming payments
The Bidder‟s requests for payment shall be made to the Bank in writing accompanied
by Original Invoice detailing the systems, software delivered, installed and accepted
by the bank.
The payment after deducting applicable TDS will be released by the Bank. All
payments will be made only by electronic transfer of funds either by NEFT or RTGS.
The Bidder therefore has to furnish the bank account number to where the funds have
to be transferred for effecting payments.
Page 60 of 155
Payments as per the schedule given below will be released only on acceptance of the
order and on signing the agreement/contract by the selected bidder and also on
submission of performance guarantee through a DD or Bank Guarantee in lieu of DD
towards EMD.
% OF STAGES (On completion of the

Deliverables
PAYMENT activities)
Delivery, successful Installation and
acceptance of the Hardware with
50% Environment Setup after post-delivery
Hardware audit, on submission of invoice with
Proof of Delivery and other documents
25% On Go Live of Phase I
25% On Go Live of Phase II
On successful installation and
commissioning of the Database systems
Database systems 100% on submission of invoice with proof of
delivery / successful installation sign-off
certificate
Release of the Software in the UAT
25%
environment for Phase I
25% On Go Live of Phase I
Software 35% On Go Live of Phase II
On Go Live of Phase III or against
10% submission of Bank Guarantee of equal
amount
One month after successful completion of
25% Phase I and on submission of Invoice and
proof of Delivery.
On successful completion of Phase II of
35%
the project
Solution Implementation Cost
On successful completion of Phase III of
30%
the project
On successful completion of DC-DR
10% replication or against submission of Bank
Guarantee of equal amount
Will be paid as and when each batch of
Training 100%
training is completed
Actual amount as per the Bill of Material
will be paid Half-yearly in arrears or in
AMC/ATS -- advance on submission of Bank Guarantee
of equal amount of AMC/ATS. The
Warranty will start after Phase-I go Live.
Payment for on-site support charges will
FM Support --
be paid quarterly in arrears.
General Conditions:
Page 61 of 155
 No advance payment will be made prior to the start of the implementation.
 All applicable taxes and duties will be deducted at source as per applicable laws.
 Any penalties / liquidated damages imposed on the bidder for non-performance will be
deducted from the payment as deemed necessary
Taxes & Duties:

I. Bidder will be entirely responsible for all applicable taxes, duties, levies, charges,
license fees, road permits etc., in connection with delivery of Hardware and
Software at site including incidental services, transportation, installation and
commissioning. Payment of Sales Tax/VAT, Service Tax and Octroi /entry tax, GST
if applicable, will be made at actual, on production of suitable evidence of
payment by the Bidder.
II. The Bidder shall be liable to pay all applicable corporate taxes and income tax that
shall be levied according to the laws and regulations applicable from time to time
in India.
III. Wherever the laws and regulations require deduction of such taxes at the source of
payment, Purchaser shall effect such deductions from the payment due to the
Bidder. The remittance of amounts so deducted and issuance of certificate for such
deductions shall be made by Purchaser as per the laws and regulations in force.
Nothing in the Contract shall relieve the Bidder from his responsibility to pay any
tax that may be levied in India on income and profits made by the Bidder in
respect of this Contract.
The Bidder‟s staff, personnel and labor will be liable to pay personal income taxes in
India in respect of such of their salaries and wages as are chargeable under the laws
and regulations for the time being in force, and the Bidder shall perform such duties
in regard to such deductions thereof as may be imposed on him by such laws and
regulations.
23. Arbitration
I. All disputes and differences of any kind whatever arising out of or in connection
with the purchase order shall be referred to arbitration. The arbitrator may be
appointed by both the parties or in case of disagreement each party may appoint
an arbitrator and such arbitrators shall appoint an Umpire before entering on the
reference. The decision of the Umpire shall be final. Such arbitration to be
governed by the provisions of Indian Arbitration and Conciliation Act 1996.
II. Notwithstanding anything contained herein above, in case of any dispute, claim
and legal action arising out of this RFP, the parties shall be subject to the
jurisdiction of courts at Mumbai, India only.
III. The bidder shall continue to work under the Contract during the arbitration
proceedings unless otherwise directed in writing by the Bank or unless the matter
is such that the work cannot possibly be continued until the decision of the
arbitrator or the umpire, as the case may be, is obtained.
24. Reporting and compliance

As part of deliverables, Bidder has to submit various reports on ongoing basis. Some of
Page 62 of 155
the reporting and compliance is as follows:
# Solution Module / Service Level Penalty
Service Area
1. Query Response Report on Query response 90th percentile query response time of
time provided on a weekly the solution proposed by the bidder has
basis to be within 30 seconds.
Bidder will submit query response

report on monthly basis.
2. Report and Periodic reports (Daily,  Daily Reports: Critical reports should
Dashboard weekly and Monthly) to be be submitted twice a day. (First
provided to bank report at 10 am and second report
at 5pm every day).
 Weekly Reports: By 10:00 AM,
Monday
 Monthly Reports: 5th of each month
3. Continual The Bidder is expected to Quarterly reports need to be provided
Improvement improve the operations on by the 5th day of each quarter.
an on-going basis.
The Bidder is expected to
provide a quarterly report
of the new improvements
suggested, action plans, and
the status of these
Improvements to the bank.
Improvement areas could
include: process changes/
training resulting in
efficiency/ Service Level
improvement, new
correlation rules to identify
threat patterns etc.
4. Periodic Review The EFRMS project Manager Monthly meeting for contract period to
or locational delegate from be conducted on the 5th (tentatively) of
the Bidder is expected to each month during the operations
conduct a monthly review phase.
meeting with
Bank officials resulting in a
report covering details
about current EFRMS Service
Levels, status of operations,
key frauds and new frauds
identified, issues and
challenges etc.
5. Audit of EFRM EFRMS infrastructure may be  Audit observations to be closed as
Solution subjected to audit from per bank‟s given timeframe.
Bank and/or third party
Page 63 of 155
25. Liquidated Damages and Service Level Agreement
A. Proposed SLA
Time is the essence of the contract and the bank expects the Bidder to complete the
project as per the implementation plan specified in the RFP. If the Bidder fails
I. to deliver any or all software; or

II. to commence services within the time specified as per the terms of the RFP; or
III. to perform the services and extend the support that meets the requirements as
stipulated in the RFP within the time specified in the RFP; or
IV. to maintain the uptime of the solution/component of the solution;
The Bidder need to execute a Service Level Agreement/Contract with the Bank covering
all terms and conditions of this tender. Bidder need to strictly adhere to Service Level
Agreements (SLA). Services delivered by bidder should comply with the SLA mentioned
below. The Bank shall without prejudice to its other rights and remedies under and in
accordance with the terms of the RFP levy liquidated damages from payments due to the
Bidder. SLA will be reviewed on a quarterly basis. SLA violation will attract penalties.
Inability of the Bidder either to provide the requirements as per scope or to meet the
timelines as specified would attract liquidated damages. Service Levels will include
Availability measurements and Performance parameters.
The Vendor shall provide Availability Report on monthly basis and a review shall be
conducted based on this report. A monthly report shall be provided to the Bank at the end
of every month containing the summary of all incidents reported and associated Bidder
performance measurement for that period. Bidder shall use an appropriate tool for the
purpose of such reporting.
Performance measurements would be assessed through audits or reports, as appropriate to
be provided by the Bidder e.g. utilization reports, response time measurements reports,
etc. The tools to perform the audit will need to be provided by the Bidder. Audits will
normally be done on regular basis or as required by Company and will be performed by
Bank or Bank appointed third party agencies.
System availability is defined as:
{(Scheduled operation time – system downtime) / (scheduled operation time)} * 100%
Where:
I. “Scheduled operation time” means the scheduled operating hours of the System for
the month. All planned downtime on the system would be deducted from the total
operation time for the month to give the scheduled operation time.
II. “System downtime” subject to the SLA, means accumulated time during which the
System is not available to the Bank‟s users or customers due to in-scope system or
infrastructure failure, and measured from the time Bank and/or its customers log a
call with the Bidder help desk of the failure or the failure is known to the Bidder
from the availability measurement tools to the time when the System is returned
to proper operation.
III. Service Levels should be complied with irrespective of the customizations that the
applications would undergo during the tenure of the Contract.
Page 64 of 155
Bidder is required to maintain uptime of solutions as mentioned below

Service Area
Uptime % calculated on Penalty as XX% (as mentioned below) of
monthly basis for EFRM. overall monthly EFRM operation
In case of any hardware charges. If the uptime is below 95%, the
problems, the Bidder should Bank shall have full right to terminate
ensure that replacement the contract with the Bidder.
devices are made available
1.
EFRM Solution to meet the Service Levels
Uptime 99.95% and above No Penalty
98.00% and above but below 5% of the Operations Cost for the Month
99.95%
95.00% and above but below 10% of the Operations Cost for the
98.00% Month
below 95.00% No payment and the bank also reserve
the right to terminate the contract.
Further, if the number of downtime instances during a month exceeds 3 times, an additional 0.50%
penalty will deducted for each instance.
EFRMS Operations Charges/ Cost includes: AMC, ATS, Resource costs for EFRMS monitoring
and maintenance.
Event Definition
Events during Live operations due to Infrastructure/Functional issues of the EFRM Solution
should be reported to the Bank. Events are categorized as under
Event Description
a. Any problem due to which real-time detection or prevention is not working or;
b. Any problem due to which the components of EFRM Solution are not available to the
Bank‟s users or does not perform according to the defined performance and query
Critical processing parameters required as per the RFP or;
c. Showstoppers involving major functional failure in the application. There are no
usable workarounds available to troubleshoot the problem
d. In addition to this, categorization of application related events into Critical shall be
carried out in consultation with the selected bidder during the contracting phase
a. Any problem due to which near-real time detection or prevention is not working or
;
High b. Users face severe functional restrictions in the application irrespective of the
cause.
c. In addition to this, categorization of application related events into Highl shall be
carried out in consultation with the selected bidder during the contracting phase
a. Any problem due to which offline detection and prevention is not working or;
b. Moderate functional restrictions in the application irrespective of the cause. Has a
Medium convenient and readily available workaround.
c. In addition to this, categorization of application related events into Medium shall
be carried out in consultation with the selected bidder during the contracting phase
Page 65 of 155
The bidder is required to adhere to the service levels as mentioned below for the
operations phase.

Service Area
1. Query Response Report on Query response 90th percentile query response time of
time provided on a weekly the solution proposed by the bidder has
basis to be within 30 seconds.
2. Fraud Event 24x7 monitoring of all in- All Critical, High and Medium priority
Response scope products and events should be logged as incident
channels. tickets and responded as per below
Service Levels: Events along with action
plan/ mitigation steps should be alerted
to designated bank personnel as per the
below Service Levels:
Critical events response within 15

minutes and resolution within 60
minutes of the event identification.
High priority events response within 30

minutes and resolution within 4 hours of
the event identification..
Medium priority events response within

60 minutes and resolution within 8
hours of the event identification.
Service Levels are measured on a

monthly basis and the penalty is as
follows:
Critical Events:
95-99%: 2% of the Operations Cost for
the Month
the Month
<90%: 10% of the Operations Cost for
the Month
High Priority Events:

the Month
the Month
<90%: 5% of the Operations Cost for the
Month
Page 66 of 155
Medium Priority Events:
the Month
the Month
<90%: 3% of the Operations Cost for the
Month
Low Priority/ Operational Events need

to be logged and maintained for
reference. An incident ticket need not
be raised for such incidents. However
these need to be included in the daily
reports.
3. Manpower services Bidder to provide  Penalty will be deducted on pro-rata
experienced and certified basis for absence of any resource.
manpower at Primary site as
per RFP. Any lacuna will
attract penalty
The penalties as mentioned above during the operational phase be a maximum of 15%
of the Annual Payout value for the month.
B. Liquidity Damage for Delay in delivery of hardware
I. If the deliverables are not submitted as per the implementation schedule and
project phasing or extensions in writing as may be given by Bank, the Bidder shall
be liable to pay 0.5% per week of the total price for the phase with a cap of 10% of
the Hardware price. Part of week will be treated as a week for this purpose.
II. If the deliverables are not acceptable to Bank, the Bidder shall rectify the defects
to the satisfaction of Bank. If the defects as stated in the Notice by Bank are not
rectified by the Bidder within two weeks of the receipt of the Notice, or such
extensions in writing as may be given by Bank, the Bidder shall be liable for
liquidated damages for an amount equal to 0.5% per week of the total price for the
phase, with a cap of 10% of the Hardware price.
C. Delay in implementation of solution/solutions
In case bidder fails to implement any solution in given timeline, the Bidder shall be
liable to pay 0.5% per week of the implementation cost with a maximum cap of 5%.
Part of week will be treated as a week for this purpose.
D. Losses/breaches and penalty
This shall be in addition to the liquidated damages for not meeting SLA which is
defined separately.
Page 67 of 155
a. Penalties will be levied @ Rs.1,00,000/- per instance for any loss or equal to the
loss of amount due to breach, whichever is higher, bank has suffered due to frauds
taken place during the down time or non-availability of system. The penalty will be
restricted to the 10% of the yearly payout value (i.e. payment to be released for that
particular year). This penalty will be in addition to any other penalty levied due to non
adherence to SLA, uptime etc.
b. Penalties will be levied @ Rs 1,00,000/- per instance or equal to the loss of amount
due to breach, whichever is higher for violations of rules configured to prevent fraud
and/or generate alerts etc. The penalty will be restricted to the 10% of the yearly
payout value (i.e. payment to be released for that particular year). This penalty will
be in addition to any other penalty levied due to non adherence to SLA, uptime etc.
c. Penalties will be levied @ Rs 1,00,000/- per instance or equal to the loss of amount
due to breach, whichever is higher for alerts not sent on time to customers in case of
Frauds. The penalty will be restricted to the 10% of the yearly payout value (i.e.
payment to be released for that particular year). This penalty will be in addition to
any other penalty levied due to non adherence to SLA, uptime etc.
Note: The overall penalty due to for Losses/breaches as mentioned above will be
restricted to the 25% of the yearly payout value (i.e. payment to be released for that
particular year). This penalty will be in addition to any other penalty levied due to non
adherence to SLA, uptime etc.
26. Project period

The project will be for a period of 5 years from the date of sign off. The performance
of the bidder will be reviewed on yearly basis to ascerta2in bidder‟s capability during
the period. If found unsatisfactory, the contract may be terminated by giving 6
months notice period at any point of time. However during the notice period, the
bidder is expected to deliver the same level of services as prescribed in the RFP and
same payment terms will be applicable.
Notwithstanding the contract period of 5 years, Bank will have the rights to re-tender
at the end of 4th year for bidder selection.
27. Teaming Arrangement
In case of consortium bid, the Bidder must submit a letter from all the partners,
confirming their participation in the bid and agreeing to the conditions of the RFP and
agreement to support the project implementation and subsequent Warranty and Post-
warranty period for the project. The letter should clearly specify the “Bidder” and its
partners with their roles, responsibility and authority clearly mentioned. Any change
or divergence in the roles or responsibility after the award of contract by the Bidder
shall be taken, as non-performance of the contract and Bank will have the right to
terminate the contract at its discretion, which will result in the forfeiture of EMD.
The actual teaming agreement must be provided to the Bank at the time of Indicative
Commercial Bid Opening. In case there is any divergence from the conditions defined
in the RFP, the Bank reserves the right to reject the bid and forfeiture of the EMD.
After the project period is over i.e. 5 years after signoff, the Bank reserves the right
Page 68 of 155
to contract separately with any of the consortium members. It should be mentioned
in the teaming agreement
28. Patents Rights

I. The supplier shall indemnify the purchaser against all third party claims of
infringement of patent, trademark or industrial design rights arising from use of
the Goods, or any part thereof in India.
II. The supplier shall, at their own expense, defend and indemnify the Bank against all
third party claims or infringement of intellectual Property Right, including Patent,
trademark, copyright, trade secret or industrial design rights arising from use of
the products or any part thereof in India or abroad.
III. The supplier shall expeditiously extinguish any such claims and shall have full rights
to defend it there from. If the Bank is required to pay compensation to a third
party resulting from such infringement, the supplier shall be fully responsible for,
including all expenses and court and legal fees.
IV. The Bank will give notice to the Supplier of any such claim without delay, provide
reasonable assistance to the Supplier in disposing of the claim, and shall at no time
admit to any liability for or express any intent to settle the claim.
V. The Supplier shall grant to the bank a fully paid-up, irrevocable, non-exclusive
license throughout the territory of India or abroad to access, replicate and use
software (and other software items) provided by the supplier, including-all
inventions, designs and marks embodied therein in perpetuity.
29. Disaster Recovery & Business Continuity Planning (BCP)
All the bidders participating in the tender should submit the BCP document, which is,
accepted as best practice. Only the finally selected bidder will submit the final plan
after studying the Bank‟s environment, infrastructure and business operations.
30. Technological Up gradation
Further, the bidder should upgrade equipments with the latest software versions as
part of technological upgradation i.e. equipment OS upgradation/ application
upgradation etc., as and when required, without any additional cost so as to deliver
the SLAs specified during the contract period. Bidder will signup back-to-back
contract with the OEM for regular upgrades.
31. Audit by Third Party
Bank at its discretion may appoint third party for auditing the activities of ON-SITE
Services and operations of entire services provided to the BANK.
Bank or its regulator (i.e. Reserve Bank of India) reserves the right to audit the Bidder
in terms of services offered by bidder.
32. Confidentiality
I. The bidder will be exposed by virtue of the contracted activities to internal
business information of Union Bank, affiliates, business partners and /or
customers. The bidder would be required to provide an undertaking (Non-disclosure
Agreement) that they will not use or pass to anybody the data/information derived
Page 69 of 155
from the assignment in any form. The bidder must safe guard the confidentiality of
the banks business information, applications and data.
II. Disclosure of any part of the above mentioned information to parties not directly
involved in providing the services requested, unless required to do so by the Court
of Law or other Statutory Authorities, could result in pre mature termination of the
contract. The bank may initiate legal action against the bidder for breach of trust.
Page 70 of 155
Section IV: Terms and Conditions
1. Terms of execution of work

1. Time, being an essence of the contract, the bidder is expected to implement the
project within the stipulated time frame of starting of the assignment, the Bank
reserves its right to levy liquidated damages as prescribed hereunder.
2. The contract will be initially for a period of 5 year which will begin after signoff
given by the bank
3. Non-Disclosure Agreement: In the event of the bidder getting the assignment of
the project, an authorized official of the bidder should execute a NDA with the
Bank in the attached format.
4. The bidder shall be responsible in the event of security incidents.
5. Escalation Matrix shall be worked out at the time of placing orders from both sides.
6. The professional consulting organization will not only provide the consultation
services during project implementation for security formulation, but also continue
to provide consulting services on policy development from time to time during the
total contract period.
7. It is the responsibility of the bidder to bring in test as well as production servers in
case of any customization / patch management.
8. On clearance from the bank, the final selected bidder shall deliver source code
under escrow arrangement relating to customized final version of EFRM solution
along with executable media in two sets along with technical and user manual to
the bank under escrow arrangement. Bidder shall periodically refresh the source
code with the latest version and updates as when released and made available.
9. Final selected bidder shall guarantee that all the software and aligned components
used to service to bank are licensed and legal.
2. Performance Bank Guarantee (PBG or BG)
I. The bidder has to provide bank guarantee (BG) equivalent to 10% of the total
contract value within one month of the acceptance of the purchase order for the
entire contract period failing which the bank reserves the right to cancel the
order.
II. All bank guarantees to be issued by a scheduled commercial bank in India other
than Union Bank of India.
All the BG should be as per the format (Annexure H) prescribed by the Bank
3. Additional monitoring requirement for other channels

Bank reserves the right to place order with the selected Vendor during the validity of
the contract, for any other channels also (present or future) at the contracted rates
and terms and conditions.
4. Indemnity
The Bidder shall, at its own expense, defend and indemnify the Bank against all third
party claims for infringement of patent, trademark, design or copyright arising from
use of proposed product/products or any part thereof.
Bidder will provide infringement remedies and indemnities for third party Products, on
a pass through basis. If the Bank is required to pay compensation to a third party
resulting from such infringement, the Bidder shall be fully responsible to pay such
Page 71 of 155
compensation along with all costs, damages and attorney's fees and other expenses
that a court may finally award, in the event of the matter being adjudicated by a
court or that be included in a Bidder approved settlement. The Bank will issue notice
to the Bidder of any such claim without delay and provide reasonable assistance to the
Bidder in disposal of such claim, and shall at no time admit to any liability for, or
express any intent, to settle the claim. The Bidder shall also reimburse all incidental
costs, which the Bank may incur in this regard.
If such a claim is made or appears likely to be made, the Bank agrees to permit Bidder
to enable the Bank to continue to use the Product, or to modify it, provided no order
otherwise has been passed by a court or replace it with one that is at least functionally
equivalent. If Bidder determines that none of these alternatives is reasonably
available, the Bank agrees to return the Product to Bidder on its written request, upon
which the Bidder will then give the Bank a credit equal to:
For equipment, its invoice value as paid by the Bank to the Bidder;
For Materials, the amount the Bank paid to Bidder for the creation of the Materials i.e.
application, related software etc.
This Section stipulates Bidder‟s entire obligation to the Bank regarding any claim of
infringement.
Bidder has no obligation regarding any such claim based on:
I. Anything the Bank provides which is incorporated into a Product or Bidder‟s
compliance with any designs, specifications, or instructions provided by the
Bank or by a third party on the Bank‟s behalf;
II. Bank‟s modification of a Product‟s use in other than its Specified Operating
Environment;
III. The combination, operation, or use of a Product with other products not
provided by Bidder as a system, or the combination, operation or use of a
Product with any product, data, apparatus, or business method that Bidder did
not provide, or the distribution, operation or use of a Product for the benefit of
a third party outside the Bank;
The Bidder shall also indemnify the Bank against all losses, damages, claims, counter
claims, suits, penalties and costs which the Bank may face on account of –
I. Bodily injury (including death) and damage to real property and tangible
personal property caused by Bidder‟s negligence on the part of the Bidder‟s
employees, agents or representatives.
II. Any claim or proceeding brought by a third party against the Bank as a
consequence of the above.
III. Any claim made upon and any action taken against the Bank by any statutory
authority or Court on account of the Bidder‟s failure to comply with any laws,
orders and regulations applicable to the performance by Bidder of its obligations
under this Agreement.
In the event of the Bidder not fulfilling its obligations under this Section within the
period specified in the notice issued by the Bank, Bank has the right to recover the
amounts due to it under this provision from any amount payable to the Bidder under
this Agreement for AMC/Facility Management/ Support Services etc.
Page 72 of 155
Bidder shall be liable for any breach or any non-performance by the Bidder of any of
its undertakings, warranties, covenants, representations or obligations under this
Agreement, subject to the provisions of Limitation of Liability.
5. Publicity
Any publicity by the Service Provider in which the name of the Bank is to be used, will
be done only with the explicit written permission of the Bank.
6. Force Majeure
I. For the purpose of this clause, “Force Majeure” shall mean an event beyond the
control of the parties, due to or as a result of or caused by acts of God, wars,
insurrections, riots, earthquake and fire, events not foreseeable but does not
include any fault or negligence or carelessness on the part of the parties,
resulting in such a situation.
II. The Bidder or the Bank is not responsible for delays or non-performance of any
contractual obligations arising out of blockade caused by war, revolutions,
insurrection, civil commotion, riots, mobilizations, strikes, acts of God, plague
or other epidemics, fire, flood, obstructions of navigation by ice of port of
dispatch, acts of Govt. or public enemy or any other event beyond the control of
either party which directly, materially and adversely affect the performance of
any contractual obligation.
III. If a force majeure situation arises, the bidder shall promptly notify the Bank in
writing of such conditions and the change thereof immediately within five
calendar days. Unless otherwise directed by the Bank, in writing, the bidder
shall continue to perform his obligations under the contract and shall seek all
reasonable alternative means for performance not prevented by the force
majeure event.
IV. The bidder or the bank shall not be liable for default or non-performance of the
obligations under the contract, if such default or non-performance of the
obligations under this contract is caused by any reason or circumstances or
occurrences beyond the control of the Service Provider or the bank, i.e. Force
Majeure.
V. In such a case, the time for performance shall be extended by a period(s) not
less than the duration of such delay. If the duration of delay continues beyond a
period of one month, the Bank and the Service Provider shall hold consultations
with each other in an endeavor to find a solution to the problem.
Notwithstanding above, the decision of the Bank shall be final and binding on
the Service Provider.
7. Limitation of Liability
Bidder‟s aggregate liability for actual direct damages shall be limited to maximum of
the Contract value provided that this limit shall not apply to 1) IP infringement
indemnity 2) Bodily injury (including death) and damage to real property and tangible
personal property caused by bidder‟s negligence. bidder shall not in any event be
liable for any indirect, or consequential damages or for loss of profit, business,
revenue, goodwill, anticipated saving or data, or third party claims except with
respect to bodily injury (including death) and damage to real and tangible personal
property for which bidder is legally liable or 3) All third party claims for infringement
Page 73 of 155
of patent, trade mark, design or copy right arising from use of proposed
product/products or any part thereof.
For the purpose of this section "contract value" at any given point in time means
aggregate value of purchase order placed by bank under this project.
8. Compliance with Laws
Compliance with all applicable laws: The Bidder shall observe, adhere to, abide by,
comply with and notify the Bank about all laws in force or as are or as made applicable
in future, pertaining to or applicable to them, their business, their employees or their
obligations towards them and all purposes of this RFP and shall indemnify, keep
indemnified, hold harmless, defend and protect the Bank and its
employees/officers/staff/ personnel/representatives/agents from any failure or
omission on its part to do so and against all claims or demands of liability and all
consequences that may occur or arise for any default or failure on its part to conform
or comply with the above and all other statutory obligations arising there from.
Compliance in obtaining approvals/permissions/licenses: The Bidder shall promptly
and timely obtain all such consents, permissions, approvals, licenses, etc., as may be
necessary or required for any of the purposes of this project or for the conduct of their
own business under any applicable Law, Government Regulation/Guidelines and shall
keep the same valid and in force during the term of the project, and in the event of
any failure or omission to do so, shall indemnify, keep indemnified, hold harmless,
defend, protect and fully compensate the Bank and its employees/ officers/ staff/
personnel/ representatives/agents from and against all claims or demands of liability
and all consequences that may occur or arise for any default or failure on its part to
conform or comply with the above and all other statutory obligations arising there
from and the Bank will give notice of any such claim or demand of liability within
reasonable time to the Bidder.
This indemnification is only a remedy for the Bank. The Bidder is not absolved from its
responsibility of complying with the statutory obligations as specified above. Indemnity
would exclude indirect, consequential and incidental damages. However indemnity
would cover damages, loss or liabilities suffered by the Bank arising out of claims made
by its customers and/or regulatory authorities.
9. End of Sale & End of Support
The Bidder will ensure that the stipulated Support and Maintenance facilities on the
hardware/software will be available for a minimum period of 6 years. The vendor will
constantly update the Bank on new technologies that could prove cost effective.
10. Corrupt and Fraudulent practice

As per Central Vigilance Commission (CVC) directives, it is required that Bidders /
Suppliers / Contractors observe the highest standard of ethics during the procurement
and execution of such contracts in pursuance of this policy:
“Corrupt Practice” means the offering, giving, receiving or soliciting of anything of
values to influence the action of an official in the procurement process or in contract
execution
“Fraudulent Practice” means a misrepresentation of facts in order to influence a
procurement process or the execution of contract to the detriment of the Bank and
includes collusive practice among bidders (prior to or after bid submission) designed to
Page 74 of 155
establish bid prices at artificial non-competitive levels and to deprive the Bank of the
benefits of free and open competition .
The Bank reserves the right to reject a proposal for award if it determines that the
bidder recommended for award has engaged in corrupt or fraudulent practices in
competing for the contract in question.
The Bank reserves the right to declare a bidder ineligible, either indefinitely or for a
stated period of time, to be awarded a contract if at any time it determines that the
firm has engaged in corrupt or fraudulent practices in competing for or in executing
the contract.
11. Information ownership
All information processed, stored, or transmitted by Bidder equipment belongs to the
Bank. By having the responsibility to maintain the equipment, the Bidder does not
acquire implicit access rights to the information or rights to redistribute the
information. The Bidder understands that civil, criminal, or administrative penalties
may apply for failure to protect information appropriately.
Page 75 of 155
Section IV: Evaluation Matrix
The Technical offers submitted by the bidder will be evaluated only if they fulfill the
eligibility criteria as per Section-I. Only those bidders, who fulfill Eligibility Criteria, will
be considered for functional and Technical evaluation. In case during functional and
Technical evaluation, all the bidders fails to score more than 75% marks, or less than three
bidders obtain more than 75% marks, then in that case top three bidder will be considered
for opening commercial bids provided marks obtained by them are more than 50%. The
decision of the Bank in this regard shall be final.
The evaluation process for short listing of bidder will be based on the evaluation matrix
given below.
I. Evaluation Matrix -- Functional and Technical Requirements
The functional & technical requirements are in the form of a table which is given as
Annexure C – Fraud Functional & Technical Requirements. The bidders should fill
its response itself in the column “Bidder‟s Response (BR)” and provide qualitative
remarks in the column “Bidder Comments (BC)”. The summary of technical
requirements indicatively covered in the Annexure C- Fraud Functional Technical
Requirements is as follows:
S.
Functional & Technical Areas No. of req. line item Maximum Score
No.
1 Fraud Topologies 150 1420
2 Analytical Capabilities 116 755
3 Detection & Rule Engine 60 445
4 Case Management and Workflow 78 590
5 Scoring 44 440
6 Data Management 92 780
7 BI & Reporting 127 910
8 Integrated Fraud Management 13 100
9. System Operational Requirements 89 800
10 Integration and Interface 37 260
Additional Functional
11. 23 230
Requirements
Total 829 6730
The response of the bidder for each of the line item should be as per the table
below:
Page 76 of 155
Bidder’s Description
Response
Standard feature. Required features readily available and to be
S
provided by the bidder
Customization required. Bidder will provide the customization with
C
the stipulated date as informed by Bank
A Alternative available in proposed Solution
N Not Available
The line items are divided into mandatory and non-mandatory category as per
Bank‟s requirement for proposed solution. Marks will be allotted to bidder against
the responses to each of the point mentioned as per the following marking pattern:
Mandatory Non Mandatory

Marks Description Marks Description
10 S- Standard feature 5 S- Standard feature
7 A-Alternate available 3 A-Alternate available
C - Customization C - Customization
4 1
required. required.
0 N- Not Available 0 N- Not Available
Page 77 of 155
Section V: Annexure
Annexure – A (covering Letter)
(To be submitted by all bidders on their letter head)
To:
The Dy. General Manager
Union Bank of India
Department of Information Technology,
Technology Center,
Adi Shankaracharya Marg, (JVLR),
Opp. Powai Lake, Andheri – East,
Mumbai- 400072
DECLARATION
1. We ______________________ (name of the company) hereby confirm having
submitted our bid for participating in Bank‟s RFP dated _________ for procurement
of ____________.
2. We also confirm having read all terms and conditions of RFP.
3. We hereby undertake and agree to abide by all the terms and conditions stipulated
by Union Bank of India in the RFP document including all annexure.
4. We, hereby confirm that we will honor the prices placed by in Commercial Bid,
failing which Bank shall forfeit the EMD. We also understand that the Bank may
debar us from participating in future tenders.
Signature of Competent Authority with company seal ________________________________

Name of Competent Authority __________________________________
Company / Organization __________________________________
Designation within Company / Organization __________________________________
Date ________________
Name of Authorized Representative __________________________________

Designation of Authorized Representative __________________________________
Signature of Authorized Representative __________________________________
Verified above signature
Signature of Competent Authority __________________________________
Date ________________
Page 78 of 155
Annexure – B (Technical Proposal)
Bidder’s Profile:
S. Particulars Response
No.
1 Name of the Firm/company/Individual
2 Address
3 Brief description of the nature of the business and profile of
the company with particular reference to Data Loss/Leakage
Prevention System
4 Year of commencement of the kind of services (copy of
commencement certificate may be enclosed) and number of
years in this service industry.
5 Turnover, Annual Income, Profit/Loss for the Year 1 T.O AI Profit
last three years in crores (enclose relevant Year 2
copies of audited financial statements) Year 3
6 Total number of certified professional permanent staff
(please submit the curriculum vitae (CV) for the professional
staff like Name, Key qualification, designation, experience,
their domain etc. separately)
7 Team composition and task assignment for the proposed
assignment.
8 Description of the methodology and activity (work) schedule
for performing the assignment
9 Number of banks / Financial Institutions to which this kind of
services are being given. *
10 *Name and address of the banks / financial institutions to
whom this kind of services was given with brief description,
Location, etc.
11 Number of other institution to which this kind of services
were given. *
12 *Name and address of other institutions to whom this kind of
services was given with brief description.
13 PAN Number
14 VAT Number
15 Sales tax number
*Note: The relevant support documents should be attached without which the
offer is liable for rejection.
** In Case of Consortium Bids, all the members of consortium will have to fill the
sheet separately.
SIGNATURE
Page 79 of 155
Annexure – C (Technical Compliance Sheet)
Please specify S/A/C/N in the table below to indicate how the solution meets the Bank‟s
requirement -
Bidder’s Description
Response
Standard feature. Required features readily available and to be
S
provided by the bidder
Customization required. Bidder will provide the customization with
C
the stipulated date as informed by Bank
A Alternative available in proposed Solution
N Not Available
Requirement Mandatory Bidders Bidders

S.No.
Response Remark
1. Fraud Topology
Capability to assign a fraud risk score to a transaction in terms of risk Yes
priority and basis the score, it should be able to decline/approve/
1
refer/allow with additional authentication the transactions across all
channels
Fraud Topology
The proposed solution should support the fraud typologies with the
1.1
functionalities mentioned in each of the areas
Online and mobile banking fraud
Does the solution support leveraging the knowledge of already identified
1 Yes
historical frauds when authoring new rules?
Does the solution support simulating the effect of new rules before
2 Yes
promoting them to live actions?
Does the solution support the risk score model built up (e.g. usage of
3 Yes
statistical models etc.)?
4 Does the solution support risk score model utilized in rule management? Yes
Does the solution support other sources of risk input, like a risk score
5 Yes
from an external system, be fed into the model?
Does the solution support for analyzing flagged or suspected frauds (drill
6 Yes
down, follow audit trails, look at history, etc.)?
Does the solution support Behavioral analysis e.g. recognizing individual
7 Yes
customers' behavior and identifying uncharacteristic activity?
8 Does the solution support building behavioral model ? Yes
9 How are they kept relevant (avoid degradation) over time? Yes
Does the solution support detection input for connection characteristics,
10 like IP-addresses, anonymizer proxies, and IP geo-location mapping? How Yes
is it utilized?
Does the solution support detection input for account characteristics, like
11 Yes
newly opened account? How is it utilized?
Does the solution support defining customized actions (e.g. putting a
12 No
transaction in queue or blocking an account) connect to rules?
Page 80 of 155
Does the solution support risk score model (or equivalent) where many
13 No
minor cues can add up to a risk score which in turn can trigger an action?
Does the solution support the risk score be added up over time (e.g.
14 No
during the span of a session)?
Does the solution support visualization support do you have for assisting
15 No
analyzing (like e.g. visual link analysis)?
Does the solution cover other behavioral aspects than per user, e.g. per
16 account behavior, per beneficiary/receiver behavior, per IP-address No
behavior, per device-id behavior?
Does the solution support balancing the ratio false positive/negative ratio
17 to reach manageable thresholds in line with case management personnel No
capacity?
How could we with your behavioral analysis typically identify frauds
18 where a fraudulent user mimics the financial behavior of the authorized No
user?
Do you provide detection input for customer behaviometrics, such as
19 No
timing of clicks and typing? How is it utilized?
Do you provide detection input for endpoint characteristics, endpoint
20 No
identity, or endpoint reputation? How is it utilized?
Does the solution support detection input for malware presence? How is it
21 No
utilized?
Detect online banking sessions conducted from out-of-footprint
22 No
geographies;
Identify transactions that are originated from high-risk internet service
23 No
providers
Domains, and flag sessions conducted from multiple locations in a short
24 No
period of time.
1.2 Internal Frauds
Does the solution support the scoring & detection mechanisms to identify
1 Yes
fraudulent transactions?
Can rules be defined to exclude specific employees from analysis
2 Yes
(whitelists & blacklists)?
3 General ledger account debit used to credit an employee account Yes
Recently debited suspense account for the same amount in the same
4 Yes
branch
5 Unusually high volume of transactions in a suspense account Yes
6 Associate conducts general ledger transactions during time off Yes
7 Abnormal volume or amount of offsets to cash in a suspense account Yes
Employee or related accounts with high credit limits receiving high
8 Yes
number of transactions
The proposed solution should support monitoring of the following
activities not limited to
9 Accounts with high balances are closed by an employee Yes
10 Internal transactions having false or invalid transaction codes Yes
11 High propensity of delinquencies for a branch or associate Yes
12 Address, PIN, or beneficiary in a dormant account Yes
13 Request for change of PIN in a recently opened or dormant account Yes
Request for a change of beneficiary in a recently opened or dormant
14 Yes
account
Page 81 of 155
15 Frequent balance inquiries Yes
Do you offer a product/solution that addresses internal fraud? How are
16 No
these type of internal fraud addressed?
What data & logs are needed to perform the scoring for internal fraud
17 No
detection analysis?
18 What types of employee behavior does the solution support No
1.3 Application Fraud
The proposed solution should support monitoring of the following
activities not limited to
1 Previous Fraudulent Application - ID Match Yes
2 Previous Fraudulent Application - Name and DOB Match Yes
Previous Fraudulent Application - Similar Last Name and Full First Name
3 Yes
and DOB Match
4 Previous Fraudulent Application - Address Match Yes
5 Previous Fraudulent Application - Phone Match Yes
6 Previous Fraudulent Application - Email Match Yes
7 Previous Fraudulent Application - Company Name Match Yes
8 Previous Fraudulent Application - Company Address Match Yes
9 Previous Fraudulent Application - Guarantor Match Yes
10 Previous Fraudulent Application - Referee Match Yes
11 Previous Fraudulent Application - Introducer Match Yes
12 Inconsistent Check - Previous Application ID Match but not Name Yes
13 Inconsistent Check - Previous Application ID Match but not DOB Yes
14 Inconsistent Check - Previous Application ID Match but not Sex Yes
15 Inconsistent Check - Previous Application ID Match but not Mobile Yes
16 Inconsistent Check - Previous Mobile Match but not ID Yes
17 Inconsistent Check - Previous Company Match but Company Phone Yes
Inconsistent Check - Same Address but Different Surname and Home
18 Yes
Phone
19 Inconsistent Check - Same Home Phone but Different Address Yes
20 Inconsistent Check - Same Home Phone but Different Name Yes
21 Inconsistent Check - Same Home Phone but Different DOB Yes
22 Inconsistent Check - Same Mobile but Different Name Yes
23 Inconsistent Check - Same Mobile but Different DOB Yes
Inconsistent Check - Same Office and Home Phone but Different Name and
24 Yes
DOB
25 Inconsistent Check - Same Office Address but Different Company Name Yes
Inconsistent Check - Home Phone and Company Phone Match but Different
26 Yes
ID
Inconsistent Check - Home Address and Company Address Match but
27 Yes
Different ID
28 Inconsistent Check - Other Card Number Match but Different Name/ID Yes
29 Inconsistent Check - Unusual Salary Increase within X days Yes
The proposed solution should have the capability to detect anamolies in
30 applications submitted across multiple channels of access (Browser, App, Yes
USSD etc)
1.4 Mortgage Fraud
1 Recurring Identity information, etc. of non-related applicants Yes
Page 82 of 155
2 Stated income exceeds aggregate assets on hand Yes
Transaction involving a property involved in a bankruptcy or prior fraud
3 Yes
investigation
Transaction involving an intermediary with high percentage of charge-offs
4 Yes
or losses
1.5 Debit Card Fraud
High transaction volume of activity at a specific terminal location relative
1 Yes
to normal activity
High dollar volume of transactions at a specific terminal location relative
2 Yes
to expected behavior
ATM location is deemed to be a common point of compromise for fraud
3 Yes
events
ATM transactions in multiple locations for an account or party in a short
4 Yes
period of time
1.6 Credit Card Fraud
1 System recommendations per priority like White list/Hot List/Black List Yes
Ability to create and update customer profiling based on historical
demographic data, transaction patterns, payment history, etc.
2 Yes
(Near Real time would also do in case real time is not possible). Please
provide indicative ways of profiling available in comments.
Ability to predict the fraudulent patterns & do a real time behavioral
3 Yes
analysis to decide the transaction as approved/decline
To facilitate real time alerts to customers on transactions (Fin & Non
4 Yes
Financial)
Ability to send transactional alerts (successful/decline/attempted)
5 Yes
through multiple channels – Branches
6 Yes
through multiple channels – Telephone-IVR
7 Yes
through multiple channels – SMS
8 Yes
through multiple channels – Mobile
9 Yes
through multiple channels – Internet
10 Yes
through multiple channels – Email
11 Yes
through multiple channels – ATMs)
12 Should have option of bulk blocking of cards, if possible Yes
1.7 Trade Finance Fraud
1 Ability to Match Suspicious entities Yes
2 Ability to score commodities for dual use Yes
3 Ability to resolve entities in Bill of lading documents Yes
4 Ability to provide fuzzy search on the various entities Yes
Ability to display Genuine trade back ground of the customer or level of
5 deviation in business projections from actual, which may be accepted as a Yes
trigger
Page 83 of 155
Ability to create a alert in Advance remittances for imports especially
where the remittance are kept just below USD 100,000 and where the
6 Yes
remittances are by proprietorship concerns and the remittances are being
sent to high risk jurisdictions like Hong Kong or Dubai.
Ability to create Cases where consignees and importers are different i.e.
7 Yes
third party transactions
Ability to create alert in case High Seas sales cases of import for
8 Yes
authenticity of documents and transactions.
9 Ability to perform Postal Parcel Wrapper verification Yes
Ability to create alert in case where the importer frequently changes the
10 overseas exporter though the goods and country of import remains the Yes
same.
Ability to create alert when High value goods such as diamonds are being
11 Yes
imported/exported from Hong Kong and Dubai
Ability to create alert when Consignments of computer parts being
12 Yes
imported from Hong Kong and Dubai
Ability to maintain a list of defaulters of past remittances sent but
13 Yes
documents not submitted and use it as a watch list
14 Ability to create alert for remittances for the import of capital goods Yes
1.8 Cyber Frauds
The proposed solution should be scalable to prevent and detect Cyber
1
frauds Yes
1.9 Retail Liabilities
Transactional Check :
1 Ability to check drainage of funds immediately on new account opening Yes
Ability to check unusual trend/ pattern in account operations as compare Yes
2
past listings
Ability to do behavioral check in terms of – account operations, deposit Yes
3
and withdrawal patterns etc.?
The system should have a de-dupe functionality to identify all accounts Yes
4
opened by same person at multiple branches
System should provide check for withdrawal of FDR funds through loan Yes
5 transactions in other than FDR Holder accounts
Ability to check the scenario where fixed deposits closed without credit of Yes
6
funds in the account of Fixed deposit holder
1.101 Corporate Banking
1 Inconsistency Check – NPA /SMA tagging of Corporate Accounts Yes
2 The system should have a check on identifying unusual pattern in drawing

power assigned to Corporate Loan accounts Yes
The system should have the ability to identify pattern in transfers/
3
withdrawals from Corporate Loan accounts to certain specific accounts Yes
The system should have the ability to identify pattern in cash deposits in
4
the accounts of Corporate Borrowers accounts Yes
5 The System should be capable of doing Due-dupe check on Directors/

Partners appearing in NPA accounts with the Bank Yes
The system should have the capability to match Customer Data against
6
any internal/external watch-lists. Yes
Page 84 of 155
The system should be able to generate an alert if there are multiple
7
applications from the same person within the last x days/months. Yes
The system should be able to generate alert if there are multiple
8 Applications from the same person for the same product that got their
application declined in the last x days/months. Yes
The system should be able to generate alert Multiple Applications from
9 the same person for different product that got their application declined
in the last x days/months. Yes
The system should have the capability of rejecting fraudulent multiple
10 Applications (across Products) coming up from the same IP Address against
one name or multiple names within the last x days/months. Yes
The system should be able to create an alert if there is any Financial

11 transaction that happens between:
the Loan Customer and Relationship managers
the Loan Customer and the Loan Collateral Owner Yes
The system should be able to generate alert if there any customer is
12
having Active Deals at more than one branch. Yes
The system should be able to indentify branches breaching the X%
13 threshold for other state customers. Threshold is based on total deal done
on the month Yes
The system should be able to indentify mismatch on Customer Profile and

14
Transaction Segment, example, Salary or professional taking Construction
Equipment Funding Yes
The system should be able to trigger alert when late payment handling
15
charges are waived off repeatedly by the same employee time and again Yes
The system should be able to identify if the interest rate has been
16 changed on a particular loan multiple times by the same/group of
employees. Yes
The system should be able to identify if the Loan Tenure has been
17 changed on a particular loan multiple times by the same/group of
employees. Yes
The System should be able to raise a flag if any loan EMI is missed and the
18
customer has the appropriate balance in any of the other linked account. Yes
The System should be able to identify customer wise High Value Cash
Collections from Loan Customers of amount greater than X1 for
19
Individuals and of amount greater than X2 for Non-Individuals in a day; for
different risk categories -Low, Medium and High Yes
Alert should be generated for Payment made to same vendors when it
20 crosses more than five transactions from one office/branch during the
year Yes
1.11 Treasury operations
Transaction Check –transactions being handled by same employee for
1
certain specific customers Yes
2 Transaction Check – unusual flow of transactions into employee accounts Yes
3 IT Check – frequent senior approval transactions executed from same IP Yes
The system should be able to monitor individual trading limits across a
4
particular asset class for a specific employee. Yes
Page 85 of 155
The system should be able to monitor overall trading limits across the
5
entire portfolio of assets for a specific employee. Yes
The system should be able to monitor the group‟s trading limit in a
6
particular asset class for a set of employees. Yes
The system should be able to monitor the group‟s trading limits across the
7
entire portfolio of assets for a set of employees. Yes
The system should be able to monitor all the Employees with
8
Concentrated positions in a Single Security of their entire portfolio Yes
9 Should be able to capture multiple correction and cancellation trades

initiated by an employee Yes
Should be able to alert any employee trading on Restricted & black-listed
10
securities Yes
11 Should be able to generate alerts in case there are : Yes
12 High Intensity of Transactions [>X transactions/day] Yes
13 Unusually short period of holding securities [<X days/security] Yes
Frequent Selling of Securities at Significant Losses [> X transactions where
14
loss was > Y%] Yes
1.12 Retail Assets
1 Disbursement of loan to unauthorized dealers/ fake dealer. Yes
Excess disbursement of loans where borrowers provide two disbursement
2
requests within a short span of time Yes
2. Analytics Capabilities
2.1 Multivariate analysis
Dimension reduction with the Principal components:
- Calculate Eigen values and Eigenvectors from correlation and No
1
covariance matrices.
- Plots include: scaled variation, Screed, Log Eigen value, No
2 Cumulative Proportional Eigen value.
- Mine the selected principal components using predictive modeling No
3
techniques.
Dimension reduction with the Variable Selection:
- Remove variables unrelated to target based on a chi-square or R2 Yes
4
selection criterion.
5 - Remove variables in hierarchies. Yes
6 - Remove variables with many missing values. Yes
7 - Reduce class variables with large number of levels. Yes
8 - Bin continuous inputs to identify non-linear relationships. Yes
9 - Detect interactions. Yes
2.2 Cluster Analysis
1 Hierarchical clustering of multivariate data or distance data. Yes
2 Disjoint clustering of large data sets. Yes
3 Nonparametric clustering with hypothesis tests for the number of clusters. Yes
Variable segment profile plots showing the distribution of the inputs and Yes
4
other factors within each cluster.
5 Decision tree profile using the inputs to predict cluster membership. Yes
6 PMML (Predictive Model Markup Language) score code. No
Page 86 of 155
2.3 Data Preparation
Desktop Client should be able to provide a single interface for data Yes
integration & manipulation such as tabulation, forecasting, statistical
1
analysis, econometric modeling and multi-dimensional analysis with the
following features:
Ability to visually access any supported database and support for native Yes
2 Windows data types via ODBC, OLEDB, OLE DB for OLAP, and from mail
servers.
Heat maps displaying the correlation or chi-square association of the Yes
3
inputs with the target across segments.
Provide self-sufficient and easy access to enterprise data sources on No
4 multiple platforms,
operating systems and databases.
The Business Intelligence Interfaces of Reporting and Portal should have No
5 seamless integration (common technical metadata) with Analytics
(Statistical Analysis and Forecasting components).
2.4 Link Analysis
Converts data into a set of interconnected linked objects (or entities) that Yes
1
can be visualized as a network of effects.
Provides a visual model of how two variables‟ levels in relational data or Yes
2
between two items‟ concurrence in transactional data are linked
Provides weighted confidence statistics to provide next-best offer Yes
3
information.
Provides centrality measures and community information to understand No
4
linkage graphs.
5 Generates cluster scores for data reduction and segmentation No
2.5 Data mining
1 The procedure should run in multithread environments No
Code node with the below specifications:
- Write code for easy to complex data preparation and No
2
transformation tasks.
3 - Import external models. No
4 - Develop custom models. No
- Includes macro variables to easily reference data sources, No
5
variables, etc.
6 - Augment score code logic. No
Select models based on either the training, validation (default) or test No
7 data using several criterion using such as: profit or loss, AIC, SBC, average
square error, misclassification rate, ROC, Gini, KS (Kolmogorov-Smirnov).
8 Supports binary, nominal, ordinal and interval inputs and targets. No
9 Easy access to score code and all partitioned data sources. No
Display multiple results in one window to help better evaluate model No
10
performance.
Decision Tree selection based on profit or lifts objectives and prune No
11
accordingly.
Decision trees with Splitting criterion: Prob Chi-square test, Prob F-test, No
12
Gini, Entropy, variance reduction.
Decision trees with ability to define customized split points including No
13
binary or multi-way splits.
Page 87 of 155
14 Print the tree diagram on a single page or across multiple pages. No
Neural networks with the below specifications for Neural Network node:
- Flexible network architectures with extensive combination and No
15
activation functions.
16 - 10 training techniques. No
17 - Preliminary optimization. No
18 - Automatic standardization of inputs. No
19 - Supports direction connections. No
Neural networks with the below specifications for Auto Neural node:
- Automated multilayer perception building to search for the optimal No
20
configuration.
- Type and activation function selected from four different types of No
21
architectures.
Flexibility in defining parameters to influence the topology of neural net No
22
and support Lavenberg-Marquardt method in neural networks
23 Rule induction models No
24 Two-stage modeling No
25 Creation of “confusion” matrix for binary output No
Memory-based reasoning with k-nearest neighbor technique to categorize No
26
or predict observations.
Model comparison with Compare multiple models in a single framework No
27
for all hold out data sources.
Model comparison with Automatically selects the best model based on the No
28
user defined model criterion. It should also have :
29 Score node for interactive scoring in the GUI No
Scoring with automated score code generation, (also in C, Java and No
30
PMML).
31 Supports distributed in-memory processing architecture No
Develop statistical models using big data and thousands of variables - not No
32
just a subset
2.6 Time Series and Data Mining
Automatically transpose the time series to support similarity analysis, Yes
1
clustering and predictive modeling.
2 Process data with or without Time ID variables. Yes
3 Similarity matrix for all combinations of the series. Yes
4 Control weights decay using one or more smoothing parameters. Yes
Best-fitting smoothing method (simple, double, linear, damped trend, Yes
5
seasonal or Winters‟ method) is selected automatically.
6 Mine the reduced time series using descriptive techniques. Yes
Similarity analysis:
Useful for new product forecasting, pattern recognition and short No
7
lifecycle forecasting.
Computes similarity measures between the target and input series, or No
8
among input time series.
9 Hierarchical clustering using the similarity matrix with dendogram results. No
10 Constellation plot for evaluating the clusters. No
11 Exponential smoothing: No
2.7 Forecasting
Page 88 of 155
1 Point-and-click interface for exploring and forecasting time series data. Yes
Ability to automatically diagnose the time series data for seasonality, Yes
2
trend etc.
Automatically selects the best-fitting forecasting model for each time Yes
3
series.
4 Provides mathematically optimized model parameters. Yes
5 Interactive model development facility for more experience forecasters Yes
6 Graphically displays time series diagnostics tests Yes
Inclusion of regression variables and unusual events in the forecasting Yes
7
model.
8 Option to statistically combine multiple forecasts No
Forecasting and time series methods: No
A) Hierarchical Forecasting
B) Structural time series models or unobserved components models
C) Dynamic regression or transfer function models
D) Joint forecasting of multiple time series using vector time series
9 analysis and general
E) State space models
F) Automatic outlier and event detection
G) Time series decomposition and seasonal adjustment
H) Spectral and cross-spectral analysis for finding periodicities or cyclical
patterns in your data
2.8 Mathematical optimization
1 Flexible algebraic syntax for intuitive model formulation. No
2 Transparent use of standard functions. No
Direct invocation of linear, nonlinear, quadratic and mixed integer No
3
solvers.
Support for the rapid prototyping of customized optimization algorithms, No
4
including named problems and sub problems.
5 Ability to run other standard code. No
6 Ability to execute solver invocations in parallel with the COFOR loop. No
7 Aggressive pre solvers to reduce effective problem size. No
Multithreading in underlying technologies for improved optimization No
8
performance.
Linear programming solvers, including primal simplex, dual simplex and No
9 network simplex; and interior-point with crossover.
Parallel branch-and-bound mixed integer programming solver with cutting No
10
planes and heuristics.
11 Option tuning for mixed integer programming. No
12 Decomposition algorithm for linear and mixed integer programming. No
General nonlinear programming solvers, including interior-point trust No
13 region method with line search, active-set trust region method with line
search, and multistart capability.
Quadratic programming with state-of-the-art solver tailored for large- No
14
scale optimization.
Multiple network diagnostic and optimization algorithms. Parallel hybrid No
15
global/local search optimization, including multi-objective optimization.
16 Grid enablement. No
Constraint programming capabilities with scheduling and resource No
17
features.
Page 89 of 155
2.9 Text Analytics
The proposed software must be able to accept text and should accept No
1 commonly used text sources such as ASCII text, document files, PDF files,
spreadsheet files etc
Should be capable of performing sentiment analysis of unstructured data, No
2 in form of texts mainly (and other forms), and coming up with insights on
customer attitude and response.
The solution should include a document convertor to convert data not in No
3
ready text format (such as webpage and pdf files etc.) to a textual format
4 Solution should also include easy abilities to read from XML files No
No
Should contain crawling capabilities which should be able to retrieve Web
5 pages that go many layers deep originating from a specific URL. It should
also be able to retrieve not only Social media content, but also related
social media metadata (followers, friends, demographics, comments etc.)
Documents such as KYC docs, Resumes, CVs, experience certificates etc. No
should be capable of getting certificates etc. should be capable of getting
6 categorized and tagged with entities through a configurable near real
time process that swings into action right as soon as the document is
received / retrieved by the system.
No
Should have pre-configured features to identify and extract entities such
7 as names, persons, organizations / companies and locations from text
data. It should also be able to use a customized list of entity pattern
(such as PAN card , UID numbers etc.) based on rules
No
Should make use of natural language processing (NLP) techniques to
8 enable parsing and stemming of text data, identify of main topics of
discussion and identify the correlated topics. It should also directly
support the use of regular expressions (REGEX) for matching purposes.
Should support both statistical and rule based classification mechanisms No
9
for categorization of text data
Should be possible to run multiple taxonomy structures and classification No
10
structures on the same document.
Should support text clustering - it should identify the similar topics and No
11 elements (such as job descriptions etc.) from a large corpus of documents
and graphically show the degree of association.
Should integrate within a Service Oriented Architecture (SOA) to achieve No
12
a loose coupling among interacting systems.
Should be capable of automated parsing which breaks up entities into No
13
their parent forms and individual elements such as words elements etc.
Should have ability to derive a links dataset from rule associating entities No
in unstructured data, not just in terms of document occurrence, but also
14
in terms of syntax and relationship among entities contained in the
textual data
Should have strong classification functionality. It should support different No
15 weighting methods, numerous modeling techniques for classification, and
binary, nominal, and ordinal targets.
Should contain GUI based highly interactive plots for exploring the No
16 connections among concepts/terms. It should allow users to dynamic link
plot that shows the connections among terms/concepts.
Page 90 of 155
Should be capable of capturing feeds from multiple sources (like social No
media), analyze them and come up with insights. The analysis should be
17
real time so as to ensure continuous tracking and detecting shifts in
sentiment
2.1 Across All Models
The solution should be capable of deploying the models in offline mode to Yes
1
enable risk analytics based on historical capabilities
The solution should evaluate the channel risk by analyzing the contextual Yes
data from variety of sources including user profiles, device fingerprinting
2
, transaction data , IP , Geo Location , other network data and third party
data field
The solution should adapt to changing behavior of users against their own Yes
3
history and the history of other individual
The proposed EFRMS should be capable of analyzing / monitoring/ Yes
4 alerting the financial Event of Default (EOD) prescribed at the time of
sanction of corporate advances.
The proposed EFRMS should be capable of analyzing / monitoring/ Yes
5 generating alerts based on pattern of „Financial/ Non-Financial Waivers‟
allowed by an employee and the due reporting of the same, as required.
3. Detection and Rule Engine
1 Solution should have inbuilt business rules engine to implement scenarios Yes
2 Solution should have ability to add new scenarios Yes
3 Solution should be able to make scenarios active Yes
4 Solution should be able to execute scenarios in specific order Yes
Rules engine should have capability to change scenario parameters by Yes
5
business users
6 Solution should have ability to group scenarios together for performance Yes
7 Solution should have the ability for unlimited rules capacity Yes
Rules engine should have the functionality to retrieve historical activity Yes
8
and capture for rule creation / maintenance.
Rules engine should be able to create a case based on externally and Yes
9
internally created scores as a decision element.
Rules engine should have the ability for allowing criteria to be defined / Yes
10
modified (add, delete, create, update).
Rules engine should have the ability to prioritize work based on portfolio Yes
11 and / or relationship specific scores and /or UCIC(Unique Customer
Identification Code)
Rules engine should have the ability to track changes to rules (i.e. who, Yes
12 when, what, why) (audit changes) and support maintaining different
versions of the same rule definition
Rules engine should have the ability for each transaction to be evaluated Yes
13
by every rule.
Rules engine should be able to identify the rules triggered by a Yes
14
transaction
15 Solution should be able to define systemic actions at the rule level. Yes
Rules engine should be able to assign a unique case number to each item Yes
16
scored and actioned by the rules engine or out sorted for analyst review.
Rules engine should support defining of new variables based on existing Yes
17
variables
Page 91 of 155
Rules engine to support decision tree/decision tables for identifying the Yes
18
fraud patterns
Rules engine should support defining the rules at multiple levels like Yes
19
transaction, account, customer and group of customers
Rules engine should be able to integrate with analytical component to Yes
20
assign weightages to the rules
Rules engine should enable the users to simulate the various levels of Yes
21 thresholds for the variables identified to indicate the number of alerts
that will get generated
22 Rules engine should support copying of existing rule to create a new rule Yes
Rules engine should provide ability to create a case from non-monetary Yes
events (with or without a monetary transaction occurring) Non-monetary
23
events include items such as: Address change, Phone number change,
Check request, Balance Enquiry, PIN Change,
Solution should support maintaining different versions of the same rule Yes
24
definition.
25 Solution should support running rules in real time and batch mode. Yes
Solution should support use of standard logical operators (eg: AND, OR, Yes
26
NOT etc) in all Real time Authorization Rule conditions.
Solution should support use standard arithmetic operators (e.g.: >, <=, = Yes
27
etc) in all Real time Authorization Rule conditions.
There must be a visible result of rule evaluation to determine the success Yes
28
rate of the rule
Solution should support rule creation for Maker and Checker user Yes
29
authorization.
30 Solution should have capability to detect complex frauds No
Solution should be capable to execute scenarios at scheduled times such No
31 as days, weeks or months
Solution should have the ability for the rules engine to allow criteria to be No
32
defined / modified (add, delete, create, update).
Solution should have the ability for the rules engine to allow decisions No
33
based on criteria (what to do with the item / record).
Rules engine should be able to create scores that are portfolio specific No
34
and/ or relationship specific.
Rules engine should use updatable user defined tables as decision No
35
elements such as: Negative and / or positive files
Rules engine should be able to list, by priority, of all rules triggered by a No
36
transaction.
Rules engine should be able to create / modify exclusion criteria, within a No
37
rule, to route activity to an „exclusion” queue‟.
Rules engine should be able to create / modify reactivation criteria, No
38 within the rule, for accounts that have previously been reviewed and
excluded
Rules engine should be capable of import of data to perform data No
39 aggregation tasks, with the option to aggregate and apply date-based
lookback periods to your data to facilitate rule development
Rules engine should be able draw contents from multiple data sources, No
40
including one or more tables or excel file
Page 92 of 155
Rules engine should facilitate visual identification of patterns of interest No
41 in your data to facilitate the process of rule development. Rules engine
should support drag and drop of selection of variables for rule creation
Rules engine to support data exploration and direct investigation of No
42
identified transactions before finalization of the rules
Solution should enable the detection at multiple levels like transaction, No
43
account, customer, group of accounts / customers
Rules engine should enable the users to interact with recent data to No
44
identify the transaction patterns during the day
Rules engine should enable the users to deploy the rules in production No
45
system based on the finalization of rules in real time / near real time
Rules engine should facilitate comparison of impact by changing No
46
thresholds
Rules engine should support various arithmetical techniques to create No
47
summary variables on user interface
Solution should support blocking a fraudulent transaction in real time, if No
48
required.
Solution should have capability to detect the Fraud for the channels and No
49
products mentioned in the scope
Solution should support ability to execute rules in test mode against No
50 production data and analyze the impact of such a rule based on the
output of the alert.
Solution should support enrichment of transactions posted in real time No
51
mode to execute real time monitoring scenarios.
Solution should specify Filter Rules based on data available in the No
52
transaction.
Solution should specify an Outcome Action for each Real time No
53
Authorization Rule.
54 Solution should support use Demographic Data in Rules creation No
55 Each rule must have a unique identifier No
The proposed EFRMS should be capable of generating an alert in case No
56 receipt of multiple requests from the same customer originating from
different locations/ branches of the Bank.
The proposed EFRMS should be capable of generating an alert when the No
account of a customer assisted by the Bank is reported as SMA to RBI.
57 Note that this information is available at RBI‟s end and presently RBI is
notifying this to all the member banks through e-mails routinely on daily
basis
The proposed EFRMS should be capable of generating an alert based on x No
58 number instances of an employee overriding a particular system
generated exception/s
The proposed EFRMS should be capable of generating an alert based on No
59 Loan Accounts bearing „ZERO‟ rate of interest or ROI varying within a
band of x% from the reference rate viz. Bank Base Rate.
The proposed EFRMS should be capable of generating an alert based on No
the instances where the progress of the underlying contract has not been
60
reviewed/ monitored for x number of months and Performance Bank
Guarantees is issued by the Bank.
4. Case management and Workflow
Page 93 of 155
4.1 Case Management Requirement
Solution should be able to customize activities and automation of Yes
1 workflow (different workflows may be developed for different types of
cases)
Solution should have the ability to assign activities in the workflow to a Yes
2
group of users
Solution should have the ability to create, edit and view a case based on Yes
3
user permissions
Solution should have the ability to classify cases by type, category, and Yes
4
subcategory
Solution should have the ability to attach documents and video files (any Yes
5 digital media may be stored)
Solution should have the ability to set default fields and values on screens Yes
6
based on case type
Solution should create an audit record containing the identification of the Yes
7 user, a timestamp, and date when actions are performed to a case that
may be provided to management, an examiner, or regulating agency
Solution should have the ability to generate a batch file for regulatory Yes
8
reporting via E-Filing
Solution should have the ability to align cases by priority, high to low to Yes
9 the analyst role in the queue. New cases will populate the queue
according to the priority.
The user should be able to manually change a case, The user should be Yes
able to change / modify the „due date (SLA) add comments, and
10 designate future review time to re-review the case (i.e. Automated
reminder). If “pending” due to unavailability of analyst, then work should
move to “general” queue for work.
11 The user should be able to manually modify a pended case. Yes
The user, based on role, should be able to take specific actions on pended Yes
12
records
The user should be able to take ownership of a task (with notification Yes
13
going back to original pending analyst)
The user should be able to release pended record back into queue/auto Yes
14
escalation of pending cases in review / investigation queue
The number / label / length / arrangement of such fields should be Yes
15
configurable
16 The user should be able to add or remove a document to a case Yes
17 The user should be able to add or remove a reminder to a case Yes
18 The user should have ability to link cases under investigation Yes
19 The solution have ability to elevate an alert into a case Yes
20 The solution has ability to add several alerts to one case. Yes
The solution has flexibility of case management screens: ability to change Yes
21 field layout, field names, field types, contents of dropdown lists, without
vendor involvement.
The solution has ability to configure case management workflows in a Yes
22 flexible way by the user.
The solution should have full audit trail / logging of all changes in the Yes
23
database (who, when, which table, which field, old value, new value).
24 The solution should support the ability to email Case details to other users Yes
Page 94 of 155
in the bank.
The solution should have ability to be able to instantly update existing Yes
25
cases with fresh transaction detail.
The solution should have ability to specify an Automatic Outcome Action Yes
26
for each Case Creation Rule.
27 The solution should use queue priorities to present next case to profiler Yes
The solution should have ability to change the length of time an anti- Yes
28 referral marker has been applied to an account e.g. Parameter not hard
coded
The solution should have ability to set sticky referral on a card based on Yes
29
status of case and block type
The solution should have ability to change the length of time a sticky Yes
30 referral marker has been applied to an account e.g. Parameter not hard
coded
The solution should have ability to find a case in Case Manager based on Yes
31
Card PAN, Account #, Sort Code, Customer Address, Surname, DOB
Solution should provide an Incident Triage Queue to allow the user to No
32
review incoming items prior to creating or linking an incident to a case
Solution should have the ability to receive alerts from multiple monitoring No
33
systems that have been designated as incidents that require investigation
Solution should have the ability for additional review(s) of case disposition No
34
based on several factors (role, tier, delegated authority, etc…)
Solution should provide a free form text comments box on working case No
35
screens.
36 The user should be able to comment without taking ownership No
37 The user should be able to reassign record No
The solution should allow the user (detection, inbound, etc…) to manually No
38
enter a case
The solution should be able to differentiate between cases which were No
39
created from alerts versus those which were created manually
40 The user should be able to add free text notes to cases No
The user should have ability to apply a mass action to case - close, No
41
append etc
42 Solution should have automated case processing No
System should offer integration and links to tools that perform automated No
43
case processing
Case management should have input/output functionality (API) in order to No
44
be able to link to other platforms
The solution should have retrospective analysis, looking for other like No
events after updating additional informational about a case or alert which
45 may affect further instances of fraud. Once a case is closed, the solution
should re-score rules or models for future analysis.
The solution has ability for automatic assignment of cases to No

46
investigators, ability for supervisor to override and assign cases manually.
The solution have ability to import large amount of information from txt, No
47 csv, or xls format - useful for first population of database, or the
integration with other databases.
Page 95 of 155
Case management fields should be populated automatically with No
48
application details if case is generaled from an alert
The solution should be able to enter investigation steps taken and their No
results in the system. There should be configurable templates (e.g. Drop-
49
down list) for both of these, in order to speed up data entry for typical
actions and results.
Investigators should be able to sort and filter all case records by entering No
search criteria into any data field. Possibilities should include logical
50 searches like "Equals A or contains B", etc. Query results should be
displayed as a list, possibility to open a record on the list to view all
fields, then close and return to result list.
Solution should be able to export the results of a query, or the entire No
51
table to xls and/or csv
Solution should support batch update: Ability to update many records at No
52 the same time, e.g. Overwrite recovered amount for several hundred
records at the same time.
The solution should have ability to specify an Manual Outcome Action for No
53
each Case Creation Rule.
The solution should have ability to manually assign a new fraud case to a No
54
work queue based on case attributes
The solution should have ability to locate a record following an Inbound No
55
Call.
56 The solution should use cardholder details to present case to profiler No
The solution should have ability to locate a case in order to make an No
57
outbound call.
58 The solution should have ability to view Fraud Cases on a work queue No
The solution should have ability to set anti-referral on a card based on No
59
status of case
The solution should have ability to determine the transaction that created No
60
the case
4.2 Workflow Requirement
Solution should provide the ability to perform systematic actions based Yes
1
upon an analyst‟s work action.
2 Screen flow and system process must represent the task workflow. Yes
Power users should have the ability to configure standard workflows to Yes
3
route case activities to appropriate teams
Cases should be managed by more than one appointed person using Yes
4
workflow functionality.
5 Workflow actions should not be deleted or altered after submission Yes
Solution should have the ability to delete or remove workflows if they Yes
6
become redundant
Solution should have the ability to control or change (edit/delete) certain Yes
7
workflow functions
Solution should be able to manage and capture audit trails for workflow Yes
8
configuration
The system should have the ability to automatically execute immediate Yes
9 card stops / temporary blocks on all cards on an account across all
channels
Solution should be able to define the systematic actions to be taken, No
10
based upon an analyst‟s work action.
Page 96 of 155
Detection rules creation/modification and deletion could be subject of No
11
approval by more than one appointed person using workflow functionality.
Alerts should be managed by more than one appointed person using No
12
workflow functionality.
Reports review and appropriate reaction could be managed by more than No
13
one appointed person using workflow functionality.
Internal employee should not be able to delete/modify/recreate workflow No
14
steps.
15 Solution should provide different access rights for different users No
Solution should have the ability to create and modify workflow without No
16
assistance of software vendor
Solution should have the ability to transition from one activity to other on No
17
the basis of defined turnaround times
System should provide the flexibility to send notifications to the intended No
18
users on assignment of any activity
5. Scoring
5.1 SCORING MODEL REQUIREMENTS
The solution should have ability to assign risk / fraud scores to Yes
1
transactions.
2 Solution should have ability to score individual transactions Yes
3 Solution should be able to apply fraud score at entity level Yes
Solution should be able to build anomaly detection models to find Yes
4
previously unknown activities that are indicative of fraud
Solution should be able to build pre-defined anomaly univariate and Yes
5
multivariate models
6 Solution should have ability to build and deploy new models Yes
Solution should have ability to define clusters using several different Yes
7
techniques and relations
Solution should have ability to include different sets of limits and Yes
8
thresholds for different event types
Solution should have ability to build predictive fraud models designed to Yes
9 learn from past fraud and better predict future attempts ( Self Learning
Capability)
5.2 ALERT MANAGEMENT REQUIREMENT
1 Solution should have ability to suppress unwanted alerts Yes
2 Solution should route alerts to the appropriate person/group Yes
3 Solution should have advanced routing rules to route along any data event Yes
4 Solution should have capability to reduce redundant alerts Yes
Solution should have capability to group alerts into single entity Yes
5
actionable events
6 Solution should provide reports on alerts Yes
Solution should have capability to visualize the network related to alerts Yes
7
or risk networks
Analyst should be able to action alerts by routing, emailing, closing or Yes
8
other events
9 Analyst should be able to make notes in alerts Yes
10 Solution should be Integrated with case management Yes
Page 97 of 155
The Solution should support detailed Threshold Analysis, in order to fine Yes
11
tune alerts and reduce false positives.
The Solution should support ability to import Alerts from external Yes
12
detection systems in batch and real time.
The Solution should support the ability to correlate Alerts in batch and Yes
13
real time in order to detect linkages between the Alerts.
The Solution should support the ability to score alerts in order to Yes
14
prioritize the alert analysis task.
The Solution should systemically identify linkages between different Yes
15 alerts, even though the alerts are generated from different batches and
runs.
The Solution should support ability to score Alert Correlations and Yes
16
automatically promote them to Cases.
5.3 NETWORK ANALYSIS REQUIREMENT
Network Analysis should define risk based on relationships with entities, Yes
1
financial and non financial transactions, etc
Solution should have ability to build networks on data specific Yes
2
relationships such as address, phone etc
3 Solution should have ability to score networks based on risk rules Yes
4 Solution should have ability to score networks based on predictive models Yes
Solution should have ability to score networks based on deviation from Yes
5
normal
Solution should provide visualization for navigating and drilling into Yes
6
networks
Solution should have time based slider for chronological visualization of Yes
7
network
8 Solution should have detail drill down to information inside a network Yes
Solution should have node collapsing expanding ability to hide or show Yes
9
inter network relationships
Solution should have ability to compress extremely large networks using Yes
10
analytics
Solution should have ability to share network changes with other Yes
11
investigators
12 The Solution should enable to add links and nodes to the network Yes
13 The solution should enable searching for a particular node in the network Yes
14 The solution should enable to view the details of nodes and links Yes
The solution should enable linking the node based on demographic and Yes
15
transaction details
16 The demographic linkages should be supported by fuzzy matches Yes
17 The solution should enable the user to makes notes on the network Yes
The solution should enable viewing the network on geographic map Yes
18
background based on the location nodes in the network
The solution should support expanding the nodes based on the linkages to Yes
19
the node
6. Data Management & Quality

6.1 Data Management
Page 98 of 155
The solution should provide specialized table loaders to provide optimized
1 Yes
bulk loading of databases such as Oracle, Teradata and DB2.
The solution should provide integrated workflow scheduling, automatic
2 Yes
load balancing and grid computing support
The solution should be able to seamlessly call Data Quality functionalities
3 such as data standardization (standardizing city, state etc.) as part of the Yes
ETL process flow
The solution should be able to seamlessly call Data Quality processes as a
4 Yes
web service for de-duplication, as part of the ETL process flow
The solution should provide an out-of-the-box transformation to support
5 conditional processing within jobs, allowing distinct portions of a job to Yes
be defined to run conditionally
The solution should provide in-built analytical transformations for
6 statistical functions such as correlations, distribution analysis, one-way Yes
frequencies, summary statistics etc. as part of the ETL process flow
The solution should provide an in-built analytical transformation to
7 perform forecasting on time-series or transactional data as part of the Yes
ETL process flow
The solution should have the ability to import and export relational
8 metadata in external formats to exchange metadata with third-party Yes
applications
The ETL tool should provide native access Industry leading RDBMS like No
9 ORACLE, DB2, SQL Server, Sybase, MYSQL and appliances like Netezza,
Teradata, etc.
The solution should provide a pre-built transformation to use SOAP No
10 (Simple Object Access Protocol) and REST (Representational State
Transfer) to access a web service as a source for the ETL process
The solution should provide support for Message-Oriented Middleware, No
11 including Web Sphere MQ from IBM, MSMQ from Microsoft and Tibco‟s
Rendezvous
The solution should provide file reader/writer for Hadoop file system No
12
(HDFS).
The solution should provide a graphical development environment for No
13 authoring Hadoop-related code including Pig, Hive, MapReduce and HDFS
commands
The ETL tool should provide for Multiple-user design environment with a No
governance mechanism to prevent corruption of data integration related
14
objects, and also supports collaboration on large, enterprise wide
projects.
The solution should generate code for ETL process flows created through No
15
the GUI which can be viewed / edited by the developers if required
The ETL tool should be rich in the set of in-built transformations and No
functions that should include predefined table and column-level
16
transformations including slowly changing dimensions (SCD type1 and
type2)
The solution should provide the ability to create User Written Code No
17 transformations, which allows leveraging custom code as part of the ETL
process flow
The solution should provide the capability to create customized No
18
transformations which can be reused across ETL process flows
Page 99 of 155
The solution should provide the capability to import native user-defined No
19 functions from databases such as Oracle, DB2, and Teradata and have
them available for use in expressions in the ETL process flow
The solution should have the capability for ELT processing which No
20 facilitates execution of the process flow inside a database, providing
enhanced execution and performance
The solution should provide a utility to check if a particular No
21
transformation can be executed inside the database
The solution should have the ability to perform the complete process of No
22 extracting and transforming the data and loading it into a datamart and
generate reports as part of the same ETL process
The solution should have the ability for Command-line job deployment No
23
options for deploying single and multiple jobs
The solution should provide the ability to execute external OS level No
24
commands such as call shell scripts as part of the ETL process
The solution should provide a single metadata repository which provides No
25 the ability to track data lineage by performing impact and reverse impact
analysis visually, through a graphical user interface
The solution should have the ability to perform complex search (based on No
26 object name, type, date range etc.) of the metadata repository and
should also be able to save search criteria for reuse.
The solution should provide the ability to export metadata as a package No
27 for backup and archival and import the same through a wizard driven
interface
The solution should have the ability to compare the metadata being No
28 imported with the existing metadata to better facilitate change
management
The solution should provide a wizard driven interface to perform column No
29 standardization on table metadata on column lengths, formats, and other
attributes that you would like to match between the tables.
The solution should provide metadata reports that provide an easy-to- No
30
understand view of the metadata for users to view the content.
The solution should provide the capability to generate metadata reports No
31 which can provide the requisite information related to tables, process
flows etc. used as part of the ETL process
The solution should have the ability to easily capture and display No
32 performance information such as real time, CPU time, memory use,
input/output, and record count data as a table / graph
The solution should provide enhanced visual de-bugging capabilities: No
- To run a particular transformation
33
- To run an ETL flow from / up to a particular transformation
- To run an ETL flow step-wise
The solution should provide the capability to assign checkpoints in the ETL No
34 process flow to ensure recovery and de-bugging in case of failure,
interruptions or errors
The solution should provide enhanced logging capabilities accessible from No
35 a log tab which can help determine the point of failure of the ETL process
and the corresponding error highlighted in the code
Page 100 of 155

The solution should provide the capability to display warnings of a job No
36 being changed since previous open, with a brief description of the
change, to facilitate use in a collaborative user development environment
6.2 Data Quality
Data Profiling and validations
The solution should provide a graphical user interface to profile the data Yes
1
to understand and analyze the quality of data
The solution should provide the following capabilities w.r.t. the profiling Yes
2
of data:
Data sufficiency analysis in terms of null count, blank count, unique count Yes
3
etc.
Data Statistics such as min, max, mean, median, mode, standard Yes
4
deviation etc.
5 Performing structure discoveries Yes
6 Computing frequency distributions Yes
7 Computing pattern frequency distributions Yes
8 Computing metadata validations and statistics Yes
9 Identifying outliers and percentiles Yes
10 Identifications on range and domain checks Yes
11 Identifying referential integrity (pk/fk relationship) analysis Yes
12 Performing redundant data analysis Yes
The solution should provide the capability to create data profiling reports Yes
13
in the form of pie charts, bar graphs etc.
The solution should provide the capability to create data profiling reports Yes
14
in the form of pie charts, bar graphs etc.
The solution should perform the data quality functionalities without Yes
15
creating a copy of the data in a proprietary/external format?
6.3 Data Cleansing & Data Preparation Compliance:
The solution should have the ability to correct mistakes in spellings, Yes
1
inconsistencies, casings and abbreviations
The solution should have pre-built libraries for standardization of INDIA Yes
2
specific data
The solution should enable parsing of data into atomic level information Yes
3
for better matching
4 The solution should provide safe string encode/decode capabilities Yes
5 The solution should provide Java code executions Yes
The solution should provide a unified capability and system for both Yes
6
offline and online Dedupe
7 The solution should provide following transformation nodes pre-built: Yes
8 Clustering Yes
9 Pattern Analysis Yes
10 Basic Statistics Yes
11 Frequency Distribution Yes
12 Identification Analysis Yes
13 Gender Analysis Yes
6.4 Clustering, Integration & Master Record Generation Compliance:
The solution should have the capability to identify duplicates and cluster Yes
1
records
Page 101 of 155
2 The solution should have intuitive, flexible rules to identify households? Yes
The solution should have the capability to provide fuzzy logic to induce Yes
3
tolerance during matching
The solution should have the ability to have options for automatic Yes
4
merging of clustered records
The solution should have the capability to enrich data from internal data Yes
5
sources
The solution should have the capability to enrich data from external/third Yes
6
party data sources
The solution should enable in-database data quality on appliances such as Yes
Teradata that helps cleanse large volumes of data, integrate all data
7
sources before loading to the data warehouse and, in the end, empower
executives to make more accurate decisions.
The solution functions should run within the Appliance which will help Yes
8 meet your data quality requirements – and, in the end, build a strong
foundation for business analytics with cleansed and integrated data.
The solution should have the capability to enrich data from external/third Yes
9
party data sources
6.5 Monitoring Compliance:
1 Does the system provide audit trails? Yes
2 Does the system have the capability to set alerts? Yes
3 Does the system enable enforcing data governance rules? Yes
Can we create customized rules to validate and audit operational
4
processes? Yes
Can we understand and refine mission-critical processes by logging
5
exceptions and violations? Yes
6 Can the system invoke events to correct the data? Yes
6.6 INDIA Data Specific Capabilities Compliance:
1 The solution should have INDIA specific vocabulary libraries Yes
2 The solution should have INDIA specific grammar rule libraries Yes
3 The solution should INDIA specific phonetics libraries Yes
4 The solution should have INDIA specific standardization rules and libraries Yes
5 The solution should have INDIA specific regular expression libraries Yes
6 The solution should have rules to identify individuals and organization

from the customer data Yes
The solution should have the ability to identify gender of individuals using
7
the INDIA specific vocabularies Yes
The solution should have the ability to be customizable in terms of the
8
vocabularies, grammars, phonetics, standardization rules, etc. Yes
The solution should have intelligent logic for INDIA names, addresses,
9 phone numbers, national ID, passport number and other identification
proof documents and demographic details Yes
6.7 Real Time Data Quality Compliance:
The solution should be available for real time (online) mode data quality
1
implementation through a service oriented architecture Yes
The solution should be capable of handling positive and negative
2
duplicates at real time Yes
Page 102 of 155

The solution should have the capability to integrate the watch-list
3
monitoring capabilities in real time Yes
4 The solution should have an out-of-the-box Email & FTP node? Yes
7. BI & Reporting
The solution should have the ability to use In-Memory Analytics to enable Yes
1 users to conduct Fast, Thorough Explorations and Analysis on your data
from different data sources across the Enterprise
The solution should be able to analyze Data and generate visualizations on Yes
2
the fly, without any performance degradation
The offering should have integrated modules for in-memory analytics Yes
3
comprising data preparation, exploration, visualization and administration
The solution should allow data to be accessed from any industry standard Yes
4
data source using native connectors and load the same in Memory
The solution should provide the capability to search for data tables Yes
5
available in Memory
The solution should provide the capability to upload data from a Yes
6
spreadsheet in to memory for analysis
The solution should provide self service analytics on data in-memory Yes
7 without the need to create a semantic metadata layer prior to
exploration, thus reducing dependency for end users
The solution should enable different types of users on all available data No
8 without the need to Subset / sample / create multiple views of data by
use of in-memory technology
The solution should provide Self-Service platform without the need to No
9 build a semantic metadata layer for End users, thus reducing dependency
on IT
The solution should provide a user friendly, web based , drag and drop
10
interface for data preparation No
The solution should visually prepare data for analysis, including joining
11 tables, defining custom calculated columns and creating custom
expressions for data tables available in-memory No
The solution should provide capability to leverage and build star schema
12
data models in Memory No
The solution should allow data load jobs to be scheduled to automate the No
13
process of loading data into memory
The solution should be compatible with both Windows and Linux operating
14
systems No
The solution should provide the following capabilities for Analytics
using In-Memory technology:
The solution should have the capability to explore and seek correlations Yes
15
on data sets using in-memory server sources for any size data analysis
The solution should provide interactive analytical capabilities such as Yes
16
Correlations & Regression
17
Network plot
18
Decision Tree
Page 103 of 155

19
Scenario analysis
The solution should provide interactive advanced statistical analysis Yes
20
capabilities such as Box Plot analysis
The solution should provide capabilities to view Entity relationships in Yes
21 Network Plot and allow drill into details to explore relationships and
define strength of relationships
The solution should have the ability to build Flow Diagrams for Path Yes
22
Analysis
The solution should provide Text Analytics on unstructured Data utilizing No
23
pre-defined ontologies and explore results for details
The solution should provide capabilities to forecast on the fly with No
24 forecasting confidence intervals to further enhance data exploration and
analysis
The solution should provide enhanced forecasting capabilities with No
25 Scenario Analysis i.e. It allows users to see how the forecast would be
effected by changing independent variable values
The solution should automatically select the most appropriate forecasting No
26
algorithm for selected data
27 The solution should provide capability to consume stored processes No
The solution should provide a clear explanation of Analytical results by No
28
providing “What does it mean” capabilities
The solution should support multiple animations of graphs of ranging in No
29
sequential and automatic way basis the animation variable
30 The solution should be capable of Goal Seeking No
31 The solution should be capable of carrying out sentiment analysis No
The solution should provide Scalability and High Performance
leveraging cost-effective architecture with increasing needs of
managing Big Data
The solution should provide Scalability and High Performance leveraging No
32
cost-effective architecture
The solution should have the ability to be configured on commodity No
33 hardware which gives the scalability and brings down upfront capital
investments for an organization
Ability to scale on commodity hardware architecture with increasing No
34 needs of managing Big Data and also support Hadoop without any
dependence on third party application or licensing
35 The solution should have the ability to compress data No
The solution should provide capabilities for analyzing / exploring data
and creating reports using In-Memory technology:
The solution should allow 'On-the-fly' hierarchy creation for adding drill- Yes
36
down capabilities to visualizations and reports
The solution should provide capabilities to Slice and dice Yes
37
multidimensional data by applying filters on any level of a hierarchy
The solution should provide capabilities to Drill up and down through Yes
38 hierarchies, or expand and collapse entire levels
The solution should provide a data acquisition wizard for previewing, Yes
39
filtering or sampling data prior to creating visualizations or reports
Page 104 of 155

The solution should provide different modes for discovering relationships Yes
40
while exploring data
The solution should provide users the capability to save and share their Yes
41
analysis as exploration, report, or PDF
The solution should provide the capability to export data to Excel and Yes
42
CSV/TSV document formats
The solution should allow users to Capture screenshots and share Yes
43
comments with others
The solution should support distribution of Reports and Dashboards to iPad Yes
and Android devices. The Native App should be freely available for iPad
44 on iTunes App Store and for Android devices on Google Play
The solution should allow the analysis / explorations / reports based on Yes
45
in-memory data to be pushed for offline viewing to mobile devices
Reports and Dashboards access on iPad and Android devices should be Yes
using a native application which helps leverage most popular gestures and
46
capabilities, including zoom, swipe, etc, to optimize ease of use and user
engagement
The solution should allow users to securely view reports on mobile devices Yes
47
while online or offline
48 The solutions should have the ability to cancel query in process Yes
49 Self-service capability to import data from databases Yes
50 The solution should be capable of applying filters on aggregated variables Yes
The solution should be capable to schedule & distribute Yes
51
reports/dashboards
The solution should provide Autocharting Based on data selected for No
52 analysis, solution should automatically choose best visualization suited to
display the type of data selected
The solution should provide Geographical map views (Chloropeths, custom No
53 conditional highlighting) to provide a quick understanding of geospatial
data
The solution should allow users to change queries by selecting items to be No
54
displayed from a sidebar or dynamically filtering and grouping
The solution should provide viewable descriptive statistics, such as min, No
55 max and mean, enabling users to gain an overall sense of a particular
measure
The solution should provide the capability to link to an external url from a No
56
visual object with relevent context
The solution should be capable of read and write of comments on reports No
57
to aid in collaboration
58 The solution is capable of emailing a report link with comments to others No
The solution should provide progressive filters. This refers to cascading No
relation between filter controls in the report body with bi-directional
59
filter support ie, each linked filter control acts as a source as well as
target for other prompts
The solution should provide collaboration support with Annotation on No
60
Tablet
61 The solution should allow users to Receive Alerts No
Page 105 of 155

The solution should provide a thumbnail view of recent and favorite items No
62
to select and open
The solution should provide precision layout capabilities provide flexibility No
63 in report layout and design Eg: Stack or group items, use send-to-back or
bring-to-the front capabilities, and more
The solution should provide filtering and selection capabilities to reports No
64 with easy-to-integrate common action elements such as radio buttons,
drop-down/combination boxes, check boxes and sliders
The solution should provide Percentage of Records as part of Filtering and No
65
Result Data set giving a purview of the amount of data being Analyzed
Capability to calculate new data items on the fly from existing data items No
66
using expressions
The solution should have the ability for Interactive report viewing for No
67
information consumers on iPad and Android devices
The solution should support same dashboard / report created on Web to No
68
be accessed from iPad and Android devices without requiring any redesign
All users should have access to all capabilities of the solution platform No
69
and should not be restricted by way of licensing
The solution should be able to create the required management No
70
dashboards and reports required by management
71 The solution should allow user controlled rendering of visualizations No
72 The solution should allow preview of sub-expression No
The solution should provide the ability to switch between different No
73
percentages for the confidence interval
The solutions should have the capability to custom colors across reports No
74
and sessions
The solutions should have the capability to lookup email address in No
75
metadata
76 The solutions should have the capability to link stored processes No
77 The solution should have the functionality of applying global prompts No
The solution should be capable of Parameterized Calculations / Display No
78
Rules / Filters / Ranks
For optimal utilization of Real Estate available the solution should have No
79 the functionality of assigning prompts/visualizations to containers & the
ability to have pop-up visualizations
The solution should have both simple & advance variable aggregation No
80
options
The solution should have the capability for Office Integration
The solution should support viewing Reports and Dashboards in Office Yes
81
solutions
The solution should support Outlook Integration with full interactive Yes
82
reports, gadget panes
The solution should support SharePoint Integration with full interactive Yes
83
reports
The solution should support Excel integration with ability to leverage Yes
84
native Excel charts
The solution should have the capability to monitor the In-memory
server environment:
Page 106 of 155

solution should have capability to monitor Resource utilization including Yes
85
CPU, I/O and Memory
86 solution should have capability to monitor User sessions Yes
87 solution should have capability to monitor Mobile device logging history Yes
88 The solution should provide ability to Refresh reports from the device Yes
The solution should provide server side logging for user actions – reports Yes
89
downloaded
90 The solution should have 'out of the box' usage report Yes
The solution should have the capability to manage the In-memory
server environment including:
91 Start/stop in-memory server Yes
92 Load/unload tables to/from memory and local data providers Yes
Reuse existing queries by Scheduling of the jobs to run data preparation Yes
93
queries in off-peak times
94 Should have the capability to set table limits Yes
The solution should provide the following capabilities pertaining to
security of the environment:
95 Table and row level security for the data tables loaded in memory No
Mobile device blacklisting through the web based security and No
96
administration interface
Mobile device whitelisting through the web based security and
97
administration interface No
The solution should supply the Management information:
98 Ability to extract Transaction History data Yes
Ability to extract Operational statistics, at operator level team level and Yes
99
unit level
100 Ability to detail the length of time the operator is logged into each case Yes
Ability to detail the number of cases per hour to be split by Yes
101
rule/queue/Operator/time of day/day of week/Brand
Ability to produce MI on Lost/stolen markers applied to be split by Yes
102
rule/queue/Operator/time of day/day of week/Brand
Ability to analyze the time a case spends in the queue until it is worked Yes
103
be split by rule/queue/Operator/time of day/day of week/Brand
104 Ability to detail the actions an operator has taken with each case Yes
105 Ability to refresh BIS data every 24 hours Yes
Ability to analyze performance of existing real time and case creation Yes
106 rules. Performance defined as False Positive Rate, Account Detection
Rate, Value Detection Rate, Case Volume Created, Referrals Created
107 Ability to link external data base (e.g. CIBIL) to assist in investigation Yes
Ability to extract Case History data total number of cases created worked
108
and completed on a daily weekly and monthly basis No
109 Ability to detail the outcome of each case No
110 Ability to export reports into excel No
111 Ability to define format of Reports No
Ability to extract details of user access permissions allocated to
112
individuals No
113 Ability to have instant refresh for the queue statistics that supervisors can No
Page 107 of 155

examine
Ability for any appropriate department in the Group e.g. Ops. and Cards
114
Risk to view MI No
MI data to be made available to business users via the equivalent
115
database. No
116 Ability to create reports based on data held in BIS database No
117 Ability to analyze data using GUI based reporting tool No
118 Ability to access data between 06:00 to 22:00, 7 days a week No
Ability to use BIS data to determine real time and case creation rules for
119
testing phase of No
Ability to use BIS data to determine filter rules for testing phase of Real
120
Time project No
121 Ability to analyze data at unique transaction level No
122 Ability to save reports to Excel / Local drive for e-mail distribution No
Ability to store authorization data relating to all debit card brands in
123
scope of project No
Ability to store transaction (clearing) data relating to all debit card
124
brands in scope of project No
Ability to analyze confirmed fraud data to identify new real time and case
125
creation rules No
Ability to analyze fraud to sales ratio of new real time and case creation
126
rules No
Ability to create Dashboard for top management with a drill down
127
functionality No
8. Integrated Fraud Management
The solution should have Enterprise wide centralized Alert and Case
1
Management yes
The solution should have Enterprise wide centralized Rules Management
2
to support the keying of rules specific to products/channels. yes
The solution should support Multiple user groups for Case Alert and Rule
3
Management yes
The solution should allow the users to be setup having permissions to one
4
or more groups. yes
The solution should be capable of providing cross channel/product Fraud
5
management yes
The solution should be able to correlate transactions across all the
6
integrated channels and detect/prevent cross channel fraud yes
The proposed solution should be an integrated offering covering the
following capabilities
Data Management covering ETL, Data Quality, Name Screening, De-
7
Duplication No
Data Repository to store Bank wide data in a organized manner to
8
monitor multiple fraud types No
Intelligence Engine to cover the following capabilities / components
9 Business Rule Manager No
10 Analytical Models No
11 Network Analytics No
12 Business Intelligence & In-Memory Analytics No
13 Pre configured set of rules covering fraud patterns across channels and yes
Page 108 of 155
products
9. System Operational Requirements

1 FRMS must have 24 by 7 support including incident management Yes
2 Planned System outages should not result in a data loss. Yes
The timing of planned outage windows should be configurable and
3 Yes
randomized
4 Model performance reports to be provided prior to implementation Yes
FRMS must be recoverable. This includes back-ups, DR, contingency,
5 Yes
support arrangements and appropriate recovery/restart points
FRMS must operate with no/very few operational failures; all individual
6 Yes
hardware and software components must be stable.
FRMS must be scalable without rewriting the application or redesign of
7 Yes
the infrastructure
FRMS must be monitored throughout 24x7 period, issuing appropriate
8 Yes
alerts with system thresholds and heartbeats set correctly
9 FRMS must be compliant with Information Security Policy Yes
Planned system outage window should be minimal and randomized during
10 the quiet period in the early hours of Sunday morning and should be No
agreed with impacted business areas.
Bank‟a stakeholders, Payment Processing, Help Desk, Op risk teams
11 No
should be notified for any planned outages for FRMS through email.
All Batch jobs should be run with no adverse effect on the business and
12 No
completed within agreed timeframes
13 Model performance reports are validated by Bank on implementation No
FRMS must have fully resilient system configurations with only one point
14 No
of failure and remain available in error conditions
FRMS must undergo full end to end testing including stress, performance,
15 No
DR and recovery testing
FRMS must have built in growth for an agreed period of time and agreed
headroom above peak demand CPU, storage, memory; the system should
16 not run continuously at greater than an agreed % of infrastructure No
capability and the batch must be able to run within a defined window
with acceptable contingency available.
FRMS must be designed to run on Bank‟s strategic platforms, fully
supportable by Technology and/or suppliers and essential maintenance
17 No
can be performed without service disruption or within agreed windows of
scheduled downtime.
18 FRMS operational limits must be known No
FRMS must have integrity, running updates using logical units of work and
19 No
commits charges appropriately and report any integrity breaches.
9.2 Performance
The User Interface screen(Rules, Alert, case Management) should load up
1 Yes
within 10 seconds of the log on details being entered
A risk score must be made in under 0.5 seconds for a transaction entering
2 Yes
the application to be profiled in real time
3 All screens should respond to instruction in under 1 second Yes
The screen refresh rate should be a maximum of 3 seconds for User
4 Yes
Interface screens
Page 109 of 155

Any screens expected to take over 3 seconds to render should display an
5 Yes
indicator of progress egg. Progress bar with percentage complete
Ability to send a response back to calling system in under 1 second for a
6 decision to create an alert and/or to send a response back to the calling Yes
system for a transaction entering the case management tool.
7 Ability to place a newly created alert in a queue in under 1 second Yes
Ability to send the response is sent back to the concerned system in under
8 Yes
1 second when the alert is resolved by the operator
Ability to send the response back to the concerned system in under 1
9 Yes
second when the alert is auto resolved
Ability for newly assigned queues to be accessible to operators in under 1
10 Yes
seconds
Ability to display the alert details in less than 1 second to the operator on
11 Yes
accessing an alert.
12 Case management tool required 24/7 Yes
The system should have the ability to execute immediate card stops /
13 Yes
temporary blocks/ Unblock the card
No increase in the number of 'Stand ins' for authorizations should be
14 No
experienced as a result of synchronous processing.
Vendor should provide a "system heartbeat" consistent with Bank‟s
15 No
standards
Batch processing to be completed overnight between 12 midnight and
16 No
5am, during low volume 'Real-Time' transactions window.
9.3 Capacity Requirements
300 users with up to 50 simultaneous users require Case Management tool
1 Yes
across. They would be based across multiple Bank locations
The system should support the transaction volumes at go live with
2 Yes
projected growth of 30% on YoY basis.
The system must have built in growth for an agreed period and agreed
3 Yes
headroom above peak demand on processing, storage and memory
The system should handle data volumes as detailed in the Annexure (and
4 Yes
adjusted if necessary).
5 Volume based requirements will be added at a later stage. Yes
9.4 Controls and Security
1 Ability to audit all operator activity for further investigation if required. Yes
2 The system should only be accessible by authorized Bank‟s users. Yes
The system should be configured with various user profiles with restricted
3 Yes
privileges per user group depending on their role
The system must have a controlled process to test and publish new rules
4 Yes
into the live production system
There should be the ability to define various user access rights and
5 privileges within the Application to ensure access to all data is at the Yes
correct level per specific user group
6 Must comply with Bank‟s Information Security Requirements Yes
Password protection should be available and no system password should
7 Yes
be displayed in clear text
Page 110 of 155

The system should display error message to users with restricted or no
8 Yes
access to Case management or Rules Management.
9 The system should allow a user to have one profile at any one time. Yes
The system administration should be kept separate from operational
10 Yes
processing area.
9.5 Recovery and Restart
1 Ability to completely rebuild all data from back up. Yes
Ability for the fraud detection module to return with zero data loss to the
2 last transaction handled in the event of a system recovery or restart, Yes
planned or unplanned,
Ability for the case management module to return with zero data loss to
3 the last transaction handled In the event of a system recovery or restart, Yes
planned or unplanned
Ability to resume without manual intervention in line with technology
4 Yes
standards after a batch failure had been detected and resolved,
Ability for the system to resume a failed batch transfer with zero data
5 Yes
loss.
In case of a system failure, Ops risk, Payment Processing, Help Desk
6 Yes
should be notified immediately.
In the event of any system or power failure FRMS tool must be recovered
7 Yes
within 30 minutes
The system must have the ability to have appropriate recovery/restart
points built in i.e. the Stored transactions during the downtime must be
8 Yes
processed in catch-up mode with a queuing mechanism to allow any 'Real-
Time' processing taking priority during this period as required.
9.6 Disaster Recovery
1 Ability to switch seamlessly to a Bank assured disaster recovery site. Yes
2 The system must have an assured DR site in place. Yes
There needs to be a DR Script users can run following switchover/restore
3 Yes
to both the DR site and back again to Primary site.
9.7 Data Retention
Ability to store transaction data relating to all products and channels in
1 Yes
scope of project
2 Ability to store confirmed fraud data Yes
3 Ability to store cardholder data Yes
4 Ability store and retrieve 60 months of authorization and transaction data Yes
5 Ability to store and retrieve 60 months of confirmed fraud data Yes
Historical data should not be retained for longer than regulatory time
6 Yes
periods and should be deleted/archived
Audit Logs should be retained for a minimum period of 18 months ( this to
7 Yes
be checked with Fraud Investigators)
9.8 Housekeeping requirements
The system should have the ability to archive new cases prior to them
1 Yes
ageing off the system.
The system should have the ability to archive Pending cases 60 days after
2 Yes
creation
The system should have the ability to archive closed cases up to 30 days
3 Yes
after creation.
Page 111 of 155

9.9 Support Requirements
Support - onsite support during core hours with on-call during Out of
1 Yes
Hours should be provided by Production Support during warranty period.
Bidder should be available to support all system maintenance activities
2 Yes
24*7, 365 days after the warranty period
3 Bidder support should be available during scheduled upgrades Yes
Support from Bidder should be available through phone, remote connect,
4 Yes
email and in person.
5 The SLA for system fault repairs should be as defined in the RFP Yes
9.101 Maintenance Requirements
Ability to install and test regular installation updates of Model to verify
1 Yes
that it works as expected.
An ongoing evaluation and test environment (or area with PSE) will be
2 required by the Business to test new rule generation and test potential Yes
impact on performance of existing production system
Interface systems must have the ability to integrate with FRMS (SMS, OTP,
3 Yes
Email gateways…)
The system must be designed to run on strategic platforms across Brands
4 No
and all software and hardware infrastructure elements.
Essential maintenance to the system can be performed without service
5 No
disruption or within agreed windows of scheduled downtime.
6 Impact on Other Systems No
Calling system has to configure a timeout in case of delayed response
7 No
from FRMS.
9.11 Environmental Requirements
A mirror image Production environment must be provided to allow
1 No
ongoing Business Testing following implementation.
9.12 Business Volumes:
Cater for anticipated increase in transaction traffic amounting to 30% per
1 Yes
annum
Cater for anticipated increase in clearing and non-monetary data
2 Yes
amounting to 30% per annum
2.13 Training Requirements
Bank‟s project and support staff should be technically trained by Supplier
1 as appropriate to build and maintain the system at relevant points in the Yes
project lifecycle
Business staff should have application support training by Supplier as
2 Yes
appropriate to use and manage the system prior to go-live
Business staff should have support reference material provided by the
3 Yes
Supplier appropriate to use post live
10. Integration and Interface
10.1 System integration/handshakes
The system should allow Integration with ALL card host systems & Switch
1
(Prime, Online, Electra, DCMS, Base 24, etc.) Yes
To facilitate real time alerts to customers on transactions (Fin & Non
2 Financial) system should have integration capabilities with Banks SMS and
Email Gateway Yes
Page 112 of 155

The system should have the Ability to send transactional alerts
3
(successful/decline/attempted) through multiple channels – SMS Yes
4
(successful/decline/attempted) through multiple channels – Mobile Yes
5
(successful/decline/attempted) through multiple channels – Internet Yes
6
(successful/decline/attempted) through multiple channels – Email Yes
7
(successful/decline/attempted) through multiple channels – ATMs) Yes
8
(successful/decline/attempted) through multiple channels – Branches Yes
9 (successful/decline/attempted) through multiple channels – Telephone-
IVR Yes
The system should have the Capability to block/hotlist a card & update
10
memo & any other field, in real time. Yes
11 The system Should have option of bulk blocking of cards, if possible Yes
10.2 User Interface and Experience
The system should have Intuitive user interface- using color coding etc to
1
make it very easy to use No
The system should Provide Bank with a interface that allows
2 reviewers/users to view non-sensitive account information; including the
related notes, Memos, etc No
The system should Provide GUI based Facility for designing, implementing
and executing real time cases decisioning & assignment for further
3 actioning. (Allow/Deny/send SMS/send letter/ case creation/block card or
account,etc). Explain if any limitation exists.
No
10.3 System Implementation
The application should have the capability to interface with the existing
1 Adaptive Authentication tools(Secret Questions, OTP, Biometric,
Hard/Soft tokens) Yes
The application should have the capability for NT based user
2 authentication. Should also support Single Sign on with the existing
Authentication tools. Yes
There should be maker checker implementation for all the critical
3 functions to be carried out by an user. Application should have facility to
define admin roles. Yes
The product architecture should provide for N-tier capability based on
4 SOA architecture with vertical as well as horizontal scaling possible.
Please describe the product architecture in detail. No
The system should provide Licensing or Processing model suggested and
5
relevant details No
6 The system should provide Details of the hosting model proposed. No
The solution should provide the solution architecture in detail describing
7
the components involved in the entire set-up. No
The solution should provide details of the clustering/failover mechanisms
8
proposed. No
Page 113 of 155

The solution should describe the technical architecture in detail with the
9
hardware and environmental software requirements. No
The system should provide the basis/parameters considered for the sizing
10
recommended. And it should provide year wise sizing plan. No
11 The solution should define the PMO structure with relevant details No
The system should provide the High level Project plan with defined
12
phases, resource and time estimations and milestone completion dates. No
The system should provide Help desk structure with 24*7 support team
13
availability/ location details. No
14 The system should provide SLA details. Yes
The system should describe in detail the pricing model with fixed/
15
variable components if any, schedule clearly defined. No
The system should provide details of the integration methodology
16 proposed, API structure and the ease of integration with different
application as well peripheral systems.
No
17 The system should provide response time proposed. No
18 The system should provide provision for minimum request timeouts. No
The solution architecture should provide details of the clustering/failover
19
mechanisms proposed and SPOF if any. No
The product implementation should adhere to OWASP guidelines and
20
ISG/internal audit guidelines. No
The product implementation should adhere to Hardening guidelines
21
(OS/DB both at all layers). No
The system should provide details of the integration methodology
22 proposed, API structure and the ease of integration with different
application as well peripheral systems like LAM.
No
23 The system should provide Details of the committed uptime. No
11. Additional Functional Requirements
The system should comply with all regulatory, statutory, legal acts and Yes
1
rules including IT Act, 2000 (Amended 2008).
The bidder should provide advisory services and regularly track globally or Yes
based on alert generated by system and advise the Bank to maintaining
the proposed transaction monitoring and Fraud Management solution
2
updated as per the global best practices to ensure that the proposed
solution is always updated with cater the latest threats and fraud
patterns.
The proposed solution should be able to integrate with bank's existing SMS Yes
3
OTP and 2FA infrastructure for stronger authentication.
Solution should have an interactive mobile alerting and payment platform Yes
4 that provides a flexible interface between mobile channels and
transaction systems.
The proposed solution should provide robust fraud detection and risk
scoring capabilities using following approach but not limited to this as
below:
5 Advanced rule/scenario based detection. Yes
6 Identity Resolution. Yes
7 Dynamic Behavior Profiling and anomaly detection. Yes
Page 114 of 155

Machine Learning based Predictive Scoring models (including Neural Yes
8
Networks and Support Vector machine
The proposed solution should provide pre-packaged scenarios or have the Yes
9 flexibility to create such scenario with minimal efforts as and when
required for multiple products and channels.
The proposed solution should provide web based scenario authoring tool Yes
10
to configure new fraud schemes as and when required.
The proposed solution should provide advanced case management system Yes
with rich client software for link analysis and visualization of complex
11
networks that can be integrated across source systems for case
investigation.
Proposed case management system should support configurable work flow Yes
12
based on the case type and built-in auto case routing mechanism.
Proposed advanced case management tool should be integrated with the Yes
13 case investigation, link analysis and visualization tool for the case
investigation.
Proposed case management solution should support case escalation Yes
14 feature based on business policies configured
The proposed solution should support advanced IP geo-location capability Yes
15
to detect IP Country, IP City, Proxy IP and zone hopping
The proposed solution should support wide range of 2FA techniques Yes
16 including SMS/Email OTP, software tokens, hardware tokens, transaction
signing tokens, PKI certificates
The proposed solution should not require any download or installation by Yes
the end user and should support all types of browser and operating
17
systems environments on all devices e.g. Personal Computers / Laptops /
Smart phones/ other devices
The proposed solution should be able to prevent existing and emerging Yes
frauds as result of phishing attacks, malware attacks, denial-of-service
18 attack (Dos), Man-in-the-Middle (MITM) and Man-in-the-browser (MITB)
attacks etc
The proposed solution should monitor and detect frauds for all pre-login, Yes
19 login and post login related transactions for Net banking and other
relevant channels.
Solution should have capability to build and re-factor dynamic e-banking Yes
user behavior profiles including but not limited to:-
Preferred Country
Preferred City
Preferred IP
20 Preferred ISP
Preferred Device
Preferred Payee
Average Daily/Weekly/Monthly Funds Transfer amount/frequency by
payee/biller
Preferred Transaction hour
21 The proposed solution should support IPV6 addressing. Yes
The proposed solution should support payment card fraud prevention Yes
22 against skimming, counterfeit cards, lost and stolen cards, Mass card
compromise, sudden surge and anomalous behavior, zone hopping.
The proposed solution should have capability to detect common point of Yes
23
compromise (CPC) for compromised ATM, POS, and Merchants.
Page 115 of 155
Page 116 of 155
Annexure – D (Reference Site Details)
We give below the reference site details.

Name of the Bank / Financial Institution
(Client Name)
Address of the Bank / Financial Institution
Brief description of the nature of business /

process handled.
Contact Details (At least two contacts Contact 1

details of senior staff of the client are to be
provided for each reference).
Contact1
Name:
Designation:
Landline No.:
Mobile No.:
E-mail id:
Contact2
Name:
Designation:
Landline No.:
Mobile No.:
E-mail id:
Description of the services provided
Duration of assignment including start date

and end date.
Approximate value of service
** Sheet should be filled both for bidder and professional consulting organization
Signature
Company Seal
Page 117 of 155

Annexure – E (Commercial Offer) – Commercial Bid
(To be submitted in sealed envelope)
Place:
Date:
To:
The General Manager,

Union Bank of India,
Technology Center,
Mumbai. 400072
Commercial Price Bid
Bill of Materials
Cost for Application Software & Hardware with enterprise license

(Amount in INR)
Capital Revenue Cost
Cost (in [ATS should be in the range of 15%-20%]
S.No. Component [ATS should be in the range of 8%-12%] Total
INR)
(a)
Year 1 Year 2 Year 3 Year 4 Year 5
1. Enterprise Fraud
Risk Management
NA
Solution (Enterprise
Licenses)
2. Hardware :-
Required Hardware
should be in HA
mode at DC and DR
as well. Hardware
for Backup also. The
entire hardware
should be with one
year warranty.
NA
(Final Selected
Bidder has to provide
bifurcation for all
hardware
components
separately in BOM
including applicable
taxes as per this RFP)
Page 118 of 155

3. Software:-
All software required
for EFRMS solution
such as BI and
Reporting tool,
Monitoring tools, ETL
tool, OS, licenses,
middleware, if any
and any other
/software with one
NA
year warranty
(Final Selected
Bidder has to provide
bifurcation for all
Software
components
separately in BOM
including applicable
taxes as per this RFP)
4. One time Implementation Cost of EFRM Solution
XX
I. Man-Day Effort of
OEM for minimum
40% of total
NA NA NA NA NA
implementation
effort of EFRM
solution
II. Man –Day Effort
NA NA NA NA NA
of Bidder
5. Training Cost
XX
I. End User Training
(batch of 30 NA NA NA NA NA
officials)
II. Top Management/
Executive Training
NA NA NA NA NA
(batch of 15
executives)
III. Core Technical
Training(batch of NA NA NA NA NA
15 executives)
6. Facility Management
Type Qty NA
L1 resources cost at 7
NA
bank‟s premises
L2 resources cost at 3 NA
Page 119 of 155
bank‟s premises
L3 resources cost at 1
NA
bank‟s premises
7. Change Request cost per quartertr
Type Qty NA
Change Request 4
Carried out by Bidder NA
for 5 man-Days
Change Request /any 4
other activity Carried
NA
out by EFRM OEM for
5 man-Days
Total Cost (A)
Total Cost of Ownership (TCO)
1. Recurring Cost for AMC, ATS
S.N Item Total Cost

Annual Technical Support
(ATS) for Software,
Application, Integration,
customization, etc. (b)
1.
[ATS should be in the

range of 15%-25%]
ATS for 4 years(x) =[(b)*4]
2. Annual Maintenance Cost
(AMC) for proposed
hardware (c)
[ATS should be in the

range of 8%-12%]
AMC for 4 years(y) =[(c)*4]
Total (B) = (x) + (y)
____________________________
Total Cost of Ownership (TCO) (Amount in INR)
_________________________________
(Amount in Words)
*The AMC/ATS will start after one year warranty period.
Page 120 of 155

Note—
AMC and ATS price quoted in TCO will be consolidated amount for all the solution
components proposed by the Bidder for EFRM solution. Selected Bidder has to provide
bifurcation for AMC and ATS cost for each component separately.
2. Cost of Facility Management involved in the Project (for application maintenance,

Hardware maintenance and support for components)
Yearly Rate per person No. of Total Cost

S No Description for 8 hour shift Resources
(a) (b) (c)=a*b
On-site resources cost of L1
1. 7
at bank‟s premises
2. 3
at bank‟s premises
3. at bank‟s premises 1
Sub Total (z) 11
FM Cost for 5 Years (C) = (z)*5
3. Change Request Cost-
S. No
No. of Total Cost
Per Quarter Cost
Description Quarter
(a)
(b) (c)=a*b
Change Request Carried out

1. 4
by Bidder for 5 man-Days
Change Request /any other

2. activity Carried out by EFRM 4
OEM for 5 man-Days
Sub Total for 1 year (w)

Cot for 5 years (D) = (w)*5
Note:
i. The TCO is for 5 years.
ii. Cost across 5 years should be quoted equally for AMC/ATS.
Page 121 of 155

iii. AMC and ATS price quoted in TCO will be consolidated amount for all the solution
components proposed by the Bidder for EFRM solution. Selected Bidder has to
provide bifurcation for AMC and ATS cost for each component separately.
iv. The ATS cost can range from 15-20 percent where as AMC cost can range from 8-12
percent.
v. Cost of one onsite resource will be derived by dividing the cost given under point 6
by quantity mentioned in front of the line item.
i.
i. The change request quoted will be indicative price and will be valid during
contract period. Bank at its discretion may choose to avail or not to avail
any of these services at any point of time during contract period from date
of go live phase 3. Bank may also avail the change request service for more
than 5 man-days in a quarter on pro-rata basis. Before go live phase-3, all
change management carried out by bidder will be without any cost to the
Bank
vi. If the cost of any line item is indicted as zero then it will be assumed by the Bank
then the said item is provided to the Bank without any cost.
vii. The change request quoted will be indicative price and will be valid during
contract period. Bank at its discretion may choose to avail or not to avail any of
these services at any point of time during contract period from date of go live
phase 3. Bank may also avail the change request service for more than 5 man-days
in a quarter on pro-rata basis. Before go live phase-3, all change management
carried out by bidder will be without any cost to the Bank.
viii. The bidder has to make sure all the arithmetic calculations are accurate. Bank will
not be held responsible for any incorrect calculations. However, for the purpose of
calculations, Bank will take correct figures/cost.
i.
Notes:
ii. The total cost should be exclusive of GST (CGST/SGST/IGST), if any, shall be
payable by the Bank at actual on date of invoicing.
ix.
ii.x. Bank will not pay any Labour charges for transportation, installation of hardware
items separately. All such costs, if any, should be absorbed in the above TCO.
iii.xi. All the hardware and software quoted by Bidder should be with one year warranty.
The AMC/ATS will start from post warranty period.
iv.xii. AMC/ATC will include onsite support for all products, solutions, etc quoted under
this RFP including EFRMS solution, Hardware, Software, Database, etc.
v. ATS and onsite resources will form part of TCO.
vi.xiii. The ATS will include all the components of EFRMS solution such as software,
licenses, subscription etc.
xiv. The bidder should ensure that required numbers of officials are available
24*7*365 at Banks premises to support the Banks customer.
Page 122 of 155
Yours faithfully,
(Name & Designation, seal of the firm)
Page 123 of 155

Page 124 of 155
Annexure – F Undertaking for providing Performance Bank guarantee
To
Union Bank of India

Department of Information Technology
Technology Center, 5th floor,
1/1A, Adi Shankaracharya Marg,
JVLR, Powai, Andheri East
Mumbai- 400072
Dear Sir,
Sub: Undertaking for providing Performance Bank Guarantee – Request for

Proposal (RFP) For ENTERPRISE FRAUD RISK MANAGEMENT SOLUTION
We undertake to provide the Bank with a suitable Bank Guarantee in the format
prescribed by the Bank for maintaining the systems supplied, installed and
maintained under the RFP dated 13/06/2017 for Request for Proposal (RFP) For
ENTERPRISE FRAUD RISK MANAGEMENT SOLUTION
Yours faithfully,
Authorized Signatories
(Name, Designation and Seal of the Company)
Date:
Page 125 of 155

Annexure – G: Undertaking (To be submitted by all Bidder’s on their letter head)
Place:
Date:
To:
Union Bank of India
Technology Center,
Mumbai- 400072
Undertaking (To be submitted by all Bidder’s on their letter head)
We ________________________ (bidder name), hereby undertake that-
 We have not been blacklisted by the Government Authority or Public Sector

Undertaking (PSUs) in India or any Financial Institution in India as on date of
submission of response.
 We also undertake that, we were never involved in any legal case that may affect
the solvency / existence of our firm or in any other way that may affect capability
to provide / continue the services to bank.
Yours faithfully,
Authorized Signatories
(Name, Designation and Seal of the Company)
Date:
Page 126 of 155

Annexure -H Format for Bank Guarantee
To
Union Bank of India

Technology Centre,
Opp. Powai Lake (Andheri East)
Powai (Andheri East),
Mumbai 400072
Dear Sirs,
In response to your invitation to respond to your RFP for Enterprise Fraud Risk
Management Solution for your office, M/s __________________ having their registered
office at _____________ (hereinafter called the „Bidder‟) wish to respond to the said
Request for Proposal (RFP) for self and other associated bidders and submit the proposal
for the supply, installation, commissioning hardware equipment, software/ licenses and to
provide related services as listed in the RFP document.
Whereas the „Bidder‟ has submitted the proposal in response to RFP, we, the
____________ Bank having our head office ________________ hereby irrevocably
guarantee an amount of Rs._________________ as bid security as required to be submitted
by the „Bidder‟ as a condition for participation in the said process of RFP.
The Bid security for which this guarantee is given is liable to be enforced/ invoked:
1) If the Bidder withdraws his proposal during the period of the proposal validity; or
2) If the Bidder, having been notified of the acceptance of its proposal by the Bank
during the period of the validity of the proposal fails or refuses to enter into the
contract in accordance with the Terms and Conditions of the RFP or the terms and
conditions mutually agreed subsequently.
We undertake to pay immediately on demand to Union Bank of India, the said amount of
Rupees _______________ without any reservation, protest, demur, or recourse. The said
guarantee is liable to be invoked/ enforced on the happening of the contingencies as
mentioned above and also in the RFP document and we shall pay the amount on any
Demand made by Union Bank of India which shall be conclusive and binding on us
irrespective of any dispute or difference raised by the bidder.
Notwithstanding anything contained herein:
1) Our liability under this Bank guarantee shall not exceed Rs.________________.
2) This Bank guarantee will be valid up to __________________; and
3) We are liable to pay the guarantee amount or any part thereof under this Bank
guarantee only upon service of a written claim or demand by you on or before
________________.
In witness whereof the Bank, through the authorized officer has sets its hand and stamp
on this _______________ day of __________________ at _________________.
Page 127 of 155

Annexure – I Compliance to RFP terms & conditions
Bidder's
compliance
S.No Clause Details ( Yes / No)
1 Summarized scope of work
Bidder's acceptance to all the points
mentioned under the summarized scope of
work.
2 Two Part Tender
Bidder's acceptance to the procedure and
all terms and conditions mentioned under
this clause
3 Bid validity
Bidder's acceptance to keep the bid
validity for 180 days from the last date of
submission of bid documents
4 Right to alter RFP
Bidder's acceptance for Bank's right to

alter terms of RFP
No Commitment to Accept Lowest or Any
5 Tender
Bidder's acceptance to the Bank's right of
no commitment to accept lowest or any
Tender
6 Locations to be covered
Bidder's acceptance to the locations that
are proposed to be covered under this
Tender
7 Bid Security
Bidder's acceptance to all the terms and
conditions mentioned under this clause
and to submit bid security
8 Support/Service Details
Bidder's acceptance for providing logistic
and other support services as required by
the Bank
Audit for Security Services by third party
9 or Bank
Bidder's acceptance to conduct network
audit as specified
10 Quality Requirement for equipment
Bidder's acceptance to meet the quality
requirement of equipment as mentioned
Page 128 of 155

11 Price composition
Bidder's acceptance to the price composition specified
12 No Price Variation
Bidder's acceptance to No price variation
Clause
14 No Alternatives
Bidder's acceptance to the clause
15 Project period
Bidder's acceptance to the clause
16 Payment terms
Bidder's acceptance to all the payment
terms of the Bank
17 Technological Up gradation
Bidder's acceptance to Bank's
Technological upgradation
18 Scope of work
Bidder's acceptance to scope of work
22 Order Cancellation
Bidder's acceptance for the clause
23 Training
24 Guarantees
25 Resolution of Disputes/Arbitration
Disaster Recovery & Business Continuity
26 Planning (BCP)
These are the mandatory conditions. Each bidder has to provide the compliance for the
above.
Page 129 of 155

Annexure J (Reverse Auction Process)
RFP for Implementation of Enterprise Fraud Risk Management Solution
Reverse Auction through E-Procurement

The detailed procedure for Reverse Auction to be followed in the RFP for Implementation
of Enterprise Fraud Risk Management Solution is given below:
The response to the present tender will be submitted by way of submitting the Technical
offer & Indicative Commercial offers in separate in sealed covers. The technical details
with the relevant information/documents/acceptance of all terms and conditions strictly
as described in this tender document will have to be submitted by the Vendors. The
Indicative commercial bids submitted by the vendors who are short listed in the technical
bid evaluation process will be opened and those vendors will be invited to participate in
the online Reverse Auction to be conducted by the company selected by the Bank. Vendors
who are short listed from Technical evaluation will be trained by the Reverse Auction
Company for this purpose, and they will have to abide by the E-business rules framed by
the Bank in consultation with Reverse Auction Service provider. The e-business rules are
furnished hereunder in this document.
Further, please note that the vendor(s) who do not qualify in the technical bid processes
will not be considered for participation in Reverse Auction.
BUSINESS RULES FOR REVERSE AUCTION

APPLICABILITY:
Reverse Auctions are carried out under the framework of rules that are called Business
Rules. All vendors participating in Reverse Auction shall understand/accept and give an
undertaking for compliance with the same to the Bank in the prescribed format Annexure
K-1. Any vendor not willing to submit such an undertaking shall be disqualified for further
participation respecting the procurement in question.
ELIGIBILITY:
Only vendors who are technically qualified and who submit the prescribed undertaking to
the Bank alone can participate in Reverse Auction relevant to the procurement for which
RFP is floated.
COMPLIANCE/CONFIRMATION FROM VENDORS:
The vendors participating in Reverse Auction shall submit the following duly signed by the
same Competent Authority who signs the offer documents in response to the RFP:
 Acceptance of Business Rules for Reverse Auction and undertaking as per
format in Annexure K-1.
 Agreement between service provider and vendor. (This format will be given
by the service provider prior to announcement of Reverse Auction.)
 Letter of authority authorizing the name/s of official/s to take part in
Reverse Auction as per format in Annexure K-2.
TRAINING:
 The Bank will facilitate training for participation in Reverse Auction either on its
own or through the service provider for the Reverse Auction.
Page 130 of 155

 Where necessary, the Bank/service provider may also conduct a „mock reverse
auction‟ to familiarize the vendors with Reverse Auction process.
 Any vendor/bidder not participating in training and/or „mock reverse auction‟ shall
do so at his own risk and it shall not be open for him to make any
complaint/grievance later.
TOTAL COST OF OWNERSHIP (TCO):
TCO refers to the aggregate amounts payable by the Bank for transfer of ownership.
TCO shall encompass but not be limited to the following:

 Cost of the equipment/product or services.
 License fee (Corporate or user specific as defined in RFP) including OS/Data
Base/Application licenses).
 All existing taxes (including sales tax/VAT, service tax etc.), duties and
levies.
 Installation and commissioning charges, if any.
 The prices should include the comprehensive onsite warranty maintenance
of the equipments covering all components, services, and visits to the
concerned offices as specified in the RFP.
 Annual Maintenance Charges for the period as specified in the RFP.
 Transportation and Forwarding charges to respective sites.
 Training costs for the product/service/equipment if and as defined in RFP.
 Service Level Agreement (SLA) costs as defined in RFP for applicable period.
 Facility Management/infrastructure support costs as defined in RFP.
 Insurance to cover the equipment for and from transit period till
installation.
The TCO shall be arrived at after deducting „buy back‟ costs involved and if/as defined in
the RFP.
TCO, however, shall not include variables of octroi and entry tax. These shall be paid as
per actual and on production of receipts. However, no penalties respecting octroi or entry
tax shall be paid by the Bank and the vendor shall bear such expenses.
DATE/TIME FOR TRAINING:
 The Venue, Date, Time etc. for training in Reverse Auction shall be advised at the
appropriate time.
 The Bank shall Endeavour to fix such Date/Time at mutual convenience to the
vendor/s, service provider and the Bank.
 No request for postponement/fixing of Training Date/Time shall be entertained

which in the sole view and discretion of the Bank might result in any avoidable
delay to either the Reverse Auction or the whole process of selection of vendor.
Page 131 of 155

DATE/TIME OF REVERSE AUCTION:
The Date and Time of commencement of Reverse Auction as also Duration of „Reverse
Auction Time‟ shall be communicated at least 7 working Days prior to such auction Date.
Any force majeure or other condition leading to postponement of auction shall entitle the
Bank to postponement of auction even after communication, but, the Bank shall be
obliged to communicate to all participating vendors the „postponement‟ prior to
commencement of such „Reverse Auction‟.
CONDUCT OF REVERSE AUCTION:
The Reverse Auction shall be conducted on a specific web portal meant for this purpose.
The Reverse Auction may be conducted by the Bank itself or through a service provider
specifically identified/appointed/empanelled by the Bank.
SERVICE PROVIDER’S ROLE & RESPONSIBILITIES:
In all Reverse Auctions conducted by the Bank through a Service Provider, the Bank shall
enter into a separate agreement clearly detailing the role and responsibilities of the
service provider hosting the web portal for the Reverse Auction.
For creating necessary obligations and rights, the service provider will also enter into an
agreement with each vendor as per a format designed by him for this purpose. The Bank
shall resolve any points/issues concerning such agreement of vendor and service provider.
While a Service Level Agreement (SLA) by the bank with the service provider is an
arrangement for smooth and fair conduct of the Reverse Auction, the Bank shall be
directly responsible to vendors for fair and transparent conduct of Reverse Auction.
The service provider at the end of each Reverse Auction shall provide the bank with all
details of the bids and reports of reverse auction.
The service provider shall also archive the data pertaining to the Reverse Auction for a
minimum period of 3 years.
TRAINING AND AUCTION:
 Service provider / auctioneer is responsible for conduct of adequate training to all

technically qualified bidders representing the reverse auction and bidding process.
 Each vendor / bidder shall participate in the training at his / their own cost.
 Wherever it is considered necessary and asked by the bidders or as decided by the
auctioneer or by Bank a mock auction may also be conducted for the benefit of all
concerned.
Page 132 of 155

 Authorized representatives of the bidders named in the authorization letter given
by the vendor shall be given unique user name, password by the service provider /
auctioneer.
 Each bidder shall change the password and edit the information in the registration
page after receipt of initial password.
 All the bids made from the log-in ID given to bidder shall be considered bid made
by the vendor / bidder to whom log-in ID and password were assigned by the
service provider / auctioneer.
 Any bid once made through registered log-in ID / password by the vendor / bidder
cannot be cancelled. The bidder, in other words, is bound to sell the “Offering” as
per the RFP at the bid price of TCO.
 Every successive bid by the bidder / vendor being detrimental bidding shall replace
the earlier bid automatically and the final bid as per the time and log-in ID shall
prevail over the earlier bids.
 The Bank shall conduct the reverse auction as per the Standard English reverse
auction, that is, no two bids can have identical price from two different vendors.
In other words, there shall never be a “Tie” in bids.
PROXY BID:
 A proxy bid is one where vendor can submit the lowest bid amount by him in strict
confidence to the system directly. This obviates the need for him participating in
the bidding process until the proxy bid amount is decrement ally reached by other
bidders.
 When proxy bid amount is reached, the vendor has an option to revise the proxy
bid amount or he can prefer to start participating in bidding process.
 Since it is an English auction with no ties, two vendors submitting identical proxy
bid amount and succeeding in auction simultaneously does not arise.
 During training, the issue of proxy bidding will be clarified in detail by the service
provider.
TRANSPARENCY IN BIDS:
All bidders will be able to view during the auction time the current lowest price in portal.
Bidder shall be able to view not only the lowest bid but also the last bid made by him at
any point of time during the auction time.
MASKING OF NAMES:
Names of bidders/ vendors shall be anonymously masked in the Reverse Auction process
and vendors will be given suitable dummy names.
Page 133 of 155

After completion of Reverse Auction, the service provider / auctioneer shall submit a
report to the Bank with all details of bid and the original names of the bidders as also the
L1 bidder with his / their original names.
START PRICE:
Bank shall determine the start price either on its own or through asking for information of
price band on TCO from each vendor at appropriate time during or at the conclusion of
technical evaluation. Based on the price band so informed by vendors, Bank would
determine the start price for reverse auction.
DECREMENTAL BID VALUE
The vendors shall be able to bid only at a specified decrement value and not at any
other fractions. The Bid decrement value shall be Rs 7500/- or 0.25% of the Start price of
the Reverse Auction, whichever is higher.
The bid decrement value shall be rounded off to the nearest thousands of rupees.
For the sake of convenience of vendors, the web portal shall display the next possible
decremented value of bid. It is not, however, obligatory on the part of vendors to bid at
the next immediate lower level only. (That is, bids can be even at 2 or 3 lower levels than
the immediate lower level.)
COPY OF BUSINESS RULES
The Bank shall supply copy of the Business rules to any vendors / bidders, wishing to
participate in the reverse auction. Such request shall be made in writing to the Bank by
an authorized representative of the vendor.
 The Bank shall also handover a copy of the Business Rules with a covering
letter duly signed by an authorized signatory of the Bank.
 For any dispute concerning the Business Rules, the hard copy of Business
Rules supplied by the Bank for the reference of reverse auction process will
alone be considered final and binding.
SPLITTING OF ORDERS:
If any RFP specifically authorizes splitting of orders for the sake of reducing
dependency on single source of supply or provision of service, Bank is entitled to
split the order in the order and as provided in RFP.
While splitting the order, Bank shall specify the maximum quantum for L1, L2 etc.
in RFP.
In case L2 vendor is not willing to supply at L1 price, Bank shall call L3, L4 etc. in
order to arrive at the split quantum to be awarded.
The Bank shall also be entitled to award the contract to L2, L3 or L4 etc. bidders in
the event of L1 bidder backing out to honor the commitment, or for that matter
not in a position to supply the offering as per RFP.
REVERSE AUCTION PROCESS:
Page 134 of 155

In order to reduce the time involved in the procurement process, Bank shall be entitled to
complete the entire procurement process through a single Reverse Auction. For this
purpose, Bank shall do all it can to award the contract to L1 bidder or in the
circumstances where awarding of contract may have to be done to the L2, L3 bidder as
provided for in the RFP.
The Bank shall however, be entitled to cancel the procurement of Reverse Auction
process, if in its view procurement or reverse auction process cannot be conducted in a
fair manner and / or in the interest of the Bank.
The successful vendor shall be obliged to provide a Bill of Material at the last bid price at
the close of auction.
RULES FOR RE-AUCTION
Bank may consider the option of a Re-Auction in following circumstances:
 During the process of reverse auctions, if there is either no bids from logged
in vendors or only one vendor puts up bid/s, Bank may decide a re-auction
by taking fresh Indicative prices from all qualified vendors in sealed cover
only, to amend the start price for Re-auction.
 In case the start price for the Reverse Auction event is decided by Bank and
there are no bids or only one bid/s by a single vendor in the Reverse
Auction, Bank may decide Re-Auction while further amending the start
price.
 Reverse auction will be valid only if two or more bidders are participating in
the reverse auction event.
EXPENDITURE ON REVERSE AUCTION:
All expenses of reverse auction shall be borne by the Bank. Vendors, however, shall attend
the training or mock auction at their own cost.
CHANGES IN BUSINESS RULES:
Any change in Business Rules as may become emergent and based on the experience
gained shall be made only by a Committee of senior / top executives of the Bank.
 Any / all changes made in Business Rules shall be uploaded in the Website
immediately.
If any reverse auction process has commenced and a change is made in
Business Rules, it shall be informed immediately to each vendor/ bidder and
his concurrence to / acceptance of the change shall be obtained in writing
by the Bank.
DON’TS APPLICABLE TO THE BIDDER/VENDOR:
 No vendor shall involve himself / itself or any of his / its representatives in any
price manipulation directly or indirectly with other bidders. If any such practice
comes to the notice, Bank shall disqualify the vendor / bidders concerned from the
reverse auction process.
Page 135 of 155

 Bidder shall not disclose details of his bids or any other details concerning Reverse
Auction process of the Bank to any other third party without specific permission in
writing from the Bank.
 Neither Bank nor service provider / auctioneer can be held responsible for
consequential damages such as no power supply, system problem, inability to use
the system, loss of electronic information, power interruptions, UPS failure, etc.
(Bank shall, however, entertain any such issues of interruptions, problems with
open mind and fair degree of transparency in the process before deciding to stop or
extend the auction.)
GRIEVANCES REDRESSAL:
 Any aggrieved vendor / bidder through Reverse Auction process can make
complaint in writing within 48 hours of the Reverse Auction to the Chief
Compliance Officer of the Bank.
 The Chief Compliance Officer along with the Chief Law Officer of the bank and
Chief of Audit Dept. shall give personal hearing to the aggrieved bidder / vendor
and decide upon the complaint / grievance.
 Decision of the Grievance Redressal Committee shall be binding on the Bank as well
as on all vendors participating in the Reverse Auction.
ERRORS AND OMISSIONS:
On any issue or area of material concern respecting Reverse Auction not specifically dealt
with in these Business Rules, the decision of the bank shall be final and binding on all
concerned.
Page 136 of 155

Annexure J-1: COMPLIANCE STATEMENT
(To be submitted by all the vendors participating in Reverse Auction)
To,
Union Bank of India
Technology Centre,
Adi Shankaracharya Marg,
Jogeswari Vikhroli Link Road,
Powai, Mumbai – 400 072
DECLARATION
We ______________________(name of the company) hereby confirm having submitted our
bid for participating in Bank‟s RFP dated _________ for procurement of ____________.
We also confirm having read the terms of RFP as well as the Business Rules relating to the
Reverse Auction for this RFP process.
We hereby undertake and agree to abide by all the terms and conditions stipulated by
Union Bank of India in the RFP document including all annexures and the Business Rules for
Reverse Auction.
We shall participate in the on-line auction conducted by _______________ Ltd. (Auction
Company) and submit our commercial bid. We shall also abide by the procedures
prescribed for online auction by the auction company.
We, hereby confirm that we will honor the Bids placed by us during the auction process,
failing which we shall forfeit the EMD. We also understand that the bank may debar us
from participating in future tenders.
We confirm having nominated Mr ________________, designated as ______________ of our
company to participate in the Reverse Auction on behalf of the company. We undertake
that the company shall be bound by the bids made by him in Reverse Auction.
We undertake to submit the confirmation of last bid price by us to the auction
company/Bank within 48 working hours of the completion of event. We also undertake to
submit the Bill of Materials for the TCO (Total Cost of Ownership) in terms of RFP.
Signature with company seal
Name –
Company / Organization –
Designation within Company / Organization –
Address of Company / Organization –
Date:
Name of Authorized Representative: _______________________
Signature of Authorized Representative: ____________________
Competent Authority Signature: ___________________________
Date: _________________
Page 137 of 155

Annexure J-2: Letter of Authority for participation in Reverse Auction
To,
Union Bank of India
Technology Centre,
We ______________________(name of the company) have submitted our bid for

participating in Bank‟s RFP dated _________ for procurement of ____________.
We also confirm having read and understood the terms of RFP as well as the Business
Rules relating to the Reverse Auction for this RFP process.
As per the terms of RFP and Business rules, we nominate Mr. ______________,
designated as ______________ of our company to participate in the Reverse Auction.
We accordingly authorize Bank and / or the Auction Company to issue user ID and
password to the above named official of the company.
Both Bank and the auction company shall contact the above named official for any and
all matters relating to the Reverse Auction.
We, hereby confirm that we will honor the Bids placed by Mr. __________ on behalf of
the company in the auction process, failing which we will forfeit the EMD. We agree
and understand that the bank may debar us from participating in future tenders for
any such failure on our part.
Signature with company seal

Name –
Company / Organization –
Designation within Company / Organization –
Address of Company / Organization –
Date :
Name of Authorized Representative: ______________________

Designation of Authorized Representative: _________________
Signature of Authorized Representative: ___________________
Verified by: _________________________________________
Signature of Verifying Authority: _______________________
Date: ________________
Page 138 of 155

Annexure –K: LETTER FORM CONSORTIUM MEMBERS
(Applicable if consortium is proposed)
To, Date__________
Dy. General Manager

Union Bank of India
Technology Centre,
Dear Sir,
We____________________(Name of consortium member) who are established and

reputable manufacturers/service provider of __________________ having head office at
____________do hereby authorize and permit M/s ________________________ to submit
bid to Union Bank of India in response to their RFP for EFRM solution towards following
products/services to be supplied/provided by us as a members of consortium for bidding
the RFP. We also undertake that we have not been blacklisted by the Government
Authority or Public Sector Undertaking (PSUs) in India or any Financial Institution in India
as on date of submission of response.
S. No. Name of Product/Service Detail
Yours Faithfully

Signature of Authorized Representative with company seal: ___________________
Verified by: _________________________________________
Signature of Verifying Authority: _________________________
Date: _________________________________________
Page 139 of 155

Annexure – L: Pre Bid Query Format
Name of Company______________________
Name of Contact Person_________________
Designation____________________________
Email ID______________________________
Contact no_____________________________
Section and Response to query

S. Page
Clause RFP Text Query (to be left blank
No. No.
Reference No. by the vendor)
Page 140 of 155

Annexure – M: Proposed Hardware and Software
List of Proposed Hardware
Role of Hardware/
Make Placement
Sr. No. Solution Component Quantity Configuration
model (DC/DR)
to be hosted
1
2
3
List of proposed software
Software/ No. of
Sr. No. Description
Database licenses
Page 141 of 155

Annexure –N: Letter from OEMs
To:
Union Bank of India
Technology Center,
Mumbai- 400072
Sir,
We ………………………… (Name of the OEM) who are established and reputable manufacturers
/ developers of ………………………… having Registered office at ………, ……… do hereby
authorize M/s ……………………… to submit Bid and negotiate and conclude a contract with
you for Implementation of Enterprise Fraud Risk Management Solution for the product/s
manufactured / developed by us.
We also undertake to perform the obligations as set out in the RFP in respect of such
services and hereby extend our warranty / support and services through M/s.………………
during the 5 years contract period as per terms and conditions of the RFP.
We also undertake that we have not been blacklisted by the Government Authority or
Public Sector Undertaking (PSUs) in India or any Financial Institution in India as on date of
submission of response.
We assure you that in the event of M/s ……………………… not being able to fulfill its
obligation as M/s ……………………… Bidder in respect of the terms defined in the RFP,
…………………………………… (OEM Name) would continue to meet these either directly or
through alternate arrangements without any additional cost to the Bank.

Signature of Authorized Representative with company seal: ___________________
Verified by: _________________________________________
Page 142 of 155

Annexure –O (KYE Letter)
To:
Union Bank of India
Technology Center,
Mumbai- 400072
UNDERTAKING
We ______________________(name of the company) hereby confirm that all the resource

(both on-site and off-site) deployed/to be deployed on Bank‟s project for
________________ (Name of the RFP) have undergone KYE (Know Your Employee) process
and requisite checks have been performed prior to employment of said employees as per
our policy.
We further undertake and agree to save defend and keep harmless and indemnified the
Bank against all loss, cost, damages , claim, penalties, expenses, legal liability because of
non compliance of KYE and of misconduct of the employee deployed by us to the Bank.
Signature of Competent Authority with company seal ________________________________

Name of Competent Authority __________________________________
Company / Organization __________________________________
Designation within Company / Organization __________________________________
Date ________________
Name of Authorized Representative __________________________________

Designation of Authorized Representative __________________________________
Signature of Authorized Representative __________________________________
Signature of Competent Authority __________________________________
Date ________________
Page 143 of 155

Annexure –P: CONFIDENTIALITY / NON DISCLOSURE AGREEMENT
This CONFIDENTIALITY AGREEMENT (the “Agreement”) entered into on this _ day of
20__, and shall be deemed to have become in full force and effect from
(the “Effective Date”).
BY and between ____________a company incorporated under the provisions of the

Companies Act, 1956 in force in India, having its registered office at 806, Siddharth, 96,
Nehru Place, New Delhi - 110019 (hereinafter referred to as “_____” or „Bidder” which
expression shall, unless it be repugnant or contrary to the context or meaning thereof,
mean and include its, successors and permitted assigns) of the ONE PART
AND
Union Bank of India, a corresponding new bank constituted under section 3 of Banking
Companies (Acuisition & Transfer of Undertakings) Act 1970 having its Head office at Union
Bank Bhavan, Vidhan Bhavan Marg, Nariman Point, Mumbai – 400026 (hereinafter referred
to as “Union Bank” or “Bank” which expression shall, unless it be repugnant to the context
or meaning thereof, mean and include its successors and permitted assigns), of the OTHER
PART:
________ and the Bank shall hereinafter jointly be referred to as “Parties” and
individually as a “Party”.
In this Agreement, “Affiliate” means any entity which from time to time Controls, is
Controlled by or is under common Control with the relevant party or entity, where
“Control” means having the ability (including, without limitation, by means of a majority
of voting rights or the right to appoint or remove a majority of the board of directors) to
control the management and policies of an entity.
W H E R E A S:-
A. Bidder inter-alia is engaged in the business of providing IT related solutions &

services to various business entities in India & abroad.
B. UBI has agreed to disclose, transmit, receive, and/or exchange certain
“confidential information” to cover the business transaction between parties for
the provision of services related to ” (“the Purpose”)
as more particularly described in Purchase Order no , issued
by UBI in favor of ________.
NOW THIS AGREEMENT WITNESSETH:

1. Interpretation:
In this Agreement “Confidential Information” means all information belonging to a Party

that is or has been disclosed to one Party (the “Receiving Party”) by the other Party (the
“Disclosing Party”) in connection with the business transacted/ to be transacted between
the Parties. Confidential information shall also include any copy, abstract, extract,
sample, note or module thereof. The Receiving Party may use the Confidential Information
Page 144 of 155

solely for and in connection with the business transacted/ to be transacted between the
Parties. .
Notwithstanding the foregoing, “Confidential Information” shall not include any

information which the Receiving Party can show: (a) is now or subsequently becomes
legally and publicly available without breach of this Agreement by the Receiving Party, (b)
was rightfully in the possession of the Receiving Party without any obligation of
confidentiality prior to receiving it from the Disclosing Party, (c) was rightfully obtained
by the Receiving Party from a source other than the Disclosing Party without any
obligation of confidentiality, (d) was developed by or for the Receiving Party
independently and without reference to any Confidential Information and such
independent development can be shown by documentary evidence, or (e) is disclosed
pursuant to an order of a court or governmental agency as so required by such order,
provided that the Receiving Party shall, unless prohibited by law or regulation, promptly
notify the Disclosing Party of such order and afford the Disclosing Party the opportunity to
seek appropriate protective order relating to such disclosure.
2. Confidentiality:
2.01 Except to the extent as agreed herein, the Receiving Party agrees to regard,
preserve and keep as secret and confidential all Confidential Information of the Disclosing
Party or its clients or any member of their group disclosed under this Agreement. In
maintaining confidentiality hereunder the Receiving Party agrees and accepts that it shall
not, either on its own account or jointly with or for any other person, firm, company or
any other entity, without obtaining the written consent of the disclosing party;
i) disclose, transmit, reproduce or make available any such Confidential Information to
any person firm, company or any other entity other than its directors, partners,
advisers, agents or employees, who need to know the same for the purpose of
evaluating, preparing, considering, negotiating, advising in relation to or in
furtherance of the purpose aforesaid; or
ii) use the Confidential Information for any purpose other than evaluating, preparing,
considering, negotiating, advising in relation to or in furtherance of the purpose for
which it is disclosed; or
iii) disclose, announce or otherwise publicize the existence of its association with the
Disclosing Party or the existence of the project with the Disclosing Party or any other
arrangement (existing or possible) between the disclosing party, its clients or itself in
connection with any project/assignment; or
iv) use any such Confidential Information for its own benefit or the benefit of others or do
anything prejudicial to the interests of the Disclosing Party or its clients or any
member of their group or their projects.
2.02 The Receiving Party also agrees and accepts that it may endeavor:
i) use at least the same degree of care in safeguarding such Confidential Information as
it uses for its own Confidential information of like importance and such degree of care
shall be at least that which is reasonably calculated to prevent such inadvertent
disclosure;
ii) keep the Confidential Information and any copies thereof secure and in such a way so
as to prevent unauthorized access by any third party;
iii) limit access to such Confidential Information to those of its (including its Affiliates‟)
directors, partners, advisers, agents or employees who are directly involved in the
Page 145 of 155

consideration/evaluation of the Confidential Information and bind each of its
directors, partners, advisers, agents or employees so involved to protect the
Confidential Information in the manner prescribed in this Agreement; and
iv) upon discovery of any disclosure or suspected disclosure of Confidential Information,
to take reasonable effort to as per the circumstances, to inform the Disclosing Party of
such disclosure in writing and immediately return to the Disclosing Party all such
Information, in whatsoever form, including any and all copies thereof.
3. Return or destruction:
The Receiving Party may, upon completion of the purpose mentioned aforesaid or at any
time on receipt of a written demand from the disclosing party:
i) immediately return all written Confidential Information and all copies thereof
provided to, or produced by, it or its advisers, as the case may be, which is in such
party‟s possession or under its custody and control;
ii) to the extent practicable, but without prejudice to the obligations of confidentiality
herein, immediately destroy all analyses, compilations, notes, studies, memoranda or
other documents prepared by it or its advisers to the extent that the same contain,
reflect or derive from Confidential Information relating to the other party;
iii) so far as it is practicable to do so (but, in any event, without prejudice to the
obligations of confidentiality contained in this Agreement), immediately expunge any
Confidential Information relating to the Disclosing Party or its clients or any member of
their group or their projects from any computer, word processor or other device in its
possession or under its custody and control.
4. Permitted disclosure:
The provisions of paragraph 2 shall not restrict any disclosure required by law or by any
court of competent jurisdiction, the rules and regulations of any recognized stock
exchange or any enquiry or investigation by any governmental, official or regulatory body
which is lawfully entitled to require any such disclosure provided that, so far as it is lawful
and practical to do so prior to such disclosure, the Receiving Party shall promptly notify
the other party of such requirement with a view to providing the opportunity for the
Provider to contest such disclosure or otherwise to agree the timing and content of such
disclosure.
5. Ownership of Information:
Except to the extent as agreed herein, the Confidential Information and copies thereof, in
whatsoever form shall at all times remain the property of the Disclosing Party or its clients
and its disclosure shall not confer on the Receiving Party any rights (including any
intellectual property rights) over the Confidential Information whatsoever beyond those
contained in this Agreement.
6. No Representation:
Neither the disclosure, transmission receipt or exchange of Confidential Information nor
anything else in this Agreement will constitute an offer by or on behalf of the Disclosing
Party or be construed as soliciting any business or organization changes or any assurance
of any business commitment or an inducement to incur / undertake any obligations not
specified herein and neither party will be under any obligation to accept any offer or
proposal which may be made by the other or on behalf of such other party.
Page 146 of 155

7. Remedies and Relief:
The parties hereto acknowledge that remedies at law may be inadequate to protect the
Disclosing Party or its clients against any actual breach of this Agreement by the Receiving
Party, and, without prejudice to any other right and remedies otherwise available to the
Disclosing Party or its clients, the Receiving Party agrees that Disclosing Party has a right
to seek injunctive relief in its favor upon proof of actual damage and upon establishment
of the fact that such actual damage has taken place due to reasons directly attributable
upon the Receiving Party. Such injunctive relief shall be in addition to any other remedies
available hereunder, whether at law or equity. Disclosing Party shall be entitled to
recover its cost and fees, including Advocate‟s fees, incurred in obtaining any such relief.
Further, in the event of litigation relating to this Agreement, the prevailing party shall be
entitled to recover its cost and expenses including Advocate‟s fees.
8. No Assignment:
This Agreement shall not be assigned by either party, by operation of law or otherwise,
without the prior written consent of the other party. This Agreement shall inure to the
benefit of and will be binding upon the parties‟ respective successors and permitted
assigns.
9. Severability:
In the event that any of the provisions contained in this Agreement is found to be invalid,
illegal or unenforceable in any respect by a Court of competent jurisdiction, the validity,
legality, or enforceability of the remaining provisions contained in this agreement will not
be in any way affected or impaired by such a finding.
10. Delay or Waiver:

No delay or failure of either Party in exercising any right hereunder and no partial or
single exercise thereof shall be deemed of itself to constitute a waiver or an expectation
of non-enforcement of such right or any other rights hereunder. No waiver of any provision
of this Agreement shall be valid unless the same is in writing and signed by the party
against whom such waiver is sought to be enforced. A waiver or consent given by either
party on any one occasion is effective only in that instance and will not be construed as a
bar to or waiver of any right on any other occasion.
11. Notices:
Notices as required by this Agreement shall be sent to the Parties at the addresses
mentioned first herein above or such other addresses as the Parties may designate from
time to time, and shall be sent by certified or registered mail with acknowledgement due
on receipt.
12. Term
This Agreement shall commence from the Effective Date of this Agreement and shall be
valid for a period of five years there from. Confidentiality obligations under this
Agreement shall continue to be binding and applicable without limit in point in time
Page 147 of 155

except and until such information enters the public domain, without breach of the
agreement. Either Party may terminate this Agreement for breach, if the defaulting Party
fails to rectify the breach within the one month notice period issued by the non-defaulting
Party. Upon expiration or termination as contemplated herein the Receiving Party shall
immediately cease any and all disclosures or uses of Confidential Information; and at the
request of Disclosing Party, the Receiving Party shall promptly return or destroy all
written, graphic or other tangible forms of the Confidential Information and all copies,
abstracts, extracts, samples, notes or modules thereof.
13. Governing Law:
The provisions of this Agreement shall be governed by the laws of India.
14. Indemnity:
The receiving Party agrees to indemnify and hold harmless the Disclosures against all
costs, liability, losses and claims incurred by the Disclosures as a result of a breach of this
Agreement.
15. Modification:
Modification to any of the provisions of this Agreement shall be void unless it is writing
and duly executed by Parties.
16. Headings:
The headings given herein above are for ease of reference only and shall not attach or
have any effect/ meaning whatsoever contrary to what is stated in the agreement.
17. Counterparts:
This Agreement has been signed in duplicate, each of which shall be deemed to be an
original. The exchange of a fully executed Agreement (in counterparts or otherwise) by
fax shall be sufficient to bind the parties to the terms and conditions of this Agreement.
IN WITNESS WHEREOF THE PARTIES HERETO HAVE CAUSED THIS AGREEMENT TO BE

EXECUTED BY THEIR AUTHORIZED REPRESENTATIVES ON THIS ______ DAY OF ____ _____
20__
Signed and delivered by Signed and delivered by
M/s ________________________ Union Bank of India
Signed by: Signed by:
Name ……………….……….………………….. Name …………….……….…………………………….
Title ……………………….…………………. Title ……………………….………………………….
in the presence of in the presence of………………………………….
Page 148 of 155

Annexure – Q: INTEGRITY PACT
This pre-bid contract agreement (hereinafter called the Integrity Pact) is made on
____________day of the month of _____________ 2015,
Between on one hand,
Union Bank of India, a body Corporate constituted under Banking Companies (Acquisition
and Transfer of Undertaking) Act, 1970 having its Head Office at 239 ,Vidhan Bhavan Marg
, Mumbai -400021(hereinafter referred to as “The Bank or the BUYER” which expression
shall include its successors and assigns)AND
M/s__________________________a Company registered under Companies Act 1956

having its registered Office at ___________________________________________________
India, (hereinafter referred to as the BIDDER which expression shall include its successors
and assigns).
Whereas the BUYER proposes to procure ________________________ and the BIDDER is

willing to offer/has offered the stores/equipment, and
Both parties undertake to avoid all forms of corruption by following a system that is fair,
transparent, and free from any influence of prejudiced dealings prior to, during, and
subsequent to the currency of the contract to be entered into with a view to:
Enabling the BUYER to obtain the said stores/equipment in a competitive price in

conformity with the defined specifications by avoiding the high cost and distortionary
impact of corruption on public procurement and
Enabling BIDDERS to abstain from bribing or indulging in any corrupt practice in order to
secure the contract by providing assurance to them that their competitors will also abstain
from bribing and other corrupt practices and the BUYER will commit to prevent
corruption, in any form, by its officials, by following transparent procedures.
The parties hereto hereby agree to enter into this Integrity Pact and agree as follows:
Commitments of the BUYER
1.1 The BUYER undertakes that no official of the BUYER, connected directly, or
indirectly to the contract, will demand, take a promise for or accept, directly, or
through intermediaries, any bribe, consideration, gift, reward, favour or any
material or immaterial benefit or advantage form the BIDDER, either for
themselves, or for any person, organisation or third party related to the contract in
exchange for an advantage in the bidding process, bid evaluation, contracting or
implementation process related to the contract.
1.2 The BUYER will, during the pre-contract stage, treat all BIDDERS alike, and will
provide to all BIDDERS the same information and will not provide any such
Page 149 of 155

information to any particular BIDDER which could afford a particular advantage to
that particular BIDDER in comparison to other BIDDERS.
1.3 All the officials of the BUYER will report to the appropriate Government office any
attempt or completed breaches of the above commitments as well as any
substantial suspicion of such a breach.
1.4 In case any such preceding misconduct on the part of such officials is reported by
the BIDDER to the BUYER with full and verifiable facts and the same is prima facie
found to be correct by the BUYER, necessary disciplinary proceedings, or any other
action as deemed fit, may be initiated by the BUYER and such a person shall be
debarred from further dealings related to the contract process. In such a case while
an enquiry is being conducted by the BUYER, the proceedings under the contract
would not be stalled.
Commitments of BIDDERS
The BIDDER commits itself to take all measures necessary to prevent corrupt practices,
unfair means and illegal activities during any stage of its bid or during any pre-contract or
post-contract stage in order to secure the contract or in furtherance to secure it and in
particular commit itself to the following:-
2.1. The BIDDER will not offer directly, or through intermediaries, any bribe, gift,
consideration, reward, favour, any material or immaterial benefit or other
advantage, commission, fees, brokerage or inducement to any official of the BUYER
connected directly or indirectly with the bidding process, or to any person,
organization or third party related to the contract in exchange for any advantage in
the bidding, evaluation, contracting and implementation of the contract.
2.2. The BIDDER further undertakes that it has not given, offered or promised to give
directly or indirectly, any bribe, gift, consideration, reward, favour, any material or
immaterial benefit or other advantage, commission, fees, brokerage or inducement
to any official of the BUYER or otherwise in procuring the contract or forbearing to
do or having done any act in relation to the obtaining or execution of the contract
or any other contract with the Bank for showing or forbearing to show favour or
disfavor to any person in relation to the contract or any other contract with the
Bank.
2.3. BIDDERs shall disclose the name and address of agents and representatives and
Indian BIDDERS shall disclose their foreign principals or associates.
2.4. BIDDERs shall disclose the payments to be made by them to agents/brokers, or any
other intermediary, in connection with this bid/contract.
2.5. The BIDDER further confirms and declares to the BUYER that the BIDDER is the
original manufacturer/integrator/ authorized government sponsored export entity
of the defense stores and has not engaged any individual or firm or company,
whether Indian or foreign, to intercede of facilitate or in any way to recommend to
the BUYER or any of its functionaries, whether officially or unofficially to the award
of the contract to the BIDDER, nor has any amount been paid to any such individual,
firm or company in respect of any such intercession, facilitation or
recommendation.
Page 150 of 155

2.6. The BIDDER either while presenting the bid or during the pre-contract negotiations
or before signing the contract, shall disclose any payments he has made, is
committed to or intends to make to officials of the BUYER or their family members,
agents, brokers or any intermediaries in connection with the contract and the
details of services agreed upon for such payments.
2.7. The BIDDER will not collude with other parties interested in the contract to impair
the transparency, fairness and progress of the bidding process, bid evaluation
contracting and implementation of the contract.
2.8. The BIDDER will not accept any advantage in exchange for any corrupt practice,
unfair means and illegal activities.
2.9. The BIDDER shall not use improperly, for purposes of competition or personal gain
or pass on to others, any information provided by the BUYER as part of the business
relationship, regarding plans, technical proposals and business details including
information contained in any electronic data carrier. The BIDDER also undertakes to
exercise due and adequate care lest any such information is divulged.
2.10. The BIDDER commits to refrain from giving any complaint directly or through any
other manner without supporting it with full and verifiable facts.
2.11. The BIDDER shall not instigate or cause to instigate any third person to instigate any
of the actions mentioned above.
2.12. If the BIDDER or any employee of the BIDDER or any person acting on behalf of the
BIDDER, either directly or indirectly, is a relative of any of the officers of the
BUYER, or alternatively, if any relative of any officer of the BUYER has financial
interest/stake in the BIDDERS firm, the same shall be disclosed by the BIDDER at the
time of filing of tender.
The term „relative‟ for this purpose would be as defined in section 6 of the
Companies Act, 1956.
2.13. The BIDDER shall not lend to or borrow any money from or enter into any monetary
dealings or transactions directly or indirectly with any employee of the BUYER.
PREVIOUS TRANSGRESSION
3.1. The BIDDER declares that no previous transgression occurred in the last three years
immediately before signing of this Integrity Pact with any other company in any
country in respect of any corrupt practices envisaged hereunder or with any Public
Sector Enterprise in India or any Government department in India that could justify
BIDDER‟s exclusion from the tender process.
3.2. The BIDDER agrees that if it makes incorrect statement on this subject, BIDDER shall
be disqualified from the tender process or the contract, if already awarded, can be
terminated for such reason.
Page 151 of 155

EARNEST MONEY (SECURITY MONEY)
4.1. While submitting commercial bid, the BIDDER shall deposit an amount (to be
specified in the RFP) as Earnest money/Security deposit, with BUYER through any of
the following instruments:
I. Bank draft or Pay Order in favor of _________________________
II. A confirmed guarantee by any Indian Nationalized bank, promising payment of

the guaranteed sum on demand within three working days without any demur
whatsoever and without seeking any reasons whatsoever. The demand for
payment by the BUYER shall be treated as conclusive proof of payment.
III. Any other mode through any other instrument (to be specified in the RFP)
4.2. The Earnest money/Security deposit shall be valid unto a period of five years or the
complete conclusion of the contractual obligations to the complete satisfaction of
both the BIDDER and the BUYER, including warranty period, whichever is later.
4.3. In case of the successful BIDDER a clause would also be incorporated in the Article
pertaining to Performance Bond in the Purchase Contract that the provisions for
Sanctions for Violation shall lie applicable for forfeiture of Performance Bond in
case of a decision by the BUYER to forfeit the same without assigning any reason for
imposing sanction for violation of this Pact.
4.4. No interest shall be payable by the BUYER to the BIDDER on Earnest money/Security
deposit for the period of its currency.
SANCTIONS FOR VIOLATIONS
5.1. Any breach of the aforesaid provisions by the BIDDER or any one employed by it or
acting on its behalf (whether with or without the knowledge of the BIDDER) shall
entitle the BUYER to take all or any one of the following actions, wherever
required:
i) To immediately call of the pre-contract negotiations without assigning any

reason or giving any compensation to the BIDDER. However, the proceedings
with the other BIDDER(s) would continue.
ii) The Earnest Money Deposit, (in pre-contract stage) and/or Security Deposit
Performance Bond (after the contract is signed) shall stand forfeited, either
fully or partially, as decided by the BUYER and the BUYER shall not be required
to assign any reason therefore.
iii) To immediately cancel the contract, if already signed, without giving any
compensation to the BIDDER.
iv) To recover all sums already paid by the BUYER and in case of an Indian BIDDER
with interest thereon at 2% higher than the prevailing Prime Lending rate of
Page 152 of 155

State Bank of India, while in case of a BIDDER from a country other than India,
with interest thereon at 2% higher than the LIBOR.
If any outstanding payment is due to the BIDDER from the BUYER in connection with any
other contract of any other stores, such outstanding payment could also be utilized to
recover the aforesaid sum and interest.
v) To encash the advance bank guarantee and performance bond warranty bond,
if furnished by the BIDDER, in order to recover the payments, already made by
the BUYER, along with interest.
vi) To cancel all or any other contracts with the BIDDER. The BIDDER shall be liable
to pay compensation for any loss or damage to the BUYER resulting from such
cancellation/ rescessation and the buyer shall be entitled to deduct the amount
so payable from the money(s) due to the BIDDER.
vii) To debar the BIDDER form participating in future bidding processes of the Bank
for a minimum period of five years, which may be further extended at the
discretion of the BUYER.
viii) To recover all sums paid in violation of this Pact by BIDDER(s) to any middle
men or agent or broker with a view to securing the contract.
ix) In cases where irrevocable Letters of Credit have been received with respect o
x) Forfeiture of Performance Bond in case of a decision by the BUYER to forfeit

the same without assigning any reason for imposing sanction for violation of this
Pact.
5.2. The BUYER will be entitled to take all or any of the actions mentioned at Para 6.1
(i) to (x) of this Pact also on the commission by the BIDDER or anyone employed by
it or acting on its behalf (whether with or without the knowledge of the BIDDER), of
an offense as defined in Chapter IX of the Indian Penal code 1860 or Prevention of
Corruption Act 1988 or any other statute enacted for prevention of corruption.
5.3. The decision of the BUYER to the effect that a breach of the provisions of this act
has been committed by the BIDDER shall be final and conclusive on the BIDDER.
However the BIDDER can approach the Independent Monitor(s) appointed for the
purpose of this Act.
FAIL CLAUSE
6. The BIDDER undertakes that it has not supplied/is not supplying similar product/system
or sub-systems at a price lower than that offered in the present bid in respect of any
other Ministry/Department of the Government of India or PSU and if it is found at any
stage that similar products/systems or sub-systems was supplied by the BIDDER to any
other Ministry/Department of the Government of India or PSU at a lower price then that
very price, with due allowance for elapsed time, will be applicable to the present case
Page 153 of 155

and the difference in the cost would be refunded to the BUYER by the BIDDER if the
contract has already been concluded.
7. INDEPENDENT MONITORS
4.1. The BUYER has appointed Independent Monitors (hereinafter referred to as

Monitors) for this Pact in consultation with the Central Vigilance Commission
(Names and addresses of the Monitors to be given)
4.2. The task of the Monitors shall be to review independently and objectively whether
and to what extent the parties comply with the obligations under this Pact.
4.3. The Monitors shall not be subject to instructions by the representatives of the
parties and perform their functions neutrally and independently.
4.4. Both the parties accept that the Monitors have the right to access all the documents
relating to the project procurement including minutes of meetings.
4.5. As soon as the Monitor notices, or has reason to believe, a violation of this Pact, he
will so inform the Authority designated by the BUYER.
4.6. The BIDDER(s) accepts that the Monitor has the right to access without restriction
all project documentation of the BUYER including that provided by the BIDDER. The
BIDDER will also grant the Monitor, upon his request and demonstration of a valid
interest, unrestricted and unconditional access to his project documentation. The
same id applicable to sub-contractors. The Monitor shall be under contractual
obligation to treat the information and documents of the BIDDER/Sub-contractor(s)
with confidentiality.
4.7. The BUYER will provide to the Monitor sufficient information about all meetings
among the parties related to the Project provided such meetings could have an
impact on the contractual relations between the parties. The parties will offer to
the Monitor the option to participate in such meetings.
4.8. The Monitor will submit a report to the designated Authority of the
BUYER/Secretary in the department within 8 to 10 weeks from the date of
reference or intimation to him by the BUYER or BIDDER and, should the occasion
arise, submit proposals for correcting problematic situations.
FACILITATION OF INVESTIGATION
8. In case of any allegation of violation of any provision of this Pact, or payment of

commission, the BUYER or its agencies shall be entitled to examine all the documents
including the books of accounts of the BIDDER and the BIDDER shall provide necessary
information and documents in English and shall all possible help for the purpose of such
examination.
9. LAW AND PLACE OF JURISDICTION
This Pact is subject to Indian law. The place of performance and jurisdiction is the seat of
the BUYER.
Page 154 of 155

10. OTHER
Legal Actions- The actions stipulated in this Integrity Pact are without any prejudice to
any other legal action that may follow in accordance with the provisions of the extant law
in force relating to any civil or criminal proceedings.
11. VALIDITY
11.1. The validity of this Integrity Pact shall be from the date of its signing and extend up
to five years or the complete execution of the contract to the satisfaction of both
the BUYER and the BIDDER/Seller, including warranty period, whichever is later. In
case BIDDER is unsuccessful, this Integrity Pact shall expire six months from the
date of the signing of the contract.
11.2. Should one or several provisions of this Pact turn out to be invalid, the reminder of
this Pact shall remain valid. In this case the parties will strive to come to an
agreement to their original intentions.
This Integrity Pact is signed on ______________________________________
By:
ON BEHALF OF THE BUYER ON BEHALF OF THE BIDDER
Name of the Official Name of the Official

Designation Designation
Union Bank of India M/s
Signature of Witness 1 Signature of Witness 2

Name: Name:
Address: Address:
Page 155 of 155

View Tend

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

View Tend

Hochgeladen von

Copyright:

Verfügbare Formate

REQUEST FOR PROPOSAL (RFP)

ENTERPRISE FRAUD RISK MANAGEMENT

Date of commencement of RFP 05/07/2017 at 11.00 hours

Account payee Demand Draft (DD) for Rs.

UNION BANK OF INDIA, TECHNOLOGY CENTER, 1/1A,

SECTION III: BID GUIDELINES .....................................................................................................................54

SECTION IV: EVALUATION MATRIX ...........................................................................................................76

SECTION V: ANNEXURE ..............................................................................................................................78

A. Branch Banking (Domestic)

3. Request for Proposal

b. Has experience of implementing minimum 4 of the following areas:

Out of the sevenix areas mentioned above, mandatory experience is

6.7. Bidder and their associate/partner/consortium members/OEMs, whose

7.8. The bidder/OEM should be having a team of at least 10 skilled resources

 Photocopies of relevant documents / certificates should be submitted as proof in

i. Branch Banking (Domestic)

1.3. Overall Solution Requirements

S. Channel/ Customer No. of Expected Expected Active

4 Mobile Banking 12.70 Lacs 4,00,00,000 150% 50% 6.8 Lacs

1.5. Transaction Monitoring for Core banking transactions

1.6. Real-Time Fraud Prevention for Payment Card transactions

1.6.1 The proposed solution should be able to integrate with Finacle

1.7. Scope of work for OEM

1.8. Software and Hardware Requirement

1.12. Project Deliverables

a) The Bidder is expected to develop a methodology for conducting the

 The scope for the on-site engineers will include configuration

1.13.2 Scope of Services

1.13.2.1 Software Maintenance

1.13.2.2 Update/Upgrade/New Release/New Version

1.13.2.4 Software Support

1.13.2.5 Application Management

 Performance Monitoring & Management of application.

1.13.2.6 Patch Management

1.13.2.8 Hardware Configuration Management:

The Bidder shall provide a single-point-of-contact to End Users for the

Bidder shall provide Hardware maintenance services including preventive

1.13.5 Mean Time Between Failure (MTBF)

 If during warranty period, any equipment has a hardware failure on four or

1.13.6 Obligation of Bidder

1.13.7 IT Service Desk

Number of Resources for Number of Resources for Number of Resources for

L1 Engineer- BE/B.Tech/MCA/BCA/B.SC-IT with minimum 2 years of experience in

Above mentioned Project Personnel need to sign Non Disclosure Agreement

1.14. AMC ATS requirements

During AMC/ATS, bidder will be responsible for the following:

 Overall maintenance and working of the EFRM solution.

2. Project Implementation Methodology

2.1 Business Requirement Document

2.2 System Specification Requirement Study

2.4 Acceptance Testing

2.5 Performance Testing and Benchmarking

 Functionality available in the solution

2.7 Completeness of Project

2.8 Project Timeline

Stage - I is for DC Implementation comprises of Phase - I, Phase - II and Phase – III.

Phases Total Duration

Stage – I Procurement and Configuration of Hardware. This 2 Months 2 Months

a. Define, validate and complete requirements

SIT, UAT of all the applications as part of phase I

Phase I – Pilot go live on Production 5 Months 5 Months

Stage – I BRD, Design, Mapping, implementation of 2 Months 7 Months

SIT, UAT of all the applications as part of phase I