1. The Centralised Funds Management System (CFMS), is a system set up, operated and maintained by the Reserve Bank of India (hereinafter referred to as the ‘Bank’) to enable operations on current accounts maintained at various offices of the Bank, through standard message formats in a secure manner.

2. The CFMS comprises two components – the Centralised Funds Enquiry System (CFES) and Centralised Funds Transfer System (CFTS). These have been made available through the following sub-systems :

- the Apex Level Server (ALS),
- the Local Funds Management System (LFMS),
- the Bank Level Funds Management System (BLFMS), and,
- the Local Banks Funds Management System (LBFMS).

3. The ALS is the software component which resides in the mainframe computer systems currently housed in at Mumbai, while the LFMS is the software component which would be functioning from the server systems at the Regional Offices of the Bank where the Deposit Accounts Department (DAD) is existent. The BLFMS is the software component provided by the Bank to the members of the CFMS and would be used by the Treasury Department / Central Accounts Department, while the LBFMS is the software component which would be given by the Bank to the CFMS members for accessing the facilities at each local DAD.

4. Time stamps, affixed by the ALS on the transactions and events, will be deemed to be the applicable time stamp in all cases and in all matters.

5. Each entity, which maintains a current account with the Bank and is a member of INFINET, will be eligible for membership to the CFMS.

6. Admission to the CFMS may be granted, suspended or revoked by the Bank at its sole discretion. All applications for the CFMS membership shall be addressed to the Regional Director, Reserve Bank of India, Deposit Accounts Department, where the Current Account of the Institution is maintained with. The respective DAD shall duly process the application and grant access subject to:

a. Declaration on site readiness by an officer not below the rank of a General Manager
b. Certificate of INFINET Membership
c. Maintains a current account with DAD

8. The following types of facilities shall be available through CFMS:

a) Enquiries relating to the operation of its current account/s maintained with any of the DADs
b) Funds Transfers between accounts of the same account holder at different DADs.

9. The CFMS will normally be operational on all days on which at least two Deposit Accounts Departments of Reserve Bank of India are working.

10. The Bank may, at its discretion, change the operating calendar. Any changes to the operating calendar or any declaration of unscheduled holidays will be communicated by the RBI to the members by means of a broadcast message or otherwise.

11. The Bank, may at is discretion, and in the interest of the system as well as its members, effect changes in the hours of operation of the CFMS for a particular period which may be for a part of a day or be across days or for any period as may be decided by the Bank. Such changes will be notified by the Bank to the members through a broadcast message or otherwise.

12. Each member shall at its own cost install and maintain in good order such computer/s, servers, telecommunication equipment and other electronic equipment as required / prescribed for the purpose. The Bank may require the members to upgrade / modify / replace such computer / telecommunication servers and other associated components in this regard from time to time. The servers shall be located securely within each member’s premises in such a manner that access is restricted to the authorised personnel. A member shall notify the address of the location of each of its nodes being part of the CFMS and the list of such authorised personnel whenever required to be submitted by the Bank.

13. All telecommunication and maintenance and other charges including the replacement charges in respect of the members' computer systems and other associated products, used for the purpose, shall be borne by the respective members only.

14. Each member must maintain Backup BLFMS / LBFMS facilities. The Backup BLFMS / LBFMS must be able to emulate fully the primary BLMS / LBFMS with respect to the functions and capacity and must afford the same level of message authentication security as the primary BLFMS / LBFMS.

15. Installation and Configuration of any new versions/patches distributed by Bank shall be completed by the member on or before the date and / or time as may be indicated by the Bank. The enhancement on the system shall not be used till the specified date and / or time as indicated by the Bank in order to ensure uniformity.

16. The Bank shall not be liable for any losses incurred by a user institution which may have resulted from delays caused by system failures, change in operational parameters etc.

17. Each member shall ensure compliance with the procedures laid down by the Certifying Authority (i.e. IDRBT CA) in regard to the generation and use of the digital signatures and or encryption/decryption methodologies and shall abide by the Certificate Practice Statement.

18. Members shall comply with any guidelines relating to security, issued by the Bank, in respect of the operations of the CFMS.

19. All communication will be duly authenticated on the basis of such security infrastructure requirements as may be decided by the Bank from time to time and would incorporate features such as PKI, digital signatures, etc.

20. All funds transfer messages received by the Central system for debiting of any current account should be digitally signed by the authorised signatories only. If the users operating on current accounts are the same as those who have been otherwise authorised to operate on the current accounts by the Chairman, while opening the current account or subsequently, then no separate authorization is required for CFMS. Bank has no responsibility, in so far the authority of the individual originating the transaction, with regards to the messages received by the central system. The account holders will ensure that the messages emanating from their LFMS are orignated only by authorized personnel.

21. Each message would be identified by a unique identifier which shall form the basis for its tracking at a future point of time. The CFMS would provide for Confirmation numbers which would be used for processing of the contents. If any message is received twice, then the message with the communication number which has been received in the first would be processed and the subsequent message would not be processed.

22. Every message, received by the CFMS from the BLFMS / LBFMS / LFMS, will be acknowledged by the CFMS, after subjecting the message to a set of security, format and operational validations. A positive CFMS acknowledgement will be sent updating the flag at the BLFMS / LBFMS originating the message indicating that the message has been accepted for further processing. A rejected CFMS acknowledgement will be sent by way by changing the status to 'R' for messages which fail the tests. In case the message cannot be accepted for further processing, an appropriate reason code indicating the reason for the failure of acceptance by the CFMS will be specified in the acknowledgement. A positive CFMS acknowledgement does not, in any manner, indicate that the transaction has been processed. The message will not be taken up automatically for further processing, unless the further authentications / validations / controls are passed for the respective message.

23. A transaction may be rejected by the system for reasons such as validation failure on account of not passing through the security filters or due to authentication failure,

24. A negative CFMS acknowledgement, which indicates a potential security breach, may result in the CFMS BLFMS / LBFMS link being logically severed after a control message is sent, indicating the reason for the link severance. The reasons, among others, include:

• Failure of signature authentication;
• Receipt of a message with the same Confirmation Number;
• Receipt of a message with a sequence number, which is not the same as the next expected sequence number; and
• Receipt of a message with a sequence number, which is the same as in the case of a previously received message, but with a different message content.

25. On the successful completion of a transaction, the status of completion would be reported by the CFMS to the originator of the message, through the member’s BLFMS / LBFMS.