Standard Operating Procedure for Gold Safe Key Handling PDF

Summary

This document outlines a Standard Operating Procedure (SOP) for the handling, tracking, and operation of gold safe keys. It covers key distribution, rotation, maintenance, and handover procedures to ensure security and minimizes operational risks. The SOP details processes related to key registration, access, rotation, sharing, verification, and periodic assessments of collateral.

Full Transcript

**Standard Operating Procedure for Gold Safe Key Handling**

**Purpose:**

To establish a secure and transparent mechanism for the handling,
tracking, and operation of gold safe keys to ensure effective
management, accountability, and safety of gold collateral, while
ensuring compliance with industry standards and minimizing operational
risks.

**Scope:**

This SOP applies to all employees involved in handling, operating, and
securing the keys related to gold safes, including key holders, backups,
and auditors within the bank. It covers processes related to key
registration, access, rotation, sharing, verification, and periodic
assessments of collateral.

**1. Key Management and Allocation**

- **Key Distribution:**

- **Key 2**, which includes the **digital lock** for additional
security, will be held by the **Head of Risk & Compliance
(R&C)** or *(an authorized senior officer)*, with **Head of
Audit** or *(an authorized senior officer)* designated as the
backup key holder.

- **Key 1** will be held by the **Sr. Manager Centralized
Operations**, with Officer Centralized Operations designated as
the backup key holder

- **Small Safe Keys** will be held by the **Operations Officer**
at the branch, with **Teller** as the backup.

**[Key Details ]**

+-----------------+-----------------+-----------------+-----------------+
| **Sr. \#** | **Key** | **Key Holder** | **Backup Key |
| | | | Holder** |
+=================+=================+=================+=================+
| 1 | **Key 2 | Head R & C | Head Audit |
| | (supervisor | | |
| | Key)** | (an authorized | (an authorized |
| | | senior officer) | senior officer) |
| | **With Digital | | |
| | Lock** | | |
+-----------------+-----------------+-----------------+-----------------+
| 2 | **Key 1** | Sr. Manager | Officer |
| | | Centralized | Centralized |
| | | Operations | Operations |
+-----------------+-----------------+-----------------+-----------------+
| 3 | **Small Safe | Operations | Teller |
| | Keys** | Officer | |
+-----------------+-----------------+-----------------+-----------------+

- **Backup Key Procedure:**

- Backup keys will be securely stored and managed. In the event of
a key holder\'s unavailability or transfer, the **backup key
holder** will be responsible for key operations, ensuring smooth
continuity of operations.

- **Emergency Key Storage:**

- A **set of emergency keys** will be securely stored in a
**Banker's Account Safe** at an external institution, such as
**Sindh Bank** or **U Bank**.

- This set will be available for use in the case of emergency
situations, such as key holder absence, unauthorized access, or
operational urgency.

- The emergency set of keys will be rotated **every six months**
to avoid **wear and tear** and to ensure they remain in optimal
working condition.

**2. Key Rotation and Maintenance**

- **Key Rotation:**

- All keys (Key 1, Key 2, and small safe keys) will be rotated
**every six months** or in case of **any main signatory
changes** to ensure that they remain operational and functional.

- This process prevents deterioration of keys over time and helps
maintain secure operations.

- **Key Maintenance:**

- Key holders must ensure that keys are kept in good condition.
Any signs of damage, wear, or malfunction should be reported
immediately to the **Head of Operations** for timely repairs or
replacement.

**3. Key Handover and Transfer Process**

- **Key Handover Documentation:**

- Whenever a key is handed over to a backup holder or transferred
between staff members, it must be documented in the **key
register** with the following details:

- **Date and Time** of transfer

- **Names and Signatures** of both the transferring and
receiving parties

- **Reason for Transfer** (e.g., key holder absence, shift
change)

- All **key transfers** must be authorized by the **Head of
Operations** or an authorized senior officer.

- **Unauthorized Key Access:**

- Any instances of unauthorized access or **key sharing** outside
the documented process will result in immediate
**investigation** and **disciplinary action**.

**4. Key Verification and Security**

- **Verification Protocol:**

- Key holders must verify the contents of the **gold safe** during
each key transfer. This includes:

- **Counting the gold pouches** and verifying that the amounts
and types of collateral align with the records in the **gold
register**.

- Ensuring that **proper records** are kept for any
discrepancies or adjustments.

- **Security Protocol:**

- Key holders must ensure that keys are kept in a **secure
location** when not in use. Keys must not be left unattended or
placed in easily accessible locations.

- In the case of **key handovers** to third parties (e.g.,
subordinates), it is required that the handover is done in
person, with clear **documentation** recorded in the key
register.

**5. Collateral Reassessment and Audit**

- **Periodic Reassessment of Gold Collateral:**

- Gold collateral will be periodically reassessed at least
**quarterly or semi-annually** in the presence of the
**customer** and the **goldsmith** who performed the initial
evaluation.

- This reassessment ensures the authenticity and condition of the
collateral, which protects the bank's interests and minimizes
the risk of fraud or misrepresentation.

- **Rollover Collateral Assessment:**

- In the case of **loan rollover**, the **gold collateral** will
be reassessed by a **different goldsmith** to avoid conflicts of
interest. The original goldsmith who performed the initial
assessment should not be involved in the rollover review to
ensure impartiality.

**6. Key Monitoring and Audit**

- **Audit Monitoring:**

- The **Head of Audit** is responsible for **regular monitoring**
of the key management process to ensure compliance with SOPs.

- This includes periodic spot checks, reviewing the key register,
and confirming that proper procedures are being followed.

- In case of discrepancies or violations, the audit team will
**raise concerns** to the **Risk & Compliance** and **Operations
teams** for corrective action.

- **Audit Head's Availability:**

- While the **Audit Head** may have a busy schedule, efforts must
be made to **prioritize key monitoring** to ensure that all
procedures are followed accurately.

- Audit activities should be **scheduled in advance** to avoid
delays, and necessary support should be provided by other team
members if needed.

**7. Key Holder Accountability and Compliance**

- **Accountability of Key Holders:**

- All key holders must take full **responsibility** for the
security of their assigned keys. Any negligence in the handling
or documentation of keys will be subject to **disciplinary
action**.

- Key holders must also report immediately if they suspect that
keys have been lost, misplaced, or accessed without
authorization.