Security Control Module (SCM)

Function codes within the Security Control Module (SCM) change as Fiserv releases updates. While SCM groups help streamline access management, user-level overrides are often necessary for specific situations. Unfortunately, these overrides can easily be overlooked when employees change roles, leading to a “toxic combination” of permissions that increase the bank’s risk exposure Unfortunately, these overrides can easily be overlooked when employees change roles, leading to a “toxic combination” of permissions that increase the bank’s risk exposure.

Temporary role changes are a common example. For instance, a teller assigned to a file maintenance project might receive elevated access through a user-level override. If that access isn’t removed after the project ends, the individual retains unnecessary permissions, creating a potential security risk.

The challenge doesn’t end with SCM. Fiserv Director security often operates independently of SCM, leading to misalignments that banks may not notice. For example, a user might have access to DDA System reports in Director but lack access to the DDA system in Navigator. Similarly, a user restricted from viewing employee accounts in Navigator might still access that information through Director reports. These inconsistencies complicate security management and increase the risk of unauthorized data access.

We can help you address these challenges and establish a cohesive, secure framework. We will review your security parameters to identify gaps, align SCM and Director security, and implement best practices for managing access. Whether it’s assisting with User-to-Access Code conversions, streamlining SCM group setups, or providing technical guidance, we will work with you to ensure your systems are secure and efficient. Security is more than a compliance requirement—it’s a critical defense for protecting your institution against operational and reputational risks. Let’s work together to safeguard your organization.