Authorisations

There are two kinds of authorisation: to send (toSnd) and to receive (toRcv). If you want to authorize a correspondent to send you messages for a service that requires RMA traffic filtering, you create an authorisation to receive in your RM data store (RMDS). Your local authorisation to receive automatically becomes an authorisation to send for your correspondent. In order to exchange messages in both directions, your correspondent must create a matching authorisation to receive, which becomes your authorisation to send.

You issue an authorisation by creating a new one or by modifying an existing one. The authorisation to receive is then in the state Enabled, and a message is sent to your correspondent. The correspondent can accept or reject the authorisation. If the correspondent accepts it, there is no response message. If the correspondent rejects it, another message is sent back to you and the authorisation to receive moves to the state Rejected. If the correspondent accepts the authorisation at first, but later deletes it, a message is sent back to you and the authorisation to receive also is set to the state Rejected.

When you receive an authorisation from a correspondent, you can accept or reject it. If you accept it, the authorisation to send moves to the state Enabled. If you reject it, the state of the authorisation to send is changed to the state Rejected and a message is sent back to your correspondent. In both cases, the authorisation to send is kept in the RMDS. If there was an authorisation to send in state Enabled and you reject an update, you are no longer allowed to send messages for that service. To avoid communication breakdown, do not reject the update, but instead discuss with the correspondent why the update is unacceptable. If the correspondent sends another update, it replaces the previous one.

You can revoke an authorisation to receive in state Enabled. The authorisation to receive moves to the state Revoked, and a message is sent to your correspondent. The revoked authorisation remains in the RMDS. It can later be re-enabled. Your correspondent has no choice but to accept the revocation.

You can reject an authorisation to send in state Enabled by deleting it. The authorisation to send moves to the state Deleted, and a message is sent to your correspondent. The deleted authorisation remains in the RMDS. Your correspondent has no choice but to accept the deletion, but can later issue an updated authorisation.

In addition to the authorisations with the states described above, the RMDS can hold one pending version of each authorisation. There are three types of pending versions:

Draft: A modified version of an authorisation to receive, which requires further modifications before it is ready to become the current version.
Pending approval: A modified version of an authorisation which requires approval to become the current version. If necessary, a message is sent to the correspondent when the modified version becomes current.
Pending acceptance: An authorisation that was created or changed by the correspondent. A message with the update was received. The update must be accepted or rejected (and possibly approved) to become current.

FTM SWIFT RMA can be configured to require approval by one, two, or no RM approver before a modified authorisation becomes current.

Note: An authorisation that is pending acceptance must be accepted or rejected by a relationship manager, not by an RM approver. If RMA is configured to require approval, the action of the relationship manager must then be approved by one or two RM approvers.