Монгол Улсын Хадгаламжийн даатгалын корпорацийн нөхөн төлбөрийн системийг боловсруулах дотоодын зөвлөх компани сонгон шалгаруулна
Урилгын дугаар: C31/CS/001
Захиалагч: Сангийн яам
Зарын төрөл: Зөвлөх үйлчилгээ
Зарласан огноо: 2021-08-23
Дуусах огноо: 2021-09-06 15:00:00  

Зарын урилга

A. BACKGROUND

Mongolia has received a credit from the International Development Association (IDA) for the Strengthening Fiscal and Financial Stability Project (SFFSP). The Objective of the SFFS Project is to contribute to the Government of Mongolia’s efforts to strengthen fiscal and financial stability and improve the quality of expenditure. The project is designed into five components: (I) Strengthening Macroeconomic and Fiscal Management; (II) Improving the Efficiency of Public Financial Management; (III) Enhancing Financial Sector Stability; (IV) Strengthening the Social Protection System; (V) Project Management and Monitoring. The objectives are to: Strengthening fiscal responsibility and implementing relevant policy measures, improving fiscal discipline, strengthening the resiliency of the banking system, improving public expenditure quality in social protection, providing support for Project implementation, coordination, monitoring and evaluation, including, inter alia, audit arrangements, reporting requirements, procurement and financial management activities respectively. For more details, please refer to the Project Appraisal Document Report No. PAD2269.

Adoption of the “The Bank Deposit Insurance Law” on January 10th, 2013 laid the legal foundation for establishing the Deposit Insurance Corporation of Mongolia (hereinafter referred to as the DICOM). The DICOM is a non-profit, state-owned organization and its mandate is to protect depositors’ interests and ensure financial stability. The core functions of the DICOM are to collect premiums from member banks, manage the Fund assets, provide compensation to insured depositors in case of an insured event and provide financial support to the banks, which are in difficult situations as stipulated in the law. In addition, on February 8, 2018 “The Bank Deposit Insurance Law” was amended to allow the DICOM to carry out inspections at its member banks. 

In the case of an insured event the DICOM is required to start the compensation process for insured deposits up to 20 million MNT, including foreign currency deposits up to that amount. The payout process is to start within 10 business days after the Bank of Mongolia has made a decision to liquidation.

The DICOM has faced our first event to process compensation to the insured depositors of Capital Bank, which failed on April 8, 2019. During the event, we had faced several challenges that slowed down the compensation process using an Oracle database due to the DICOM did not have any compensation payment system. Due to lack of the system the DICOM was not able to calculate and compensate simultaneously to all eligible insured depositors. Thus, all process has been made manually.

Therefore, the DICOM and the Ministry of Finance aim to develop compensation payment system for DICOM.  

B. OBJECTIVE OF THE ASSIGNMENT

The main objectives of the consultancy service are to develop and establish compensation  payment system for DICOM.

C. SCOPE OF WORK

The system shall enable the DICOM to immediately and efficiently perform the duties stipulated in the law. Consultants’ duties and responsibilities will include the following but not limited to:

1. IT environment overview: To obtain the detailed information about the existing design of the DICOM IT network and storage systems, the Contractor shall coordinate with the DICOM.

2. System participant’s IT environment overview: Participants of the compensation payment system shall be Receiver, the Bank of Mongolia, the DICOM, Agent banks, call centers and depositors. The banks in Mongolia use a variety of core banking and other related systems and therefore such systems must be fully reviewed to assure compatibility with developed compensation payment system and make recommendations where such compatibility may not be assured. It will be important for the consultant to understand how to design a compensation system that will work with whatever system a failed bank has or to recommend regulatory initiatives for IT requirements for member banks that will allow DICOM's compensation system to be able to interface with a bank's system.

3. Security assessment: Review the system infrastructure by examining the enterprise wide systems (System software infrastructure – MS Windows, MS Exchange, MS Lync and MS SharePoint, system infrastructure – Storage, Servers, Network devices, Security software –Antivirus and Active directory, web browser – Chrome, Safari, Firefox, Internet Explorer etc.) and make any recommendations as to how to assure the needed security for such systems.

4. Administrative review: It is essential to verify  if the needed system ownership (DICOM) and responsibilities are clearly established and if appropriate controls are in place to ensure that segregation of duties exists between all responsible parties

5. Change Request Procedures: Verify through an audit process that an effective Change Request Procedures system is in place and that all requested changes are documented, whether they are break fixes, enhancements, or major revisions (releases). It is essential that any change to the application is first initiated by a request that is reviewed and approved by the appropriate persons. The documentation around the Change Request Procedures process needs to specifically establish who can request changes, who can approve changes, and who can move these changes into production. The auditor should confirm the segregation of the three roles and report any discrepancies in this regard. 

6. System Penetration Testing: Two levels of system penetration testing are required:

  • Verify whether the application is vulnerable to common attacks basic system penetration testing through simulating the types of attacks that could be launched on the systems.
  • Verify whether the systems are vulnerable to unique attacks (such as attacks on systems logic), design and execute system penetration tests that attempt to subvert the system’s security mechanism.

7. Systems and Applications: Verify that systems and applications are appropriate, are efficient, and are adequately controlled to ensure valid, reliable, timely, and secure input, processing, and output at all levels of a system's activity.

8. Management of IT and Enterprise Architecture: Verify that IT management has developed an organizational structure and procedures to ensure a controlled and efficient environment for information processing.

9. Provide a Risk Score: Design a quantitative score for the risk associated with the audited systems, databases and network devices.

10. Develop a Security Policy: Develop current security policy to close the gaps arising from the Information Systems Audit.

11. Provide brief training to IT experts.

12. Organize training for DICOM’s end-user staff. 

D. DELIVERABLES

Following deliverables will be provided upon the development of the required system:

Deliverable 1.  

i. Documentation of the DICOM’s IT environment. 

ii. Documentation of the participants (commercial banks) IT environment and a plan for how to address any issues that might arise from a lack of compatibility of a bank’s system and DICOM’s payout software. 

iii. Documentation of security assessment.

iv. Preparation document of development plan based on the technical requirements approved by the DICOM. Followings must be approved by DICOM.

  • AS-IS and TO-BE model
  • Structure of TO-BE processes
  • Process flow for each function

Deliverable 2. Software development and fully tested according to the “Policy guidelines” and report of the testing. Testing report of the system: The Contractor is obliged to carry out a complete set of technical, operational, performance and reliability testing for each component of the IT system. The test process and the results shall be carefully recorded. Testing operations shall be carried out in accordance with the procedures acceptable in the information technology sector.

Deliverable 3. Installation and configuration of software and testing with the real data. Report on the bugs and errors identified and fixed. 

Deliverable 4. Followings will be provided upon completion of the Compensation payment system.

Draft documents as listed below:

1.1.1. Detailed plan for each module draft;

1.1.2. Documented tables, table field explanations and descriptions;

1.1.3. Operational documents;

1.1.4. Security Policy;

1.1.5. System manual;

1.1.6. System installation manual;

1.1.7. Troubleshooting manual;

1.1.8. Training plan;

1.1.9. Training manual;

1.1.10. Contingency plan for restoring the program during the disaster circumstances;

1.1.11. User guide or manual;

1.1.12. The source code of all the software modules developed.

1.1.13. All the documentation will be provided in both English and Mongolian after draft documents have been reviewed by the DICOM.  

Deliverable 5. Organize a training for DICOM’s end user staffs and IT experts.

All deliverables prepared and submitted by the Contractor must follow and be within the framework of the “Policy Guidelines” - technical specifications and requirements for the compensation payment system.

E. WARRANTIES AND SUPPORT

System delivered shall be under warranty at least 2 years and possibly for a further period to be negotiated at contract award. Please check the details at ANNEX 1.

F. CONSULTANT’S QUALIFICATIONS/SELECTION CRITERIA 

Consulting firm:

The consulting firm shall have proven experience in providing services to develop technically advanced software and must meet the following minimum qualification requirements: 

  • At least 5 years of relevant  professional experience in developing technically advanced software (please provide list of contracts for last three years for projects of a similar nature and complexity); 
  • Proven managerial and financial capabilities of the firm, which includes audited financial statements for last three years; 
  • Strong professional qualifications of key staff (with proven technical expertise and experience in the field of system analysis);
  • Proven work experience in projects with at least USD 150,000 budget

The consulting firm’s team shall consist of at least 10 key staff including eight software developers and 2 system analysts with the following qualification requirements: 

1. Team leader: Consultant#1

  • Master’s Degree in IT engineering or equivalent degree
  • Experience in working at software development companies 
  • Minimum 8 years of proven experience in management of projects, IT development relevant areas
  • Strong collaborative skills, ability to coordinate and work collaboratively with multicultural team and individuals
  • Good knowledge of Project Management (PM) methodologies and PM tools
  • Native Mongolian, fluent in English

2. Team member: 6 Consultants (Software developer)

  • Bachelor’s degree in IT, engineering or equivalent degree
  • Minimum 4 years of experience in software development
  • Have minimum 4 years of information security audit, control, assurance or security experience
  • Native Mongolian speaker

3. Team member-Consultant#8: 

  • Certified in Risk and Information System Control (CRISC) and security
  • Bachelor’s degree in IT, engineering or equivalent degree
  • Have experience in network services implementation
  • Minimum 4 years of experience in in software development
  • Native Mongolian speaker

4. Team member: Two consultants (System analyst) 

  • At least 3 years of relevant experience including preparation of technical documents in Mongolian, particularly system management documents
  • Technical knowledge and translation skills in IT related field would be an advantage;
  • Excellent time management and computer skills
  • Native Mongolian speaker

G. SUPERVISION AND REPORTING

The team leader shall supervise and manage their team members to complete the assignment according to the following steps: 

  • Responsible for developing and managing a detailed implementation plan agreed with the Client, including monitoring progress against the plan to ensure satisfactory completion of tasks of each team member 
  • Activities scheduling
  • Directing subordinate staff in the performance of their tasks
  • Coordinate project activities with the DICOM team
  • Organize and facilitate scheduled change control meetings
  • Communicate outcomes of scope change requests to the team
  • Update project documents upon approval of all scope changes
  • Submit testing reports to the DICOM 
  • Submit recommendations for approvals and signoffs on all milestone deliverables to the DICOM
  • All information provided to the company will be regarded as confidential and information shall not be shared with any outside individuals or organizations. The company will be held legally accountable for entire contract activity protecting the confidentiality of the system at all stages of the work process and after the completion of the contract. 
  • The company shall not, during the term of this Contract and after its expiration, disclose any proprietary or confidential information relating to the Services, the Client’s business or operations without prior written consent of the Client.

H. CONTRACT DURATION AND CONDITION

The consultancy service is expected to commence in September 2021. Total duration of the contract is no more than 5 months. Assignments are as follows: Compensation payment system development including the testing of the system. The System warranty shall be for two years starting from the date when the system has been handed-over. The compensation payment system, the following warranty will apply: 

During the warranty period for  the Compensation payment system, the contractor is responsible for correcting any error or malfunction that might arise during DICOM’s simulation period of 3 months. If necessary, system can be modified accordingly as per request. In case of insured event, all errors or malfunction of the system will be maintained even if beyond the warranty period. 

I. INSTITUTIONAL ARRANGEMENTS

The contractor will work in their own office space. 

Please submit the following documents in a sealed envelope or via email to: procurement@sffs.mn no later than 15:00, September 06, 2021.

Please submit the documents in English:

- Letter of Expressions of Interest;

- Company introduction along with a copy of state registration certificate;

- Audited financial statements for 2019, and 2020;

- Evidence of specific experience and qualification information of the firm relevant to the assignment. (Annex 2)

Expressions of Interest should be clearly marked “National professional entity to develop and establish compensation payment system for Deposit Insurance Corporation of Mongolia, Reference number: C31/CS/001”.

Any clarification regarding the REOI shall be in a written form and to be sent to the below address or email to procurement@sffs.mn no later than 7 calendar days prior to the submission deadline. 

The consulting firm will be selected in accordance with the Consultant’s Qualification-based Selection (CQS) method of the World Bank’s Procurement Regulations for IPF Borrowers. https://thedocs.worldbank.org/en/doc/178331533065871195-0290022020/original/ProcurementRegulations.pdf

The submitted documents will not be returned to the applicants. Please be noted that incomplete applications would not be considered for evaluation. Only the selected candidate will be contacted. 

Address for submission of Expression of Interest: Attention to Ms.Ariunaa.G, Procurement Specialist, Strengthening Fiscal and Financial Stability Project, Address: Room #204, Negdsen undestnii 8/2, 4th khoroo, Chingeltei District, Ulaanbaatar, Mongolia. Tel: 70120582.

Холбоо барих

70120582

Хавсралт

1. Annex 1 of the TOR in Eng
2. Annex 1 of the TOR in Mon
3. Annex 2 Details on similar assignments

СҮҮЛД ЗАРЛАСАН ЗАР
A31/CS/018 Дотоодын үнэт цаасны хоёрдогч зах зээлийг хөгжүүлэх төлөвлөгөө боловсруулах, ЗГҮЦ-ны бүхий л төлбөр тооцоо гүйцэтгэх бүтцийг тодохойлох дотоодын зөвлөх сонгон шалгаруулна

Дуусах огноо: 2021-10-07 15:00:00   Зарласан огноо: 2021-09-23

Захиалагч: Сангийн яам

Төрөл: Зөвлөх үйлчилгээ


D1/NC/004 Нийгмийн халамжийн шинэчлэл, хөтөлбөрүүдийн талаарх олон нийтийн мэдлэг мэдээллийг дээшлүүлэх контентуудыг Фэйсбүүк, Вэб, Твиттер гэх мэт олон нийтийн сүлжээгээр түгээх мэргэжлийн байгууллага сонгон шалгаруулна

Дуусах огноо: 2021-10-04 15:00:00   Зарласан огноо: 2021-09-21

Захиалагч: Хөдөлмөр, Нийгмийн хамгааллын яам

Төрөл: Зөвлөхийн бус үйлчилгээ


D1/NC/003 Нийгмийн халамжийн шинэчлэл, хөтөлбөрүүдийн талаарх мэдээллийг ТВ-ээр олон нийтэд түгээх мэргэжлийн байгууллага сонгон шалгаруулна

Дуусах огноо: 2021-10-04 15:00:00   Зарласан огноо: 2021-09-21

Захиалагч: Хөдөлмөр, Нийгмийн хамгааллын яам

Төрөл: Зөвлөхийн бус үйлчилгээ


C31/CS/001 Монгол Улсын Хадгаламжийн даатгалын корпорацийн нөхөн төлбөрийн системийг боловсруулах дотоодын зөвлөх компани сонгон шалгаруулна

Дуусах огноо: 2021-09-06 15:00:00   Зарласан огноо: 2021-08-23

Захиалагч: Сангийн яам

Төрөл: Зөвлөх үйлчилгээ


C11/CS/038 Санхүүгийн түрээсийн тухай хуульд оруулах нэмэлт, өөрчлөлтийн төслийг боловсруулах дотоодын зөвлөх сонгон шалгаруулна

Дуусах огноо: 2021-08-20 15:00:00   Зарласан огноо: 2021-08-06

Захиалагч: Сангийн яам

Төрөл: Зөвлөх үйлчилгээ


11/CS/0010 Орлого, зарлага болон өрийн дүн шинжилгээний excel-д суурилсан загварыг боловсруулах дотоодын зөвлөх сонгон шалгаруулна

Дуусах огноо: 2021-09-15 15:00:00   Зарласан огноо: 2021-09-06

Захиалагч: Сангийн яам

Төрөл: Зөвлөх үйлчилгээ


Бусад зар »