Managing User Roles
|User Roles are only available in the Corporate Edition of Digital Banking.|
User Roles control feature entitlements and dollar limits for one or more company users. Before creating your roles, we recommend mapping out your role structure on paper to define which users will perform which functions, including:
- Who may draft, approve or cancel payments.
- What amount restrictions will be in place for drafters and approvers.
- Whether their are different amount restrictions for different accounts.
Managing User Roles can be a complex exercise and we're here to help you define your role strategy and assist you with the configuration of your roles. Please review the Admin Guide for Corporate Edition for additional context on your administrative responsibilities. For support with User Role management, please contact your Cash Management Advisor or call the Concierge Desk.
In this article:
- Adding/Copying or Removing User Roles
- Editing Rights to Payment Types - defines how the role members are allowed to use the available payment types (like Wire or ACH Payments)
- Features Access - defines which Digital Banking features are enabled or disabled
- Account Rights - defines which accounts the role has access to
Navigating to User Role Management
Select the 'Administration' menu and then select 'Manage User Roles'.
Click on 'Create Role' to create a new user role.
NOTE: Three actions can be performed on an existing User Role.
- Select the pencil icon to edit the user role.
- Select the double paper icon to copy the user role.
- Select the trash bin to delete the user role.
Click the pencil icon to edit the user role.
You will then see a list of available Transaction Types. Only the transaction types that your company has enrolled for will appear within the list.
Select a transaction type by clicking on the name.
At the top right of the screen you can Enable or Disable the payment type for the role. If this role will never draft of approve payments, you may disable it and the proper menu options within their profile will be hidden. Note that the "Rights" for the payment type must still be set to define how users in this role may see Activity Center Transactions.
Allowed Actions define what the user can do with a payment, including Draft, Cancel or Approve. Each allowed action row is called a "Payment Policy" and multiple policies can be "layered" to create complex rules.
For instance, if you would like to allow your users to have different draft amount limits for different accounts, multiple policies can be created for a single payment type.
Select the 'Operations' box. Specify the allowed operation(s) for the selected transaction type.
- ‘Draft’ allows a user to initiate a transaction.
- ‘Draft Restricted’ allows a user to only access an assigned ACH or wire template. It does not allow a user to edit exiting templates or add new templates. One-time payments and recipient maintenance within existing templates are also not allowed. Use this role for employees that will only be drafting payments from existing templates that are set up by another user.
- ‘Approve’ allows a user to authorize a transaction. If this option is selected, be sure to set the Approval Limits for the user.
- ‘Cancel’ allows a user to cancel a drafted or authorized transaction.
Select the 'Amount' box. Specify the dollar amount for the allowed action(s). For instance, if the user has Draft rights and you want to limit them to draft only amounts up to $10,000, enter that amount in this box.
Select the 'Subsidiaries' box. Choose the subsidiary or subsidiaries allowed for this transaction type. This step applies only to organization with more than one Tax ID number set up as part of the enrollment process.
Select the 'Accounts' box. Choose the account(s) allowed for this transaction type. Note that deselecting ALL accounts will set the policy to allow "Any" account.
Select the 'Draft Hours' box. Choose the days and hours allowed for this transaction type. Restricting the days of the week and/or hours of the day can help prevent fraud for users that should only be accessing the system at certain times.
NOTE: Select the days of the week in grey and the hours of the day across the top to indicate days and hours for the transaction. Individual hour boxes can also be selected.
Select the 'SEC Codes' box to specify which SEC codes are allowed for the transaction type (applies to ACH Payment Types only).
Optional: Click 'Open Policy Tester' to validate the User Role functionality to assure the setup is correct. The Policy Tested allows you to create a sample payment that the user should be able to draft or approve to verify that they actually will be able to. Similarly, you can test a "negative" sample by creating a payment that they shouldn't be able to make to ensure that your policy is working as expected.
NOTE: If the policy test is unsuccessful, the reason for the failure will be designated on the screen.
On the Rights tab, select the appropriate right for the user role's ability to view transactions in the 'Activity Center' for the selected payment type. Rights must be set regardless of whether the payment type is enabled or disabled.
WARNING: User roles default to have rights to view ALL transactions regardless of account rights. Because the Activity Center contains sensitive information, please ensure that you are setting the proper Rights level to view the Activity Center transactions.
Options for Activity Center viewing rights include:
- Can view all transactions [DEFAULT] - Can view transactions initiated by any online Banking user within the company regardless of their account access
- Can view own transactions - Can only view the user's own transactions
- Can view transactions from entitled accounts - can only view transactions if the user has "view" access to the account. For Between Account Transfers, the user must have view access to BOTH accounts.
- Can view transactions by others in this role - Can view transactions initiated by users who are assigned to the same user role.
- Cannot view any transactions - the user will be unable to see any transactions, including their own (not recommended)
Select the 'Approval Limits' tab to view and modify the dollar and count limits assigned by Boston Private.
Select the 'Features' tab to view and modify the non-transactional features. Select features you wish to enable or disable.
The Accounts section allows you to define what access rights users within the role should have to available bank accounts. Note that only the accounts that were enrolled based on your enrollment paperwork will appear as options.
Select the 'Accounts' tab to view and modify the account entitlements by selecting or under 'View', 'Deposit' or 'Withdraw'.
Repeat steps 4-12 for each transaction type.
Save the User Role by selecting the 'Save' button.
Account Rights Icons
Access is disabled, but can be enabled.
Access is disabled for the company & cannot be enabled.
Access is enabled.