Block Book Register
Overview
The BlockBookRegisterCommand permanently blocks a book register for security reasons. This is an irreversible action used when fraud is confirmed or suspected.
⚠️ Critical Warning
PERMANENT ACTION: Blocking a book register cannot be undone. Use deactivate for temporary suspension.
API Endpoint
POST /api/bpm/cmd
Headers
Content-Type: application/json
Authorization: Bearer {access_token}
X-Tenant-ID: {tenant_id}
Request Structure
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 789,
"remarks": "Confirmed fraud - unauthorized cheques detected"
}
}
Request Fields
| Field | Type | Required | Description |
|---|---|---|---|
id | long | Yes | The unique identifier of the book register to block |
remarks | string | Yes | MANDATORY - Detailed explanation for blocking (security/audit requirement) |
Important
The remarks field is REQUIRED for blocking. It serves as the permanent audit record for this serious security action.
Sample Requests
1. Confirmed Fraud
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 789,
"remarks": "FRAUD CONFIRMED: Unauthorized cheque #0001025 cleared for $5,000. Police report #FR-2024-456 filed. Customer did not issue this cheque."
}
}
2. Suspected Forgery
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 456,
"remarks": "FORGERY SUSPECTED: Multiple cheques with signature discrepancies. Forensic analysis in progress. Blocked per security protocol SP-102."
}
}
3. Stolen Book
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 321,
"remarks": "STOLEN: Customer confirmed theft during home burglary. Police report #12345 filed on 2024-12-01. All remaining serial numbers compromised."
}
}
4. Security Breach
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 654,
"remarks": "SECURITY BREACH: Books found in possession of unauthorized third party. Risk assessment indicates high fraud potential. Management approval #SEC-789."
}
}
Response Structure
Success Response
{
"isSuccessful": true,
"message": "Book register blocked successfully.",
"statusCode": "00",
"data": {
"id": 789,
"bookType": 1,
"bookTypeDescription": "Cheque",
"bookReference": "CHQ-2024-001",
"depositAccountId": 12345,
"accountNumber": "1234567890",
"status": 3,
"statusDescription": "BLOCKED",
"isActive": false,
"remarks": "FRAUD CONFIRMED: Unauthorized cheque #0001025 cleared for $5,000. Police report #FR-2024-456 filed.",
"updatedAt": "2024-12-05T14:30:00Z",
"updatedBy": "security@bank.com"
}
}
Error Responses
Book Not Found
{
"isSuccessful": false,
"message": "Book register not found.",
"statusCode": "99",
"data": null
}
Already Blocked
{
"isSuccessful": false,
"message": "Book register is already blocked.",
"statusCode": "99",
"data": null
}
Missing Remarks
{
"isSuccessful": false,
"message": "Remarks are required when blocking a book register.",
"statusCode": "99",
"data": null
}
Status Transition Rules
Valid Transitions:
- ACTIVE (1) → BLOCKED (3) ✅ Allowed
- INACTIVE (2) → BLOCKED (3) ✅ Allowed
Invalid Transitions:
- BLOCKED (3) → BLOCKED (3) ❌ Already blocked
- BLOCKED (3) → ACTIVE (1) ❌ Cannot reactivate blocked books
- BLOCKED (3) → INACTIVE (2) ❌ Cannot downgrade blocked status
When to Use Block vs Deactivate
| Scenario | Use Block | Use Deactivate |
|---|---|---|
| All leaves used | ❌ No | ✅ Yes |
| Customer reports lost | ❌ No (initially) | ✅ Yes |
| Confirmed fraud | ✅ Yes | ❌ No |
| Forgery detected | ✅ Yes | ❌ No |
| Theft with police report | ✅ Yes | ❌ No |
| Temporary hold | ❌ No | ✅ Yes |
| Compliance review | ❌ No | ✅ Yes |
| Book found after "lost" report | ❌ No | ✅ Yes (can reactivate) |
| Suspicious activity confirmed | ✅ Yes | ❌ No |
Use Cases
1. Fraud Detection - Unauthorized Transactions
Fraud department confirms unauthorized cheques cleared.
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 789,
"remarks": "FRAUD ALERT: Three unauthorized cheques (#0001020, #0001021, #0001022) cleared totaling $15,000. Customer denies issuing. Forensic analysis confirms signature forgery. Police report #FR-2024-789. All remaining cheques in book compromised. Fraud investigation case #INV-2024-123."
}
}
2. Stolen Book with Police Report
Customer reports book stolen, police report filed.
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 456,
"remarks": "STOLEN PROPERTY: Customer reported cheque book stolen on 2024-12-01. Police report #STL-2024-456 filed with Metro Police Department. Customer statement recorded. All 25 remaining cheques considered compromised. Replacement book #1234 issued."
}
}
3. Internal Security Breach
Books discovered in unauthorized location or possession.
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 321,
"remarks": "SECURITY BREACH: Books found during audit in unsecured storage area. Chain of custody compromised. Unknown if serial numbers were copied or photographed. Risk assessment performed - HIGH risk classification. Security incident #SEC-2024-321. Branch manager approval obtained."
}
}
4. Account Takeover Prevention
Account takeover attempt detected, securing all instruments.
{
"cmd": "BlockBookRegisterCommand",
"data": {
"id": 654,
"remarks": "ACCOUNT TAKEOVER ATTEMPT: Suspicious login detected, password changed by unauthorized user, cheque book request submitted. Customer confirmed no request made. Blocking all active books as precaution. Cybersecurity incident #CYB-2024-654. Customer verified via in-person visit."
}
}
Remarks Field Requirements
Must Include:
- Nature of Incident - Fraud, theft, forgery, security breach
- Reference Numbers - Police reports, case numbers, incident IDs
- Date/Time - When incident occurred or was discovered
- Evidence - What confirms the security issue
- Authorization - Who approved the blocking action
Example Format:
[INCIDENT TYPE]: [Brief description]
Police Report: [Number]
Date: [YYYY-MM-DD]
Evidence: [Description]
Approval: [Name/Title]
Case Reference: [Number]
Business Rules
-
Irreversible Action
- Once blocked, a book register cannot be unblocked
- No reactivation or modification allowed
- Requires issuing new book if customer needs replacement
-
Mandatory Documentation
- The
remarksfield is required (not optional) - Should include all relevant security details
- Serves as permanent audit trail
- The
-
Transaction Prevention
- All serial numbers from blocked book are flagged
- Any transaction attempting to use these serial numbers should be rejected
- Alerts generated if blocked serial numbers are presented
-
Reporting
- Blocked books trigger security reports
- Compliance team is notified
- May trigger investigation procedures
-
Authorization
- Typically requires manager or security team approval
- Should not be delegated to front-line staff
- Part of formal incident response procedure
Best Practices
1. Investigation First
- Verify fraud/security incident before blocking
- Document all evidence thoroughly
- Coordinate with security team
2. Comprehensive Documentation
{
"remarks": "FRAUD INCIDENT REPORT
Incident Type: Forged Cheque
Discovery Date: 2024-12-05
Discovery Method: Customer reported during routine account review
Details:
- Cheque #0001025 for $5,000 cleared on 2024-12-03
- Customer denies issuing this cheque
- Signature analysis shows forgery indicators
- Customer's phone compromised - SIM swap attack suspected
Evidence:
- Original cheque copy obtained
- Forensic signature analysis report #FSA-789
- Customer statement signed and notarized
- Phone records show SIM swap on 2024-11-30
Action Taken:
- Police report #FR-2024-456 filed
- Customer in-person verification completed
- All remaining cheques compromised (26-50)
- Replacement book #1234 issued with new design
Approvals:
- Branch Manager: John Smith (12/05/2024 2:30 PM)
- Security Officer: Jane Doe (12/05/2024 2:45 PM)
Case Reference: SEC-2024-789"
}
3. Customer Communication
- Notify customer immediately (unless ongoing investigation)
- Explain blocking is permanent
- Provide timeline for replacement book
- Document all customer interactions
4. Coordination
- Alert fraud detection systems
- Update internal watchlists
- Coordinate with law enforcement if applicable
- Brief relevant staff about the incident
5. Follow-up
- Monitor for attempts to use blocked serial numbers
- Review related accounts for similar patterns
- Update security procedures if needed
- Complete incident report documentation
Security Considerations
-
Access Control
- Restrict block command to authorized personnel only
- Require multi-factor authentication
- Log all block attempts (successful and failed)
-
Audit Trail
- Every block action is permanently recorded
- Cannot be deleted or modified
- Subject to regulatory review
-
Alert Systems
- Configure real-time alerts for blocked serial number usage
- Monitor transaction systems for blocked books
- Flag any merchant attempts to process blocked instruments
-
Compliance
- May be required to report to regulatory authorities
- Document retention policies apply
- Part of BSA/AML compliance procedures
Notes
- Blocking is the most severe action for book registers
- Cannot be reversed under any circumstances
- New book must be issued if customer needs replacement
- All serial numbers remain permanently flagged in the system
- Blocked books count toward fraud statistics and reporting
- Cache is automatically invalidated after successful blocking
- Transaction systems should reject any serial numbers from blocked books
Related Commands
- Deactivate Book Register - Temporary suspension (reversible)
- Retrieve Book Register By ID - Check block status
- Create Book Register - Issue replacement book
- Retrieve Book Register List - List all blocked books