Setting Up Security Profiles And Permissions

Overview

In PrecisionLender, Security Profiles are how you control users' levels of access and permissions.  PrecisionLender allows as many custom security profiles as you need. 

 

In this Article

 

 

Things to Consider When Setting Up Security Profiles

What are the different types of users that will require access to PrecisionLender?

Different types of users may require different rights and privileges based on the nature of their role.  Common user types include (but are not limited to):

  • Lenders / Relationship Managers / Portfolio Managers
  • Credit Analysts / Credit Administration
  • Loan Assistants / Loan Operations
  • Regional Managers / Line of Business Managers
  • IT Security Manager
    • It is common for someone in the IT Department to be responsible for managing users (enabling / disabling) and application access settings. Thus, there is often a unique security profile for this person(s).
  • Chief Pricing Officer / Assumptions Manager / Administrator
    • This is almost always a unique security profile.
  • C-Level Management / Executive Sponsor
  • Retail / Consumer Lending Manager (rate sheets only)
  • Deposit Pricing Manager (rate sheets only)

Once you have identified the different types of users for your bank, think about how each type of user will be expected to use PrecisionLender.

  • For example, will this user type be talking to customers and pricing opportunities? Or will they only need to view the data entered by others?
Are there managers over different regions that will need to manage activities for multiple lenders in their region?

It is common for banks to be organized by line of business, geographic region or both.

Oftentimes, there is a regional manager over each region who is responsible for loan production and profitability in their region and will need to be able to view and approve opportunities for other users in their region.

However, if the bank does not want the regional manager viewing the activities of other regions, it is often necessary to create a unique security profile for each region manager.

  • Example 1: Your bank has 3 regions: Region A, Region B and Region C. Each region has a manager that can only impact activities in their own region. If Managers A, B, and C are allowed to view (but not edit) each other's regions, one security profile will achieve that by having each manager in their specific region, and adding visible regions in the bottom of the security profile.
  • Example 2: Your bank has 3 regions: Region A, Region B and Region C.  Each region has a manager that can only impact activities in their own region, and they are allowed to view only select activities outside their own regions. If Managers A and B can view Regions A and B, but not Region C, then there should be two security profiles; one for Managers A and B where Regions A and B are visible, and one for Manager C that only shows Region C.
Will lenders be able to view only their own activities or will they be permitted to view the activities of other lenders too?

Pros:

  • Allows lenders to compare themselves to other lenders in the bank.
  • Can often foster a good dose of internal competitive peer pressure which can accrue to the benefit of the bank.

Cons:

  • If the bank is using different targets in different regions, it may not be desirable for lenders in one region to know the targets and/or assumptions used by other regions. This typically becomes more of a concern if lender incentive compensation is tied to loan production and/or return performance.

Some banks choose to allow lenders to only view their own activities. Others allow lenders to view all activities in their home region.  Some banks allow lenders to view all activities across all regions.

There is no right or wrong answer as to how you do it. It is driven by what you are trying to accomplish as a bank and the needs of the lenders to best do their jobs.  As with most things, there are pros and cons to giving lenders access to see the activities of other users or regions.

 

How to Create or Edit a Security Profile

 

  1. Select the Administration tab on the bottom-left side of the application.
  2. In the Security Profiles Section you can:
      • Click "New" to create a new Security Profile;
      • Click the copy icon (You can click the copy icon, shown here) next to the Security Profile that you would like to duplicate; or
      • Click the name of the Security Profile you would like to edit
  3. When finished creating or editing the profile, click “Save,” then click “Close”

 

The Security Profile Screen

General Rights

General rights focus on the day-to-day use of the application.

 

Opportunities Relationships Rate Sheets

An opportunity is defined as new business. This could be any type of new facility the user is trying to price. (i.e. a new loan, deposit, fee based income or any combination thereof).

Important Note

If a PrecisionLender Opportunity has a Salesforce Opportunity attached to it, some user rights may be restricted. This occurs when a PrecisionLender Opportunity is created from Salesforce using the Price in PrecisionLender button. For example, to delete a PrecisionLender Opportunity users must delete the Salesforce Opportunity first. This will automatically delete the PrecisionLender Opportunity. Additionally, some fields may be un-editable including: Opportunity Name, Relationship, Close Date, and Stage. These fields must be updated from the Salesforce Opportunity.

View All
Allows users in this profile to view all opportunities in the regions they have access to, including Deal Team Opportunities they are or are not part of.
Create and Own
Allows users in this profile to create new opportunities. It also permits the user to receive a transferred Opportunity from another user.
  • Any opportunity that a user owns, they can delete. 
  • Any opportunity that a user owns, they can transfer away to anyone they can view.
Edit Any
Allows users in this profile to edit any opportunity they can view, including those belonging to other users.
  • Any opportunity that a user can edit, they can delete.
  • Any opportunity that a user can edit, they can transfer to themselves or anyone they can view.
  • Any Deal Team opportunity they are or are not a part of.
View Deal Team
For clients with Deal Teams enabled
Restricts users in this profile to view the Deal Team Opportunities they are members of and any Opportunities they own. Checking this box will automatically uncheck the box for the Opportunity "View All" right.
Edit Deal Team
For clients with Deal Teams enabled
Restricts users in this profile to edit the Deal Team opportunities they are part of and any Opportunities they own. Users with this right can transfer ownership of the opportunity to themselves or anyone on the deal team. Checking this box will automatically disable the "Edit Any" rights for opportunities.
Alternate Pricing Region
For clients with Alternate Pricing Regions enabled
Allows users to price their opportunity in any of their visible regions.

Back to top

 

Administrative Rights

Administration rights focus on managing products, assumptions, and loan approval. Depending on your institution, you may want Standard Users to be able to make these adjustments or you may want to have another User Type, like “Management,” to only have this access.

Regional: Checking boxes on this row allows the user to make adjustments to their home region and any regions that are set to visible.

System Wide: Checking boxes on this row allows the user to make adjustments to all regions.

 

Approve Loans
Checking this box allows those in this Security Profile to move an opportunity to the 'Awaiting Close' status. Owners of an opportunity can use the Opportunity Stage to indicate where the opportunity is in the normal process.
Close Loans
Checking this box allows those in this Security Profile to change the Opportunity Stage to a 'Closed Won' status.
Manage Products
Checking this box allows those in this Security Profile to create and edit products such as loans, deposits, or other fee-based incomes.
Manage Assumptions
Checking this box allows those in this Security Profile access to the General, Rates & Indices, Print Options, and Universal Assumptions areas of the Administration Section.
Manage Users
Checking this box allows those in this Security Profile to create, manage, and edit new or existing user accounts.
Manage Access
Checking this box allows those in this Security Profile to modify the Security Profiles of other users. This permission grants access to the User Access Settings which control Password and IP restrictions.
Import Data
Checking this box allows those in this Security Profile to access PrecisionLender’s Web Query files to extract additional pipeline and usage data.
Manage Regions
Checking this box allows those in this Security Profile to create and manage home regions for other users. Regions are used to create and manage assumptions and targets for different markets.
Manage API Access
Checking this box will allow those in this Security Profile the ability to create and manage Service User Account Access for PrecisionLender's API.

Back to top

 

Visibility

The filter bar can become cluttered if a region contains large numbers of users. Some financial institutions have groups of users such as loan assistants or credit analysts that need access to PrecisionLender, but that do not create or 'own' loans within the bank. This setting allows those security profiles to be hidden from the filter bar and dashboard reporting.

 

Hide from Filter Bar
Checking this box excludes those in this Security Profile from the filter bar.
Default Dashboard
If checked, when users log into PrecisionLender, their opportunity dashboard will show the data for their home region's level.

Back to top

 

Integration

These settings are intended only for banks who have licensed the CRM and/or LOS integrations. Applying these restrictions to a user whose bank has not licensed an integration will block the user from logging into PrecisionLender.

 

Hide Dashboard
If checked, this will prevent CRM users from leaving the opportunity that they are pricing to access the PrecisionLender dashboard.
Disable Application Login
If checked, this will prevent users from being able to login directly to PrecisionLender along with the following:
  • They will only be allowed in through the integrated CRM.
  • If they have the ability to view the dashboard after closing the opportunity, then they:
    • will not have access to the New Opportunity menu bar
    • will not be able to see the Administration tab on the homepage
    • will not be able to select the Copy button on the opportunity grid
    • will not be able to Create New or Add/Remove an opportunity from the Relationship Pricing tab
Enable Submit to Origination
If checked, this will enable users to submit their PrecisionLender opportunity to their Force.com loan origination system.

Back to top

 

Data Library

The Data Library Access permissions determine a users ability to view and manage Data Library reports.

 

View Region Level Reports
Allows users in this profile to view Data Library reports at the Region level.
View Bank Level Reports
Allows users in this profile to view Data Library reports at the bank level.
Manage Report Access
Allows users in this profile the ability to enable and/or disable Data Library reports and folders.

Back to top

 

Visible Regions

 

Your institution may want to prevent certain Security Profiles from seeing other regions in the dashboard reports. This section will list your available regions to hide or make visible to this Security Profile. Opportunities and Relationships are assigned to users, and users are assigned to regions, so if a lender doesn't have visibility to a region, that lender will see neither Opportunities nor Relationships that reside in that region.

Users will always have rights to their home region, even if it is not specifically set to visible.

Back to top