How to block banking information in SAP S/4HANA applications?

Introduction
A couple of years ago we did a greenfield implementation of S4/HANA. Sometime after go-live there was concern about sensitive banking information being shown. The business was aware of costly solutions being offered but wanted to save the money and see if we could do it in-house. We were originally trying to implement this through Personas until the product specialist informed me that those could be overridden by changing the URL string. After more research, I came up with the following alternate solution.

Solution
I created the following 6 implicit implementations either completely hide bank/account details or replace them with a string of asterisks (*********). I’ll go through them one by one and give you the code needed and where to do your implicit enhancements. Before starting this, you will need to get an authorization object created for those that should still be able to see these sensitive details. In my code, I use the object “Z_BNK_OBJ”.

This enhancement hides Bank Account and Bank Key fields in MIRO, MIR4, and FB60.
Enhancement spot: FDCB~BANK_DATA_AUTH_K
Enhancement code location: end of function module code
Enhancement spot name: ZAP_E088_IPE_BANKMASK1

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK1.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF sy-subrc NE 0.

    p_rc_auth_bank = '-'.

    LOOP AT SCREEN.

      IF screen-name = 'BNKA-BANKL'.

        "IF sy-subrc NE 0 OR bnka-bankl IS INITIAL.

          screen-invisible = 1.

          MODIFY SCREEN.

        "ENDIF.

      ENDIF.

    ENDLOOP.

  ENDIF.

ENDENHANCEMENT.

This enhancement hides bank details in F0771 (Revise Payment Proposals).
Enhancement spot: CL_FAP_RPP_DATA_FETCH~GET_PAYTPRPSL_PAYMENTS
Enhancement code location: end of method code
Enhancement spot name: ZAP_E088_IPE_BANKMASK2

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK2.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF sy-subrc NE 0.

    LOOP AT Et_paytprpsl_payment ASSIGNING FIELD-SYMBOL(<lfs_payprop>).

      <lfs_payprop>-ZBNKN = '*********'.

      <lfs_payprop>-ZBNKN_S = '*********'.

      <lfs_payprop>-ZBNKL = '*********'.

      <lfs_payprop>-ZBNKY = '*********'.

      <lfs_payprop>-ZBNKN_L = '*********'.

    ENDLOOP.

  ENDIF.

ENDENHANCEMENT.

This enhancement hides bank details in F0770 (Manage Automatic Payments)
Enhancement spot: CL_FAP_SCHEDPAYTPRPSL_DPC_EXT~PAYMENTSET_GET_ENTITYSET
Enhancement code location: end of method code
Enhancement spot name: ZAP_E088_IPE_BANKMASK3

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK3.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF sy-subrc NE 0 AND ET_ENTITYSET IS NOT INITIAL.

    LOOP AT ET_ENTITYSET ASSIGNING FIELD-SYMBOL(<lfs_payments>).

      <lfs_payments>-PAYEEBANKCONTROLKEY = '*********'.

      <lfs_payments>-PAYEEBANKACCOUNT = '*********'.

      <lfs_payments>-PAYEEBANKINTERNALID = '*********'.

      <lfs_payments>-PAYEEBANK = '*********'.

    ENDLOOP.

  ENDIF.

ENDENHANCEMENT.

This enhancement is for masking bank details in F1861 (Display Supplier List)
Enhancement spot: CL_FAP_SUPPLIER_LIST_DPC_EXT~C_SUPPLIER_GET_ENTITYSET
Enhancement codelocation: end of method code
Enhancement spot name: ZAP_E088_IPE_BANKMASK4

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK4.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF ET_ENTITYSET IS NOT INITIAL AND SY-SUBRC NE 0.

    LOOP AT ET_ENTITYSET ASSIGNING FIELD-SYMBOL(<lfs_vendors>).

      <lfs_vendors>-BANKACCOUNT =    '*********'.

      <lfs_vendors>-BANKINTERNALID = '*********'.

    ENDLOOP.

  ENDIF.

ENDENHANCEMENT.

This enhancement hides bank details in F110 (Schedule Automatic Payments) – Display Payment Run: Payments AND Display Payment Proposal: Payments
Enhancement spot: SAPF110O~F110OALV_GRID~icons_set
Enhancement code location: end of FORM icons_set code
Enhancement spot name: ZAP_E088_IPE_BANKMASK5

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK5.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF sy-subrc NE 0.

    IF ls_xreguo_alv IS NOT INITIAL.

      ls_xreguo_alv-zbnkn = '*********'.

      ls_xreguo_alv-zbnkn_l = '*********'.

      ls_xreguo_alv-zbnkl = '*********'.

      ls_xreguo_alv-zbnky = '*********'.

    ENDIF.

    IF XREGUO IS NOT INITIAL.

      LOOP AT XREGUO ASSIGNING FIELD-SYMBOL(<lfs_xreg>).

        <lfs_xreg>-zbnkn = '*********'.

        <lfs_xreg>-zbnkn_l = '*********'.

        <lfs_xreg>-zbnkl = '*********'.

        <lfs_xreg>-zbnky = '*********'.

      ENDLOOP.

    ENDIF.

  ENDIF.

ENDENHANCEMENT.

This enhancement hides bank details in F110 (Schedule Automatic Payments) - Payment List AND Proposal List
Enhancement spot: RFZALI20~RFZ30FOR~store_adrs
Enhancement code location: End of FORM store_adrs code
Enhancement spot name: ZAP_E088_IPE_BANKMASK6

ENHANCEMENT 1  ZAP_E088_IPE_BANKMASK6.    "active version

* "Authorization check to see if bank details should be shown.

  AUTHORITY-CHECK OBJECT 'Z_BNK_OBJ'

    ID 'ACTVT' FIELD '03'.

  IF sy-subrc NE 0 AND gt_adrs2pf IS NOT INITIAL.

    LOOP AT gt_adrs2pf assigning FIELD-SYMBOL(<lfs_grok>).

      <lfs_grok>-adrs-bline1 = 'T17 *********'.

      <lfs_grok>-adrs-bline2 = 'T18 *********'.

    ENDLOOP.

  ENDIF.

ENDENHANCEMENT.

As a relatively new developer who couldn't find any posts explaining how I could do this I was a bit overwhelmed, but as I worked with the applications needing blocking and putting them into debug, I was slowly able to find when/where the code would need to be enhanced.