Assessment of ASX Clearing and Settlement Facilities – September 2025 2. Developments

The ASX Group remains under heightened regulatory scrutiny due to its central role in Australia’s financial markets and ongoing concerns regarding its ability to deliver stable, secure and resilient critical infrastructure. Previous assessments highlighted concerns in relation to governance, operational risk and risk culture.

ASX has made some progress – for example, in moving towards the CHESS Replacement Release 1 delivery target of April 2026 – but persistent challenges remain. ASX continues to carry a heavy project load and key resources are simultaneously supporting the CHESS Replacement, maintaining legacy systems and contributing to broader uplift programs. The regulators remain concerned about the Group’s capacity to manage these competing priorities effectively.

The December CHESS incident also exposed serious deficiencies in ASX’s incident response capabilities, governance and accountability. During the incident, ASX was slow to recognise the potential seriousness of the issue, lacked clear leadership during the response period and failed to deploy adequate resources to address the issue. Subsequent developments, discussed in this assessment, demonstrate further weaknesses in risk management, communication with regulators and internal prioritisation. Although ASX has announced structural changes and a shift in its operating model to improve efficiency, questions remain around its ability to sustain critical operations.

This assessment reviews ASX’s observance of the FSS, including ASX’s plans to address the systemic issues outlined above, the effectiveness of its remediation efforts to date, and its readiness to meet threats to its critical operations if and when they arise.

2.1 Operational resilience

The importance of effective management of operational risk is increasingly recognised, against a backdrop of rapid technological innovation, ageing legacy systems, more frequent periods of market volatility and increased cyber threats. In this context and given the serious operational concerns raised by the December CHESS incident, the RBA has maintained a rating of not observed for ASX Clear and ASX Settlement and partly observed for ASX Clear (Futures) and Austraclear for the Operational Risk Standard. ASX has made progress in some areas of operational risk management during the assessment period, but significant work is still required for it to meet expectations for an operator of critical market infrastructure. This includes work to remediate issues related to current CHESS. More broadly, the RBA expects ASX to demonstrate across all key systems how it meets FSS requirements that systems are highly reliable and adequate business continuity arrangements are in place.

2.1.1 CHESS

December 2024 CHESS incident

This incident was the result of a virtual memory capacity limit on the number of settlement participants involved in a CHESS settlement batch. It was triggered by the resignation of a settlement participant. When ASX removed this participant from the CHESS system, the memory allocation for settlement participants was substantially reduced. This was due to a calculation error in the code, which used outdated logic to count the total number of participants. The incident reinforced concerns about ASX’s risk management framework, approach to change management, and governance arrangements, expressed in the 2024 assessment.¹ Two pressing concerns that arose during the incident were an insufficient level of resourcing to identify and resolve the issue and a lack of recognised and tested contingency arrangements for failure at each stage of the CHESS settlement process.

Following the incident, the RBA downgraded ASX Clear and ASX Settlement to not observed on the Operational Risk Standard and made recommendations related to resourcing and contingency arrangements for the current CHESS system.² These included recommendations that specified information be provided to the RBA by 30 April 2025. The information provided in response to those recommendations was inadequate, as discussed further below. Of particular concern was ASX’s assertion that resourcing of the CHESS technical teams was sufficient for business-as-usual (BAU) and planned change activities, and only stretched in the event of a multiday incident. A key requirement of the FSS is that providers of critical financial market infrastructure are appropriately resourced to ensure that all key systems are operated securely and reliably in all circumstances.³ Currently, the RBA is concerned that key subject matter experts are over utilised, given concurrent demands to support the current CHESS system and deliver the CHESS Replacement project. Employee surveys indicate that staff engagement and morale are low, including in the teams responsible for supporting and replacing CHESS. The RBA is concerned that it may be difficult to improve these conditions and deliver committed outcomes if key staff are stretched.

In accordance with further information requests from the RBA, ASX ultimately provided a plan to improve its contingency arrangements. The RBA expects this plan to be implemented in a diligent and timely manner. ASX is also expanding its third-party support arrangements for CHESS and finalised a statement of work for these arrangements in early September 2025.

April 2025 HIN issue

Concerns about the current CHESS system were underscored by another issue that surfaced during the April 2025 period of market volatility associated with US tariff announcements. High trading volumes on 7 April, alongside a change in a participant’s systems, led to the possibility that ASX could hit capacity constraints related to the number of unique holder identification numbers (HINs) in a CHESS settlement batch. As a result, there was a risk that trades executed on 7 April could fail to settle two days later. The underlying problem was very similar to the issue that caused the December CHESS incident, which was also a ‘global section’ memory limit.

ASX’s handling of this issue reinforced long-held concerns about its approach to managing operational risk. In particular, ASX had known about the capacity limits problem since the end of January 2025. It was therefore known that there was a risk that settlement might be disrupted if the capacity limits were exceeded. Despite this knowledge, remediation was not considered until trade volumes reached a level that posed a significant, immediate risk of exceeding the capacity limit. ASX also conceded that it could have communicated better with the regulators about the issue; the existence of the problem was only reported to the RBA the day before the potential impact on settlement.

ASX has been investigating other potential capacity limits in CHESS as part of its broader response to the December incident. This includes an IBM-led technical review of CHESS, which ASIC directed ASX to complete as part of the joint regulator response to the incident.

CHESS Replacement project

The CHESS Replacement project is critical to ASX’s long-term management of operational risk. Its successful delivery will allow ASX to move away from the current CHESS system, which is aged and increasingly difficult to maintain. Delivering this project is, however, complex and itself involves significant operational challenges. One key interdependency is that some ASX staff who support current CHESS are also involved in change activities related to CHESS Replacement. Accordingly, ASX needs to carefully manage resourcing across business-as-usual and change activities to ensure that the current CHESS system is appropriately maintained and CHESS Replacement is delivered in a safe and timely manner.

ASX assesses that the project is broadly on track and the RBA does not currently have major concerns about its status. That said, there have been some testing delays in recent months, driven by a higher-than-expected number of code defects. These defects could delay Release 1, which focuses on the clearing component of CHESS, if they are not remediated over the coming months. Release 1 is currently scheduled to go live in April 2026. As the date for Release 1 approaches, the RBA and ASIC will be monitoring the project closely to ensure ASX has sufficient planning, cutover and rollback strategies in place. The outcome of Release 1 will provide insights about the capability of ASX and its vendor Tata Consultancy Services (TCS) to deliver Release 2, which is a more complex undertaking. Release 2, elements of which remain in the planning phase, will replace the CHESS settlement and registry functions and is expected to go live in 2029. As the system design is finalised, the RBA expects ASX to embed sufficient resilience and contingency arrangements to ensure that ASX can continue to provide critical services during an extended operational incident.

2.1.2 Aged assets

The December CHESS incident and the April HIN issue highlighted the disruption that can result from poor management of legacy technology. Continued focus on identifying aged assets and proactively implementing steps for remediation is needed. ASX is in the process of uplifting its systems and capabilities to manage aged assets, while continuing to remediate outstanding issues. During this assessment period, ASX has implemented mandatory policies for monitoring and managing the lifecycle of hardware and software assets and conducting an annual System Operational Risk Assessment (SORA) for Tier 1 and 2 systems. The RBA will be looking for evidence over the next assessment period that the overall software and hardware lifecycle is being managed appropriately.

ASX has made consistent progress over the assessment period to remediate high-severity issues included in the Technology Issues Remediation Roadmap (TIRR). While this progress is welcome, the RBA expects progress to continue in the next assessment period. This should include remediation of outstanding issues on the TIRR.⁴ ASX should also clearly articulate its strategy and governance framework for escalating issues identified in future SORA assessments and asset lifecycle monitoring.

2.1.3 Strengthening operational resilience across all critical services

The Operational Risk Standard requires CCPs and SSFs to ensure systems are designed with a high degree of security and operational reliability. This includes business continuity arrangements that enable a timely recovery of operations and fulfilment of obligations by the end of the day, including in the event of a wide-scale or major disruption. The December CHESS incident and ASX’s response to the RBA’s out-of-cycle recommendation on contingency arrangements demonstrated that ASX does not have contingency arrangements for some stages of the CHESS settlement process. The RBA is concerned that there may be similar gaps for other CS facilities. A particular concern is that ASX’s approach to resilience is currently mostly concerned with external or system-wide sources of disruption. Resilience planning should also consider issues that arise within ASX’s own systems or processes. Since the end of the assessment period, ASX has commenced work, as part of the ‘business resilience’ stream of its ‘Accelerate’ program, that aims to provide it with a better understanding of gaps in the resilience of critical systems. The RBA expects ASX ultimately to move towards adopting a more comprehensive framework for business continuity and contingency planning across all CS facilities, in line with international best practice.

2.1.4 Cyber resilience

During the assessment period, the RBA and ASIC indicated the need for ASX to improve its cyber strategy and workplan, to ensure ASX is well placed to manage emerging risks. ASX has developed a more comprehensive roadmap for improving cyber resilience and enhanced reporting against this roadmap to the ASX boards. ASX has also conducted preliminary work to enable industry-wide cyber resilience tests. These tests should help stakeholders prepare for emerging ecosystem risks and develop their ability to respond to extreme but plausible scenarios.⁵

2.1.5 Settlement finality

The FSS state that a ‘securities settlement facility should complete final settlement no later than the end of the value date’. In the December CHESS incident, ASX Settlement failed to settle obligations on the value date. This led to liquidity pressures for some participants that were relying on the CHESS batch settlement proceeding. ASX’s lack of contingency arrangements for each step of the batch settlement process contributed to this failure. The RBA has downgraded the rating of ASX Settlement for the Settlement Finality Standard to partly observed.

The RBA has also considered the adequacy of similar contingency arrangements for Austraclear’s settlement processes. While Austraclear has a range of contingency processes, the RBA considers that more comprehensive contingency arrangements would improve confidence that settlement will occur no later than the value date. A third-party review also identified additional gaps in ASX’s Business Impact Analysis and Business Continuity Plans relating to complete system and technical outages at Austraclear. The RBA has downgraded the rating of Austraclear against the Settlement Finality Standard to broadly observed and expects ASX to review its contingency arrangements for Austraclear, as part of addressing the recommendation outlined in section 2.1.3.

2.2 Framework for comprehensive management of risks

The RBA’s view is that work to date to uplift ASX’s risk management framework and culture has not been progressing quickly enough for ASX to move sustainably towards best practice. Accordingly, the RBA has maintained the rating of partly observed for the Framework for Comprehensive Management of Risks Standard across the four facilities.

There have, however, been some encouraging developments more recently. Under the direction of the newly appointed Chief Risk Officer, ASX is planning a significant and comprehensive risk transformation, which will be delivered over a multi-year horizon as part of the Accelerate program. A related stream of Accelerate is focused on broader cultural change. The full risk transformation plan has not been finalised, but the RBA has seen an early project plan. The gap between ASX’s current risk management framework and the aspiration outlined in the project plan is substantial and achieving the target state will likely require sustained investment over multiple years. The RBA’s preliminary view, based on currently available information, is that the Accelerate program could provide impetus for the foundational changes required at ASX; however, this will be contingent on appropriate resourcing and effective execution. The RBA will be monitoring ASX’s delivery of its risk and culture transformation plans closely and will be looking for evidence of material and tangible progress towards its target state in the next assessment period.

2.2.1 Risk culture

ASX’s 2025 annual staff survey showed reduced performance across the majority of risk culture metrics compared with 2024 scores. ASX continues to underperform other major financial institutions across all risk culture metrics, with a significant gap in relation to the themes of ‘risk capabilities’ and ‘risk governance and controls’. Areas of weakness identified in previous risk culture reviews have not been fully addressed. The RBA is concerned by the slow progress and will be looking for meaningful improvement, including through the implementation of ASX’s planned risk culture initiatives under the Accelerate program.

The RBA is also concerned that ASX has failed to appreciate the seriousness of recent shortcomings in risk management. This was evident in some aspects of ASX’s handling of the December CHESS incident. For example, despite failing to settle by the end-of-day on Friday 20 December, ASX’s crisis management team did not meet until the afternoon of Saturday 21 December. Further, a post-incident review noted that the information provided to ASX Settlement participants was vague, did not convey the severity of the incident and to some participants implied that it was likely to be resolved on the day.

2.2.2 Information systems and controls

As part of ASX’s risk transformation plan, ASX has identified that current systems for capturing risk data are inadequate and disparate and that an improvement is required to drive effective reporting and decision-making. ASX has also observed incomplete and insufficient monitoring of risks and controls across critical end-to-end business processes. One notable concern is that ASX’s operational risk and issues system – which is central to capturing risk and controls data – has been observed to be inconsistently used by ASX staff. Additionally, due to lack of investment and prioritisation, the system has had known functionality gaps for multiple years.

During the assessment period, shortcomings in data and reporting controls were a contributing factor to several issues identified in financial risk models. The ASX CCPs play a critical role in credit intermediation in the financial system and are expected to reliably and capably manage a range of financial risks. Insufficient controls supporting ASX’s financial risk management are an issue of concern that could become serious if not addressed promptly. This is consistent with a rating of partly observed for the Framework for Comprehensive Management of Risks Standard.

These shortcomings are described further in section 2.4.2.

2.3 Governance

The RBA has concluded that the ASX facilities continues to partly observe the Governance Standard.

ASX’s governance has remained a key area of concern for the RBA since it was assessed as a special topic in the 2021 assessment.⁶ The RBA has observed that improvements made by ASX to its governance arrangements in subsequent cycles have been beneficial. For example, enhancements to ASX’s internal audit function have resulted in effective independent challenge from internal audit and constructive responses to findings by the executives.

Notwithstanding these improvements, the RBA remains concerned about some aspects of ASX governance. Some of these concerns are illustrated by the process for responding to the RBA’s out-of-cycle assessment of 31 March, which sought initial responses from ASX by 30 April. These responses, prepared by ASX management and reviewed by the ASX boards were inadequate. Specifically, the responses did not contain details expressly stipulated in the RBA’s out-of-cycle assessment. The RBA has reviewed the minutes of the relevant ASX board meetings and conducted discussions with ASX directors and management. These confirm that the ASX boards had indicated that further details should be included in the response to the RBA’s out-of-cycle assessment. However, this did not occur. The RBA considers this to be a highly concerning failure of governance. It is a fundamental requirement of good governance that executives comply with the direction of the boards and that the boards take all necessary measures to ensure that this is done.

2.3.1 Risk strategy

The Governance Standard provides that it is the overall responsibility of a board to ensure that a CS facility’s risks are managed in a way that is consistent with the CS facility’s business strategy and risk tolerance policy. ASX has been out of risk appetite across established risk categories since 2020; it devised a strategy in 2022 for returning to an acceptable risk level, but progress has been slow.

In June 2025, ASX’s internal audit function completed a review of ASX’s strategy to address a heightened level of risk. This review found that there is a need for a more cohesive approach to bring ASX back within its risk appetite. Shortcomings in risk governance processes were also identified. Further, it was observed that existing risk reporting to ASX’s management and boards does not clearly connect risks outside of the Group’s risk appetite with existing or planned remediation. This makes it difficult to ensure that heightened risks are being appropriately remediated.

The internal audit review also found that ASX should further formalise its risk governance to ensure effective implementation and operationalisation of ASX’s risk appetite statement. This would include the adoption of consistent criteria for determining whether the Group is within or outside risk tolerance. As noted in the 2024 assessment, the RBA considers that ASX’s risk appetite statement should expressly emphasise the safety of CS facilities.

A separate, external review of ASX’s risk management frameworks found that ASX’s risk management tends to be reactive and informed by external, rather than internal benchmarks. For instance, changes to the frameworks tend to be prompted by external triggers such as regulatory actions rather than being internally driven. It was also found that risk management does not yet appear sufficiently embedded in ASX’s strategy. The RBA expects ASX boards to ensure that risk management is considered holistically as part of ASX’s overall business strategy.

2.3.2 Board reporting

The RBA has previously expressed concerns about the length of ASX board papers as well as the excessive technical detail contained in them. These issues were also raised in an external review of ASX’s board function, which ASX commissioned in response to a recommendation in the RBA’s 2023 assessment.⁷ Lengthy and excessively detailed board papers are less likely to assist the board to identify and focus on the key issues. ASX has implemented processes and guidelines that seek to address these longstanding concerns. A survey of board directors indicates that these changes have resulted in improvements to board papers; however, additional areas for improvement were identified. Further, the RBA is concerned that the boards have been receiving reporting that paints an overly positive picture of key areas of risk, reflecting deficiencies in ASX’s risk culture. ASX should continue to improve its board reporting, including through seeking and addressing feedback from board directors.

In June 2025, ASX’s internal audit function also conducted a review of board key risk indicators (KRIs). Board KRIs are metrics reported to ASX boards specifying whether areas of risk are within or outside risk tolerance and help facilitate appropriate consideration of risks in decision-making. The review found that board KRIs lack clear ownership and that subject matter experts were not actively engaged in the annual review of the metrics. The composition of many of the KRIs was found to be complex, subjective and limited for measuring key risks. The completeness and accuracy of the KRIs were not consistently reviewed and there are no defined mechanisms for continuous monitoring of KRIs. One consequence of these deficiencies is that board KRIs may not correctly reflect real risk and therefore may not provide an accurate measure of whether the Group is operating within or outside risk appetite. Relatedly, risk-based criteria that inform executive remuneration may not be providing sufficient incentives to promote sound risk management. One of these criteria is related to the number of KRIs that are within ASX’s risk appetite.

2.4 Financial risk management

Over the past few years, ASX has improved its financial risk management in some areas, partly in response to previous RBA recommendations. ASX has increased the size of its clearing risk team and introduced more robust model review processes.

However, further improvement is still required. During the assessment period, the RBA was disappointed by several issues relating to ASX’s stress test and margin models, as set out below. While some of these were identified through improved model review processes, this was not always the case. Given the central role that ASX’s CCPs play in the Australian financial system, it is crucial that they manage their financial risks in a mature and reliable way. ASX should prioritise the improvement of their financial risk management to the level expected of critical financial market infrastructure.

2.4.1 Progress against outstanding RBA recommendations

ASX made progress against several RBA recommendations related to financial risk management:

• Credit risk: ASX completed an upgrade of its credit stress test model for ASX Clear to improve the comprehensiveness of stress test scenarios. ASX also introduced new scenarios to monitor and mitigate specific wrong way risk at ASX Clear.
• Liquidity risk: ASX upgraded its liquidity stress testing model for ASX Clear. The changes improve ASX Clear’s modelling of liquidity obligations throughout the cash settlement cycle. ASX is expecting to progress similar work for ASX Clear (Futures) in the coming assessment period.
• Margin procyclicality: ASX finalised its procyclicality framework to mitigate destabilising increases in margin during periods of heightened market volatility.
• Overnight variation margin: ASX explored a long-term overnight variation margin strategy for ASX Clear (Futures) involving the use of the New Payments Platform. However, some impediments beyond ASX’s control mean that this is unlikely to be prioritised by industry in the near future. As an alternative, ASX will consider expanding the available collateral options for margin payments as part of an upgrade of its collateral management system.

2.4.2 Issues identified during the assessment period

In October 2024, ASX reported to the RBA that it had erroneously omitted implied volatility data for a product in its credit stress test calculations for ASX Clear.⁸ As a result, some exposures were underestimated. In three instances, ASX failed to identify that ASX Clear’s stress test exposures, if correctly calculated, would have exceeded the size of its pre-funded resources. A solution to resolve the issue was introduced in October 2024 and tactical control improvements were subsequently introduced to avoid a similar issue re-occurring. While the exceedances were all less than five per cent of ASX Clear’s prefunded resources, these issues demonstrated that ASX was not monitoring and mitigating credit risks with the high degree of accuracy that is expected of a CCP.

ASX subsequently conducted a review of data controls supporting its stress testing. The review identified that improvements in controls are required to manage data calculation risk. ASX has engaged a third party to provide support in improving its data and reporting control frameworks. The RBA expects that ASX’s improvement in data and reporting controls should be considered holistically across all financial risk models, and the enterprise more broadly, where relevant.

In July 2025, following a participant query, ASX identified that stress test outputs for 30-day interbank cash rate futures contracts were incorrectly signed for some scenarios.⁹ A fix was implemented in August to address the immediate issue. While these products account for less than one per cent of margin collected at ASX Clear (Futures), the error did affect the calculation of margin obligations for some clearing participants throughout the entire assessment period.

Additionally, as part of model validation processes, ASX identified and remediated several inaccuracies in margin calculations over the assessment period. In one instance, ASX identified that there were material calculation errors for the size of overnight margin calls for a subset of participants over an eight-month period. In addition to fixing the immediate issue, ASX has introduced additional controls and improved change management procedures.

While the RBA acknowledges that some of the issues above were identified because of improved model review processes, this was not always the case. In addition to directly remediating the issues identified, ASX should ensure that any further improvements to its model validation and controls testing frameworks are identified and implemented.

2.4.3 Impacts on FSS ratings

The RBA has reassessed the ASX CCPs’ compliance against several FSS given the developments above.

The errors identified in ASX’s credit stress tests is an issue of concern that could become serious if not addressed promptly. Accordingly, the RBA has downgraded the ASX CCPs’ compliance against the Credit Risk Standard to partly observed. The RBA considers credit risk to be a particularly important aspect of a CCP’s risk management and expects ASX to place a high priority on remediating the outstanding issue and progressing recommendations related to credit risk.

The developments above also raise concerns about the compliance of ASX’s financial models with other regulatory requirements set out in the FSS.¹⁰ Accordingly, the RBA has maintained a rating of broadly observed in relation to the Margin and Liquidity Standards. In addition to remediating other outstanding RBA recommendations, the RBA expects ASX to make substantive progress against the recommendations in this assessment before these standards can be rated as observed.

The ASX CCPs’ rating for the Collateral Standard has been downgraded to broadly observed. A CCP is expected to apply prudent haircuts to the value of the collateral to achieve a high degree of confidence that the liquidation value of the collateral will be at least equal to the obligation that the collateral secures in extreme but plausible market conditions.¹¹ ASX’s review of data controls, in response to the stress testing issue described above, identified shortcomings in controls that apply to collateral models at both CCPs. These will need to be remediated before this rating can return to observed.

2.5 Other updates

2.5.1 Regulatory reporting

During the assessment period, ASX reviewed its regulatory reporting processes and improved reporting for major inflight projects, including ClearStar and CHESS. However, there were several regulatory reporting breaches over the assessment period. ASX Settlement was found not to be preparing audited annual accounts. There were also delays in reporting the entry by Austraclear participants into external administration. Similar issues relating to regulatory reporting were identified by ASX’s internal audit function. ASX was found to have insufficient processes for ad hoc regulatory reporting and limited central oversight of its reporting submissions.

The RBA considers that the shortcomings in ASX’s reporting processes are an issue of concern and has maintained the rating of broadly observed for all ASX CS facilities for the Regulatory Reporting Standard.

2.5.2 General business risk

The RBA has upgraded the rating of all ASX CS facilities to observed for the General Business Risk Standard. In the 2024 assessment, the RBA found that ASX did not have a viable wind-down plan for its CS facilities. During the assessment period, ASX developed a wind-down plan outlining key wind-down strategies and the measures needed for implementation. ASX expect to make further refinements to the plan.

Work is currently underway at an international level to consider more detailed guidance for how financial market infrastructures should manage general business risks.¹² The RBA expects ASX to incorporate any additional guidance into its wind-down plan and interpretation of the General Business Risk Standard within a reasonable timeframe after it is released.

Footnotes

See RBA (2024), ‘Assessment of ASX Clearing and Settlement Facilities’, September. 1

See RBA (2025), ‘Out-of-cycle Assessment of ASX Clear Pty Ltd and ASX Settlement Pty Ltd: Operational Risk Standard’, March. 2

See CCP Standard 16.4 and SSF Standard 14.4. 3

The TIRR includes high-severity issues and medium-severity issues that were previously rated high severity. Issues can be downgraded to medium or low severity if remediation activity has progressed sufficiently, for example, via a system upgrade or a short-term fix ahead of a longer term solution. 4

A more detailed assessment of ASX’s cyber resilience has been communicated confidentially to ASX. 5

See RBA (2021), ‘Special Topics – Governance and Risk Management Framework’, September. 6

RBA (2023), ‘Assessment of ASX Clearing and Settlement Facilities’, October. 7

ASX conducts daily stress tests to ensure it has sufficient pre-funded resources to manage the potential financial exposure from the default of one or two clearing participants in extreme but plausible conditions. 8

In other words, when the output was intended to be positive, it was negative and vice versa. 9

For example, CCP Standards 5.3, 6.2, 6.3, 6.6, 7.2, 7.3, 7.6 and 7.8. 10

See RBA (2012), ‘Financial Stability Standards for Central Counterparties – Standard 5: Collateral – Guidance’, December. 11

In 2023, CPMI-IOSCO indicated that it intended to undertake additional work to consider and consult on further guidance on non-default losses. See CPMI-IOSCO (2023), ‘Cover Note to the CPMI-IOSCO “Report on Central Counterparty Practices to Address Non-default Losses”, 23 August. 12