Financial Stability Standards for Securities Settlement Facilities – December 2012 Standard 14: Operational Risk

Note: The headline standard and numbered ‘sub’-standards determined under section 827D(1) of the Corporations Act 2001 have been formatted in bold text while the guidance to these standards has been formatted as plain text. For more information see the Introduction for Standards and Introduction for Guidance. Although the Reserve Bank has taken due care in compiling this page, the published version of the Standards and Guidance should be used in the case of any differences between the two.

A securities settlement facility should identify the plausible sources of operational risk, both internal and external, and mitigate their impact through the use of appropriate systems, policies, procedures and controls. Systems should be designed to ensure a high degree of security and operational reliability and should have adequate, scalable capacity. Business continuity management should aim for timely recovery of operations and fulfilment of the securities settlement facility's obligations, including in the event of a wide-scale or major disruption.

Guidance

Operational risk is the risk that deficiencies in information systems, internal processes and personnel, or disruptions from external events will result in the reduction, deterioration, or breakdown of services provided by a securities settlement facility. Operational failures can damage a securities settlement facility's reputation or perceived reliability, lead to legal consequences and result in financial losses incurred by the securities settlement facility, participants and other parties. In certain cases, operational failures can also be a source of systemic risk. A securities settlement facility should: establish a robust framework to manage its operational risks, which should identify the plausible sources of operational risk; deploy appropriate systems; establish appropriate policies, procedures and controls; set operational reliability objectives; and develop a business continuity plan. A securities settlement facility should take a holistic approach when establishing its operational risk management framework.

Identifying and managing operational risk

14.1 A securities settlement facility should establish a robust operational risk management framework with appropriate systems, policies, procedures and controls to identify, monitor and manage operational risks.

14.1.1 A securities settlement facility should actively identify, monitor and manage the plausible sources of operational risk and establish clear policies and procedures to address them. Operational risk can stem from both internal and external sources. Internal sources of operational risk include inadequate identification or understanding of risks and the controls and procedures needed to limit and manage them, inadequate control of systems and processes, inadequate screening of personnel and, more generally, inadequate management. External sources of operational risk include the failure of critical service providers or utilities or events affecting a wide metropolitan area such as natural disasters, terrorism and pandemics. Both internal and external sources of operational risk can lead to a variety of operational failures that include: errors or delays in message handling; miscommunication; service degradation or interruption; fraudulent activities by staff; and disclosure of confidential information to unauthorised entities. If a securities settlement facility provides services in multiple time zones, it may face increased operational risk due to longer operational hours and less downtime for maintenance. A securities settlement facility should identify all potential single points of failure in its operations.[37] Additionally, a securities settlement facility should assess the evolving nature of the operational risk it faces on an ongoing basis (for example, pandemics and cyber-attacks), so that it can analyse its potential vulnerabilities and implement appropriate defence mechanisms.

14.2 A securities settlement facility's board of directors should clearly define the roles and responsibilities for addressing operational risk and should endorse the securities settlement facility's operational risk management framework. Systems, operational policies, procedures and controls should be reviewed, audited and tested periodically and after significant changes.

14.2.1 A securities settlement facility should establish clear policies, procedures and controls that mitigate and manage its sources of operational risk. Overall, operational risk management is a continuous process encompassing risk assessment, defining an acceptable tolerance for risk and implementing risk controls. This process results in a securities settlement facility accepting, mitigating or avoiding risks consistent with its operational reliability objectives. A securities settlement facility's governance arrangements are pertinent to its operational risk management framework (see also SSF Standard 2 on governance). In particular, a securities settlement facility's board should explicitly define the roles and responsibilities for addressing operational risk and endorse the securities settlement facility's operational risk management framework.

14.2.2 To ensure the proper functioning of its risk controls, a securities settlement facility should have sound internal controls. For example, a securities settlement facility should have adequate management processes for setting operational standards, measuring and reviewing performance, and correcting deficiencies. A securities settlement facility may draw on international, national and industry level standards, guidelines or recommendations in designing its operational risk management framework. Conformity with commercial standards can help a securities settlement facility meet its operational objectives. For example, commercial standards exist for information security, business continuity and project management. A securities settlement facility should regularly assess the need to integrate the applicable commercial standards into its operational risk management framework. In addition, a securities settlement facility should seek to comply with relevant commercial standards in a manner commensurate with the securities settlement facility's importance and level of interconnectedness.

14.2.3 A securities settlement facility's arrangements with participants, operational policies and operational procedures should be periodically, and whenever necessary, tested and reviewed, especially after significant changes occur to the system or a major incident occurs. In order to minimise any effects of the testing on operations, tests should be carried out in a ‘testing environment’. This testing environment should, to the extent possible, replicate the production environment (including the implemented security provisions, in particular, those regarding data confidentiality). Additionally, key elements of a securities settlement facility's operational risk management framework should be audited periodically and whenever necessary. In addition to periodic internal audits, external independent reviews may be necessary, depending on the securities settlement facility's importance and level of interconnectedness. Consistent with the evolving nature of operational risk management, a securities settlement facility's operational objectives should be periodically reviewed to incorporate new technological and business developments.

14.2.4 A securities settlement facility's operational risk management framework should include formal change management and project management processes to mitigate operational risk arising from modifications to operations, policies, procedures and controls. Change management processes should provide mechanisms for preparing, approving, tracking, testing and implementing all changes to the system. Project management processes, in the form of policies and procedures, should mitigate the risk of any inadvertent effects on a securities settlement facility's current or future activities due to an upgrade, expansion or alteration to its service offerings, especially for major projects. In particular, these policies and procedures should guide the management, documentation, governance, communication and testing of projects, regardless of whether projects are outsourced or executed internally.

14.3 A securities settlement facility should have clearly defined operational reliability objectives and should have policies in place that are designed to achieve those objectives. These policies include, but are not limited to, having: exacting targets for system availability; scalable capacity adequate to handle increasing stress volumes; and comprehensive physical and information security policies that address all potential vulnerabilities and threats.

Operational reliability

14.3.1 A securities settlement facility should have clearly defined operational reliability objectives and should have policies in place that are designed to achieve those objectives. These objectives serve as benchmarks for a securities settlement facility to evaluate its effectiveness and evaluate its performance against expectations. These objectives should be designed to promote confidence among the securities settlement facility's participants. Operational reliability objectives should include the securities settlement facility's operational performance objectives and committed service level targets. Operational performance objectives and service level targets should define both qualitative and quantitative measures of operational performance and should explicitly state the performance standards the securities settlement facility is intending to meet. The securities settlement facility should monitor and assess regularly whether the system is meeting its established objectives and service level targets. The system's performance should be reported regularly to senior management, relevant board committees, participants, the Reserve Bank and other relevant authorities. In addition, a securities settlement facility's operational objectives should be periodically reviewed to incorporate new technological and business developments.

System availability

14.3.2 A securities settlement facility should set explicit and exacting benchmarks for the availability of key systems, commensurate with the criticality of the services it provides. Measures of system availability should be reported regularly to senior management, relevant board committees, participants, the Reserve Bank and other relevant authorities. A securities settlement facility should have procedures to investigate a failure to meet system availability benchmarks, including external review where appropriate, and should implement any recommended changes to operations on a timely basis.

Operational capacity

14.3.3 A securities settlement facility should ensure that it has scalable capacity adequate to handle increasing stress volumes and to achieve its service level objectives, such as the required processing speed. Capacity management requires that the securities settlement facility monitor, review and test (including stress test) the actual capacity and performance of the system on an ongoing basis. The securities settlement facility should carefully forecast demand and make appropriate plans to adapt to any plausible change in the volume of business or technical requirements. These plans should be based on a sound, comprehensive methodology so that the required service levels and performance can be achieved and maintained. As part of its capacity planning, a securities settlement facility should determine a required level of redundant capacity, taking into account the securities settlement facility's level of importance and interconnectedness, so that if an operational outage occurs, the system is able to resume operations and process all remaining transactions before the end of the day (see SSF Standard 14.7).

Physical and information security

14.3.4 A securities settlement facility should have comprehensive physical and information security policies that address all potential vulnerabilities and threats. In particular, a securities settlement facility should have policies effective in assessing and mitigating vulnerabilities in its physical sites from attacks, intrusions and natural disasters. A securities settlement facility also should have sound and robust information security policies, standards, practices and controls to ensure an appropriate level of confidence and trust in the securities settlement facility by all stakeholders. These policies, standards, practices and controls should include the identification, assessment, mitigation and management of current and potential future security threats and vulnerabilities for the purpose of implementing appropriate safeguards into its systems. These safeguards should both defend against the intrusion of external threats and limit the vulnerability of systems to threats that breach perimeter safeguards. System security should be subject to regular review and testing, and systems should be periodically updated as appropriate. Data should be protected from loss and leakage, unauthorised access and other processing risks, such as negligence, fraud, poor administration and inadequate recordkeeping. A securities settlement facility's information security objectives and policies should conform to commercially reasonable standards for confidentiality, integrity, authentication, authorisation, non-repudiation, availability and auditability (or accountability).

14.4 A securities settlement facility should ensure that it can reliably access and utilise well-trained and competent personnel, as well as technical and other resources. These arrangements should be designed to ensure that all key systems are operated securely and reliably in all circumstances, including where a related body becomes subject to external administration.

Access to resources

14.4.1 Because the proper performance of a securities settlement facility's employees is a core aspect of any operational risk management framework, a securities settlement facility should be able to access and utilise sufficient well-qualified personnel. A securities settlement facility's personnel should be able to operate the system safely and consistently follow operational and risk management procedures during normal and abnormal circumstances. A securities settlement facility should implement appropriate human resources policies to hire, train and retain qualified personnel, thereby mitigating the effects of high rates of personnel turnover or key person risk. Additionally, a securities settlement facility should have appropriate human resources and risk management policies to address fraud prevention. Where appropriate, a securities settlement facility should also have reliable access to technical expertise and other resources external to the securities settlement facility as necessary to ensure the security and reliability of key systems.

Resources shared with a related body

14.4.2 In some cases a securities settlement facility may utilise personnel and other resources that are employed or owned by a related body. Agreements between a securities settlement facility and any related bodies governing such arrangements should ensure, to the extent permissible by law, that the securities settlement facility can continue to access key resources in all circumstances, including in the event of the related body's insolvency or external administration.

14.5 A securities settlement facility should identify, monitor and manage the risks that key participants, other FMIs and service and utility providers might pose to its operations. A securities settlement facility should inform the Reserve Bank of any critical dependencies on utilities or service providers. In addition, a securities settlement facility should identify, monitor and manage the risks its operations might pose to its participants and other FMIs. Where a securities settlement facility operates in multiple jurisdictions, managing these risks may require it to provide adequate operational support to participants during the market hours of each relevant jurisdiction.

14.5.1 A securities settlement facility is connected directly and indirectly to its participants, other FMIs, and its service and utility providers. Accordingly, the securities settlement facility should identify both direct and indirect effects on its ability to process and settle transactions in the normal course of business and manage risks that would stem from the external operational failure of a connected entity. Such effects may include those transmitted through its participants, which may participate in multiple FMIs. Likewise, a securities settlement facility should identify, monitor and manage the risks it poses to its participants and that it faces from and poses to other FMIs (see SSF Standard 17 on FMI links). To the extent possible, a securities settlement facility should coordinate business continuity arrangements with interdependent FMIs. A securities settlement facility also should consider the risks associated with its service and utility providers and the operational effect on the securities settlement facility if service or utility provider failed to perform as expected. A securities settlement facility should provide reliable service, not only for the benefit of its direct participants, but also for all entities that would be affected by its ability to process transactions.

Dependencies on service providers

14.5.2 A securities settlement facility should have a formal policy that sets out the process for entering into, maintaining and exiting key outsourcing or service provision arrangements. Before an outsourcing or service provision arrangement is established, senior management should identify the business, operational and other risks involved and ensure that these risks can be adequately monitored and controlled by the facility, and that the Reserve Bank and other relevant authorities are able to access sufficient information and effectively perform crisis management actions (see SSF Standards 14.9, 14.10 and 14.11). The board should approve the establishment of any outsourcing or service provision arrangement for a key business activity and be informed on a regular basis of the performance of the service provider.

14.5.3 A securities settlement facility that outsources operations to or is otherwise dependent on critical service providers should also disclose the nature and scope of this dependency to its participants. In addition to these service providers (such as financial messaging providers), a securities settlement facility is also typically dependent on the adequate functioning of utilities (such as power and telecommunication companies). As a result, a securities settlement facility should identify the risks from its critical service providers and utilities and take appropriate actions to manage these dependencies through appropriate contractual and organisational arrangements. A securities settlement facility should inform the Reserve Bank of any critical dependencies on utilities or service providers and ensure that both it and the Reserve Bank are able to access sufficient information on the performance of these utilities or service providers. To that end, the securities settlement facility may contractually provide for direct contacts between the critical service provider and the Reserve Bank, or contractually ensure that the Reserve Bank is able to obtain specific reports from the critical service provider. Alternatively, the securities settlement facility may provide the Reserve Bank with relevant information that it receives from the critical service provider.

14.5.4 A securities settlement facility's contractual arrangements with critical service providers should also ensure that the securities settlement facility's approval is mandatory before a critical service provider can itself outsource material elements of the service provided to the securities settlement facility, and that in the event of such an arrangement, full access to necessary information is preserved. Clear lines of communication should be established between the dependent securities settlement facility and the critical service provider to facilitate the flow of information between parties in both ordinary and exceptional circumstances (see SSF Standard 14.9). Additional controls may be required where outsourcing or service provision arrangements involve critical functions of the securities settlement facility or where relevant to crisis management (see SSF Standards 14.10 and 14.11).

14.5.5 Where a securities settlement facility operates in multiple jurisdictions, managing the risks that it poses to its participants may require it to provide adequate operational support to participants during the market hours of each relevant jurisdiction. In particular, where it has material Australian-based participation, the securities settlement facility should provide an appropriate degree of operational support to its Australian-based participants during Australian market hours. The degree of operational support should be sufficient to allow participants to resolve operational issues on a timely basis during Australian market hours (or within a reasonable extension of these hours, where necessary).

14.6 A participant of a securities settlement facility should have complementary operational and business continuity arrangements that are appropriate to the nature and size of the business undertaken by that participant. The securities settlement facility's rules and procedures should clearly specify operational requirements for participants.

14.6.1 To manage the operational risks associated with its participants, a securities settlement facility should establish minimum operational requirements for its participants (see also SSF Standard 15 on access and participation requirements). A securities settlement facility should define operational and business continuity requirements for participants in accordance with the participant's role and importance to the system, taking into consideration the nature and scale of the business undertaken by each participant. These requirements should complement the securities settlement facility's own operational and business continuity arrangements. Rules and procedures should clearly and fairly specify the requirements of participants in this regard. In some cases, a securities settlement facility may wish to identify critical participants based on consideration of transaction volumes and values, services provided to the securities settlement facility and other interdependent systems and, more generally, the potential impact on other participants and the system as a whole in the event of a significant operational problem. Critical participants may need to meet some of the same operational risk management requirements as the securities settlement facility itself. A securities settlement facility should have clear and transparent criteria, methodologies or standards for critical participants to ensure that their operational risks are managed appropriately.

Business continuity arrangements

14.7 A securities settlement facility should have a business continuity plan that addresses events posing a significant risk of disrupting operations, including events that could cause a wide-scale or major disruption. The plan should incorporate the use of a secondary site and should be designed to ensure that critical information technology systems can resume operations within two hours following disruptive events. Business continuity arrangements should provide appropriate redundancy of critical systems and appropriate mitigants for data loss. The business continuity plan should be designed to enable the securities settlement facility to complete settlement by the end of the day of the disruption, even in case of extreme circumstances. The securities settlement facility should regularly test these arrangements.

Business continuity management

14.7.1 Business continuity management is a key component of a securities settlement facility's operational risk management framework. A business continuity plan should have clearly stated objectives and should include policies and procedures that allow for the rapid recovery and timely resumption of critical operations following a disruption to a service, including in the event of a wide-scale or major disruption. A securities settlement facility should explicitly assign responsibility for business continuity planning and devote adequate resources to this planning. The plan should identify and address events that pose a significant risk of disrupting operations, including events that could cause a wide-scale or major disruption, and should focus on the impact on the operation of critical infrastructures and services. A securities settlement facility's business continuity plan should ensure that the securities settlement facility can continue to meet agreed upon service levels in such events. Both internal and external threats should be considered in the business continuity plan, and the impact of each threat should be identified and assessed. In addition to reactive measures, a securities settlement facility's business continuity plan may need to include measures that prevent disruptions of critical operations. All aspects of the business continuity plan should be clearly and fully documented and details of relevant procedures made available to participants.

14.7.2 The objectives of a securities settlement facility's business continuity plan should include the system's recovery time and recovery point. A securities settlement facility should aim to be able to resume operations within two hours following disruptive events; however, backup systems ideally should commence processing immediately. This may imply maintenance of dual redundancy for critical systems at its primary site. The plan should be designed to enable the securities settlement facility to complete settlement by the end of the day even in case of extreme circumstances. Systems, including backup and data recovery procedures, should be designed to resume operations with a high degree of confidence that data will not be lost. This should include regular, and ideally real-time, replication of data across primary and secondary sites, and robust and timely procedures to recover data and transactions submitted in the interval between the last data replication and successful failover to a secondary site. Should data loss nevertheless occur, contingency plans for securities settlement facilities should ensure that the status of all transactions at the time of the disruption can be identified with certainty in a timely manner.

14.7.3 A securities settlement facility should set up a secondary site with sufficient resources, capabilities, and functionalities and appropriate staffing arrangements that would not be affected by a wide-scale disruption and would allow the secondary site to take over operations if needed.[38] The secondary site should provide the level of critical services necessary to perform the functions consistent with the recovery time objective and should be located at a sufficient geographical distance from the primary site that it has a distinct risk profile.[39] Depending on the securities settlement facility's importance and level of interconnectedness, the need for a third site could be considered, in particular to provide sufficient confidence that the securities settlement facility's business continuity objectives will be met in all scenarios. A securities settlement facility should also consider alternative arrangements (for example, manual paper-based procedures) to allow for the processing of time-critical transactions in extreme circumstances. Both primary and secondary (and any additional) sites should have sufficient capacity to process volumes that are at least double projected stress volumes. This redundant capacity should be sufficient to ensure that each site is able to operate continuously and independently even in extreme circumstances.

14.7.4 A securities settlement facility's business continuity plan should also include clearly defined procedures for crisis and event management. The plan, for example, should address the need for rapid deployment of a multiskilled crisis and event management team as well as procedures to consult and inform participants, interdependent FMIs, the Reserve Bank and other relevant authorities, and others (such as service providers and, where relevant, the media) on a timely basis. Communication with the Reserve Bank and other relevant authorities is critical in case of a major disruption to a securities settlement facility's operations or wider market distress that affects the securities settlement facility, particularly where data held by the securities settlement facility may be critical for crisis management. Depending on the nature of the problem, communication channels with local civil authorities (for physical attacks or natural disasters) or computer experts (for software malfunctions or cyber-attacks) may also need to be activated. If a securities settlement facility has global importance or critical linkages to one or more interdependent FMIs, it should set up, test and review appropriate cross-system or cross-border crisis management arrangements.

14.7.5 A securities settlement facility's business continuity plan and its associated arrangements should be subject to periodic review and testing. Tests should address various scenarios that simulate wide-scale disasters and inter-site switchovers. A securities settlement facility's employees should be thoroughly trained to execute the business continuity plan and participants, critical service providers and linked FMIs should be regularly involved in the testing and be provided with a general summary of the testing results. The degree of participant involvement in the testing should be appropriate to the nature and size of the business undertaken by individual participants (see SSF Standard 14.8). The securities settlement facility should also consider the need to participate in industry-wide tests. A securities settlement facility should make appropriate adjustments to its business continuity plans and associated arrangements based on the results of the testing exercises.

Incident management

14.7.6 A securities settlement facility should have comprehensive and well-documented procedures in place to record, report, analyse and resolve all operational incidents. After every significant disruption, a securities settlement facility should undertake a ‘post-incident’ review to identify the causes and any required improvement to the normal operations or business continuity arrangements. Such reviews should, where relevant, include the securities settlement facility's participants. The details of the incident and conclusions of the review should be provided to the Reserve Bank on a timely basis (see SSF Standard 19.1(h)).

14.8 A securities settlement facility should consider making contingency testing compulsory for the largest participants to ensure they are operationally reliable and have in place tested contingency arrangements to deal with a range of operational stress scenarios that may include impaired access to the securities settlement facility.

14.8.1 An operational disruption to the largest participants of a securities settlement facility may pose significant risks to the securities settlement facility's own operational performance, either directly or through interdependencies with other participants or FMIs. A securities settlement facility should therefore consider requiring its largest participants to perform contingency tests for their own operations with a particular focus on reliability of access to the securities settlement facility, and to participate in the securities settlement facility's own contingency testing. Where interdependencies between the securities settlement facility and its largest participants are significant, there will be a strong case for these participants to be involved in the securities settlement facility's contingency tests. Large participants' contingency tests should address the operational reliability of the participants and should cover a range of stress scenarios, including impaired access to the securities settlement facility.

Outsourcing and other dependencies

14.9 A securities settlement facility that relies upon, outsources some of its operations to, or has other dependencies with a related body, another FMI or a third-party service provider (for example, data processing and information systems management) should ensure that those operations meet the resilience, security and operational performance requirements of these SSF Standards and equivalent requirements of any other jurisdictions in which it operates.

14.9.1 A securities settlement facility that relies upon, outsources some of its operations to, or has other dependencies with a related body, another FMI or a third-party service provider (for example, data processing and information systems management) should ensure that those operations meet relevant resilience, security and operational requirements of the SSF Standards and equivalent requirements of any other jurisdiction in which it operates. Requirements placed on such service providers should be proportional to the nature of the services that they provide. Further, even when systems and processes are outsourced or provided externally, the securities settlement facility remains responsible for those systems and processes. The securities settlement facility should have robust arrangements for the selection and substitution of such providers, timely access to all necessary information, and appropriate controls and monitoring tools (see SSF Standard 14.5).

14.9.2 Where a securities settlement facility outsources or is otherwise dependent on a provider of a critical function – a function that is integral to the safe and effective provision of its core services as a securities settlement facility – a greater degree of scrutiny of arrangements may be appropriate. In scrutinising service providers in accordance with this Standard, a securities settlement facility that outsources or relies upon external providers of critical functions should, consistent with the expectations set out in Annex F to the Principles, ensure that each provider of these critical services:

  • identifies and manages relevant operational and financial risks to its critical services and ensures that its risk management processes are effective
  • implements and maintains appropriate policies and procedures, and devotes sufficient resources to ensure the confidentiality and integrity of information and the availability of its critical services in order to fulfil the terms of its relationship with the securities settlement facility
  • implements appropriate policies and procedures to ensure that its critical services are available, reliable and resilient. Its business continuity management and disaster recovery plans should therefore support the timely resumption of its critical services in the event of an outage so that the service provided fulfils the terms of its agreement with the securities settlement facility
  • has in place robust methods to plan for the entire lifecycle of the use of its technologies and the selection of technological standards
  • provides users, including the securities settlement facility and, where appropriate, its participants, with sufficient information to enable them to understand clearly their roles and responsibilities in managing risks related to their use of a critical service provider.

Where a critical service provider is a regulated entity, it may be more likely to achieve these criteria. However, the securities settlement facility must still form its own judgement as to whether the criteria have been met. The securities settlement facility should inform the Reserve Bank of the arrangements it has in place to ensure that critical service providers meet these requirements (see SSF Standard 14.10).

14.10 All of a securities settlement facility's outsourcing or critical service provision arrangements should provide rights of access to the Reserve Bank to obtain sufficient information regarding the service provider's operation of any critical functions provided. A securities settlement facility should consult with the Reserve Bank prior to entering into an outsourcing or service provision arrangement for critical functions.

14.10.1 All of a securities settlement facility's outsourcing or critical service provision arrangements should incorporate contractual rights of access for the Reserve Bank allowing the Reserve Bank to seek information directly from the service provider in order to assess its operational performance and reliability with regard to any critical functions provided (see SSF Standard 14.5). Notwithstanding any assessment that the Reserve Bank may make regarding such service providers, a securities settlement facility should independently monitor the adherence of outsourcing or critical service providers to the resilience, security and operational performance requirements of the SSF Standards and other relevant standards (see SSF Standard 14.9).

14.10.2 Prior to entering into an outsourcing or service provision arrangement for a critical function, a securities settlement facility should consult with the Reserve Bank (see also SSF Standard 19 on regulatory reporting). As part of this consultation process, the securities settlement facility should provide the Reserve Bank with details of the arrangement, including provisions that satisfy the requirements of SSF Standards such as 14.5, 14.9, 14.10 and 14.11, and any other provisions necessary to comply with the operational requirements under the SSF Standards.

14.11 A securities settlement facility should organise its operations, including any outsourcing or critical service provision arrangements, in such a way as to ensure continuity of service in a crisis and to facilitate effective crisis management actions by the Reserve Bank or other relevant authorities. These arrangements should be commensurate with the nature and scale of the securities settlement facility's operations.

14.11.1 A securities settlement facility should ensure that its operations, including any outsourcing or critical service provision arrangements, are organised in such a way that it is able to provide continuous and reliable service in a crisis, and that the Reserve Bank or other relevant authorities are able to take effective action to manage or resolve a crisis. A securities settlement facility may need to consider contractual arrangements with outsourcing providers or other service providers that contain explicit provisions safeguarding continuity of service in crisis scenarios, including financial distress to the securities settlement facility.

14.11.2 A systemically important securities settlement facility should have robust arrangements to ensure continuity of service and facilitate effective crisis management actions by the Reserve Bank or other relevant authorities. In assessing the systemic importance of a securities settlement facility, the Reserve Bank will consider factors such as:

  • the size of the securities settlement facility in Australia (for example, the value of transactions processed by the securities settlement facility in Australian dollar-denominated products, or its market share)
  • the availability of substitutes for the securities settlement facility's services in Australia
  • the nature and complexity of the products settled by the securities settlement facility
  • the degree of interconnectedness with other parts of the Australian financial system.

14.11.3 A systemically important securities settlement facility that also has a strong connection to the Australian real economy and financial system should also organise its operations so as to facilitate resolution actions taken by the Reserve Bank or other relevant authorities. This may require that the securities settlement facility directly operate critical functions or, for outsourced or externally provided functions and to the extent supported by law, provide for contractual rights of access to any appointed statutory manager in a resolution scenario. These rights of access would need to survive termination of the outsourcing or service provision agreement. In determining whether a systemically important securities settlement facility has a strong connection to the Australian real economy and financial system, the following factors are likely to be relevant:

  • whether the securities settlement facility offers services in a domestic or international market
  • the mix of domestic and international participants in the securities settlement facility
  • the potential for disruption to the securities settlement facility to affect the real economy
  • whether the market serviced by the securities settlement facility is retail or wholesale
  • whether the securities settlement facility settles a domestic securities market
  • links that the securities settlement facility has with other Australian FMIs.

Footnotes

A single point of failure is any point in a system, whether a service, activity or process, which, if it failed to work correctly, would lead to the failure of the entire system. [37]

A particular site may be primary for certain functions and secondary for others. It is not intended that a securities settlement facility would be required to have numerous separate secondary sites for each of its essential functions. [38]

A securities settlement facility should conduct a comparative risk analysis of the secondary site. The secondary site should in principle not be affected by an event that affects the primary site, with the exception of some very specific threats, such as a coordinated attack. Each site should have robust resilience based on the duplication of software and hardware, and the technology in place to replicate data between the various sites should be consistent with the chosen recovery point objectives. [39]