Assessment of ASX Clearing and Settlement Facilities 4. Special Topics – Governance and Risk Management Framework

4.1 Governance

4.1.1 Introduction

Governance is essential to an entity's compliance and resilience. Failures in risk management or compliance generally involve a weakness of governance. Such failures indicate that some aspect of the responsibility for operating an entity has not been assigned or fulfilled. The importance of governance is reflected in the FSS, where CCP Standard 2/SSF Standard 2 is devoted to governance.

Governance establishes the processes through which an entity sets its objectives, determines the means for achieving those objectives, assigns responsibility and accountability for implementing objectives and monitors performance. Governance forms the framework which determines the respective rights and responsibilities of an entity's owner, board of directors, management and relevant stakeholders. In the case of a CS facility, relevant stakeholders include participants and their customers, regulators, interdependent FMIs and the broader market.

The ASX Group operates on a day-to-day basis as a single group rather than as a collection of individual entities. The ASX CS facilities have no employees, premises or IT resources. These are provided by ASX Operations, a wholly owned subsidiary of ASX Limited, in accordance with an agreement known as the Group Support Agreement, which has been entered into by the various ASX group entities. The Group Support Agreement requires that each of the CS facilities is provided with ‘adequate personnel and non-financial facilities’ to perform its services and legal obligations.

There are clear benefits to both the ASX Group and the CS facilities arising from this group-wide approach to governance and operations. The ASX Group avoids the need to replicate central functions such as people management, finance and risk management. The group and the CS facilities also benefit from flexibility in resourcing. In times of need, an ASX CS facility can potentially draw on greater resources, including financial and human resources, than may be available to an individual facility operating independently.

Risks may nevertheless arise when CS facilities form part of a group structure and these risks have ramifications for financial stability. Chief among these is the risk that the business, operations and obligations of the CS facilities do not receive sufficient attention in decisions about the day-to-day operation of the broader group. Another concern is that conflicts of interest arising between specific entities with the group (including the CS facilities) are not appropriately identified and managed.

Accordingly, an important issue for ASX is the appropriate balance between the benefits and risks of a group-wide operational structure. This issue is a central theme of this Assessment of the governance of the ASX CS facilities.

4.1.2 Scope and approach

FSS requirements

The key FSS requirements on governance are set out in CCP Standard 2 and SSF Standard 2. These requirements cover 8 main areas which are summarised below.

Table 5: Summary of FSS Requirements Relating to Governance
Areas Standards Key Requirements
Strategy and objectives

CCP Standard 2.1

SSF Standard 2.1

A CS facility should have objectives that:

  • place a high priority on the safety of the facility and
  • explicitly support the stability of the financial system and other relevant public interest considerations.
Roles, responsibilities and accountabilities

CCP Standards 2.3, 2.5

SSF Standards 2.3, 2.5

The roles and responsibilities of a facility's board of directors (or equivalent) should be clearly specified.

The roles and responsibilities of management should be clearly specified. A facility's management should have the appropriate experience, mix of skills and integrity necessary to effectively discharge its responsibilities for the operation and risk management of the facility.

Compensation arrangements should be structured in such a way as to promote the soundness and effectiveness of risk management.

Governance documentation

CCP Standards 2.2, 2.3, 2.6

SSF Standards 2.2, 2.3, 2.6

A CS facility should have:

  • documented governance arrangements that provide clear and direct lines of responsibility and accountability
  • documented procedures for the functioning of its board of directors, including procedures to identify, address and manage member conflicts of interest
  • a clear, documented risk management framework that includes the facility's risk tolerance policy, assigns responsibilities and accountability for risk decisions, and addresses decision-making in crises and emergencies.
Corporate group structure

CCP Standard 2.9

SSF Standard 2.9

A CS facility that is part of a group of companies should ensure that measures are in place such that decisions taken in accordance with its obligations as a CS facility cannot be compromised by the group structure or by board members also being members of the board of other entities in the same group. In particular, such a CS facility should consider specific procedures for preventing and managing conflicts of interest, including with respect to intragroup outsourcing arrangements.
Risk management

CCP Standards 2.5, 2.6

SSF Standard 2.5, 2.6

Governance arrangements should ensure that risk management and internal control functions have sufficient authority, independence, resources and access to the board, including through the maintenance of a separate and independent internal audit function.
Audit and assurance

CCP Standard 2.7

SSF Standard 2.7

A CS facility's operations, risk management processes, internal control mechanisms and accounts should be subject to internal audit and, where appropriate, periodic external independent expert review. Internal audits should be performed, at a minimum, on an annual basis. The outcome of internal audits and external reviews should be notified to the Reserve Bank and other relevant authorities.
Board policies and processes

CCP Standard 2.3, 2,4

SSF Standard 2.3, 2.4

The board should regularly review both its overall performance and the performance of its individual board members.

The board should comprise suitable members with the appropriate skills and incentives to fulfil its multiple roles.

Stakeholder engagement

CCP Standard 2.8

SSF Standard 2.8

Governance arrangements should ensure that the facility's design, rules, overall strategy and major decisions reflect appropriately the legitimate interests of its direct and indirect participants and other relevant stakeholders.

Governance arrangements should provide for consultation and stakeholder engagement through appropriate forums on operational arrangements, risk controls and default management rules and procedures.

Major decisions should be clearly disclosed to relevant stakeholders and, where there is a broad market impact, the public

Methodology and benchmarking

The review of the governance of the CS facilities involved a document review and interviews of ASX Group directors and executives. The interviews were conducted with the assistance of an external adviser engaged by the Bank.

The governance of the CS facilities was assessed against CCP Standard 2/SSF Standard 2. The Bank also consulted other relevant governance benchmarks and recent reports on the governance of financial institutions and listed entities. These include:

  • APRA: ‘Prudential inquiry into the Commonwealth Bank of Australia’ April 2018
  • APRA Prudential Standard HPG 510: ‘Governance’ July 2019
  • ASIC Corporate Governance Taskforce: ‘Director and officer oversight of non-financial risk report’, October 2019
  • ASX Corporate Governance Council: ‘Corporate governance principles and recommendations’ 4th edition, February 2019.

4.1.3 Governance of the ASX group

The four ASX CS facilities form part of the ASX group of companies. They are controlled by ASX Limited through two holding companies as set out in Figure 1.

Figure 1
Figure 1: ASX Group Structure as Relevant to the CS facilities

As corporate entities, the CS facilities are required to have their own boards. Many directors of the CS facilities' boards (CS Boards) are also directors of the parent company ASX Limited. There are three directors who sit on the CS Boards but not on the ASX Limited Board (referred to in this Assessment as the non-ASX Limited directors).

There are currently three ASX Limited Board committees: the Audit and Risk Committee (ARC), the Remuneration Committee and the Nomination Committee. These committees also undertake activities on behalf of the CS facilities, although the CS Boards are responsible (among other things) for the operational risk of the CS facilities.

The ASX Limited and CS Boards meet 10 times a year. The ARC meets quarterly. All directors of ASX Limited routinely attend the ARC regardless of whether they are members. The non-ASX Limited directors do not attend the ARC but receive a subset of ARC papers including anything directly or indirectly relevant to the CS Facilities. They also receive a paper on relevant items, which is presented to the meeting by the ARC Chair.

On the board meeting day, the ASX Limited Board meets in the morning. The non-ASX Limited directors do not attend this meeting. The ‘concurrent board meeting’ is held in the afternoon of the board meeting day. This is a concurrent meeting of the boards of ASX Limited, each of the four CS Facilities and the two intermediate holding companies (referred to collectively as the ‘ASX Boards’). It is chaired in rotation by the Chair of ASX Clear and ASX Settlement, and the Chair of ASX Clear (Futures). Prior to the board meeting day, these Chairs meet with relevant executives and the Company Secretariat to shape the agenda and issues for the meeting.

Membership of the Board and Board Committees as at 30 June 2021 is set out in Table 6 below:[21]

Table 6: Membership of Boards and Committees[22]
Director Appointed to board/s ASX Clear/ Settlement ASX Clear (Futures) Austraclear ASX Limited ARC Remuneration Nomination
Yasmin Allen 2015      
Melinda Conrad 2016        
Carolyn Colley 2020        
Dr Ken Henry 2013      
Stephen Knight 2019[23] Chair        
Peter Marriot 2009 Chair    
Peter Nash 2019          
Heather Ridout 2012         Chair
Damian Roche 2014   Chair Chair Chair
Dominic Stevens (CEO) 2013[24]      
Adrian Todd 2019        
Rob Woods 2015[25] Chair      

4.1.4 CS Facilities' strategy and objectives

CCP Standard 2.1/SSF Standard 2.1

Corporate strategy and the setting of corporate objectives are among the functions conducted on a group-wide basis at ASX. There is a group-wide vision: ‘to be the world's most respected marketplace’. ASX's strategy and the yearly goals to execute the strategy are also determined on a group-wide basis. The yearly goals are subject to monitoring and form the basis of the assessment of ASX staff performance and of ASX Group performance. This is reported in the Remuneration Report included in ASX's Annual Report. The yearly goals are therefore the subject of practical accountability within ASX.

The yearly goals include goals that are of central relevance to the CS Facilities. However, they do not include specific reference to the safety of the CS Facilities. Nor do they explicitly support the stability of the financial system.

The first paragraph of the CCP Standard 2/SSF Standard 2 on Governance requires CS Facilities to have objectives which place a high priority on the safety of the CS facility and ‘explicitly support the stability of the financial system and other relevant public interest considerations’. This reflects the importance of ensuring that safety, financial stability and the public interest are firmly embedded in the organisational culture and decision making of a CS facility. Where a CS facility forms part of a corporate group, goals and objectives that emphasise safety, financial stability and the public interest have an additional function. They assist in ensuring that the business, obligations and systemic importance of the CS facilities are given due attention in the course of group-wide decision making. This is a significant aspect of ensuring that an appropriate balance is struck between the risks and benefits of operating CS facilities within a corporate group.

ASX recently amended its Clearing and Settlement Boards Charter to include the references to safety and financial stability which are required under CCP Standard 2.1/SSF Standard 2.1. The CS Boards Charter is an important part of the ASX governance framework. However, it does not have the same level of prominence and influence on organisational culture as the ASX Vision, strategy and yearly goals. Adherence to the CS Boards Charter, for instance, is not a basis for performance assessment or annual reporting. The Charter is not the subject of practical accountability. It does not articulate broader objectives for the CS facilities.

Safety, financial stability and the public interest should form part of a statement of the strategy and objectives of the CS facilities. Objectives, strategies and goals for the CS facilities can sit alongside or complement the current, group-wide framework.

In order for obligations of financial stability to have a practical effect on operations and decision making, the obligations must be well understood within the organisation. ASX should ensure that it formulates a clear articulation of financial stability and the way in which the ASX CS facilities operate to safeguard it. For example, the Bank has described a ‘stable’ financial system as one in which financial intermediaries, markets and market infrastructure facilitate the smooth flow of funds between savers and investors. This helps promote growth in economic activity. From this perspective, the safeguarding of financial stability can be seen to be a forward-looking task. A resilient financial system is also one in which there are well developed crisis management arrangements for handling distressed financial institutions. This should be managed in a way that ensures that public confidence in the financial system will not be undermined.[26]

Governance Recommendation 1: The objectives, strategies and goals for each CS facility should be documented and communicated within the ASX group. The objectives should explicitly place a high priority on the safety of the facility and explicitly support the stability of the financial system and other relevant public interest considerations. This should include a statement on how ‘financial stability’ can be practically understood by decision makers within the CS facilities. It should also set out the strategies that have been adopted to safeguard system stability. CS Board processes should include a system for monitoring progress against the strategy and objectives.

4.1.5 Roles, responsibilities and accountabilities

CCP Standards 2.2, 2.3, 2.5, 2.6 and 2.7/SSF Standards 2.2, 2.3, 2.5, 2.6 and 2.7

Clear roles and responsibilities with accompanying accountability are essential to good governance. A critical aspect of this is a clear understanding of the differing roles of the board and executive of an entity. Although these roles should be clear, they may not always be static. For instance, it is appropriate for a board to intensify its oversight at times of high risk.

The evidence that the Bank has considered demonstrates that the ASX has appropriate demarcation between the roles of the ASX Boards and the executive. The Bank was told that the ASX Boards have intensified their supervision in recent times. The Bank understands that this occurred following the re-setting of the go-live date for the CHESS replacement program and the operational issues which occurred in 2020. It is appropriate that such events would trigger a temporary increase in the intensity of board supervision.

In the context of a group structure such as that of ASX, it is important that the roles and responsibilities of the boards within the group are clear. Where a CS facility is part of a corporate group, some roles and responsibilities of the board may be carried out on a group-wide basis. For instance, some roles and responsibilities may be carried out by the board of the CS facility's parent company. This enables the corporate group to achieve reasonable efficiencies. However, the CS facility must be able to demonstrate that any such alternative governance arrangements are effective. The arrangements must uphold the CS facility's capacity to meet its regulatory and other obligations. Furthermore, the arrangements must not compromise or subordinate the CS facility's interests to the interests of the group.

The ASX Limited Board Charter, the CS Boards Charter and the charters for the various board committees within the ASX group provide some information and guidance on the respective roles of the various boards and board committees. However, the CS facilities would benefit from greater clarity on the functions which the ASX Limited Board undertakes on behalf of the CS facilities. This would enhance the effectiveness of these arrangements.

The internal corporate structure of the ASX group is also group-wide. The operating model of the ASX corporate structure is currently undergoing change. The changes are intended to organise ASX's business into four clearly defined business lines. In each of these business lines, a single executive reporting to the CEO is responsible for the end to end business and system development. One of the goals of the new operating model is to facilitate accountability and delivery.

The changes are being implemented in multiple phases. The Bank understands that the implementation of these changes is expected to be complete by October 2021.

CCP Standard 2.2/SSF Standard 2.2 requires that an FMI should have ‘documented governance arrangements that provide clear and direct lines of responsibility and accountability’. The ASX CS facilities did not have such documented arrangements in place as at the assessment date of 30 June 2021. However, the Bank acknowledges the challenges in having up-to-date documented governance arrangements in place on a continuous basis during the reorganisation of a complex entity.

More significantly, the ASX CS facilities did not have such documented governance arrangements in place before ASX commenced its move to the new operating model.

Furthermore, to the extent that ASX's previous governance arrangements were documented, it is not clear that the documented arrangements were reflected in ASX group practice. For instance, paragraph 10 of the CS Boards Charter delegates the management of the CS facilities to the Managing Director and CEO of ASX Limited. However, in interviews, directors and executives did not provide consistent answers on whom they considered to be responsible to the CS Boards for the operation of the CS facilities under the previous organisational structure; they did not appear to consider that this responsibility lay with the Managing Director and CEO.

Good governance practice also requires that responsibility is aligned to appropriate accountability. Paragraph 6 of the CS Boards Charter provides that the CS Facility Boards will provide input to the ASX Remuneration Committee on the performance and remuneration arrangements of the Chief Risk Officer and Chief Operations Officer. It also provides that the CS Facility Boards may, in their discretion, provide inputs to the Remuneration Committee on the remuneration arrangements and performance of other ASX executives regarding matters relevant to the CS facilities. The CS Boards have not historically had input into the performance or remuneration of the Managing Director and CEO of ASX Limited but this was changed in June 2021. This recent change brings the accountability framework into greater alignment with the documented framework for responsibility.

Ultimately, the lines of responsibility for operating the CS businesses must be clearly documented. The documented lines of responsibility, the practical reality and the accountability framework should be consistent and clearly understood. This is a fundamental requirement of the FSS and is consistent with domestic and international trends towards a stronger emphasis on executive accountability.

The CS Boards are made up of non-executive directors, many of whom are also directors of ASX Limited. In such circumstances, it is important that there are clear and well understood lines of responsibility for the operation of the CS facilities. Effective oversight by the CS Boards would be facilitated if the CS facilities were each led by a single executive rather than two or more executives separately reporting to the CS Boards for any CS facility. The Managing Director and CEO is ultimately responsible for leading the parent company and the broader ASX Group. He or she has many responsibilities in addition to the day-to-day operations of each of the CS facilities. He or she may also be affected by intragroup conflicts of interest (discussed further below). Clearer and more direct lines of accountability will be facilitated if a single executive, referred to in this Assessment as the ‘CS Lead Executive’ was responsible to the board of a CS facility for the operation of that facility. This executive could also be a ‘voice’ for the interests, business and obligation of the CS facility within the broader group.

In order to ensure an undiluted and non-conflicted focus on the interests of the CS facilities, a CS Lead Executive should not also be the CEO and Managing Director of ASX Limited. The CS Lead Executive should have a clear line of accountability to the relevant CS Board. He or she may also report to the CEO and Managing Director of ASX Limited. The CEO and Managing Director of ASX Limited should be accountable for ensuring that the CS Lead Executive has access to sufficient resources for the operation of the CS business.

A CS Lead Executive may hold that role for more than one of the CS facilities and may also have responsibilities for other parts of the ASX Group. However, if this is to occur, careful consideration should be given to any conflicts of interest that might arise and these conflicts should be appropriately managed. These include potential conflicts that may arise between the CS facilities, and between one or more CS facility and the interests of the wider group. Consideration must also be given to ensuring that appropriate attention can be devoted to the business and obligations of each CS facility including in a time of market stress or crisis.

Internal audit is a group-wide function at ASX. ASX's internal auditor has a team of six full time staff. Some internal audits are conducted by the internal audit team while others are outsourced to external providers. This is a reasonable approach as some ASX audits relate to technology projects such as CHESS Replacement. Audits of this nature require a range of specialist technical expertise.

Evidence gathered during the Bank's review indicated that there was some resistance within ASX to internal audit exercises. The ASX Group Boards and executive should ensure this does not continue. The FSS on Governance emphasises the importance of a strong audit function. CCP Standard 2.7/SSF Standard 2.7 state that a CS Facility's ‘operations, risk management processes, internal control mechanisms and accounts should be subject to internal audit and, where appropriate, periodic external independent expert review.’

Paragraph 6.1 of ASX's Internal Audit Charter states: ‘The General Manager, Internal Audit who is the Chief Audit Executive reports to the Chairman of the Audit & Risk Committee and for administrative purposes to the Chief Risk Officer (CRO). The General Manager, Internal Audit also has direct access to the Clearing & Settlement boards.’ It is appropriate that the General Manager, Internal Audit should report to the Chair of the ARC and have direct access to the CS Boards. While the Bank notes that the General Manager, Internal Audit reports to the Chief Risk Officer for administrative purposes only, this is not best practice as the internal audit function has responsibility for evaluating risk management and the risk management framework. The respective roles of risk management and internal audit are discussed in more detail in section 4.2.2 below. The administrative reporting line for the General Manager, Internal Audit should instead be to the Managing Director and CEO of ASX Limited.

Governance Recommendation 2: ASX should introduce clearer lines of responsibility and accountability for each CS facility as required by CCP Standard 2.2/SSF Standard 2.2. An appropriate way to do this would be to appoint one or more identifiable executives, the ‘CS Lead Executive/s’, accountable to the relevant CS Board for the operation of each of the CS facilities. The CS Lead Executive/s should also be accountable for the achievement of strategies and objectives determined by the relevant CS Board. The relevant CS Board should have input into both the performance assessment and remuneration of the CS Lead Executive/s.

Governance Recommendation 3: As soon as practicable in the circumstances of the current transition to ASX's new operating model, ASX should document governance arrangements that set out clear and direct lines of responsibility and accountability for each of the CS facilities' businesses as required by CPP Standard 2.2/SSF Standard 2.2. This can be done by way of an accountability map that contains the names of staff with senior executive responsibility for all or part of each CS facility's operations. The accountability map could contain details of the reporting lines and lines of responsibility for those senior executives. Such a map would demonstrate the lines of reporting from those senior executives through to a board or board committee within the ASX Group and specify the relevant board or board committee. Senior executives who could usefully be included on such an accountability map would include those with the following responsibilities:

  1. CEO and Managing director of the ASX Group
  2. the CS Lead Executive for each CS facility
  3. management of the CS Facility's financial resources
  4. overall risk control and overall risk management of the CS Facility
  5. management of the CS Facility's operations (i.e. Chief Operating Officer or equivalent)
  6. information management, including information technology systems for the CS Facility
  7. management of the CS Facility's internal audit function
  8. management of the CS Facility's compliance functions
  9. provision of legal advice to the board of the CS Facility
  10. management of the CS Facility's human resources functions.

Governance Recommendation 4: In accordance with CCP Standard 2.5/SSF Standard 2.5, ASX should clearly specify the roles and responsibilities of directors and of the senior executives referred to in Governance Recommendation 3. This can be done by creating, for each such person, an accountability statement containing details of:

  1. the part of the CS facility's business for which that person has senior executive responsibility
  2. the responsibilities of that person.

The accountability statement for the CEO and Managing Director should document his or her responsibility for ensuring that the CS Lead Executive has access to sufficient resources for the operation of the CS facility.

Governance Recommendation 5: ASX's performance and remuneration policies and frameworks should ensure that any failure by a person identified in Governance Recommendation 3 to appropriately discharge their responsibilities will be reflected in any variable remuneration payable to that person. This will promote the soundness and effectiveness of risk management of the CS facilities as required by CCP standard 2.5/SSF standard 2.5.

Governance Recommendation 6: The administrative reporting line for the General Manager, Internal Audit should be to the Managing Director and CEO of the ASX Group.

4.1.6 Oversight by the ASX Group Boards

CCP Standard 2.3, 2.4 and 2.9/SSF Standard 2.3, 2.4 and 2.9

In addition to operational concerns, the high profile technology and operational issues experienced by ASX during 2020 raise general issues of governance and specific issues about the boards' supervision of technology projects.

Many ASX directors and executives to whom the Bank spoke had clearly reflected carefully on these events and the lessons to be learned from them, including governance lessons. This is appropriate. It is clear from our interviews with directors that there were periods during 2019 and/or 2020 when the ASX Boards were not fully informed of the progress and status of the CHESS replacement program. It is important that the ASX Boards carefully consider any changes to their policies, processes and approach that may be required to avoid a similar scenario in future.

A culture of robust and respectful challenge is essential to effective board supervision. Directors must be prepared to provide this challenge and executives must respond constructively and with transparency. Interviewees told the Bank that such a culture has always existed on ASX Boards but that the level of challenge has increased following recent events. The Bank encourages the new ASX Limited Chair's efforts to prioritise a culture of robust and respectful challenge. This includes the recent introduction of private meetings of directors (without executives) as part of every meeting of the ASX Boards.

The Bank also supports efforts by the ASX Company Secretariat to standardise the form of reporting to the ASX Boards. Director feedback suggests that reports to the boards are sometimes too lengthy and contain excessive technical detail. Similar comments on ASX's reporting style have been made by external contractors engaged to provide assurance on governance of key ASX projects. The Bank has also observed this tendency in reports and updates it receives from ASX. Excessive technical detail makes it difficult to engage on the key issues in reports.

Role and stature of the CS Boards

Governance arrangements which may serve to diminish the role and stature of the CS Boards should be addressed. While the CS facilities are wholly owned subsidiaries, they are also CS facility licensees independently charged with specific public interest responsibilities for financial stability. Hence it is both inaccurate and inappropriate for the ASX ERMF and other governance documentation to state that the ASX Limited Board and the ARC ‘rely on the CS boards to review and provide oversight of risk management processes, internal controls and compliance systems relating to CS processes.’ Responsibility for the oversight of risk management relating to CS processes rests with the CS Boards in the first instance. It is the legal responsibility of the CS Boards. It is inappropriate for governance documentation to state that the ASX Limited Board and an ASX Limited Board committee ‘rely’ on the CS Boards to discharge a responsibility which is the legal obligation of the CS Boards. Such a statement could imply that the CS Boards might not discharge their responsibility in the absence of such ‘reliance’.

ASX should also take steps to ensure that appointments to the CS Boards are not, and are not seen to be, an opportunity to assess candidates for appointment to the ASX Limited Board. Statements made during interviews of directors suggested that this may be their perception. This may carry the risk that the actions of the CS directors are influenced, or seen to be influenced, by their prospects of eventual appointment to the Board of ASX Limited. This does not preclude a non-ASX Limited director from being appointed to the ASX Limited Board if they possess appropriate skills and experience.

A corporate board should comprise members with a range of relevant and complementary skills including skills and experience in the core business of the entity. Therefore the mix of skills and experience required by the CS Boards may differ from the ASX Limited Board. ASX should conduct a skills audit of the boards of each of the CS facilities, similar to the audit conducted and published every year for the ASX Limited Board. Such a process is a useful reminder and checklist of the skills required on the board of an FMI. It will also assist in emphasising the distinct role and nature of the CS Boards.

The CS Boards should also formally approve the application of any group-wide policies, procedures or governance documentation that affect the CS facilities. The CS Boards should note the manner in which the relevant policy, procedure or document applies to the CS facilities.

Governance Recommendation 7: ASX should conduct an annual skills audit of each CS Board in the same manner as the audit currently conducted for the ASX Limited Board.

Governance Recommendation 8: The CS Boards should formally approve the application of any group-wide policies, procedures or governance documentation to the CS facilities. Such policies should include a statement, approved by the CS Boards, as to the manner in which the relevant policy, procedure or document applies to the CS facilities.

The role of non-ASX Limited directors

A group of three directors sits on the boards of all four of the ASX CS facilities but not on the ASX Limited Board. These three directors represent half of the boards of ASX Clear and ASX Settlement and a meeting of these three directors will constitute a quorum of the boards of those entities. The balance of those boards is made up of directors who also sit on the ASX Limited Board. The three non-ASX Limited directors also sit on the boards of ASX Clear (Futures) and Austraclear. These boards have eight members. In both cases the other five members are members of the ASX Limited Board.

One role of the non ASX CS directors is to ensure that there are adequate arrangements for the handling of conflicts of interest that arise in the ASX Clear and ASX Settlement businesses. This conflict arises because ASX Clear and ASX Settlement provide clearing and settlement services to market operators who are competitors of ASX Limited. In its interviews with ASX directors and executives, the Bank observed that this conflict of interest was regularly acknowledged and well understood. Some CS directors nominated it as the sole reason for appointing non-ASX Limited directors. However, the appointment of non-ASX Limited directors pre-dates the introduction of competition in equity markets and the specific conflict of interest that has resulted from that.

Specific governance arrangements exist to manage this commercial conflict of interest affecting ASX Clear and ASX Settlement. Some aspects of these arrangements are reflected in the ASX Cash Equities Clearing and Settlement Code of Practice. The CS Boards Charter provides that at least half of the directors of ASX Clear and ASX Settlement must not be ASX Limited directors. This group of non-ASX Limited directors also forms a quorum of the boards of those entities. The Charter provides for meetings of the non-ASX Limited directors for the purpose of specified matters related to this conflict of interest. The Charter provides that the Chairs of ASX Clear and ASX Settlement may not be ASX Limited directors.

In the Bank's view, the management of this commercial conflict of interest affecting ASX Clear and ASX Settlement is not the only role of the non-ASX Limited directors. As discussed above, the Bank is recommending that a CS Lead Executive is appointed for each CS facility to be the ‘voice’ of the CS facility at the executive level within the ASX Group. Similarly, the non-ASX Limited directors play a critical role in providing that ‘voice’ at the level of the ASX Group Boards. This is another important factor in minimising the risks to the CS facilities from membership of a corporate group, while continuing to retain the benefits. It assists in ensuring that the businesses and obligations of the CS facilities receive sufficient attention within ASX. It is also critical to the management of intra-group conflicts of interest (discussed further below). The role of the non-ASX Limited directors is therefore vital to the governance of the CS facilities. This would be particularly the case for a CS facility if the CS Lead Executive performs other roles and functions within the ASX Group. In those circumstances, the non-ASX Limited directors are the only ASX officers with an undiluted duty to the business and obligations of the CS facilities.

The non-ASX Limited directors are the ‘voice’ of ASX Clear (Futures) and Austraclear as much as they are the voice of ASX Clear and ASX Settlement. Accordingly, the provisions in the CS Boards Charter about board membership, quora and the independence of the chair should also apply to the other CS facilities. This should occur notwithstanding that the ASX Cash Equities Clearing and Settlement Code of Practice does not apply to ASX Clear (Futures) and Austraclear. The ASX Cash Equities Clearing and Settlement Code of Practice was introduced to address the specific commercial conflicts of interest arising from competition in equity markets. This conflict is an example of the broader conflicts of interest that may arise in a corporate structure such as the ASX Group.

Care must be taken to ensure the non-ASX Limited directors are always kept fully informed of, and involved in, matters affecting the CS facilities. Considerable thought has clearly been given to this issue by the ASX Boards and Company Secretariat. The non-ASX Limited directors confirmed that they were generally satisfied with the information they received and their inclusion in discussions relevant to the CS facilities.

However, the Bank identified instances in which the non-ASX Limited directors have not been sufficiently included. The non-ASX Limited directors are generally not invited to meetings of the ARC, including meetings which discuss risks relevant to the CS facilities. Instead, they receive edited versions of relevant ARC papers and a board paper that reports on relevant ARC matters presented by the ARC Chair. This is inappropriate, particularly since the ARC is generally nominated as the principal board-level body overseeing the risks of the CHESS Replacement program.

A primary mechanism for ASX Internal Audit to report to the ASX Group Boards is through the ARC meetings, which are not attended by the non-ASX Ltd directors. As noted above, the concurrent board meeting receives an edited version of each internal audit report presented to the ARC. This report is sometimes presented to the concurrent board meeting by the CRO on behalf of the General Manager, Internal Audit. This practice prevents the non-ASX Ltd directors from engaging directly with the General Manager, Internal Audit on audit matters affecting the CS facilities. It is inappropriate for this report to be delivered by the CRO for the reasons set out in section 4.1.5 above. It is important that the full board of each CS facility has a direct relationship of active engagement with the senior executive responsible for managing the CS facilities' internal audit function. The senior executive responsible for managing the CS facilities' internal audit function should attend the concurrent board meetings to deliver the internal audit report.

Further, risk appetite has been determined at a group-wide level by the ASX Limited Board without the involvement of the non-ASX Limited directors. The non-ASX Limited directors are involved in the approval of related key risk indicators and CS operational risk tolerance, but not the overarching risk appetite. The non-ASX Limited directors should be involved in determining the risk appetite of the CS facilities.

Governance Recommendation 9: The application of the following arrangements for ASX Clear and ASX Settlement should be extended to ASX Clear (Futures) and Austraclear:

  1. the requirement that the boards shall comprise at least 50 per cent non-executive directors who are not also directors of ASX Limited and that the non-ASX Limited directors can also comprise a quorum
  2. the requirement that the Chair is not also an ASX Limited director
  3. provision for meetings of non-ASX Limited directors. These meetings should consider all potential conflicts of interest between the CS facilities and other ASX Group entities.

The composition and appointment of the Chairs of the boards of ASX Clear (Futures) and Austraclear should be changed accordingly.

Governance Recommendation 10: The non-ASX Limited directors should be represented in board-level discussions of the supervision of risks to the CS facilities. This includes involvement at any board or committee meeting which considers risks or the risk appetite of the CS facilities.

4.1.7 Supervision of technology projects

CCP Standards 2.2 and 2.6/SSF Standards 2.2 and 2.6

The ASX Trade Refresh project and CHESS Replacement program form part of an ambitious program by the ASX to update and upgrade its technology. Board oversight of such a program requires specific attributes including skills, experience, understanding and personal networks that are relevant to large technology project implementation.

The new Chair of ASX Limited is considering the establishment of a technology project implementation board committee. The committee may include members who are not ASX Group directors but have skills, experience, understanding and personal networks which can assist the ASX Boards in their supervision of technology projects. Such a committee would also assume some of the responsibilities currently undertaken by the ARC.

The Bank supports this initiative. Project implementation has proven to be a critical and ongoing risk for ASX. More intensive board oversight in this area is required. If such a committee is established, care must be taken to ensure that there is a clear and documented allocation of responsibilities between the ARC and the technology project implementation committee in the area of risks arising from technology projects. To the extent that the technology project implementation committee oversees projects relevant to the CS facilities (such as CHESS replacement), one or more of the non-ASX Limited directors should sit on the committee.

Skills and experience among members of the technology project implementation committee may also benefit the group in its management of cyber risk. Once again, the responsibility for supervising the management of this critical risk must be clearly allocated.

The establishment of such a committee does not of itself discharge the responsibility of all directors to develop and maintain their understanding of all aspects of the CS facilities' risks and businesses.

Governance Recommendation 11: ASX should continue to explore ways to provide its boards with access to skills, experience and networks relevant to large technology project implementation.

Governance Recommendation 12: The ASX Group Boards should strengthen their oversight of technology project implementation. To achieve this, ASX should proceed with its proposal to establish a board committee to monitor technology project implementation. The respective responsibilities of this committee and the ARC will need to be carefully defined.

4.1.8 Board policies and processes

CCP Standards 2.2 and 2.3/ SSF Standards 2.2 and 2.3

The director nomination process at ASX is conducted on a group-wide basis with a single nomination committee operating for all ASX Boards. In successive annual ASX Board feedback surveys, board recruitment has been identified as an area requiring improvement. Comments noted that the process would benefit from more structure and greater transparency. In contrast, the process of nominating the new ASX Limited Chair was conducted by a small sub-committee and appears to have been more structured and effective.

The new ASX Limited Chair has also assumed the chair of the Nomination Committee and has indicated that he is planning a more structured and collaborative approach to director recruitment and succession planning for ASX Group Boards. This is encouraged. Ideally, the procedure for nominating directors to ASX Group Boards should be documented to allow for greater transparency and understanding among the directors.

Lengthy director tenures pose risks to an organisation including a potential erosion of director independence and the loss of opportunities for fresh and innovative thinking. The ASX Corporate Governance Council recognises these risks. The Council has released its ‘Corporate Governance Principles and Recommendations’, which include a recommendation that the length of service of each director be disclosed. They also advise boards to regularly assess whether any director who has served in that position for more than 10 years may have ceased to be independent.

The ASX Boards have included a number of very longstanding members, two of whom retired in 2020-2021. This has resulted in a substantial loss of corporate memory and experience, notwithstanding the considerable skills and experience of the rest of the ASX Boards. A more structured program of board renewal should be adopted to better manage the risk of significant loss of corporate memory and avoid the risks posed by lengthy director tenure. Both the ASX Limited Board Charter and the CS Boards Charter state that the boards have not adopted a tenure policy. This should be re-considered. The ASX Group should progressively adopt a structured process of board refreshment culminating in a formal tenure policy.

Board education was described as ‘unstructured’ during our interviews of directors and executives. As acknowledged above, the members of the ASX Boards are skilled and experienced but ASX operates in a dynamic industry. Some aspects of ASX's business, including the CS businesses, are also highly technical. A more systematic approach to training and education of directors should be introduced. Particular emphasis should be placed upon ensuring that directors, including the CS directors, are supported in their supervision of the ASX technology program which includes the CHESS replacement program.

Performance management of the ASX Boards and individual directors could be improved. ASX directors complete an annual board feedback survey and every three years, this survey is conducted by an external consultant. Feedback from the survey is considered but there does not appear to be a system for making or monitoring changes as a result of the survey. Individual directors meet with the Chair on an annual basis, but there is no formal survey of feedback for individual directors. ASX should consider changes to introduce more structure and rigour to performance management of the boards and directors.

The meeting arrangements of the ASX Boards are complicated, which is a reflection of the complexity of the ASX Group and its obligations. There is no documented guidance for determining which matters are considered at which meeting; for instance, whether a specific issue should be considered by the ASX Limited Board or at the concurrent board meeting. The absence of structured guidance may have contributed to situations where the CS Boards were not appropriately consulted on issues relevant to the CS facilities. An example of this was the consideration of the ASX Group risk appetite (including the risk appetite on CS issues) by the ASX Limited Board only. ASX governance documentation should include guidance on which matters should be referred to which meeting.

Governance Recommendation 13: ASX Group should adopt:

  1. structured and documented processes for director recruitment and board renewal, ultimately including a tenure policy
  2. a more systematic approach to board education with an emphasis on supporting directors in the supervision of ASX's technology program
  3. systems for considering and implementing feedback arising from the annual board feedback survey
  4. more rigorous director performance management
  5. documented guidance as to the matters that should be referred to the various board meetings.

4.1.9 Board committees

As at 30 June 2021, ASX Limited had three board committees: the ARC, the Nomination Committee and the Remuneration Committee. The committees also discharge responsibilities for the CS facilities as provided in the CS Boards Charter. Many financial institutions have separated the ‘audit’ and ‘risk’ aspects of board committees. There is no support for such a move within ASX and this does not appear to be warranted in the context of the risk and activity profile of the ASX Group.

Recommendations are made elsewhere in this Assessment for the establishment of a technology project implementation committee and, potentially a stakeholder management committee.

4.1.10 Intragroup conflicts of interest

CCP Standard 2.9/SSF Standard 2.9

The commercial conflict of interest arising from the business of ASX Clear and ASX Settlement is discussed above. As noted above, this conflict of interest appears well recognised and understood by the ASX Group.

Additional conflicts of interest may arise as a result of the ASX Group structure. In circumstances where financial, human and other resources are shared within a group, or can be easily transferred between group entities, choices must be made. For example, the ASX Group entities have entered into the Group Support Agreement concerning the provision of human, financial and other resources to the CS facilities. When the Group Support Agreement is amended, there is potential for the interests and obligations of the CS facilities and the interests of other ASX Group entities to diverge. The interests of each CS facility will be best served (and their obligations most completely fulfilled) by obtaining the highest possible level of resourcing with the maximum level of certainty. The interests of other ASX entities (specifically ASX Operations) will be to maximise the flexibility of resources within the group. The other ASX entities may also have an interest in minimising disruption to group arrangements and this may also conflict with the interests and obligations of the CS facilities. In these circumstances, conflicts of interest or obligations may also arise between the CS facilities if resources are being allocated to them from a finite pool.

Such intragroup conflicts of interest are recorded on ASX's conflict of interest register as part of the implementation of ASX's conflict of interest framework. However, as a practical matter, these conflicts of interest do not appear to be well understood within the ASX Group. In interviews with ASX directors and executives, these conflicts were recognised but considered to be ‘technical’ or ‘theoretic’. The reason for this was a strong belief that the CS facilities are ‘the core’ of the ASX Group and that the ASX Group would never leave them under-resourced. Such conflicts of interest should nonetheless be appropriately managed.

The Group Support Agreement was amended in 2020 to transfer business, operational and investment risk capital to the CS facilities. This occurred as a result of concerns regarding the certainty of access to this capital in a crisis that were expressed by the Bank in its 2019 Assessment of the ASX CS facilities. The manner in which the Bank's concerns should be addressed was the subject of lengthy discussion between ASX and its regulators. During the course of these discussions, ASX did not take sufficient responsibility for identifying and managing the intragroup conflict of interest. In correspondence between the Bank and ASX, it was the Bank that identified the potential conflict. The boards of the CS facilities did not obtain independent legal advice on this issue. They were advised by staff in ASX's legal department. These staff are employed to provide legal services to the ASX Group and report to the General Counsel of the ASX Group. Accordingly, this would impede their ability to provide independent advice to the CS facilities in matters involving a potential intragroup conflict of interest.

Article 48 of ASX's revised CS Board Charter provides:

The CS Boards may, with their Chair's prior consent, seek independent professional advice (at the CS Boards' expense) that they consider necessary to fulfil their responsibilities.

The Bank was informed that the words ‘at the CS Boards' expense’ were included to prevent a perception that any professional advice would be subject to a conflict of interest if it were funded by ASX Limited. The Bank was further informed that, as a matter of practice, any such advice would be funded by ASX Operations since the CS facilities have no funds of their own. Nonetheless, the inclusion of the words ‘at the CS Boards' expense’ carries the risk of discouraging the CS directors from seeking genuinely independent advice. The fact that the CS entities have no funds of their own for the payment of operational expenses increases this risk. The description of the expense as one for the ‘CS Boards’ rather than the ‘CS entities’ might even be interpreted as requiring the directors to personally pay for any advice. The Bank acknowledges that this interpretation was not intended. The drafting of Article 48 should be revised.

ASX should ensure that the CS facilities, represented by the non-ASX Limited directors, have unqualified access to independent advice on legal questions and other relevant matters. To facilitate this, it may be of benefit to establish a small unit dedicated to supporting the CS Boards, including procuring external advice where appropriate. If such a unit were to be established, the leader of the unit should appear on each CS Facility's accountability map (Governance Recommendation 3) and an accountability statement (Governance Recommendation 4) should be completed for that person.

Much of the regulation of the CS facilities exists because of their importance for financial stability. Central to this is the management of the CS facilities in times of market volatility, disruption and crisis. It is times like these that will test the operation of the facilities, including the management of conflicts of interest. It is not sufficient to assume that the ASX Group will never be in a position where it might have difficulty resourcing the CS facilities. Clear policies and procedures are required to mitigate this risk.

Governance Recommendation 14: ASX should take steps to improve their identification and management of intragroup conflicts of interest. The non-ASX Limited directors should have unqualified access to independent legal advice and other expert advice on matters where the interests or obligations of a CS facility could potentially conflict with the interests of another entity in the ASX Group. To facilitate this, ASX should consider establishing a small unit of staff dedicated to supporting the CS Boards, including by providing assistance with obtaining external advice.

4.1.11 Stakeholder management

CCP Standard 2.8/SSF Standard 2.8

During the course of the Bank's review, many interviewees noted that ASX has been historically very insular. Considerable effort has been expended in recent years on increasing the ‘customer focus’ of ASX. In the case of the CS facilities, this needs to be expanded to incorporate the broader concept of ‘stakeholders’ in the FSS. Stakeholder management was an ongoing issue for the CHESS replacement program in the lead-up to the re-set of this program in 2020. The ASX Boards should continue their emphasis on stakeholder management, including holding more regular meetings with key stakeholders. This might be achieved through the establishment of a stakeholder committee of the board.

A critical first step in managing stakeholders is the development of a clear understanding as to whom these stakeholders are. ASX has already given consideration to this and produced a useful diagram in its ERMF. This work should be built upon to create a public Stakeholder Management Charter which identifies groups of stakeholders and articulates the ASX's approach to engaging with each group of stakeholders. Such a document should be published, at least for the CS facilities, but may also be published on a group-wide basis. If prepared on a group-wide basis, the document should clearly distinguish the stakeholders of the CS facilities.

Governance Recommendation 15: The ASX Boards should continue their emphasis on stakeholder management, potentially through the creation of a stakeholder committee. This should also include more regular meetings with key stakeholders.

Governance Recommendation 16: The CS facilities should publish a Stakeholder Management Charter, which identifies groups of stakeholders and articulates the ASX's approach to engaging with each group of stakeholders.

4.1.12 Board responsibility for oversight of CS facility compliance

Some aspects of regulation of the CS facilities are ‘principles-based’. In principles-based regulation, the regulations mandate a required ‘state’ but regulated entities are permitted to attain the required ‘state’ in a manner that is suited to their own businesses and circumstances. This provides the individual regulated entities with some flexibility. This benefit is accompanied by a responsibility on the part of the regulated entity to give proper consideration as to how the ‘state’ required in the regulations is to be achieved. As discussed during the interviews, in recent years there have been two instances of proposals that have been presented to the Bank which (in the Bank's view) were unlikely to effectively achieve a state of compliance. In both cases, the proposals were approved by ASX Boards before they were presented to the Bank.

When interviewees (directors and executives) were questioned about these matters, many appeared untroubled. Some directors commented that they did not see it is a significant issue because, as soon as they learned ‘what the Bank wanted’, they complied. This appears to misunderstand ASX's responsibility to come to its own understanding on compliance with regulatory obligations.

Furthermore, the executives who presented the initial proposals do not appear to have been questioned or challenged when it became apparent that their proposals would not achieve a state of compliance. In the Bank's view, the ASX Boards should take a more active role in ensuring that ASX fulfils its regulatory obligations and instilling a compliance culture within the ASX Group.

One way of regularly considering the state of ASX compliance would be for the CS Boards to require the CS Lead Executive to complete an annual self-assessment of compliance with the FSS. This will ensure ongoing attention to key aspects of the FSS including governance requirements relating to documentation and accountability.

Governance Recommendation 17: The CS Boards should require the CS Lead Executive(s) to complete an annual self-assessment of compliance with the FSS.

4.2 Review of ASX's framework for the comprehensive management of risk

Under CCP and SSF Standard 3, CS facilities are required to have a sound risk management framework for managing legal, credit, liquidity, operational and other risks. To achieve this, a CS facility is expected to take an integrated and comprehensive view of its risks, including the material risks the facility bears from, and poses to, its participants, its customers, and other entities. During the assessment period the Bank conducted a detailed review of ASX's risk management framework against CCP and SSF Standard 3.

4.2.1 Risk management frameworks

ASX's overarching approach to risk management is set out in its Enterprise Risk Management Framework (ERMF). The ERMF was developed with reference to the international standard for risk management (ISO 31000:2018) and approved by the ASX Ltd Board's Audit and Risk Committee (ARC). Within the structure of the ERMF there are two distinct risk management frameworks specific to the management of clearing and settlement risks, which have been approved by the CS Boards:

  • The Settlement Risk Policy Framework outlines the risk management approach for ASX Settlement and Austraclear, setting out a formal structure for the development, governance and review of relevant policy, standards and procedures. The framework, and the policies that sit within the framework, are subject to review every two years, unless an ad hoc review is deemed necessary.
  • The Clearing Risk Policy draws together ASX's clearing risk policies into a single policy document. This policy, read in conjunction with ASX's Clearing Risk Policy Roles and Responsibities document, sets out ASX's risk and control framework for the ASX CCPs. This framework includes policies, standards and procedures relevant to the management of counterparty credit, market and liquidity risk. Policies consolidated under this framework are reviewed every two years, unless there is a regulatory requirement for an annual review, or an annual review has been deemed more appropriate.

Framework review

The ERMF is reviewed every two years; the most recent version was approved in November 2019 and the next review is scheduled for completion in September this year. It is appropriate that the ERMF (and the clearing and settlement policy frameworks that sit within it) is subject to periodic review, as well as ad hoc review where there have been material changes.

It is the Bank's expectation that the ERMF, and the clearing and settlement policy frameworks outlined above, should be reviewed during the next assessment period to reflect changes resulting from revisions to the CS Boards Charter in March, the implementation of ASX's new organisational model (refer section 4.1), and the recommendations of this assessment. Consistent with the recommendations in section 4.1, the CS Boards should formally approve all three frameworks, including the ERMF. ASX should also take into account any lessons learned from operational incidents experienced during the assessment period and the replan of the CHESS Replacement program (see sections 2.1.2 and 3.3), in particular to consider whether:

  • any gaps in the ERMF contributed to the issues experienced
  • the ERMF worked as intended during those events
  • any changes are required to address or support recommendations from the IBM review of the ASX Trade outage and the EY reviews of the CHESS Replacement program.

The Bank will monitor how these material developments are reflected in the ERMF and other relevant risk management frameworks.

4.2.2 Roles and responsibilities

ASX's governance structure distributes responsibility for oversight of risk management between the ASX Board, the ARC, the CS Boards and ASX's executive-level Risk Committee:

  • ASX Limited Board. The Board has ultimate responsibility for ensuring that risk across the ASX Group is managed appropriately, including approving the Risk Appetite Statement and overseeing the effectiveness of the management processes in place for identifying and managing significant risks facing the ASX Group.
  • CS Boards. ASX's CS Boards are responsible for setting the operational risk tolerances for the CS facilities within the parameters of the Risk Appetite Statement set by the ASX Board. The CS Boards are responsible for approving the risk management framework for the CS licensees and overseeing the management of clearing and settlement risks by the CS facilities. This includes responsibility for oversight of compliance with the FSS.
  • ARC. The ARC is responsible for reviewing and overseeing the risk management processes, internal controls and compliance systems within the ASX Group, other than for matters covered by the CS Boards.
  • Risk Committee. Chaired by the CRO, the Risk Committee is responsible for ensuring the adequacy and appropriateness of the risk management frameworks, policies, processes and activities of the ASX Group.[27] The Risk Committee oversees the implementation of the ERMF, and is also charged with ensuring there is an adequate flow of information to the ARC and the CS Boards.

Three Lines Model

In implementing the ERMF, ASX employs a version of the standard three lines model. The model seeks to clarify responsibilities for risk management, oversight and assurance across the business.

The first line of responsibility for risk at ASX is assigned to operational business areas. Managers of relevant functions are responsible for identifying and monitoring risks relevant to their function's activities, and implementing controls to manage these risks. Management is required to assess the appropriateness and operational effectiveness of these controls twice a year.

Risk management and compliance functions reporting to the CRO are responsible for the second line role. The second line is responsible for overseeing and validating that business areas have appropriately identified, measured, and managed risk within ASX's risk appetite.

Internal Audit undertakes third line responsibilities – assessing ASX's risk management and internal control processes via an independent risk-based assurance programme. ASX's Internal Audit also engages external parties to conduct audits of internal controls from time to time.

4.2.3 Identifying and controlling risk

A key element of ERMF is the identification and assessment of risks and controls. All risks are considered through the prism of seven key risk categories.[28] The ERMF outlines the potential impact of each key risk category and ASX's risk tolerance for each, as determined by ASX's Risk Appetite Statement. ASX's stated tolerance for financial, operational, technology and counterparty risk is ‘very low’.

ASX uses key risk indicators (KRIs) to facilitate the assessment, monitoring and management of risk, and ensure risks are measured in a consistent manner against agreed tolerances. KRI tolerance thresholds are used across the organisation, with the aim of ensuring all functions operate within the agreed risk appetite. The broad thresholds against which risks are assessed are: low (no action required but the risk should be monitored), medium (within risk tolerance but attention recommended), and high (response and/or action required). Action plans are implemented as necessary to enhance controls to reduce the likelihood of occurrence (or recurrence) of a risk event or impact from such an event.

Information and control systems

To assist in identifying and managing risks, the ASX CS facilities employ information systems that are intended to provide timely and accurate information relevant to its risk policies, procedures and controls. This includes information on the CS facilities' risk exposures to individual participants, as well as aggregated information on ASX's risk exposures across the CCPs. Key information systems include those used in CCP margining and stress testing, with sufficient information made publicly available for participants to perform their own risk analytics (such as margin calculations).

As noted in Section 2.1.4, in 2019/20 ASX completed the build and rollout of a new Enterprise Risk, Internal Audit & Compliance Application. The new system allows ASX to capture, consolidate and analyse risk, compliance and audit data across dashboards and enhances its ability to achieve consistent reporting and management of enterprise risks. ASX also completed the build and rollout of its IT Service Management tool to support its management of incidents and problems. The tool acts as a single source of truth by providing an end-to-end view for a majority of its infrastructure assets and systems, and lessening the reliance on its subject matter experts.

4.2.4 Interdependencies

Risk management obligations on participants

CCP Standard 3.3 requires that a CCP provide incentives to participants and, where relevant, their customers, to manage and contain the risks they pose to the facility. CCP Standard 3.2 requires that financial and other obligations imposed on participants by the CCP are proportional to the scale and nature of individual participants' activities.

The ASX CCPs achieve this by the use of controls on participants' positions such as margin and contributions to the default fund in the case of ASX Clear (Futures).[29] These create an incentive for participants to manage the exposures that they bring to the CCP. Participants are also required to post additional collateral or increase their capital levels if they bring exposures that are large relative to the size of their capital.[30]

ASX actively monitors participant exposures and compliance with participation requirements. ASX can institute additional monitoring or action where necessary, such as requiring participants to manage down their exposures.

Risks from and to other entities

CCP and SSF Standard 3.4 requires that a CS facility regularly review the material risks it bears from, and poses to, other entities as a result of interdependencies, and to develop appropriate risk-management tools to address these risks. Other entities could include other FMIs, settlement banks, liquidity providers and service providers.

ASX has a number of processes that can be used to identify risks arising from these types of interdependencies:

  • risk assessments when undertaking an expansion of its activities or in the event of material changes to its business
  • consideration of critical service provider interdependencies as part of the periodic review of its recovery plan
  • mechanisms for measuring, monitoring and managing risks arising from the use of commercial settlement banks by SSF participants under its Settlement Infrastructure Policy
  • identification of risks associated with the SSFs' links to other FMIs under the FMI Links Policy
  • evaluation, via the annual review of its Liquidity Risk Policy and Liquidity Stress Testing Standard, of the extent to which the CCPs' use of settlement banks, SSFs, RITS, committed liquidity facilities and investment counterparties is a potential source of liquidity risk to ASX.

However, there are some potential gaps in these processes. For example, in relation to SSFs, the scope of the FMI Links Policy excludes consideration of links to payment systems, which means that there is no regular mechanism for the ASX SSFs to assess risks posed to or by RITS, such as through its link with Austraclear. Similarly, the FMI Links Policy does not consider indirect interdependencies with other FMIs, for example where international central securities depositories such as Euroclear hold Austraclear securities via local custodians.

In relation to CCPs, while ASX has processes in place to identify how other entities could potentially act as a source of liquidity risk for ASX Clear and ASX Clear (Futures), it does not currently conduct a systematic review of how these entities might bring other types of risks, such as operational risks, to the ASX CCPs. Nor does ASX have processes in place to evaluate how ASX CCPs might pose risk to other relevant entities.

Recommendation: ASX should establish a process to periodically conduct systematic assessments of the range of potential risks other entities may pose to its CS facilities and the risks ASX CS facilities could potentially pose to other entities.

4.2.5 Recovery and wind-down planning

CCP and SSF Standard 3.5 requires that CS facilities have processes to identify scenarios that may potentially prevent them from being able to provide their critical operations and services, and to assess the effectiveness of a full range of options for recovery or orderly wind-down.

ASX has a recovery plan in place identifying scenarios that could threaten the CS facilities' ongoing provision of critical services, and sets out how ASX would respond to such scenarios. It describes the suite of tools available in recovery and details the governance arrangements both for the use of these tools and for review of the recovery planning framework. This includes arrangements for the orderly wind down of the ASX CS facilities in certain extreme circumstances. These plans are reviewed annually.

Footnotes

Peter Marriot stepped down as Chair of the ARC on 18 August 2021 and has been replaced by Peter Nash. Mr Marriot remains a member of the ARC. [21]

Former ASX Limited Chair Rick Holliday-Smith retired effective 21 April 2021. Austraclear Chair Peter Warne also retired in April 2021. [22]

Appointed Chair 2020 [23]

Appointed CEO in 2016 [24]

Appointed to ASX Limited in 2020 [25]

About Financial Stability | RBA [26]

The CRO exercises delegated authority from the CEO to manage the framework associated with risk management of ASX and accordingly is the sole decision-maker on the Risk Committee. Other members of the Committee may provide recommendations to the CRO, to assist the CRO in discharging this responsibility. [27]

The key risk categories are: strategic, operational, technology, counterparty, financial (including capital and liquidity risk), regulatory and legal, and reputation. [28]

As ASX Settlement and Austraclear are not exposed to counterparty or liquidity risk, neither facility places financial obligations on their participants under their respective risk management frameworks. [29]

A participant of ASX Clear (Futures) that is a bank or, in certain circumstances, a subsidiary of a bank or bank holding company supervised in an ASX-approved jurisdiction, is exempt from this requirement. [30]