This section of the disclosure framework is intended to provide a description of the risk management systems employed by the SSS. Sound risk management encompasses a number of aspects, including assessment of risks and senior management and Board of Directors input into the risk management process, particularly with respect to the review of new products and services by the SSS. Internal and external audits as well as supervisory oversight can also play a vital role in ensuring that the risk management approach is sound and implemented with integrity.
A range of different risks can arise in conjunction with the different services that SSSs may provide. For example, in the course of providing settlement services, the SSS may become exposed to credit, custody or liquidity risks if it either explicitly or implicitly extends funds credit or lends securities to participants. In the provision of custody services, the SSS may take on credit risk if it extends funds to or on behalf of third parties. A variety of risk management approaches to these risks are possible, including in particular the use of collateral or limits on risk exposures. The questions also address several other provisions or tools that may be helpful to SSSs in managing or containing the different risks that they face, but are not meant to exhaust all the possible approaches that SSSs may employ.
A. Please describe the roles and responsibilities of those areas of the SSS responsible for risk management and control.
- Please describe the process for the internal review of risk management policies and procedures.
- Is there a risk management policy that addresses the review and approval of new products and services offered by the SSS? At what level of the organisation is risk management approval given for a new product or service?
- Does the SSS have a risk management function with clear independence from and authority over operational or marketing functions?
- Does the Board of Directors review risk management policies and procedures? Does the Board have a risk management or audit committee?
B. Please describe any internal or external audits or supervisory/regulatory examinations that are performed with respect to the SSS. For each such audit or examination, please address the following questions.
- Who performs the audit or examination?
- What is the scope of the audit or examination?
- Please indicate whether and how it addresses the sufficiency of and compliance with internal controls.
- Please indicate whether and how it addresses the SSS's compliance with its own rules and procedures.
- What is the frequency of the audit or examination?
- Are audit or examination reports available for review by participants?
C. Please discuss whether the SSS has the capacity to value (i.e. mark to market) the securities that it holds.
- Please describe how these valuations are used by risk control systems at the SSS.
- How frequently are securities revalued?
- What are the sources for security valuations?
- What outside price or data sources are used?
- If pricing models are used, please describe how the models are chosen and how the model inputs are obtained.
D. Please discuss whether the SSS has a lien on the securities held in or transferred through it.
- Does the lien apply only to the securities owned by the participants themselves or does it extend to the securities beneficially owned by customers of participants?
- Under what circumstances and in what manner would such a lien allow the SSS to use the securities?
E. Please discuss the circumstances in which the SSS requires collateral to limit or mitigate risks.
- Does the SSS manage its own collateral system?
- Does the SSS share a collateral system with another SSS or payment system?
- Can collateral at the SSS be posted and returned on the same day?
- What types of transaction at the SSS involve the use of collateral?
- What are the policies with regard to the type of collateral used or haircuts required?
- How are collateral valuation methodologies developed and reviewed?
- To what extent are collateral policies described in the written rules and procedures of the SSS?
F. Please describe the SSS's use of limits on exposures to monitor or control risks.
- Please explain the types of limit used and the exposures to which they apply.
- Do the limits apply to all participants and/or to other SSSs with which the SSS is linked? What are the exceptions to the limits?
- Do limits apply to participants individually or in the aggregate or both?
- Do limits apply to implicit as well as explicit extensions of credit or securities (e.g. when on-deliveries of securities are permitted pursuant to provisional but not final delivery of securities)?
- Does the SSS automatically reject transactions that exceed limits or is compliance determined ex post?
- How are limit policies developed and reviewed?
- To what extent are limit policies described in the written rules and procedures of the SSS? Where does additional authority to set or amend limit policies reside?
G. Please describe other controls to mitigate or reduce risks at the SSS.
- Does the SSS or its participants have the capacity to monitor participants' accounts continuously during processing?
- Is there a special risk control regime that the SSS would apply to a participant known to be experiencing financial difficulties?
- Does the SSS maintain or administer loss-sharing arrangements other than those applicable to events of default and addressed in Section VI above? Are these loss-sharing pools pre-funded by participants?