Risk Library
   Documents by Author
     Committees at the Bank for International...
       Disclosure Framework For Securities Sett...
         
         IX. Operational risks
         










 

Disclosure Framework For Securities Settlement Systems

IX. Operational risks

Operational failures at the SSS could limit participants' ability to access their assets held at the SSS and prevent them from honouring their commitments to others, with potential spillover effects on other payments, clearance, and settlement systems. Furthermore, prolonged problems could reduce or eliminate trading activity with respect to the affected securities, with substantial consequences for market participants.

It is good practice to mitigate operational risks through redundancy and the maintenance of strong internal controls over the operations of the SSS. In the event of an unavoidable problem or natural disaster, the SSS should also have in place a well-rehearsed plan for business continuity that addresses all the business functions and resources that the SSS would need to renew operations.

A. Please provide assessments of the operational reliability of the computer and other systems used by the SSS, including any criteria that the SSS uses internally for this purpose.

  1. What is the percentage uptime of the systems used by the SSS?

    1. Whole system overall?
    2. Broken down by major components? (e.g. communications network, central processing facility)
    3. During critical processing periods?

  2. Has the SSS experienced major operational problems during the past two years?

    1. Have settlements been delayed, been disrupted or otherwise failed because of operational problems during this period?
    2. Please describe the nature of any such problems.

B. Please describe contingency or disaster recovery planning at the SSS.

  1. Does the SSS have a formal plan for business continuity in place?
  2. Is this plan available for review by participants?
  3. How often is this plan tested? Does this involve participants in the SSS?
  4. What are the major elements of the business continuity plan?
  5. How long would it take the SSS to resume operations if primary systems become unusable?

C. What are the key features of the internal controls covering operations and security at the SSS (e.g. change controls or those covering remote access)?

  1. Please describe controls or security procedures in place to ensure that the SSS acts only on authentic settlement instructions from valid participants.
  2. Are internal operational and security controls included in the internal and/or external audits of the SSS?
  3. Are internal operational and security controls covered by regulatory requirements applicable to the SSS?

D. Does the SSS impose minimum operational or performance standards on third parties (e.g. communications providers)?

  1. How does the SSS ensure that such standards are met on a continuing basis and what sanctions are available to the SSS if they are not?
  2. How would the SSS allocate losses incurred due to operational problems caused by third parties?

Contact us * Risk Library * Documents by Author * Committees at the Bank for International Settlement (BIS) * Disclosure Framework For Securities Settlement Systems