Assessment of ASX Clearing and Settlement Facilities Appendix C2. Financial Stability Standards for Securities Settlement Facilities

Standard 3: Framework for the comprehensive management of risks

A securities settlement facility should have a sound risk management framework for comprehensively managing legal, credit, liquidity, operational and other risks.

ASX Settlement Austraclear
Observed Observed

3.1 A securities settlement facility should have risk management policies, procedures and systems that enable it to identify, measure, monitor and manage the range of risks that arise in or are borne by the securities settlement facility. This risk management framework should be subject to periodic review.

Identification of risk

ASX's high-level framework for risk management is described in its Enterprise Risk Management Policy. Specific risks are identified and assessed on how likely it is the risk event will occur within the next 12 months and the potential impact. Reputational and participant impacts are considered along with the financial, operational and regulatory impacts of risks.

Comprehensive risk policies, procedures and controls

ASX's Enterprise Risk Management Policy has been developed with reference to the international standard ISO 31000 Risk Management – Principles and Guidelines (see SSF Standard 2.6).[10] At a high level, the ASX Enterprise Risk Management Policy outlines: the overall risk environment in the ASX Group; the objectives of risk management policies; the process by which risks are identified and assessed; the controls in place to detect and mitigate risks; and how risks are monitored and communicated. ASX's stated tolerance for financial, operational, legal and regulatory risks is ‘very low’.

ASX uses key risk indicators to measure levels of risk in the organisation and categorise risk levels according to a scale: satisfactory; within risk tolerance but requiring action to further control the level of risk; or exceeding ASX's risk tolerance.

The Enterprise Risk Management Policy also sets out how specific risk responsibilities across the ASX Group, including to the ASX Limited Board of Directors, the Audit and Risk Committee, the ERMC, the General Manager, Enterprise Risk and managers of individual functions are assigned. Managers of relevant functions are responsible for identifying and monitoring risks relevant to their function's activities, as well as for designing and implementing risk management policies and controls to manage identified risks. Management assesses the appropriateness and operational effectiveness of these controls twice a year; these assessments are reviewed by the ERMC.

ASX has a formal Settlement Risk Policy Framework that is aligned with the structure of the FSS. The framework sets out a comprehensive set of settlement-related risk policies to support the risk management approach of ASX's SSFs. These policies govern more detailed internal standards, which in turn govern specific procedures for the management of settlement-related risks. The structure of policies, standards and procedures reflects the requirements of the FSS.

A number of boards and internal committees oversee settlement risk management policy, including:

  • The CS Boards. Each CS facility has a board (see SSF Standard 2.3 and ‘ASX Group Structure’ in Appendix B.1), which shares members with the other ASX CS facilities, has oversight of the Settlement Risk Policy Framework, and is responsible for any significant amendments. Policies and designated key standards under the framework are governed by the CS Boards.
  • SRPC. SRPC reviews and approves clearing risk policies and standards prior to submission to the CS Boards. The SRPC is chaired by the COO and includes the ASX Group Legal Counsel, General Manager of Post Trade and Issuer Services Operations, the General Manager of Participants Compliance and the Executive General Manager of Derivatives and OTC Markets. It will meet as needed when settlement risk policy matters arise.
  • CSORC. CSORC is chaired by the COO and is made up of senior managers and executives from the settlement operations and compliance areas of ASX. The committee acts as an information-sharing and discussion body for the purpose of enhancing ASX's ability to identify, assess and reduce systemic, operational or compliance risk, and manage settlement risk. The CSORC currently meets on a monthly basis.
  • PIRC. PIRC is responsible for coordinating ASX's response to a settlement participant incident, and provides input into policy determinations and settings as necessary in response to such incidents. The PIRC is chaired by the executive general manager, Operations, and is made up of senior staff from the operational, risk management, compliance and legal functions. Meetings of PIRC are convened as required to address an actual or potential participant incident.

Information and control systems

Since ASX Settlement and Austraclear do not assume credit or liquidity risk as principal (see SSF Standards 4 and 6), they do not require information and control systems to monitor these risks.

ASX Settlement nevertheless employs information systems that provide participants with information regarding their money and securities settlement obligations. This information assists participants in managing their funding and delivery obligations and risks (see SSF Standard 6.2). By contrast, Austraclear's use of DvP Model 1 settlement avoids the creation of credit exposures during the settlement process and limits the direct liquidity impact of a participant default on non-defaulting participants (see SSF Standard 10.2). Accordingly, there are no relevant participant settlement and funding flows for Austraclear to measure and monitor (see SSF Standard 6.2).

Internal controls

ASX's documented risk management policies and standards specify requirements for periodic formal reviews, although more frequent reviews may occur depending on changes to technology, business drivers or legal requirements. Reviews are conducted by specific working groups and committees as required. The ERMC approves enterprise-wide policies and standards. Under the Enterprise Risk Management Policy, ASX updates its risk profile every six months at a functional level, identifying relevant risks and setting out planned actions to respond to those risks.

Risk management arrangements are also subject to periodic review by Internal Audit. Such audits provide assurance that the risk management framework continues to be effective. Risk management arrangements may also be subject to review by external experts from time to time.

The Enterprise Risk Management Policy is reviewed by the Audit and Risk Committee on a two-year cycle, with the most recent review taking place in February 2016.

3.2 A securities settlement facility should ensure that financial and other obligations imposed on participants under its risk management framework are proportional to the scale and nature of individual participants' activities.

ASX Settlement and Austraclear do not place financial obligations on their participants under their respective risk management frameworks. The ASX SSFs are not participants or guarantors to any transaction submitted for settlement through them and are not directly exposed to credit or liquidity risk. ASX Settlement's DvP Model 3 settlement process and Austraclear's DvP Model 1 settlement process do not expose participants to settlement risk (see SSF Standard 10.2). At ASX Settlement, fees levied on participants that fail to meet their securities delivery obligations are proportional to the value of the failed obligations. At Austraclear, transactions that are not settled successfully on the day that they are submitted are removed from the settlement queue at close of business without penalty. Operational and other participation requirements placed on participants are discussed under SSF Standards 14.6 and 15.2.

3.3 A securities settlement facility should provide incentives to participants and, where relevant, their customers to manage and contain the risks they pose to the securities settlement facility.

ASX Settlement and Austraclear may apply sanctions to, or place additional requirements on, participants that fail to comply with their Operating Rules or Regulations. Participants may ultimately be required to seek alternative settlement arrangements.

3.4 A securities settlement facility should regularly review the material risks it bears from and poses to other entities (such as other FMIs, money settlement agents, liquidity providers and service providers) as a result of interdependencies, and develop appropriate risk management tools to address these risks.

The ASX SSFs review the material risks that they bear from and pose to other entities in the context of their ongoing review of enterprise risks (such as the six-monthly update of risk profiles; see SSF Standard 3.1), and their processes for identifying risks associated with new activities. In the case of new products and services, ASX undertakes risk assessments when undertaking an expansion of its activities or in the event of material changes to its business. Risk assessments are built into ASX's project management framework (see SSF Standards 12.1 and 14.4).

Interdependencies of ASX Settlement with ASX Clear for the settlement of novated transactions are managed within the context of ASX Group's broader risk management framework (see SSF Standard 17).

Interdependencies of Austraclear with ASX Clear and ASX Clear (Futures) for the settlement of margin and other payment obligations are managed within the context of ASX Group's broader risk management framework (see SSF Standard 17).

3.5 A securities settlement facility should identify scenarios that may potentially prevent it from being able to provide its critical operations and services as a going concern and assess the effectiveness of a full range of options for recovery or orderly wind-down. A securities settlement facility should prepare appropriate plans for its recovery or orderly wind-down based on the results of that assessment. Where applicable, a securities settlement facility should also provide relevant authorities with the information needed for purposes of resolution planning.

ASX Clear and ASX Clear (Futures) have established a recovery plan which identifies scenarios that could threaten the ASX SSFs ongoing provision of critical services, describes events that would trigger the activation of the recovery plan, and sets out how ASX would respond to such scenarios. It also describes the suite of tools available to the SSFs in recovery and details the governance arrangements both for the use of these tools and for review of the recovery planning framework. ASX has integrated the testing and review of the recovery plan into its broader framework for testing and review of risk and default management policies and processes.

Footnote

ISO is an international standard-setting body and ISO 31000 is considered to be relevant guidance for enterprise risk management. The ISO 31000 standard has been reproduced by Standards Australia and Standards New Zealand as AS/NZS 31000. [10]