2015 Assessment of the Reserve Bank Information and Transfer System 3. Material Developments

This Section draws out the material developments relevant to RITS and its operating environment since the 2014 Assessment. While the Assessment period was the 12 months to the end of October 2015, material developments since then are also described. To the extent that these developments, and planned enhancements, have implications for RITS's observance of the Principles, these are noted. Over the Assessment period, there have been material developments that are relevant to the Principles concerning legal basis (Principle 1), operational risk (Principle 17), and credit risk and collateral (Principles 4 and 5). To complement this Section, background information on how RITS operates is set out in Appendix A. A detailed Assessment of how RITS meets the Principles is presented in Appendix B, which has been updated to reflect developments discussed in this Section.

There are a number of areas in which the application of the Principles necessarily differs for central bank-owned systems. In preparing the 2013 and 2014 Assessments, the Bank relied on its own judgement regarding how the Principles should be applied to RITS. In August 2015, CPMI and IOSCO published guidance on the application of the Principles to central bank FMIs (see Box A). The guidance is largely consistent with how the Bank applied the Principles, based on its own judgement, in previous Assessments. The current Assessment of RITS against the Principles has nevertheless been updated to reflect the detailed provisions in the new guidance (see Appendix B).

Box A: Application of the Principles to Central Bank FMIs

In August 2015, CPMI and IOSCO published guidance that clarifies how the Principles should be applied to an FMI that is owned and operated by a central bank.[a1] The guidance confirms that, in general, the Principles are applicable to FMIs operated by central banks, with the exception that the requirements:

  • to prepare recovery and orderly wind-down plans, and support resolution planning or intervention by a resolution authority, do not apply (Principle 3, Key Consideration 4)
  • to hold ring-fenced liquid net assets funded by equity to cover business risk and support a recovery or wind-down plan (Principle 15, Key Considerations 2 to 4), and to maintain a plan to raise additional equity (Principle 15, Key Consideration 5), do not apply.

Consequently, these Key Considerations are not included in the detailed assessment in Appendix B.

In addition, the guidance states that the requirements in the Principles around governance are not intended to constrain the composition of the central bank's governing body or that body's roles and responsibilities (Principle 2, Key Considerations 3 and 4). It also notes that, regardless of the form of any central bank involvement in FMIs, nothing in the Principles is intended to constrain central bank policies on: access to central bank accounts (Principle 18); credit provision (Principle 4); eligible collateral (Principle 5); the management of participant defaults (Principle 13); its investment strategy or the disclosure of that strategy (Principle 16); or implementation of monetary policy.

3.1 Activity and Participation

Around 70 per cent of the value of non-cash payments in Australia is settled on an RTGS basis in RITS (Table 3). RITS is also used to settle time-critical payments to other FMIs: Australian dollar pay-ins to CLS Bank International (CLS); margin payments to central counterparties (CCPs); and debt and equity settlement obligations in securities settlement systems. Furthermore, RITS is integral to the functioning of other payment systems, with the interbank obligations arising from non-cash retail payments also settled in RITS (see Section A.2 for further background on systems that are linked to RITS).

Since the previous Assessment, the average value of transactions settled in RITS has been stable (Graph 1). In the 12 months to the end of October 2015, RITS settled an average daily value of over $168 billion. Consistent with the long-term trend, volume continued to rise. Compared to the same period last year, volume grew by 5 per cent, with 45,000 transactions settled each day on average in the 12 months to the end October 2015. On the peak value day in that period, RITS settled around 49,000 RTGS transactions with a total value of $249 billion.

While RITS is primarily an RTGS system, it also facilitates the net settlement of interbank obligations arising from the equity market (through the Clearing House Electronic Sub-register System, CHESS, the equities settlement system operated by ASX Settlement), retail payment systems and the property settlement system (see Section A.2 for more information on these systems). The majority of the value of payments arising from these systems is from direct entry (DE) payments.

In November 2014, property settlement functionality was introduced in RITS to support Property Exchange Australia Ltd's (PEXA's) national electronic conveyancing system. Using this functionality, PEXA can submit for settlement linked property transactions as individual multilateral net batches.[4] The volume and value of property batches settling in RITS has grown quickly, albeit that they remain a small proportion of activity in RITS (Graph 2). This growth is expected to continue as take-up of PEXA's system across the property industry expands.

Under the Bank's Exchange Settlement Account (ESA) access policy, authorised deposit-taking institutions (ADIs) that account for over 0.25 per cent of the total value of RTGS transactions and systemically important CCPs are required to settle their Australian dollar obligations in RITS using their own ESAs (See Section A.5 for further details on access and participation in RITS). An ESA holder with a share of transactions of less than 0.25 per cent of the total value of RTGS transactions is permitted to use an agent to settle its transactions. The number of participants that settle their payments indirectly through an agent has increased by two to 30, which is around a third of RITS participants (Table 4). The value of outgoing RTGS payments settled by these participants, nevertheless, has remained very low, at below 1 per cent of total RTGS payments in the 12 months to end October 2015.

During the current Assessment period RITS has admitted one new participant: the international CCP, LCH.Clearnet Ltd.[5] During this period, two institutions also ceased to be participants. Activity in RITS remains highly concentrated among the major domestic banks and foreign banks, both in terms of number and value of RTGS payments.

Since RITS is an RTGS system, participants need access to substantial liquidity in order to settle payments individually. Liquidity can be sourced from participants' opening ESA balances and additional funds made available to participants by the Bank via its intraday liquidity facility (see Section A.4 for details). The aggregate of opening ESA balances is primarily determined by the Bank's open market operations and liquidity provided under open repos. Open repos were introduced in November 2013 to facilitate the settlement of same-day DE payments, as evening settlement obligations arising from the DE system are unknown before the close of the interbank cash market. As a result of the introduction of open repos average liquidity increased sharply, but since then it has remained relatively constant at around $24 billion (Graph 3, top panel).

System liquidity plays a role in the timely settlement of RTGS transactions. In general, settling payments earlier in the day is desirable as it limits the potential adverse consequences if a participant or RITS were to experience an operational issue late in the day. The ratio of system liquidity to the value of payments settled had been slowly increasing since around 2007, and then doubled as a consequence of the introduction of open repo (Graph 3, bottom panel). This is one factor that has contributed to the earlier settlement of payments in RITS. The average time of day when half of payments, by value, have settled has moved progressively earlier; from between 2.00 pm and 3.00 pm in the mid 2000s, to between around 12.15 pm and 1.15 pm in recent years (Graph 4).

3.2 Legal Basis

The RITS Regulations form the legal basis for all material aspects of RITS. The Bank seeks external legal advice on material amendments to the RITS Regulations and associated contractual agreements, including, where relevant, on the interaction of such amendments with Australian and New South Wales laws and regulations.

3.2.1 Revised RITS Regulations

While the RITS Regulations are comprehensive, changes to functionality and activity since the launch of RITS have added to their complexity. In light of this, the Bank is undertaking a major restructure and re-write of the RITS Regulations. The main objective is to improve the clarity of the Regulations. In particular, the revised version will remove redundant concepts and simplify terminology. The revised structure is also designed to make it easier to amend the Regulations to incorporate new services. In finalising the changes, the Bank will ensure that RITS's existing legal basis remains sound and the finality of settlement of payments settled in RITS continues to be certain.

The Bank is also using this opportunity to move from the 2000 to the 2011 Global Master Repurchase Agreement (GMRA). The 2011 GMRA reflects lessons from the global financial crisis and the collapse of Lehman Brothers. It simplifies the calling of an event of default, gives the non-defaulting party more flexibility in determining the value of securities as part of the close-out procedure, and allows the close-out amount to be set off against any other amounts payable by the non-defaulting party to the defaulting party. The latest version of the GMRA also broadens the definition of ‘act of insolvency’, which provides the flexibility to deal with insolvency events in a wide range of jurisdictions.

In 2014, the Bank engaged a law firm to conduct the review. Since then the Bank and the law firm have been working together to develop a draft of the revised RITS Regulations. Following consultation with participants, the Bank is aiming to implement the new Regulations in 2016.

Recommendation. The Bank should continue to work towards implementation of new RITS Regulations, with a view to improving their clarity.

3.3 Operational Risk Management

3.3.1 Identifying and managing operational risk

The key operational target is for RITS to be available to its participants in excess of 99.95 per cent of the time. Availability is measured relative to the total number of hours that the system is open for settlement and reporting. In the nine months to the end of September 2015, the availability of Bank-operated systems fell slightly below its availability target, recording average availability of 99.77 per cent (Table 5). This was primarily because of a third-party software error on 16 February, which caused slowness and intermittent loss of connectivity to the Society for Worldwide Interbank Financial Telecommunications (SWIFT), one of the main communications networks used by RITS, for more than six hours (see Box B).[6] In response to the incident, the Bank has implemented a number of measures to improve the way it works with SWIFT to diagnose systems problems and recover from any disruption.

Box B: 16 February Incident

Shortly after RITS opened on 16 February, connectivity between SWIFT and RITS was interrupted for a total of just over six hours, the longest disruption to RITS's services since 2006. SWIFT's network is used to communicate information related to payment instructions originating from RITS's largest feeder system, the SWIFT Payment Delivery System (PDS).[b1] It also facilitates the operation of the Automated Information Facility (AIF), which allows participants to automatically send and receive information to support the management of credit risk within their own systems. The disruption primarily caused delays to outward messages on the SWIFT network, which include settlement completion notifications and AIF messages. Inbound SWIFT messages, including payment instructions, were also periodically affected due to the Bank shutting down certain SWIFT-related RITS components to facilitate recovery in a controlled manner.

As soon as the disruption was identified, RITS's internal contingency procedures were initiated. Support from SWIFT was also promptly engaged. The Bank attempted to recover services over the course of several hours, but connectivity was only temporarily regained after each attempt. The Bank sent regular updates to RITS participants throughout the day via email and SMS, informing them of the status of the outage. It also consulted with a number of members during the day, including to discuss potential contingencies in the event that RITS was not able to recover.

Full recovery of SWIFT message processing was finally achieved at around 3.15 pm, and by 4.00 pm the backlog of inbound and outbound SWIFT messages had been cleared. Nonetheless, RITS's main settlement session was extended by 30 minutes to provide certainty that participants had sufficient opportunity to submit payments and receive settlement confirmations and other messages. All SWIFT messages submitted to RITS were processed successfully by the end of the day.

Extensive investigations by SWIFT and the Bank after the incident identified that the root cause was an error in third party software supplied as part of the SWIFT network interface with RITS. In response, the Bank implemented a fix to prevent the error from reoccurring. Since the incident, the Bank has also implemented a number of measures to improve the way it works with SWIFT to diagnose systems problems and recover from any disruption. Further to the implementation of these measures, if a similar disruption were to occur, it is expected that services would be restored in a more efficient and timely manner.

There were three other incidents during the Assessment period, although none of these incidents affected RITS's availability.

RITS also has capacity targets. These include:

  • a processing throughput target, which aims to ensure that RITS is able to process the peak day's transactions in less than two hours (assuming no liquidity constraints)
  • a projected capacity target, which specifies that RITS should be able to accommodate projected volumes 18 months in advance with 20 per cent headroom.

RITS is regularly tested against these targets and continues to meet them.

Cyber security

Recognising the growing systemic threat originating from cyber attacks, the 2014 Assessment recommended that the Bank keep its approach to cyber security under continued review. Consistent with this recommendation, the Bank initiated a project to analyse and test the mechanisms in place to prevent a cyber-related incident. The project consists of three phases:

  • Stocktake and risk review. The first phase involves a number of elements:

    a reconfirmation that the points of attack, cyber threats and attack scenarios that the Bank has previously identified remain current

    a review of the existing security controls and practices in place to protect systems from the identified threats

    an assessment of the Bank's current ability to identify potential vulnerabilities, detect and track suspicious activity and identify any compromise or damage to its systems

    the identification of whether there are any residual areas of vulnerability, or scope to improve existing arrangements, and a prioritisation of remedial actions based on the assessed risk of each

    an independent assessment of RITS's cyber security control framework against both the Australian Signals Directorate's Information Security Manual and the US National Institute of Standards and Technology's Framework for Improving Critical Infrastructure Cybersecurity.

  • Penetration testing. In the second phase, the Bank will engage a third party to perform a comprehensive program of penetration testing of RITS. To be as realistic as possible, the penetration testing will simulate the most likely attack scenarios as identified in the first phase of the project. This testing will reconfirm that the controls identified in the stocktake have been accurately and successfully implemented and work effectively in practice. It will also be designed to ensure that the Bank's multiple layers of security controls are tested.
  • Further enhancements. While any significant exposures found during the first two phases will be investigated and remedied immediately, this phase will use the outcomes of the first two phases to inform recommendations on additional measures to improve RITS's security controls.

This project is expected to be completed in 2016.

Recommendation. The Bank should complete its analysis and testing of the mechanisms in place to prevent a cyber-related incident and consider whether additional measures need to be put in place.

CPMI-IOSCO guidance on cyber resilience

In November 2015, CPMI and IOSCO released draft guidance in the area of cyber resilience for consultation.[7] The guidance supports relevant requirements in the Principles, but does not introduce new requirements. The guidance is also intended to help FMIs enhance their cyber resilience and provide a framework for supervisory dialogue. The guidance addresses five primary risk management categories: governance; identification; protection; detection; and response and recovery. Guidance is also provided on three overarching components relevant to an FMI's cyber-security framework: testing; situational awareness; and learning and evolving. The guidance is expected to be finalised in the first half of 2016. In light of this, Payments Policy Department encourages the Bank to review its cyber-risk management arrangements.

Recommendation. The Bank is encouraged to review its cyber-risk management arrangements in light of forthcoming CPMI-IOSCO guidance on cyber resilience for FMIs.

Project management

In 2015, the Bank completed its implementation of an enhanced enterprise-wide project management framework. This framework includes guidance to ensure internal consistency in the way project risks are managed, as well as the governance arrangements for projects. The framework is aligned to widely used industry best practice, including the PRINCE2 framework. The framework is supported by the Enterprise Project Management Office (EPMO), which was established in 2014. The EPMO provides analysis, including on risk, and status reports to the Bank's executives on the major initiatives. It also provides advice and support to Bank staff working on projects.

3.3.2 Business continuity arrangements

Business continuity arrangements in RITS include detailed contingency plans, which are updated at least annually and are tested regularly. Depending on the nature of the operational disruption, recovery time is targeted at equal to or less than 40 minutes. Core business data are protected through synchronous mirroring to a geographically remote second site. This is achieved through the use of specialised database technology, which has automated failover capabilities so that, in the event of a site outage, no data would be lost when switching to the second site. This technology is also designed to be resilient to the failure of individual system components. Full redundancy exists at both sites, ensuring that there is no single point of failure at either site. Both sites are permanently staffed and, since late 2009, live operations have been rotated between the two sites on a regular basis. Staff rotations and cross-training ensures that critical functions are not dependent on particular individuals. The Bank also has succession-planning processes in place for key positions.

Recovery

While redundancy and synchronous mirroring are useful tools in the event of a physical disruption, these design features may not be effective measures to recover from software issues or certain data corruptions. With this in mind, in recent years, a few overseas central banks have implemented, or announced plans to implement, ‘non-similar facilities’ to enhance their contingency arrangements for such scenarios.[8] In response to these developments, the 2014 Assessment recommended that the Bank examine the benefits, challenges and costs of implementing a range of measures that could further enhance the resilience of RITS and facilitate timely recovery from an operational incident.

Consistent with this recommendation and its ongoing commitment to enhance the resilience of RITS, the Bank has initiated a project to review and consider the options to improve RITS's ability to detect and recover from a disruption of service, or loss of software or data integrity, in the event of a wide range of operational incidents, including a cyber attack. The project will cover:

  • detection of a loss of integrity
  • investigation, analysis and diagnosis of the cause of the loss of integrity
  • recovery options
  • communication with internal and external stakeholders
  • resumption of normal operations and post-incident investigation.

The project includes a stocktake of RITS's existing capabilities to detect and recover from a disruption. This includes an assessment of whether these capabilities would be sufficient in a wide range of scenarios in which the integrity of RITS might be compromised. The project will also consider the benefits, challenges and costs of a range of measures that could potentially be implemented to improve RITS's capabilities in this area. This will include the consideration of ‘non-similar’ system components to improve resilience and RITS's ability to recovery. The analysis will then be used to develop recommendations for future work to improve RITS's resilience. The project is expected to be completed in 2016.

Recommendation. The Bank should complete its project to review and consider options to improve RITS's ability to detect and recover from a disruption of service, or loss of software or data integrity, resulting from a wide range of operational incidents, including a cyber attack.

Contingency settlement arrangements

Even if there was an extreme scenario in which RITS was unavailable and recovery was not possible, transactions from the SWIFT PDS and Austraclear feeder systems, which account for the majority of value and volume of payments settled in RITS, could be settled using ‘contingency settlement arrangements’. These arrangements involve the deferred net settlement of interbank obligations arising from the two feeder systems in a multilateral batch in RITS on the following day. During the Assessment period, the Bank initiated a project to renew these contingency settlement arrangements.

The first part of this project, which has been completed, involved the development of new processes to receive advice of bilateral obligations from participants and feeder systems and calculate the resulting multilateral net obligations for input into RITS as a batch. In addition, the RITS participant procedures, which set out what participants should do in various types of contingency events, were revised to reflect the new processes. As part of this body of work, an end-to-end test of the new contingency settlement arrangements for SWIFT PDS was successfully completed by the Australian Payments Clearing Association (APCA); this included participation by the Bank and a number of RITS participants.

In a second part of this project, the Bank will evaluate whether any refinements to existing contingency arrangements are needed to ensure that clearing and settlement operations could continue in the event that RITS or its external feeder systems were unavailable. This work is expected to be undertaken alongside the review of RITS's ability to detect and recover from a disruption of service, or loss of software or data integrity.

3.3.3 External systems and other dependencies

External RTGS feeder systems to RITS consist of Austraclear and SWIFT. In the nine months to September-2015, the combined availability of the Austraclear system and SWIFT services was 99.9 per cent (see Table 5, above).[9] The Bank has entered into agreements with these service providers, which set out the expected response times and level of support should an issue arise. RITS also has critical dependencies on utility providers. To manage these dependencies, each site has an uninterruptable power supply and a backup power generator system. All external communications links to data centres are via dual, geographically separated links.

The efficient operation of RITS is also dependent on the operational reliability and resilience of its participants. In particular, an operational disruption at a participant could prevent it from sending payment instructions to RITS. This could in turn cause liquidity to accumulate in that participant's ESA, forming what is known as a ‘liquidity sink’, and preventing liquidity from being recycled through the system efficiently. Recognising this dependency, in May 2013 the Bank published its Business Continuity Standards for RITS participants, with a target for compliance to be achieved by September 2015. These standards aim to promote high availability in RITS payments processing operations, requiring both resilience of system components and rapid recovery if failover to alternative systems is required.[10]

As recommended in the 2014 Assessment, the Bank has continued to monitor RITS participants' compliance with the standards. The Bank received participants' latest annual self-certification statements against the new standards as at the end of 2014, at which time 48 of 58 RITS participants were compliant with the standards. Almost all of the remaining participants indicated that they expected to be compliant by the end of the transition period. The Bank will verify this when participants' provide their next self-certification statements in early 2016.

3.4 Credit Risk and Collateral

The Bank is not exposed to any financial risks from the settlement of payments in RITS. The Bank does, however, incur credit risk through the provision of liquidity to participants through Standing Facilities to support payments and settlement activity (for more information on the Standing Facilities see Section A.4). It manages this credit risk by purchasing securities under repos. By lending on a collateralised basis, the Bank would only face a loss if a RITS participant failed to repurchase securities sold under repo and the market value of the securities fell to less than the agreed repurchase amount. To manage the latter risk, the Bank only purchases selected highly rated debt securities denominated in Australian dollars. These securities are conservatively valued, and subject to haircuts and daily margin maintenance.

As noted in the CPMI-IOSCO guidance on the application of the Principles to central bank FMIs, nothing in the Principles is intended to constrain central bank policies on credit provision or eligible collateral. However, on the basis of its own risk appetite and monetary policy objective, the Bank has implemented enhancements to its risk management over the Assessment period.

3.4.1 Asset-backed securities

As discussed in the 2014 Assessment, since October 2008, the Bank has permitted the use of certain related-party assets issued by bankruptcy remote vehicles, such as self-securitised residential mortgage backed securities (RMBS), as collateral in its Standing Facilities. This was in recognition of the relative scarcity of Australian dollar government, semi-government and bank-issued debt securities. The Bank's exposure to these related-party assets increased materially due to the introduction of open repos in November 2013. Since 2014, around 90 per cent of the outstanding amount of open repos has been collateralised by self-securitised assets.

Since it began accepting these assets, the Bank has applied rigorous risk management controls. These controls include a minimum credit rating, the imposition of an additional haircut and additional reporting requirements. To further reinforce its risk management of these securities, as well as asset-backed securities more broadly, since 30 June 2015 the Bank has required issuers of asset-backed securities to provide more detailed information in order for these securities to be eligible for use in the Bank's operations.[11]

The additional information, which must be kept up to date, covers both transaction-related data and information on the underlying assets. These data have enabled the Bank to refine the methodology it uses to value and apply margins to self-securitised RMBS, for which there are no market prices, as well as other asset-backed securities. Another objective of the enhanced reporting requirements is to promote greater transparency in the securitisation market. To this end, the Bank has required that certain information be made publicly available if securities are to be eligible for use in the Bank's operations.

3.4.2 Eligible counterparties

To enter into a repo with the Bank, an entity must be a RITS participant and be ‘approved’ as a repo counterparty by the Bank's Domestic Markets department. To access the Bank's Standing Facilities, an approved counterparty must also settle its payments across its own ESA.

To provide further clarity to interested parties, the Bank has recently updated its counterparty eligibility criteria. To be an approved counterparty, the previous criteria set out that a counterparty must be a member of Austraclear and be subject to ‘appropriate regulation’. The updated guidance:

  • clarifies that the broad objective of the eligibility criteria is that approved counterparties should be financial service providers that contribute to the stability and efficiency of the Australian financial and payments system
  • clarifies that the legal entity holding the Austraclear account must be identical to the legal entity that is a participant in RITS
  • provides additional guidance on what constitutes an appropriate level of regulation; this includes that an entity regulated by the Australian Prudential Regulation Authority (APRA) or clearing and settlement (CS) facility is deemed to be subject to an appropriate level of regulation.

Since the update was largely to clarify the Bank's eligibility criteria, it generally has not changed RITS participants' ability to access the Bank's Standing Facilities.

3.5 New Payments Platform

Over the Assessment period, the Bank has continued to contribute to industry efforts to develop the New Payments Platform (NPP). The NPP is being built to meet the remaining objectives arising from the Board's Strategic Review of Innovation in the Payments System. These objectives include the ability to:

  • make real-time retail payments
  • make and receive low-value payments outside normal banking hours
  • send more complete remittance information with payments
  • address payments in a relatively simple way.

3.5.1 Fast Settlement Service

To facilitate the final and irrevocable settlement of payments processed by the NPP, the Bank is designing and building the Fast Settlement Service (FSS), which is expected to operate 24 hours a day, 7 days a week. The FSS will be a RITS service, owned and operated by the Bank (Figure 1). As a RITS service, it is expected that direct users of the FSS will be RITS participants and as a result be bound by the RITS Regulations.

Although it is planned that the FSS will use some of the existing RITS infrastructure, the systems are expected to operate on separate platforms so that RITS's core settlement service and the FSS will be able to process and settle payments independently of one another. Each RITS participant will continue to have only one ESA; however, ESA balances will be divided between an ‘FSS allocation’ and a ‘RITS allocation’. FSS payments will only be tested for settlement against the FSS allocation, and payments sent to RITS's core settlement service will only be tested for settlement against the RITS allocation. During the operating hours of RITS's core settlement service, participants will manage the distribution of their ESA balances between their FSS and RITS allocations (see Section A.5 for details of RITS operating hours). Outside the operating hours of RITS's core settlement service, overnight and on weekends for example, it is expected that an ESA holder's entire ESA balance will be available for FSS settlements.[12]

The governance of the project to develop the FSS is supported by the Bank's enterprise-wide project management framework (for more information about this framework see Section 3.3.1). To develop the FSS, the Bank is primarily relying on its existing resources. Nonetheless, the Bank is hiring additional staff to further support the FSS's development and operation on an ongoing basis. These resources will help ensure that the operation of the core RTGS settlement service is not adversely affected by the increasing scope of RITS's services.

3.5.2 Other NPP components

In December 2014, 12 ADIs and the Bank committed funding for the design, development and operation of the other main components of the NPP. These institutions became the founding members of NPP Australia Limited – a new industry mutual company set up by APCA to steer the design and development of the NPP.

In December, NPP Australia Limited also signed a 12-year contract with SWIFT to design, build and operate the Basic Infrastructure. This will be the central utility that will connect participating financial institutions and other approved entities, allowing payment and settlement messages to flow between participants. In July, NPP Australia Limited accepted the high-level technical and operational design of the Basic Infrastructure. SWIFT has now started building the Basic Infrastructure, in cooperation with the 12 ADIs and the Bank. SWIFT has sub-contracted the development and support of the addressing component of the Basic Infrastructure – which will facilitate the easy addressing of payment messages to any recipient – to a third-party, Fiserv.

The Basic Infrastructure will be capable of supporting various ‘overlay’ services – that is, tailored commercial payment services which participants can choose to make available to their customers. The industry has chosen BPAY to provide the first commercial overlay to use the NPP infrastructure – the Initial Convenience Service (ICS). The ICS will develop three services: a basic fast payment; a payment with a document (to be accessed via a secure document reference service); and a ‘request and pay’, which will allow a payee to initiate a payment by sending a request to the customer.

The launch of the NPP is scheduled for 2017.

3.5.3 Out-of-hours liquidity

Since the NPP will operate on a 24/7 basis, payments may be initiated at a time when ADIs do not have access to wholesale funding sources, particularly the capacity to settle securities transactions in Austraclear. Liquidity from open repos will be the primary tool available to an ADI to manage its liquidity risk outside of RITS's and Austraclear's operating hours. When the NPP is launched, each NPP participant would be expected to establish a sufficiently large open repo position with the Bank to meet projected payment flows, including in peak transaction scenarios. As a result, the size of participants' existing open repo positions is likely to increase.

However, even if participants conservatively pre-position liquidity via their open repo positions, there remains a risk that ESA funds could be depleted if an ADI experienced significant liquidity stress. The Bank, in consultation with APRA, is consulting with NPP participants on potential additional measures to manage this risk.

Footnotes

For more information on property settlement functionality in RITS see Section 3.2.3 in RBA (2014), 2014 Assessment of the Reserve Bank Information and Transfer System, p 13. [4]

For background on LCH.Clearnet Ltd's membership of RITS see Section 3.3.1 in RBA (2014), 2014 Assessment of the Reserve Bank Information and Transfer System, p 16. [5]

SWIFT's availability was not affected by the 16 February incident since the software component that was affected by the disruption is hosted on the Bank's infrastructure. For further background see Section 3.3.3. [6]

CPMI-IOSCO (2015), Consultative Report: Guidance on cyber resilience for financial market infrastructures, November, available at <http://www.bis.org/cpmi/publ/d138.htm>. [7]

For more information on non-similar facilities, see Section 3.8.2 in RBA (2014), 2014 Assessment of the Reserve Bank Information and Transfer System, December, p 26. [8]

The availability of Austraclear was above its availability target of 99.9 per cent, which is set out in its service level agreement with the Bank. [9]

For more information on the participant Business Continuity Standards, see Box E: Participant Business Continuity Standards in RBA (2013), 2013 Self-assessment of the Reserve Bank Information and Transfer System, p 27. [10]

For more information, see Aylmer C (2013), ‘Developments in Secured Issuance and RBA Reporting Initiatives’, Address to the Australian Securitisation Forum, Sydney, 11 November. [11]

For more information on how participants will be able to access and manage liquidity in the FSS, see Section 3.2.2 in RBA (2014), 2014 Assessment of the Reserve Bank Information and Transfer System, December, p 12. [12]

Footnote Box A

This guidance is available at <https://www.bis.org/cpmi/publ/d130.pdf>. [a1]

Footnote Box B

For more information on RITS's feeder systems, see A.2. [b1]