Payments System Board Annual Report – 2019 Oversight, Supervision and Regulation of Financial Market Infrastructures

Financial market infrastructures (FMIs) are institutions that facilitate the clearing, settlement, and recording of financial transactions. The Bank has a role in overseeing and supervising three types of FMIs: central counterparties (CCPs) and securities settlement facilities (SSFs)[19] – together referred to as clearing and settlement (CS) facilities – as well as systemically important payment systems (SIPS).

The Bank's Regulatory Regime for FMIs

The Corporations Act 2001 (the Corporations Act) assigns to the Bank a number of powers and functions related to the supervision and oversight of CS facilities. Under the Reserve Bank Act 1959 (the Reserve Bank Act), the Payments System Board is responsible for ensuring that these powers and functions are exercised in a way that will best contribute to the overall stability of the financial system.

In accordance with the Reserve Bank Act, the Payments System Board also plays a role in the governance of the Bank's oversight of SIPS.

CS facilities

The scope of the licensing regime for CS facilities is set out under Part 7.3 of the Corporations Act, with CS facilities operating in Australia required to be either licensed or exempted. This requirement applies to CS facilities incorporated both domestically and overseas. Licensee obligations are specified in the Corporations Act and administered by the Australian Securities and Investments Commission (ASIC). Supplementary conditions may be imposed on CS facility licensees by the responsible Minister; compliance with these obligations is overseen by ASIC and the Bank. In particular, the Bank is responsible for:

  • providing advice to the Minister regarding applications for CS facilities, variations to, or imposition of, conditions on licences, or the suspension or cancellation of licences
  • determining Financial Stability Standards (Standards) for the purposes of ensuring that CS facility licensees conduct their affairs in a way that causes or promotes overall stability in the Australian financial system
  • assessing how well a licensee is complying with its obligation under the Corporations Act and, to the extent that it is reasonably practicable to do so, complying with these Standards and doing all other things necessary to reduce systemic risk.

Under the Reserve Bank Act, the Payments System Board is responsible for ensuring that the Bank exercises these powers and functions in a way that will best contribute to the overall stability of the financial system.

Financial Stability Standards

The Bank has determined two sets of Standards – one for CCPs and one for SSFs.[20] It is an obligation of each licensed CS facility that it meets the relevant set of Standards.

The objectives of the Standards are to ensure that CS facility licensees identify and properly control risks associated with the operation of the facility, and conduct their affairs in order to promote the overall stability of the Australian financial system. The Standards set principles-based requirements and regulatory expectations, rather than prescribing detailed rules and obligations.

In developing these Standards, the Bank has given close regard to the internationally agreed standards for FMIs set by the Committee on Payments and Market Infrastructures (CPMI) and the Technical Committee of the International Organization of Securities Commissions (IOSCO) in the Principles for Financial Market Infrastructure (PFMI). The PFMI are designed to ensure that the FMIs supporting global financial markets are financially, legally and operationally robust. The overall objective is to ensure that FMIs promote stability and efficiency in the financial system. A peer review conducted by CPMI and IOSCO in 2015 concluded that the Bank has implemented the PFMI in a consistent or broadly consistent manner for the FMIs that it supervises or oversees.[21]

In recent years CPMI and IOSCO have developed additional guidance on a number of aspects of the PFMI, which the Bank applies in interpreting its Standards.[22] This guidance seeks to enhance FMI risk management practices by providing further clarity and detail on the existing requirements within the PFMI. For example, the guidance covers areas of emerging risk or areas in which CPMI and IOSCO had identified that there were inconsistencies in how particular standards in the PFMI had been interpreted or adopted. The guidance encourages FMIs to adopt best practices and seeks to foster international consistency where that is appropriate.

There were no changes to the Standards or associated guidance during 2018/19.

ESA Policy

Under the Bank's ESA Policy, CCPs or SSFs that hold an Australian CS facility licence are eligible to apply for an ESA for the purpose of managing payment arrangements that require Australian dollar settlement.

The Bank requires some firms to use an ESA for specific purposes, and has recently widened the range of CS facilities that must use an ESA for settlement of Australian dollar obligations. Until recently, only CCPs that the Bank determines to be systemically important in the Australian financial system have been required to use their own ESA to settle Australian dollar margin-related receipts or payments and the CCP's Australian securities or derivative-related obligations. It is now the Bank's policy that any Australian-licensed SSF that the Bank determines to be systemically important and that faces liquidity risk from securities settlement related activities must hold their own ESA.[23] The purpose of broadening the range of institutions that must use an ESA for settlement of Australian dollarobligations is to minimise the risks faced by these SSFs and therefore minimise the risks that could be transmitted to the Australian financial system.

A second change to the Bank's ESA Policy has been made to allow holders of an Australian CS facility licence to be eligible to apply for an exemption from the requirement to maintain management and resources in Australia, subject to having appropriate management and operational resources in an approved offshore location. Such exemptions would be determined on a case-by-case basis, at the Reserve Bank's discretion, and would be reviewed periodically. The purpose of this change is to encourage licensed CS facilities to consider using an ESA and to accommodate CS facilities that have sufficient capacity to manage their ESA in a location outside Australia.

The ESA Policy has also been updated to address issues arising from increased demand for ESAs from other types of non-ADIs. These are outlined in the ‘Retail Payments Regulation and Policy Issues’ chapter.

The Bank's FMI Oversight and Supervision Activities

Day-to-day oversight and supervision of FMIs is undertaken by the Bank's Payments Policy Department, in accordance with the approach outlined in Box C. In carrying out these activities, the Bank works closely with ASIC.

The Bank's oversight and supervision activity is overseen by an internal body of the Bank, the FMI Review Committee, which was established by, and reports to, the Bank's Executive Committee; the FMI Review Committee's annual report is also provided to the Payments System Board. This committee is chaired by the Assistant Governor (Financial System), who is also Deputy Chair of the Payments System Board. Other members include the heads of the Payments Policy, Payments Settlements and Domestic Markets departments, as well as senior staff members with expertise in FMI-related matters but who are not currently directly involved in the Bank's oversight and supervision of FMIs. A core part of the committee's role is to ensure that oversight activities are carried out in a manner that is consistent with policies established by the Board. The committee meets quarterly, typically four to six weeks before Board meetings, and deals with matters by written procedure as needed. Staff of Payments Policy Department provide reports to the Board on the Bank's oversight and supervisory activities.

Box C
Approach to the Supervision and Oversight of FMIs

In June 2019, the Bank updated its policy statement describing its approach to supervising and assessing CS facility licensees, and published a corresponding policy statement on its oversight and supervision of SIPS.[1] These policy statements provide transparency to current or potential future operators of CS facilities and SIPS on the frequency, scope and level of engagement between the Bank and its overseen or supervised FMIs.

Clearing and settlement facilities

The changes to the Bank's policy statement on supervising and assessing CS facility licensees has sought to align the frequency, scope and level of detail of assessment of a CS facility licensee to be proportionate with the degree of systemic risk posed by the CS facility to the Australian financial system.

A key principle embedded in the Bank's approach is that all CS facility licensees should meet the Standards and do all other things necessary to reduce systemic risk. The Bank conducts and publishes an initial assessment of prospective licensees against the Standards at the time of their licence application. On an ongoing basis, all CS facility licensees are required to carry out and publish biennial self-assessments against the Standards, and provide the Bank with timely information on material business developments, and operational and risk data. The Bank may set regulatory priorities for these facilities, and report its assessment of progress in these areas.

As CS facilities become progressively more important to the Australian financial system, the frequency and degree of interactions with management at the CS facility and Bank staff is expected to increase, alongside data requirements and assessment obligations. More important CS facility licensees may be subject to targeted assessments against individual Standards at the Bank's discretion. A systemically important CS facility operating under an overseas licence would be subject to an ongoing assessment (by the Bank or its home overseer) against the Standards over a rolling four year period, with certain standards reviewed more frequently depending on market and business developments.[2] A systemically important CS facility operating under a domestic licence would be subject to a full assessment against the Standards at least every two years (annually in the case of CCPs) since the Bank is the primary regulator (with ASIC) of such a facility.

The Bank's supervisory approach for overseas licensees allows for deference to the primary regulator when the supervisory regime in an overseas CS facility's home jurisdiction is sufficiently equivalent to that in Australia and there are satisfactory information-sharing and cooperation arrangements with the relevant overseas authorities. The Bank will use its discretion in determining how much reliance it will place on reports and reviews conducted by overseas regulators and its own direct assessment of the CS facility.

At present, there are six CS facilities licensed to operate in Australia that are currently required to meet the Standards.[3] The four ASX CS facilities have been classified as systemically important CS facilities operated under a domestic licence; the UK-based LCH Limited (LCH Ltd) has been classified as a systemically important CS facility operated under an overseas licence; and the US-based Chicago Mercantile Exchange Inc. (CME) has been classified as being supervised under the base level requirements. There are presently no licensed CS facilities that are expected to meet the requirements for important CS facilities.

Systemically important payment systems

The Bank's policy statement on its approach to the supervision and oversight of SIPS sets out the criteria used to judge the systemic importance of payment systems in Australia, and describes how its approach differs between domestically focused and international SIPS. The policy statement also addresses a recommendation made in the International Monetary Fund's (IMF's) recent Financial Sector Assessment Program report on Australia (see Box E).

  • Systemic importance. The Bank carries out an annual review of payment systems based on criteria reflecting the level of activity in the system, the type of payments the system is used for, and other factors that indicate the system's potential to trigger or transmit systemic disruption. If the Bank's annual review identifies that a payment system has become systemically important, the Bank will commence supervision or oversight of that SIPS against the PFMI. The Bank will also engage at an early stage with any payment systems that have the potential to become systemically important so that they are aware of the Bank's policy on the supervision and oversight of SIPS.[4]
  • Domestically focused SIPS. A SIPS is considered domestically focused if it is operated by an Australian company or its operational base is in Australia, or if the focus of its activities is on AUD payments or Australian participants. The Bank will directly gather information from that SIPS on its compliance with the PFMI and carry out a detailed annual assessment of compliance at least every two years. To date, the Bank considers that the Reserve Bank Information and Transfer System (RITS) is the only domestically focused payment system that is systemically important.
  • International SIPS. Where payment systems are systemically important in Australia but are based overseas, and are primarily used to effect cross-border payments (including in Australian dollars), the Bank will place reliance on the international SIPS's overseas regulator if certain conditions are met. These conditions consider whether: the SIPS is subject to the PFMI (or equivalent) in its principal place of business; the SIPS has complied with the requirements imposed by the overseas regulator; and the Bank has effective cooperation and information sharing arrangements with the overseas regulator. CLS Bank International (CLS) is currently the only international SIPS overseen by the Bank.

Footnotes

Available at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/standards/approach-to-supervising-and-assessing-csf-licensees.html> and <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/high-value-payments/policy-statement-on-supervision-and-oversight-of-systemically-important-ps.html>. [1]

The Corporations Act provides for two classes of CS facility licence: a ‘domestic’ licence granted under s824B(1); and an ‘overseas’ licence granted under s824B(2). [2]

In addition, IMB Limited, an Australian building society, operates a market for trading in its own shares by its members, and an associated SSF to settle these trades. IMB Limited's SSF is currently exempt from the Standards owing to its small size. Further details on the exemption to the SSF Standards for SSFs that settle less than $200 million of transactions in a financial year are available at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/standards/securities-settlement-facilities/2012/introduction-standards.html>. [3]

Assessments of RITS against the PFMI are carried out annually. [4]

The following summarises activity and material developments over 2018/19 for the six CS facilities and the SIPs systems overseen and supervised by the Bank.

ASX

The four domestic CS facility licensees required to meet the Standards are all part of the ASX Group. In September 2019, the Bank published its latest assessment of these facilities.[24] This assessment concluded that the CS facilities ‘observed’ all relevant requirements under the Standards, with the following exceptions: all four CS facilities were upgraded from ‘partly observed’ to ‘broadly observed’ against the operational risk standard, downgraded from ‘observed’ to ‘partly observed’ for the general business risk standard, and maintained a rating of ‘broadly observed’ for the governance standard; both CCPs maintained a rating of ‘broadly observed’ against the liquidity risk and credit risk standards; ASX Clear (Futures) maintained a rating of ‘broadly observed’ against the margin standard. The steps taken by ASX to address the Bank's regulatory priorities for the annual assessment period ending June 2019, as well as other material developments, are set out below.

Operational risk management

Building Stronger Foundations

In 2018, ASX commenced a three-year program, known as Building Stronger Foundations, to address the findings of an independent external review of ASX's technology governance, operational risk and control frameworks. The program also incorporates ASX initiatives to improve enterprise risk management and governance practices identified prior to the review. The review was conducted at the instigation of the Bank and ASIC following a number of operational incidents in 2016 and 2017. It identified a number of areas for improvement across ASX's risk management, technology governance, enterprise architecture and incident management. As of 30 June, ASX had closed 28 of the review's 36 recommendations and addressed 95 per cent of the underlying deliverables in the Building Stronger Foundations program. The detail on ASX's progress in addressing specific areas for improvement is provided in the Bank's 2019 Assessment of ASX.

CHESS replacement

During 2018/19, ASX continued its work preparing to replace CHESS, its core system for clearing, settlement and other post-trade services for the Australian cash equity market. In September 2018, ASX released its response to a public consultation on the proposed functionality of the replacement system. The response also clarified what functionality ASX expects to make available from day 1 and set out a draft implementation timeline. This included an extension of the earliest commencement date for the new system by six months to the first half of 2021.

The Bank will continue to monitor the development of the new clearing and settlement system for cash securities transactions, in addition to monitoring the ongoing maintenance and smooth functioning of the existing CHESS system in the transition to the replacement system.

CCP risk management changes

In its 2018 Assessment of ASX, the Bank reviewed the ASX CCPs' practices against the CPMI-IOSCO report Resilience of central counterparties: Further guidance on the PFMI (CCP Resilience Guidance). The Bank concluded that the ASX CCPs' practices were either consistent or broadly consistent with that guidance, which has raised the bar in relation to financial risk management at CCPs. However, the Bank identified a number of gaps, some of which were of potential concern, and set a recommendation for the ASX CCPs to implement plans to address these gaps.

During 2018/19, the ASX CCPs implemented a number of risk management enhancements as part of a multi-year work program to address the Bank's recommendation and other minor gaps identified by the Bank. The detail on the work ASX completed during the assessment period is provided in the Bank's 2019 Assessment of ASX.

Legal basis

In 2018/19, the Bank conducted a detailed assessment of the legal basis of the ASX CS facilities. The legal basis of a CS facility defines the rights and obligations of the facility, its participants, and other parties (such as clients or service providers), and underpins assumptions made in risk management systems. If the legal basis is inadequate or uncertain the CS facility may face unintended, uncertain or unmanageable credit, liquidity or operational risks, which may create or amplify systemic risk.

The Bank concluded that the ASX CS facilities observe the legal basis standard but identified some minor legal risks that had not been fully mitigated, as well as a lack of formality in ASX's business-as-usual control environment for legal risks. The Bank therefore made a number of recommendations for ASX to complete planned actions to mitigate its legal risks and take steps to strengthen business-as-usual processes for identifying and managing legal risks. The Bank also identified several potentially more serious gaps affecting the CS facilities' access to capital held to cover their operational, business and investment risks. ASX had addressed a number of these gaps by 30 June and had a plan in place to address the remaining gaps in the coming months.

The Bank's review also covered the related topics of the finality of settlement in the ASX CS facilities and the CCPs' arrangements for segregation and portability of client transactions and collateral. The detailed findings from the review are provided in the Bank's 2019 Assessment of ASX.

LCH Ltd

LCH Ltd is licensed in Australia to provide CCP services for over-the-counter (OTC) interest rate derivatives (IRD) and inflation rate derivatives.

In December 2018, the Bank published the 2017/18 Assessment of LCH Limited's SwapClear Service.[25] This assessment concluded that LCH Ltd met the CCP Standards and either met or made progress towards meeting the Bank's regulatory priorities. The Bank also introduced a new regulatory priority. Steps taken so far by LCH Ltd to address these priorities, as well as other material developments, are set out below.

Operating hours in Australia

LCH Ltd has continued its work to extend the operating hours of the SwapClear service, while ensuring the safety and resilience of its operations. The SwapClear service is typically closed for five hours of the Australian business day, and trades executed during that time are not cleared by SwapClear until the Australian afternoon when the SwapClear service opens. The Bank's regulatory priority requires LCH Ltd to complete its analysis of the technical and operational challenges associated with extending its operating hours, and provide this to the Bank along with a plan of how it expects to address this regulatory priority. LCH Ltd has been providing regular updates to the Bank on the progress of this work.

Protected Payments System contingencies

The Bank set a new priority for LCH Ltd to improve its Protected Payments System (PPS) contingency arrangements. The PPS is used by LCH Ltd to settle cash payments, such as variation margin, to and from participants. LCH Ltd has previously identified that its contingency arrangements could be improved to ensure that payments can continue to be made in a timely manner in the event of a PPS bank outage or failure. LCH Ltd has identified a number of potential solutions involving both existing and new contingency arrangements, and has begun work to determine the viability of these solutions and where appropriate to implement them.

Areas of supervisory focus

In addition to the regulatory priorities set out in the 2017/18 Assessment, the Bank also identified four areas of supervisory focus for its supervision of LCH Ltd. These related to governance, operational resilience and cyber risk management, financial risk management and tiering. These areas had either experienced significant change that the Bank intended to monitor, or are areas where the Bank considered that further analysis was required. The Bank has been engaging with LCH Ltd and the Bank of England on these areas of focus and will provide a formal update in its 2018/19 Assessment of LCH Ltd.

CME

CME is a Chicago-based CCP that provides clearing services for a number of products from its US operations. CME does not currently have any direct Australian-based clearing participants, although Australian firms access CME's clearing services indirectly, as clients of direct participants. CME has held a CS facility licence in Australia since 2014, permitting it to offer clearing services to Australian-based institutions as direct clearing participants for OTC IRD and non-Australian dollar-denominated IRD traded on the CME market or the Chicago Board of Trade market (for which CME permits portfolio margining with OTC IRD). As noted in the ‘Trends in Payments, Clearing and Settlement Systems’ chapter, CME's licence was varied on 26 February to also permit the provision of clearing and settlement services for commodity, energy and environmental derivatives to be traded on the financial market operated by FEX. The service is expected to launch in the coming months.

In March 2019 the Bank published its assessment of CME for the 12 months ending December 2018. Given the nature and scope of CME's current activities in Australia, the Bank did not consider it necessary to conduct a detailed assessment of CME against all of the CCP Standards. The Bank's assessment concluded that CME had broadly addressed the outstanding regulatory priorities published in March 2018. The assessment set out three new regulatory priorities related to the variation of CME's licence. Consistent with the Bank's revised supervisory approach (see Box C), the Bank's next assessment of CME will be published in early 2021.

In 2018, CME provided its updated recovery and wind-down plans to the Bank for review. The Bank also undertook a review of the independent validation of CME's Liquidity Risk Management Framework (LRMF), and engaged with CME to monitor enhancements to this framework. Over the course of 2019, the Bank has continued to engage with CME on developments related to the implementation of its recovery and wind-down plans and the LRMF. In the coming period the Bank will also monitor progress against the new regulatory priorities, once the FEX service has launched.

Box D
Nasdaq Clearing AB participant default

Last year, an individual who participated directly in Nasdaq Clearing AB (a CCP which is a Swedish subsidiary of the Nasdaq Group) failed to meet a margin call to cover losses on a concentrated position on the spread between two electricity futures prices. Nasdaq Clearing AB placed the individual into default and covered the defaulter's position using all of the defaulter's collateral, plus about half of its default fund (€7 million of its own capital and €107 million of default fund contributions from other participants). Although CCPs are designed to mutualise large losses (as described above), it was not expected that the default of one private individual could cause losses on this scale. Following the default, Nasdaq Clearing AB announced plans to enhance its risk management in a number of ways.

The Bank has reviewed the risk management of the Australian-licensed CCPs in light of this incident. To the extent that the issues Nasdaq faced are relevant, the Australian-licensed CCPs have already identified these issues and have plans to address them.[1]

Footnote

For more detail, see RBA (2019), Financial Stability Review, April, viewed 16 August 2019 and the Bank's September 2019 Assessment of the ASX CS Facilities < https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/assessments/>. [1]

Reserve Bank Information and Transfer System

RITS is Australia's high-value payments system that is used by banks and other financial institutions to settle their payment obligations. The most recent assessment of RITS against the PFMI was endorsed by the Board and published in June 2019.[26] The assessment concluded that as at the end of March 2019, RITS observed all of the relevant principles other than the Operational Risk principle, which RITS broadly observed.

Key RITS developments during the assessment period are set out below.

30 August power outage

On 30 August 2018, the Bank experienced a major power outage affecting one of its data centres, resulting in large-scale disruption to its IT systems, including those supporting RITS. As a result, RITS services were unavailable from around 11 am before being gradually restored throughout the afternoon. All transactions submitted to RITS on the day were settled by the end of the day. As a result of the outage, RITS recorded average system availability below its target of being available 99.95 per cent of the time, and took longer to recover than the two-hour target set out in the PFMI. However, the impact on participants and the broader financial system was greatly diminished by the recovery of systems and completion of settlement on the day of the outage.

The Bank identified a number of follow-up actions arising from the incident, with all of the initial actions completed. The 2019 RITS assessment recommended that the Bank implement actions supporting the ability of RITS to recover within two hours of a disruption as well as taking steps to validate this ability via contingency testing.

The Bank's progress in implementing these recommendations will be assessed as part of the 2020 assessment of RITS.

Cyber resilience

The Bank continued work to further strengthen its cyber resilience over the 2018/19 assessment period. This builds on work in the 2016/17 assessment period to review RITS's cyber-security controls, operational resilience, and options to improve the ability to detect and recover from a disruption of service in RITS, or loss of software or data integrity. The highest-priority recommendations from these reviews were addressed in early 2017, and most of the remaining lower-priority recommendations were implemented in 2018. A small number of lower-priority recommendations are being carried forward via related projects and initiatives. As part of this work, RITS was certified to the ISO 27001 standard for information security management.

The Bank has also continued work to address security standards established by SWIFT as part of its Customer Security Programme. In June, the Bank was assessed to be compliant with all 19 mandatory controls by an external auditor. The Bank is also continuing to evaluate current and emerging technology options that may further enhance the capability of RITS to recover from cyber attacks in a timely manner.

Endpoint security

The Bank is in the process of implementing the CPMI's May 2018 strategy on Reducing the Risk of Wholesale Payments Fraud Related to Endpoint Security.[27] Endpoint security refers to security arrangements between wholesale payment systems, messaging networks and their participants. The Bank will continue work on implementing the strategy over the next year as part of an ongoing process of continuous improvement in endpoint security.

CLS Bank International

CLS operates a payment-versus-payment settlement system (CLSSettlement) for foreign exchange transactions in 18 currencies, including the Australian dollar. CLS, an Edge Act Corporation, is chartered in the United States and is regulated and supervised by the Federal Reserve. The Federal Reserve has established a cooperative oversight arrangement for CLS, in which the Bank participates. Over 2018/19 CLS launched the CLSClearedFX and CLSNet services. The CLSClearedFX service facilitates payment-versus-payment settlement of centrally cleared OTC FX derivative obligations; this service is used for the LCH Ltd settlement service that was launched in July 2018 for eight currency pairs, including Australian dollar/US dollar. CLSNet was launched in November 2018. The service provides a bilateral payment netting solution for trades not settling in CLSSettlement, covering approximately 120 currencies.

SWIFT

SWIFT provides critical messaging and connectivity services to both RITS and CLS, as well as other FMIs and market participants in Australia and overseas. Oversight of SWIFT is conducted by the SWIFT Oversight Group (OG), which consists of the G10 central banks and the ECB. Since SWIFT is incorporated in Belgium, the OG is chaired by the National Bank of Belgium. The Bank is a member of the SWIFT Oversight Forum, a separate group established to support information sharing and dialogue on oversight matters among a broader set of central banks. Through the SWIFT Oversight Forum, these central banks receive information on the OG's conclusions and have an opportunity to input into the OG's oversight priorities and policies. Oversight of SWIFT is supported by a set of standards – the High-level Expectations – which are consistent with standards for critical service providers in the PFMIs.

During 2018/19, cyber resilience remained an important focus of SWIFT and its overseers. By December 2018, all SWIFT members were required to self-attest their level of compliance with the mandatory security controls in SWIFT's Customer Security Programme. SWIFT regularly reviews its controls against emerging and evolving cyber threats, resulting in a further three security controls becoming mandatory for users at the end of 2019.

SWIFT also announced that it would commence a phased migration to ISO 20022 messages for cross-border payments between November 2021 and November 2025 (see the chapter on ‘Retail Payments Regulation and Policy Issues’).

Policy Development

The Bank works with other regulators (both domestically and abroad) on issues relevant to the regulation and oversight of FMIs. In Australia, much of this work has been coordinated by the Council of Financial Regulators (CFR) and, internationally, the Bank engages with relevant international standard-setting bodies. Where relevant to the Board's responsibilities, the Board has been kept updated on developments and members' input and guidance have been sought.

International

A focus of international policy work on FMIs over recent years has been on monitoring and implementing guidance in relation to CCP resilience, recovery and resolution. This work has been conducted under a joint CCP workplan developed by CPMI, the Financial Stability Board (FSB), IOSCO and the Basel Committee on Banking Supervision.[28] The Bank has been closely engaged in this international policy work, as well as other work areas, including monitoring of implementation of the PFMIs and the development of a strategy to reduce the risk of wholesale payments fraud. The CPMI published its final report on the incentives to clear OTC derivatives in late 2018.[29] The Bank has also contributed to a CPMI-IOSCO Policy Standing Group discussion paper on default management auctions and a report on the member authorities' experience with cooperation arrangements.

The Bank has continued to be involved in work considering the adequacy of financial resources for CCP resolution and the treatment of CCP equity in resolution. Following public consultation and engagement with industry in the first half of 2019, the FSB working group is in the process of developing additional guidance on these issues, for release in 2020.

In 2018/19 the Bank continued to contribute to the international monitoring of implementation of the PFMI by the CPMI–IOSCO Implementation Monitoring Standing Group. This included a contribution to peer review exercises that assess the extent to which a jurisdiction's implementation measures are complete and consistent with the PFMI, including reports on Switzerland and the United States that were published in the first half of 2019.

Domestic

In developing domestic policy for FMIs, the Bank works with the other regulators through the CFR, the coordinating body for Australia's main financial regulatory agencies. During 2018/19, the focus of the CFR's work on FMIs has been on FMI resolution and competition in clearing and settlement of equities.

The Bank and other CFR agencies have continued to work on development of a resolution regime for FMIs. This has largely encompassed developing a detailed design for the legislative framework. It is intended that the resolution regime for FMIs will have similar features to APRA's crisis management regime including recent enhancements to it. However, some differences will be necessary, reflecting the different operations of FMIs and banks. To provide transparency around the proposed regime, and to avoid unintended consequences upon implementation, additional public consultation is planned for later this year. In addition to further detail on the proposed FMI resolution regime, the consultation is also likely to cover some proposed changes to the regulatory framework for FMIs.

The CFR, in cooperation with the Australian Competition and Consumer Commission (ACCC), has developed a policy framework to support competition in clearing and settlement of Australian cash equities. The framework includes minimum conditions for safe and effective competition in cash equity clearing and settlement in Australia. It also includes a set of regulatory expectations for ASX's conduct in the provision of such services where it is a monopoly provider. Significant elements of this framework, however, are currently not enforceable under the existing regulatory framework. Consequently, the CFR and ACCC are working with the Australian Government to implement legislative changes to the statutory framework for CS facilities to make these elements enforceable by the regulators.

Box E
2018 Financial Sector Assessment Program Review of Australia

In 2018 the International Monetary Fund (IMF) conducted its third Financial Sector Assessment Program (FSAP) review of Australia to assess the stability of the financial sector and the quality of domestic regulatory oversight arrangements. The review included an assessment of the regulation and supervisory oversight of FMIs in Australia, including consistency with the PFMI. In February 2019, the IMF published a technical note outlining its findings.[1] The note concluded that FMIs in Australia generally operate reliably. However, it made a number of recommendations to authorities, including the Bank, for the supervision, oversight and resolution of FMIs. The key recommendations are discussed below.

  • Finalise the proposed resolution regime for FMIs. The IMF recommended that the Australian Government should prioritise the finalisation of a resolution regime for domestic FMIs, since the regulators currently lack the necessary framework and tools to ensure the continued provision of critical FMI services in a crisis that threatened an FMI's viability. Work by the Bank and other CFR agencies to progress the development of this resolution regime is described in the section on Policy Development.
  • Strengthen the independence of the RBA and ASIC for supervision of CS facilities, and enhance enforcement powers. The IMF recommended that the Bank be granted independent enforcement powers for the CS facilities that it supervises. This would replace current arrangements under which the Bank would rely on ASIC to issue a direction in order to enforce compliance with regulatory requirements within the Bank's supervisory mandate. The IMF's recommendation also noted the powers conferred on the responsible Minister in legislation could constrain ASIC and the Bank in carrying out their supervisory responsibilities, although there was no evidence of such Ministerial intervention in practice. The consultation on the proposed FMI resolution regime is likely to include proposals to strengthen the supervisory powers of ASIC and the Bank.
  • Provide additional transparency on the requirements that apply to systemically important payment systems. The IMF noted that the Bank had published its approach to oversight of RITS as a SIPS, but could consider publishing a more general statement explaining how it would determine if a payment system is systemically important and would bring such a system within its oversight against the PFMI. In June, the Bank published a policy describing its approach to the supervision and oversight of SIPS (see Box C).
  • Complement cyber resilience assessments with industry-wide tests. Cyber resilience of FMIs is a key supervisory priority for the Bank and the IMF recognised that progress is being made in this area. However, the IMF recommended that Australian authorities could consider conducting industry-wide tests to complement their supervision activities and gain insights into the impact of a cyber incident on the industry as a whole, similar to exercises conducted in other countries. The authorities are considering the timing of when such an industry-wide cyber resilience exercise should be conducted.

The IMF's FSAP also included a review of elements of ASX Clear's governance and risk management framework against the PFMI. The findings of this review and ASX's initial response is described in Box B of the September 2019 assessment of the ASX CS facilities.

Footnote

The IMF report is available at <https://www.imf.org/~/media/Files/Publications/CR/2019/1AUSEA2019005.ashx>. [1]

Footnotes

Referred to internationally as securities settlement systems. [19]

Available at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/standards/>. [20]

CPMI–IOSCO, Implementation monitoring of PFMI: Level 2 Assessment Report for Australia, December 2015. Available at <http://www.bis.org/cpmi/publ/d140.pdf>. [21]

For the full list of guidance that the Bank has adopted see the notes to the Financial Stability Standards at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/standards/>. [22]

See the Bank's media release at <https://www.rba.gov.au/media-releases/2019/mr-19-19.html>. [23]

The Bank's September 2019 Assessment of the ASX CS Facilities is available at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/assessments/>. [24]

Available at <https://www.rba.gov.au/payments-and-infrastructure/financial-market-infrastructure/clearing-and-settlement-facilities/assessments/lch/2018/pdf/lch-assess-2018-12.pdf>. [25]

Available at <https://www.rba.gov.au/payments-and-infrastructure/rits/self-assessments/2019/>. [26]

Available at <https://www.bis.org/cpmi/publ/d178.pdf>. [27]

Available at <http://www.bis.org/cpmi/publ/d165.pdf>. [28]

Available at <https://www.bis.org/publ/othp29.htm>. [29]