9-1002

I. RISK MANAGEMENT FOR FINANCIAL MARKET INFRASTRUCTURES

This part sets out the Board’s views, and related standards, regarding the management of risks in FMIs, including those operated by the Reserve Banks. The Board will be guided by this part, in conjunction with relevant laws, regulations, and other Federal Reserve policies, when exercising its authority in (1) supervising the Reserve Banks under the Federal Reserve Act; (2) supervising state member banks, Edge and agreement corporations, and bank holding companies, including the exercise of authority under the Bank Service Company Act, where applicable; (3) carrying out certain of its responsibilities under Title VIII of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act); (4) setting or reviewing the terms and conditions for the use of Reserve Bank accounts and services; and (5) developing and applying policies for the provision of intraday liquidity to eligible Reserve Bank account holders. This part will also guide the Board, as appropriate, in its interactions and cooperative efforts with other domestic and foreign authorities that have responsibilities for regulating, supervising, or overseeing FMIs within the scope of this part. The Board’s adoption of this policy is not intended to exert or create supervisory or regulatory authority over any particular class of institutions or arrangements where the Board does not have such authority.

9-1003

A. Scope

FMIs within the scope of part I include public- and private-sector payment systems that expect to settle a daily aggregate gross value of U.S. dollar-denominated transactions exceeding $5 billion on any day during the next 12 months.¹⁰ ¹¹ FMIs within the scope of this part also include central securities depositories, securities settlement systems, central counterparties, and trade repositories irrespective of the value or nature of the transactions processed by the system.¹² These FMIs may be organized, located, or operated within the United States (domestic systems), outside the United States (offshore systems), or both (cross-border systems) and may involve currencies other than the U.S. dollar (non-U.S. dollar systems and multicurrency systems).¹³ The scope of the policy also includes any payment system based or operated in the United States that engages in the settlement of non-U.S. dollar transactions if that payment system would be otherwise subject to the policy.¹⁴

Part I does not apply to market infrastructures such as trading exchanges, trade-execution facilities, or multilateral trade-compression systems. This part is also not intended to apply to bilateral payment, clearing, or settlement relationships, where an FMI is not involved, between financial institutions and their customers, such as traditional correspondent banking and government securities clearing services. The Board believes that these market infrastructures and relationships do not constitute FMIs for purposes of this policy and that risk-management issues associated with these market infrastructures and relationships are more appropriately addressed through other relevant supervisory and regulatory processes.

9-1003.5

B. Policy Expectations for Certain Financial Market Infrastructures

This section sets out the Board’s views, and related standards, with respect to risk management and transparency for the subset of FMIs described below in section B.1, including the Reserve Banks’ Fedwire Funds Service and Fedwire Securities Service (collectively, Fedwire Services). The Board believes these FMIs should have comprehensive risk management as well as a high degree of transparency.

1. Risk Management

Authorities, including central banks, have promoted sound risk-management practices by developing internationally accepted minimum standards that promote the safety and efficiency of FMIs. Specifically, the Committee on Payment and Settlement Systems (CPSS) and Technical Committee of the International Organization of Securities Commissions (IOSCO) report on Principles for Financial Market Infrastructures (PFMI) establishes minimum standards for payment systems that are systemically important, central securities depositories, securities settlement systems, central counterparties, and trade repositories for addressing areas such as legal risk, governance, credit and liquidity risks, general business risk, operational risk, and other types of risk.¹⁵ The PFMI reflects broad market input and has been widely recognized, supported, and endorsed by U.S. authorities, including the Federal Reserve, U.S. Securities and Exchange Commission (SEC), and U.S. Commodity Futures Trading Commission (CFTC). These standards are also part of the Financial Stability Board’s (FSB’s) Key Standards for Sound Financial Systems.¹⁶

The Board believes that the implementation of the PFMI by the FMIs within the scope of this section will help promote their safety and efficiency in the financial system and foster greater financial stability in the domestic and global economy. Accordingly, the Board has incorporated into the PSR policy principles 1 through 24 from the PFMI, as set forth in the appendix.¹⁷ In applying part I of this policy, the Board will be guided by the key considerations and explanatory notes from the PFMI as well as its interpretation of the corresponding provisions of Regulation HH.¹⁸

a. Fedwire services. The Board recognizes the critical role the Reserve Banks’ Fedwire Services play in the financial system and requires them to meet or exceed the standards set forth in the appendix to this policy, consistent with the guidance on central bank-operated systems provided in the PFMI and with the requirements in the Monetary Control Act.¹⁹

b. Designated financial market utilities for which the Board is the supervisory agency under title VIII of the Dodd-Frank Act. The Board’s Regulation HH imposes risk-management standards applicable to a designated financial market utility for which the Board is the Supervisory Agency.²⁰ The risk-management standards in Regulation HH are based on the PFMI. As required under Title VIII of the Dodd-Frank Act, the risk-management standards seek to promote robust risk management, promote safety and soundness, reduce systemic risks, and support the stability of the broader financial system. Designated financial market utilities for which the Board is the Supervisory Agency are required to comply with the risk-management standards in Regulation HH and are not subject to the standards in the appendix.

c. Other financial market infrastructures that are subject to the Board’s supervisory authority under the Federal Reserve Act. The Board expects all other FMIs that are subject to its supervisory authority under the Federal Reserve Act, including FMIs that are members of the Federal Reserve System, to meet or exceed the risk-management standards in the appendix.

d. All other central securities depositories, securities settlement systems, central counter-parties, and trade repositories. The Board encourages all other central securities depositories, securities settlement systems, central counterparties, and trade repositories, whether they are located within or outside the United States, to meet or exceed the risk-management standards in the appendix to this policy. Where the Board does not have authority over a central securities depository, securities settlement system, central counterparty, or trade repository, the Board will be guided by this policy in its cooperative efforts with other FMI authorities.

e. Other systemically important offshore and cross-border payment systems. The Board encourages systemically important offshore and cross-border payment systems that are not included in any of the categories above to meet or exceed the risk-management standards in the appendix to this policy.²¹ The Board will be guided by this policy in its cooperative efforts with other payment system authorities.

2. Transparency

Transparency helps ensure that relevant information is provided to an FMI’s participants, authorities, and the public to inform sound decisionmaking, improve risk management, enable market discipline, and foster confidence in markets more broadly. In particular, public disclosures play a critical role in allowing current and prospective participants, as well as other stakeholders, to understand an FMI’s operations and the risks associated with using its services and to manage more effectively their risks with respect to the FMI. The Board believes that FMIs are well-positioned to provide the information necessary to support greater market transparency and to maintain financial stability.

The Board expects an FMI that is subject to its supervisory authority, but not subject to Regulation HH, to disclose to its participants information about the risks and costs that they incur by participating in the FMI, consistent with the requirements in principle 23 in the appendix.²² At a minimum, the FMI should disclose to its participants overviews of the FMI’s system design and operations, rules and key procedures, key highlights of business continuity arrangements, fees and other material costs, aggregate transaction volumes and values, levels of financial resources that can be used to cover participant defaults, and other information that would facilitate its participants’ understanding of the FMI and its operations and their evaluation of the risks associated with using that FMI.

In addition, the Board expects such an FMI to complete the disclosure framework set forth in the CPSS-IOSCO Principles for Financial Market Infrastructures: Disclosure Framework and Assessment Methodology (“disclosure framework” and “assessment methodology”).²³ The disclosure framework establishes the international baseline set of information that all FMIs are expected to disclose publicly and review regularly.²⁴ An FMI is encouraged to use the guiding questions in the assessment methodology to guide the content and level of detail in their disclosures. The Board expects each FMI to make its disclosure readily available to the public, such as by posting it on the FMI’s public Web site, to achieve maximum transparency.

To ensure each FMI’s accountability for the accuracy and completeness of its disclosure, the Board expects the FMI’s senior management and board of directors to review and approve each disclosure upon completion. Further, in order for an FMI’s disclosure to reflect its current rules, procedures, and operations, the Board expects the FMI to update the relevant parts of its disclosure following changes to the FMI or the environment in which it operates, which would significantly change the accuracy of the statements in its disclosure. At a minimum, the FMI is expected to review and update as warranted its disclosure every two years.

As part of its ongoing oversight of FMIs, the Board will review public disclosures by FMIs subject to its supervisory authority to ensure that the Board’s policy objectives and expectations are being met.²⁵ Where necessary, the Board will provide feedback to the FMIs regarding the content of these disclosures and their effectiveness in achieving the policy objectives discussed above.²⁶ The Board acknowledges that FMIs vary in terms of the scope of instruments they settle and markets they serve. It also recognizes that FMIs may operate under different legal and regulatory constraints, charters, and corporate structures. The Board will consider these factors when reviewing the disclosures and in evaluating how an FMI addresses a particular standard. Where the Board does not have statutory or exclusive authority over an FMI, it will be guided by this policy in cooperative efforts with other domestic or foreign authorities to promote comprehensive disclosures by FMIs as a means to achieve greater safety and efficiency in the financial system.

9-1004

C. General Policy Expectations for Other Payment Systems Within the Scope of the Policy

The Board encourages payment systems within the scope of this policy, but that are not included in any of the categories in section B above, to implement a general risk-management framework appropriate for the risks the payment system poses to the system operator, system participants, and other relevant parties as well as the financial system more broadly.

1. Establishment of a Risk-Management Framework

A risk-management framework is the set of objectives, policies, arrangements, procedures, and resources that a system employs to limit and manage risk. Although there are a number of ways to structure a sound risk-management framework, all frameworks should

a. identify risks clearly and set sound risk-management objectives;

b. establish sound governance arrangements to oversee the risk-management framework;

c. establish clear and appropriate rules and procedures to carry out the risk-management objectives; and

d. employ the resources necessary to achieve the system’s risk-management objectives and implement effectively its rules and procedures.

9-1005

a. Identify risks clearly and set sound risk-management objectives. The first element of a sound risk-management framework is the clear identification of all risks that have the potential to arise in or result from the system’s settlement process and the development of clear and transparent objectives regarding the system’s tolerance for and management of such risks. System operators should identify the forms of risk present in their system’s settlement process as well as the parties posing and bearing each risk. In particular, system operators should identify the risks posed to and borne by them, the system participants, and other key parties such as a system’s settlement banks, custody banks, and third-party service providers. System operators should also analyze whether risks might be imposed on other external parties and the financial system more broadly.

In addition, system operators should analyze how risk is transformed or concentrated by the settlement process. System operators should also consider the possibility that attempts to limit one type of risk could lead to an increase in another type of risk. Moreover, system operators should be aware of risks that might be unique to certain instruments, participants, or market practices. Where payment systems have interrelationships with or dependencies on other FMIs, system operators should also analyze whether and to what extent any cross-system risks exist and who bears them.

Using their clear identification of risks, system operators should establish the risk tolerance of the system, including the levels of risk exposure that are acceptable to the system operator, system participants, and other relevant parties. System operators should then set risk-management objectives that clearly allocate acceptable risks among the relevant parties and set out strategies to manage this risk. Risk-management objectives should be consistent with the objectives of this policy, the system’s business purposes, and the type of payment instruments and markets for which the system clears and settles. Risk-management objectives should also be communicated to and understood by both the system operator’s staff and system participants.

System operators should reevaluate their risks in conjunction with any major changes in the settlement process or operations, the transactions settled, the system’s rules or procedures, or the relevant legal and market environments. System operators should review the risk-management objectives regularly to ensure that they are appropriate for the risks posed by the system, continue to be aligned with the system’s purposes, remain consistent with this policy, and are being effectively adhered to by the system operator and participants.

9-1006

b. Establish sound governance arrangements to oversee the risk-management framework. Systems should have sound governance arrangements to implement and oversee their risk-management frameworks. The responsibility for sound governance rests with a system operator’s board of directors or similar body and with the system operator’s senior management. Governance structures and processes should be transparent; enable the establishment of clear risk-management objectives; set and enforce clear lines of responsibility and accountability for achieving these objectives; ensure that there is appropriate oversight of the risk-management process; and enable the effective use of information reported by the system operator’s management, internal auditors, and external auditors to monitor the performance of the risk-management process.²⁷ Individuals responsible for governance should be qualified for their positions, understand their responsibilities, and understand their system’s risk-management framework. Governance arrangements should also ensure that risk-management information is shared in forms, and at times, that allow individuals responsible for governance to fulfill their duties effectively.

9-1007

c. Establish clear and appropriate rules and procedures to carry out the risk-management objectives. Systems should have rules and procedures that are appropriate and sufficient to carry out the system’s risk-management objectives and that are consistent with its legal framework. Such rules and procedures should specify the respective responsibilities of the system operator, system participants, and other relevant parties. Rules and procedures should establish the key features of a system’s settlement and risk-management design and specify clear and transparent crisis management procedures and settlement failure procedures, if applicable.²⁸

9-1008

d. Employ the resources necessary to achieve the system’s risk-management objectives and implement effectively its rules and procedures. System operators should ensure that the appropriate resources and processes are in place to allow the system to achieve its risk-management objectives and implement effectively its rules and procedures. In particular, the system operator’s staff should have the appropriate skills, information, and tools to apply the system’s rules and procedures and achieve the system’s risk-management objectives. System operators should also ensure that their facilities and contingency arrangements, including any information system resources, are sufficient to meet their risk-management objectives.

2. Other Considerations for a Risk-Management Framework

Payment systems differ widely in form, function, scale, and scope of activities, and these characteristics result in differing combinations and levels of risks. Thus, the exact features of a system’s risk-management framework should be tailored to the risks of that system. The specific features of a risk-management framework may entail tradeoffs between efficiency and risk reduction, and payment systems will need to consider these tradeoffs when designing appropriate rules and procedures. In considering such tradeoffs, however, it is critically important that system operators take into account the costs and risks that may be imposed on all relevant parties, including parties with no direct role in the system. Furthermore, in light of rapidly evolving technologies and risk-management practices, the Board encourages all system operators to consider making risk-management improvements when cost-effective.

The Board may seek to understand how a system achieves the four elements of a sound risk-management framework set out above. In this context, the Board may seek to obtain information from system operators regarding their risk-management framework, risk-management objectives, rules and procedures, significant legal analyses, general risk analyses, analyses of the credit and liquidity effects of settlement disruptions, business continuity plans, crisis management procedures, and other relevant documentation.²⁹ The Board also may seek to obtain data or statistics on system activity on an ad hoc or ongoing basis. All information provided to the Federal Reserve for the purposes of this policy will be handled in accordance with all applicable Federal Reserve policies on information security, confidentiality, and conflicts of interest.

D. Cooperation with Other Authorities in Regulating, Supervising, and Overseeing Financial Market Infrastructures

When the Board does not have statutory or exclusive authority over an FMI covered by this policy, this section will guide the Board, as appropriate, in its interactions with other domestic and foreign authorities to promote effective risk management in and transparency by FMIs. For example, the Federal Reserve may have an interest in the safety and efficiency of FMIs outside the United States that are subject to regulation, supervision, or oversight by another authority but that provide services to financial institutions supervised by the Board or conduct activity that involves the U.S. dollar.³⁰ In its interactions with other 3domestic and foreign authorities, the Board will encourage these authorities to adopt and to apply the internationally accepted principles set forth in the appendix when evaluating the risks posed by and to FMIs and individual system participants that these authorities regulate, supervise, or oversee.

In working with other authorities, the Board will seek to establish arrangements for effective and practical cooperation that promote sound risk-management outcomes. The Board believes that cooperative arrangements among relevant authorities can be an effective mechanism for, among other things, (1) sharing relevant information concerning the policies, procedures, and operations of an FMI; (2) sharing supervisory views regarding an FMI; (3) discussing and promoting the application of robust risk-management standards; and (4) serving as a forum for effective communication, coordination, and consultation during normal circumstances, as well as periods of market stress.

When establishing such cooperative arrangements, the Board will be guided, as appropriate, by international principles on cooperative arrangements for the regulation, supervision, and oversight of FMIs. In particular, responsibility E in the PFMI addresses domestic and international cooperation among central banks, market regulators, and other relevant authorities and provides guidance to these entities for supporting each other in fulfilling their respective mandates with respect to FMIs. The CPSS report on Central Bank Oversight of Payment and Settlement Systems also provides important guidance on international cooperation among central banks.³¹ The Board believes this international guidance provides important frameworks for cooperating and coordinating with other authorities to address risks in domestic, cross-border, multi-currency, and, where appropriate, offshore FMIs.

¹⁰

A “payment system” is a set of instruments, procedures, and rules for the transfer of funds between or among participants. Payment systems include, but are not limited to, large-value funds transfer systems, automated clearinghouse systems, check clearinghouses, and credit and debit card settlement systems. The scope of this policy also includes payment-versus-payment settlement systems for foreign exchange transactions.

¹¹

In determining whether it is included in the scope of this policy, a payment system should look at its projected “next” twelve-month period. “Aggregate gross value of U.S. dollar-denominated transactions” refers to the total dollar value of individual U.S. dollar transactions settled in the payment system, which also represents the sum of total U.S. dollar debits (or credits) to all participants before or in absence of any netting of transactions.

¹²

A “central securities depository” is an entity that provides securities accounts and central safekeeping services. A “securities settlement system” is an entity that enables securities to be transferred and settled by book entry and allows transfers of securities free of or against payment. A “central counterparty” is an entity that interposes itself between counterparties to contracts traded in one or more financial markets, becoming the buyer to every seller and the seller to every buyer. A “trade repository” is an entity that maintains a centralized electronic record of transaction data. These definitions are based on those in the PFMI.

¹³

Non-U.S. dollar systems may be of interest to the Board if they are used by U.S. financial institutions or may have the ability to affect financial stability, more broadly.

¹⁴

The daily gross value threshold will be calculated on a U.S. dollar equivalent basis.

¹⁵

In addition to these risk-management standards, the PFMI sets out responsibilities for authorities for FMIs, including central banks, in order to provide for effective regulation, supervision, and oversight of FMIs.

¹⁶

The FSB’s Key Standards for Sound Financial Systems are available at http://www.financialstabilityboard.org/cos/key_standards.htm. The FSB is an international forum that was established to develop and promote the implementation of effective regulatory, supervisory and other financial sector policies. The FSB includes the U.S. Department of the Treasury, the Board, and the SEC.

¹⁷

The Board’s Regulation HH contains risk-management standards that are based on the PFMI for certain designated financial market utilities. Regulation HH (12 CFR part 234) is available [at 9-1600 and] http://www.federalreserve.gov/bankinforeg/reglisting.htm#HH.

¹⁸

The Board will also look to the CPSS-IOSCO Principles for Financial Market Infrastructures: Disclosure Framework and Assessment Methodology, which is avail-able at http://www.bis.org/cpmi/publ/d106.pdf, and other related documents.

¹⁹

Certain standards may require flexibility in the way they are applied to central bank-operated systems because of central banks’ unique role in the financial markets and their public responsibilities. These principles include principle 2 on governance, principle 3 on the framework for the comprehensive management of risks, principle 4 on credit risk, principle 5 on collateral, principle 7 on liquidity risk, principle 13 on participant-default rules and procedures, principle 15 on general business risk, and principle 18 on access and participation requirements. For instance, the Reserve Banks should refer to part II of this policy for managing their credit risk arising from the provision of intraday credit to users of the Fedwire Services.

²⁰

The term “Supervisory Agency” is defined in Title VIII as the “Federal agency that has primary jurisdiction over a designated financial market utility under Federal banking, securities, or commodity futures laws” (12 U.S.C. 5462(8)). Under Title VIII, the Board must prescribe risk-management standards for designated financial market utilities for which the Board or another Federal banking agency is the appropriate Supervisory Agency (12 U.S.C. 5464(a)). There are currently no designated financial market utilities for which another federal banking agency is the Supervisory Agency.

²¹

These systems may be used by U.S. financial institutions, clear or settle U.S. dollars, or have the ability to affect financial stability, more broadly.

²²

The Board’s Regulation HH imposes an equivalent public disclosure requirement.

²³

See CPSS-IOSCO, Principles for Financial Market Infrastructures: Disclosure Framework and Assessment Methodology, December 2012, available at http://www.bis.org/cpmi/publ/d106.pdf.

²⁴

Although the Board expects disclosures to be robust, it does not expect FMIs to disclose to the public sensitive information that could expose system vulnerabilities or otherwise put the FMI at risk (for example, specific business continuity plans).

²⁵

Any review of a disclosure by the Board should not be viewed as an approval or guarantee of the accuracy of an FMI’s disclosure. Without the express approval of the Board, an FMI may not state that its disclosure has been reviewed, endorsed, approved, or otherwise not objected to by the Board.

²⁶

If the Board materially disagrees with the content of an FMI’s disclosure, it will communicate its concerns to the FMI’s senior management and possibly to its board of directors, as appropriate. The Board may also discuss its concerns with other relevant authorities, as appropriate.

²⁷

The risk-management and internal audit functions should also be independent of those responsible for day-to-day functions.

²⁸

Examples of key features that might be specified in a system’s rules and procedures are controls to limit participant-based risks, such as membership criteria based on participants’ financial and operational health; limits on credit exposures; and the procedures and resources to liquidate collateral. Other examples of key features might be business continuity requirements and loss-allocation procedures.

²⁹

To facilitate analysis of settlement disruptions, systems may need to develop the capability to simulate credit and liquidity effects on participants and on the system resulting from one or more participant defaults, or other possible sources of settlement disruption. Such simulations may need to include, if appropriate, the effects of changes in market prices, volatilities, or other factors.

³⁰

An FMI may be subject to supervision or oversight by the Board and other authorities, as a result of its legal framework, operating structure (for example, multi-currency or cross-border systems), or participant base. In such cases, the Board will be sensitive to the potential for duplicative or conflicting requirements, oversight gaps, or unnecessary costs and burdens imposed on the FMI.

³¹

See Central Bank Oversight of Payment and Settlement Systems, part B on “Principles for international cooperative oversight,” May 2005, available at https://www.bis.org/cpmi/publ/d68.pdf.