Featured Product

    CPMI-IOSCO Assess Continuity Planning of Market Infrastructures

    July 21, 2021

    The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) published a report that assesses the business continuity planning activities of financial market infrastructures or FMIs. The report also presents a high-level summary of the responses of the financial market infrastructures to the COVID-19 pandemic in some member jurisdictions. It also identifies increased cyber risk and scope for improvement in certain areas.

    The report finds that all the surveyed financial market infrastructures have operational reliability objectives, focusing on system availability and recovery time; they reportedly review their business continuity plans at least annually and test them regularly. However, the report found that the business continuity management of some, and potentially many, financial market infrastructures does not seem to aim to resume operations in a timely way, including in the event of a wide-scale or major disruption. The key findings of the exercise are summarized below:

    • An identified concern relates to timely recovery in the event of a wide-scale or major disruption. Based on the information provided by the participating market infrastructures, there are doubts on whether their business continuity plans are designed to ensure that critical information technology systems can resume operations within two hours following disruptive events and enable the financial market infrastructure to complete settlement by the end of the day of the disruption, even in case of extreme circumstances. CPMI and IOSCO expect the relevant financial market infrastructures and their supervisors to address this as a matter of the highest priority.
    • Cyber risk was another identified area of concern. A few financial market infrastructures in the sample did not provide specific business continuity plan objectives with respect to cyber risk. Among the financial market infrastructures that have specific  business continuity plan objectives with respect to cyber risk, only a few explicitly acknowledged the breadth and depth of potential cyber attacks and the complexities of cyber risks that their business continuity plans may not be able to cover. 

    The report also noted that overall the financial market infrastructures have not experienced service disruptions during the pandemic. Financial market infrastructures have observed that the pandemic highlighted operational risks posed by third parties such as critical service providers. No major incidents involving third parties were reported during 2020. However, financial market infrastructures noted an increased threat of cyber risks, especially in remote working environments. In this context, financial market infrastructures have adopted enhanced cyber-security monitoring, with extra vigilance regarding their internal VPN networks and have trained their staff thoroughly on threats arising from remote access. 

    This review was a part of the regular monitoring of the implementation of the Principles for Financial Market Infrastructure (PFMI), which set international standards for payment, clearing, and settlement systems. Implementation is being monitored on three levels. Level 1 self-assessments report on whether a jurisdiction has completed the process of adopting legislation and other policies that will enable it to implement the Principles and Responsibilities. Level 2 assessments are peer reviews of the extent to which the content of the jurisdiction's implementation measures is complete and consistent with the PFMI. Level 3 peer reviews examine consistency in the outcomes of implementation of the Principles by financial market infrastructures and implementation of the Responsibilities by authorities. This report represents the Level 3 assessment of consistency in the outcomes of the implementation of the PFMI. 

     

    Related Links

    Keywords: International, Banking, Financial Market Infrastructure, FMI, Operational Risk, PFMI, PFMI Level 3, Business Continuity, COVID-19, Cyber Risk, IOSCO, CPMI

    Featured Experts
    Related Articles
    News

    OSFI Issues Results of Pilot on Climate Risk Scenario Analysis

    The Office of the Superintendent of Financial Institutions (OSFI) published an update on the discussion paper that intended to engage federally regulated financial institutions and other interested stakeholders in a dialog with OSFI, to proactively enhance and align assurance expectations over key regulatory returns.

    January 20, 2022 WebPage Regulatory News
    News

    EC Issues Regulation on Adjustments to K-Factor Coefficients Under IFR

    The European Commission (EC) published a report summarizing responses to the targeted consultation on the supervisory convergence and the single rulebook in the European Union (EU).

    January 20, 2022 WebPage Regulatory News
    News

    ECB Issues Opinions on Green Bonds Standard and CRR Proposals

    The European Central Bank (ECB) published its opinion on a proposal for a regulation on European green bonds, following a request from the European Parliament.

    January 19, 2022 WebPage Regulatory News
    News

    ESRB Explores Policy Response to Risks Arising from Digitalization

    The Advisory Scientific Committee (ASC) of the European Systemic Risk Board (ESRB) published a report that explores the expected impact of digitalization on provision of financial and banking services, and proposes policy measures to address the risks stemming from digitalization.

    January 18, 2022 WebPage Regulatory News
    News

    HKMA Consults on FIRO Code, Revises Policy on Foreign Exchange Risk

    The Hong Kong Monetary Authority (HKMA) is consulting on the draft Financial Institutions (Resolution) Ordinance (Cap. 628), or FIRO, Code of Practice chapter on liquidity and funding in resolution, until March 14, 2022.

    January 18, 2022 WebPage Regulatory News
    News

    FI Publishes Multiple Regulatory and Reporting Updates

    The Swedish Financial Supervisory Authority (FI) announced that the capital adequacy reporting as at December 31, 2021 must be done by February 11, 2022.

    January 17, 2022 WebPage Regulatory News
    News

    EU Authorities Address COVID-19 Reporting, MCD, and PSD2 Issues

    The European Banking Authority (EBA) announced that the guidelines on the reporting and disclosure of exposures subject to measures COVID-relief measures shall continue to apply until further notice.

    January 17, 2022 WebPage Regulatory News
    News

    BSP Tackles Aspects of Lending and Islamic, Open & Sustainable Finance

    The Central Bank of the Philippines (BSP) issued communications covering developments related to online lending platforms, open finance framework and roadmap, and on the expected regulations in the area sustainable finance.

    January 16, 2022 WebPage Regulatory News
    News

    US Agencies Issue Regulatory Updates, FDIC Launches Tech Sprint

    The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.

    January 13, 2022 WebPage Regulatory News
    News

    EBA Issues Guide on Bank Resolvability, Consults on Transferability

    The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).

    January 13, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 7903