X

FRB Increases Risk Management Requirements for Large Clearing Organizations

The Board of Governors of the Federal Reserve (the "Board") adopted new operational risk management requirements for systemically important clearing organizations under Regulation HH ("Designated Financial Market Utilities"). The additional requirements apply to those Financial Market Utilities ("FMUs" or clearing organizations) that have been designated as systemically important ("designated FMUs") by the Financial Stability Oversight Council ("FSOC").

The additional requirements apply to four areas of operational risk management:

  • Incident Management and Notification. The FMU must provide notice of an unauthorized entry, or a potential for unauthorized entry, into a designated FMU’s computer, network, electronic, technical, automated or other systems that affect or have the potential to affect its critical operations or services.
  • Business Continuity Management and Planning. A designated FMU must identify its critical operations and services related to payment, clearing and settlement for purposes of developing integrated plans for recovery and orderly wind-down. The designated FMU’s business continuity plan must set out criteria and processes by which the FMU will "reestablish availability" for "affected" participants and other entities following a disruption to the designated FMU’s critical operations or services.
  • Third-Party Risk Management. The FMU must "address" in its business continuity management and testing, as appropriate, third parties that provide services that are material to any of the designated FMU’s critical operations or services. (The Board recognized that there are effective approaches to testing that do not involve participation of a third party, such as planning for alternatives to be used in the event of a third party’s unavailability.)
  • Review and testing of operational risk management measures. A designated FMU’s documented testing framework must address scope, frequency, participation, interdependencies and reporting.

The final rule is effective 30 days after publication in the Federal Register.

Primary Sources

  1. Federal Register: Final Rule: Financial Market Utilities
  2. FRB: Press Release: Federal Reserve Board announces final rule that updates risk management requirements for certain systemically important financial market utilities (FMUs) supervised by the Board
  3. FRB: Board Memorandum: Recommended amendments to the operational risk management expectations in Regulation HH

Premium Content

Available only to Premium subscribers.

 

Join Premium

US Regulatory Intelligence combines regulatory and enforcement news, analysis, and practical work tools on an easy-to-use digital platform.

Request a Free Trial

Tags

Regulated Activities
Business Continuity Operations
Regulated Entities
Clearing Orgs.
Body of Law
Banking Law CEA Regulation Securities Law
Jurisdiction
US - Federal
Organization
US Banking Regulators
Sub-Author
Federal Reserve Board