FRB Proposes to Toughen Risk Management Standards for FMUs

The Federal Reserve Board ("FRB") proposed amendments to the risk management standard of Regulation HH ("Designated Financial Markets") which governs the operations related to the payment, clearing and settlement activities of certain designated financial market utilities ("FMUs").

The FRB stated that the proposed amendments would improve (i) reviewing and testing requirements to identify risks, (ii) incident management and notification, (iii) business continuity management and planning and (iv) third-party risk management.

The FRB stated that the proposal would make Regulation HH's existing requirements more specific. For example, the proposal would require FMUs to ensure that their tests are functioning properly, and require prompt response to any deficiencies identified in these tests. Additionally, the proposal would require FMUs to develop a detailed plan for timely notification and communication of material operational incidents, including a list of entities, including the FRB, that must be notified in the event of a failure.

As to business continuity requirements, the FRB stated that the proposal would treat multiple production sites in data center arrangements as equal, instead of FMUs listing one as the primary site and the other(s) as backup. The amendments would require each production site to have a "unique" risk profile, in order to operate independently of any failures at another site. The proposal also included updates to require FMUs to effectively manage risks associated with third-party relationships.

Comments on the proposal are due within 60 days after publication in the Federal Register.