16.11.2017   

EN

Official Journal of the European Union

L 299/11

(1)

The Committee on Payment and Settlement Systems (CPSS) of the Bank for International Settlements and the Technical Committee of the International Organization of Securities Commissions (IOSCO) published the Principles for financial market infrastructures in April 2012 (1). The Committee on Payments and Market Infrastructures (CPMI), the successor of the CPSS, and IOSCO subsequently published guidance on these principles. The European Central Bank (ECB) has decided to implement the CPMI-IOSCO principles and subsequent guidance insofar as they apply to systemically important payment systems (SIPS) by means of Regulation (EU) No 795/2014 of the European Central Bank (ECB/2014/28) (2).

(2)

The Governing Council has reviewed the general application of Regulation (EU) No 795/2014 (ECB/2014/28), pursuant to Article 24 thereof. That review took account of the findings of the first comprehensive assessment of SIPS. The assessment found that certain matters required improvement or clarification and, in a few cases, a need for more substantial amendments seeking to ensure the application of the highest oversight standards.

(3)

For the purposes of this Regulation, payment institutions and e-money institutions that have access to SIPS via direct participants, pursuant to Article 35(2) of Directive (EU) 2015/2366 of the European Parliament and of the Council (3), should be treated as indirect participants.

(4)

To ensure effective risk mitigation, it is important to maintain a clear separation between operational, risk management and internal audit functions, including through mandating the carrying out of these functions by different persons. Furthermore, for non-Eurosystem SIPS operators, it should be ensured, subject to national law, that there is an independent member on their Board to enhance its effectiveness. As the Eurosystem has public policy objectives and responsibilities and an institutional set-up defined in the Treaty and the Statute of the European System of Central Banks and of the European Central Bank, Eurosystem SIPS operators should be granted an exemption from this requirement.

(5)

Furthermore, the Governing Council identified a need to provide further clarity on the responsibilities of a SIPS operator's Board which include the approval of decisions that have a significant impact on the risk profile of a SIPS or SIPS operator and of the key risk documents governing the operation of the SIPS.

(6)

The Governing Council generally agreed that there is a need to substantially improve the mitigation of liquidity risk generated in deferred net settlement (DNS) systems through ensuring effective liquidity risk mitigation for all cycles from the moment a transfer order has been included in the calculation of net settlement positions and the position is visible to the participant.

(7)

To allow for the smooth functioning of a SIPS, participants need to have adequate tools to effectively manage their liquidity. The SIPS operator has to monitor and facilitate the smooth flow of liquidity at a system level, taking into account the liquidity exposure of each participant.

(8)

A SIPS operator settling one-sided payments in euro has to ensure that final settlement takes place in central bank money. Because this requirement also applies where a SIPS offering settlement in central bank money is in an emergency situation, SIPS operators settling payments for other SIPS should endeavour to allow final settlement even in such a situation.

(9)

To ensure that SIPS funds are protected against possible business losses, the assets held by a SIPS operator to cover general business risk should be segregated from the assets held for daily business operations. In addition, a distinction should be drawn between a SIPS recovery and orderly wind-down plan, on the one hand, and a SIPS capital plan, on the other. While the latter needs to reflect the possibility of raising capital, the former should ensure that, within the normal course of business, funds available for the recovery and orderly wind-down plan do not fall below the amount required to implement them.

(10)

Ensuring effective operational risk management is a continuous process which requires that operational policies and procedures are periodically, and whenever necessary, tested and reviewed, especially following significant changes to the system. This is particularly true for the management of cyber risks which has grown in importance since the publication of Regulation (EU) No 795/2014 (ECB/2014/28). This Regulation sets out specific requirements that are important in order to mitigate cyber risks.

(11)

In order for a competent authority to exercise its oversight powers effectively, these powers should be complemented with two additional tools. First, the competent authority should have the power to require a SIPS operator to appoint an independent expert to perform an investigation or independent review of the SIPS's operation. In addition, it should be able to impose requirements concerning the type of expert to be appointed, the content and scope of the report to be produced, the treatment of the report, including disclosure and publication, and timing for the production of the report. Second, in line with Responsibility B of the abovementioned Principles for financial market infrastructures, a competent authority should be able to conduct on-site inspections or delegate this task.

(12)

While corrective measures may only be imposed for infringements of Regulation (EU) No 795/2014 (ECB/2014/28), there could be situations that merit initiating the procedure for the imposition of such measures on the grounds of suspected non-compliance, giving a SIPS operator the opportunity to be heard and to provide explanations before an infringement is established. The procedure for the imposition of corrective measures should be set out in a decision. Moreover, a competent authority other than the ECB should notify the ECB of its intention to impose corrective measures without undue delay.

(13)

In view of the findings of the Governing Council's review and to implement the CPMI-IOSCO guidance insofar as they apply to SIPS, Regulation (EU) No 795/2014 (ECB/2014/28) should be amended accordingly,

1.

Article 1 is amended as follows:

2.

Article 2 is amended as follows:

3.

Article 4 is amended as follows:

4.

in Article 5, paragraph 4 is replaced by the following:

‘4.   A SIPS operator shall define the SIPS's critical operations and services. The SIPS operator shall identify specific scenarios that may prevent it from being able to provide these critical operations and services as a going concern and shall assess the effectiveness of all options for recovery and, with the exception of Eurosystem SIPS, an orderly wind-down. It shall review the SIPS's critical operations and services at least annually. Based on thisassessment, a SIPS operator shall prepare a viable plan for the SIPS's recovery and, except for Eurosystem SIPS, an orderly wind-down. The recovery and orderly wind-down plan shall contain, inter alia, a substantive summary of the key recovery and orderly wind-down strategies, a restatement of the SIPS's critical operations and services, and a description of the measures needed to implement the key strategies. A SIPS operator shall, where applicable, provide the relevant authorities with the information needed for the purposes of resolution planning.’;

5.

Article 6 is replaced by the following:

‘Article 6

Credit risk

1.   A SIPS operator shall establish a robust framework to measure, monitor and manage its credit exposures to its participants and credit exposures among participants arising from the SIPS payment, clearing and settlement processes.

2.   A SIPS operator shall identify all sources of credit risk. The measurement and monitoring of credit exposures shall take place throughout the day, using timely information and appropriate risk management tools.

2a.   A SIPS operator operating a DNS system shall ensure that

3.   A SIPS operator, including one operating a DNS system with a settlement guarantee, that in the course of SIPS operations incurs credit exposure vis-à-vis its participants, shall cover its credit exposure to each participant using collateral, guarantee funds, equity (after deduction of the amount dedicated to cover general business risk) or other equivalent financial resources.

4.   A SIPS operator, including one operating a DNS system with no settlement guarantee, but in which participants face credit exposures arising from the SIPS payment, clearing and settlement processes, shall have in place rules or contractual arrangements with these participants. The rules or contractual arrangements shall ensure that the participants provide sufficient resources, as referred to in paragraph 3, to cover credit exposures resulting from the SIPS payment, clearing and settlement processes in relation to the two participants which, together with their affiliates, have the largest aggregate credit exposure.

5.   A SIPS operator shall establish rules and procedures to address losses directly resulting from defaults by one or more participants on their obligations to the SIPS. These rules and procedures shall address the allocation of potentially uncovered losses, including the repayment of any funds a SIPS operator may borrow from liquidity providers. They shall include the SIPS operator's rules and procedures concerning the replenishment of any financial resources used by the SIPS during a stress event, to the level laid down in paragraphs 3 and 4.’;

6.

Article 8 is replaced by the following:

‘Article 8

Liquidity risk

1.   A SIPS operator shall establish a comprehensive framework to manage liquidity risks posed by the SIPS's participants, settlement banks, nostro agents, custodian banks, liquidity providers and other relevant entities. The SIPS operator shall provide the participants with adequate tools to effectively manage their liquidity and shall monitor and facilitate the smooth flow of liquidity in the system.

2.   A SIPS operator shall put in place operational and analytical tools which enable it to identify, measure and monitor settlement and funding flows, including the use of intraday liquidity, on an ongoing and timely basis.

2a.   A SIPS operator operating a DNS system shall ensure that

3.   A SIPS operator shall hold, or ensure that participants hold, sufficient liquid resources at all times as from the moment financial obligations are established, in all currencies in which it operates, to effect same-day settlement of financial obligations in a wide range of potential stress scenarios. Where appropriate, this shall include intraday or multiday settlement. The stress scenarios shall include: (a) the default, under extreme but plausible market conditions, of the participant which, together with its affiliates, has the largest aggregate financial obligation; and (b) other scenarios in accordance with paragraph 11.

4.   A SIPS operator settling one-sided payments in euro shall hold, or ensure that participants hold, sufficient liquid resources, in accordance with paragraph 3, to effect timely settlement of financial obligations in the event of a default of the participant which, together with its affiliates, has the largest aggregate financial obligation as determined by paragraph 3(a), in any of the following ways:

5.   A SIPS operator settling one-sided payments in euro shall hold, or ensure that participants hold, additional liquid resources, in accordance with paragraph 3(b), in the ways referred to in paragraph 4 or with a creditworthy commercial bank in one or more of the following instruments:

All of these instruments must allow cash to be available within a timeframe that allows the completion of same-day settlement. In particular, the SIPS operator must be able to demonstrate that non-cash instruments are readily available and convertible into cash on a same-day basis using prearranged and highly reliable funding arrangements, including in stressed market conditions.

The SIPS operator shall be prepared to demonstrate to the competent authority, based on an adequate internal assessment, that the commercial bank is creditworthy.

6.   A SIPS operator settling two-sided payments, or one-sided payments in currencies other than euro, shall hold, or ensure that participants hold, sufficient liquid resources, in accordance with paragraph 3, in the ways referred to in paragraph 5.

7.   Where a SIPS operator supplements the resources referred to in paragraph 3 with other assets, these assets shall be likely to be marketable or acceptable as collateral (for, e.g., lines of credit, swaps, or repos) on an ad hoc basis following a default, even if this cannot be reliably prearranged or guaranteed under extreme but plausible market conditions. Where a participant supplements the resources referred to in paragraph 3 with other assets, the SIPS operator shall ensure that these other assets meet the requirements set out in the first sentence of this paragraph. Assets shall be presumed to be likely to be marketable or acceptable as collateral if the SIPS operator has taken into account the rules and practices of the relevant central bank on the eligibility of collateral.

8.   A SIPS operator shall not assume that emergency central bank credit will be available.

9.   A SIPS operator shall carry out due diligence to verify that each provider of the SIPS's liquid resources, as referred to in paragraph 3: (a) has sufficient and up-to-date information to understand and to manage the liquidity risks associated with the provision of cash or assets; and (b) has the capacity to provide cash or assets as required. The SIPS operator shall review its compliance with the due diligence obligation at least annually. Only entities with access to credit from the central bank of issue shall be accepted as liquidity providers. The SIPS operator shall regularly test the SIPS's procedures for accessing its liquid resources.

10.   A SIPS operator with access to central bank accounts, payment services or securities services shall use these services, where practicable.

11.   A SIPS operator shall, through rigorous stress testing, determine the amount and regularly test the sufficiency of its liquid resources to satisfy the requirements under paragraphs 3 and 4. In conducting stress testing, the SIPS operator shall consider a wide range of relevant scenarios, including one or more participant defaults on the same day and on two or more subsequent days.

When such scenarios are considered, the design and operation of the SIPS shall be taken into account and all entities that might pose material liquidity risks to the SIPS shall be examined, including settlement banks, nostro agents, custodian banks, liquidity providers and linked FMIs. Where appropriate, the scenarios shall cover a multiday period.

12.   A SIPS operator shall document its reasons for holding, and shall have appropriate governance arrangements relating to, the cash and other assets maintained by it or by participants. It shall establish clear procedures for reporting the results of its stress tests to the Board and shall use these results to evaluate the adequacy of and make adjustments to its liquidity risk-management framework.

13.   A SIPS operator shall establish clear rules and procedures enabling the SIPS to effect same-day and, where appropriate, timely intraday and multiday settlement of financial obligations following the default of one or more of its participants. These rules and procedures shall:

(*5)  Guideline (EU) 2015/510 of the European Central Bank of 19 December 2014 on the implementation of the Eurosystem monetary policy framework (ECB/2014/60) (OJ L 91, 2.4.2015, p. 3)."

(*6)  Guideline ECB/2014/31 of the European Central Bank of 9 July 2014 on additional temporary measures relating to Eurosystem refinancing operations and eligibility of collateral and amending Guideline ECB/2007/9 (OJ L 240, 13.8.2014, p. 28).’;"

7.

in Article 10, paragraph 1 is replaced by the following:

‘1.   A SIPS operator settling one-sided payments in euro shall ensure that final settlement takes place in central bank money. A SIPS operator settling payments for other SIPS shall endeavour to enable such other SIPS to settle even in emergency situations.’;

8.

Article 13 is replaced by the following:

‘Article 13

General business risk

1.   A SIPS operator shall establish robust management and control systems to identify, monitor and manage general business risks, including losses resulting from poor execution of business strategy, negative cash flows, or unexpected and excessively large operating expenses.

2.   A SIPS operator shall maintain a viable recovery and, except for Eurosystem SIPS, orderly wind-down plan as required under Article 5(4).

3.   A SIPS operator shall determine, based on its general business risk profile and the time required to achieve a recovery and/or orderly wind-down of its critical operations and services, the amount of assets required to implement the plan referred to in paragraph 2. This amount shall be no less than that represented by six months of current operating expenses.

4.   To cover the amount referred to in paragraph 3, a SIPS operator shall hold liquid net assets funded by equity, e.g. common stock, disclosed reserves or other retained earnings, to enable it to continue operations and services as a going concern. These assets shall be in addition to resources held to cover participant default or other risks covered under Articles 6 and 8. Equity held under international risk-based capital standards may be included to avoid duplicate capital requirements.

5.   Assets as referred to in paragraph 4 held to cover general business risk shall be of sufficient liquidity and quality to be available in a timely manner, and shall be segregated from the SIPS operator's assets used for daily operations. The SIPS operator shall be able to realise assets held to cover general business risk with little, if any, adverse price effect, to enable it to continue operations and services as a going concern if it incurs general business losses.

6.   A SIPS operator shall establish a viable capital plan for raising additional equity if its equity falls close to or below the amount referred to in paragraph 3.

7.   Paragraphs 3 to 6 shall not apply to Eurosystem SIPS.’;

9.

Article 15 is amended as follows:

10.

Article 16 is replaced by the following:

‘Article 16

Access and participation criteria

1.   A SIPS operator shall establish and publicly disclose non-discriminatory access and participation criteria to the SIPS's services for direct and, where relevant, indirect participants and for other FMIs. It shall review the criteria at least annually.

2.   The access and participation criteria referred to in paragraph 1 shall be justified in terms of the safety and efficiency of the SIPS and the markets it serves, and be tailored to and commensurate with the SIPS's specific risks. In compliance with the principle of proportionality, a SIPS operator shall set requirements that restrict access to the minimum possible extent. If a SIPS operator denies access to an applying entity, it shall give reasons in writing, based on a comprehensive risk analysis.

3.   A SIPS operator shall monitor participants' compliance with the SIPS's access and participation criteria on an ongoing basis. It shall establish non-discriminatory procedures to facilitate the suspension and orderly termination of a participant's right of participation where the participant fails to comply with the criteria and shall publicly disclose relevant key aspects of such procedures. It shall review the procedures at least annually.’;

11.

in Article 17, paragraphs 1 and 2 are replaced by the following:

‘1.   For the purpose of risk management, a SIPS operator shall ensure that the SIPS's rules, procedures and contractual arrangements allow it to gather information about indirect participation in order to identify, monitor and manage any material risks to the SIPS arising from participation. This information shall, as a minimum, cover the following:

2.   A SIPS operator shall identify material dependencies between direct and indirect participants that might affect the SIPS, taking into account the information referred to in paragraph 1.’;

12.

Article 21 is replaced by the following:

‘Article 21

Powers of a competent authority

1.   A competent authority shall have the power to:

2.   The ECB shall adopt a decision on the procedure and conditions for exercising the powers referred to in paragraph 1.’;

13.

the following Articles 21a and 21b are inserted:

‘Article 21a

Organisation of oversight activities

A competent authority may carry out continuous and/or ad hoc oversight activities to assess the compliance by a SIPS operator with the requirements set out in Articles 3 to 21 or to promote the smooth operation of payment systems at systemic level.

Article 21b

Confidentiality

Information shared by a SIPS operator with a competent authority on a confidential basis may be shared within the European System of Central Banks (ESCB). Such information shall be treated as confidential by the members of the ESCB, in accordance with the duty of professional secrecy laid down in Article 37.1 of the Statute of the ESCB.’;

14.

Article 22 is replaced by the following:

‘Article 22

Corrective measures

1.   Where a SIPS operator has not complied with this Regulation or where there are reasonable grounds for suspecting that a SIPS operator has not complied with this Regulation, the competent authority shall:

2.   Taking into account the information provided by the SIPS operator, the competent authority may impose corrective measures on the SIPS operator to remedy the non-compliance and/or avoid repeating it.

3.   The competent authority may impose corrective measures immediately if it finds that the non-compliance is serious enough to require immediate action. It shall provide reasons for its decision.

4.   A competent authority other than the ECB shall inform the ECB of its intention to impose corrective measures on a SIPS operator without undue delay.

5.   Corrective measures may be imposed independently of or in parallel to sanctions imposed under Council Regulation (EC) No 2532/98 (*7).

6.   The ECB shall adopt a decision on the procedure to be followed if corrective measures are imposed.

(*7)  Council Regulation (EC) No 2532/98 of 23 November 1998 concerning the powers of the European Central Bank to impose sanctions (OJ L 318, 27.11.1998, p. 4).’;"

15.

Article 23 is replaced by the following:

‘Article 23

Sanctions

In the case of an infringement of this Regulation, the ECB may impose sanctions. Such sanctions shall be in accordance with Regulation (EC) No 2532/98 and Regulation (EC) No 2157/99 of the European Central Bank (ECB/1999/4) (*8). The ECB shall adopt a decision on the methodology for the calculation of the amount of the sanctions.

(*8)  Regulation (EC) No 2157/99 of the European Central Bank of 23 September 1999 on the powers of the European Central Bank to impose sanctions (ECB/1999/4) (OJ L 264, 12.10.1999, p. 21).’;"

16.

Article 24 is replaced by the following:

‘Article 24

Review

The Governing Council shall review the general application of this Regulation by no later than two years following the date on which it enters into force, and thereafter every three years, and assess whether it needs to be amended.’.