Category: Publications

ECSDA details further the implementation of fails penalties

ECSDA details further the implementation of fails penalties

 

ECSDA makes public the responses to the practical questions on CSDR Cash penalties implementation. Cash penalties are required to be imposed by EU legislators and aim at increasing settlement efficiency rates.

You will see that this document will be updated regularly while some answers to the questions will continue to arrive and CSDs will advance further in their implementation. It represents a centralised view on the CSDs practices. (The advancements of CSDs’ views may be made available even quicker to their direct participants in CSD’s own communication.)

ECSDA response to practical CSDR penalties implementation questions

On 17 April 2020, ECSDA updates the CSDR Settlement Fail Penalties Framework.

It can be used by Central Securities Depositories (CSDs) and their participants as a market practice on how CSDs should develop harmonised settlement fail penalties mechanisms, under the CSD Regulation (EU 909/2014) and its standards. Although the document is meant to be evolving, along with the evolution of the views of the competent authorities on the matters under their review, it can be used by the CSDs and their participants to start developing IT systems to comply with CSDR Settlement Fail penalties-related requirements.

The ECSDA Framework can be found here.

 

Updated ECSDA CSDR Penalties Framework

Updated ECSDA CSDR Penalties Framework

On 29 January, ECSDA published the updated version of the ECSDA CSDR Penalties Framework.

This version of the ECSDA Framework is based on the comments received during the public consultation in the summer 2018, further deep reflection among CSD experts and includes the confirmation of some working assumptions by relevant European authorities.

The “ECSDA CSDR Penalties Framework”, is the effort of compliance with the CSD Regulation. It aims at harmonisation of settlement penalties mechanisms across CSDs subject to CSDR or (potentially) equivalent regulation. It intends to provide a clear, safe and efficient Framework for settlement penalties solutions of CSDs, both the ones that will be using T2S penalties mechanism and other CSDs.

This updated version of the document will be presented and discussed with the main stakeholders on 18 February in Frankfurt. If you have comments on the Framework and an interest to attend the event, please let us know and we will check, if the capacity allows us to invite you to join.

Updated version 17 April 2020

European CSDs welcome a clear ECB guidance on FMI Cyber resilience

European CSDs welcome a clear ECB guidance on FMI Cyber resilience

On 10 April 2018, the European Central Bank (ECB) launched a public consultation on the ECB’s draft report with proposed Cyber Resilience Oversight Expectations (CROE) for Financial Market Infrastructures (FMIs). The CROE includes the ECB’s expectations in terms of cyber resilience, based on existing global guidance. This paper constitutes ECSDA’s response to the consultation, focusing on the perspective of European Central Securities Depositories (CSDs). The draft report forms an excellent basis for improving cyber resilience of FMIs. It also supports FMIs in the implementation and operationalisation of the existing global guidance, i.e. the “Cyber Guidance” issued by the CPMI and IOSCO in 2016 as a complement to the 2014 Principles for Financial Market Infrastructures.
We are appreciative of the ECB fostering the principle of proportionality and taking a reasonable approach which will contribute to meaningful discussions between FMIs and their overseers, as:

  • The CROE correctly identifies that there should be a degree of flexibility when dealing with a heterogeneous group of FMIs. Even though a CSD is an FMI, there are substantial differences with other FMIs and amongst CSDs which justify a proportional approach.
  • The CROE is to be considered a set of practices that can contribute to an FMI’s compliance with the Guidance. We welcome the acknowledgement that the CROE is not put forward as a checklist of measures FMIs need to strictly comply with and that there is a graduation in the level of compliance to be reached.
  • The CROE is meant to be used as a reference document which has been aligned with global and international standards and frameworks. Global CSDs are governed by multiple overseers and thus confronted with a regulatory fragmented landscape. The CROE will contribute to supervisory convergence as it can be used as a single reference document across multiple jurisdictions.

Nonetheless, we believe that a few issues require further consideration by the ECB before the CROE is published in its final form. In particular:

  • The ECB’s oversight is limited to payment systems and T2S. For ‘other’ FMIs like CSDs, the ECB refers to the National Competent Authorities (NCAs) to decide how they will need to apply the CROE and what is the maturity level they expect the FMI to reach. This could open the door to more regulatory fragmentation for CSDs and an unequal level playing field depending on the views local authorities take. We would like to encourage the ECB to ensure further alignment with ESMA, to avoid that each NCA takes its own view on this matter.
  • We ask for greater alignment between the CROE and inherent risk assessment models, like the Cybersecurity Capability Maturity (C2M2) model. Concrete explanations are provided in the consultation’s feedback table. However, we would like to avoid that CSDs become exposed to multiple and divergent expectations from the NCAs depending on whether they align with CROE and/or other inherent risk models.
  • We have no doubt that Eurosystem will ensure that appropriate actions are taken to prevent a cyber-attack at the level of T2S. However, when speaking about CSDs, the CROE does not appear to consider the current situation of dependency of CSDs on the Eurosystem in terms of cyber security exposure and requirements.
  • The Eurosystem (as T2 and T2S provider) is a key provider to the CSDs and thus there is an important dependence to ensure an appropriate level of CSD cyber resilience. Particularly when an attack occurs at the level of the Eurosystem and directly or indirectly impacting securities transactions, the response, responsibilities and consequences for CSDs need to be cleared. In addition, there are further ramifications on the CSDs liability in view of the T2S Framework Agreement.
  • In our view it would be beneficial if CROE could clarify the expectations for regulated entities belonging to a group or being part of a corporation.

Detailed comments are provided in the consultation’s feedback table.

Please read the full consultation.

ECSDA views on the Future of European Post-Trade

ECSDA views on the Future of European Post-Trade

Recently, the European Commission has launched a consultation on the Future of European Post-Trade, based on the conclusions of the European Post Trade Forum (EPTF). European CSDs thank the European Commission for the constructive and effective discussions at the EPTF, in which they have been deeply involved. In addition to the insight provided in the report resulting from the forum, Central Securities Depositories (CSDs) note several trends in their immediate ecosystem which are important to post-trade more widely.

Read More Read More

CSD Factbook is now available

CSD Factbook is now available

The 2017 edition of the Factbook offers an up-to-date overview of the CSD landscape in Europe.
The Factbook describes the trends within the CSD industry and provides an overview of the evolution of individual ECSDA member-CSD services.

Read More Read More