The Bank of England’s approach to financial market infrastructure supervision

Foreword by the Deputy Governor, Financial Stability

The Bank’s mission is to ‘promote the good of the people of the United Kingdom by maintaining monetary and financial stability’ and Parliament has given the Bank a statutory objective to protect and enhance the stability of the financial system of the UK. It is for these reasons that we supervise UK financial market infrastructure (FMI).

The FMI firms (FMIs) that the Bank supervises are crucial to the smooth operation of the UK financial system and the broader economy. The services that they provide are used every day to enable financial institutions and their customers to make the payments that are critical to supporting economic activity, and to manage their risks more efficiently and effectively. The UK is a leading global financial centre and UK FMIs play a critical role internationally as well as in the UK. The way the Bank regulates and supervises FMIs plays an important part in delivering financial stability – by ensuring that the FMIs’ risk management and resilience frameworks enable them to carry out these essential functions in normal times and during times of stress.

The new statutory regulatory framework for UK FMI – the Financial Services and Markets Act 2023 (FSMA 2023) – represents a significant milestone in the Bank’s regulatory regime. It grants us a wide-ranging rule-making power in relation to central counterparties (CCPs) and central securities depositories (CSDs) in order to deliver our primary objective of financial stability. The FSMA framework also introduces a secondary objective to facilitate innovation in the provision of CCP and CSD services subject to advancing the primary financial stability objective. Consistent with these new powers, the requirement establishes robust safeguards – including a new statutory FMI Committee – to ensure that we apply our new powers in a transparent and accountable manner. The framework will allow us to ensure that regulation for CCPs and CSDs is responsive, remains consistent with the highest international standards, evolves in response to current events and, crucially, supports our supervisory approach.

While the focus of this publication is on supervision rather than policymaking, this will happen against a backdrop of changes to our approach to policymaking in response to this reform, including enhanced accountability arrangements to Parliament and how we will deliver the new secondary innovation objective given to the Bank under FSMA 2023.

The Bank’s approach to supervision continues to be underpinned by four core principles: our supervisors rely on judgement in taking decisions; we assess firms not just against current risks, but also against those that could plausibly arise further ahead; we focus on those issues and firms that are likely to pose the greatest risk to our objectives; and we apply proportionality to ensure that our interventions do not go beyond what is necessary in order to achieve our objectives.

In light of experience, and the new powers and responsibilities set out in FSMA 2023, we have aimed to make our approach more risk-based and flexible, updated our potential impact and risk assessment frameworks so that they can better accommodate the risks we now face, made greater use of horizontal supervisory work to assess the risks posed across sectors, and continued to embed the use of horizon scanning to identify areas of potential vulnerability.

In recent years market volatility and banking sector stresses in the UK and internationally have also underlined the importance of having resilient FMIs that support financial stability both in the UK and abroad. As such, we continue to work closely with relevant international authorities to facilitate effective supervision and policymaking by exchanging information and minimising duplication.

Overall, this publication is intended to provide an articulation of what we think effective supervision looks like, and how we intend to deliver it. The financial services sector and the context within which we supervise are constantly changing, and we will continue to evolve our approach in response to this. Therefore, this publication will likely evolve over the next decade. However, we are confident that the essential ingredients will endure. Continuing to deliver strong, effective supervision of FMIs will be critical to supporting financial stability and safe innovation, now and in the future.

Sarah Breeden

November 2024

Introduction

The Bank of England is responsible for supervising certain financial market infrastructure in the UK.

This publication sets out the Bank of England’s (the Bank’s) approach to the supervision of financial market infrastructure and specified service providers (referred to interchangeably in this publication as FMI/s or firm/s). This publication serves two purposes. First, it enables regulated FMIs, firms considering undertaking regulated activity, the wider financial system and stakeholders in the UK and other countries to understand the Bank’s supervisory approach. Second, it aids the Bank’s accountability to the public and Parliament by describing what the Bank seeks to achieve and how it intends to achieve it. It sits alongside the Bank’s requirements and expectations as published in the Bank’s policy publications as well as the rules, standards and codes of practice that FMIs are subject to.

This publication replaces the document ‘The Bank of England’s approach to the supervision of financial market infrastructures’ which was published in April 2013 and ‘The Bank of England’s supervision of service providers to recognised payment systems’ as set out in Annex 1 to ‘The Bank of England’s supervision of financial market infrastructures – Annual Report (For the period 23 February 2017 – 20 February 2018)’ published in February 2018.

This publication acts as a standing reference which the Bank intends to update as necessary to ensure it remains current. It may be revised and reissued in response to significant legislative and other developments that result in changes to our approach.

1: The Bank’s objectives and legislative framework

The Bank supervises a range of FMIs as part of its objective to protect and enhance the stability of the financial system of the United Kingdom. There are different statutory regimes for different types of FMIs.

FMIs and the stability of the UK financial system

FMIs are crucial to financial stability. They provide critical services that allow individuals, businesses and financial institutions to transact with each other. Disruptions to these services can have consequences that affect the entire financial system. As such, the Bank’s supervision of FMIs is aimed at ensuring that FMIs are prepared for, and resilient to, the wide range of risks that they could face, so that they are able to absorb rather than amplify shocks and able to continue to serve UK households and businesses.

The Bank supervises three broad categories of FMIs: central counterparties (CCPs), central securities depositories (CSDs) and recognised payment system operators (RPSOs). In addition, the Bank supervises some service providers to RPSOs. These firms are collectively referred to as FMIs in this publication. The firms all provide different services to support the financial system: CCPs act as a central counterparty for financial market transactions, CSDs ensure the transfer of securities and payments after trading, and RPSOs and their service providers enable vital funds to be transferred between businesses and individuals on a daily basis. In the UK, CCPs clear trillions of pounds worth of notional outstanding of financial contracts, CSDs settle around £800 billion of securities transactions per day, and RPSOs and their service providers facilitate payments of over £400 billion daily.^{footnote [1]}

The primary purpose of CCPs is to manage counterparty credit risk. Counterparty credit risk is the risk that one party to a contract ‘defaults’ and cannot meet its obligations under the contract. This can lead to a loss for the counterparty on the other side of the contract. If those losses are severe enough, they may cause the affected party financial distress which, in turn, can have a knock-on effect for its creditors. CCPs manage counterparty credit risk in the financial system by placing themselves between the buyer and seller of an original contract. If a member defaults, the surviving members are exposed to the CCP, rather than directly to the defaulter. To ensure those obligations can be fulfilled, CCPs have centralised and predictable default management and loss allocation mechanisms, which provide the market with greater certainty that significant counterparty credit losses will not spread. CCPs also increase efficiency and confidence in the market by enabling netting of transactions across multiple participants and through standardised margin practices, and by doing so support the economy including in times of stress. CCPs therefore play a critical role in managing potential contagion and sources of systemic risk.^{footnote [2]} As a consequence of clearing trades centrally, as well as the financial requirements that CCPs place on their members, CCPs are themselves crucial nodal points in the financial network and are highly interconnected to other financial institutions. For this reason, it is important for CCPs to manage properly both risks to themselves and risks that their activities may pose to the markets they serve.

CSDs provide legal certainty to market participants by keeping accurate records of ownership of securities. They enable securities to be transferred and settled according to a set of predetermined multilateral rules. Through efficient sequencing of settlement obligations, CSDs can minimise the intraday borrowing needs of settlement members, releasing cash into the broader financial system, which can be reinvested or used to support activity in the real economy. Importantly, CSDs also provide settlement finality in securities transactions, giving legal certainty over payments and security transfer orders even if an instructing party becomes insolvent or if there is another form of disruption to a transfer. This supports the stability and efficiency both of the CSD itself and the broader financial system. As a result, disruption at a CSD could directly impact participants’ ability to manage liquidity and settlement risk (the risk that one party to a transaction fails to deliver the agreed asset or funds), which could in turn have knock-on impacts on other financial market participants and market liquidity more broadly.

Payment systems are entities that facilitate funds to be transferred between businesses, between individuals, and between businesses and individuals. Similar to CSDs, payment systems are vital to mitigating settlement risk and also provide settlement finality in monetary transactions. Those payment systems that could significantly impact the UK financial system or economy are formally ‘recognised’ by HM Treasury (HMT) as RPSOs in light of their systemic importance.^{footnote [3]} Given how interwoven these RPSOs are into the UK economy (and in some cases, globally), they have the potential to threaten the stability of, or confidence in, the UK financial system if their operations were to be disrupted for financial or operational reasons. A significant disruption at a RPSO would have considerable impacts for individuals and businesses, for example not receiving salaries or being unable to make mortgage payments. If there was no practicable substitute in the near term, this disruption could become a channel of contagion, affecting participants within that system or financial markets more broadly.

The Bank also supervises certain service providers to recognised payment systems that are specified by HMT (SSPs), where the recognised payment system has outsourced critical parts of its operations to the service provider and the ability of the recognised payment system to deliver its responsibilities depends on the functioning of the service provider. This is separate to, and distinct from, the Bank, Prudential Regulation Authority (PRA) and Financial Conduct Authority’s (FCA) responsibility for supervising certain critical third parties which does not fall within the remit of this publication; more information on the critical third party regime is set out in Box D.

Since FMIs centralise risk and provide the primary mechanisms that enable financial transactions to happen, their resilience is critical to the safe, stable, and correct functioning of financial markets. Significant disruption or operational outages at an FMI could be a major cause of financial instability to the ecosystem in which they operate, and possibly more widely, given their centrality to the financial system and the wider economy. An FMI’s failure to manage financial resilience could make them act as amplifiers in spreading contagion as transactions would not be able to be cleared or settled which would directly impact the credit and liquidity positions of participants within their ecosystem and more widely. Due to the centralised nature of FMIs and the liquidity and cost benefits to users of operating at scale, there are currently only a few CCPs, CSDs and RPSOs, with limited alternative providers or substitutability. This means that the economic costs of financial failure or severe operational outages could be very high. FMIs therefore operate in a highly regulated environment to ensure their resilience. FMI regulation and supervision aim to make FMIs extremely resilient, predictable, and able to recover effectively from incidents should they occur, or to mitigate the broader risks to financial stability where they cannot recover. Our regulatory framework safeguards the financial and operational resilience of FMIs so that they can achieve their role of reducing risks to financial stability rather than transmitting or amplifying them, especially in times of stress.

While the Bank recognises that it may not be possible to avoid all instances of FMI failure or service disruption, the Bank aims to be able to manage any disruption that presents a threat to financial stability. This includes enhancing the Bank’s preparedness to support recovery, resolution, or other firm-specific or market-wide actions that may need to be taken to mitigate the financial stability risks of disruption at an FMI.

Some FMIs that provide critical services in the UK are based in the UK, while some provide services from outside the UK. Similarly, some FMIs based in the UK also provide critical services to other countries. The Bank recognises the importance of taking a consistent and international approach to supervising FMIs, both where the Bank is the ‘home authority’ for FMIs systemically important in other countries and as a ‘host authority’ for non-UK FMIs providing critical services in the UK. In both cases, the Bank seeks close co-operation with international regulators and aims to rely on the supervision of a home authority where possible for non-UK FMIs.

The Bank’s primary objective

The Bank has statutory responsibilities in relation to FMIs as part of its objective to protect and enhance the stability of the financial system of the United Kingdom.

The Bank seeks to ensure that the CCPs, CSDs and RPSOs it regulates reduce systemic risk by:

1. avoiding disruption to the vital payment, settlement, and clearing services they provide to the financial system and to the real economy;
2. avoiding actions that have an adverse impact on the safety and soundness of their members, subject to preserving the resilience of the FMI; and
3. contributing to identifying and mitigating risks in the end-to-end process of making payments, clearing and settling securities transactions, and clearing derivatives trades. For the purposes of this publication, the Bank considers this to be the FMI’s ecosystem and expects FMIs to seek to manage their ecosystems in line with the Bank’s financial stability objectives.

Where necessary to achieve (1), the Bank additionally regulates certain other firms regarding the critical services they provide to RPSOs.

The Bank’s secondary objective

FSMA 2023^{footnote [4]} introduced a secondary objective for the Bank in its FMI functions^{footnote [5]} in relation to CSDs and CCPs. Pursuant to this new objective, in exercising its FMI functions, the Bank must, as far as reasonably possible, facilitate innovation in the provision of CCP and CSD services with a view to increasing the quality, efficiency, economy of FMI services. This is a secondary objective, meaning that it is subject to the Bank advancing its primary objective to protect and enhance the stability of the financial system of the UK.

The Bank’s secondary objective does not apply when making individual supervisory decisions for a firm. However, it does apply when determining the general principles under which it performs particular functions, including its supervisory approach. For example, one of the core principles of the Bank’s approach to supervision is proportionality, which means that the intensity of our supervisory activity varies depending on the risks posed by each firm. This approach supports innovation, by ensuring we take a proportionate approach to assessing and engaging in supervisory activity with new firms or technologies (see Box K).

The Bank expects and encourages FMIs to innovate and believes that innovation can actively support financial stability. The Bank’s role is to facilitate innovation and to apply a proportionate regulatory regime to FMIs that is outcome focused and technology neutral, making space for the Bank’s financial stability objective to be achieved in different ways.

Working on innovation is not new to the Bank, and as a general principle the Bank seeks to ensure that, even where new technologies or processes are used, the same risk results in the same regulatory outcome. In other words, where FMIs using new technologies pose similar risks as other FMIs, they should be subject to equivalent regulatory standards and oversight to achieve similar outcomes. The Bank is learning from its existing innovative FMI initiatives, including the creation of the Digital Securities Sandbox with the Financial Conduct Authority which allows innovations to be tested in a safe environment before scaling, and is one way to have a proportionate regime that reflects the different levels of risk posed (see Box L).

The Bank provides updates on how it is embedding the secondary innovation objective in its annual report on the supervision of FMIs.

Have regards

There are some principles which the Bank must ‘have regard’ to when exercising certain FMI functions in relation to an FMI entity. Similar to the secondary objective on innovation, have regards do not apply when making supervisory decisions regarding individual FMIs but do apply to the Bank’s supervisory approach.

As noted above, the Bank is required to act in a way that advances its primary and, subject to that, secondary objectives. When advancing those objectives, it must have regard to various principles but may decide in each case how much weight to give to each of them, provided it does consider all of them. Have regards do not take precedence over the Bank’s primary and secondary objectives.

The legislative framework

The Bank has legal powers to supervise FMIs, including with respect to their safety and resilience to risks, both financial and operational, which could lead to financial instability. This supervision takes place within the context of wider FMI-related policymaking which contributes to developing the regulatory framework and clear supervisory expectations for FMIs.

The Bank regulates FMIs in accordance with a statutory framework which includes the Banking Act 2009 (BA09), the Financial Services and Markets Act 2000 (FSMA 2000), and retained EU law, such as the European Market Infrastructures Regulation (EMIR) and Central Securities Depositories Regulation (CSDR). FMIs may also be designated to obtain protection from certain insolvency challenges under the Settlement Finality Regulations (see Section 2).

In 2012, the Bank of England adopted the ‘Principles for Financial Market Infrastructures’ (PFMI) that were developed by the Committee on Payment and Settlement Systems (CPSS) – now called the Committee on Payments and Market Infrastructures (CPMI) – and the International Organization of Securities Commissions (IOSCO).^{footnote [6]} The Bank’s supervisory approach is based on, and consistent with, these Principles. The PFMI are international standards for addressing risks and efficiency in FMIs and outline general responsibilities of relevant authorities. The PFMI capture a number of areas, including governance financial risk management and operational risk management.

Fundamental rules (under consultation)

Alongside this publication, the Bank has published a consultation on Fundamental rules for FMIs. The proposed rules, once finalised and adopted subsequent to the consultation, are intended to apply to UK CCPs, UK CSDs, UK RPSOs, and UK SSPs that the Bank supervises and will be a set of high-level requirements on FMIs covering the full range of the regulatory framework.

The intention of the proposed rules is to support financial stability, through addressing any potential underlaps in the regulatory framework, as well as enhanced supervisory effectiveness, through transparent and clear regulatory outcomes that the Bank seeks to achieve. It is also intended that, once finalised and adopted, the rules will support the secondary innovation objective through supporting firms’ understanding of the regulatory framework in which they operate. This will support FMIs’ ability to consider how they might innovate within the regulatory framework in order to achieve better outcomes and greater resilience within the system.

2: High-level principles for advancing the Bank’s objectives

To advance the Bank’s objectives, the Bank’s supervisory approach follows four key principles. They are: i) judgement based; ii) forward looking; iii) focused on key risks; and iv) proportionate.

Judgement-based

The Bank’s approach relies significantly on judgement. Supervisors reach judgements on the risks that an FMI is running as it undertakes its business, the risks to the ecosystem, the risks that it poses to our objectives, and how to address any problems or shortcomings.

The Bank’s supervisory judgements are based on evidence and analysis. It is, however, inherent in a forward-looking system that, at times, the Bank's supervisory judgement will be different to that of an FMI. Indeed, given the Bank’s financial stability objective, the Bank’s risk appetite may differ from that of the FMI, and so the Bank may require an FMI to take action to reduce financial stability risks which differs to the actions that the FMI might take of its own accord. Furthermore, there will be occasions when events will show that the Bank’s supervisory judgement did not produce the desired outcomes. To minimise such occurrences, the Bank’s strategies and judgements are subject to regular review by those independent from supervising the firm in question, and major judgements and decisions involve the Bank’s most experienced and senior staff and directors. This includes processes such as the Annual Risk Reviews (ARR)^{footnote [10]} (see Setting supervisory strategies in Section 4)

The Bank engages with the boards and senior management of firms in forming its judgements, using this dialogue both to ensure that supervisors take account of all relevant information, and to clearly communicate the rationale for them. Firms should not, however, approach their relationship with supervisors as a negotiation.

Forward looking

The Bank’s approach is forward looking. The Bank assesses FMIs not just against current risks, but also against those that could plausibly arise further ahead for the firm and the ecosystem in which it operates. And where the Bank judges it necessary to intervene to mitigate risks, it seeks to do so at an early stage. To support this, firms should be open and straightforward in their dealings with supervisors, taking the initiative to raise issues of possible concern at an early stage. Supervisors will respond proportionately. In this way, trust can be fostered on both sides.

Focused on key risks

The Bank focuses its supervision on those issues and those FMIs that, in the Bank’s judgement, pose the greatest risk to the stability of the UK financial system. Consistent with the Bank’s objectives, the Bank aims to concentrate on material issues when engaging with firms. As outlined further in Section 3, the Bank’s assessment of the risk that any FMI poses will take into account both the gross risk derived by their relative scale, complexity and business model, and any mitigating factors and controls that have been put in place.

All FMIs will be subject to a set of baseline supervisory processes and activities, the frequency and depth of which are proportionate to the potential impact of a firm on financial stability. Where an FMI is out of tolerance against risk elements in our risk framework, supervisors may undertake additional supervisory activity and/or will require the FMI to take remedial action.

Proportionate

Consistent with the focus on the greatest risks set out above, the Bank seeks to ensure that the frequency and intensity of its supervision is proportionate to the risk that a FMI poses to the Bank’s objectives. This takes into account the scale and complexity of the FMIs that are being supervised and the ecosystems in which they operate.

Other elements which support our approach to supervision

Data-related capability

The Bank uses data that it collects directly from FMIs and elsewhere as an important input to ensure that supervisory actions and decisions are informed by the best available data, analysis and intelligence in order to support the Bank’s broader financial stability objective.

The Bank aims to achieve four broad outcomes in its collection and use of data: (i) to utilise data and analysis to support the supervisory approach; (ii) to be able to identify system-wide risks and facilitate effective crisis management responses; (iii) to proactively monitor data to spot trends and identify risks to firms, their participants and their wider ecosystem and; (iv) to make relevant data available to other parts of the Bank to support broader initiatives (see Box E).

To do this, the Bank needs to increase the value of the data it collects by closing data gaps, sharing data effectively with relevant parties^{footnote [11]} and by enabling safe and effective innovation, including artificial intelligence. The Bank is expanding its technical capability to make the best use of the data it collects and is continuing to work alongside international counterparts on the harmonisation of data standards.

International co-operation

Some FMIs may operate across borders for various reasons such as to support global markets, efficiency or to enhance risk management through netting exposures across jurisdictions. The Bank supervises certain UK FMIs and some non-UK FMIs that provide services to the UK or have UK participants. Additionally, around half of the UK FMIs supervised by the Bank are also systemically important in other countries. This means that international co-operation is central to the Bank’s approach to supervising FMIs.

International co-operation is a fundamental component of the Bank’s supervisory approach, reflecting the cross-border nature of FMIs. Cross-border infrastructure can support financial stability, for example by allowing financial market participants to benefit from global pools of liquidity and to hedge their risk in the broadest possible markets. Maintaining the resilience of cross-border financial infrastructure requires deep co-operation that gives regulators in both ‘home’ and ‘host’ jurisdictions assurance that cross-border infrastructure will be secure and reliable both in ‘business as usual’ and during times of stress. Where FMIs are licensed in multiple jurisdictions, the Bank recognises the importance of working in close co-operation with counterpart regulators to avoid overlap and to improve outcomes. It is equally crucial that supervisory co-operation does not become counterproductive as a result of conflicting, overlapping or confusing directions for firms, particularly in a crisis.

In its international co-operation, the Bank seeks to model the guidance within ‘Responsibility E’ of the PFMI that sets out how to co-operate effectively with other authorities in order to support each other in fulfilling respective mandates with respect to FMIs.

The international co-operation agreements that the Bank has established facilitate deep supervisory co-operation, ensuring clear and stable reciprocal arrangements for supervising cross-border FMIs. The Bank was the first supervisor to establish supervisory colleges for CCPs and an international card scheme. The Bank has also established crisis management groups (CMGs) for CCPs which provide a framework for authorities to plan crisis management measures (including orderly resolution) for CCPs that are judged to be systemically important in more than one jurisdiction. Our international co-operation is supported by Memoranda of Understanding (MoUs) that the Bank has with a wide range of authorities in other jurisdictions which aim to facilitate information sharing, joint reviews and best practice to allow authorities to deliver their mandates while reducing the burden on supervised firms.

Sections 3 and 4 provide more details on the Bank’s approach to supervising UK FMIs, including how the Bank engages with non-UK authorities that have an interest in a UK FMI. Section 5 sets out the Bank’s approach to supervising FMIs that are not domiciled in the UK but have operations in the UK or have UK participants. The Bank’s aim in both approaches is to protect and enhance the financial stability of the UK while having regard to the potential impact of the Bank’s actions on other countries in which the FMIs provide services.^{footnote [12]}

The Bank has additionally continued to be a substantial contributor to a broad range of international FMI policy workstreams designed to make FMIs more resilient and less likely to amplify risks during episodes of volatility.

Settlement Finality Regulations

The Bank is also responsible for designating systems^{footnote [13]} for the purposes of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (as amended) (SFRs). The SFRs seek to reduce the risks associated with participation in these systems by minimising the disruption caused by insolvency proceedings brought against a participant in such a system. They do this by protecting the system rules on the irrevocability of instructions for settlement and payments against challenge by insolvency practitioners.

System operators of both UK and non-UK CCPs, CSDs and payment systems can apply for settlement finality designation under the SFRs; and in determining whether to make a designation order, the Bank will have regard to systemic risks.

Following designation, the system operator must provide the Bank with certain information or notify it of certain changes as set out in the SFRs.^{footnote [14]} This is to satisfy the Bank that the requirements for designation continue to be met and to verify that in such manner as the Bank may specify. The Bank uses its power under the SFRs to require designated systems to provide an annual attestation that the SFRs’ requirements are met. System operators are also required to notify the Bank of changes to the system’s:

• default arrangements;
• rules relating to matters dealt with the SFRs; and
• participants (for UK law systems) or the system’s UK participants (for non-UK law systems).

Supervised FMIs that operate a recognised or designated payment system may use the same Bank point of contact for their notification obligations under the SFRs as for supervisory matters.

3: Identifying risks to the Bank’s objectives

Aligned to the principle of proportionality, the intensity of the Bank’s supervisory activity varies depending on the risks posed by each firm. In order to identify and assess these risks, the Bank uses a standardised risk assessment framework. This framework enables supervisors to focus on the biggest risks to financial stability and provides a common approach to reaching supervisory judgements.

The Bank’s risk model for supervising FMIs

The Bank takes a structured approach when forming judgements. To do this, the Bank uses a risk model (Figure 1). The model consists of individual elements which assess the risk posed by FMIs to the Bank’s financial stability objectives, assessing gross risk and mitigating factors. The starting point is to assess the ‘gross risk’ (risk inherent to the FMI’s business) by assessing the potential impact an FMI has on the stability of the UK financial system, the external context that the FMI is exposed to, and its business model. This is then overlaid by assessing ‘mitigating factors’ ie how effectively these risks are mitigated by the FMI.

Potential systemic impact

Supervisors begin any FMI’s risk assessment with the potential systemic impact assessment in which supervisors assess the significance of an FMI to the stability of the UK financial system. This ‘potential systemic impact’ reflects an FMI’s potential to adversely affect the stability of the financial system by failing, coming under operational or financial stress, or because of the way in which it carries out its business. The potential systemic impact does not include an assessment of the likelihood of such an event occurring, as this is considered in the next phase of the risk model.

The FMI potential systemic impact categories are described as follows:

• Category 1 – most significant systems which have the capacity to cause very significant disruption to the financial system by failing or by the manner in which they carry out their business.
• Category 2 – significant systems which have the capacity to cause some disruption to the financial system by failing or by the manner in which they carry out their business.
• Category 3 – systems which have the capacity to cause, at most, minor disruption to the financial system by failing or by the manner in which they carry out their business.

Following the potential systemic impact score calculation, supervisors consider a series of further risk elements under gross risk and mitigating factors to assess the likelihood of an event disrupting the financial system occurring.

Risk model elements: Gross risks

External context

External context encompasses factors outside the control of the firm that have the potential to pose a risk to the firm and the firm’s ecosystem, including risks arising from the political and/or macroeconomic environment. Supervisors’ assessment therefore includes consideration of system-wide risks, such as general economic and market conditions or the political and physical environment, and sectoral risks such as operational risks arising from concentration of outsourcing within a sector or changes in regulatory requirements.

Supervisors draw on work by other areas of the Bank, including the views of the FPC on the macroprudential environment. Supervisors also consider actions by other regulators that might materially affect the systemic risk posed by an FMI.

Business risk

Business risk focuses on the FMI’s business model, strategy, the complexity and inherent risk of the market that it serves, and its operating model (including its group structure). The analysis includes an assessment of where and how an FMI generates income, its financial performance against its plan, and the risks it takes and whether this remains within its own risk appetite. Changes to the FMI’s business model, including major change projects or plans for new business lines, form part of the assessment.

Supervisors also consider the FMI’s relationship with its parent or group, including any group companies on which it depends, as well as the structure and dynamics of its ecosystem. Box G gives further detail on the Bank’s supervision of FMIs that form part of groups.

Risk model elements: Mitigating factors

Management and governance

Management and governance covers the effectiveness of the FMI’s Board and senior management in managing the firm prudently, consistent with regulatory requirements, expectations and the Bank’s financial stability objective. The management and governance of an FMI is critical to its safe and effective operation. The Board of an FMI sets its overall strategy and is ultimately responsible for it meeting its regulatory requirements and managing its risks effectively. For CCPs, CSDs and RPSOs, this includes responsibility for consideration of systemic risks. The Bank places a strong emphasis on ensuring that FMIs’ Boards are appropriately structured and have the right skills to carry out these roles effectively, including holding the executive to account.

Supervisors do this through assessment of the composition, design and effectiveness of the firm’s Board, and whether the firm’s senior management are competent, fit and proper, and set an appropriate risk culture. Supervisors do not have any ‘right culture’ in mind when making assessments; rather, supervisors focus on whether internal decisions and practices are challenged, and whether action is taken to address risks on a timely basis. FMIs should demonstrate that incentives and reward policies and practices for senior executives do not create pressure to prioritise revenues, market share and profit over systemic risk management objectives.

Supervisors assess key individuals at a firm on an ongoing basis through engagement with firms or specific governance reviews (see Baseline supervisory activity in Section 4) and through the Bank’s review of significant change process when firms make new appointments (see Box I).

Risk management and controls

Risk management and controls encompasses a firm’s oversight and control of its risks. This includes both setting and articulating an appropriate risk appetite and ensuring that appropriate systems and controls are maintained to manage risk at an operational level within the established risk appetite.

Firms should have robust frameworks for risk management, including for financial and operational risks. A robust risk management framework will allow firms to effectively identify, measure, monitor, manage and report risks. Competent and, where appropriate, independent control functions should oversee these frameworks. Boards should ensure they receive adequate and timely information on key risks and deviations from the firm’s agreed risk appetite to enable them to monitor and challenge executive management.

When assessing risk management and controls, supervisors assess both the risk management of the FMI itself and how the FMI fulfils its role in ensuring effective risk management in the markets they serve. For example, for CCPs, CSDs and RPSOs supervisors consider how the standards the FMIs place on their participants and members improve both the robustness of the FMI and the system more widely. Supervisors also expect these FMIs to monitor the positions and customers of its members as part of its risk management.

Operational resilience

Operational resilience considers the ability of an FMI to prevent, detect, respond to, recover and learn from operational disruptions. The Bank expects FMIs to observe high standards in the management of operational risks.

The Bank’s focus on operational resilience is on the delivery of the important business services that an FMI’s members or participants, and the wider economy rely, upon. As part of this, the Bank expects FMIs to develop impact tolerances that acknowledge that disruptive events will happen. FMIs need to be able to remain within their set impact tolerances for a wide range of extreme but plausible scenarios. Where the impact tolerance cannot be met for an important business service under extreme but plausible scenarios, the Bank expects the FMI to have defined remedial actions or investments to ensure impact tolerances can be met in future.

In order to reach judgements on an FMI’s operational resilience, supervisors consider a number of areas, including but not limited to: change management; outsourcing and third party management; cyber resilience; incident management; and business continuity and disaster recovery.

The Bank has published expectations and requirements for FMI outsourcing and third party management, including intragroup and cloud outsourcing. This sets expectations in governance and record keeping, pre-outsourcing, outsourcing agreements, data security, audit rights, sub-outsourcing, and business continuity and exit plans. In line with the Bank’s proportionate approach, these expectations vary depending on the FMI’s size and activity.

Cyber resilience is an important aspect of a firm’s wider operational resilience. This includes firms’ governance arrangements, understanding of cyber risks, and incident response and recovery capabilities. CBEST^{footnote [15]} is a framework to deliver controlled, bespoke, intelligence-led cyber security tests, and it plays an important part in the assessment of cyber resilience. In 2015, the FPC recommended that firms at the core of the UK financial system complete CBEST tests and adopt individual cyber resilience action plans. The Bank works in consultation with international regulatory bodies to align supervision of cyber resilience frameworks where possible to maintain consistency in supervision across relevant jurisdictions.

Firms’ operational resilience is the responsibility of their boards. The Bank expects them to have clear lines of accountability for their operational resilience and to be responsible for the internal operations and technology of the firm. The Board should ensure there is sufficient challenge to the executive and that it has access to people within the business with appropriate technical skills.

Financial resilience

Financial resilience is an assessment of both the firm’s own financial resources and, for FMIs other than SSPs, whether the FMI appropriately manages financial risks within its ecosystem, subject to preserving the resilience of the FMI.

The nature of the financial risks an FMI faces will depend on the type of FMI and the activities it undertakes, and the Bank’s assessment of financial resilience will vary accordingly. For example, CCPs have a specific function of allocating default losses to other participants and so financial resilience for CCPs includes ensuring they have appropriate models and procedures in place to ensure they hold appropriate financial resources (eg hold sufficient collateral) to carry out this function. Similarly, supervisors assess whether RPSOs have appropriate resources and procedures to minimise any financial risks that may arise from the services they provide to their participants. For example, depending on the RPSO’s approach to mitigating settlement risk, a RPSO may guarantee settlement of the transactions it processes and thereby take on credit risk. As part of its financial resilience assessment, the Bank considers how FMIs are measuring, monitoring, managing and reporting such risks.

In order to reach judgements on a FMI’s financial resilience, supervisors consider a number of areas, including but not limited to: capital; liquidity; and financial recovery. Where relevant, financial resilience also considers, among others: initial margin and default fund; firm’s stress testing; collateral; and investment management. CCPs are also subject to the Bank’s supervisory stress test (see Box H). Supervisors will consider how a firm’s approach to these areas impact both the financial resilience of the firm and of the ecosystem.

Supervisors consider a firm’s financial resilience as a whole, acknowledging FMIs can ensure financial resilience through different approaches and that there may be trade-offs between ensuring the financial strength of the FMI and its ecosystem. The Bank also expects FMIs to demonstrate that they are managing risks through the cycle without introducing excessive procyclicality. Whatever its approach, an FMI must be able to demonstrate sufficient financial resilience in a wide range of severe but plausible stresses, both market wide and firm specific.

As with operational resilience, an FMI’s financial resilience is the responsibility of its Board. Supervisors evaluate whether FMIs have clear lines of accountability for their financial resilience. In assessing firms’ Boards, supervisors consider whether there is sufficient challenge to the executive and whether the Board has access to people within the business with appropriate technical skills.

Preparedness for disruption

As set out above, the Bank assesses all FMIs to seek to ensure that they are operationally and financially resilient to continue to provide their important business services under a range of adverse scenarios. This is, though, not expected to avoid all instances of FMI failure or service disruption. Given the systemic importance of FMIs, the Bank also considers it important to prepare to mitigate any financial stability impacts in an eventuality that an FMI is not able to continue to provide their important business services.

The final risk element in the risk model (preparedness for disruption (PfD)) therefore assesses the extent to which the FMI has taken appropriate actions to support the Bank in being adequately prepared to mitigate impacts on financial stability in the event of the FMI being unable to recover from a financial or operational failure. This risk element is not intended to assess the probability or impact of such a disruption but will consider the firms’ preparedness to enable the Bank to mitigate the impact of the disruption should it occur.

The objective is not to avoid all instances of FMI failure or service disruption, but to ensure the Bank is prepared to minimise any impact to financial stability by taking appropriate firm-specific or market-wide action in the event of disruption to important business services provided by an FMI. This recognises that the systemic nature of FMIs can result in disruption at one firm having a much broader ecosystem-wide impact which may require additional market-wide intervention by the relevant authorities in order to mitigate risks to financial stability. This does not negate the responsibility of individual FMIs to consider and actively manage risks to the broader ecosystems themselves.^{footnote [16]}

As mentioned, the Bank primarily seeks to ensure FMI’s resilience to financial failure through the requirements it places on firms to manage and mitigate financial risks to the firm. However, these safeguards are not fail-safe. Therefore, there are statutory regimes in place to enable the Bank, in co-ordination with other authorities such as the FCA and HMT, to act and manage the financial failure of the relevant FMI, including the CCP Resolution Regime, and the FMI Special administration regime. These regimes are designed to allow for FMIs’ critical functions to continue where a firm fails or is at risk of failing, and through maintaining continuity of critical functions,^{footnote [17]} promote confidence in the UK financial system. The Bank’s ability to implement these regimes effectively depends on firms being sufficiently prepared to support the Bank in taking these actions.

The same concept of preparing to mitigate disruption, and in particular potential impacts on broader financial stability, is also relevant to operational disruptions. This builds on the recognition within the Bank’s operational resilience policy that, although successful implementation of the policy requirements should minimise instances of disruption, it could still occur in some scenarios.^{footnote [18]} In these instances, given the systemic importance of FMIs to the broader financial system, the Bank should be prepared to respond to mitigate risks to financial stability should they occur. As with financial resilience, the Bank’s ability to achieve this objective may depend on firms being sufficiently prepared to support the Bank in taking appropriate actions. The Bank considers this to be in line with effective risk management and the consideration of financial stability risks in FMI decision-making, as set out in Explanatory Note 3.2.2 of the PFMI.^{footnote [19]}

In practice, this may be achieved through firm-specific or market-wide actions implemented in conjunction with other authorities or through direct intervention by the Bank, depending on the specific critical function that has failed. The Bank will work closely with firms and may consult on further policy and/or guidance over the coming years setting out its expectations of firms and further details on our approach to assessing firms against the PfD risk element within the risk model. This includes updating future iterations of this publication as needed.

Assessing firms using the risk model

Supervisors assess and rate each risk element against the Bank’s risk tolerance. The rating (outlined in Figure 2) is forward looking over 12 months, based on information available to supervisors.

Proactive intervention framework (PIF)

The Bank’s supervision aims to reduce both the probability of risks crystallising, and the impact that this could have. The PIF is intended to capture the probability of risks outside of the Bank’s risk tolerance crystallising over the next 12 months. Together with the potential impact (the FMI categorisation), these metrics determine the intensity of supervision. Therefore, FMIs which have the highest potential impact and the highest probability of risks crystallising would receive the most intensive supervision, and the FMIs which have lower impact and with lower probability of risks crystallising would be supervised less intensively.

Supervisors consider an FMI’s PIF when drawing up its supervisory strategy. Supervisors’ judgement about an FMI’s position within the PIF is periodically updated and is informed by the supervisory activities outlined above under ‘Risk model elements’. However, it may be revisited more frequently in response to material developments which may, or have the potential to, negatively affect the firm or disrupt financial stability.

Judgements about an FMI’s PIF are derived from those elements of the supervisory assessment framework that reflect the risks faced by an FMI and its ability to manage them, namely, external context, business risk, management and governance, risk management and controls, financial resilience and operational resilience. The PIF is not sensitive to a firm’s potential systemic impact or preparedness for disruption score.

There are five PIF stages, each denoting a different likelihood of disruption to financial stability, and every firm sits in a particular stage at a given point in time (Figure 3). When an FMI moves to a higher PIF stage (ie if the firm’s risk has increased), supervisors will consider and deploy an appropriate set of supervisory actions (see Using powers in the course of supervision in Section 4).

The Bank considers it important for markets and counterparties to make their own judgements on the viability of an FMI. The Bank will not therefore routinely disclose to the market, or to FMIs themselves, its PIF judgement, not least given the possible risk that such disclosures could act to destabilise in times of stress.

4: Supervisory activity

This section describes how the Bank supervises UK FMIs in practice, including the tools and legal and enforcement powers available. In line with the Bank’s key principles, this engagement will be proportionate to the size and potential impact to financial stability of any given FMI and focused on the key risks to financial stability.

As set out in Section 2, the Bank’s supervisory approach follows four key principles – they are: i) judgement based; ii) forward looking; iii) focused on the greatest risks, and iv) proportionate. In line with these principles, supervisors utilise a broad range of tools to gather quantitative and qualitative data which inform supervisory judgements.

Intensity of supervision

Supervisors have to undertake baseline activities for all FMIs, regardless of PIF score (Figure 3) or risk element scores (Figure 2). The baseline activities constitute the minimum work supervisors undertake on all firms and no additional proactive work is undertaken if a firm is assessed to be ‘within risk tolerance’ through the risk scoring framework. This approach ensures that supervisors focus supervisory resources where there is judged to be greater risk to the Bank’s supervisory objectives. Baseline supervisory activities vary depending on the category and type of FMI in order to remain proportionate.

Where an individual risk element or the overall FMI is assessed as ‘out of tolerance’, supervisors undertake additional work to ensure that FMIs have carried out the necessary risk mitigation activities to bring the risk back into tolerance. Supervisory judgement will determine where additional supervisory work is needed, proportionate to the risks posed by the firm and linked to the risk elements that are out of tolerance.

In addition to baseline and risk mitigation activities, supervisors will also need to respond to regulatory transactions and notifications of significant changes, which are driven by the FMIs. These may generate additional supervisory activity, for example in relation to the appointments of key individuals.

Baseline supervisory activity

The baseline for supervisory activity is set by the FMIC, the Bank’s statutory decision-making Committee responsible for the most important decisions on FMIs (see Box J), and any significant changes are approved by it. In line with the Bank’s principle that supervision must be judgement based, supervisors can deviate from baseline supervisory activity subject to appropriate governance.

The baseline for supervision sets the amount of work supervisors should do for an FMI that is ‘within tolerance’ and requires supervisors to undertake activities such as meetings with key personnel and reviews of key risk areas on a minimum schedule. However, outside these set cycles, supervisors retain some flexibility to determine where baseline supervisory activity should be focused. Baseline supervisory activity is not intended to cover all risk areas on a defined schedule, but aims to provide enough coverage, alongside other supervisory work, to enable supervisors to assess FMIs against the risk elements in the supervisory framework and to identify key risks for each FMI.

The types of supervisory activities that constitute the baseline for supervision are set out below. The number and frequency of these activities varies according to the FMI’s potential systemic impact assessment (see Potential systemic impact in Section 3). Category 1 firms will have the highest number of supervisory activities and a greater number of areas that need to be covered at a set frequency. Category 3 firms will have much lower number of baseline supervisory activities.

Firm meetings

Central to the Bank’s supervisory approach is meeting with FMIs and engaging across all levels of seniority within the firm. At a senior level, Board members and directors should expect regular meetings with supervisors, either in groups or on an individual basis. In line with the principle of proportionality, this engagement will be focused on material risks that the firm has the potential to pose to financial stability and will be proportionate to the potential impact that any given firm could have on financial stability. Supervisors will also meet with a supervised firm’s external auditors.

As part of baseline supervision, close and continuous (C&C) engagement with FMIs’ senior management is maintained through a defined schedule of core meetings. The schedule for these meeting is defined by the firm’s category but can be adjusted (subject to appropriate governance) depending on an FMI’s unique circumstances (eg a major change programme or a firm’s governance structure). These scheduled C&C meetings are in addition to ad-hoc meetings that supervisors may have at firms’ or supervisors’ instigation to cover topics that may arise such as deterioration in a key risk, market developments or business updates. Table A shows an example schedule of minimum engagement with a typical Category 1 RPSO.

Review of management information (MI), regular reporting and data

Proportionate to their size and potential impact, the Bank requests FMIs to submit data,^{footnote [20]} of appropriate quality, which supervisors review to inform judgements about the risks that each FMI may pose to the Bank’s objectives. For instance, supervisors review CCP transaction data periodically to identify any material changes. Supervisors also gather information through MI from Board packs or disclosures made by FMIs and this information can inform which risk areas supervisors focus on during meetings with FMI senior management.

Risk reviews

Risk reviews are an important part of the Bank’s baseline supervisory activity and can be undertaken for any area of the risk model. Reviews can include ‘deep dives’ into certain areas at a specific firm or be thematic across a number of firms. Baseline supervisory activity sets out the number of reviews that should be undertaken per year and also minimum cycles for reviewing certain key risk areas. Supervisors have discretion over which other areas are reviewed outside these minimum cycles.

Risk reviews are especially important in the areas of financial resilience and operational resilience, given the breadth of risk topics they encompass and their ability to affect the resilience of FMIs. For example, for Category 1 CCPs, financial risk topics deemed to present the highest risk (such as initial margin models) are regularly reviewed as part of a cycle. Supervisors then have discretion over which other areas of financial resilience to review in detail outside these minimum cycles. Similarly for operational resilience, the Bank has identified a number of key areas (such as cyber resilience) that must be reviewed within a minimum timeframe depending on firm category, with additional capacity allocated for other reviews.

Supervisors may often involve the Bank’s risk specialists and other technical staff in their assessments. Supervisors may also place reliance on FMIs’ own risk, compliance, and internal audit functions and/or or third party reviews such as external board effectiveness reviews where supervisors feel that they can rely on their effectiveness.

PFMI self-assessment

In addition, the Bank expects FMIs to undertake self-assessments of their adherence to the PFMI (SSPs are required to provide a self-assessment against Annex F of the PFMI only). Supervisors then review these self-assessments to evaluate any issues identified by the FMI and to assess whether the FMI’s self-assessment corresponds to supervisors’ own judgement of the FMI. This self-assessment is an important test of FMIs’ ability and willingness to demonstrate their understanding of, and commitment to, risk objectives. For example, a self-assessment which paints an overly optimistic picture of an FMI against risk standards, or takes too narrow a view, may indicate that inadequate priority is being given to those standards, weaknesses in risk management, or potential misunderstanding of those standards by the management and Board. The Bank expect firms to complete an in-depth bottom-up assessment against the PFMI every two years and an interim top-down review in the year in between. The Bank also expects firms to alert supervisors to any material changes that occur between such reviews.

Table B sets out an example schedule of baseline activity with a typical Category 1 CCP.

Regulatory approvals

Firms are required to seek approval from the Bank for certain statutory authorisations required under the relevant regulation. For example, CCPs must inform the Bank of an extension of services and activities, and request approval for interoperability arrangements and for model changes. FMIs that are designated under Settlement Finality Regulations must give the Bank written notice of any proposal to amend, revoke or add to its default arrangements. Timeframes for statutory authorisations are generally set out in the relevant regulation. These examples are non-exhaustive, and firms should refer to the applicable regulations for the full set of regulatory approvals required.

Bank reviews of significant changes

The Bank also undertakes reviews of significant changes proposed by an FMI in order to evaluate whether relevant requirements of applicable regulations and/or the PFMI continue to be met and to ensure the FMI has adequately considered and mitigated potential risks to financial stability. The Bank expects an FMI to inform the Bank whenever it is proposing a significant change to its business that could materially alter its business model, organisational structure or risk profile. The Bank will then review this change. Supervised FMIs will already be familiar with this process, which is sometimes referred to as a ‘non-objection’ process. If the Bank has concerns that the change could result in risks to financial stability or impact the FMI’s ability to meet relevant requirements it would consider whether to use its supervisory powers (this is covered in more detail later in this section, under Using powers in the course of supervision).

Examples of the types of changes which the Bank expects FMIs to notify it about include:

• certain senior appointments (see Box I);
• new product and model changes (see Box I);
• material changes in the ownership, structure or governance of the FMI;^{footnote [21]}
• material changes to the risk appetite or operating model;
• material changes to rulebook, including where these relate to interactions with, and/or requirements on, participants;^{footnote [22]}
• material changes to the recovery or wind-down plan;
• changes to the capital structure, including payment of a dividend/changes to dividend policy (see Box I);
• outsourcing/in-housing of critical functions; and
• significant system and IT changes.

This is a non-exhaustive list. FMIs are responsible for identifying when they should notify the Bank of changes or seek regulatory approval to a change. The Bank expects firms to have in place a clear process for determining whether they need to apply for Bank approval to a change and/or notify the Bank of any changes (including an appropriately senior level of approval). Firms should seek advice from their supervisors at the Bank if they are unsure whether the Bank will undertake a review of a particular change. Box I details some specific examples of the review process for significant changes.

The Bank’s review does not replace the responsibilities of the FMI’s Board and senior management and FMIs should ensure all proposals have been through adequate governance before being notified to the Bank.

Setting supervisory strategies

There are regular internal stocktake meetings (Annual Risk Reviews (ARRs)) for all FMIs that the Bank supervises to discuss supervisors’ assessment of each FMI, based on the output of supervisory activity and risk assessments throughout the previous 12 months. This is used to inform the supervisory strategy and propose remedial actions for the FMI where necessary. There is senior level involvement in these meetings so that major judgements are made by the Bank’s senior and most experienced staff. These formal assessments are also subject to rigorous review by those not directly involved in day-to-day supervision, including risk specialists, independent advisors and relevant staff from other areas of the Bank and other relevant authorities (eg the FCA or PSR). Depending on the potential impact category of the firm, the assessment may also be reviewed by the FMIC.

For higher PIF firms, supervisors will have more frequent and more senior checkpoints in order to monitor and provide appropriate challenge to the supervisory mitigation efforts and overall strategy.

Following each ARR, the Bank sends an individually tailored letter to the relevant FMI’s Board clearly outlining the key risks that are of greatest concern and any action that the Bank requires the FMI to take to bring them within the Bank’s risk appetite. There is a clear and direct link between the risks that the Bank identifies and the actions that the Bank expects from FMIs as a consequence.

The Bank focuses on the most material issues identified and supervisory interventions are clearly and directly linked to reducing risks to the Bank’s primary objective. Supervisors often communicate to a firm’s Board when and how they intend to verify whether any remedial actions taken to address the key risks have been completed appropriately. Supervisors actively engage with the FMI’s Board and its sub-committees, where applicable, and its non-executive directors on progress made in addressing the most significant risks identified.

To date, the Bank’s post-ARR communications have often referred to the actions that the Bank expects FMIs to take as ‘priorities’. Going forward, the Bank’s post-ARR communications will refer to the most significant risks identified for each FMI as ‘key risks’. Wherever the Bank has identified a key risk at a firm, it will expect the firm to mitigate those risks.

FMIs may sometimes disagree with the Bank’s judgements. Supervisors will, in general, discuss any issues that they have identified with the relevant FMI, and carefully consider representations made by the firm, not least to ensure that the Bank’s decisions are made on the basis of all the relevant evidence. However, FMIs should not approach their relationship with supervisors as a negotiation.

International supervisory colleges

The Bank participates in global supervisory colleges either as a home or host supervisor, where relevant. The Bank organises and chairs supervisory colleges for those UK FMIs that operate at scale internationally to ensure appropriate arrangements are in place for cross-border supervisory co-ordination. To be fully effective, colleges must operate in a manner that enables supervisors to be open and transparent with each other and to address difficult issues. The Bank seeks to adopt this approach when it hosts colleges and expects other authorities to participate on the same basis.

The Bank also organises CMGs to provide a framework for authorities to plan crisis management measures (including orderly resolution) for UK CCPs that are judged to be systemically important in more than one jurisdiction.

Using powers in the course of supervision

To assist with the Bank’s risk assessment, and in order to advance the Bank’s primary objective, the Bank may choose to use its statutory powers where appropriate.

The Bank has information gathering powers and powers to commission reports or reviews by Skilled Persons on specific areas of interest.^{footnote [23]} Skilled Person reviews may be commissioned where the Bank judges them to be necessary or useful, for example to identify or evaluate risks. The Bank may enter into a contract with a Skilled Person directly, following a transparent and consistent approach to selecting and appointing them, or may require the regulated firm to contract with the Skilled Person. The Bank is always regarded as the end user of a Skilled Person report regardless of the appointment approach taken.

The Bank has additional powers which it can use in the course of its supervision. These include powers by which the Bank can direct a CCP to take, or refrain from taking, specified action where it is necessary for financial stability or when there is a breach or likely breach of a relevant legal requirement.^{footnote [24]} The Bank also has powers to impose a requirement on CCPs and CSDs where it is desirable for financial stability.^{footnote [25] footnote [26]} This can be done either upon application by an FMI or imposed on the Bank’s own initiative. The Bank can also direct a RPSO or SSP of a RPSO to take or refrain from taking specified action or set standards to be met in the operation of the system.^{footnote [27]}

While the Bank expects firms to co-operate in resolving supervisory areas of concern, the Bank will not hesitate to use formal powers where it considers them to be an appropriate means of achieving the desired supervisory outcome.

Enforcement

Where an FMI fails to comply with relevant requirements or rules imposed by the Bank, or otherwise commits a compliance failure, the Bank can take enforcement action as set out in the Bank’s approach to enforcement document.^{footnote [28]} The Bank has a range of enforcement powers, including public censure, financial penalties and, ultimately, revoking recognition or authorisation. The Bank may also consider, in certain circumstances, taking action against individuals employed by a supervised FMI. The Bank’s approach to enforcement supports and supplements its regulatory and supervisory tools by ensuring there are credible mechanisms for holding FMIs and, where relevant, individuals to account where they do not meet our requirements and expectations. It also provides a wider deterrent effect for the regulated community as a whole.

In practice, not every breach of a rule or requirement will result in enforcement action. The appropriateness of the Bank using its enforcement tools will be measured against a number of considerations including, but not limited to:

• the anticipated benefits to financial stability;
• the alternative courses of action available to the Bank; and
• the proportionality of opening an investigation, given the level of resources it may require and the level of intrusion and cost to the subject.

The Bank’s policy on the imposition and amount of financial penalties is set out in its approach to enforcement. This includes a range of factors the Bank may take into account when considering whether to impose a financial penalty and in deciding the amount of the penalty. The Bank will consider the facts and circumstances of each case and the policy sets out non-exhaustive considerations that may be relevant including the impact or potential impact on financial stability of the breach, the previous disciplinary and/or supervisory record of the FMI or parent company, and their conduct after the breach was committed.

5: Approach to non-UK FMIs

The Bank is responsible for supervising or overseeing a diverse range of FMIs. This includes both systemic and non-systemic non-UK FMIs that provide services to the UK or have UK participants. This section sets out the areas where the Bank tailors its supervisory approach to non-UK FMIs to ensure a proportionate approach.

FMIs often operate across borders. This is a desirable feature that can provide benefits to participants and financial stability benefits. However, it also means risks can be imported across borders and have the potential to disrupt the financial stability of the UK and vice versa.

The Bank’s guiding principle in developing its approach to non-UK FMIs is that of ‘safe openness’, ie ensuring the UK financial system remains safe without sacrificing the global financial stability benefits of open, cross-border FMI.

The Bank’s approach to supervising non-UK FMIs is consistent with international standards^{footnote [31]} and the Bank’s commitment to international co-operation. It is underpinned by a desire to co-operate with the non-UK FMI’s home regulator and the concept of deference, where the Bank will defer to the respective home supervisory authorities wherever it is appropriate to do so. This is aligned with the Bank’s preference for strong and effective cross-border supervisory co-operation, avoiding ‘too many hands on the steering wheel’.

General approach to supervision and oversight of non-UK FMIs

The Bank follows the same general approach to all non-UK FMIs, although this approach is implemented via different frameworks because of the different regulatory regimes in place for different FMIs. In order to place reliance on a home regulator, the FMI’s home jurisdiction regulatory and supervisory framework must deliver broadly similar outcomes to that of the UK, and the Bank must be satisfied that there are sufficient co-operation arrangements in place and engagement to rely on the home authority.

The level of co-operation and information sharing the Bank expects from the home authority will depend on our assessment of the systemic importance of the non-UK FMI to UK financial stability. The higher the UK activity or risks posed to the UK, the higher expectation the Bank has for the depth of co-operation and information sharing. This is an ongoing assessment to ensure the level of co-operation and information sharing with the home authority remains appropriate and proportionate.

Where the Bank concludes that the co-operation and information sharing arrangements are sufficient for the Bank to defer to the firm’s home authority, the Bank advances its objectives primarily through engagement with the home authority. This may include structured and regular engagement with the home authority to exchange views and information, and participation in multilateral fora or reviews led by the home authority to gain comfort on how supervision is delivered.

Where the Bank concludes that co-operation and information sharing arrangements are not sufficient, the Bank will seek to apply enhanced arrangements, including where appropriate, imposing requirements on the non-UK FMI, although the Bank would still seek to collaborate with the home authority where possible.

The Bank maintains a proportionate approach to overseeing any non-systemic non-UK FMIs under its supervisory remit, again placing the greatest possible reliance on home regulators. This oversight may involve collecting periodic data to verify the Bank’s assessment that the non-UK FMI is non-systemic and/or ensuring any recognition criteria are met.

Non-UK CCPs

For non-UK CCPs, the assessment of whether the CCP is systemic for UK financial stability and the extent to which the Bank places reliance on the home authority is currently implemented though UK EMIR, in particular the ‘tiering’ framework.

Non-UK CSDs

For non-UK CSDs, an assessment of the CSD’s systemic importance to UK financial stability results in the CSD being placed into one of two groups. This determines the level of monitoring and/or supervisory activity anticipated to be undertaken by the Bank, which will primarily depend on the risk the Bank considers the non-UK CSD poses to UK financial stability:

• Incoming CSD Group A – incoming CSDs deemed to pose material risks to UK financial stability.
• Incoming CSD Group B – incoming CSDs deemed to pose low risks to UK financial stability.

The Bank’s process for allocating non-UK CSDs to these groups will be based on an assessment against a range of qualitative and quantitative factors relating to the materiality of the risks the CSD poses to UK financial stability, including but not limited to:

1. The value of the transactions settled by the CSD that are linked to the UK (measuring UK-related settlement flows through the CSD).
2. The value of securities held by the CSD on behalf of UK-based participants and issuers (measuring the stock of UK-related securities held in the CSD).
3. The proportion of the CSD’s total business that is linked to the UK.

Under this framework, the Bank expects that non-UK CSDs primarily serving their respective national securities markets will be allocated to Group B; and non-UK CSDs primarily serving international securities markets (such as the ‘eurobond’ market) will be allocated to Group A.

The Bank will seek to apply deference via agreeing appropriate co-operation agreements with home authorities depending on the CSD group in line with the general approach to non-UK FMIs described above.

Non-UK payment systems

The Bank supervises payment systems recognised under BA09 as systemic in the UK, and there is no distinction in the legal regime between UK and non-UK firms. For payment systems based outside of the UK, the Bank applies the same high-level approach to deference set out above. The Bank seeks to agree and apply firm-specific deference arrangements with home supervisors, where possible, to deliver an equivalent outcome.

Settlement finality designation for non-UK law systems

In line with the Bank’s approach to co-operation with overseas authorities, for non-UK law systems, the Bank will have regard to home state regulation where it is satisfied that there are equivalent requirements. If the Bank identifies any areas of concern, it will, in the first instance, engage with the relevant home state regulator (where one exists) to resolve any issues.^{footnote [32]}