On 2 June 2021, the PRA and the FCA issued a joint letter to Chief Risk Officers of regulated firms to share observations of good practices on risk controls and arrangements for all trading activity with clients who transact solely in cash products settled on a Delivery versus Payment (DvP) only basis, including electronic trading platforms.
The letter focuses on the following areas:
- on-boarding of new accounts;
- credit risk framework;
- on-going oversight of clients;
- client exposure monitoring; and
- escalation procedure.
The letter asks for a credit function, independent from the front office, to evaluate every client's risk profile, conduct more extensive and periodic credit analysis for riskier clients, and impose individual credit exposure limits that are derived from a risk-based matrix or hierarchy.
The letter mandates that the client trading profile should be actively owned and monitored by salespeople, management and an independent control function to ensure that deviations from trading norms and any suspicion of financial crime or money laundering are flagged.
The letter also calls for an automated trade reconciliation system to be established to flag any exceptions to the pre-settlement credit limit process, which should then be escalated to the independent credit function for approval. For individual electronic trading clients, appropriate in-built system triggers and trading halt parameters should be established for aggregate open exposures that exceed pre-established risk limits.
Regarding failed trades, the letter refers to the need for a robust trade fail management process, ensuring that the fails are reported rapidly to both the front office and independent control functions. There should be procedures in place to halt trading until the fail management issues have been resolved.
The letter concludes with requesting the regulated firms to provide an update, through the usual supervisory channels, outlining what steps have been taken on the back of the letter by the end of Q4 2021.
We and the Prudential Regulation Authority (PRA) have sent a Dear Chief Risk Officer letter to firms which shares our observations on good practices related to monitoring and mitigating counterparty credit risks in relation to Delivery versus Payment clients that we encourage firms to incorporate within their control framework.