This volume is a product of the staff of the International Bank for Reconstruction and Development/The World Bank. The World Bank does not guarantee the accuracy of the data included in this work. The findings, interpretations, and conclusions expressed in this paper do not necessarily reflect the views of the Executive Directors of the World Bank or the governments they represent. The material in this publication is copyrighted. FINANCIAL SECTOR ASSESSMENT PROGRAM CHILE ASSESSMENT OF OBSERVANCE OF THE CPSS-IOSCO PRINCIPLES FOR FINANCIAL MARKET INFRASTRUCTURES DETAILED ASSESSMENT REPORT OF COMBANC S.A. MAY 2016 This report was prepared in the context of a standards assessment mission in Chile during August 3-7 and September 21-October 2, 2015, overseen by the Finance & Markets Global Practice, World Bank and the Monetary and Capital Markets Department, IMF. THE WORLD BANK GROUP FINANCE & MARKETS GLOBAL PRACTICE CONTENTS I. EXECUTIVE SUMMARY ................................................................................................ 4 II. INTRODUCTION .............................................................................................................. 6 III. OVERVIEW OF THE PAYMENT, CLEARING AND SETTLEMENT LANDSCAPE 7 a. COMBANC .................................................................................................................. 8 b. Regulatory, supervisory and oversight framework ...................................................... 9 c. Summary of major changes and reforms ...................................................................... 9 IV. SUMMARY ASSESSMENT ........................................................................................... 10 a. Summary assessment of observance of the principles ............................................... 10 b. Recommendations for the ComBanc .......................................................................... 12 V. DETAILED ASSESSMENT ............................................................................................ 15 Principle 1: Legal basis ............................................................................................................ 15 Principle 2: Governance ........................................................................................................... 18 Principle 3: Framework for the comprehensive management of risks .................................... 23 Principle 4. Credit risk ............................................................................................................. 26 Principle 5. Collateral .............................................................................................................. 29 Principle 7: Liquidity risk ........................................................................................................ 31 Principle 8: Settlement finality ................................................................................................ 35 Principle 9: Money settlements ................................................................................................ 37 Principle 13: Participant-default rules and procedures ............................................................ 38 Principle 15: General business risk .......................................................................................... 40 Principle 16. Custody and investment risks ............................................................................. 42 Principle 17: Operational risk .................................................................................................. 44 Principle 18. Access and participation requirements ............................................................... 49 Principle 21: Efficiency and effectiveness ............................................................................... 51 Principle 22: Communication procedures and standards ......................................................... 53 Principle 23: Disclosure of rules, key procedures, and market data ........................................ 54 2 GLOSSARY AFO Acuerdo de Financiamiento Obligatorio (mandatory financing agreement) BCP Business continuity plan BCCh Banco Central de Chile (Central Bank of Chile) BIA Business impact analysis BCMS Business continuity management system CCP Central counterparty CDLE Cuenta de Liquidación Especial (special settlement account) CLP Chilean Peso CSD Central Securities Depository CPMI Committee on Payments and Market Infrastructure CPSS Committee on Payment and Settlement Systems DNS Deferred net settlement DCV Depósito Central de Valores DVP Delivery versus payment FMI Financial market infrastructure IMF International Monetary Fund IOSCO International Organization of Securities Commission ISMS Information security management system ISO International Standards Organization KC Key consideration LBTR Liquidación Bruta en Tiempo Real (real time gross settlement) LOC Ley Orgánica Constitucional del Banco Central de Chile (Organic Law of the Central Bank of Chile) PFMI Principles for Financial Market Infrastructures ROC Remote operations center ROSC Review of standards and codes RTGS Real time gross settlement RTO Recovery time objective SBIF Superintendencia de Bancos e Instituciones Financieras (superintendence of banks and financial institutions) SGI Sistema de Gestión Integral (comprehensive management system) SSS Securities Settlement system SVS Superintendencia de Valores y Seguros (superintendence of securities and insurance) SWIFT Society for Worldwide Interbank Financial Telecommunication TR Trade repository UF Unidad de Fomento (Chilean Unit of Account) 3 I. EXECUTIVE SUMMARY 1. Chile has fairly developed payment, clearing, and settlement infrastructures. Sistema LBTR is the Central-Bank operated real-time (interbank) gross settlement (RTGS) system, and the backbone of the national payments system, where final payments originating from the various markets are settled. Sistema LBTR is owned and operated by the Central Bank. The RTGS is not the only high-value funds transfers system in Chile: ComBanc S.A. operates as a net clearing system for participating banks (hereinafter ComBanc). CCLV Contraparte Central S.A – CCLV, a subsidiary of the Santiago Stock Exchange, clears and settles exchanged-traded debt securities, and also acts as a central counterparty for equities (cash market) and exchange-traded derivatives. More recently, ComDer, Contraparte Central S.A (hereinafter “ComDer”) was established as a central counterparty for over-the-counter derivatives. As the only authorized central securities depository in Chile, Deposito Central de Valores (DCV) holds all securities that are object of public offering and facilitates the transfer of these securities between its depositors. 2. Sistema LBTR is largely compliant with the Principles for Financial Market Infrastructures (PFMI), and is sound from an operations perspective. It is subject to comprehensive risk management, including credit, liquidity, and operational. Clear and transparent risk-management policies, procedures, and systems allow measuring, mitigating, and managing the range of risks that arise in the system’s operations and from its participants. All transactions settled in Sistema LBTR are deemed final and irrevocable. 3. However, some areas of improvement for Sistema LBTR have been identified and are summarized below. In particular, Sistema LBTR is exposed to some legal risk in that there is no explicit coverage of irrevocability and finality of payments at the level of statutory legislation. The urgency of this issue of concern is diminished in light of the special insolvency procedures of the Banking Law and the general normative powers of the BCCh in the field; however, these would not apply should non-banks be allowed to participate in the system. This issue impacts negatively settlement finality, and could have potential repercussions on credit and settlement risk. As for collateral in general and for the provision of liquidity into the Sistema LBTR in particular, the lack of express recognition of enforceability of repos might also jeopardize the soundness of system, although also this risk might be deemed to be reduced by the understanding of repos agreements under general principles of law. Sistema LBTR should establish mechanisms for the regular review of its efficiency and effectiveness vis-à-vis the needs of its participants. As the operator of the LBTR, the Central Bank could consider recommending that non-banks – provided that these comply with risk-based criteria – be allowed as participants in light of ensuring fair and open access to a critical infrastructure. 4. ComBanc has been also assessed as sound from a (financial, operational) risk management perspective. In providing real-time clearing services for twenty participating banks, ComBanc relies on bilateral and multilateral credit limits to manage its participants’ credit risk vis-à-vis each other, combined with collateral requirements to cover 1.15 times each participant’s maximum credit exposure. Payments are considered final and irrevocable once these are cleared in ComBanc. In case of failure of one or more members, ComBanc has set out two extraordinary settlement processes. Operational risk management is grounded in the General Risk Policy and the General Operational Risk Policy. 5. Additional steps to improve compliance of ComBanc with the PFMI are warranted, especially with regard to governance arrangements and management of investments risk. First, ComBanc is exposed to the same type of (potential) legal risk as the 4 Sistema LBTR. With regard to governance, comprehensive governance arrangements should include procedures to review the Board’s performance, and clear policies for the recruitment and termination of senior management. Combanc could consider diversifying its investment portfolio – i.e. invest in securities other than those issued by its shareholder banks. Broader, yet still risk-based, participation criteria should be allowed. Finally, ComBanc should address gaps in transparency. 6. DCV ensures the safekeeping and efficient transfer of securities. The assessment has found that the relevant legal and regulatory framework minimizes custody risk. At the operational level, securities holdings of customers are held in segregated accounts, either omnibus or at the level of the final beneficial owner. More than 96% of securities (in terms of value) held at DCV are dematerialized and this percentage has been growing over the years as legacy paper-based securities mature. 7. Nonetheless, DCV should improve compliance with the PFMI in a few areas. The area of biggest concern for DCV is general business risk. To date, DCV has not developed a recovery plan in connection with general business losses, and was found to hold liquid net assets sufficient to cover less than three months of operating expenses (as opposed to a minimum of 6 months prescribed by the PFMI). Although for the most part the company incorporates international standards and best practices with regard to governance, there is no formal mechanism to review its board performance. DCV should take a comprehensive approach to defining and addressing the various types of risks it faces: currently, although all such risks are de facto managed, DCV general risk management policy is focused on operational risk. 8. No serious issues of concerns were identified with regard to the operation of CCLV as a securities settlement system. On the other hand, there are gaps in the company’s governance arrangements that include: (i) the lack of a formal mechanism for reviewing the performance of the board, which it shares with the Santiago Stock Exchange as the holding company of CCLV, (ii) roles and responsibilities of senior management are not defined and documented at the level of the subsidiary (i.e. at the level of CCLV), and; (iii) no independent reporting line exists for the risk management function. The lack of a detailed plan for its financial recovery also raises concerns that could become serious if not addressed in a timely fashion. 9. CCLV as a central counterparty incorporates international standards in its risk management practices; issues of concern only arise as a result of the lack of coverage of segregation and portability in the legal framework. Although CCLV rules and contracts provide the mechanism for the segregation and portability of positions, and these arrangements are implemented in practice, in light of the gaps in the legal framework the relevant standards cannot be met. It is worth noting that FMIs in general – including CCLV – do not have access to central bank liquidity in the payments system (i.e. the intraday liquidity facility). As a result, CCLV must resort to other liquidity providers before first exhausting the collateral provided by the delayed/defaulted participant(s). Authorities should consider costs vs. benefits of providing FMIs with access to intraday liquidity facilities. 10. ComDer was established as a response of the banking system to the exponential growth of the over-the-counter (OTC) derivatives market and to achieve compliance with international standards and G20 expectations. In practice, ComDer was designed to abide by international best practices and observes most of the Principles. ComDer risk management practices are robust in general terms. In particular, ComDer uses good and conservative 5 practices with regard to collateral, e.g. it accepts only cash and debt securities issued by the Central Bank or the National Treasury as collateral, marks collateral and participant positions to market daily, and applies conservative haircuts that also incorporate crisis scenarios thus reducing the need for pro-cyclical adjustments. 11. However, ComDer has yet to fine-tune some aspects of its operations, namely its stress test programme. In addition, as noted above for CCLV, ComDer does not have access to routine Central Bank credit either; as a result, it must resort to its liquidity providers before first exhausting the collateral provided by the delayed/defaulted participant(s). Collateral in securities – although highly liquid – may not be readily available (within one or two hours), at least in part because ComDer uses a model of electronic pledge. Also, the same considerations that were made above with regard to the lack of legal underpinning of segregation and portability of positions and collateral apply to ComDer too, however, in this case and for the time being, the risk is not very material as long as ComDer only clear positions from direct participants. 12. Authorities’ powers are clearly defined with no overlap. However, when assessed at the jurisdictional level, there are a few gaps in the observance of the Responsibilities of Authorities. Observance is affected mainly by the following elements: i) with regard to payment systems, the Central Bank, though it has the necessary powers and the resources / processes in place, has not defined a comprehensive oversight policy for systemically important payment systems, while the Superintendencia de Bancos e Instituciones Financieras (SBIF) as the supervisor of ComBanc relies on the supervision framework set out for Sociedades de Apoyo al Giro which does not take into consideration the specific features and risk profile of ComBanc as a FMI; ii) although numerous steps are being taken in the direction of adopting the PFMI, there is no uniform recognition of the PFMI across authorities in Chile, and; iii) cooperation among authorities is efficient, but there are no effective procedures to ensure timely access to BBCh data on foreign exchange derivatives by other authorities. 13. In the context of this PFMI assessment, it is worth noting that there is no recognized trade repository (TR) in Chile, nor the legal and regulatory framework to cover TRs exist; therefore a formal assessment of TRs was not undertaken. At the international level, concerns about systemic risks in OTC derivatives markets have led to important changes in international standards and a G20 reform agenda to improve transparency that contemplates – among other things – mandatory reporting to TRs of all OTC derivatives contracts. The Central Bank operates a database (Base de Datos de Derivados Cambiarios, BDDC) where foreign exchange derivatives transactions are reported by banks, other financial institutions and certain non-financial entities, and publishes aggregate-level data. However, this infrastructure does not currently qualify as a TR. A plan of action to remove the existing barriers – legal and technological – to developing a TR function will enable Chilean authorities to meet international expectations and best practices in the global derivatives markets. II. INTRODUCTION 14. The Central Bank of Chile (Banco Central de Chile, BCCh) and Chile’s Ministry of Finance, in their letter of January 9th, 2015, requested the World Bank to undertake a stand- alone Review of Standards and Codes (ROSC) module of the Principles for Financial Market Infrastructures (PFMI) of the Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commission (IOSCO). 6 15. A World Bank Group (WBG) team consisting of Jose Antonio Garcia (Senior Payment System Advisor and Team Leader), Corina Arteche (Senior Payment System Specialist), Maria Chiara Malaguti (Senior Legal Advisor) – supported remotely by Maria Teresa Chimienti (Payment System Specialist) - visited Chile from August 3-7 and from September 21-October 2, 2015 to assess Chile’s FMIs. 1 On the side of local authorities, the team included Catherine Tornel (Senior Economist) and Maria Jose Meléndez (Economist) from the BCCh, and Bernardita Palacios (Capital Markets Advisor) from the Ministry of Finance. 16. A total of five financial market infrastructures (FMIs) were assessed as part of this ROSC, although one of these operates both as a central counterparty (CCP) and as a securities settlement system (SSS) for different segments of the exchange-traded securities market, and as a result a total of six FMI assessments were produced by the team. In addition, the Responsibilities of Authorities for FMIs were assessed. 17. The main tool used by the assessment was the CPSS-IOSCO Assessment Methodology for the Principles for Financial Market Infrastructure and the Responsibilities of Authorities”. Each of the FMIs and Chilean authorities – the Banco Central de Chile (BCCh), the Superintendencia de Valores y Seguros (SVS) and the Superintendencia de Bancos e Instituciones Financieras (SBIF) – completed a self-assessment for the PFMI and the Responsibilities of Authorities, respectively. On this basis, the WBG team and the local team conducted detailed interviews with senior and mid-level managers of all the respective institutions, and prepared the assessment reports. 18. In addition to the self-assessments, other sources of information included the applicable laws and regulations, as well as each FMI’s main policies and internal documents (e.g. detailed policies, and processes and procedures for certain key areas) which were shared by the FMIs with the assessors, and other information available at each FMI’s website (e.g. statistics). The WBG and local teams also met with a number of users of these FMIs, including two large commercial banks and two brokers-dealers that are not part of local bank-lead conglomerates. III. OVERVIEW OF THE PAYMENT, CLEARING AND SETTLEMENT LANDSCAPE 19. Chile has a fairly developed payment, clearing and settlement infrastructure comprising: • Two systemically important payment systems – a Central Bank-operated real-time gross settlement system (Sistema LBTR), and a privately-owned clearinghouse for high-value interbank payments (ComBanc) • A central securities depository (CSD) for government and corporate securities (Depósito Central de Valores S.A. – DCV) • A securities settlement system (SSS) for debt securities and money market instruments, that also acts as a central counterparty (CCP) for corporate equities (CCLV Contraparte Central S.A - CCLV). Starting July 30th, 2015 CCLV also acts as a CCP for certain exchange-traded derivatives. • A CCP for over-the counter (OTC) derivatives (ComDer). 1 T. Khiaonarong and F. Wendt (IMF), and D. Delort and G. Srinivas (WBG) acted as peer-reviewers. 7 20. In addition, the BCCh operates a database (Base de Datos de Derivados Cambiarios, BDDC) in which foreign exchange (FX) derivatives transactions are reported by banks and other financial institutions, and certain non-financial institutions. 21. The assessment report covers the Responsibilities of central banks, market regulators, and other relevant authorities for the above-mentioned financial market infrastructures. a. COMBANC 22. Established as a Sociedad de Apoyo al Giro, ComBanc was authorized by the BCCh to operate as a large-value clearinghouse for participating banks under Chapter III.H.5 of the Compendium of Financial Regulations. The clearinghouse has been operating since 2004. As of 2015, 20 banks participate in ComBanc. 23. ComBanc is regarded as a systemically important payments system given the nature of the payments it processes (i.e. large-value interbank payments) and the total volume and value processed, which reached 1.4 million payments and CLP 16 trillion (equal to USD 23 billion), respectively, in 2014. Partial 2015 figures (up to third quarter 2015) record transactions for the equivalent of USD 19 billion. 24. ComBanc is a deferred net settlement (DNS) system. It co-exists with the Central-Bank operated RTGS system, which is also participated by the banks. With the exception of Sociedades Administradoras – which are admitted to the RTGS system – none of the system accepts participants other than banks. ComBanc processes high-value transfer instructions above CLP 50 million, equivalent to USD 73,000) and sends a file with a net multilateral balance to be settled in the RTGS system. Typically, banks determine which system to use (the clearinghouse or the RTGS system) based on liquidity strategy and the urgency of the payment. 25. The Objectives of ComBanc are to achieve a high degree of operational reliability, information security, compliance with laws and regulations, and effectiveness of the service. These objectives are outlined in the Integrated Management System (Sistema de Gestión Integrado - SGI) and the Strategic Plan of ComBanc. 26. The Board of Directors is composed by a President, a Vice President and seven Directors. The board is the coordinator of the corporate governance and risk management policy. The board has formed two committees: (i) audit, and (ii) business planning. Senior Management is composed of the General Manager, IT Manager, Deputy Manager of Operations, Deputy Auditor General, and Administrator. 27. ComBanc performs real-time clearing for the participating banks. Bilateral and multilateral credit limits are central to ComBanc’s risk management. Each participant must have collateral sufficient to cover at least 1.15 times its highest multilateral debtor position. Payments are final and irrevocable once these are cleared in ComBanc. In case of failure of one or more members, participating banks hold an extraordinary settlement process. 28. ComBanc operates from Monday to Friday from 9:00 until 16:40. Collateral for each participant must be deposited at 9:45 in the special settlement account (Cuenta de Liquidación Especial – CDLE) in the BCCh. From 9:45 to 16:30 participants can send instruction to ComBanc. At 16:40 ComBanc sends a file to BCCh with the net position of each bank after the clearing process. At 16:55, Sistema LBTR – the central bank-operated real-time gross settlement (RTGS) system – settles the net positions. 8 29. Policies, procedures and systems relating to risk management are outlined in the General Risk Policy and General Operational Risk Policy. ComBanc uses a comprehensive management system (Sistema de Gestión Integral – SGI) based on ISO31000, ISO 27005 and PAS99, which allows managing the risks it bears from its operations. It also has management systems for information security (ISMS) and for business continuity (BCMS) that manage these risks specifically. 30. ComBanc has developed a service jointly with DCV to enable DVP settlement of certain securities trades in central bank money (the so-called “switch mechanism”, which allows reaching the Sistema LBTR of the BCCh through ComBanc). Securities transactions that may be settled through this service are those not covered by CCLV, which are essentially some OTC trades. However, in this context, the “switch mechanism” is not considered as a securities settlement system by either ComBanc or by its regulator and supervisor. Reasons for this include that the “switch mechanism” is just one of the options available to market participants to settle their securities trades. b. Regulatory, supervisory and oversight framework 31. The BCCh is the regulator of payment and settlement systems in Chile. BCCh’s regulatory and oversight powers are grounded in its Organic Law (art. 3) and the Compendium of Financial Norms (CFN, chapters III.H III.J). The BCCh is also the regulator of the foreign exchange market. The BCCh is the overseer (and operator) of the Sistema LBTR. 32. Supervision of ComBanc and other privately-owned retail payment infrastructures is delegated to the banking supervisory agency (Superintendencia de Bancos e Instituciones Financieras, SBIF), based on article 82 of the BCCh Organic Law, and articles 12 and 75 of the Banking Law. 33. The securities regulator, Superintendencia de Valores y Seguros (SVS), is the regulator and supervisor of CSDs, SSSs, and CCPs. The objectives, functions, powers, and organization of the SVS are spelled out in its Organic Law (Law 3.583 of 1980). The legal basis for the operation of CSDs and SSSs in Chile are provided under Law 18.876 and Law 20.345, respectively. Consistently with its statutory powers and the laws mentioned above, the SVS supervises DCV, CCLV, and ComDer. However, Law 20.345 requires that any changes to the rulebooks of CCLV and ComDer be approved by the SVS also with the binding opinion of the BCCh and after hearing the opinion of the SBIF. 34. In addition to the applicable laws, the SBIF and SVS issue general rules (Normas de carácter general, NCG) to the FMIs under their regulatory purview. In a few cases, NCGs have been issued jointly to reflect the fact that in some of the FMIs supervised by the SVS some of the participants are banks. 35. The main instance of domestic cooperation among financial sector authorities is provided by the Financial Stability Council (Comité de Estabilidad Financiera – CEF). In addition, bilateral cooperation domestically and internationally is facilitated through memoranda of understanding (MoU). c. Summary of major changes and reforms 36. The most relevant changes and reforms in recent years derive from the enactment of Law 20.345. Recent changes, partly in response to this law and to international trends and 9 developments, included the creation of COMDER, and CCLV’s becoming a CCP for exchange-traded derivatives. 2 37. Chilean financial sector authorities expect to undertake further reforms based on the outcomes of this CPSS-IOSCO PFMI ROSC. IV. SUMMARY ASSESSMENT a. Summary assessment of observance of the principles 38. In general terms, ComBanc is a robust and sound FMI. It has adopted international standards and best practices with regard to risk management, efficiency and transparency, and fully observes eleven PFMIs. 39. There are five principles that are assessed as “broadly observed”. These principles and the reasons for assigning a “broadly observed” rating are as follow: • Principle 1 (Legal basis): The main issue with ComBanc from a legal standpoint, as any other FMI processing payments, is that no statutory act expressly contemplates finality and protection against insolvency in payment systems, nor for participants or collateral. Although the relevant contractual provisions are in place that address insolvency of one of the participants or the administrator and recognize irrevocability and finality of payments, as for any contractual rules, these are only enforceable against the other participants in the system. Similar concerns arise with regard to netting arrangements. The fact that only banks participate into ComBanc reduces the urgency of the issue, since the Banking Law has insolvency rules that should reduce exposure; however, in the lack of express statutory provisions, the legal risk cannot be fully ruled out. [The actions to address this recommendation should be taken by the authorities] • Principle 2 (Governance): ComBanc has not clearly established some important aspects of its human resources policies, i.e. recruitment requirements for senior management are not documented (experience requirements, skills and integrity). Nor it has formalized the grounds for the removal of the General Manager. Finally, there are no formal mechanisms for reviewing the performance of the board members. 3 • Principle 8 (Settlement finality). As it was described in Principle 1, all relevant contractual provisions are in place that protect the system against insolvency of one of the participants or the administrator, and recognize irrevocability and finality of payments. However, to have full legal coverage, the issue of finality of payments and protection against insolvency should be addressed at statutory level. [The actions to address this recommendation should be taken by the authorities] • Principle 18 (Access and participation requirements). Given the critical role that ComBanc plays in the market (which also earned it the qualification as systemically important payment system), the principle of fair and open access applies in this case. Limiting access to banks may affect the competitive balance among market participants and possibly cause a disadvantage to the costumers of those financial institutions that are not banks. ComBanc should re-evaluate its access criteria in light of market needs 2 CCLV has been acting as a CCP for the equities market since 2011. 3 In April 2016, Combanc informed that the Human Resource Policy was modified to include aspects related to the recruitment and removal of the General Manager. Consequently, Combanc rulebook, by-laws, and corporate governance manual were modified. Combanc is also working towards establishing a performance review mechanism for its board. 10 and the risks that new prospective participants may pose. Based on this evaluation, authorities in cooperation with Combanc should determine whether to lift barriers to entry for non-banks. • Principle 23 (Disclosure of rules, key procedures, and market data): ComBanc has not completed the Disclosures Framework for FMIs. 4 Table 1 Ratings Summary of the Principles Assessment category Principle Observed Principles 3, 4, 5, 7, 9, 13, 15, 16, 17, 21, and 22 Broadly observed Principles 1, 2, 8, 18, and 23 Partly observed Not observed Not applicable Principles 6, 10, 11, 12, 14, 19, 20 and 24 4 By April 2016, ComBanc had published on its website a summary of the self-assessment prepared in 2015 for this ROSC. 11 b. Recommendations for the ComBanc Table 2 Prioritized list of recommendations Principle Issue of concern or other gap or shortcoming Recommendation action and comments Time frame for addressing recommended action Although ComBanc contains all relevant In a defined timeline contractual provisions to protect it against (1-2 years) The main issue with ComBanc from a legal insolvency of one/more participants (or the standpoint, as any other FMI processing payments is administrator) and recognizes irrevocability and that no statutory act expressly contemplates finality finality, in order to have a fully-fledged and protection against insolvency in payment protection the issue of finality of payments and systems, nor for participants or collateral. The 1 protection against insolvency should be system rules do contain provisions on irrevocability addressed at statutory level. Similarly, a high and finality; however, as for any contractual rules degree of legal certainty of netting arrangements these are only enforceable against the other should be achieved through statutory provisions. participants to the system. A similar concern arise The actions to address this recommendation with regard to netting arrangements. should be taken by the authorities. ComBanc should develop a mechanism for In a defined timeline There is no mechanism to review board members reviewing the performance of board members, (1 year) performance. 5 both as a group and individually. 2 In a defined timeline ComBanc should document the recruitment and (1 year). This The Human Resources Policy does not include clear removal policy for the General Manager recommendation is criteria for the selection of senior management in including experience, skills, and integrity addressed as of April relation to experience and skills. requirements. 2015. 5 Combanc is currently working towards establishing a performance review mechanism for its board. 12 There are no clear criteria for the removal of the General Manager. 6 ComBanc should develop a mechanism for In a defined timeline Evaluation mechanisms of the performance of board reviewing of the performance of the board and its (2 year) members are not documented. members individually. Although the system contains all relevant In a defined timeline contractual provisions to address the insolvency (1-2 years) The legal framework approved by the BCCh and the of one of the participants or the administrator, rulebook ensures that payments are final and and recognizes irrevocability and finality, these irrevocable once they are cleared in the system. 8 aspects must be addressed at the statutory level However, the main issue with ComBanc is the lack to ensure full legal protection. The actions to in the country of a legal framework on finality of address this recommendation should be taken by payments in payment systems. the authorities. ComBanc has the total of its investment in ComBanck should diversify its investments In the normal course 16 certificate of deposits issues by the banks portfolios. of business participants and shareholders. ComBanc should re-evaluate its access criteria in In a defined timeline light of market needs and the risks that new (1-2 years) prospective participants may pose (including those supervised by the SVS). Based on this evaluation, ComBanc should determine whether 18 Access to ComBanc is limited to banks. to lift barriers to entry for non-banks. It is recommended that the BCCh as the regulator of the high-value clearing house and the SBIF as the regulator of the Empresas de Apoyo al Giro and supervisor of the same, also participate in the review the access criteria. 6 In April 2016, Combanc informed that the Human Resource Policy was modified to include aspects related to the recruitment and removal of the General Manager. Consequently, Combanc rulebook, by-laws, and corporate governance manual were modified. 13 In the normal course ComBanc conducts surveys of customer satisfaction. ComBanc should review its processes to of business The result of the surveys indicate that system up- measure system availability to align participants’ 21 time reaches 98.6% as opposed to 99.7% as claimed metrics with its own and improve participants’ by ComBanc perceptions of Combanc’s efficiency. ComBanc to complete the Disclosure In a defined timeline Framework for FMIs and make it available to the (1 year). Addressed as ComBanc has not completed the CPSS-IOSCO general public through its website or other of April 2016. Disclosure Framework for FMIs. 7 appropriate means. 23 ComBanc should consider disclosing more In a defined timeline The fee methodology is available on the website, information regarding the fees it charges, i.e. (1 year) although fixed fees are not disclosed. fixed fees. 7 By April 2016, ComBanc had published on its website a summary of the self-assessment prepared in 2015 for this ROSC. 14 V. DETAILED ASSESSMENT Principle 1: Legal basis An FMI should have a well-founded, clear, transparent, and enforceable legal basis for each material aspect of its activities in all relevant jurisdictions. Key consideration 1 The legal basis should provide a high degree of certainty for each material aspect of an FMI’s activities in all relevant jurisdictions. Description ComBanc is authorized as a large-value clearinghouse under article 35(8) of Organic Law of the BCCh (Ley Orgánica Constitucional del Banco Central de Chile, LOC) and regulated by Chapter III.H.5 of the BCCh Compendium of Financial Regulations (CNF). Chapter III.H.5 imposes to any large-value clearing house to be open to any banking institution established in the country as long as these satisfy the relevant standards established in the Chapter, and allocates all responsibilities for the correct working of the system to its operator. The operator of the clearing house shall execute only those activities that are linked to the clearing house and not to perform any other activities. Material aspects and relevant jurisdictions Material aspects are finality and irrevocability of payments, protection against insolvency, both as for the system itself and collateral provided for its proper working, and netting. The only relevant jurisdiction for all aspects identified above is Chile. Legal basis for each material aspect ComBanc material aspects are regulated in Chapter III.H.5 of CNF: Paragraph V clearly establishes that payments shall be irrevocable and final from when accepted by the system, it recognizes netting and imposes that all operations of the system be protected by any insolvency situation. Internal rules of ComBanc implement all of these provisions. As a consequence, netting, finality and irrevocability are duly regulated under the CNF and further implemented by contractual agreements among participants. However, since these are regulatory and contractual provisions, respectively, only bind participants and cannot protect the system against opposition by third parties. On the other hand, no specific provision exists at statutory level on finality and protection against insolvency as for payment systems, as opposed to systems processing financial instruments (Law 20.345) as ComDer and CCVL. In the lack of such legislation, the legal risk exists that a payment be revoked, especially in the event of insolvency of a participant, or that a collateral transaction be reversed in the event of insolvency. Under the Banking Law, insolvency of banks is treated differently from general insolvency procedures and the BCCh has wide powers of intervention in that case. As a consequence, BCCh is expected to apply finality and irrevocability in a way to ensure that these principles are respected. This reduces the urgency of the issue but does not eliminate the legal risk. Key consideration 2 An FMI should have rules, procedures, and contracts that are clear, understandable, and consistent with relevant laws and regulations. Description Rules, procedures and other contractual obligations are outlined in the rulebook of the system, which was approved by the BCCh, as well as and any changes have to. In case of amendments to the rulebook, participants must be informed within 10 days from the approval by the BCCh. All participants must sign the contractual agreements, under which they accept to comply with all relevant rules and regulations. The implementation of rules, procedures and contractual obligations are evaluated and reviewed periodically by the SBIF. Key consideration 3 An FMI should be able to articulate the legal basis for its activities to relevant authorities, participants, and, where relevant, participants’ customers, in a clear and understandable way. Description ComBanc activities are articulated and described in Chapter III.H.5 of the CNF, and in its rulebook as approved by the BCCh. The Contractual Agreement is mandatory and standard for all participants and includes references to the rulebook. There are also operational procedures which are mandatory for ComBanc and its participants. ComBanc publishes its operating regulations, and all relevant activity on its website. Key consideration 4 An FMI should have rules, procedures, and contracts that are enforceable in all relevant jurisdictions. There should be a high degree of certainty that actions taken by the FMI under such rules and procedures will not be voided, reversed, or subject to stays. Description Enforceability of rules, procedures and contracts; Degree of certainty for rules and procedures As described in KC 2 and KC3, Chapter III.H.5 of the CNF, the rulebook and contractual agreements represent legal and enforceable obligations for all participants. Any change in the rules and procedures must be approved by the BCCh. ComBanc only has operations in Chile. Key consideration 5 An FMI conducting business in multiple jurisdictions should identify and mitigate the risks arising from any potential conflict of laws across jurisdictions. Description Not applicable. The only relevant jurisdiction for ComBanc is Chile. Key conclusions The main issue with ComBanc, as any other FMI processing payments is that no statutory act expressly contemplates finality and protection against insolvency in payment systems, nor for participants or collateral. The system rules do contain provisions on irrevocability and finality; however, as for any contractual rules these are only enforceable against the other participants to the system. 16 Assessment of Principle 1 Broadly observed. Recommendations Although ComBanc contains all relevant contractual provisions to protect and comments it against insolvency of one of the participants or the administrator and recognises irrevocability and finality, to have a fully-fledged protection the issue of finality of payments and protection against insolvency should be addressed at statutory level. Similarly, a high degree of legal certainty of netting arrangements should be achieved through statutory provisions. The actions to address this recommendation should be taken by the authorities. 17 Principle 2: Governance An FMI should have governance arrangements that are clear and transparent, promote the safety and efficiency of the FMI, and support the stability of the broader financial system, other relevant public interest considerations, and the objectives of relevant stakeholders. Key consideration 1 An FMI should have objectives that place a high priority on the safety and efficiency of the FMI and explicitly support financial stability and other relevant public interest considerations Description ComBanc is a “Sociedad de Apoyo al Giro Bancario” that manages the High Value Payments Clearing House. As such, it is regulated by the BCCh and supervised by the SBIF. The objectives of ComBanc are related to (i) business continuity, (ii) information security, (iii) compliance with laws and regulations, and (iv) the effectiveness of the services it provides. These objectives are outlined in the Integrated Management System (Sistema de Gestión Integral – SGI) and the Strategic Plan of ComBanc: (i) The operational business continuity objective mainly refers to: (a) the design of the infrastructure, systems and processes to ensure optimal system performance, and a high level of operational efficiency; (b) developing policies, procedures, and controls that minimize events of ineffectiveness and operational errors; (c) implementing international standards for corporate governance, and; (d) maintaining comprehensive risk management practices with an emphasis on operational risk; (ii) The information security objective concerns: (a) the implementation of international standards associated with information security, (b) developing appropriate security policies that are aligned with the business, (c) developing, adopting and promoting measures to limit or reduce the impact of a security incident and achieve a balance between the cost of implementing security policies and service levels; (iii) The objective of compliance with laws and regulations refers to the design and development of an internal control environment that ensures compliance with internal regulations, financial budget, SBIF and BCCh regulations, and provide the confidence and transparency to the relevant authorities and the system’s participants; (iv) The objective of effectiveness of the services is to be achieved through the development of systems and added services that enable security, speed, reliability, and flexibility in payment services. Key consideration 2 An FMI should have documented governance arrangements that provide clear and direct lines of responsibility and accountability. These arrangements should be disclosed to owners, relevant authorities, participants, and, at a more general level, the public. Description Governance arrangements Governance arrangements and lines of responsibility and accountability are set out in the document on “Corporate Governance” and the rulebook. 18 The Board of Directors is composed by a President, a Vice President and seven Directors. The board is the coordinator of corporate governance and the risk management policy. The board has established the audit committee, composed by the directors, which aims to ensure the availability, integrity, implementation and improvement of internal controls. This committee reports to the risk committee, responsible for ensuring the comprehensive risk management of ComBanc. Senior Management is composed of the General Manager, IT Manager, Deputy Manager of Operations, Deputy Auditor General, and Administrator. Accountability to regulators and shareholders is formalized and communicated through Acts of the board meetings, the Annual Report, reports, website and periodic information submitted to regulators upon request. Disclosure of governance arrangements The rulebook is publicly available at ComBanc´s website. All other documents are accessible to participants through other means. Key consideration 3 The roles and responsibilities of an FMI’s board of directors (or equivalent) should be clearly specified, and there should be documented procedures for its functioning, including procedures to identify, address, and manage member conflicts of interest. The board should review both its overall performance and the performance of its individual board members regularly. Description Roles and responsibilities of the board The roles and responsibilities of the directors and senior management are defined in the document “Corporate Governance”, Title IV and Chapter 4 and the rulebook. The board has among its functions to (i) identify and evaluate the financial, operational and technological risks and (ii) define policies and processes necessary for the management of ComBanc. The board meets for ordinary and extraordinary sessions. The first are held on the dates and times predetermined by the Board itself and do not require special announcement. The second are held when called by the President, by the board itself, or at the request of one or more directors. Conflict of interest is considered and addressed in the document on corporate governance. Review of performance Evaluation mechanisms of performance of the board members are not documented. Key consideration 4 The board should contain suitable members with the appropriate skills and incentives to fulfill its multiple roles. This typically requires the inclusion of non-executive board member(s). 19 Description Directors are elected by the shareholders and last three years in office. The company is managed by a Board of Directors composed of nine members. The General Manager of ComBanc participates in the board but has to right to vote. The independence of board members is established in Circular No. 3 of the SBIF which provides that managers or employees of a financial institution that is a shareholder of the high-value clearinghouse cannot be directors of the same. Key consideration 5 The roles and responsibilities of management should be clearly specified. An FMI’s management should have the appropriate experience, a mix of skills, and the integrity necessary to discharge their responsibilities for the operation and risk management of the FMI. Description Roles and responsibilities of management The roles and responsibilities of senior management and the General Manager are outlined in the document on “Corporate Governance” and the rulebook. The General Manager is appointed by at least 7 directors. The most important responsibilities are to (i) manage the clearinghouse and its operational continuity, (ii) ensure compliance with applicable laws and regulations and, (iii) enforce liquidity facilities mechanisms to participants. Experience, skills and integrity The process to select senior management positions is outlined in the documents “Administración del Ciclo de Vida del Personal” with the description of the interview process, and psychological tests to be performed; the “Manual de Organización Funcional” includes a description of the tasks pertaining to the position. Internal regulations (Reglamento de Higiene y Seguridad) describe the reasons for the removal of personnel. To remove the General Manager, the affirmative vote of at least seven directors is required. Key consideration 6 The board should establish a clear, documented risk-management framework) that includes the FMI’s risk-tolerance policy, assigns responsibilities and accountability for risk decisions, and addresses decision making in crises and emergencies. Governance arrangements should ensure that the risk-management and internal control functions have sufficient authority, independence, resources, and access to the board. Description Risk management framework The risk management framework is described in the SGI, the Risk Management Policy and the Operational Risk Management Policy. For risk management purposes, ComBanc considers the use of the ISO 31000 + ISO 27005 + PAS99 (SGI) standards. Risk management policies are reviewed and approved annually by the board of ComBanc. 20 The ISO 31000 is applied throughout the organization, in a wide range of activities including strategies, policies and decisions, operations, processes, functions, projects, services and assets. This standard encompasses risk tolerance, allocation of responsibilities, and performance in crises and emergencies, among other aspects. In addition, ComBanc maintains two information security management systems (ISMS) and a business continuity management system (BCMS), Both systems perform reviews of the risk management framework. Authority and independence of risk management and audit functions The document “ComBanc - Role Designation Matrix” (Matriz de Designación de Roles ComBanc) defines the roles, responsibilities, powers, and reporting requirements for the risk management function. There is also an appointed Risk Manager. ComBanc is subject to internal and external audits, which are independent from the operational department and the General Manager. Key consideration 7 The board should ensure that the FMI’s design, rules, overall strategy, and major decisions reflect appropriately the legitimate interests of its direct and indirect participants and other relevant stakeholders. Major decisions should be clearly disclosed to relevant stakeholders and, where there is a broad market impact, the public. Description Identification and consideration of stakeholder interests Based on the SGI, the requirements and expectations of the stakeholders are determined. On this basis, strategies and relevant decisions covering these expectations are designed and approved by the board and reported to the shareholders at annual meetings. Where a change in the system is warranted, consultative meetings are held. Disclosure Major board decisions are communicated to shareholders through the annual meeting of shareholders and to participants who are not shareholders through other formal mechanisms. The SBIF is promptly informed of the major decisions of the board. Key conclusions ComBanc goals are clearly documented and related to maintaining and promoting efficiency and safety of its services. There is a clearly documented risk management framework. Corporate governance arrangements and lines of responsibility are clear and documented. However, the Human Resources Policy does not include clear criteria for the selection of senior management in relation to experience and skills. In addition there are no clear criteria for the removal of the General Manager. Evaluation mechanisms of the performance of board members are not documented. Assessment of Principle 2 Broadly observed. 21 Recommendations ComBanc should document the recruitment and removal policy for the and comments General Manager including the experience, skills, and integrity requirements. ComBanc should develop a mechanism for reviewing of the performance of the board and its members individually. 8 8 In April 2016, Combanc informed that the Human Resource Policy was modified to include aspects related to the recruitment and removal of the General Manager. Consequently, Combanc rulebook, by-laws, and corporate governance manual were modified. Combanc is also working towards establishing a performance review mechanism for its board. 22 Principle 3: Framework for the comprehensive management of risks An FMI should have a sound risk-management framework for comprehensively managing legal, credit, liquidity, operational, and other risks. Key consideration 1 An FMI should have risk-management policies, procedures, and systems that enable it to identify, measure, monitor, and manage the range of risks that arise in or are borne by the FMI. Risk-management frameworks should be subject to periodic review. Description Risks that arise in or are borne by the FMI ComBanc has identified different risks according to its functions: (i) ComBanc as a clearinghouse service provider: liquidity risk, credit risk, and systemic risk. (ii) ComBanc as a “Sociedad de Apoyo al Giro”: general business risk, legal risk, operational risk, and custody risk. Risk management policies, procedures and systems Policies, procedures and systems relating to risk management are clearly defined in the General Risk Policy and General Operational Risk Policy. ComBanc uses a SGI (based on ISO31000, ISO 27005 and PAS99) which allows managing the risks. It also has management systems for information security (ISMS) and for business continuity (BCMS). Review of risk management policies, procedures, systems The risk management policies are approved by the board. The risk management practices adopted, fluctuations in the levels of risk, incident management, new risks and their management are evaluated annually by the Risk Committee, and the outcomes of the evaluation are presented to the Audit Committee for review before going before the board. These evaluation practices are well documented. Key consideration 2 An FMI should provide incentives to participants and, where relevant, their customers to manage and contain the risks they pose to the FMI. Description ComBanc provides its participants with internal systems and procedures (file upload, workstations, position monitoring, etc.) to support risk management of banks. ComBanc provides online information of participants’ position in the session, payments sent and received, and the potential exposures of participants to one another they have with each of their counterparts. The members of ComBanc must have knowledge of the rulebook and the clauses of the contract. ComBanc organizes training and holds regular meetings with the participants. Key consideration 3 An FMI should regularly review the material risks it bears from and poses to other entities (such as other FMIs, settlement banks, liquidity providers, and service providers) as a result of interdependencies and develop appropriate risk-management tools to address these risks. 23 Description Material risks The material risks are those that may affect business continuity and information security. These risks are managed through the above- mentioned management systems (SGI, BCMS and ISMS). ComBanc bears material risks from other interdependent FMIs as a result of the settlement of transactions in the Sistema LBTR of the BCCh and a possible interruption of the services of DCV. Risk management tools The material risks are identified, evaluated and monitored using the procedures established within ComBanc comprehensive risk management policy and based on ISO standard 31000. The Operations Committee, Risk Committee, and the Audit Committee also support the risk management. To analyze the risks resulting from interdependencies with other FMIs and others entities, ad-hoc meetings are held and periodic tests are undertaken led by the BCCh. Regular meetings with critical suppliers are also held. The effectiveness of the tools used to examine the risks from interdependencies is evaluated based on the application of standards (ISO 31000 and ISO 27005). Also supporting the evaluation of the risk management tools: SGI, the Risk Committee, internal and external audits, in addition to the external certifications of management systems. Key consideration 4 An FMI should identify scenarios that may potentially prevent it from being able to provide its critical operations and services as a going concern and assess the effectiveness of a full range of options for recovery or orderly wind-down. An FMI should prepare appropriate plans for its recovery or orderly wind-down based on the results of that assessment. Where applicable, an FMI should also provide relevant authorities with the information needed for purposes of resolution planning. Description Scenarios that may prevent an FMI from providing critical operations and services ComBanc does not rely on scenarios for risk management, using a different methodology based on ISO 22301: 2012. The approach used is rather based on the recovery of critical resources when an event has occurred. The process to identify these critical resources is based on the BCMS. Recovery or orderly wind-down plans Business continuity plans include the process and procedures to recover from events that affect the system’s continuity. At least annually the Business Continuity Plan (BCP) is reviewed by the management and by internal and external audits. The wind-down plan is documented. It includes the procedures that apply in the cases of a voluntary the wind-down and when this is ordered by a Court: 24 (i) If winding down voluntarily, a Dissolution Committee should be appoint during an extraordinary shareholders meeting. In this case, the wind-down plan clearly describes all the actions to be taken before and during the process; (ii) If the wind-down follows a court judgment, ComBanc is subject to Bankruptcy Law. Key conclusions The risks affecting ComBanc are: credit, liquidity, systemic, general business, operational, legal, and custody. ComBanc uses an Integrated Management System - SGI (based on ISO31000, ISO 27005 and PAS99) which allows managing the risks. It also has management systems for information security (ISMS) and for business continuity (BCMS). ComBanc has mechanisms to manage adverse situations through business continuity plans and it has documented plans for its orderly wind-down. Assessment of Principle 3 Observed. Recommendations and comments 25 Principle 4. Credit risk An FMI should effectively measure, monitor, and manage its credit exposure to participants and those arising from its payment, clearing, and settlement processes. An FMI should maintain sufficient financial resources to cover its credit exposure to each participant fully with a high degree of confidence. In addition, a CCP that is involved in activities with a more-complex risk profile or that is systemically important in multiple jurisdictions should maintain additional financial resources sufficient to cover a wide range of potential stress scenarios that should include, but not be limited to, the default of the two largest participants and their affiliates that would potentially cause the largest aggregate credit exposures to the CCP in extreme but plausible market conditions. All other CCPs should maintain, at a minimum, total financial resources sufficient to cover the default of the one participant and its affiliates that would potentially cause the largest aggregate credit exposures to the CCP in extreme but plausible market conditions. Key consideration 1 An FMI should establish a robust framework to manage its credit exposures to its participants and the credit risks arising from its payment, clearing, and settlement processes. Credit exposure may arise from current exposures, potential future exposures, or both. Description ComBanc does not assume credit risk as an FMI. Participants assume credit risks for their participation in the clearinghouse. The framework for managing the credit risk of the participants is regulated by the BCCh (Chapter III.H.5 of CNF) and in the rulebook of ComBanc. Credit risk is managed through the provision of daily cash collateral deposited in a special account that each bank has in the BCCh (Cuenta de Depósito para Liquidación Extraordinaria – CDLE). The collateral is calculated using a methodology based on bilateral and multilateral limits to the liability position of each participant. In addition, banks have their own risk management policies to grant credit lines to other banks. Key consideration 2 An FMI should identify sources of credit risk, routinely measure and monitor credit exposures, and use appropriate risk-management tools to control these risks. Description BCCh regulation indicates that for the purposes of risk management, ComBanc should require that each participant establish daily: (i) Maximum bilateral credit limit that the participant is willing to take with each of the other participants; (ii) Maximum limits for the multilateral net debit position that each participant can accumulate. Each participant should have minimum available resources equal to 1.15 times the maximum limits referenced above in (ii). These funds (cash) must be deposited at the start of each day in the CDLE based on instructions received by ComBanc. ComBanc checks with the BCCh that all deposits are in the accounts of the participants before operations start. ComBanc and the participants can check their positions online. Participants can deposit more funds in the CDLE account during the day. 26 Key consideration 3 A payment system or SSS should cover its current and, where they exist, potential future exposures to each participant fully with a high degree of confidence using collateral and other equivalent financial resources (see Principle 5 on collateral). In the case of a DNS payment system or DNS SSS in which there is no settlement guarantee but where its participants face credit exposures arising from its payment, clearing, and settlement processes, such an FMI should maintain, at a minimum, sufficient resources to cover the exposures of the two participants and their affiliates that would create the largest aggregate credit exposure in the system. Description Coverage of exposures to each participant ComBanc requires that each participant keep collateral equal to at least 1.15 times the largest multilateral net exposure. This collateral must be cash deposited in the CDLE of each participant in the BCCh. For DNS payment systems and DNS SSSs in which there is no settlement guarantee Not applicable Key consideration 4 A CCP should cover its current and potential future exposures to each participant fully with a high degree of confidence using margin and other prefunded financial resources (see Principle 5 on collateral and Principle 6 on margin). In addition, a CCP that is involved in activities with a more-complex risk profile or that is systemically important in multiple jurisdictions should maintain additional financial resources to cover a wide range of potential stress scenarios that should include, but not be limited to, the default of the two participants and their affiliates that would potentially cause the largest aggregate credit exposure for the CCP in extreme but plausible market conditions. All other CCPs should maintain additional financial resources sufficient to cover a wide range of potential stress scenarios that should include, but not be limited to, the default of the participant and its affiliates that would potentially cause the largest aggregate credit exposure for the CCP in extreme but plausible market conditions. In all cases, a CCP should document its supporting rationale for, and should have appropriate governance arrangements relating to, the amount of total financial resources it maintains. Description Not applicable Key consideration 5 A CCP should determine the amount and regularly test the sufficiency of its total financial resources available in the event of a default or multiple defaults in extreme but plausible market conditions through rigorous stress testing. A CCP should have clear procedures to report the results of its stress tests to appropriate decision makers at the CCP and to use these results to evaluate the adequacy of and adjust its total financial resources. Stress tests should be performed daily using standard and predetermined parameters and assumptions. On at least a monthly basis, a CCP should perform a comprehensive and thorough analysis of stress testing scenarios, models, and underlying parameters and assumptions used to ensure they are appropriate for 27 determining the CCP’s required level of default protection in light of current and evolving market conditions. A CCP should perform this analysis of stress testing more frequently when the products cleared or markets served display high volatility, become less liquid, or when the size or concentration of positions held by a CCP’s participants increases significantly. A full validation of a CCP’s risk-management model should be performed at least annually. Description Not applicable Key consideration 6 In conducting stress testing, a CCP should consider the effect of a wide range of relevant stress scenarios in terms of both defaulters’ positions and possible price changes in liquidation periods. Scenarios should include relevant peak historic price volatilities, shifts in other market factors such as price determinants and yield curves, multiple defaults over various time horizons, simultaneous pressures in funding and asset markets, and a spectrum of forward-looking stress scenarios in a variety of extreme but plausible market conditions. Description Not applicable Key consideration 7 An FMI should establish explicit rules and procedures that address fully any credit losses it may face as a result of any individual or combined default among its participants with respect to any of their obligations to the FMI. These rules and procedures should address how potentially uncovered credit losses would be allocated, including the repayment of any funds an FMI may borrow from liquidity providers. These rules and procedures should also indicate the FMI’s process to replenish any financial resources that the FMI may employ during a stress event, so that the FMI can continue to operate in a safe and sound manner. Description Allocation of credit losses ComBanc does not assume credit risk as an FMI. Replenishment of financial resources ComBanc does not assume credit risk as an FMI. Key conclusions ComBanc does not assume credit risk as an FMI. The risks of the participants are managed through the mechanisms established under the BCCh regulation and by the rulebook of ComBanc. Assessment of Principle 4 Observed. Recommendations and comments 28 Principle 5. Collateral An FMI that requires collateral to manage its or its participants’ credit exposure should accept collateral with low credit, liquidity, and market risks. An FMI should also set and enforce appropriately conservative haircuts and concentration limits. Key consideration 1 An FMI should generally limit the assets it (routinely) accepts as collateral to those with low credit, liquidity, and market risks. Description ComBanc only accepts cash as collateral. Before the start of the day each participant should deposit the amount of the collateral in the CDLE. (see Principles 4 and 7) Key consideration 2 An FMI should establish prudent valuation practices and develop haircuts that are regularly tested and take into account stressed market conditions. Description Valuation practices Not applicable. Haircutting practices Not applicable. Key consideration 3 In order to reduce the need for pro-cyclical adjustments, an FMI should establish stable and conservative haircuts that are calibrated to include periods of stressed market conditions, to the extent practicable and prudent. Description Not applicable. Key consideration 4 An FMI should avoid concentrated holdings of certain assets where this would significantly impair the ability to liquidate such assets quickly without significant adverse price effects. Description Not applicable. Key consideration 5 An FMI that accepts cross-border collateral should mitigate the risks associated with its use and ensure that the collateral can be used in a timely manner. Description Not applicable. Key consideration 6 An FMI should use a collateral management system that is well- designed and operationally flexible. Description Collateral management system design The collateralization procedures are established in the rulebook and manager by ComBanc. At the beginning of each business cycle (9:00 am) ComBanc participants must send instructions to the RTGS system to transfer from their general account in the Sistema LBTR to the CDLE the value corresponding to the collateral required to operate that day. The amount of collateral is calculated by ComBanc and communicated to each of the participants. The balance of the CDLE cannot diminish during the day; participants may increase the balance of the account. At the end of the operating cycle, unused resources are transferred to the account of each bank in the Sistema LBRT. CDLE balance at the end of the day must be zero. 29 CDLE funds are used in case a participant does not have sufficient funds in its current account in Sistema LBTR to settle its transactions at the end of day. Then, the Sistema LBTR takes the balance from CDLE that is necessary to complete settlement. In the exceptional situation in which a participant does not have funds in either account (current account in the Sistema LBRT or CDLE) ComBanc will proceed to the Acuerdo de Financiamiento Obligatorio (AFO, See Principle 7). Operational flexibility Collateral is pre-determined and cannot be decreased throughout the day. On the other hand, participant can increase their balances in the CDLE. Key conclusions ComBanc only accepts cash as collateral. Assessment of Principle 5 Observed. Recommendations and comments 30 Principle 7: Liquidity risk An FMI should effectively measure, monitor, and manage its liquidity risk. An FMI should maintain sufficient liquid resources in all relevant currencies to effect same-day and, where appropriate, intraday and multiday settlement of payment obligations with a high degree of confidence under a wide range of potential stress scenarios that should include, but not be limited to, the default of the participant and its affiliates that would generate the largest aggregate liquidity obligation for the FMI in extreme but plausible market conditions. Key consideration 1 An FMI should have a robust framework to manage its liquidity risks from its participants, settlement banks, nostro agents, custodian banks, liquidity providers, and other entities. Description ComBanc does not assume liquidity risk as an FMI. Participants assume liquidity risks for their participation in the clearinghouse. The framework for managing the liquidity risk of the participants is regulated by the rulebook of ComBanc. To cover liquidity risk each bank must maintain cash deposits in the CDLE account in the BCCh. There are two different types of deposits: (i) Compulsory deposits, i.e. Maximum bilateral credit limit that the participant is willing to take with each of the other participants (See Principle 4) (ii) Voluntary deposits which are used to increase bilateral or multilateral limits assigned by ComBanc. Participants have different mechanisms for liquidity management: (i) Participants manage queues, through which they can prioritize payment orders (ii) In virtue of the Mandatory Financing Agreement (Acuerdo de Financiamiento Obligatorio – AFO), participants are obliged to give a loan to one or more participants who are unable to comply with the obligations arising from the clearing when net balances are settled in the Sistema LBTR. The funds necessary to cover the AFO are sourced from the compulsory deposits in the CDLE. (iii) Net positions are monitored in real time during a session. Key consideration 2 An FMI should have effective operational and analytical tools to identify, measure, and monitor its settlement and funding flows on an ongoing and timely basis, including its use of intraday liquidity. Description Through the AIPAC system, ComBanc provides a tool to monitor payment orders, participants’ positions, and settlements. AIPAC allows real-time monitoring of financial positions. AIPAC generates online information on the liquidity of the participants and maintains a permanent communication with the participants. Participants may also deposits additional cash as collateral if required Key consideration 3 A payment system or SSS, including one employing a DNS mechanism, should maintain sufficient liquid resources in all relevant currencies to effect same-day settlement, and where appropriate intraday or multiday settlement, of payment obligations with a high degree of 31 confidence under a wide range of potential stress scenarios that should include, but not be limited to, the default of the participant and its affiliates that would generate the largest aggregate payment obligation in extreme but plausible market conditions. Description Not applicable Key consideration 4 A CCP should maintain sufficient liquid resources in all relevant currencies to settle securities-related payments, make required variation margin payments, and meet other payment obligations on time with a high degree of confidence under a wide range of potential stress scenarios that should include, but not be limited to, the default of the participant and its affiliates that would generate the largest aggregate payment obligation to the CCP in extreme but plausible market conditions. In addition, a CCP that is involved in activities with a more-complex risk profile or that is systemically important in multiple jurisdictions should consider maintaining additional liquidity resources sufficient to cover a wider range of potential stress scenarios that should include, but not be limited to, the default of the two participants and their affiliates that would generate the largest aggregate payment obligation to the CCP in extreme but plausible market conditions. Description Not applicable Key consideration 5 For the purpose of meeting its minimum liquid resource requirement, an FMI’s qualifying liquid resources in each currency include cash at the central bank of issue and at creditworthy commercial banks, committed lines of credit, committed foreign exchange swaps, and committed repos, as well as highly marketable collateral held in custody and investments that are readily available and convertible into cash with prearranged and highly reliable funding arrangements, even in extreme but plausible market conditions. If an FMI has access to routine credit at the central bank of issue, the FMI may count such access as part of the minimum requirement to the extent it has collateral that is eligible for pledging to (or for conducting other appropriate forms of transactions with) the relevant central bank. All such resources should be available when needed. Description ComBanc does not assume liquidity risk as a FMI. Key consideration 6 An FMI may supplement its qualifying liquid resources with other forms of liquid resources. If the FMI does so, then these liquid resources should be in the form of assets that are likely to be saleable or acceptable as collateral for lines of credit, swaps, or repos on an ad hoc basis following a default, even if this cannot be reliably prearranged or guaranteed in extreme market conditions. Even if an FMI does not have access to routine central bank credit, it should still take account of what collateral is typically accepted by the relevant central bank, as such assets may be more likely to be liquid in stressed circumstances. An FMI should not assume the availability of emergency central bank credit as a part of its liquidity plan. 32 Description ComBanc does not assumes liquidity risk as a FMI Key consideration 7 An FMI should obtain a high degree of confidence, through rigorous due diligence, that each provider of its minimum required qualifying liquid resources, whether a participant of the FMI or an external party, has sufficient information to understand and to manage its associated liquidity risks, and that it has the capacity to perform as required under its commitment. Where relevant to assessing a liquidity provider’s performance reliability with respect to a particular currency, a liquidity provider’s potential access to credit from the central bank of issue may be taken into account. An FMI should regularly test its procedures for accessing its liquid resources at a liquidity provider. Description ComBanc does not assume liquidity risk as a FMI. Key consideration 8 An FMI with access to central bank accounts, payment services, or securities services should use these services, where practical, to enhance its management of liquidity risk. Description ComBanc uses central bank services as (i) settlement is effected in central bank money in the RTGS system and (ii) participants’ cash collateral is kept in special accounts with the central bank. Key consideration 9 An FMI should determine the amount and regularly test the sufficiency of its liquid resources through rigorous stress testing. An FMI should have clear procedures to report the results of its stress tests to appropriate decision makers at the FMI and to use these results to evaluate the adequacy of and adjust its liquidity risk-management framework. In conducting stress testing, an FMI should consider a wide range of relevant scenarios. Scenarios should include relevant peak historic price volatilities, shifts in other market factors such as price determinants and yield curves, multiple defaults over various time horizons, simultaneous pressures in funding and asset markets, and a spectrum of forward-looking stress scenarios in a variety of extreme but plausible market conditions. Scenarios should also take into account the design and operation of the FMI, include all entities that might pose material liquidity risks to the FMI (such as settlement banks, nostro agents, custodian banks, liquidity providers, and linked FMIs), and where appropriate, cover a multiday period. In all cases, an FMI should document its supporting rationale for, and should have appropriate governance arrangements relating to, the amount and form of total liquid resources it maintains. Description ComBanc does not assume liquidity risk as a FMI. Key consideration 10 An FMI should establish explicit rules and procedures that enable the FMI to effect same-day and, where appropriate, intraday and multiday settlement of payment obligations on time following any individual or combined default among its participants. These rules and procedures should address unforeseen and potentially uncovered liquidity shortfalls and should aim to avoid unwinding, revoking, or delaying the same-day settlement of payment obligations. These rules and procedures should also indicate the FMI’s process to replenish any 33 liquidity resources it may employ during a stress event, so that it can continue to operate in a safe and sound manner. Description Same day settlement There are three different mechanisms for the settlement of transactions in the Sistema LBTR on a same-day basis: (i) Normal settlement: Once the Sistema LBTR has received the file with the debit balances of the participants, it proceeds to debit the balances of the participants’ account in the system; (ii) Extraordinary settlement: after receiving the file with debit balances, if a participant does not have sufficient resources in its account at the Sistema LBTR, the resources are transferred from its CDLE account; (iii) Extraordinary settlement with AFO: these funds are used when a participant does not have resources to fulfill its net debit balance in any of its accounts (Sistema LBTR or CDLE). In these cases, AFO is used to allow transferring the amount necessary to cover the balance of the debtor bank from the CDLE accounts of the other participants. The portion of each participant is calculated via an algorithm. Replenishment of liquidity resources In cases where the AFO mechanism has been used, ComBanc will issue the necessary legal documentation for each creditor participant. The defaulting participant issues demand notes (Pagares) to each creditor participant. ComBanc does not assume any responsibility regarding the payment of those Pagares. These loans accrue maximum interest between the maximum conventional rate and the interbank interest rate calculated and published daily by BCCh. Key Conclusions ComBanc does not assume liquidity risk as a FMI. Participants assume liquidity risk for their participation in the clearinghouse. The framework for managing the liquidity risk of the participants is regulated by the rulebook of ComBanc. Assessment of Principle 7 Observed. Recommendations and comments 34 Principle 8: Settlement finality An FMI should provide clear and certain final settlement, at a minimum by the end of the value date. Where necessary or preferable, an FMI should provide final settlement intraday or in real time Key consideration 1 An FMI’s rules and procedures should clearly define the point at which settlement is final. Description Point of settlement finality The current regulatory framework approved by the BCCh ensures that payments are final and irrevocable once they are accepted into the clearinghouse (chapter III.H.5 CNF). However, as explained in Principle 1, the main issue is the lack in the country of a clear legal framework on finality of payments in payment systems. According to the Contractual Agreement and the rulebook, the payment instructions, once accepted and cleared are firm, irrevocable, and unconditional. Key consideration 2 An FMI should complete final settlement no later than the end of the value date, and preferably intraday or in real time, to reduce settlement risk. An LVPS or SSS should consider adopting RTGS or multiple-batch processing during the settlement day. Description Final settlement on the value date The daily cycle of operations starts at 9:00 with the transfer of collateral to the CDLE account as per rulebook’s requirements. At 16:30, ComBanc sends to the BCCh the file with the net results to be settle in the Sistema LBTR, and communicates to the participants their final positions. At 17:00, Sistema LBTR settles the net balances and informs each participant. The schedule can be extended until 17:30 if the extraordinary settlement through AFO operations is necessary. (See Principle 7). Intraday or real-time final settlement All accepted transactions are cleared and settle on value date. Key consideration 3 An FMI should clearly define the point after which unsettled payments, transfer instructions, or other obligations may not be revoked by a participant. Description Upon acceptance of a transfer instruction to the system, a transaction is irrevocable under any circumstance once it is cleared. A payment transaction may be revoked or withdrawn before netting. The rules on the irrevocability of the transactions are documented in Cap. III. H.5 of the CNF, the ComBanc rulebook and the contract between ComBanc and participants. Key conclusions The regulatory framework approved by the BCCh and the ComBanc rulebook ensures that payments are final and irrevocable once they are cleared in the system (Chapter III.H.5 of CNF). All accepted transactions are settled through Sistema LBTR on the same day. However, because the country lacks coverage of finality of payments at the level of the law and notwithstanding clear rules on irrevocability of 35 finality, these cannot be fully enforceable in the law of such statutory measures. Assessment of Principle 8 Broadly observed. Recommendations and Although the system contains all relevant contractual provisions to comments address the insolvency of one of the participants or the administrator, and recognizes irrevocability and finality, these aspects must be addressed at the statutory level to ensure full legal protection. The actions to address this recommendation should be taken by the authorities. 36 Principle 9: Money settlements An FMI should conduct its money settlements in central bank money where practical and available. If central bank money is not used, an FMI should minimize and strictly control the credit and liquidity risk arising from the use of commercial bank money. Key consideration 1 An FMI should conduct its money settlements in central bank money, where practical and available, to avoid credit and liquidity risks. Description According to the regulation issued by the BCCh (Chapter III.H.5 of the CNF), “settlement of net balances resulting from each cycle of clearing shall be made through the Central Bank's RTGS system”. In the case of ComBanc there is one settlement cycle at 17:00 hours. Key consideration 2 If central bank money is not used, an FMI should conduct its money settlements using a settlement asset with little or no credit or liquidity risk. Description Settlement takes place in central bank money. Key consideration 3 If an FMI settles in commercial bank money, it should monitor, manage, and limit its credit and liquidity risks arising from the commercial settlement banks. In particular, an FMI should establish and monitor adherence to strict criteria for its settlement banks that take account of, among other things, their regulation and supervision, creditworthiness, capitalisation, access to liquidity, and operational reliability. An FMI should also monitor and manage the concentration of credit and liquidity exposures to its commercial settlement banks. Description Not applicable. Key consideration 4 If an FMI conducts money settlements on its own books, it should minimize and strictly control its credit and liquidity risks. Description Not applicable. Key consideration 5 An FMI’s legal agreements with any settlement banks should state clearly when transfers on the books of individual settlement banks are expected to occur, that transfers are to be final when effected, and that funds received should be transferable as soon as possible, at a minimum by the end of the day and ideally intraday, in order to enable the FMI and its participants to manage credit and liquidity risks. Description Not applicable. Key conclusions Settlements of the net position resulting for the clearing processes in ComBanc are made in central bank money through the RTGS system using the participants’ accounts at the BCCh. Assessment of Principle 9 Observed. Recommendations and comments 37 Principle 13: Participant-default rules and procedures An FMI should have effective and clearly defined rules and procedures to manage a participant default. These rules and procedures should be designed to ensure that the FMI can take timely action to contain losses and liquidity pressures and continue to meet its obligations. Key consideration 1 An FMI should have default rules and procedures that enable the FMI to continue to meet its obligations in the event of a participant default and that address the replenishment of resources following a default. Description Participant default rules and procedures The procedures in the event of a participant default are documented in the rulebook (Extraordinary Settlement and AFO – See Principle 7). If one or more participants with net debit balances do not have sufficient funds in their settlement accounts, the Sistema LBTR automatically activate the extraordinary settlement procedure using the resources that the defaulting participants keep in their CDLE accounts. The extraordinary settlement with AFO is used in the case of insufficient resources in the CDLE. All the steps of these processes are defined, documented, and automated. In cases where the AFO mechanism has been used, ComBanc will issue the necessary legal documentation for each creditor participant. The defaulting participant issues demand notes (Pagares) to each creditor participant. ComBanc does not assume any responsibility regarding the payment of those Pagares. Use of financial resources ComBanc does not maintain own funds to cover participant defaults. In case of default the mechanisms described above are used. Key consideration 2 An FMI should be well prepared to implement its default rules and procedures, including any appropriate discretionary procedures provided for in its rules. Description Plans to address participant default are clearly established and documented. (Refer to Principle 7) Internal procedures against participant default are checked at least once a year. Key consideration 3 An FMI should publicly disclose key aspects of its default rules and procedures. Description All key aspects of the participant default rules and procedures, as described under KC 13.1, are detailed in the ComBanc rulebook, which is a public document. Key consideration 4 An FMI should involve its participants and other stakeholders in the testing and review of the FMI’s default procedures, including any close-out procedures. Such testing and review should be conducted at least annually or following material changes to the rules and procedures to ensure that they are practical and effective. 38 Description ComBanc does not test default procedures with its participants. Default procedures are automated and their implementation does not require any action by the participants. Key conclusions ComBanc has clearly established operating procedures in case of a participant default. These are designed and implemented in a way to ensure that a participant default can be addressed in a timely fashion. Assessment of Principle 13 Observed. Recommendations and comments 39 Principle 15: General business risk An FMI should identify, monitor, and manage its general business risk and hold sufficient liquid net assets funded by equity to cover potential general business losses so that it can continue operations and services as a going concern if those losses materialize. Further, liquid net assets should at all times be sufficient to ensure a recovery or orderly wind-down of critical operations and services. Key consideration 1 An FMI should have robust management and control systems to identify, monitor, and manage general business risks, including losses from poor execution of business strategy, negative cash flows, or unexpected and excessively large operating expenses. Description General business risk as defined in the SGI mirrors the PFMI definition and is related to the management of ComBanc as a commercial enterprise, excluding those risks associated with the failure of a participant, settlement bank, custodian or other linked FMI. General business risk refers to a possible deterioration in ComBanc’s financial situation, due to a reduction in income or increased expenses, or when expenses exceed revenues resulting in a loss that must be charged to its capital. Key consideration 2 An FMI should hold liquid net assets funded by equity (such as common stock, disclosed reserves, or other retained earnings) so that it can continue operations and services as a going concern if it incurs general business losses. The amount of liquid net assets funded by equity an FMI should hold should be determined by its general business risk profile and the length of time required to achieve a recovery or orderly wind-down, as appropriate, of its critical operations and services if such action is taken. Description The board approved that ComBanc hold net liquid net assets sufficient to cover six months of operation with no income. The investment policy of ComBanc defines the kind of securities that can be held as an investment. According to this policy, ComBanc can make investments in securities issued by the Central Bank, the Government and bonds issued by banks. As of December 2015, all investments were in short term fixed-income securities issued by banks. Additional losses would be covered by the retained earnings thus exceeding the minimum required capital. ComBanc holds sufficient liquid assets to cover 70% of operating expenses of one year. Key consideration 3 An FMI should maintain a viable recovery or orderly wind-down plan and should hold sufficient liquid net assets funded by equity to implement this plan. At a minimum, an FMI should hold liquid net assets funded by equity equal to at least six months of current operating expenses. These assets are in addition to resources held to cover participant defaults or other risks covered under the financial resources principles. However, equity held under international risk- based capital standards can be included where relevant and appropriate to avoid duplicate capital requirements. Description Recovery or orderly wind-down plan The document “Orderly wind-down procedure” clearly establishes all aspects to be considered in the event of a wind-down in ComBanc’s 40 operations – legal, staffing, contractual, and financial aspects – and the procedures to be followed. Resources ComBanc maintains liquid assets enabling it to cover six months of operations without income. These resources are designated exclusively for this purpose, as ComBanc does not hold own resources to cover participant defaults. According to the financial statements of 2014, liquid assets are 3,410 million Chilean pesos and operating expenses for the same year totaled 2,234 million without other significant expenses. ComBanc does not maintain capital to risk; it holds five times the minimum capital required by regulators which allows it to face business risk. There is no legal requirement to maintain a risk-based capital. Key consideration 4 Assets held to cover general business risk should be of high quality and sufficiently liquid in order to allow the FMI to meet its current and projected operating expenses under a range of scenarios, including in adverse market conditions. Description ComBanc Investment Policy is approved annually by the board, and defines the types of instruments and mutual funds that can be used for investment purposes. ComBanc investments consist mostly of highly liquid instruments with a maximum term of one year. (See also Principle 16) Key consideration 5 An FMI should maintain a viable plan for raising additional equity should its equity fall close to or below the amount needed. This plan should be approved by the board of directors and updated regularly. Description Annually, the board checks that the capital is adequate for its performance and any improvement plans or offer more services, nowadays, there is no plan for raising additional capital. Key conclusions ComBanc defines general business risk as any possible deterioration in the company’s financial situation, as a result of a reduction in income or increased expenses, or when expenses exceed revenues resulting in a loss that must be charged to its capital. SGI lays out the management of general business risk. ComBanc holds sufficient liquid assets to cover 70 percent of operating expenses of one year. ComBanc has documented a wind-down plan. The document considers all the relevant elements (legal, staffing, contractual, and financial) and procedures. Assessment of Principle 15 Observed. Recommendations and comments 41 Principle 16. Custody and investment risks An FMI should safeguard its own and its participants’ assets and minimise the risk of loss on and delay in access to these assets. An FMI’s investments should be in instruments with minimal credit, market, and liquidity risks. Key consideration 1 An FMI should hold its own and its participants’ assets at supervised and regulated entities that have robust accounting practices, safekeeping procedures, and internal controls that fully protect these assets. Description The assets of the participants that are used as collateral are held in the CDLE accounts in the BCCh. The collateral is cash and there is no custody risk. The main criteria for the selection of custodian banks of ComBanc’s own assets are the following: (i) short-term deposits in Chilean pesos, Unidad de Fomento (UF), or foreign currency should be rated Level 1+ or higher, based on the ratings of two agencies; (ii) long-term deposits, mortgage bonds, and bank bonds must be rated AA or higher, based on the ratings of two agencies. Custodian banks are supervised by the SBIF. ComBanc own financial assets are held in the DCV in dematerialized form. DCV is regulated and supervised by the SVS. Key consideration 2 An FMI should have prompt access to its assets and the assets provided by participants, when required. Description The participant assets that are used as collateral are deposited in the participants’ CDLE accounts at the BCCh, and transferred back to their settlement accounts in the Sistema LBTR at the end of the day. The Investment Policy of ComBanc establishes that contracts be signed with custodian banks and brokers for prompt access to the instruments. Certificates of deposits are nominative and endorsable to within less than one year maturity. ComBanc maintains a physical document that reflects the property of its investment. Key consideration 3 An FMI should evaluate and understand its exposures to its custodian banks, taking into account the full scope of its relationships with each. Description Participants assets used as collateral are posted to the participants’ BCCh accounts. Exposure to custodian banks arise with regard to Combanc’s own assets. Custodian banks are also shareholders. The total amount held in a single custodian bank cannot exceed UF 70, 000. Key consideration 4 An FMI’s investment strategy should be consistent with its overall risk-management strategy and fully disclosed to its participants, and investments should be secured by, or be claims on, high-quality obligors. These investments should allow for quick liquidation with little, if any, adverse price effect. 42 Description Investment strategy Investments are managed according to Circular 3 of the SBIF and ComBanc Investment Policy. This Circular requires that the company’s assets be invested only in: (i) documents issued by the BCCh or the Government and its agencies; (ii) fixed-income financial instruments issued by banks, and (iii) mutual fund bonds. In light of this framework, the investment policy of ComBanc follows the following criteria: (i) Custodians of securities representing ComBanc investments must be the issuers or brokers; (ii) Eligible issuers are the BCCh, banks, and the Treasury; (iii)Eligible banks must meet the following classifications: ­ Short-term deposits in Chilean pesos, Unidad de Fomento (UF), or foreign currency, should be rated Level 1+ or higher, based on the ratings of two agencies; ­ Long-term deposits, mortgage bonds, and bank bonds must be rated AA or higher, based on the ratings of two agencies; As far as diversification is concerned, the total amount of financial investments in an eligible issuer must not exceed UF 70, 000. Risk characteristics of investments ComBanc Investment Policy establishes a maximum amount of investment per issuer in order to avoid concentration. The totality of ComBanc investments are represented by securities issued by banks that are also shareholders of ComBanc. Key conclusions The collateral of the participants (cash) is deposited in the participants’ CDLE accounts at the BCCh, and transferred back to the participants’ settlement account in the Sistema LBTR at the end of the day. Therefore, there is no custody risk. Own ComBanc assets are managed in such a way to minimize custody and investments risks. Assessment of Principle 16 Observed. Recommendations ComBanc manages its investments according to SBIF’s regulation. and comments However, it could consider diversifying its investments portfolio to include securities other than those issued by its own shareholders such as securities issues by the Government or the BCCh. 43 Principle 17: Operational risk An FMI should identify the plausible sources of operational risk, both internal and external, and mitigate their impact through the use of appropriate systems, policies, procedures, and controls. Systems should be designed to ensure a high degree of security and operational reliability and should have adequate, scalable capacity. Business continuity management should aim for timely recovery of operations and fulfillment of the FMI’s obligations, including in the event of a wide- scale or major disruption. Key consideration 1 An FMI should establish a robust operational risk-management framework with appropriate systems, policies, procedures, and controls to identify, monitor, and manage operational risks. Description Identification of operational risk ComBanc has identified sources of operational risks consistently with the PFMI: people, systems, processes, and external events. SGI defines operational risk as the risk that deficiencies in information systems or internal processes, human errors, management failures or disruptions caused by external events lead a reduction, deterioration or disruption of services provided by an FMI. Proper identification of operational risk is ensured through different stages of the SGI, whose results are presented and evaluated by the Risk Committee. Management of operational risk Policies and processes for managing operational risk are established in the General Risk Policy, the General Operational Risk Policy and the Risk Management Process. These policies and processes are part of the SGI. Operational risk is integrated into the SGI and managed through different stages: (i) understanding the organization and its context and the needs and expectations of participants; (ii) planning actions to address risks and opportunities; (iii) undertaking different activities for the design and development of services, the actual provision of the services, and monitoring that services meet the expectations of the participants Policies, processes and controls Information security is managed through the Information Security Management System (ISMS) certified under the international standard ISO27001: 2013; business continuity is addressed in the Business Continuity Management System (BCMS), certified under the international standard ISO22301: 2012. Internal Control Management and internal and external audits monitor ensure the proper implementation the relevant policies, processes, and controls. Indicators and metrics are used. The SGI is reviewed by the General Manager. 44 Fraud prevention is formalized in the Rules of Crime Prevention. Key consideration 2 An FMI’s board of directors should clearly define the roles and responsibilities for addressing operational risk and should endorse the FMI’s operational risk-management framework. Systems, operational policies, procedures, and controls should be reviewed, audited, and tested periodically and after significant changes. Description Roles, responsibilities and framework The document on Corporate Governance, approved by the board, designates the Risk Committee as the body responsible for the operational risk management. The board, at least once a year, reviews and approves the General Risk Policy and the General Operational Risk Policy, which establish the overall framework for managing risks, including operational risk (ISO31000: 2009). Review, audit and testing The ISMS and BCMS are reviewed annually. In addition, ComBanc maintains regular programs for internal and external audits as well as international ISO certification. The recovery procedures are included in the business continuity plan and technological continuity plan. Those procedures are tested regularly. Participants and other FMIs (BCCh’s Sistema LBTR and DCV) have been incorporated to some of these tests. The SBIF supervises the operational risk management of ComBanc on a regular basis. Every year or every 2 years (depending on the inspection schedule of the SBIF) staff of the SBIF does in situ inspection that includes the test of the systems. SBIF also receives the reports from the external auditors and the ISO certifications. Key consideration 3 An FMI should have clearly defined operational reliability objectives and should have policies in place that are designed to achieve those objectives. Description Objectives that are relevant to operational reliability are defined in the document on “Strategic Planning” (see Principle 2): (i) Information security; (ii) Business continuity; (iii) Efficiency The policies are designed to achieve these objectives are set out in the SGI and other supporting documents (see Principles 2, 3, and 21) Key consideration 4 An FMI should ensure that it has scalable capacity adequate to handle increasing stress volumes and to achieve its service-level objectives. Description The IT service provider provides a monthly report with the analysis of the scalable capacity of the infrastructure located in the main and alternate site (servers, transactions, and service levels achieved in production environments). 45 Key consideration 5 An FMI should have comprehensive physical and information security policies that address all potential vulnerabilities and threats. Description Physical security Policies and processes that address physical security threats and vulnerabilities are documented in the following documents: (i) General Information Security Policy (ii) Information Security Manual (iii) Information Security Risk Management Physical security is addressed as part of general risk management, which is implemented taking into account the requirements of the ISO31000: 2009 standard. The risk mitigation measures in place are documented in the ISMS Monitoring application. Information security ComBanc considers the application of the following rules or standards to manage information security: (i) ISO 27001: 2013 - Information Security (ii) ISO 31000: 2009 - Risk Management (iii) ISO 27005 - Risk Management of Information Security. (iv) Cobit5 (v) ISO 27002- Annex A - Controls Information Security. (vi) ISO 19011: 2009 for auditing management systems ComBanc has implemented a change management process that is aimed to ensure that the security of the system is not affected when changes or new projects are generated. Key consideration 6 An FMI should have a business continuity plan that addresses events posing a significant risk of disrupting operations, including events that could cause a wide-scale or major disruption. The plan should incorporate the use of a secondary site and should be designed to ensure that critical information technology (IT) systems can resume operations within two hours following disruptive events. The plan should be designed to enable the FMI to complete settlement by the end of the day of the disruption, even in case of extreme circumstances. The FMI should regularly test these arrangements. Description Objectives of business continuity plan The purpose of the BCP is to identify threats to the organization and their impact, and to set out an actionable plan for the recovery and the resumption of critical services after a disaster or a disruption. ComBanc has three sites (primary, secondary, and backup) and a Remote Operations Center (ROC). Design of business continuity plan The business continuity plans have been developed based on the Business Impact Analysis (BIA). This methodology is implemented through the BCMS which meets the requirements of the international standard IS0 46 22031. The BIA considered a recovery time objective (RTO) of less than two hours for critical activities that enable the delivery of services. The result of a RTO test in 2015 was 40 minutes. In case of an unplanned shutdown of the total clearing house system (production and backup environments) ComBanc has an application (Bypass) that retrieves transactions transaction as of orderly closure of the latest cycle. Communication procedures with participants and authorities management are documented. Secondary site ComBanc has its primary site, a secondary site, a backup site, and an Operational Support Center. The capabilities implemented in the infrastructure in all sites are tested periodically as part of the exercise plans and business continuity testing and technological continuity. All sites are located in areas characterized by different conditions from an access perspective. Review and testing The business continuity and technological continuity plans are reviewed at least annually by the Risk Committee and the Audit Committee. Contingency plans are tested periodically with both participants and critical service providers. ComBanc is part of the Business Continuity Committee led by the BCCh that testes contingency plans for Sistema LBRT and its interdependent FMIs. Key consideration 7 An FMI should identify, monitor, and manage the risks that key participants, other FMIs, and service and utility providers might pose to its operations. In addition, an FMI should identify, monitor, and manage the risks its operations might pose to other FMIs. Description Risks to the FMI’s own operations ComBanc monitors the participants throughout the business cycle. In relation to the risks that may arise from interdependent FMIs, ComBanc is part of the Business Continuity Committee led by the BCCh that testes contingency plans for Sistema LBRT and interdependent FMIs. As far as the measurement and management of risks from external suppliers is concerned, ComBanc applies Cobit5 and monitors the risks of suppliers of critical services such as networks, data centers, financial messaging, and engineering support. Risks posed to other FMIs ComBanc can generate risks to the Sistema LBTR. ComBanc is part of the BCCh-led Committee where contingency plans are tested. Key conclusions ComBanc has established practices for the management of operational risk that are consistent with international standards and best practices. Policies and procedures are comprehensive and properly documented. 47 Assessment of Principle 17 Observed. Recommendations and comments 48 Principle 18. Access and participation requirements An FMI should have objective, risk-based, and publicly disclosed criteria for participation, which permit fair and open access. Key consideration 1 An FMI should allow for fair and open access to its services, including by direct and, where relevant, indirect participants and other FMIs, based on reasonable risk-related participation requirements. Description Participation criteria and requirements The requirements to be a participant in any high value clearing house such as ComBanc are described in Chapter III.H.5 of the CNF. The regulatory requirements include: (i) be a bank established in Chile, pursuant to article 35(8) of LOC, (ii) keep an account in the Central Bank, and; (iii) be a participant of the Sistema LBTR. ComBanc rulebook adds as requirements to (i) be a bank authorized by the SBIF (ii) subscribe a contractual agreement with ComBanc; (iii) open and maintain a CDLE account in the central bank. Participants must also comply with technological requirements. Access to trade repositories Not applicable. Key consideration 2 An FMI’s participation requirements should be justified in terms of the safety and efficiency of the FMI and the markets it serves, be tailored to and commensurate with the FMI’s specific risks, and be publicly disclosed. Subject to maintaining acceptable risk control standards, an FMI should endeavour to set requirements that have the least-restrictive impact on access that circumstances permit. Description Justification and rationale of participation criteria ComBanc participation requirements are established in the regulation of the BCCh and the ComBanc rulebook. Other criteria are risk-based, focusing on technological requirements. Least restrictive access There is only one class of participants – banks – which must meet common requirements. Disclosure of criteria Participation criteria are available in the rulebook of ComBanc. ComBanc participation policy was reviewed and approved by the BCCh in 2007. The rulebook is available on the website of ComBanc. Key consideration 3 An FMI should monitor compliance with its participation requirements on an ongoing basis and have clearly defined and publicly disclosed procedures for facilitating the suspension and orderly exit of a participant that breaches, or no longer meets, the participation requirements. Description Monitoring compliance At the beginning of each session, the access criteria requirement are monitored, as well as the bilateral and multilateral limits for each participant and collateral requirements. There is no obligation to 49 participants to report developments or events that could affect their ability to meet the daily requirements. Suspension and orderly exit The rulebook contemplates and regulates suspension and expulsion of participants for serious causes, as well as warnings and fees to be incurred as a result of infractions of the provisions of the rulebook and the relevant regulation. Serious causes that warrant suspension or expulsion of a participant are defined in the rulebook. If during the monitoring process, ComBanc detects that the risk profile of a participating bank deteriorates, it applies the mechanisms established in the rulebook. (See Principles 4, 5 and 7). A participant is suspended as long as it has not repaid its obligations resulting from the AFO. Key conclusions There is only one class of participants – banks – which must meet common requirements that are based on risks. Participation criteria are transparent and publicly disclosed. In practice, for a critical infrastructure such as ComBanc, limiting access to banks may affect the competitive balance among market participants and possibly cause a disadvantage to the costumers of those financial institutions that are not banks. It is worth noting that access criteria to ComBanc are constrained by LOC and regulations of BCCh (e.g. be a bank established in Chile. keep an account at the central bank and be authorized to operate in the Sistema LBTR), and ComBanc’s status as “Sociedad de Apoyo al Giro”. Assessment of principle 18 Broadly observed. Recommendations Authorities in cooperation with Combanc should re-evaluate the access and comments criteria in light of market needs and the risks that new prospective participants may pose, including those supervised by the SVS. Based on this evaluation – which must also consider operational capacity aspects of the system – authorities in cooperation with Combanc should determine whether to lift barriers to entry for non-banks. 50 Principle 21: Efficiency and effectiveness An FMI should be efficient and effective in meeting the requirements of its participants and the markets it serves. Key consideration 1 An FMI should be designed to meet the needs of its participants and the markets it serves, in particular, with regard to choice of a clearing and settlement arrangement; operating structure; scope of products cleared, settled, or recorded; and use of technology and procedures. Description ComBanc operates an Integrated Management System (SGI) based on the PAS99 standard, ISO 31000: 2009 - Risk Management and ISO 9001: 2015 - Quality Management. SGI defines the objectives, the operational structure, management systems, processes, technologies, and general procedures for operating the clearinghouse, in order to meet service level objectives. Evaluations are made annually by service quality surveys sent to participating banks. The main complaint of participants is occasional delays in informing participants that the collateral has been deposit to the CDLE account. Key consideration 2 An FMI should have clearly defined goals and objectives that are measurable and achievable, such as in the areas of minimum service levels, risk-management expectations, and business priorities. Description The main objective of ComBanc regarding the efficiency of its operations is to ensure effective and continuous services. It has established a target of availability of the services of 99.7%. ComBanc publishes actual results on its website. From a business continuity perspective, the BIA has established a RTO of less than two hours for critical activities that enable the delivery of services. Other metric according to current ISO standards and certifications are also used to measure ComBanc objectives in this area. According to ComBanc, the goals and objectives of operational effectiveness have been accomplished since the start of its operations in December 2005. Combanc also undertakes client satisfaction survey. According to the last two surveys (November 2015, December 2015), participants measurement of system uptime is 98.6%. Key consideration 3 An FMI should have established mechanisms for the regular review of its efficiency and effectiveness. Description ComBanc uses the Balanced Scorecard method to measure its performance and the achievement of its goals. Some of the measures are: (i) For information security: number of information delivered without authorization (ii) For financial monitoring: deviation of expenditures from the budget (iii) For participants satisfaction: number of complaints (iv) For business continuity: RTO 51 (v) For compliance: compliance with SBIF and Central Bank regulations which is evaluated by the board and by the SBIF through inspections (vi) For technology: number of incidents The results of these analyses are reported monthly to the board. Metrics are regularly reviewed. Key conclusions ComBanc maintains mechanisms including metrics to measure efficiency and effectiveness, also conducts surveys of customer satisfaction. The discrepancy between own measurement and customers’ feedback indicate that client perception of the operational reliability of the system is not aligned with the operator’s, or that different metrics are used. Assessment of Observed. Principle 21 Recommendations ComBanc should review its methodology to measure system availability and comments to ensure that its metric is comparable to its clients’, and that their perception of system reliability improves. 52 Principle 22: Communication procedures and standards An FMI should use, or at a minimum accommodate, relevant internationally accepted communication procedures and standards in order to facilitate efficient payment, clearing, settlement, and recording. Key consideration 1 An FMI should use, or at a minimum accommodate, internationally accepted communication procedures and standards. Description Communication procedures and standards ComBanc uses internationally accepted communication standards. ComBanc uses international standard SWIFT messaging to send transactions. Key conclusions ComBanc uses international standard SWIFT messaging to send transactions. Assessment of Principle 22 Observed. Recommendations and comments 53 Principle 23: Disclosure of rules, key procedures, and market data An FMI should have clear and comprehensive rules and procedures and should provide sufficient information to enable participants to have an accurate understanding of the risks, fees, and other material costs they incur by participating in the FMI. All relevant rules and key procedures should be publicly disclosed. Key consideration 1 An FMI should adopt clear and comprehensive rules and procedures that are fully disclosed to participants. Relevant rules and key procedures should also be publicly disclosed. Description Rules and procedures ComBanc rules and procedures are formalized in the rulebook and contracts. Additionally ComBanc has documented a comprehensive risk policy and corporate governance policy. The rulebook was approved by the BCCh in 2007 and has not been amended to date. All the procedures and processes have also been reviewed by the committees, external auditors, and certification companies. In the event that the rulebook requires revision, ComBanc should present the new version to the BCCh for approval and report it to the SBIF. Disclosure The rulebook is the only document available to the public. The rest of the manuals and procedures are considered for internal use. Documents related to operational issues, business continuity, the system are disclosed to the participant. Key consideration 2 An FMI should disclose clear descriptions of the system’s design and operations, as well as the FMI’s and participants’ rights and obligations, so that participants can assess the risks they would incur by participating in the FMI. Description The design of the clearinghouse system and its operations are described in details in the “Manual del Sistema de Cámara” and the rulebook. This information is fully disclosed to participants and discussed with new participants prior to joining the system. Training sessions are also made available at the request of participants and new entrants. Annual meetings are held with the participants. The rulebook includes the roles and responsibilities of the board and senior management, the rights and obligations of the participants, the risk control mechanisms, and the different procedures for settlement and sanctions. In case of changes to the rules and procedures (there have been no such instances since the clearinghouse started operations), participants should be informed after the approval of the BCCh has been obtained. ComBanc does not have a large degree of discretion on the operation of the system. Any discretional decision must be communicated to the SBIF and the BCCh. ComBanc presents to the participants an annual report of self-assessment of its performance. Key consideration 3 An FMI should provide all necessary and appropriate documentation and training to facilitate participants’ understanding of the FMI’s 54 rules and procedures and the risks they face from participating in the FMI. Description Rules, procedures and risks from the participation in the clearinghouse are provided /clarified prior to the signing of the contract. ComBanc organizes annual trainings with the personnel of the participant banks involved in the operations of the clearinghouse. Key consideration 4 An FMI should publicly disclose its fees at the level of individual services it offers as well as its policies on any available discounts. The FMI should provide clear descriptions of priced services for comparability purposes. Description The methodology for calculating the fees is available to the public through the website. Fees contemplate the following components: (i) Clearing services: two-part tariff comprising a fixed-amount fee for connection and access to the system and a variable fee based on the number of operations; (ii) DvP switch facility: similarly to clearing services, the fees for associated to this facility are comprised of a fixed-amount fee for the connection service, and variable fee based on the number of operations; (iii) New services, if/when they are developed; (iv) Reimbursement for expenses incurred by ComBanc, such as technological equipment to a participant or the cost of Swift messaging. ComBanc makes no public disclosure of their exact fees. The fees are communicated to each participant. Once a year, ComBanc notifies participants if there are changes in the fees. Fees are approved by the board. Key consideration 5 An FMI should complete regularly and disclose publicly responses to the CPSS-IOSCO disclosure framework for financial market infrastructures. An FMI also should, at a minimum, disclose basic data on transaction volumes and values. Description ComBanc has not completed the Disclosure Framework; however, in 2015 a disclosure of adherence to the PFMI was included in the Corporate Governance document and posted on website. The comprehensive risk management policy has been adapted to comply with the PFMI. Statistical information on the operations performed by ComBanc is available on the website. ComBanc rulebook is also published on the website. Key conclusions ComBanc has made available to its participants all the information necessary for their participation in the clearinghouse. Its rulebook is available to the general public. The fee methodology is available on the website. 55 ComBanc has prepared a disclosure framework twice and has made changes in its operating procedures according to the results. However, the Disclosure Framework has not been published. Assessment of Principle 23 Broadly observed. Recommendations ComBanc should complete the Disclosure Framework for FMIs and make and comments it available to the general public through its website or other appropriate means. 9 ComBanc should consider disclosing more information regarding the fees it charges, e.g. the fixed fees. 9 By April 2016, Combanc had published on its website a summary of the self-assessment prepared in 2015 for this ROSC. 56