slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Dieter REICHWEIN Directorate General Payment Systems and Market Infrastructure European Central Bank PowerPoint Presentation
Download Presentation
Dieter REICHWEIN Directorate General Payment Systems and Market Infrastructure European Central Bank

Loading in 2 Seconds...

play fullscreen
1 / 32

Dieter REICHWEIN Directorate General Payment Systems and Market Infrastructure European Central Bank - PowerPoint PPT Presentation


  • 212 Views
  • Uploaded on

Market infrastructures‘ business continuity: Eurosystem roles and activities. Dieter REICHWEIN Directorate General Payment Systems and Market Infrastructure European Central Bank. The sixth international payment system conference, Budapest, 14 November 2007. Introduction Standard setting

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Dieter REICHWEIN Directorate General Payment Systems and Market Infrastructure European Central Bank' - antranig


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Market infrastructures‘ business continuity: Eurosystem roles and activities

Dieter REICHWEIN

Directorate General Payment Systems and Market Infrastructure

European Central Bank

The sixth international payment system conference, Budapest, 14 November 2007

outline
Introduction

Standard setting

Fostering co-operation and information sharing

Leading by example in the design of own systems

Simulation exercises

Outline
slide4
Guaranteeing the continued operation of all core business activities in the event of sustained and severe disruptions

Dealing with unexpected and unpredictable events

Process that requires permanent review and improvement

Possible trade-off between costs of business arrangements of individual players and the expected benefits

1. Introduction

What is business continuity?

slide5
The smooth functioning of market infrastructures is crucial for the functioning of the entire financial system, including

The implementation of the monetary policy of the central bank

Financial stability

Through network effects and the backbone function of major infrastructures, shocks can be transmitted

From infrastructures to participants (and vice versa)

Between different market segments (e.g. payments and securities)

1. Introduction

Why is business continuity of market infrastructures crucial?

slide6
Changed operational conditions

Move towards real-time processing

Increased operational complexity (interdependencies within and between market segments and geographical regions)

New types of threats (e.g. terrorist attacks)

Shortcomings of existing BC plans – continuous learning curve

Too narrow scope of scenarios considered

Lack of consideration of dependence on third-party service providers

Lack of compatibility of individual plans

1. Introduction

Why has the importance of business continuity increased?

slide7
Complex and consolidating market infrastructure

Role of investment cycles

Bigger infrastructures may have the possibility to invest more in business continuity (e.g. TARGET1 vs. TARGET2)

Up until now strong national dimension of existing policies, practices and plans

1. Introduction

Euro area specificities in the field of business continuity

slide8
Eurosystem objective in the field of business continuity

Ensure the existence of adequate and co-ordinated business continuity strategies and plans of the various actors (central banks, market infrastructures, critical participants and third-party service providers)

1. Introduction

Reasons for Eurosystem involvement in business continuity

  • Statutory responsibilities
  • Existing externalities (individual costs vs. benefit for society)
  • Co-ordination needs due to system interdependencies and European / global dimension of the issue
slide9

1. Introduction

Eurosystem measures / activities

  • Ensure that existing standards and policies adequately reflect new threats and requirements
  • Fostering co-operation and information sharing
  • Leading by example
  • Preparing and co-ordinating simulation exercises
slide10

Market infrastructures‘ business continuity: Eurosystem roles and activities

1I. Standard setting

slide11
Develop policies and standards, as far as possible in co-operation with the market (through round tables, public consultation etc.), that ensure an adequate level of infrastructure protection

Consistent enforcement at national levels (also to ensure a level playing-field for market infrastructures across Europe)

1I. Standard-setting

Euro area objectives

Situation in different fields

  • Payment systems: BC Oversight Expectations for SIPS, June 2006
  • SWIFT: G10 High-level Expectations, June 2007
  • Securities settlement systems: ESCB/CESR not yet finalised
slide12
Aimed at establishing a common framework in the euro area for the implementation of Core Principle VII that adequately reflects new threats and requirements in the field of business continuity

Implementation of the Expectations:

SIPS: by mid 2009

Critical participants: by mid 2010

Eurosystem to review implementation progress

1I. Standard-setting

Business Continuity Oversight Expectations for SIPS (I)

slide13

1I. Standard-setting

Business Continuity Oversight Expectations for SIPS (II)

  • Four main elements:
  • Definition of BC objectives and strategies
    • To be reviewed and approved at board level
    • Identification of critical functions (including outsourced functions)
    • Recovery and resumption of critical functions within the same settlement day („good practice“: within 2 hours; settlement of a limited number of critical payments should be possible at any time)
slide14

1I. Standard-setting

  • Developing business continuity plans
    • Ensure continuity of the service in a variety of plausible scenarios including major disasters, outages or disruptions covering a wide area
    • Consider scenarios where the primary site, critical functions and/or staff remain unavailable for more than a day
    • Ensure a different risk profile of and an appropriate geographic separation between the primary and the secondary site
    • Identify external dependencies and highlight any remaining single points of failure
    • Critical participants should also have a second processing site and same recovery time objectives as SIPS
slide15

1I. Standard-setting

  • Communication and crisis management
    • Clear procedures to respond to a crisis event
    • Establishment of a multi-discipline and multi-skilled Crisis Management Team (CMT) responsible for maintaining the crisis management plan (CMP)
  • Testing and regular updating business continuity plans
    • Update plans at least every 12 months
    • Good practice: participation in industry-wide testing
slide16

SWIFT is expected to:

(i) to ensure that its critical services are available, reliable and resilient by implementing appropriate policies and procedures, and devoting sufficient resources, and that

(ii) business continuity management and disaster recovery plans support the timely resumption of its critical services in the event of an outage.

1I. Standard-setting

High level expectations for SWIFT, June 2007:

  • Developed by G10 SWIFT Co-operative Oversight Group
  • Primary focus on operational risk
  • The five high level expectations cover:
    • Risk identification and management
    • Information security
  • Reliability and resilience
  • Technology planning
  • Communication with users
slide17

1I. Standard-setting

Situation in the field of securities settlement

  • Currently no harmonised standards in the EU available due to blocking of the ESCB/CESR work that tried to adapt the existing CPSS/IOSCO Standards to the EU environment
  • However, following initiatives of the ECB and the European Commission and discussion at the level of ECOFIN, the work is now being resumed with the objective to further clarify the scope, legal basis and content of the standards
  • Proposal on the way forward to be made in spring 2008
slide18

1I. Standard-setting

Some general experience / feedback from the market

  • Public authorities to take the lead in setting standards, but preferably in co-operation with the market
  • Lack of knowledge in the market on existing standards and initiatives at national, euro area, EU and global levels
  • Existing standards show significant differences in terms of:
    • General approach (high-level vs. checklist; compulsary vs. “good practice” etc.)
    • Scope, structure and level of detail
    • Terminology and definitions (e.g. critical participant)
  • Issue of multi-country players
slide19

Market infrastructures‘ business continuity: Eurosystem roles and activities

III. Fostering co-operation and information sharing

slide20

III. Fostering co-operation and information sharing

Eurosystem objectives

  • Ensure availability of all relevant (static) information to all parties concerned through the development of an effective information sharing network
  • Ensure effective crisis communication between public authorities and with the market participants
  • Cover all relevant market segments and geographical levels (euro area / EU; global)
slide21

III. Fostering co-operation and information sharing

Development of an information sharing network (I)

  • First step: compilation of the relevant information:
    • Collate existing standards, guidelines, best practices etc. at national, EU and G10 level; including conducting a consistency check of terminology (list of critical terms) and content of the standards, not with the aim of harmonising but to explain national peculiarities
    • Identify critical market infrastructures, service-providers / utilities and participants, including in particular those operating in various countries
    • Collate business continuity related contact groups etc.
  • Information dissemination approach: „need to know“ - basis
slide22

III. Fostering co-operation and information sharing

Development of an information sharing network (II)

  • Development of a public BC domain on the websites of the ECB and the NCBs - for making non-confidential information on BC available to all relevant stakeholders, e.g.:
    • Explanation of the role of the Eurosystem/ESCB in BC
    • National, EU and G10 standards and initiatives
    • Glossary of major BC terms
    • Links to the relevant BC public domains of the other NCBs/ECB
  • Use of a restricted BC domain - for sharing information of more confidential nature among central banks / public authorities
slide23

III. Fostering co-operation and information sharing

Ensuring effective crisis communication (I)

  • Need to define procedures and mechanisms ensuring clear and accurate information flows, both internally and externally
    • Who communicates with whom, in which situation, on what and using which communication channels?
  • Feedback from market participants at ECB conference on BC, September 2006:
    • At national level, market players generally know the contact points at their national authorities
    • Most infromation will flow via the existing national structures
    • Public authorities to take care of cross-market and cross-country communication
slide24

III. Fostering co-operation and information sharing

Ensuring effective crisis communication (II)

  • Crisis communication cascade at Eurosystem / ESCB level
    • Each central bank acts as contact point for other central banks as far as contacts with both other national authorities and with market infrastructures for which they act as (lead) overseer are concerned
  • Similar communication network at G10 level
  • Memorandum of Understanding for information sharing between overseers and banking supervisors
slide25

Market infrastructures‘ business continuity: Eurosystem roles and activities

1V. Leading by example in the design of own systems

slide26

IV. Leading by example

  • Development of TARGET2: significant improvement inter alia in business continuity terms due to new design concept
  • Two regions / four sites
  • Recovery and resumption objective
    • 2 hours for regional desaster
    • < 1 hour for other scenarios
  • Minimum service level through independent Contigency Module
  • Requirements for (critical) participants regarding system security and business continuity
slide27

Market infrastructures‘ business continuity: Eurosystem roles and activities

V. Simulation exercises

slide28

V. Simulation exercises

Activities at the level of individual infrastructures

  • The BC Oversight Expectations for SIPS require regular testing of BC plans, inter alia to:
    • Validate the effectiveness of the BC strategy
    • Verify that arrangements are viable in practice
    • Ensure continued readiness
    • Familiarise staff with the operation of the plan and their responsibilities
    • Evaluate co-ordination needs with external service providers
slide29

V. Simulation exercises

Activities at national levels in the EU (I)

  • In 2006 – 2007, cross-system simulation exercises have been conducted in various EU countries
  • Exercises have been organised by
    • BC working groups, including the central banks, other public authorities and major market players
    • The national central bank
    • Other public authorities
slide30

V. Simulation exercises

Activities at national levels in the EU (II)

  • Stated objectives of the exercises were, inter alia, to:
    • Test the national crisis communication infrastructure
    • Optimise individual participants crisis management and BC organisation
    • Test the interoperability of individual BC plans
    • Test the availability of decision-makers and ensure their awareness of their roles
    • Check availability of secondary site
  • Frequency of tests depends on what is going to be tested
  • Ideas in various countries to increase complexity, frequency and/or number of involved players etc. in future exercises
slide31

V. Simulation exercises

Activities at European level (I)

  • No simulation exercises involving market participants have been conducted so far
  • However, Eurosystem has started work on preparing such an exercise with the objectives of e.g.:
    • Checking the interoperability of BC plans on a wider scale
    • Better understanding existing interdependencies across infrastructures and market segments
  • To be based on current set up of existing BC arrangements and organisational and communication structures
slide32

V. Simulation exercises

Activities at European level (II)

  • Possible start with a rather simple exercise and gradual widening of the scenarios to be considered in terms of
    • Impacted or failed parties
    • Type of failure(s) (premeses, staff, IT, utility service)
    • Time, duration and geographical reach
  • Discussions started at Eurosystem level; subsequently market players to be involved
  • First exercise involving market players possibly in 2008/2009
    • Significant time for planning and preparation needed
    • Priorisation of the tests needs to consider national initiatives as well as major ESCB projects and events (e.g. TARGET2)