Central counterparites highlight best practices for third party risk management

Like other parts of the financial system, CCPs enter into relationships with a wide range of domestic and foreign third-parties to outsource part or entire functions, interact directly with customers, address deficiencies in operations/compliance, leverage emerging technologies etc. In the interest of providing best in class services, CCP’s delivery model are moving increasingly from traditional in-house delivery methods to more complex supply chain models, requiring specialized skills and resources. This increases the need for better oversight of the third-parties utilized. CCP12 recognizes that if such third-parties do not have proper risk oversight and controls in place, a CCP, and the wider financial system, could be exposed to increased fiscal, operational, regulatory or reputational risks.

In that light, CCP12 believes it is best practice that CCPs adopt oversight and risk management processes that are commensurate with the level of risk and complexity introduced by its third-party relationships and the overall CCP organizational structure.

CCP12 supports the effective use of a third-party risk management framework that provides for ongoing operationalized risk management of critical third-party service providers, follows a continuous lifecycle, reduces risk exposure and improves overall transparency around third-party relationships.

“CCP12 elaborates on best practices for effective third-party risk management, which will reduce risks associated with the operational and commercial benefits that third-party relationships can bring to a CCP,” Mr. Lee Betsill, Chief Risk Officer at CME Group and member of the Executive Committee of CCP12.

Mrs. Ashwini Panse, Deputy Corporate Risk Officer at ICE Inc. and Co-Chair of the Operations Working Committee of CCP12 adds: “This paper is designed to provide a high-level educational tool, and best-practices approach to the industry on vendor risk management practices of CCPs”.