Chief Risk Officer's report
It is our mission and mandate to mitigate FX settlement risk and take a rigorous approach to risk mitigation for the benefit of the entire FX ecosystem. As we reflect on this past year’s financial and operational performance, we should also take this opportunity to look back at the risks we have faced and how we have managed them.
The past year has been eventful, both for global markets as a whole and for CLS in particular. We have faced increasing market volatility and uncertainty as well as various other challenges across the industry, including heightened geopolitical and cybersecurity risks. As a systemically important financial market infrastructure (FMI), our role at CLS is to reduce risk to as low as reasonably practicable, both for our members and our own internal operations. Despite these industry challenges, we have continued to deliver our critical services to ensure the safe and efficient functioning of FX markets.
To fulfill our mandate as a global FMI, we at CLS must rely heavily on sophisticated and flexible risk management practices which can adapt to risks stemming from fluctuations in the financial markets. During the year, we continued to enhance our risk management frameworks, policies and procedures to ensure they remain effective in identifying, assessing and managing risks. We also strengthened our risk culture and continue to work with our key stakeholders, in particular, to enhance risk awareness as it relates to the resilience of CLSSettlement. It is our mission and mandate to mitigate FX settlement risk and take a rigorous approach to risk mitigation for the benefit of the entire FX ecosystem.
“Our role at CLS is to reduce risk to as low as reasonably practicable, both for our members and our own internal operations ”
Our risk management framework is based on a robust and integrated approach which considers all relevant risks, including credit, market, liquidity, operational, legal, compliance and reputational risks. We apply a risk-based approach to identify the most material risks and develop appropriate mitigation strategies. Our risk appetite framework guides our risk-taking decisions and ensures that CLS operates within appropriate risk tolerance levels.
Noteworthy risks we managed during the year include:
- Cybersecurity Risk: The cyber threat environment is evolving rapidly with attacks becoming more frequent and sophisticated. Robust cyber defenses to reduce the likelihood of a successful attack are at the forefront of our cybersecurity program. We have taken various measures to mitigate this risk, including frequent cybersecurity assessments, vulnerability testing and staff training.
- Operational Risks: Operational risks are a key focus area for the organization and range from risk of data corruption and system disruption to third party risk as an example. In order to combat these risks, we have enhanced our third party risk framework, matured our Data Governance Office and have further strengthened our Resilience Program, which will enhance and strengthen our capability in all areas of operational risk.
- Credit Risk: CLS faces exposure to participant credit risk as it relates to their ability to meet CLSSettlement obligations. In 2022, we secured regulatory approval and implemented several enhancements to our internal credit rating model, strengthening our ability to identify, measure, monitor and control credit risks relating to CLSSettlement.
- Model Risk: We also completed enhancements to our Model Risk Management framework, including updating all model documentation and model performance plans and improved Management and Board reporting on model risk. This is a core component of the organization’s risk management regime and it contributes to our culture of effective challenge through rigorous examination of our core models.
- Compliance Risk: We remain fully compliant with prudential regulations and are further enhancing the firm’s compliance risk management framework, which seeks to align regulation to specific risks and controls. This work will continue in 2023.
In conclusion, I would like to thank our stakeholders for their continued support and cooperation in managing these risks with us. We remain committed to maintaining a strong risk management framework and ensuring the safe and efficient functioning of our markets.
Chief Risk Officer