Circular to licensed corporations Management of operational and remote booking risks of trading activities

In view of the findings from a recent thematic review of risk management practices of licensed corporations (LCs) as regards operational and remote booking risks arising from trading activities (please see the enclosed findings report for more information), the Securities and Futures Commission has published a circular in this context. Therein, the Commission describes its expectations as regards such practices, including expectations pertaining to operational and remote booking risk governance, controls, and monitoring.
According to the SFC, operational risk thereby „refers to the risk of losses resulting from inadequate or failed internal processes, people and systems“. Remote booking refers to „a business model where an LC, as a trade originating or executing entity, transfers the trading risks (eg, market or credit risk) to an offshore risk-booking affiliate through a group-wide remote booking arrangement. This arrangement may include a transfer pricing arrangement where cost-sharing or profit or loss allocation takes place amongst the group affiliates“. With that in mind, the SFC outlines the following key expectations:
(1) operational risk management: Far and foremost, the SFC expects LCs to adopt an adequate risk governance framework which addresses – at the least – the assignment of responsibilities as regards operational risk management, the regular review of the framework to ensure its effectiveness, and the provision of escalation protocols and which is commensurate with a firm’s sizes, business model, and risk profile. Additionally, the SFC expects firms to adopt adequate policies and procedures to monitor trading activity both pre-trade and post-trade to identify early any trading errors or even misconduct. These procedures must be in line with regulatory requirements and must be adjusted based on a firm’s individual risk profile. Additionally, where trade exceptions exist, firms need to take adequate measures to monitor trading thereunder to identify any „operational loopholes or misconduct in trading activities“.
(2) booking risk management: According to the Commission, booking risks may arise, for instance, where an LC’s transaction is rejected by a group affiliate for some reason or where the LC is subject to extraordinary transfer pricing arrangements in a group setting. As booking risks almost always involve multiple jurisdictions and multiple intra-firm counterparties and as booking risks can pose a substantial threat to an LC, the SFC expects companies to adopt an adequate risk governance framework which addresses – at the least –
– the assignment of responsibilities as regards the handling of underlying risks of „remote“ booking arrangements; and
– the adoption of a corporate mechanism to set up adequate booking risk policies and procedures among group affiliates and to identify any such risk within a group.
As far as controls and monitoring are concerned, the SFC expects firms to adopt adequate practices to ensure that positions are accurately booked and assigned to affiliates. Additionally, they shall develop so-called „trading mandates“ which would set out the responsibilities of trading staff as regards remote booking arrangements (including risk limits) and take adequate steps to monitor the mandates. Furthermore, firms need to create adequate „access policies“ to trading systems to ensure that only authorized trading staff can execute trades. Finally, LCs need to implement adequate control measures to „monitor the size of any losses to be allocated to them under transfer pricing arrangements and take appropriate measures to prevent material loss allocation which may impair their financial capability“.