Self-Regulatory Organizations; ICE Clear Europe Limited; Notice of Filing of Proposed Rule Change Relating to the ICE Clear Europe Outsourcing Policy, 47809-47811 [2022-16661]
Download as PDFAgencies
[Federal Register Volume 87, Number 149 (Thursday, August 4, 2022)] [Notices] [Pages 47809-47811] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 2022-16661] ----------------------------------------------------------------------- SECURITIES AND EXCHANGE COMMISSION [Release No. 34-95394; File No. SR-ICEEU-2022-014] Self-Regulatory Organizations; ICE Clear Europe Limited; Notice of Filing of Proposed Rule Change Relating to the ICE Clear Europe Outsourcing Policy July 29, 2022. Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934 (``Act''),\1\ and Rule 19b-4 thereunder,\2\ notice is hereby given that on July 19, 2022, ICE Clear Europe Limited filed with the Securities and Exchange Commission (``Commission'') the proposed rule changes described in Items I, II, and III below, which Items have been prepared primarily by ICE Clear Europe. The Commission is publishing this notice to solicit comments on the proposed rule change from interested persons. --------------------------------------------------------------------------- \1\ 15 U.S.C. 78s(b)(1). \2\ 17 CFR 240.19b-4. --------------------------------------------------------------------------- I. Clearing Agency's Statement of the Terms of Substance of the Proposed Rule Change ICE Clear Europe Limited (``ICE Clear Europe'' or the ``Clearing House'') is submitting its Outsourcing Policy (``Outsourcing Policy'' or ``Policy''), which would set out in a consolidated document how the Clearing House manages outsourcing arrangements with third party providers and affiliates of the Clearing House, as well as how the ICE Clear Europe Board maintains oversight of its outsourcing arrangements. A copy of the proposed Outsourcing Policy is set forth in Exhibit 5[sic].\3\ --------------------------------------------------------------------------- \3\ Capitalized terms used but not defined herein have the meanings specified in the ICE Clear Europe Clearing Rules and the Outsourcing Policy. --------------------------------------------------------------------------- II. Clearing Agency's Statement of the Purpose of, and Statutory Basis for, the Proposed Rule Change In its filing with the Commission, ICE Clear Europe included statements concerning the purpose of and basis for the proposed rule change and discussed any comments it received on the proposed rule change. The text of these statements may be examined at the places specified in Item IV below. ICE Clear Europe has prepared summaries, set forth in sections (A), (B), and (C) below, of the most significant aspects of such statements. (A) Clearing Agency's Statement of the Purpose of, and Statutory Basis for, the Proposed Rule Change (a) Purpose ICE Clear Europe is submitting its Outsourcing Policy which would describe, in a consolidated document, the Clearing House's procedures for management of its outsourcing arrangements. The Outsourcing Policy would complement the existing ICE Clear Europe Vendor Management Policy (``VMP''), which describes certain group-wide policies of the Clearing House's ultimate parent, Intercontinental Exchange, Inc., with respect to its outsourcing arrangements with third parties. The Outsourcing Policy also references ICE Clear Europe's Outsourcing Operating Manual (``OOM''), which sets out additional details concerning the steps it follows in order to introduce, amend and/or maintain outsourcing arrangements. The purpose of the Outsourcing Policy would be to set out, in a consolidated document, how the Clearing House manages its outsourcing arrangements, both with third party providers and its affiliates, and how the Clearing House's Board maintains oversight of the outsourcing arrangements. Together with the VMP, the Outsourcing Policy is intended to document how the Clearing House assesses the risks of outsourcing certain functions. The Policy is not expected to represent a change in the Clearing House's current practices, but rather to more clearly document those practices in a Clearing House level policy. The Outsourcing Policy would include an introduction section which describes the differences between outsourcing and purchasing services, the former being the Clearing House's use of a service provider to perform an ongoing activity that would usually be performed by the Clearing House and which often involves transferring or sharing related non-public proprietary information, and the latter being the Clearing House's purchases of services, goods and facilities and which would typically not include any transfer of non-public proprietary information. The Outsourcing Policy would also differentiate the Clearing House's outsourcing practices and purchasing arrangements in respect of third-party providers, which would be managed through the VMP, from outsourcing through its affiliates, which would typically have a lower risk profile for the Clearing House because such affiliates tend to be regulated entities with the same or similar systems, risk appetites, standards and processes, among other commonalities, as the Clearing House. The Policy would set out the Clearing House's overall objectives when considering outsourcing. The Policy would include a discussion of outsourcing to third parties and outsourcing to the Clearing House's affiliates. As mentioned, outsourcing to third parties is covered under the VMP, which covers due diligence, risk assessment, suitability, and performance management, among other topics. Outsourcing to affiliates of the Clearing House would follow the same process and standards as under the VMP; however, assessment would be performed by ICE Clear Europe's senior management rather than the Clearing House's Vendor Management Office. In all cases, the Clearing House would look to ensure that all service provider related incidents (such as service interruptions) are recorded and monitored and escalated to the Clearing House's senior management in a consistent manner. The Policy would provide the Clearing House would consider in its assessment of service providers that there can be lower risk in outsourcing functions to third parties that are also regulated or authorized. The Clearing House would consider in its assessment of a service provider how the service provider's jurisdiction impacts the risks associated with outsourcing functions to that service providers. ICE Clear Europe proposes to include in the Policy that it looks to manage any potential or actual conflicts of interest resulting from its outsourcing arrangements, particularly in respect of outsourcing arrangements it has with its affiliates. Additionally, ICE Clear Europe proposes to include in the Policy that it looks to reserve independent audit rights to check compliance with legal and regulatory requirements and policies in its outsourcing agreements with third party and affiliate service providers, as required. ICE Clear Europe also proposes to include in the Policy information about its cloud-based outsourcing arrangements. Outsourcing to the cloud is generally covered under the existing VMP. Relevant ICE Clear Europe and ICE Group policies, such as the Corporate Information Security Policy would also be considered when [[Page 47810]] engaging in cloud outsourcing arrangements. Adding a new or significantly change an existing cloud outsource arrangement would be covered under the OOM. The Policy would include a section describing the Clearing House's considerations when deciding whether to outsource a function considered ``critical or important''. A function is considered by the Clearing House to be ``critical or important'' where a defect or failure in its performance would materially impair the Clearing House's continuing compliance with the conditions and obligations or its authorizations or other obligations, financial performance or the soundness or continuity of its services and activities. The Policy would include an acknowledgment by the Clearing House that outsourcing ``critical or important'' functions could impact the Clearing House's risk profile, ability to oversee the service provider and manage risks, business continuity measures and performance of its business activities, to name a few. The Clearing House would ensure that such matters would be considered in the decision-making processes in respect of outsourcing. Additionally, ``critical or important'' functions would impact how the Clearing House would assess how an outsourcing arrangement is assessed, documented and managed by the Clearing House (including by having an exit plan, if practical). Also, if a function to be outsourced is or would be a dependency to the delivery of one or more of the Clearing House's important business services under its operational resilience framework, such function would be mapped accordingly with appropriate consideration given to potential vulnerabilities, resiliency and impact to the relevant impact tolerances. The Policy would include a discussion of additional considerations of particular importance to the Clearing House in light of its position as a systemically important financial market infrastructure and in alignment with its regulatory oversight. The Clearing House places particular importance on the following additional considerations when considering its outsourcing arrangements, each described in further detail in the proposed Policy: (i) business continuity arrangements, (ii) incident management responsiveness and reporting, (iii) independent assurances, and (iv) redundancies, notice periods and exit strategies. Regarding business continuity arrangements, during the onboarding process and through periodic reviews and testing the Clearing House would assess the service provider's business continuity plans to ensure that they are fit for the relevant purposes. Next, the Policy would state that incident management and responsiveness and timely reporting are important factors in the Clearing House's outsourcing arrangements, given the services that the Clearing House operates. Accordingly, the Clearing House would require that outsourcing providers have appropriate mechanisms for timely response and incident management. Regarding independent assurances, the Clearing House would, where possible and practicable, look to collect independent assurances of the outsourcing providers' services, which may include but are not limited to SOC2 audits, Regulation SCI audits and enterprise technology risk assessments. Finally, where possible and practicable, the Clearing House would look to mitigate the risk of disruption to its services from outsourcing providers ceasing to provide their services to the Clearing Houses, through redundancies (the use of multiple providers), sufficient notice periods, or exit strategies. The Policy would also include a section describing ICE Clear Europe's Board oversight of outsourcing arrangements. The Board oversees the Clearing House's outsourcing arrangement through risk appetite metrics that include service and incident reporting, operational risk reporting that covers typically Priority 3 incidents or higher, observed in the relevant period, their resolution and other performance metrics, and an Annual Outsourcing Assessment Report. The COO or its delegate would prepare the Annual Outsourcing Assessment Report, which would be reviewed by the Board each year directly or via its committees. The Annual Outsourcing Assessment Report would cover the following topics: (i) the activities and services that are outsourced, (ii) the identities of the outsource providers (iii) the performance of the outsourcing providers and their adherence to agreed service levels, (iv) where relevant, the security measures of the outsourcing providers, (v) risk reviews of the outsourcing providers, particularly those providing critical or important cloud outsourcing arrangements, (vi) exit strategies and contingency arrangements associated with outsourcing critical or important functions and (vii) results and conclusions of additional assurance mechanisms (for example, SOC2 audits) where applicable. Finally, the Policy would describe governance and exception handling. The document owner would be responsible for ensuring that it remains up-to-date and reviewed in accordance with the Clearing House's governance processes. Exceptions to the Policy would also be approved in accordance with such governance processes. Any deviations from the Policy would have to be appropriately escalated and reported in a timely manner by the document owner, and the document owner would also be responsible for reporting any material breaches or deviations to the President of ICE Clear Europe and the Risk Oversight Department in order to determine the appropriate governance escalation and notification requirements. (b) Statutory Basis ICE Clear Europe believes that the Outsourcing Policy is consistent with the requirements of Section 17A of the Act \4\ and the regulations thereunder applicable to it. In particular, Section 17A(b)(3)(F) of the Act \5\ requires, among other things, that the rules of a clearing agency be designed to promote the prompt and accurate clearance and settlement of securities transactions and, to the extent applicable, derivative agreements, contracts, and transactions, the safeguarding of securities and funds in the custody or control of the clearing agency or for which it is responsible, and the protection of investors and the public interest. --------------------------------------------------------------------------- \4\ 15 U.S.C. 78q-1. \5\ 15 U.S.C. 78q-1(b)(3)(F). --------------------------------------------------------------------------- The Outsourcing Policy is designed to consolidate and document ICE Clear Europe's existing procedures for considering whether to outsourcing functions and managing related risks. The Policy would, among other matters, document the objectives of the Clearing House in outsourcing responsibilities to various third parties (including affiliates) and managing related risks, including conflict of interest risks and legal and regulatory requirements. The Policy would also set out in detail certain key considerations of the Clearing House in outsourcing ``critical or important'' functions. In ICE Clear Europe's view, the Policy will thus facilitate management of the risks related to outsourcing functions, and thereby promote the efficient operation and stability of the Clearing House and the prompt and accurate clearance and settlement of cleared contracts. The enhanced risk management for outsourcing is therefore also generally consistent with the protection of investors and the public interest in the [[Page 47811]] safe operation of the Clearing House. (ICE Clear Europe would not expect the adoption of the Policy to affect materially the safeguarding of securities and funds in ICE Clear Europe's custody or control or for which it is responsible.) Accordingly, the Policy satisfies the requirements of Section 17A(b)(3)(F).\6\ --------------------------------------------------------------------------- \6\ 15 U.S.C. 78q-1(b)(3)(F). --------------------------------------------------------------------------- The Outsourcing Policy is also consistent with relevant provisions of Rule 17Ad-22.\7\ Rule 17Ad-22(e)(3)(i) provides that ``[e]ach covered clearing agency shall establish, implement, maintain and enforce written policies and procedures reasonable designed to, as applicable [. . .] identify, measure, monitor and manage the range of risks that arise in or are borne by the covered clearing agency''.\8\ The Outsourcing Policy is intended to document the Clearing House's practices that relate to management of the Clearing House's outsourcing functions and builds on the existing VMP. In ICE Clear Europe's view, as set out above, the Policy would facilitate overall risk management with respect to outsourcing, consistent with the requirements of Rule 17Ad-22(e)(3)(i).\9\ --------------------------------------------------------------------------- \7\ 17 CFR 240.17 Ad-22. \8\ 17 CFR 240.17 Ad-22(e)(3)(i). \9\ 17 CFR 240.17 Ad-22(e)(3)(i). --------------------------------------------------------------------------- Rule 17Ad-22(e)(2) provides that ``[e]ach covered clearing agency shall establish, implement, maintain and enforce written policies and procedures reasonable designed to, as applicable [. . .] provide for governance arrangements that are clear and transparent'' \10\ and ``[s]pecify clear and direct lines of responsibility''.\11\ As discussed, the Outsourcing Policy would clarify certain responsibilities of the Clearing House Board and COO in relation to oversight of the Clearing House's outsourcing arrangements. In line with the Clearing House's other policies and procedures, the Policy would also describe the responsibilities of the document owner and appropriate escalation and notification requirements for responding to exceptions and deviations from the Policy. In ICE Clear Europe's view, the Policy is therefore consistent with the requirements of Rule 17Ad- 22(e)(2).\12\ --------------------------------------------------------------------------- \10\ 17 CFR 240.17 Ad-22(e)(2)(i). \11\ 17 CFR 240.17 Ad-22(e)(2)(v). \12\ 17 CFR 240.17 Ad-22(e)(2). --------------------------------------------------------------------------- (B) Clearing Agency's Statement on Burden on Competition ICE Clear Europe does not believe the Outsourcing Policy would have any impact, or impose any burden, on competition not necessary or appropriate in furtherance of the purposes of the Act. The Policy is being adopted to document the Clearing House's practices relating to management of outsourcing arrangements, both with third parties and affiliates. The Policy does not change the rights or obligations of Clearing Members or the Clearing House under the Rules or Procedures. Accordingly, ICE Clear Europe does not believe that adoption of the Policy would adversely affect competition among Clearing Members, materially affect the costs of clearing, adversely the ability of market participants to access clearing or the market for clearing services generally, or otherwise adversely affect competition in clearing services. Therefore, ICE Clear Europe does not believe the proposed rule change imposes any burden on competition that is not necessary or appropriate in furtherance of the purposes of the Act. (C) Clearing Agency's Statement on Comments on the Proposed Rule Change Received From Members, Participants or Others Written comments relating to the proposed amendments have not been solicited or received by ICE Clear Europe. ICE Clear Europe will notify the Commission of any written comments received with respect to the proposed rule change. III. Date of Effectiveness of the Proposed Rule Change and Timing for Commission Action Within 45 days of the date of publication of this notice in the Federal Register or within such longer period up to 90 days (i) as the Commission may designate if it finds such longer period to be appropriate and publishes its reasons for so finding or (ii) as to which the self-regulatory organization consents, the Commission will: (A) by order approve or disapprove such proposed rule change, or (B) institute proceedings to determine whether the proposed rule change should be disapproved. IV. Solicitation of Comments Interested persons are invited to submit written data, views, and arguments concerning the foregoing, including whether the proposed rule change is consistent with the Act. Comments may be submitted by any of the following methods: Electronic CommentsUse the Commission's internet comment form (https://www.sec.gov/rules/sro.shtml) or Send an email to [email protected]. Please include File Number SR-ICEEU-2022-014 on the subject line. Paper Comments Send paper comments in triplicate to Secretary, Securities and Exchange Commission, 100 F Street, NE, Washington, DC 20549-1090. All submissions should refer to File Number SR-ICEEU-2022-014. This file number should be included on the subject line if email is used. To help the Commission process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission's internet website (https://www.sec.gov/rules/sro.shtml). Copies of the submission, all subsequent amendments, all written statements with respect to the proposed rule change that are filed with the Commission, and all written communications relating to the proposed rule change between the Commission and any person, other than those that may be withheld from the public in accordance with the provisions of 5 U.S.C. 552, will be available for website viewing and printing in the Commission's Public Reference Room, 100 F Street, NE, Washington, DC 20549, on official business days between the hours of 10:00 a.m. and 3:00 p.m. Copies of such filings will also be available for inspection and copying at the principal office of ICE Clear Europe and on ICE Clear Europe's website at https://www.theice.com/clear-europe/regulation. All comments received will be posted without change. Persons submitting comments are cautioned that we do not redact or edit personal identifying information from comment submissions. You should submit only information that you wish to make available publicly. All submissions should refer to File Number SR-ICEEU-2022-014 and should be submitted on or before August 25, 2022. For the Commission, by the Division of Trading and Markets, pursuant to delegated authority.\13\ --------------------------------------------------------------------------- \13\ 17 CFR 200.30-3(a)(12). --------------------------------------------------------------------------- J. Matthew DeLesDernier, Deputy Secretary. [FR Doc. 2022-16661 Filed 8-3-22; 8:45 am] BILLING CODE 8011-01-P
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
