The key components of the governance arrangements of the CCP that define its organisational structure as well as clearly specified and well-documented policies, procedures and processes by which its board and senior management operate shall include the following:

A CCP shall have adequate staff to meet all obligations arising from this Regulation and from Regulation (EU) No 648/2012. A CCP shall not share its staff with other group entities, unless under the terms of an outsourcing arrangement in accordance with Article 35 of Regulation (EU) No 648/2012.

A CCP shall establish lines of responsibility which are clear, consistent and well-documented. A CCP shall ensure that the functions of the chief risk officer, chief compliance officer and chief technology officer are carried out by different individuals, who shall be employees of the CCP entrusted with the exclusive responsibility of performing these functions.

A CCP that is part of a group shall take into account any implications of the group for its own governance arrangements including whether it has the necessary level of independence to meet its regulatory obligations as a distinct legal person and whether its independence could be compromised by the group structure or by any board member also being a member of the board of other entities of the same group. In particular, such a CCP shall consider specific procedures for preventing and managing conflicts of interest including with respect to outsourcing arrangements.

Where a CCP maintains a two-tiered board system, the role and responsibilities of the board as established in this Regulation and in Regulation (EU) No 648/2012 shall be allocated to the supervisory board and the management board as appropriate.

The risk management policies, procedures, systems and controls shall be part of a coherent and consistent governance framework that is reviewed and updated regularly.