A CCP shall have a sound framework for the comprehensive management of all material risks to which it is or may be exposed. A CCP shall establish documented policies, procedures and systems that identify, measure, monitor and manage such risks. In establishing risk-management policies, procedures and systems, a CCP shall structure them in a way as to ensure that clearing members properly manage and contain the risks they pose to the CCP.

A CCP shall take an integrated and comprehensive view of all relevant risks. These shall include the risks it bears from and poses to its clearing members and, to the extent practicable, clients as well as the risks it bears from and poses to other entities such as, but not limited to interoperable CCPs, securities settlement and payment systems, settlement banks, liquidity providers, central securities depositories, trading venues served by the CCP and other critical service providers.

A CCP shall develop appropriate risk management tools to be in a position to manage and report on all relevant risks. These shall include the identification and management of system, market or other interdependencies. If a CCP provides services linked to clearing that present a distinct risk profile from its functions and potentially pose significant additional risks to it, the CCP shall manage those additional risks adequately. This may include separating legally the additional services that the CCP provides from its core functions.

The governance arrangements shall ensure that the board of a CCP assumes final responsibility and accountability for managing the CCP’s risks. The board shall define, determine and document an appropriate level of risk tolerance and risk bearing capacity for the CCP. The board and senior management shall ensure that the CCP’s policies, procedures and controls are consistent with the CCP’s risk tolerance and risk bearing capacity and that they address how the CCP identifies, reports, monitors and manages risks.

A CCP shall employ robust information and risk-control systems to provide the CCP and, where appropriate, its clearing members and, where possible, clients with the capacity to obtain timely information and to apply risk management policies and procedures appropriately. These systems shall ensure, at least that credit and liquidity exposures are monitored continuously at the CCP level as well as at the clearing member level and, to the extent practicable, at the client level.

A CCP shall ensure that the risk management function has the necessary authority, resources, expertise and access to all relevant information and that it is sufficiently independent from the other functions of the CCP. The CCP chief risk officer shall implement the risk management framework including the policies and procedures established by the board.

A CCP shall have adequate internal control mechanisms to assist the board in monitoring and assessing the adequacy and effectiveness of a its risk management policies, procedures and systems. Such mechanisms shall include sound administrative and accounting procedures, a robust compliance function and an independent internal audit and validation or review function.

A CCP’s financial statement shall be prepared on an annual basis and be audited by statutory auditors or audit firms within the meaning of Directive 2006/43/EC of the European Parliament and of the Council ( 1 ).