A. Description of Landscape

5. FMIs form a key role in facilitating the clearing, settlement and recording of monetary and other financial transactions and fostering financial stability in Canada. There are multiple FMIs that handle transactions for payments, securities, and derivatives contracts in Canada (Figure 1). The transaction values cleared, settled or outstanding in these FMIs are relatively sizeable, making most of them systemically important, and therefore, designated as such (Table 2). Important FMIs include:

View Full Size

Canada: Financial Market Infrastructure Landscape

Citation: IMF Staff Country Reports 2020, 022; 10.5089/9781513527222.002.A001

Source: IMF staff.Note: Trade repositories are not shown. Fixed income transactions cleared in CDCS are settled in CDSX.

• Download Figure
• Download figure as PowerPoint slide

^{Table 2.}

Canada: Transactions Values of Designated Financial Market Infrastructures

(In billions of Canadian dollar; unless, indicated otherwise)

Source: Bank of Canada.

^{Table 2.}

Canada: Transactions Values of Designated Financial Market Infrastructures

(In billions of Canadian dollar; unless, indicated otherwise)

Measure	2015	2016	2017	2018
LVTS
Daily average settled	171	175	173	181
CDSX
Daily average value of equity and fixed-income securities cleared and settled	478	493	541	578
Average value of securities held at the CSD (in trillions of Canadian dollar)	4.6	5.1	5.4	5.2
CDCS
Daily average of OTC repos cleared	22	27	27	28
Daily average notional value cleared for exchange-trade derivatives	101	121	134	139
Daily average notional value cleared for OTC derivatives (in millions of Canadian dollar)	7.9	9.7	13.3	10.6
ACSS
Daily average value settled	-	26	28	29
CLS Bank
Daily average Canadian dollar/foreign exchange settlement	173	178	199	216
LCH Swap Clear
Notional outstanding CAD-denominated OTC interest rate swaps as at December 31 (in trillions of Canadian dollar)	8.7	9.6	12.1	18.4

Source: Bank of Canada.

View Table

^{Table 2.}

Canada: Transactions Values of Designated Financial Market Infrastructures

(In billions of Canadian dollar; unless, indicated otherwise)

Measure	2015	2016	2017	2018
LVTS
Daily average settled	171	175	173	181
CDSX
Daily average value of equity and fixed-income securities cleared and settled	478	493	541	578
Average value of securities held at the CSD (in trillions of Canadian dollar)	4.6	5.1	5.4	5.2
CDCS
Daily average of OTC repos cleared	22	27	27	28
Daily average notional value cleared for exchange-trade derivatives	101	121	134	139
Daily average notional value cleared for OTC derivatives (in millions of Canadian dollar)	7.9	9.7	13.3	10.6
ACSS
Daily average value settled	-	26	28	29
CLS Bank
Daily average Canadian dollar/foreign exchange settlement	173	178	199	216
LCH Swap Clear
Notional outstanding CAD-denominated OTC interest rate swaps as at December 31 (in trillions of Canadian dollar)	8.7	9.6	12.1	18.4

Source: Bank of Canada.

B. Regulatory, Supervisory, and Oversight Framework

6. The general legal and regulatory framework involves both public and private laws.⁸ Public laws are rules that are compulsory by statute. Private laws establish the legal framework for voluntary arrangements. The most relevant legislation for FMIs include the following:⁹

• Canadian Payments Act (CP Act). The CP Act, introduced in1985, sets out the legal framework for Payments Canada, including its mandate, membership eligibility, the role of the Board of Directors, and oversight responsibilities of the Minister of Finance.¹⁰ The Minister also has the power to issue a directive including a directive to make, amend or repeal a by-law, rule or standard. If a directive is related to the operation of a designated system (LVTS or ACSS), the Minister must consult with the BOC Governor before issuing the directive.

• Payment Clearing and Settlement Act (PCSA). The PCSA, enacted in 1996, assigns the BOC statutory responsibility to designate systemically important clearing and settlement systems, and prominent payment systems. The BOC oversees them with the objective of managing systemic or payment system risks.

• Bank of Canada Act (BOC Act). The BOC Act empowers the BOC to provide banking services such as bank accounts, securities accounts and safekeeping services, Canadian dollar-denominated payments, settlement services to payment clearing and settlement systems, and fully collateralized loans.¹¹

C. Major Changes and Reforms

7. The CP Act is under review in parallel with payments modernization. The Department of Finance (DOF) has led consultations on the review of the CP Act, which concluded in July 2018.¹² The review focused on governance arrangements and membership rules for Payments Canada. The CP Act was earlier amended in 2015 to strengthen the governance framework and independent decision-making by the board of directors of Payments Canada. The CP Act was also reviewed in response to efforts to modernize payment systems, for which membership rules would need to be considered. The BOC is also expected to review the broadening of access to settlement accounts.

8. The PCSA was amended to strengthen FMI oversight and make the BOC the resolution authority, and changes were made to clearing agency requirements. During 2014, amendments expanded the scope of the BOC’s oversight responsibilities for clearing systems that pose systemic risk to also cover systems that pose payment system risk. Powers were enhanced in areas related to providing settlement accounts to a clearing house, the entering into cooperative oversight agreements, the prohibition or restriction of participation by foreign entities, and the charging back of expenses to a designated clearing house. Further amendments were made in 2017 to enhance the BOC’s directive powers to permit timelier intervention, broaden the range of conditions to issue a directive, and allow the right to make representations by the FMI operator prior to the BOC Governor issuing a directive (to create consistency between the PCSA and other federal legislation such as the Bank Act). The BOC Governor may issue a directive that is temporary without an opportunity to make representations if the BOC Governor believes representations would undermine the directive’s effect. The approval for significant changes at designated FMIs and the BOC’s distinct authority for entering into oversight agreements were also part of the amendments in 2017. Finally, amendments to include a resolution regime for designated FMIs were completed in 2018. As of June 25, 2019, both Part I.1 of the PCSA and accompanying Payment Clearing and Settlement Regulations were in force, completing the implementation of the FMI resolution regime. Amendments to clearing agency requirements were largely aimed at enhancing operational system requirements in line with international standards.¹³

9. FMIs are undergoing a major change in technology with the move towards real-time gross settlement (RTGS) and faster retail payments. Under Payments Canada’s plans, old infrastructure would be replaced, and new systems created.¹⁴ LVTS’s current deferred net settlement system will be replaced with a RTGS system called Lynx, which is expected to be implemented by 2021. ACSS will be gradually replaced with a retail batch clearing system named the Settlement Optimization Engine. A new real-time retail payment system will be developed as a third core payment system. TMX Group is also modernizing its technology supporting the clearing, depository, and risk management functions for CDSX and CDCS.

A. Regulation, Supervision, and Oversight of FMIs

10. The BOC has issued a Guideline that defines the criteria for identifying FMIs.¹⁵ The PCSA provides the BOC with two main oversight responsibilities, including (i) designating FMIs that have the potential to pose systemic or payment system risks, and overseeing these designated FMIs to ensure that they are adequately controlling systemic or payment system risk. A clearing and settlement system is eligible for designation if it has three or more participants (with at least one of which is Canadian, and at least one of which is headquartered in a different Canadian province or a different country than the FMI’s head office), clears or settles transactions that is all or partly in Canadian dollar, and provides the ultimate settlement of payment obligations at the BOC (except for the clearing or settlement of derivatives contracts). The designation of FMIs that may pose systemic risk considers three criteria, including (i) the size of transactions cleared or settled by the FMI; (ii) the degree to which the FMI plays a critical role in supporting Canadian financial markets and the Canadian economy; and (iii) the size of obligations that Canadian participants can incur through participation in the FMI. The designation of prominent payment systems that could pose payment system risks considers five criteria, including: (i) value and volume of transactions; (ii) availability of substitutes; (iii) time criticality of payments; (iv) centrality; and (v) interdependence.

11. Recognition of a clearing agency is also required under provincial securities legislation where terms and conditions and the clearing rule would apply. A Companion Policy 24–102 sets out how the Canadian Securities Administrators (CSA), which is an umbrella association of provincial and territorial securities regulators in Canada, apply the provision of the National Instrument 24–102 relating to clearing agency recognition or exemption from recognition. The relevant provincial securities regulators include the Alberta Securities Commission (ASC), Autorité des marchés financiers (AMF), the British Columbia Securities Commission (BCSC), and the Ontario Securities Commission (OSC). The CSA takes the view that a clearing agency that is systemically important to a jurisdiction’s capital markets, or that is not subject to comparable regulation by another regulatory body, will generally be recognized by a securities regulator. A securities regulator may consider the systemic importance of a clearing agency to its capital markets based on the following list of guiding factors: (i) value and volume of transactions processed, cleared and settled by the clearing agency; (ii) risk exposures (particularly credit and liquidity) of the clearing agency to its participants; (iii) complexity of the clearing agency; and (iv) centrality of the clearing agency with respect to its role in the market, including its substitutability, relationships, interdependencies and interactions. The list of guiding factors is non-exhaustive, and no single factor will be determinative in an assessment of systemic importance. A securities regulator retains the ability to consider additional quantitative and qualitative factors as may be relevant and appropriate.

12. Canadian authorities responsible for the regulation, supervision and oversight of FMIs include the BOC, the DOF, and certain provincial securities regulators. The PCSA establishes the BOC’s authority over SIPSs, CCPs, and CSDs/SSSs. The BOC and the DOF have shared responsibility of overseeing payment systems. The BOC and provincial securities regulators jointly oversee CSDs/SSSs and CCPs. The provincial securities regulators regulate TRs. Provincial securities regulators are members of the CSA. The BOC and the provincial securities regulators adopted the CPMI-IOSCO PFMI` as their risk-management standard for CCPs/CSDs.

13. The division of powers and responsibilities among authorities for regulating, supervising, and overseeing FMIs could be clearly defined in the BOC PCSA Guideline. Preferably, legislation should clearly specify which authority or authorities have regulatory, supervisory, or oversight responsibility for an FMI designated as an entity that falls within a specific legislative mandate. The PCSA includes provisions on securities and derivatives clearing houses and clearly states the BOC as the authority. The PCSA does not state the role of the provincial securities regulators over CCPs, CSDs/SSSs, and TRs. The latter is provided by the provincial securities or derivatives legislation of each responsible authority, and relevant legal instruments.¹⁶ The BOC and three provincial securities regulators have established a memorandum of understanding (MoU) respecting the oversight of certain clearing and settlement systems since 2014. A joint oversight framework (similar to the joint Guide to Intervention developed by the Office of the Superintendent of Financial Institutions (OSFI) and the Canada Deposit Insurance Corporation (CDIC)) should be developed.

B. Regulatory, Supervisory, and Oversight Powers and Resources

14. The PCSA provides oversight powers for the BOC.¹⁷ These powers include information gathering, designation of systemically important FMIs and prominent payment systems, entering into agreements with a designated FMI, auditing, issuance of directives, application to a superior court to enforce compliance, and advanced notification of changes by FMIs. For designation, the PCSA also requires that the opinion from the Minister of Finance that this is in the public interest. Additional powers support the BOC’s mandate to ensure that systemic risk and payment system risk are managed. They include the legal enforceability of netting, the immunity of settlement rules to legal stays, the guarantee of settlement, the provision of liquidity loans, and the acceptance and payment of interest on deposits from the FMIs and their participants.

15. The BOC has directive powers, and its use requires approval from the DOF for FMIs established by or under a statute. This directive power extends to FMI participants. The BOC has not issued any directives for FMIs to date as moral suasion has been effective and circumstances have not warranted their use. Directive powers, if issued, enforce compliance. The BOC Governor requires the approval of the Minister of Finance before issuing a written directive to a designated FMI that is established by or under a statute. That is, the requirement applies to designated payment systems (LVTS, ACSS), which have been established under the CP Act. Under the CP Act, the Minister of Finance has the responsibility to oversee Payments Canada, who owns and operates LVTS and ACSS, both of which have been designated by the BOC. This requirement, however, is not applicable for designated CSDs/SSSs and CCPs, which are privately-operated. The powers to issue such directives is intended to make the FMI cease and refrain from an action that is likely to result in systemic risk or payment system risk, or to take remedial action within a time frame where such risks are inadequately controlled. If an FMI operator or participant fails to comply with the (i) PCSA; (ii) directive issued by the BOC Governor; or (iii) a binding agreement entered with the BOC under the PCSA, the BOC Governor may apply to a superior court for an order directing the FMI operator or participant to enforce compliance.

16. The current oversight approach can benefit from stronger enforcement powers available to the BOC. Well-functioning FMIs are critical for the BOC to effectively discharge its core functions, including central bank policies on offering settlement accounts, providing credit, accepting eligible collateral in lending policies, maintaining financial stability, managing investments and reserves, and implementing monetary policy. Such interdependency requires effective central bank oversight powers to induce change and enforce corrective actions, if needed, particularly when moral suasion is less effective with the unwillingness to cooperate. Currently, the BOC has no independent enforcement powers to underpin its oversight. The use of directives faces a burden of proof on the potential for systemic or payment system risks and is subject to the right of FMI operators to make prior representations. The burden of proof includes the need to identify specific risks originating from the FMI’s design, ownership and control, or corporate governance; these risks may involve legal risk, credit risk, liquidity risk, general business risk, custody and investment risks, and operational risk. Moreover, approval is required from the Minister of Finance in the case of Payment Canada FMIs.

17. The BOC has sufficient resources to fulfill FMI oversight responsibilities. There are 25 staff assigned to FMI oversight across three divisions, including for payment systems oversight, other market infrastructure oversight, and resolution and crisis preparedness. The function is led by a senior director and has two dedicated research assistants. Recruitment efforts are on-going to staff new hires to help support the BOC’s new mandate as the FMI resolution authority. FMI oversight staff generally have relevant educational and professional backgrounds. Analysts lead the work on oversight files (significant changes, core assurance reviews, modernization projects, review of audit reports) and draw on specialized resources from across the BOC as required (including cyber resiliency, legal, banking operations, financial services, and internal audit).

18. The DOF has no dedicated resources for FMI oversight. FMI oversight activities fall under the responsibility of the BOC. The Minister of Finance is responsible for setting out the policy frameworks for the financial sector, including FMIs. The DOF conducts periodic reviews of legislation governing FMI oversight and makes amendments where necessary. There are multiple teams that are responsible for providing policy advice and analysis on payment systems and other FMIs in Canada.

19. Provincial securities and derivatives legislation provide the legal basis for the relevant securities regulators over CSDs, SSSs and CCPs (Appendix I). Additionally, the CSA’s National Instrument 24–102 on Clearing Agency Requirements provides a uniform rule that all CSA authorities impose on CSDs, SSSs, and CCPs.¹⁸ A Companion Policy 24–102 sets out how the CSA authorities interpret or apply National Instrument 24–102. Other relevant instruments include Local Rules 91–507 and Multilateral Instrument 96–101 on Trade Repositories and Derivatives Data Reporting together with the related Companion Policy.

20. Provincial securities regulators have sufficient resources in terms of staff headcounts and skills to fulfill FMI oversight. At the OSC, 10 staff are assigned to FMI oversight, including legal counsel, clearing specialists, risk specialists, accountants, and systems/IT experts. Similarly, there are 10 AMF staff with FMI oversight responsibilities and expertise in law, accounting, audit, clearing, risk analysis, and IT. For the BCSC, 4 staff are assigned to FMI oversight, including for market oversight, derivatives, and legal services. At the ASC, 4 staff are assigned to FMI oversight.

21. Provincial securities regulators are encouraged to train FMI oversight staff in advanced quantitative skills to support risk assessment. As the PFMI has raised the risk-management bar for all stakeholders, the increased risks brought to bear on the FMIs have increased the level of sophistication needed for proper supervision as the depth of principles and guidelines continue to develop. As such, provincial securities regulators would benefit from the continued evaluation of the skill sets needed to fulfill their mandates. This could be in addition to their participation in various international forums, which help enhance the oversight capacity. Among the current needs identified by certain provincial securities regulators include advanced quantitative skills for evaluating risk modelling. As FMIs adopt new technologies, additional technical skills could also be required to understand the impact on the intermediation function and how to achieve effective supervision.

C Disclosure of Policies with Respect to FMIs

22. The BOC has defined and disclosed policies with respect to FMIs through its guidelines, annual oversight reports, and staff publications. The guideline related to the BOC’s oversight activities under the PCSA was issued in respect of the BOC’s administration or enforcement of the PCSA (latest update on April 2018). The guideline describes BOC powers under the PCSA, the FMI designation process, and the oversight of designated FMIs. The BOC’s Oversight Activities for FMIs Annual Report was published as a standalone document since 2015, providing details on BOC expectations for designated domestic FMIs and BOC oversight activities (BOC oversight activities under the PCSA had also been reported in the BOC Financial System Review since 2006). Furthermore, staff publications including the BOC’s Financial System Review, working papers, and discussions papers also support the BOC’s public communication about its policies with respect to FMIs. Policies have been publicly disclosed to the BOC website.

23. Provincial securities regulators have defined policies with respect to FMIs through legal instruments and supplementary policy guidance. As noted, the CSA’s National Instrument 24–102 on Clearing Agency Requirements and the Related CP provide a uniform rule that all CSA authorities impose on CSDs, SSSs, and CCPs. The CSA has coordinated with the BOC in developing supplementary policy guidance for the Canadian context. Supplementary guidance has been issued for governance, collateral, liquidity risk, general business risk, custody and investment risk, and disclosure of rules, procedures and market data. Policies have been posted to a securities regulator’s website.

24. Canadian authorities are encouraged to clearly define their joint oversight responsibilities with respect to FMIs. While the policies of the BOC and provincial securities regulators are clear with respect to their legal mandates, several areas could be improved. First, authorities could describe through policy statements and relevant supporting materials if their mandate is focused on FMI overall oversight, on-site inspection, or both. If authorities have an interest in both objectives, this could be clearly stated with efforts made to minimize any overlapping responsibilities. Independent or joint inspections, as well as overall assessment, of FMIs could be described. Second, authorities could consider defining the lead authority for each designated domestic FMI, although the co-lead and consensus-based approach is used in practice. The role of the lead authority would seek to facilitate inter-agency coordination and decision-making during a crisis.

25. The BOC and DOF are encouraged to publicly disclose the Payments Advisory Committee (PAC)’s terms of reference. The PAC is a non-statutory body which establishes cooperative arrangements relating to payment systems between the BOC and DOF. The PAC’s terms of reference describe the cooperative framework for information sharing, consultation, coordination, and joint oversight of LVTS and ACSS. The terms of reference were updated in 2017 but is not disclosed.

D. Application of the PFMI

26. The BOC has adopted the PFMI into its risk-management standards for designated systemically important FMIs since 2012.¹⁹ The BOC has also developed risk-management standards for prominent payment systems that are based on the PFMI, which were designed to be proportional to their level of risk. BOC risk-management standards fully incorporate the principles and key considerations contained in the PFMI. The BOC has developed supplementary guidance in coordination with the CSA to provide clarity on certain aspects of the PFMI in the Canadian context and to support implementation of the PFMI. Efforts have been made to describe to the public how the international standards have been adopted in Canada.²⁰ Designated systemic FMIs have been expected to observe all the principles from December 31, 2016.

27. A National Instrument came into force in February 2016 which adopts the PFMI, in full, at the provincial level. As noted, the CSA’s National Instrument 24–102 on Clearing Agency Requirements and the related Companion Policy provide a uniform rule that all CSA authorities impose on CSDs, SSSs, and CCPs.

28. The CPMI/IOSCO Level 2 Implementation Assessment generally confirmed that the PFMIs were implemented in a complete and consistent manner through the implementation measures of the Canadian authorities.²¹

29. Canadian authorities should formally adopt recent international guidance on cyber resiliency and critical service providers (CSPs) that supplement the PFMI into domestic standards. This includes the CPMI/IOSCO Guidance on Cyber Resilience for FMIs issued in June 2016 and the CPMI/IOSCO PFMI Assessment Methodology for the Oversight Expectations Applicable to CSPs issued in December 2014. Authorities could consider making explicit their adoption in the BOC’s Risk Management Standards for Designated FMIs and the CSA’s National Instrument 24–102. Amendments to National Instrument 24–102 (published in October for public consultation) have already been contemplated by provincial securities regulators to include more explicitly an expectation that any additional CPMI guidance (cyber resiliency and oversight expectations, among others) be considered and/or adopted as ancillary in addition to the PFMI.²² Canadian authorities have already applied the guidance in practice and their adoption would enhance transparency and clarity for FMI operators.

30. Canadian authorities are encouraged to apply ratings for domestic designated FMIs. This should improve incentives for FMIs to make necessary changes and enhance transparency. This would also help increase effectiveness of moral suasion and minimize use of enforce corrective action under the PCSA or National Instrument 24–102 (including the terms and conditions in provincial recognition orders). The disclosure of assessment ratings could be considered in the BOC’s Oversight Activities for FMIs Annual Report.²³

E. Cooperation with Other Authorities

31. Where responsibilities over FMIs overlap, the federal and provincial authorities cooperate. Under the PCSA, the BOC is responsible for the designation and regulatory oversight of clearing and settlement systems, with a view to controlling systemic risk. The objectives of the BOC in its oversight role are to ensure that designated FMIs operate in such a manner that risk is properly controlled and to promote efficiency and stability in the Canadian financial system. Under their respective laws and regulations, provincial securities regulators are responsible for protecting investors and ensuring fairness, efficiency and confidence in capital markets.²⁴ Such provincial regulatory regimes cover a wide range of matters, including the recognition, oversight and on-site inspection of FMIs. The decisions on terms and conditions of recognition have the force of law over the recognized entities. Cooperative arrangements at the domestic level include the following:

• BOC-DOF’s terms of reference. The BOC and the DOF have established the PAC to coordinate oversight activities related to payments system. Both carry out their functions based on the terms of reference that establishes a common framework for information sharing, consultation and coordination.

• MOU Respecting the Oversight of Certain Clearing and Settlement Systems.²⁵ The MOU was made between three provincial securities regulators and the BOC, where the protocols for coordination and information sharing are established. The FMIs falling under the MOU include CDSX and CDCS. The MOU also includes a protocol for urgent matters.

• MOU Respecting the Oversight of Clearing Agencies, Trade Repositories and Matching Service Utilities.²⁶ The MOU was entered among the provincial securities regulators and helps coordinate among the CSA jurisdictions for information sharing with the BOC.

32. Canadian authorities are encouraged to consider the PFMI recommendation that at least one authority should take leading responsibility to establish efficient and effective cooperation among all relevant authorities.²⁷ Moreover, at least one authority should ensure that an FMI periodically assessed against the PFMI and should, in developing these assessments, consult with other authorities that oversee the FMI. Given the involvement of multiple authorities in Canada, together with potentially overlapping roles and responsibilities, cooperation among all relevant authorities needs to be effective in normal circumstances. Such cooperation should also be adequately flexible to facilitate effective communication, consultation, or coordination, as appropriate, during periods of market stress, crisis situations, and potential recovery, wind-down, or resolution of an FMI. Recent amendments to the PCSA, for example, has provided clarity on the role of the BOC being the lead authority for FMI resolution. This appears to be less clear for cooperation in other areas.

33. Canadian authorities are finalizing formal arrangements for FMI resolution. A federal committee chaired by the BOC and consisting of senior representation from the Office of the Superintendent of Financial Institutions (OSFI), the Canada Deposit Insurance Corporation (CDIC) and the DOF will be consulted in the case of the resolution of LVTS, CDSX, CDCS, and ACSS. This is to assess the impact of resolution actions on FMI participants or to coordinate the joint resolution of financial institutions and the FMI. The BOC would also consult with the relevant provincial securities regulators (OSC, AMF, BCSC) in the lead up to and during the resolution of CDSX and CDCS. The BOC will share information and consult with the federal committee and any government or regulatory body that has an MOU with the BOC. The BOC, AMF, the BCSC, and the OSC have also nearly finalized an MOU on matters related to the resolution of CDSX and CDCS.

34. Cooperative arrangements at the international level include the following:

• For CLS, the BOC participates in a cooperative oversight arrangement, which is led by the Federal Reserve, with participation from central banks whose currencies are settled in CLS.

• For SwapClear, the BOC, AMF and OSC participate in multilateral arrangements for oversight cooperation led by SwapClear’s lead regulator, the Bank of England. The BOC participates in the oversight college and the crisis management group.

35. Canadian authorities are establishing cooperative arrangements to ensure cyber resiliency for FMIs. The CSA’s Market Disruption and Cybersecurity Coordination Group (MDCCG), published a notice in October 2018 to inform the public about the CSA’s coordination process and protocol to manage a market disruption, including those caused by a large-scale cybersecurity incident.²⁸ The MDCCG has discussed the plan with other regulatory authorities that would have a role in the event of a market-wide disruption.²⁹ With respect to next steps, a CSA working group comprising staff from CSA Oversight Committees will be responsible for periodically reviewing and updating the plan and conducting periodic testing of the plan, as appropriate and necessary. The CSA working group will also continue outreach to other authorities to enhance coordination efforts during market disruption events. The federal government has announced plans to introduce a new critical cyber systems framework that will protect Canada’s critical cyber systems, including in the finance sector. To this end, the federal government intends to propose new legislation and make necessary amendments to existing legislation.

A. Framework for the Comprehensive Management of Risks

36. Canadian FMIs have made public disclosure based on the CPSS/IOSCO Disclosure Framework for FMIs, which has helped identify risks and their management. LVTS’s disclosure was completed in 2015, and a revised report is expected in 2019.³⁰ CDSX’s disclosures were made in 2016 and 2017.³¹ CDCS’s disclosures were also made for 2015 through 2018.³² Canadian authorities have partly based their assessments on such disclosures and have further identified gaps associated with modernization, liquidity risk, and recovery and resolution planning in the risk management framework of FMIs.

37. Canadian FMIs have established enterprise risk management (ERM) frameworks, which have been assessed by the authorities. ERM frameworks are reviewed annually and include the three lines of defense. The ERM identifies key enterprise-wide risks, defines risk appetite, performs the monitoring and assessment of the identified risks, and establishes the governance of risk management. Risks from system interdependency and FMI linkages are included. Risks scenarios have been identified, including cyber incidents, deterioration of critical service offerings, major outages, human resource risks, and reputational risks. Financial recovery plans have been developed based on these scenarios.

38. Potential concentration risk, reputational risk human resource risk and competition risk to Canadian FMIs can be articulated by using key risk indicators. Concentration risk arises from the increasing dependencies on multiple and common CSPs. Reputational risk could be the result of cyber risks, which have heightened at the international level. Human resource risk relates to sudden changes in key staff and the need to develop and retain sufficient skills in areas such as risk modelling and information security. Competition risk could come from the emergence of alternative arrangements for making interbank wholesale payments and securities settlements based on distributed ledger technology (DLT), where entities could be domiciled domestically or internationally.

39. Authorities consider that a stronger framework should be continually reviewed and updated. This would reflect key risks associated with the multi-year initiative to modernize payment systems and ensure appropriate metrics to monitor human resource risks associated with payments modernization. There are also ongoing modernization efforts with the CDSX and CDCS. Additionally, Canadian FMIs are encouraged to incorporate the CPMI/IOSCO analytical framework to examine the potential benefits and risks from using distributed ledger technology in payment, clearing and settlement arrangements as the technology matures and to support decision-making.

B. Liquidity Risk

40. Payments Canada, as the operator of LVTS, is not exposed to liquidity risk, which is borne by LVTS participants. This is associated with their intraday payment flows and end-of-day settlement obligations. While each participant manages its own intraday liquidity, Payments Canada has the capability to perform system-wide liquidity monitoring. This helps ensure that LVTS has sufficient liquidity flowing through the system to prevent potential gridlock, particularly during a stress event. Throughput monitoring is used on a best effort basis. This examines the median values of daily payment flows of each participant on a quarterly basis. Liquidity risk is mitigated in case of a default given that the collateral pool is sufficient to cover the single largest default of a participant. The BOC can provide liquidity against collateral to direct participants of LVTS through its Standing Liquidity Facility (SLF). A broad range of assets are eligible as collateral, including securities issued by the Government of Canada, commercial paper, and others.³³

41. LVTS’s liquidity risk management under market stress scenarios should be analyzed. The move from deferred settlement towards a RTGS environment could increase intraday liquidity risks for FMI participants. Removal of the BOC as the residual guarantee is also expected. The assessment of liquidity risk in the large-value payment system could benefit from the analysis of intraday liquidity risks under market-wide stress scenarios with collateral deterioration. BOC staff and Payments Canada have been earlier involved with modelling and simulation work of payments and other market infrastructures. This also follows more recent efforts by other central banks to assess the resilience of payment networks and their participants under tighter liquidity conditions.³⁴ Past studies also suggest that relatively less liquid securities that have fewer alternative uses are more likely to be pledged for liquidity in the LVTS.³⁵

42. CDSX’s liquidity risk management does not meet the BOC risk management standards, and gaps are being addressed. CDS is exposed to liquidity risks if users of its cash equity CCP service (CNS) or its foreign links (New York Link or DTC Direct Link) were to default on their obligation.³⁶ CDS lines of credit for both the CNS and NYL services are sized based on the estimated liquidity risk exposure at a 97 percent degree of confidence with respect to the estimated distribution of potential liquidity exposures under normal market conditions. Canadian authorities expect improvements in this regard such that qualifying liquidity resources would be estimated at 100 percent confidence under extreme but plausible market conditions. CDS has renegotiated agreements with its lenders to increase the size of existing credit facilities, which could be further increased on demand in the event of insufficient liquidity to cover end-of-day liquidity requirements. CDS has routine access to BOC facilities (BOC settlement account for end-of-day payment exchanges) and has access to central bank liquidity under extraordinary circumstances. CDS does not have access to BOC SLF.

43. CDSX’s liquidity risk management under stress scenarios could be further enhanced. For example, the analysis of liquidity adequacy following a participant default under market stress conditions is encouraged. Recognizing this gap, the authorities have required CDSX to undertake the remedial actions, including: (i) reviewing intraday liquidity risks on a regular basis to account for both intraday changes in participant positions (volume) and price movements; (ii) reviewing and measuring any additional sources of liquidity risk such as foreign exchange and intraday settlement processes; (iii) enhancing stress tests; and (iv) establishing new CNS settlement procedures to address the inability to fully access committed liquidity facilities.

C. Operational Risk and Cyber Resiliency

44. FMI operational incidents are monitored, but the reporting and categorization of severity levels could be coordinated to induce prompt remedial actions. Domestic designated FMIs largely provide details on the level of severity, nature of incident, and duration of disruption, as well as remedial actions. TMX Group FMIs are subject to two separate reporting and notification requirements.³⁷ Incidents can be very different, with the duration of disruptions potentially lasting from several minutes to hours. Severity levels have been used differently across the FMIs, which could create discrepancies.³⁸ One FMI initially distinguished between two severity levels but grouped into one categorization in 2016. The second FMI distinguished between three severity levels and has used this categorization through 2018. The third FMI has no categorization. The heightened levels of cyber risk internationally, together with the expectations for meeting the recovery time objective of two hours and end of day settlement, makes the categorization of severity levels important. In addition to the duration of disruptions, severity levels of cyber risk could be categorized based on the impact on processes, and on the nature of cyber risk that could be related to data breaches, system availability, and confidentiality.

45. FMIs’ CSP assessments could benefit from clearer criteria and assigned ratings. CSP assessments have progressed at different levels. One FMI has clear vendor risk management procedures for CSPs and requires periodic assessments (self-evaluation or an independent audit).³⁹ Other FMIs have recently put in place a CSP oversight policy and a materiality assessment program. CSP identification, however, differ.⁴⁰ One FMI consider critical information technology or telecommunication infrastructures as CSPs, which is largely aligned with the PFMI. Others have included banks as CSPs. To induce remedial action for any issues of concern, a rating of CSPs could be assigned by the FMI operator to each oversight expectation to reflect their gravity and urgency.

46. Cyber resiliency improvements of FMIs are continuing in line with international guidance, while compliance to endpoint security needs to be tightened. FMIs have put in place controls and processes to manage cyber risk with independent assessments made to determine their security posture. FMIs and some of their participants have participated in the Joint Operational Resilience Management exercises. This included the simulated failure of a Canadian FMI. To meet the common expectations in ensuring cyber resilience, FMIs should monitor the compliance of participants with the mandatory controls of the Society for Worldwide Interbank Financial Telecommunication (SWIFT) Customer Security Program and ensure that self-attestations are audited.⁴¹

D. Recovery and Resolution

47. FMIs have developed and tested recovery plans, which could be enhanced in the areas of stress scenarios and recovery tools. For TMX FMIs, the first annual test of recovery plans pointed to opportunities for improvements. For risk scenarios, clarification on the trigger for recovery in non-default scenarios could be considered in addition to scenarios such as system failures and physical securities losses. For recovery tools, there was a need for guidelines to prioritize the use of financial recovery funds and set up a pre-emptive communication plan to request for approval at the Board level on the use of such funds.

48. FMIs are subject to the new resolution regime, which is now in force. The main policy objectives are to maintain the critical services of a designated FMI, to promote financial stability, and to minimize potential losses of public funds. Canadian authorities recently put in place a resolution regime for FMIs.⁴² The scope covers four domestic designated FMIs, including LVTS, CDSX, CDCS, and ACSS. Under the PCSA amendments, the BOC is required to develop resolution plans for all domestic designated FMIs. In developing the resolution plans, the BOC will consult with any government or regulatory body that has entered into an agreement or arrangement with the BOC.

49. The BOC’s use of resolution powers for FMIs established by or under a statute could benefit from greater transparency and clarification through the BOC Guideline. The affairs of Payments Canada, which owns and operates LVTS, may only be wound up by Parliament as it is a statutory corporation created by an Act of Parliament. Payments Canada is not considered a crown corporation or central bank; therefore, LVTS is not a central bank FMI.⁴³ The FMI resolution regime was designed to consider the distinct features of Payments Canada as a statutory corporation. Specific provisions apply only to Payments Canada and the FMIs it operates. Under the PCSA amendments, the BOC Governor has the power to enter an FMI into resolution and subsequently issue a resolution order to take control of the FMI through vesting or receivership. Neither of these actions require the approval of the Minister of Finance for any FMI. However, for Payments Canada FMIs, the BOC Governor can only issue a receivership order since there are no shares that could be vested in the BOC. The BOC plans to publish guidance to clarify that certain resolution powers could not be applied to Payments Canada because it is a statutory corporation. For example, this would include clarification that the Governor could not apply a vesting order to Payments Canada because it does not issue shares.

50. FMI resolutions require the approval of the Minister of Finance for actions on using government funds and developing a plan for exit from resolution. The latter would include the BOC’s proposed exit strategy which, for Payments Canada FMIs, could not contemplate a sale of the FMI. For all resolution actions, there would be close consultation and coordination among members of the federal committee, including the DOF, and the federal-provincial committee. As Payments Canada is a statutory corporation, legislative amendments may be required to implement an exit strategy, which would need to be passed by Parliament.

A. Payments and Market Infrastructures

51. The Canadian government plans to propose legislation to implement the new oversight framework for retail payment.⁴⁴ The motivation has been to strengthen the oversight of non-traditional retail payment service providers, which are not currently subject to a comprehensive oversight framework. This has also been driven by changes in the financial sector landscape, including fintech developments. In developing the new framework, the DOF benefits from input received from consultations concluded in October 2017, and discussions at FinPay which is chaired by the DOF and has a broad membership of stakeholders from both public and private sectors. The new retail payments oversight framework will leverage the mandate and expertise of the BOC, and would implement financial, operational-risk management and registration measures.

52. The DOF is reviewing the merits of open banking. Consultations were concluded in February 2019.⁴⁵ Open banking is a framework where consumers and businesses can authorize third-party financial service providers (which could be fintech firms that provide data sharing and payment initiation services) to access their financial transaction data using secure online channels. The review has balanced both potential benefits in enhancing efficiency in the financial sector and risks associated with consumer protection, privacy, cyber security, and the safety and soundness of the financial sector. Canadian authorities are of the view that should the government proceed with open banking, appropriate staging and alignment with payments modernization would need to be undertaken.

53. The BOC has been proactive in fintech research to assess their impact on the financial system and central bank core functions. BOC staff produce research work independently and could have views that differ from the official views of the BOC’s Governing Council. A cross-departmental Fintech Working Group shares and coordinates work. Research has focused on examining the potential implications from fintech, which could impact the BOC’s four areas of responsibilities, including monetary policy, the financial system, currency, and funds management. Over 40 research papers related to fintech have been published since 1996, including 13 papers that were completed in 2018 (Appendix II). The topics have largely covered electronic money, private digital currency, cash usage, retail payments, and central bank digital currencies.

54. The BOC has used international standards to examine the potential benefits and risks for payments and securities settlement systems using DLT. Project Jasper Phases 1 and 2 focused on experimentations with wholesale interbank payments that examined credit and liquidity risks, settlement finality, and operational risks (including resiliency and scalability) relative to the PFMI.⁴⁶ Phase 3 included collaboration with Payments Canada and TMX Group to examine delivery versus payment for securities settlements using central bank money and DLT.⁴⁷ Phase 4 explored cross-border payments, which included a model of funds transfers operating on two different platforms between Canada and Singapore.⁴⁸ For Phases 3 and 4, the implicit understanding was that any eventual DLT-based payment and securities settlement system would be required to be in compliance with the PFMI.

B. Crypto-Assets

55. Canadian authorities have monitored developments in crypto-assets with the aim of developing a consistent and clear domestic regulatory framework. A Heads of Agencies Crypto-Asset Working Group, chaired by the BOC, was established to coordinate these efforts.⁴⁹ The working group has been tasked to assess regulatory gaps, identify inconsistencies across provinces make recommendations on how crypto assets should be classified (as currencies, commodities, or securities), and monitor follow-up actions to address gaps. Focus has been on investor/consumer protection, market integrity, and financial integrity.

56. Federal and provincial authorities share authority over crypto-assets depending on characteristics of each crypto-asset. The BOC is not responsible for regulating crypto-products, but has a mandate for monetary policy, currency issuance, and financial stability issues. The provincial securities regulators (which work together under the CSA’s umbrella) monitor crypto-assets that are securities and derivatives under applicable provincial legislation, and work with Canadian and international regulators on investigation and enforcement strategies for crypto-assets. The CSA has also taken measures to protect investors and prevent illegal crypto-asset offerings, including raising public awareness of and providing education regarding to crypto-asset offerings. AMF has been monitoring crypto-asset internally through its crypto-currencies and payment services work stream within its Fintech Working Group. The DOF, as the policy lead for the anti-money laundering and countering the financing for terrorism (AML/CFT) regime, has been monitoring this issue. The BOC also monitors crypto-assets internally and by collaborating internationally through the FSB, G20, and G7. Work with the FSB has considered the wider use of crypto-assets in payments and settlements. The main conclusions of this international work suggest that crypto-assets lack the key attributes of sovereign currencies and do not serve as a common means of payments, a stable storage of value, or a mainstream unit of accounts. Also, crypto-assets do not pose a material risk to global financial stability, but vigilant monitoring is needed.⁵⁰ Canadian authorities also consider this conclusion applicable for Canada.

57. There is no explicit legislation or regulation governing crypto-assets in Canada. Canadian authorities are of the view like many international regulators that the structure of most crypto-asset offerings involve securities or derivatives, while there is less clarity for payment tokens and utility tokens. To mitigate inherent money laundering and terrorist financing risks, the DOF has proposed AML/CFT regulations for virtual assets service providers that provide exchange or value transfer services. There are ongoing efforts to tailor the securities regulatory framework for regulating crypto-asset trading platforms and dealers who trade crypto-assets that are securities or derivatives. Canadian authorities are studying how crypto-assets are regulated in other jurisdictions (for example, the United States and various jurisdictions in Asia and Europe). The CSA has issued a news release to remind investors of inherent risks associated with crypto-asset futures contracts, as well as an investor alert urging caution for Canadians investing with crypto-asset trading platforms and various notices providing guidance on crypto-asset offerings.⁵¹ The CSA has also published a draft framework for regulating crypto-asset trading platforms.⁵²

58. The CSA Regulatory Sandbox was set up to support financial technology innovation and market efficiency and to protect investors and consumers. As of March 31, 2018, the CSA Regulatory Sandbox evaluated a total of 25 applications submitted by fintech businesses, provided exemptive relief orders for two initial coin offerings (ICOs), and registered or amended registrations for five firms managing private crypto-asset investment funds. The CSA has published two staff notices to provide guidance to the industry and professional advisors on instances where securities laws apply to ICOs/Initial Token Offerings, including:

• CSA Staff Notice 46–307 on Cryptocurrency Offerings.⁵³ This notice addresses the following: (i) responding to requests from fintech businesses for guidance on the applicability of securities laws to crypto-asset offerings and what CSA staff will consider when assessing whether an ICO involves a distribution of securities; (ii) discussing what steps fintech businesses can take if they are raising capital through ICOs, so that they comply with securities laws; (iii) highlighting issues that fintech businesses looking to establish crypto-asset investment funds should be prepared to discuss with CSA staff; (iv) discussing how the use of crypto-asset trading platforms (or exchanges) may impact CSA staff’s review of ICOs and crypto-asset investment funds; and (iv) explaining how the CSA Regulatory Sandbox can help fintech businesses with crypto-asset offerings comply with securities laws through a flexible process.

• CSA Staff Notice 46–308 on Securities Law Implications for Offerings of Tokens.⁵⁴ This notice provides guidance on whether an offering of tokens may or may not involve an offering of securities, particularly offerings of (i) “utility” tokens and (ii) tokens that are structured in multiple steps.

59. There are currently no crypto-asset trading platforms recognized as an exchange or otherwise authorized to operate as a marketplace or dealer in Canada. Within the CSA Regulatory Sandbox, discussions with several crypto-asset trading platforms are ongoing as they are seeking guidance on the requirements that apply to them. The CSA and the Investment Industry Regulatory Organization of Canada (IIROC) jointly published a consultation paper seeking input from the fintech community, market participants, investors and other stakeholders on how regulatory requirements should be tailored for crypto-asset trading platforms operating in Canada.⁵⁵ The consultation seeks feedback on a number of areas that assess key risks and investor protection issues that arise in the context of such platforms, including: (i) protection of client assets (custody and verification of assets); (ii) price discovery and transparency; (iii) surveillance of trading activities; (iv) systems’ resiliency and security (including cybersecurity and business continuity planning); (v) conflicts of interest (including proprietary trading by platforms); (vi) insurance; and (vii) clearing and settlement.

60. Canadian authorities are not aware of financial institutions undertaking payments using cryptocurrencies in Canada. Crypto automated teller machines are available in Canada. AMF is responsible for all non-bank owned ATMs in Québec.