National Environmental Management Act, 1998 (107 of 1998)
R 385
Financial Markets Act, 2012 (Act No. 19 of 2012)RegulationsFinancial Markets Act RegulationsChapter VI : Central Counterparties15. Outsourcing |
| (1) | Where a licensed central counterparty outsources operational functions, services or activities in accordance with section 68 of the Act, including to an associate or affiliate of the central counterparty, it remains fully responsible for discharging all of its obligations under the Act and these Regulations and must— |
| (a) | establish, implement, maintain and enforce written policies and procedures for the selection of service providers to which key services and systems may be outsourced and for the evaluation and approval of those outsourcing arrangements; |
| (b) | enter into a contract with the service provider that is appropriate for the materiality and nature of the outsourced activities and that provides for adequate termination procedures; |
| (c) | ensure that nothing contained in the service agreement with the provider, nor any obligations in terms thereof, will result in non-compliance by the central counterparty of these or any other Regulations and legislation; |
| (d) | ensure that the central counterparty has direct access to the relevant information of the outsourced functions; |
| (e) | ensure that the Authority has the same access to all data, information and systems maintained by the service provider on behalf of the central counterparty that it would have absent the outsourcing arrangements; |
| (f) | ensure that all persons conducting audits or independent reviews of the central counterparty under these Regulations have appropriate access to all data, information and systems maintained by the service provider on behalf of the central counterparty that such persons would have absent the outsourcing arrangements; |
| (g) | establish, implement, maintain and enforce written policies and procedures to regularly review the performance of the service provider under the outsourcing arrangements; |
| (h) | identify and provide a written report to the controlling body of any conflicts of interest that may arise between the central counterparty and the service provider to which key services and systems are outsourced, |
| (i) | establish, implement, maintain and enforce written policies and procedures as approved by the controlling body to mitigate and manage those conflicts of interest; |
| (j) | ensure that the relationship and obligations of the central counterparty towards its clearing members or, where relevant, towards their clients are not altered; |
| (k) | ensure that the conditions for licensing of the central counterparty do not effectively change; |
| (l) | ensure that outsourcing does not prevent the exercise of supervisory and oversight functions, including on-site access to acquire any relevant information needed to fulfil those mandates; |
| (m) | ensure that outsourcing does not result in depriving the central counterparty from the necessary systems and controls to manage the risks it faces; |
| (n) | ensure that the service provider implements equivalent business continuity requirements to those that the central counterparty must fulfil under these Regulations; |
| (o) | ensure the central counterparty retains the necessary expertise and resources to evaluate the quality of the services provided and the organisational and capital adequacy of the service provider; |
| (p) | ensure that the central counterparty retains the necessary expertise and resources to supervise the outsourced functions effectively and manage the risks associated with the outsourcing and supervises those functions and manages those risks on an on-going basis; |
| (q) | ensure that the service provider protects any confidential information relating to the central counterparty and its clearing members and their clients or, where that service provider is established in a country other than the Republic, ensures that the data protection standards of that country, or those set out in the agreement between the parties concerned, are comparable to the data protection standards in effect in the Republic; and |
| (r) | inform the Authority in writing of the extent of outsourcing and that the conditions mentioned in (a) to (q) will be adhered to. |
| (2) | A licensed central counterparty may not outsource significant activities linked to risk management unless such outsourcing is approved by the Authority. |
| (3) | A licensed central counterparty must submit a copy of the written outsourcing agreement which clearly reflects the rights and obligations of the central counterparty and the service provider to the Authority. |
| (4) | A licensed central counterparty must make all information necessary available to the Authority, upon request, to enable the Authority to assess the compliance of the performance of the outsourced activities with these Regulations. |
