Self-Regulatory Organizations; ICE Clear Europe Limited; Order Approving Proposed Rule Change Relating to Amendments to the ICE Clear Europe Operational Risk Management Policy and Risk Identification Framework

Issuing agencies

Full Text

<html>
<head>
<title>Federal Register, Volume 87 Issue 107 (Friday, June 3, 2022)</title>
</head>
<body><pre>
[Federal Register Volume 87, Number 107 (Friday, June 3, 2022)]
[Notices]
[Pages 33858-33862]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2022-11879]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

[Release No. 34-95004; File No. SR-ICEEU-2022-008]


Self-Regulatory Organizations; ICE Clear Europe Limited; Order 
Approving Proposed Rule Change Relating to Amendments to the ICE Clear 
Europe Operational Risk Management Policy and Risk Identification 
Framework

May 27, 2022.

I. Introduction

    On March 31, 2022, ICE Clear Europe Limited (``ICE Clear Europe'') 
filed with the Securities and Exchange Commission (``Commission''), 
pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934 
(the ``Act'') \1\ and Rule 19b-4 thereunder,\2\ a proposed rule change 
to amend its Operational Risk Management Policy (the ``ORMP'') and add 
to ICE Clear Europe's rule framework the Risk Identification Framework 
(the ``RIF''). The proposed rule change was published for comment in 
the Federal Register on April 14, 2022.\3\ The Commission did not 
receive comments regarding the proposed rule change. For the reasons 
discussed below, the Commission is approving the proposed rule change.
---------------------------------------------------------------------------

    \1\ 15 U.S.C. 78s(b)(1).
    \2\ 17 CFR 240.19b-4.
    \3\ Self-Regulatory Organizations; ICE Clear Europe Limited; 
Notice of Filing of Proposed Rule Change Relating to Amendments to 
the ICE Clear Europe Operational Risk Management Policy and Risk 
Identification Framework, Exchange Act Release No. 34-94649 (Apr. 8, 
2022); 87 FR 22273 (Apr. 14, 2022) (SR-ICEEU-2022-008) (``Notice'').
---------------------------------------------------------------------------

II. Description of the Proposed Rule Change

i. ORMP

    The current ORMP describes ICE Clear Europe's process for 
identifying, assessing, managing, monitoring, and reporting operational 
risks and requires that ICE Clear Europe assess its operational risks 
at least annually.\4\ The proposed rule change would maintain the 
overall process as found in the current ORMP but revise the description 
of the specific steps that makeup the overall process--generally by 
incorporating into the ORMP additional detail regarding current 
practices relating to those steps--and modify certain aspects of some 
of those steps.
---------------------------------------------------------------------------

    \4\ This description is substantially excerpted from the Notice, 
87 FR 22273. Capitalized terms not otherwise defined herein have the 
meanings assigned to them in the ORMP, the RIF, or ICE Clear 
Europe's Rules, as applicable.
---------------------------------------------------------------------------

    First, the proposed rule change would explicitly incorporate into 
the ORMP ICE Clear Europe's Enterprise Risk Register, which ICE Clear 
Europe also refers to as the Risk Register Dashboard (referred to 
herein as the ``Risk Dashboard''). Currently, once ICE Clear Europe 
identifies operational risks pursuant to the existing ORMP, it 
documents those risks in the Risk Dashboard. The Risk Dashboard 
therefore serves as an inventory of the specific operational risks that 
ICE Clear Europe has identified as part of its existing risk 
identification process under the ORMP. The Risk Dashboard also includes 
information about, among other things, the ICE Clear Europe department 
that owns the risk (the ``Risk Owner''), the level of inherent risk, 
and the overall rating for the control that mitigates each risk. 
However, while the Risk Dashboard currently is used as part of ICE 
Clear Europe's risk identification process under the ORMP, it is not 
actually referenced in the ORMP. The proposed rule change would 
formally incorporate the Risk Dashboard into the ORMP and include it as 
an appendix to the ORMP. The proposed rule change also would add to the 
ORMP a description of the process for reviewing and updating the Risk 
Register as part of ICE Clear Europe's existing annual assessment of 
its operational risks, thereby formalizing that process as a 
requirement under the ORMP.
    The current ORMP requires that Risk Owners complete the risk 
identification process at least once a year and specifies that this 
process shall not only allow the

[[Page 33859]]

identification of new risks but also the discontinuation of those that 
no longer exist. It also specifies that if risks emerge or cease to 
exist in between the annual reviews, ad hoc assessments shall be 
triggered, which necessarily implies that risks must be identified more 
frequently than annually as needed to determine whether risks emerge or 
cease to exist in between annual reviews. The revised ORMP would 
continue to require that Risk Owners complete the risk identification 
process at least once a year, but explicitly require that the risk 
identification process be completed more frequently than annually as 
needed to reflect material risk changes, such as operational risk 
incidents. The revised ORMP also would explicitly acknowledge that this 
process would allow ICE Clear Europe to identify new risks and 
discontinue documenting risks that no longer exist.
    With respect to the assessment of risks, the current ORMP requires 
that Risk Owners measure the potential impact of identified risks and 
categorize this potential impact by severity and likelihood. Risk 
Owners also consider the effect of controls on reducing the potential 
impact of identified risks. The risk remaining after considering the 
reduction caused by a control is the residual risk. The current ORMP 
treats residual risk as an assessment of the effectiveness of a control 
in reducing the potential impact of a risk. The revised ORMP would 
maintain the same general framework for risk assessment as currently 
used, but would provide additional detail with respect to controls and 
the assessment of their effectiveness. Under the current ORMP, Risk 
Owners musts assess risks on a controlled and uncontrolled basis and 
must consider whether existing control mechanisms should be enhanced, 
substituted, or abandoned. ICE Clear Europe proposes to continue 
requiring such assessments, but to elaborate on the process by focusing 
discussion in the ORMP on inherent risk versus residual risk. Under the 
revised ORMP, Risk Owners would consider each risk on an inherent basis 
(without taking into account the reduction caused by mitigating 
controls) and on a residual basis (taking into account the reduction 
caused by mitigating controls). Risk Owners would rate each inherent 
and residual risk on a five-point scale--very low, low, medium, high, 
or very high. As part of this process, Risk Owners also would rate the 
mitigation that each control is expected to provide as high/medium/low 
and the effectiveness of each control as satisfactory/needs 
improvement/unsatisfactory. Risk Owners would derive the effectiveness 
of a control from a number of measures, such as control testing, 
metrics, and governance. The revised ORMP would require Risk Owners to 
perform the risk assessment and related control assessment at least 
once a year or more frequently as needed to reflect material risk 
changes, such as operational risk incidents.
    The current ORMP makes Risk Owners responsible for proposing and 
implementing remedial actions to manage risks, subject to the approval 
of the Executive Risk Committee. Further, the type of remedial action 
depends on the potential expected impact of the operational risk and is 
implemented following the risk assessments or control assessments. The 
revised ORMP would similarly require Risk Owners to propose and 
implement remedial actions, but they also would be required to take 
into account the expected impact of mitigating controls and further 
remediating actions would be explicitly required for any residual risks 
assessed as high or very high. In addition, rather than being subject 
solely to the approval of the Executive Risk Committee, the revised 
ORMP would require any proposed remedial actions to be immediately 
escalated to Senior Management and applicable Risk Committees or the 
ICE Clear Europe Board.
    The monitoring of risks under the revised ORMP would be generally 
the same as under the current ORMP. The current ORMP requires that Risk 
Owners and the Risk Oversight Department continuously monitor risks, 
including daily monitoring through the use of certain indicators. The 
revised ORMP similarly would require that Risk Owners and the Risk 
Oversight Department continuously monitor risks, but would specify that 
such monitoring should be ongoing monitoring (not just daily), in order 
to clarify that monitoring should be continuous and not just once a 
day. This particular change could be beneficial if, for example, under 
the current daily monitoring ICE Clear Europe conducts monitoring at a 
single specific time during the day and the risk emerges after that 
time. Moreover, the current ORMP requires that the Risk Oversight 
Department monitor risks daily through the Risk Appetite Metrics and 
the Management Thresholds. The revised ORMP would likewise require the 
Risk Oversight Department to conduct such monitoring, but it would 
specify that the monitoring would be either daily or monthly given that 
some metrics and thresholds are considered monthly and others are 
considered daily. ICE Clear Europe calculates some existing risk 
metrics on a monthly basis, so specifying monthly monitoring here would 
take into account these metrics while maintaining daily monitoring for 
the existing daily metrics.
    The current ORMP requires assessments and operational incidents to 
be reported to senior management, the Audit Committee, and the Board 
Risk Committee, and further provides that the Board Risk Committee and 
Board shall be informed of material incidents. The review and 
assessment of operational incidents is part of ICE Clear Europe's 
second line risk function, therefore the revised ORMP would require 
that assessments and operational incidents be reported to senior 
management and the Board Risk Committee, but it would replace the Audit 
Committee, which is part of ICE Clear Europe's third line of risk 
defense with the Executive Risk Committee, which is part of its second 
line of defense, thereby aligning the risk function with its 
appropriate line of defense. The Commission further notes that given at 
least one member of the Audit Committee is also a member of the Board 
Risk Committee, this member could share information related to 
operational risk with the Audit Committee as needed.\5\
---------------------------------------------------------------------------

    \5\ See ICE Clear Europe Limited, Compliance with Principles for 
Financial Market Infrastructures Disclosure Framework, available at 
<a href="https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf">https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf</a>.
---------------------------------------------------------------------------

    The requirement that the Board Risk Committee and Board be informed 
of material incidents would not change. The current ORMP also specifies 
that the Product Risk Committees and the Executive Risk Committees will 
receive information related to operational risk. The revised ORMP would 
require that the Risk Oversight Department report operational risks 
daily and monthly to senior management and the Executive Risk 
Committee. Thus, the revised ORMP would specify that the Risk Oversight 
Department would report this information, and would not include any 
role for Product Risk Committees. The Commission notes that although 
the revised ORMP would remove the Product Risk Committees, the CDS 
Product Risk Committee includes as a member either the ICE Clear Europe 
President or the Head of First Line Clearing Risk, and that the 
President and the Head of First Line Clearing Risk are both voting 
members of the Executive Risk Committee. Given that, the Commission 
believes that the President or Head of First Line Clearing Risk could 
share information related to

[[Page 33860]]

operational risk with the CDS Product Risk Committee as needed.\6\
---------------------------------------------------------------------------

    \6\ See ICE Clear Europe Limited, Compliance with Principles for 
Financial Market Infrastructures Disclosure Framework, available at 
<a href="https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf">https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf</a>.
---------------------------------------------------------------------------

    The revised ORMP would require that the Executive Risk Committee 
approve changes in the Risk Dashboard at each monthly meeting and 
report those changes to Board Risk Committee and Board. Although the 
proposed rule change would add this language to the ORMP (it is not 
stated in the current ORMP), this requirement is currently found in the 
Risk Identification Framework, as discussed below.
    With respect to the oversight of the ORMP itself, currently the 
policy provides that it is subject to the oversight of the Audit 
Committee and Risk Oversight Department. The proposed rule change would 
remove the Audit Committee, such that the revised ORMP would only be 
subject to the oversight of the Risk Oversight Department, thereby 
aligning the risk function with its appropriate line of defense, as 
discussed above.
    Finally, the proposed rule change would correct typographical 
errors throughout the ORMP. The proposed rule change also would update 
the appendices to the ORMP by adding descriptive titles to the 
appendices. For example, the proposed rule change would specify that 
Appendix A is the Risk Dashboard. The proposed rule change also would 
explain the numerical scores attached to the assessment guidelines in 
Appendix C.

ii. Risk Identification Framework

    ICE Clear Europe has had its current Risk Identification Framework 
in place since 2016 but has not yet adopted it through the Commission's 
proposed rule change process. The proposed rule change would formally 
adopt the RIF as a Rule of ICE Clear Europe without change to the 
current document.
    As described in Section 1, the RIF provides ICE Clear Europe's 
Board with a structure to explore, identify, and monitor risks as well 
as ensure that risk tolerance is articulated and documented. It does 
this by providing a description of the components of ICE Clear Europe's 
operational risk management process.
    Section 2 of the RIF describes four components of this structure: 
the risk taxonomy, the Risk Dashboard, risk assessment, and emerging 
risk assessment. The Risk Taxonomy, which is a single universal risk 
structure, terminology, and hierarchy, is incorporated into the Risk 
Dashboard, which, as noted above, inventories ICE Clear Europe's risks 
and assigns an owner for each risk. The RIF requires that the 
Enterprise Risk Committee approve changes to the Risk Dashboard monthly 
and report them to the Board Risk Committee. With respect to the risk 
assessment, the RIF refers to the details provided in the ORMP, as 
described above. Finally, with the respect to the emerging risk 
assessment, the RIF also describes how ICE Clear Europe assesses 
emerging risks, which are potential, undefined, or unfamiliar one-off 
risk events that may have a detrimental impact on ICE Clear Europe. ICE 
Clear Europe does so through a special emerging risk assessment and a 
register of emerging risk, which is presented to the Board and certain 
board committees.
    Section 3 of the RIF describes the documentation ownership and 
governance processes in respect of the RIF itself. The Chief Risk 
Officer owns the RIF, and the Executive Risk Committee and Board must 
approve any material changes. The Executive Risk Committee and Board 
review the Risk Identification Framework annually.
    Finally, the RIF contains appendices like those found in the ORMP, 
including the Risk Dashboard and impact assessment guidelines.

III. Discussion and Commission Findings

    Section 19(b)(2)(C) of the Act directs the Commission to approve a 
proposed rule change of a self-regulatory organization if it finds that 
such proposed rule change is consistent with the requirements of the 
Act and the rules and regulations thereunder applicable to such 
organization.\7\ For the reasons discussed below, the Commission finds 
that the proposed rule change is consistent with Section 17A(b)(3)(F) 
of the Act \8\ and Rules 17Ad-22(e)(2)(v) and 17Ad-22(e)(17) 
thereunder.\9\
---------------------------------------------------------------------------

    \7\ 15 U.S.C. 78s(b)(2)(C).
    \8\ 15 U.S.C. 78q-1(b)(3)(F).
    \9\ 17 CFR 240.17Ad-22(e)(2)(v) and (e)(17).
---------------------------------------------------------------------------

i. Consistency With Section 17A(b)(3)(F) of the Act

    Section 17A(b)(3)(F) of the Act requires, among other things, that 
the rules of ICE Clear Europe be designed to promote the prompt and 
accurate clearance and settlement of securities transactions and, to 
the extent applicable, derivative agreements, contracts, and 
transactions.\10\ Based on its review of the record, and for the 
reasons discussed below, the Commission believes the proposed changes 
to the ORMP and the formalization of the RIF are consistent with the 
promotion of the prompt and accurate clearance and settlement of 
securities transactions.
---------------------------------------------------------------------------

    \10\ 15 U.S.C. 78q-1(b)(3)(F).
---------------------------------------------------------------------------

    The Commission believes that the proposed rule change would improve 
ICE Clear Europe's process for identifying, assessing, managing, 
monitoring, and reporting operational risks. It would do so, for 
example, by revising the description of the risk identification process 
in the ORMP to include the Risk Dashboard and by including the Risk 
Dashboard itself as an appendix to the ORMP and to the RIF. Because the 
Risk Dashboard documents all of ICE Clear Europe's identified 
operational risks, the Commission believes that adding Risk Dashboard 
as appendix to the ORMP and RIF would help to ensure that Risk Owners 
focus on identifying new, undocumented operational risks by delineating 
ICE Clear Europe's existing, known risks.
    Similarly, the Commission believes that the revisions to the ORMP 
could improve ICE Clear Europe's overall ability to assess the 
potential impact of operational risks. For example, the requirement 
that Risk Owners consider and rate each risk on an inherent and a 
residual basis should help identify the impact of a risk with and 
without a mitigating control. The Commission believes such an 
assessment could highlight the impact that could result from the 
failure of a mitigating control. This assessment in turn could inform 
Risk Owners' ratings of the effectiveness of mitigating controls and 
efforts to improve ineffective controls. Overall, the Commission 
believes that the focus on mitigating controls and their effectiveness 
would help to ensure that ICE Clear Europe maintains controls that are 
effective at mitigating operational risk. Finally, requiring Risk 
Owners to perform the risk assessment and related control assessment at 
least once a year or more frequently as needed to reflect material risk 
changes, instead of ad hoc assessments if risks emerge or cease to 
exist in-between the annual reviews, should help to ensure that ICE 
Clear Europe timely identifies any issues with respect to the 
effectiveness of its controls.
    The Commission further believes that revising the ORMP to focus on 
the management of residual risks would improve ICE Clear Europe's 
ability to manage its operational risks. Because ICE Clear Europe has 
controls in place to mitigate the potential impact of its operational 
risks, the Commission considers it appropriate to focus ICE Clear 
Europe's efforts on maintaining

[[Page 33861]]

the effectiveness of those controls (as discussed above) and the 
management of the residual risk remaining after accounting for the 
mitigating controls. The Commission believes that requiring remediating 
actions for any residual risks assessed as high or very high should 
help to ensure that ICE Clear Europe manages those residual risks that 
have a significant impact on ICE Clear Europe's operations. The 
Commission further believes that requiring that any proposed remedial 
actions be escalated to Senior Management and applicable Risk 
Committees or the ICE Clear Europe Board, as opposed to just being 
approved by the Executive Risk Committee, would help to ensure that 
appropriate ICE Clear Europe personnel, including Board-level 
committees, are informed and involved in the management of residual 
risks.
    Finally, the Commission believes that the proposed monitoring and 
reporting of risks under the revised ORMP would help to ensure that ICE 
Clear Europe appropriately monitors its operational risks. For example, 
requiring ongoing monitoring (not just daily) should help to ensure 
that such monitoring is conducted on an ongoing basis, and not just 
once a day. As discussed above, this particular change could be 
beneficial if, for example, under the current daily monitoring ICE 
Clear Europe conducts monitoring at a single specific time during the 
day and the risk emerges after that time.
    Similarly, requiring monitoring daily or monthly (not just daily) 
through the Risk Appetite Metrics and the Management Thresholds should 
help to ensure the inclusion of those metrics and thresholds that are 
only considered monthly. As discussed above, ICE Clear Europe 
calculates some existing risk metrics on a monthly basis, so specifying 
monthly monitoring would take into account these metrics while 
maintaining daily monitoring for the existing daily metrics. The 
Commission believes this change would make the ORMP more specific in 
this regard, thereby making its application by ICE Clear Europe more 
consistent and clear.
    As discussed above, the current ORMP requires assessments and 
operational incidents to be reported to senior management, the Audit 
Committee, and the Board Risk Committee, and further provides that the 
Board Risk Committee and Board shall be informed of material incidents. 
The revised ORMP similarly would require regular reporting to senior 
management, the Board Risk Committee, and the Executive Risk Committee. 
The Commission believes that such reporting should help to ensure that 
appropriate decision-makers are involved in management of operational 
risk and able to respond as need to any incidents involving operational 
risk.
    As discussed above, the RIF helps to provide ICE Clear Europe's 
Board with information on ICE Clear Europe's operational risk 
management process. The Commission believes that codifying the RIF as 
part of ICE Clear Europe's rule requirements should help to ensure that 
the Board has a permanent framework for providing input on the 
operational risk management process. The Commission believes that the 
Board's input could, in turn, improve ICE Clear Europe's operational 
risk management. For example, given the experience of Board members and 
their vantage point overseeing all of ICE Clear Europe, Board members 
may be able to offer improvements to mitigating controls.
    For these reasons, the Commission believes the proposed rule change 
would improve the ORMP and the RIF. As discussed above, ICE Clear 
Europe uses the ORMP and the RIF to manage its operational risk. The 
Commission therefore believes that these improvements to the ORMP and 
the RIF should in turn improve ICE Clear Europe's overall management of 
its operational risks. Improved management of operational risks should, 
in turn, decrease the likelihood that operational incidents disrupt ICE 
Clear Europe's ability to promptly and accurately clear and settle 
securities transactions. The Commission believes therefore the proposed 
rule change should enhance ICE Clear Europe's ability to promptly and 
accurately clear and settle securities transactions, consistent with 
Section 17A(b)(3)(F) of the Act.\11\
---------------------------------------------------------------------------

    \11\ 15 U.S.C. 78q-1(b)(3)(F).
---------------------------------------------------------------------------

ii. Consistency With Rule 17Ad-22(e)(2)(v)

    Rule 17Ad-22(e)(2)(v) requires that ICE Clear Europe establish, 
implement, maintain and enforce written policies and procedures 
reasonably designed to provide for governance arrangements that, among 
other things, specify clear and direct lines of responsibility.\12\
---------------------------------------------------------------------------

    \12\ 17 CFR 240.17Ad-22(e)(2)(v).
---------------------------------------------------------------------------

    As discussed above, the current ORMP requires assessments and 
operational incidents to be reported to senior management, the Audit 
Committee, and the Board Risk Committee, and further provides that the 
Board Risk Committee and Board shall be informed of material incidents. 
The revised ORMP would require that assessments and operational 
incidents be reported to senior management and the Board Risk 
Committee, but it would replace the Audit Committee with the Executive 
Risk Committee. The requirement that the Board Risk Committee and Board 
be informed of material incidents would not change. The Commission 
believes replacing the Audit Committee with the Executive Risk 
Committee would specify a clear and direct line of responsibility for 
the Executive Risk Committee. The Commission further notes that 
although the revised ORMP would remove the Audit Committee, given that 
at least one member of the Audit Committee is also a member of the 
Board Risk Committee, the Commission believes that this member could 
share information related to operational risk with the Audit Committee 
as needed.\13\
---------------------------------------------------------------------------

    \13\ See ICE Clear Europe Limited, Compliance with Principles 
for Financial Market Infrastructures Disclosure Framework, available 
at <a href="https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf">https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf</a>.
---------------------------------------------------------------------------

    Moreover, as discussed above, the current ORMP also specifies that 
the Product Risk Committees and the Executive Risk Committees will 
receive information related to operational risk. The revised ORMP would 
require that the Risk Oversight Department report operational risks 
daily and monthly to senior management and the Executive Risk 
Committee. Thus, the revised ORMP would specify that the Risk Oversight 
Department would report this information, and the revised ORMP would 
not include any role for Product Risk Committees. The Commission 
believes this change would specify a clear and direct line of 
responsibility for the Risk Oversight Department. The Commission 
further notes that although the revised ORMP would remove the Product 
Risk Committees, the CDS Product Risk Committee includes as a member 
either the ICE Clear Europe President or the Head of First Line 
Clearing Risk, and that the President and the Head of First Line 
Clearing Risk are both voting members of the Executive Risk Committee. 
Given that, the Commission believes that the President or Head of First 
Line Clearing Risk could share information related to operational risk 
with the CDS Product Risk Committee as needed.\14\
---------------------------------------------------------------------------

    \14\ See ICE Clear Europe Limited, Compliance with Principles 
for Financial Market Infrastructures Disclosure Framework, available 
at <a href="https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf">https://www.theice.com/publicdocs/clear_europe/ICE_Clear_Europe_Disclosure_Framework.pdf</a>.
---------------------------------------------------------------------------

    The revised ORMP also would require that the Executive Risk 
Committee approve changes in the Risk Dashboard at each monthly meeting 
and report

[[Page 33862]]

those changes to the Board Risk Committee and Board. The Commission 
believes that adding this language to the ORMP (it is not stated in the 
current ORMP but is part of the RIF), would specify a clear and direct 
line of responsibility for the Executive Risk Committee.
    Finally, with respect to the oversight of the ORMP itself, 
currently the policy provides that it is subject to the oversight of 
the Audit Committee and Risk Oversight Department. The proposed rule 
change would remove the Audit Committee, such that the revised ORMP 
would only be subject to the oversight of the Risk Oversight 
Department. The Commission believes this change would specify a clear 
and direct line of responsibility for the Risk Oversight Department, in 
accordance with the appropriate line of risk defense, as discussed 
above.
    Therefore, the Commission finds that the proposed rule change is 
consistent with Rule 17Ad-22(e)(2)(v).\15\
---------------------------------------------------------------------------

    \15\ 17 CFR 240.17Ad-22(e)(2)(v).
---------------------------------------------------------------------------

iii. Consistency With Rule 17Ad-22(e)(17)

    Rule 17Ad-22(e)(17) requires that ICE Clear Europe establish, 
implement, maintain and enforce written policies and procedures 
reasonably designed to manage its operational risks by, among other 
things, identifying the plausible sources of operational risk, both 
internal and external, and mitigating their impact through the use of 
appropriate systems, policies, procedures, and controls.\16\ The 
Commission believes that the revised ORMP should improve ICE Clear 
Europe's ability to manage operational risk by identifying the 
plausible sources of operational risk at ICE Clear Europe. For example, 
the revised ORMP would include the Risk Dashboard as an appendix, and 
similarly the RIF includes the Risk Dashboard as an appendix. Because 
the Risk Dashboard documents all of ICE Clear Europe's identified 
operational risks, the Commission believes that adding it formally as 
an appendix to the ORMP would help to ensure that Risk Owners focus on 
identifying new, undocumented operational risks by delineating those 
risks that ICE Clear Europe already knows of and has identified.
---------------------------------------------------------------------------

    \16\ 17 CFR 240.17Ad-22(e)(17).
---------------------------------------------------------------------------

    Similarly, the Commission believes that the revised ORMP should 
improve ICE Clear Europe's ability to manage operational risk by 
mitigating the impact of operational risk through the use of 
appropriate controls. For example, the revised ORMP would provide 
additional detail with respect to controls and the assessment of their 
effectiveness, including how Risk Owners would rate the effectiveness 
of controls. The Commission believes that doing so could help identify 
and improve controls that could mitigate the impact of operational 
risks.
    Therefore, the Commission finds that the proposed rule change is 
consistent with Rule 17Ad-22(e)(17).\17\
---------------------------------------------------------------------------

    \17\ 17 CFR 240.17Ad-22(e)(17).
---------------------------------------------------------------------------

IV. Conclusion

    On the basis of the foregoing, the Commission finds that the 
proposed rule change is consistent with the requirements of the Act, 
and in particular, with the requirements of Section 17A(b)(3)(F) of the 
Act \18\ and Rules 17Ad-22(e)(2)(v) and 17Ad-22(e)(17) thereunder.\19\
---------------------------------------------------------------------------

    \18\ 15 U.S.C. 78q-1(b)(3)(F).
    \19\ 17 CFR 240.17Ad-22(e)(2)(v) and (e)(17).
---------------------------------------------------------------------------

    It is therefore ordered pursuant to Section 19(b)(2) of the Act 
\20\ that the proposed rule change (SR-ICEEU-2022-008) be, and hereby 
is, approved.\21\
---------------------------------------------------------------------------

    \20\ 15 U.S.C. 78s(b)(2).
    \21\ In approving the proposed rule change, the Commission 
considered the proposal's impact on efficiency, competition, and 
capital formation. 15 U.S.C. 78c(f).

    For the Commission, by the Division of Trading and Markets, 
pursuant to delegated authority.\22\
---------------------------------------------------------------------------

    \22\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------

J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2022-11879 Filed 6-2-22; 8:45 am]
BILLING CODE 8011-01-P


</pre></body>
</html>