Notice2023-10469
Self-Regulatory Organizations; Options Clearing Corporation; Notice of Filing of Proposed Rule Change by The Options Clearing Corporation To Amend and Enhance the Options Clearing Corporation's Model Risk Management Policy
Primary source
Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.
Published
May 17, 2023
Issuing agencies
Securities and Exchange Commission
Full Text
<html>
<head>
<title>Federal Register, Volume 88 Issue 95 (Wednesday, May 17, 2023)</title>
</head>
<body><pre>
[Federal Register Volume 88, Number 95 (Wednesday, May 17, 2023)]
[Notices]
[Pages 31549-31554]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2023-10469]
-----------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
[Release No. 34-97484; File No. SR-OCC-2023-004]
Self-Regulatory Organizations; Options Clearing Corporation;
Notice of Filing of Proposed Rule Change by The Options Clearing
Corporation To Amend and Enhance the Options Clearing Corporation's
Model Risk Management Policy
May 11, 2023.
Pursuant to section 19(b)(1) of the Securities Exchange Act of 1934
(``Exchange Act'' or ``Act''),\1\ and Rule 19b-4 thereunder,\2\ notice
is hereby given that on April 27, 2023, the Options Clearing
Corporation (``OCC'') filed with the Securities and Exchange Commission
(``Commission'') the proposed rule changes described in Items I, II and
III below, which Items have been prepared primarily by OCC. The
Commission is publishing this notice to solicit comments on the
proposed rule change from interested persons.
---------------------------------------------------------------------------
\1\ 15 U.S.C. 78s(b)(1).
\2\ 17 CFR 240.19b-4.
---------------------------------------------------------------------------
I. Clearing Agency's Statement of the Terms of Substance of the
Proposed Rule Change
This proposed rule change would amend and enhance OCC's Model Risk
Management Policy. The Model Risk Management Policy is included as
confidential Exhibit 5 to File Number SR-OCC-2023-004. The proposed
rule change does not require any changes to the text of OCC's By-Laws
or Rules. All terms with initial capitalization that are not defined
herein have the same meaning as set forth in the OCC By-Laws and Rules.
II. Clearing Agency's Statement of the Purpose of, and Statutory Basis
for, the Proposed Rule Change
In its filing with the Commission, OCC included statements
concerning the purpose of and basis for the proposed rule change and
discussed any comments it received on the proposed rule change. The
text of these statements may be examined at the places specified in
Item IV below. OCC has prepared summaries, set forth in sections (A),
(B), and (C) below, of the most significant aspects of these
statements.
(A) Clearing Agency's Statement of the Purpose of, and Statutory Basis
for, the Proposed Rule Change
(1) Purpose
This proposed rule change would make certain changes to OCC's Model
Risk Management Policy (``MRM Policy'' or ``Policy'') to enhance the
manner in which OCC manages the risk models and methodologies used in
connection with OCC's business. OCC's use of risk models exposes OCC to
model risk. Model risk is the potential for adverse consequences from
decisions based on incorrect or misused model outputs. For example, a
model that is not managed properly could potentially cause OCC to over-
collect or under-collect the appropriate amount of collateral to cover
credit risk posed by Clearing Members. OCC notes that the MRM Policy is
part of a broader framework regarding model risk management that is
designed to further the appropriate design, validation, and operation
of OCC's Risk Models.\3\
---------------------------------------------------------------------------
\3\ For example, OCC's Margin Policy is also part of OCC's
framework regarding model risk management in that it is designed to
be consistent with the requirement in Rule 17Ad 22(e)(6)(vii) that
OCC's policies and procedures provide for a risk-based margin system
that requires a margin model validation not less than annually. See
17 CFR 240.17Ad-22(e)(6)(vii).
---------------------------------------------------------------------------
The MRM Policy is designed to outline OCC's framework for managing
model risk and to define the roles and responsibilities throughout the
risk model and methodology lifecycle.\4\ As detailed further below, the
proposed changes to the MRM Policy primarily include amendments
designed to: (1) more comprehensively address risk methodologies rather
than just the underlying risk models; (2) revise the roles and
responsibilities of various individuals, groups, and departments with
respect to OCC's managing of model risk; (3) reflect certain non-
substantive changes, such as renaming certain policies and procedures;
and (4) add a description of certain ``Risk Applications'' and ``User
Developed Applications'' used by OCC.
---------------------------------------------------------------------------
\4\ The Risk Methodology and Risk Model lifecycle generally
includes the development, implementation, monitoring, and
independent validation of Risk Methodologies and Risk Models.
---------------------------------------------------------------------------
Risk Methodologies
OCC proposes to modify the MRM Policy to more directly contemplate
``Risk Methodologies'' rather than just ``Risk Models.'' As currently
defined in the MRM Policy, a Risk Model refers to any quantitative
method or approach that applies statistical, economic, financial, or
mathematical theories, techniques, and/or assumptions to process inputs
into quantitative estimates, forecasts, or projections and can also be
a quantitative method with inputs that are qualitative or based on
business judgment. As also currently defined in the MRM Policy, a
Methodology refers to a collection of Risk Models that are used to
estimate financial risk exposures.
OCC proposes to specify in the MRM Policy that Risk Models are
integrated into ``Risk Methodologies'' to broaden and align OCC's
internal model risk policies and procedures by the adoption of the more
holistic and comprehensive Risk Methodologies framework consisting of a
collection of components, related inputs and outputs, and potentially
other tools and applications, as explained further below. Specifically,
OCC proposes to replace the definition of Methodology with a definition
of a ``Risk Methodology,'' providing that a Risk Methodology is a
collection of Risk Models and related inputs and outputs, which are
used to estimate or compute a distinct aspect of OCC's credit (i.e.,
Clearing Fund and margin) and liquidity resources.\5\ The purpose of
the expanding the definition in this way is to facilitate a more
holistic view of the
[[Page 31550]]
relevant processes and calculations, as described in more detail below.
---------------------------------------------------------------------------
\5\ Under OCC's current MRM Policy, Risk Models are further
defined in specific contexts whereby the MRM Policy states that Risk
Models are ``credit risk models (i.e., Clearing Fund), and margin
system and related models (i.e., STANS), and liquidity risk
models.'' As part of the broader shift in this proposed rule change
from a focus on individual Risk Models to Risk Methodologies, OCC
proposes to incorporate these contexts into the definition of Risk
Methodologies, providing that Risk Methodologies ``are used to
estimate or compute a distinct aspect of OCC's credit (i.e.,
Clearing Fund and margin) and liquidity resources.'' The proposed
new definition of Risk Methodologies would capture all existing Risk
Models that address OCC's credit, margin and liquidity resources.
---------------------------------------------------------------------------
A Risk Methodology is therefore broader than a particular Risk
Model because a Risk Methodology may include multiple constituent Risk
Models, as well as any other inputs or outputs that may not be part of
any one particular constituent Risk Model but that nonetheless
contribute to the overarching Risk Methodology.\6\ Because Risk Models
typically do not operate in isolation, but rather as part of a broader
Risk Methodology, OCC believes that expanding the MRM Policy to more
comprehensively focus on Risk Methodologies would promote a more sound
risk management framework, consistent with Rule 17Ad-22(e)(3).\7\ The
proposed definition of Risk Methodology is designed to capture each of
the constituent Risk Models of which the Risk Methodology is comprised
as well as any other inputs or outputs that might be part of how OCC
manages OCC's credit and liquidity resources. OCC believes that the
proposed definition of Risk Methodology therefore takes a more holistic
view toward the processes and calculations by which OCC manages risks
arising in connection with the use of a Risk Model.
---------------------------------------------------------------------------
\6\ For example, as part of OCC's Margin Methodology, OCC
considers the settlement obligations of both an individual Clearing
Member as well as its affiliates that comprise a Clearing Member
Group. See OCC Rule 609, Interpretation and Policies .01 (providing
that OCC will consider the margin assets of a Clearing Member's
affiliates in determining whether a Clearing Member's forecasted
settlement obligations to OCC could exceed the liquidity resources
available to OCC to satisfy such obligations). The calculation of
the relevant assets of a Clearing Member's affiliates as part of a
Clearing Member Group are not part of a particular Risk Model (e.g.,
the quantitative method to determine intra-day margin obligations)
but are an input to the broader OCC Margin Methodology.
\7\ 17 CFR 240.17Ad-22(e)(3).
---------------------------------------------------------------------------
Accordingly, OCC proposes to modify references to Risk Models in
the MRM Policy to instead refer to Risk Methodologies in describing the
manner in which OCC governs model risk and in describing the roles and
responsibilities of various OCC groups and departments under the
Policy.\8\ For example, rather than specifying that the design, theory,
and logic of each Risk Model used by OCC shall take into consideration
published literature and industry best practice, where it is available,
the revised MRM Policy would provide that the design, theory, and logic
of each Risk Methodology used by OCC will take into consideration
published literature and industry best practice, where it is available.
OCC notes that this proposed change to broaden the scope from Risk
Models to Risk Methodologies would not modify OCC's processes with
respect to any individual Risk Model. That is, OCC would continue to
perform the same review of each individual Risk Model as it does today,
but would now include a more comprehensive consideration of each Risk
Model as part of a Risk Methodology as well as any calculations or
inputs that may contribute to a Risk Methodology but that may not
necessarily be part of a particular Risk Model.
---------------------------------------------------------------------------
\8\ The current MRM Policy does address Risk Methodologies by
providing that OCC's Quantitative Risk Management department is
required to describe each Risk Model Methodology in a Methodology
document.
---------------------------------------------------------------------------
Roles and Responsibilities of OCC Departments
OCC proposes to modify the descriptions of the roles and
responsibilities of various OCC departments and groups that are
referenced in the MRM Policy to account for the broadened scope of the
MRM Policy to focus on Risk Methodologies rather than individual Risk
Models. For example, under the current Policy, OCC's Quantitative Risk
Management (``QRM'') department is responsible for, among other things,
monitoring the use and performance of Risk Models according to relevant
procedures, maintaining risk tolerances and associated key risk
indicators to measure and monitor risk models. Financial Risk
Management (``FRM'') is the parent department of which QRM is a
part.\9\ OCC proposes to modify the allocation of responsibility to
instead provide that OCC's FRM department is responsible for the tasks
currently performed by QRM, such as, among other things, monitoring the
use and performance of Risk Methodologies according to relevant
procedures and maintaining risk tolerances and associated key risk
indicators to measure and monitor risk associated with Risk
Methodologies.\10\ While QRM has, and will continue to have, primary
responsibility for individual Risk Models, OCC proposes to change the
references from QRM to FRM to encompass the responsibilities of other
departments within FRM that may have responsibility for an input or
output that is not necessarily part of a particular Risk Model, but
which is part of a Risk Methodology.\11\ The particular
responsibilities of each department within FRM depend on the particular
Risk Methodology and the constituent Risk Models and any additional
inputs or outputs, but all groups within FRM would be subject to the
Policy.
---------------------------------------------------------------------------
\9\ FRM includes, in addition to QRM, OCC's Credit Risk
Management, Market Risk and Default Management, Pricing and Margins,
Stress Testing and Liquidity Management departments.
\10\ OCC also proposes certain other non-substantive changes to
the MRM Policy intended to provide greater clarity. For example,
currently the MRM Policy specifies that the Chief Financial Risk
Officer (``CFRO'') (or his or her delegate) shall review and, if
appropriate, approve Risk Model documentation. OCC proposes to
revise the description by removing the reference to delegate and
adding that these functions are performed by following OCC's Risk
Methodology Documentation Procedure. OCC does not intend this
outcome to result in any substantive change in the roles and
responsibilities related to documentation of Risk Methodologies
(other than the scope expanding from Risk Models to Risk
Methodologies). Moreover, OCC's Risk Methodology Documentation
Procedure establishes that the CFRO (or the CFRO's delegate) retains
the same responsibilities for Risk Model and Risk Methodology
documentation. As a result, OCC believes that OCC's policies and
procedures will continue to ensure clear and direct lines of
responsibility, consistent with Rule 17Ad-22(e)(2)(v). 17 CFR
240.17Ad-22(e)(2)(v).
\11\ OCC proposes that all references to QRM would be changed to
FRM to account for the broadened scope from Risk Models to Risk
Methodologies with the exception that the MRM Policy would continue
to specify that QRM is responsible for the review of ``Assessment
Reports,'' which are conclusions drawn from a review of individual
Risk Model performance, parameters, and assumptions.
---------------------------------------------------------------------------
In addition, OCC proposes to set forth the responsibilities of
Model Risk Management (``MRM'') under the Policy with respect to Risk
Methodologies. For example, MRM is currently responsible under the MRM
Policy for, among other things, validating all Risk Models prior to
implementation and evaluating the performance of each Risk Model by
performing independent model validations, in each case in accordance
with relevant procedures. As proposed, the MRM Policy would instead
provide that MRM is responsible for, among other things, validating all
Risk Models and Methodologies (including any changes to Risk
Methodologies) prior to implementation and also for evaluating the
performance of each Risk Model by performing independent model
validations in each case in accordance with relevant procedures.
Additionally, currently under the MRM Policy, the Executive Director of
MRM is responsible for developing and maintaining the Annual Model
Validation Plan. As proposed, the MRM Policy would provide that the
head of MRM \12\ develops and maintains the, now renamed, Annual
Validation Plan (``Annual Plan'') \13\ and schedule for all in-use Risk
Methodologies, including
[[Page 31551]]
Risk Models.\14\ As proposed, there would be no change to the Annual
Plan, other than that it would now encompass Risk Methodologies more
broadly--rather than just individual Risk Models.
---------------------------------------------------------------------------
\12\ The current title of the head of MRM is the ``Managing
Director, Model Risk Management,'' rather than the ``Executive
Director.'' As titles may change over time, OCC proposes to simply
refer to ``the head of MRM'' rather than specifying the precise
title of the current head of MRM at this time.
\13\ OCC also proposes to make clear in a footnote to the MRM
Policy that the term ``annual'' means ``12 months, or 365 days.''
\14\ Similarly, the current MRM Policy specifies that the
Executive Director of MRM has qualified staff with the expertise to
perform model validations in accordance with relevant procedures and
that MRM personnel shall be independent from and not report to OCC
business areas involved in the development, implementation and
operation of Risk Models. Under this proposed rule change, the MRM
Policy would provide that the head of MRM maintains qualified
personnel to perform validations in accordance with relevant
procedures and that such MRM personnel are independent from OCC
business areas involved in the development, implementation and
operation of Risk Methodologies.
---------------------------------------------------------------------------
OCC also proposes to provide some additional description of MRM's
role by specifying that MRM independently validates all Risk
Methodologies in accordance with the Methodology and Model Validation
Procedure and the Methodology and Model Performance Monitoring
Procedure, which includes reviewing the performance of each Risk
Methodology and verifying the software is implemented as intended. As
proposed, the MRM Policy would further specify that validation results,
including any conclusions, are documented in validation reports, and
are reviewed with FRM. These changes do not substantively alter the
roles and responsibilities of MRM other than with respect to the
expanded scope of assessing Risk Methodologies rather than just Risk
Models. Instead, the changes are intended to provide greater
specificity regarding MRM's current functions under the MRM Policy.
OCC also proposes to make non-substantive changes to the
description of the roles and responsibilities of OCC's Model Risk
Working Group (``MRWG''). The MRWG is generally responsible for, among
other things, assisting OCC's Management Committee in overseeing and
governing OCC's model-related risk issues, reviewing and, if
appropriate, approving new Risk Models, material changes to Risk
Models, and proposals for decommissioning Risk Models prior to
submission to OCC's Management Committee for review.\15\ Under the
current MRM Policy, the MRWG consists of representatives from QRM, FRM,
MRM, and OCC's Corporate Risk Management department. As proposed, the
MRWG would consist of representatives from FRM and OCC's Corporate Risk
Management department. OCC notes that the same groups would be
represented as part of the MRWG, only under different names. For
example, QRM is already part of FRM (as explained above), so references
to FRM already include QRM. Similarly, the Corporate Risk Management
department includes MRM. Pursuant to the MRWG Procedure, a
representative of each of the subgroups within FRM and the Corporate
Risk Management department that are currently part of the MRWG would
continue to be represented as part of the MRWG. The MRWG would
consequently consist of representatives from all of the same groups as
under the current MRM Policy, and the MRWG's functions would remain
substantively the same.
---------------------------------------------------------------------------
\15\ As proposed, to account for the expansion of the MRM Policy
to address Risk Methodologies rather than just Risk Models, this
description of the MRWG's role would be amended to provide that,
pursuant to the Model Risk Working Group Procedure, the MRWG reviews
and, if appropriate, approves all new Risk Methodologies, changes to
Risk Methodologies, and proposals for decommissioning Risk
Methodologies prior to submitting to the Management Committee for
review and approval.
---------------------------------------------------------------------------
Other Non-Substantive Changes
OCC proposes to delete Part VI of MRM Policy, which sets forth the
meaning of certain defined terms in the Policy, such as the terms
``Methodology,'' ``Risk Model,'' ``Model Inventory,'' ``Material
Change,'' ``Model Risk,'' and ``Risk Model Defect.'' Certain of these
terms, such as ``Risk Model'' are already defined in the body of the
MRM Policy, and OCC does not propose any substantive change to these
defined terms.\16\ OCC proposes to delete the term ``Methodology'' from
the MRM Policy and replace such term with ``Risk Methodology,'' as
explained above, and set forth such new definition in the body of the
MRM Policy. OCC proposes to delete the term ``Risk Model Defect'' \17\
because such term is not used in the body of the MRM Policy, and the
concept of a Risk Model Defect is captured under the concept of
``observations'' or ``conclusions'' arising from various reviews and
validations of Risk Models and Risk Methodologies.\18\ OCC proposes to
delete the definition of a ``Material Change'' because OCC believes
that all changes to Risk Models and Risk Methodologies should be
subject to the oversight processes outlined in the MRM Policy, rather
than only those that might be considered ``material.'' OCC also
proposes to delete the definition of ``Independent Model Validation,''
which is currently defined as evaluation of the performance of a Risk
Model performed by a qualified person who is free from influence from
the persons responsible for the development or operation of the models
being validated. OCC believes that this change is not substantive
because the MRM Policy, as proposed, would provide that MRM is
responsible for independent model validations and that MRM personnel
\19\ performing such validations are independent from, do not report
to, and are otherwise free from influence from OCC business areas
involved in the development, implementation and operation of Risk
Methodologies.\20\
---------------------------------------------------------------------------
\16\ This is also true with respect to the definition of ``Model
Risk,'' which is currently defined as the potential for adverse
consequences from decisions based on incorrect or misused model
outputs. While OCC proposes to delete this defined term, this
related description is preserved in the opening paragraph of the MRM
Policy.
\17\ The term ``Risk Model Defect'' is currently defined as an
error, flaw, failure or fault in a computer program or system that
causes a Risk Model to produce an incorrect or unexpected result, or
to behave in unintended ways.
\18\ Similarly, OCC proposes to delete the defined term
``Decommissioned Model,'' which is currently defined as a Risk Model
that has been approved by OCC's Risk Committee to no longer be used
to estimate OCC's margin or clearing fund exposures. Such term is
not currently used in the body of the MRM Policy. OCC is not
proposing any substantive changes to the manner in which a Risk
Model or Risk Methodology may be decommissioned under this proposed
rule change. OCC also proposes to delete the definition of ``Model
Inventory,'' referring to OCC's data base of in-use Risk Models and
Risk Methodologies because references to OCC's Risk Model and Risk
Methodology Inventory are self-explanatory.
\19\ As noted above, under the proposed rule change, the head of
MRM is responsible for maintaining ``qualified staff with the
requisite knowledge, skills, and expertise to perform validations''
pursuant to relevant procedures. See infra n.16. As a result, the
component of the ``Independent Model Validation'' referring to model
validations being performed by a ``qualified person'' would be
preserved to ensure that model validations are performed by
qualified individuals.
\20\ OCC also proposes to change references in the MRM Policy to
``findings'' (e.g., findings from Risk Model or Risk Methodology
validations) to instead refer to these items as ``observations.''
The purpose of this change is to avoid confusion with the use of the
term ``findings'' in other OCC policies and procedures, such as in
respect of regulatory findings or internal audit findings. But there
would be no substantive change in any of the roles or
responsibilities of the relevant OCC personnel with respect to Risk
Model and Risk Methodology validation and performance monitoring.
Relatedly, OCC also proposes to change the current reference to its
``Model Findings Management Procedure'' and its ``Model Risk
Management Findings Dashboard'' to the ``Model Risk Observations
Management Procedure'' and the ``Model Risk Management Observations
Dashboard'' respectively.
---------------------------------------------------------------------------
OCC also proposes certain changes to the names of procedures
mentioned in the MRM Policy. For example, the MRM Policy currently
refers in certain places to the ``Risk Model Development Procedure,''
the ``Model Implementation Procedure,'' and the ``Model Validation
Procedure.'' \21\ The Risk Model
[[Page 31552]]
Development Procedure and Model Implementation Procedure have been
merged into a single procedure. It is referred to as the ``Risk
Methodology Development and Implementation Procedure'' to reflect the
expanded scope of covering Risk Methodologies rather than just Risk
Models. Similarly, the ``Model Validation Procedure'' has been modified
for the same reason to refer to the ``Methodology and Model Validation
Procedure.''
---------------------------------------------------------------------------
\21\ Similarly, OCC proposes to modify references to ``Model
Assessment Reports'' to refer to just ``Assessment Reports'' in
light of the broadened scope to capture Risk Methodologies rather
than just ``Risk Models.'' Additionally, OCC proposes to change
references to the Risk Model Documentation Procedure to the Risk
Methodology Documentation Procedure.
---------------------------------------------------------------------------
In certain other places within the MRM Policy, OCC proposes to
modify references to certain specific procedures. Specifically, the MRM
Policy currently specifies that QRM monitors the use and performance of
Risk Models according to OCC's Model Backtesting Procedures, the
Business Backtesting Procedure, and the Margin Model Parameter Review
and Sensitivity Analysis Procedure. OCC proposes to add to this list
that this also includes other ``related policies and procedures,'' and
note that these additional related policies and procedures relate to
OCC's Clearing Fund Methodology Policy, Liquidity Risk Management
Framework and Margin Policy. OCC proposes to add ``and related policies
and procedures'' because there are a number of additional policies or
procedures (over 20) not specifically enumerated in the MRM Policy that
OCC believes should be generally referenced in the MRM Policy given
their relevance to Risk Methodology monitoring functions.
Finally, OCC also proposes to make non-substantive amendments to
streamline the description of the Management Committee's annual review
and approval of any changes to MRM Policy.\22\
---------------------------------------------------------------------------
\22\ Currently, the MRM Policy specifies that OCC's Management
Committee shall review and approve the Policy on an annual basis and
recommend approval of the Policy to the Risk Committee and that the
Management Committee also shall review and approve any material
changes to the Model Risk Management Policy and recommend further
approval to the Risk Committee. As proposed, the MRM Policy would
provide that the Management Committee reviews and approves any
changes to the Model Risk Management Policy annually and recommends
further approval to the Risk Committee.
---------------------------------------------------------------------------
Risk Applications
OCC also proposes to add a description of ``Risk Applications'' to
the MRM Policy. Risk Applications are tools with advanced quantitative
or mathematical techniques that (a) apply to statistical, economic, or
financial theories, and/or assumptions to process inputs into
quantitative estimates, forecasts, or projections, and (b) do not have
direct impact on OCC's margin, credit, or liquidity resources. OCC
proposes to amend the MRM Policy to further specify that the Risk
Application governance processes are outlined in the Risk Application
Management Procedure and that, as part of this governance, MRM performs
validations of the Risk Applications to verify the conceptual soundness
of the Risk Application against its intended use, documented in
validation reports, and that observations from such validations are
addressed according to OCC's Model Risk Observation Management
Procedure. OCC proposes to include mention of Risk Applications, which
are used by OCC today, in the MRM Policy so that the MRM Policy
describes these additional tools that are complementary to OCC's Risk
Model and Risk Methodology management oversight. As noted, Risk
Applications are tools that apply to processes (e.g., estimates,
projections) that do not have a direct impact on OCC's margin, credit,
or liquidity resources. As a result, Risk Applications do not directly
impact Risk Models or Risk Methodologies, but are nonetheless related
to OCC's processes for managing potential model risk.
Similarly, OCC also proposes to amend the MRM Policy to provide
that OCC utilizes User Developed Applications (``UDAs''), which are
analytical applications designed to manipulate and analyze data that
are used on a repetitive basis and might expose OCC to Model Risk. OCC
also proposes to specify in the MRM Policy that UDAs are subject to
governance processes outlined in OCC's User Developed Application (UDA)
Management Procedure. Similar to Risk Applications, UDAs do not have a
direct impact on OCC's Risk Models or Risk Methodologies, but reflect
tools used by OCC to manage potential risks arising from routine
calculations or data analysis performed by OCC.
(2) Statutory Basis
Section 17A(b)(3)(F) of the Exchange Act requires, among other
things, that the rules of a clearing agency be designed to assure the
safeguarding of securities and funds in the custody or control of the
clearing agency or for which it is responsible, and, in general, to
protect investors and the public interest.\23\ OCC believes that the
proposed amendments to the MRM Policy, which are primarily designed to
expand the scope of the MRM Policy to more directly govern Risk
Methodologies (i.e., a collection of Risk Models) rather than Risk
Models individually, would help to ensure that OCC maintains policies
and procedures that are reasonably designed to provide for a robust
model risk management framework, which in turn promotes the protection
of investors and the public interest. In particular, because Risk
Models typically do not operate in isolation, but rather as part of a
broader Risk Methodology, OCC believes that expanding the MRM Policy to
more comprehensively focus on Risk Methodologies would promote a more
sound risk management framework, consistent with Rule 17Ad-
22(e)(3).\24\ OCC believes that a more holistic approach would help to
ensure that potential sources of model risk that may not have been
formally subject to the MRM Policy are now subject to the MRM Policy,
which in turn can further the protection of investors and the public
interest which benefit from more sound risk management frameworks for
registered clearing agencies.
---------------------------------------------------------------------------
\23\ 15 U.S.C. 78q-1(b)(3)(F).
\24\ 17 CFR 240.17Ad-22(e)(3).
---------------------------------------------------------------------------
Rule 17Ad-22(e)(2) requires a covered clearing agency to establish,
implement, maintain and enforce written policies and procedures
reasonably designed to provide for governance arrangements that, among
other things: (i) clearly prioritize safety and efficiency of the
covered clearing agency; (ii) support the public interest requirements
in section 17A of the Exchange Act \25\ applicable to clearing
agencies, and the objectives of owners and participants and (iii)
specify clear and direct lines of responsibility.\26\ OCC believes that
the proposed changes to the MRM Policy are consistent with Rule 17Ad-
22(e)(2) because they are designed to prioritize the safety and
efficiency of OCC and support the public interest requirements in
section 17A of the Exchange Act by helping to ensure that Risk
Methodologies are reviewed holistically to evaluate potential model
risk rather than evaluating model risk for Risk Models on a more
individual basis. While OCC's current processes under the MRM Policy do
contemplate the evaluation of Risk Methodologies, OCC believes that the
proposed changes will better facilitate a review of Risk Methodologies
in their entirety, which OCC believes helps prioritize the safety and
efficiency of OCC by addressing additional
[[Page 31553]]
potential sources of model risk that may not have previously been
directly subject to the MRM Policy. The safe and efficient management
of risks related to the sufficiency of OCC's credit, margin, and
liquidity resources--including arising from Risk Models and Risk
Methodologies used to calculate and manage such risks--is necessary to
allow OCC to effectively and continuously carry out its core clearing
functions (such as transferring record ownership and safeguarding
securities and funds). OCC notes that its current processes for
reviewing Risk Models on an individual basis will not change under the
proposed rule change, but will now encompass more directly a broader
review of Risk Methodologies.
---------------------------------------------------------------------------
\25\ 15 U.S.C. 78q-1. The public interest requirements in
section 17A of the Act include that the ``prompt and accurate
clearance and settlement of securities transactions, including the
transfer of record ownership and the safeguarding of securities and
funds related thereto, are necessary for the protection of investors
and persons facilitating and acting on behalf of investors.'' See 15
U.S.C. 78q-1(a)(1)(A).
\26\ 17 CFR 240.17Ad-22(e)(2).
---------------------------------------------------------------------------
In addition, OCC believes the proposed changes to describe the
roles and responsibilities of different groups and departments (e.g.,
changing references from QRM to FRM) under the MRM Policy are also
consistent with Rule 17Ad-22(e)(2) because they would specify clear and
direct lines of responsibility among OCC personnel with
responsibilities under the MRM Policy and would reflect internal
organizational changes within OCC As described above, FRM encompasses
different departments, including QRM, that collaborate with each other
and that are tasked with responsibility for managing the Risk
Methodology framework subject to the MRM Policy. QRM has and will
continue to have primary responsibility for individual Risk Models,
however, references in the MRM Policy would be changed to FRM to
reflect that other departments within FRM may have responsibility for
an input or output that is part of a Risk Methodology but not
necessarily part of a Risk Model. This structure allows the processes
related to Risk Models and Risk Methodology components to be aligned
and managed under the one organizational umbrella of FRM, which in turn
better addresses sources of model risk from a holistic perspective. The
proposed changes in certain roles and responsibilities of different
groups, such as providing that MRM is responsible for validating Risk
Methodologies (including any changes to Risk Methodologies) prior to
implementation, clearly and transparently reflects FRM's broadened
scope of responsibility for the Risk Methodology framework. Moreover,
the approach results in OCC having a coordinated strategy for managing
the Risk Methodology framework and its components. None of the proposed
changes, however, would change the CFRO's role or supervisory
responsibility regarding all FRM's departments or change QRM's specific
responsibilities for Risk Models.\27\
---------------------------------------------------------------------------
\27\ OCC notes that it has modified the specific individual or
title of the individual responsible for carrying out certain
functions in two instances: (1) stating that FRM, rather than the
CFRO, is responsible for writing, reviewing, and approving Risk
Methodology documentation in accordance with OCC's Risk Methodology
Documentation Procedure; and (2) changing the reference from the
Executive Director of MRM to the ``head of MRM.'' See infra n.11 and
14 and accompanying text. In the former case, while the FRM
department is noted, the CFRO continues to be directly referenced
for review and, if appropriate, approval of Risk Methodology
documentation, and in the latter case, the change is non-substantive
as it is intended to accommodate potential title changes to the head
of MRM that may occur. See id. For these reasons, OCC does not
believe that these changes would diminish clear or direct lines of
responsibility under OCC's policies and procedures, including the
proposed MRM Policy.
---------------------------------------------------------------------------
Rule 17Ad-22(e)(3)(i) requires a covered clearing agency to
establish, implement, maintain, and enforce written policies and
procedures reasonably designed to, among other things, maintain a sound
risk management framework for comprehensively managing its risks, which
includes risk management policies, procedures, and systems designed to
identify, measure, monitor, and manage the range of risks that arise in
or are borne by the covered clearing agency, that are subject to review
on a specified periodic basis and approved by its board annually.\28\
OCC believes that the proposed Policy is consistent with Rule 17Ad-
22(e)(3)(i) \29\ because the proposed changes are designed to, among
other things, expand the MRM Policy to address Risk Methodologies
comprehensively rather than Risk Models on a more individual basis and
that the proposed changes thereby promote a more sound risk management
framework for comprehensively managing its risks. OCC notes that under
the proposed rule change, the MRM Policy would continue to be reviewed
on a periodic basis and reviewed by OCC's Board annually.\30\
---------------------------------------------------------------------------
\28\ 17 CFR 240.17Ad-22(e)(3)(i).
\29\ Id.
\30\ OCC also notes that it is not proposing any substantive
changes to its current processes related to performing independent
model validations on its credit risk models, margin models, and
liquidity risk models, and the proposed MRM Policy should therefore
remain consistent with the requirements of Rules 17Ad-22(e)(4)(vii),
(e)(6)(vii) and (e)(7)(vii). 17 CFR 240.17Ad-22(e)(4)(vii),
(e)(6)(vii) and (e)(7)(vii).
---------------------------------------------------------------------------
(B) Clearing Agency's Statement on Burden on Competition
Section 17A(b)(3)(I) of the Exchange Act \31\ requires that the
rules of a clearing agency not impose any burden on competition not
necessary or appropriate in furtherance of the purposes of the Exchange
Act. OCC does not believe that the proposed rule change would impact or
impose any burden on competition. The proposed rule change addresses
OCC's internal framework surrounding the governance, development,
implementation, use, monitoring, and validation of Risk Models and Risk
Methodologies. Under this framework, OCC's controls regarding the
design, use, implementation and validation of models, as set forth in
the proposed MRM Policy, insofar as they affect margin or Clearing Fund
requirements, would have an equal impact on all Clearing Members.
Consequently, the proposed Policy does not provide any Clearing Member
with a competitive advantage over any other Clearing Member. Further,
the proposed rule change would not affect any Clearing Member's access
to OCC's services or impose any direct burdens on Clearing Members.
Accordingly, the proposed rule change would not unfairly inhibit access
to OCC's services or disadvantage or favor any particular user in
relationship to another user.
---------------------------------------------------------------------------
\31\ 15 U.S.C. 78q-1(b)(3)(I).
---------------------------------------------------------------------------
For the foregoing reasons, OCC believes that the proposed rule
change is in the public interest, would be consistent with the
requirements of the Exchange Act applicable to clearing agencies, and
would not impact or impose a burden on competition.
(C) Clearing Agency's Statement on Comments on the Proposed Rule Change
Received From Members, Participants or Others
Written comments were not and are not intended to be solicited with
respect to the proposed rule change and none have been received.
III. Date of Effectiveness of the Proposed Rule Change and Timing for
Commission Action
Within 45 days of the date of publication of this notice in the
Federal Register or within such longer period up to 90 days (i) as the
Commission may designate if it finds such longer period to be
appropriate and publishes its reasons for so finding or (ii) as to
which the self-regulatory organization consents, the Commission will:
(A) by order approve or disapprove such proposed rule change, or
(B) institute proceedings to determine whether the proposed rule
change should be disapproved.
The proposal shall not take effect until all regulatory actions
required with respect to the proposal are completed.
[[Page 31554]]
IV. Solicitation of Comments
Interested persons are invited to submit written data, views, and
arguments concerning the foregoing, including whether the proposed rule
change, security-based swap submission or advance notice is consistent
with the Act. Comments may be submitted by any of the following
methods:
Electronic Comments
<bullet> Use the Commission's internet comment form (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>) or
<bullet> Send an email to <a href="/cdn-cgi/l/email-protection#9fedeaf3fab2fcf0f2f2faf1ebecdfecfafcb1f8f0e9"><span class="__cf_email__" data-cfemail="4634332a236b25292b2b232832350635232568212930">[email protected]</span></a>. Please include
File Number SR-OCC-2023-004 on the subject line.
Paper Comments
<bullet> Send paper comments in triplicate to Secretary, Securities
and Exchange Commission, 100 F Street, NE Washington, DC 20549-1090.
All submissions should refer to File Number SR-OCC-2023-004. This file
number should be included on the subject line if email is used. To help
the Commission process and review your comments more efficiently,
please use only one method. The Commission will post all comments on
the Commission's internet website (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>).
Copies of the submission, all subsequent amendments, all written
statements with respect to the proposed rule change that are filed with
the Commission, and all written communications relating to the proposed
rule change between the Commission and any person, other than those
that may be withheld from the public in accordance with the provisions
of 5 U.S.C. 552, will be available for website viewing and printing in
the Commission's Public Reference Room, 100 F Street NE, Washington, DC
20549, on official business days between the hours of 10:00 a.m. and
3:00 p.m. Copies of such filing also will be available for inspection
and copying at the principal office of OCC and on OCC's website at
<a href="https://www.theocc.com/Company-Information/Documents-and-Archives/By-Laws-and-Rules48T">https://www.theocc.com/Company-Information/Documents-and-Archives/By-Laws-and-Rules48T</a>.
Do not include personal identifiable information in submissions;
you should submit only information that you wish to make available
publicly. We may redact in part or withhold entirely from publication
submitted material that is obscene or subject to copyright protection.
All submissions should refer to File Number SR-OCC-2023-004 and should
be submitted on or before June 7, 2023.
For the Commission, by the Division of Trading and Markets,
pursuant to delegated authority.\32\
---------------------------------------------------------------------------
\32\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------
Sherry R. Haywood,
Assistant Secretary.
[FR Doc. 2023-10469 Filed 5-16-23; 8:45 am]
BILLING CODE 8011-01-P
</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>Indexed from Federal Register on May 17, 2023.
This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.