October 2014 Newsletter

OCC Logo
OCC News

In This Issue

OCC Chairman Shares Insight on New Risk Control Standards

Craig DonohueOCC and the U.S. options exchanges recently announced the adoption of risk control standards designed to reduce the risk of trading errors. Executive Chairman Craig S. Donohue discusses details about the standards that will strengthen industry protections.

What prompted the need for these new risk controls?

There is a higher risk of errors or unintended activity that could cause or contribute to a financial loss to market participants and OCC in the marketplace today. Technology and the speed of trading has made our markets more efficient, but also increased the risks. Strengthening risk controls is a high priority for OCC, our regulators, exchanges and market participants. Working with all of the U.S. options exchanges, we have adopted risk control standards that together, will further protect market participants and OCC against financial loss.

What does the timeline for implementing the risk control standards look like?

OCC has worked with our participant exchanges and our Board of Directors since early this year to develop exchange risk control standards designed to better protect OCC and the options marketplace against certain risks. The standards will be implemented through an OCC rule that will apply a principles-based approach to options transactions. We are working on a schedule for full implementation in mid-2016.

Each options exchange that clears and settles through OCC will follow the four standards that were just adopted. What kinds of risks do these standards address?

The first of the four standards includes price reasonability checks, which are designed to prevent the display and execution of quotes and orders at extreme prices. Drill-through protections is the second standard. They restrict the prices at which orders may be executed and prevent marketable orders from improperly trading through many price increments in a short period of time. The third standard addresses activity-based protections, which focus on risk beyond price such as a high frequency of trades in a set period of time. The final standard is providing kill switches that enable the termination of access to an options exchange's trading system under certain defined circumstances.

Why is OCC concerned with "pre-trade" risk controls and what incentive do the exchanges have to meet the standards?

As I noted, there is a growing risk posed by erroneous trading errors in financial markets. There have been numerous examples in stock, options and futures markets involving direct access, automated trading systems creating erroneous trades that result in significant financial losses to qualifying clearing member firms and their customers. At OCC, we are obligated to accept all matched trades from our participant exchanges, creating the possibility that significant erroneous trades might impact the financial wherewithal of a clearing member firm or potentially OCC itself. OCC faces higher risk, and therefore higher cost, in clearing options trades conducted on exchanges that have inadequate risk controls. It is in the best interest of market participants that every exchange adopts the reasonable, principles-based risk controls we have developed and the clearing member community should encourage the exchanges to comply with the standards.

Subject to regulatory approval, beginning on June 30, 2016, OCC will impose an additional $.02 charge per contract side on clearing members for transactions that have been executed at exchanges that have not demonstrated compliance with exchange risk control standards.

The added fee will hopefully further encourage adoption by all U.S. options exchanges and achieve our collective goal of enhancing industry protections. Strengthening market protections will also contribute to investor confidence and help our industry continue to grow.

As always, OCC will continue to look for ways to reduce risk in the markets we serve and further enhance our resiliency to meet the heightened expectations that our stakeholders have for us as a systemically important institution.

Back to Top

OCC Prepares for New SEC Rules on Systems Compliance and Integrity

OCC has been working diligently to prepare for new rules proposed by the SEC on Systems Compliance and Integrity (RegSCI). The proposed rules would require SCI entities to ensure their core technology meets certain standards, conduct business continuity testing, and provide certain notifications in the event of systems disruptions and other events. Under the rules, OCC would be designated an SCI entity and subject to RegSCI.

The regulatory framework seeks to uphold the integrity and resiliency of the systems that run the U.S. securities markets. To comply with the proposed rules, OCC will most likely make changes in the following areas: regulatory reporting requirements of SCI events in systems disruptions, systems intrusion and compliance issues; annual RegSCI review by objective personnel; business continuity and disaster recovery plans; and adoption of SCI industry standards in areas such as application controls, capacity planning, and audit, among others.

Throughout 2014, OCC has worked to compare its policies and IT control standards to the proposed RegSCI industry standards. Through this analysis, OCC has identified a number of control improvements that will be implemented in 2015. The SEC is currently in the final phases of review of RegSCI and its implementation is expected to be approved this year and phased over the next 18 to 24 months.

The new rules will pose substantial operational and administrative hurdles for all subjected entities including OCC. Once a final rule is published by the SEC, OCC will develop a phased implementation schedule based on the timelines prescribed in the final rule in order to reduce potential risks and ensure compliance, which will include a risk assessment, policy deployment, implementation and test phases.

Back to Top

How OCC and ChicagoFIRST Partner to Enhance National Resiliency

Dan DeWaalOCC and ChicagoFIRST have worked together over the years to protect the nation's critical infrastructure. OCC's Dan DeWaal, First Vice President & Chief Security Officer, chairs ChicagoFIRST's Board of Directors and shares details on how the two organizations build resiliency within the financial community.

OCC helped found ChicagoFIRST. Tell us about how the organization came into being and our role today?

ChicagoFIRST was formed in 2003 as part of a broader government initiative to improve the public/private partnership toward the protection of critical infrastructure for the country. OCC and LaSalle Bank formed ChicagoFIRST to look at business continuity and security issues, bringing together 14 firms around three common issues: establishing a relationship with the city of Chicago and emergency operation center; working with the city to form evacuation plans; and focusing on physical security plans. Today, we have 28 member firms and more than 30 local, state and federal partners with information-sharing protocols before, during and after major events. We combine local preparedness with a national network to enhance resiliency.

How do OCC and ChicagoFIRST work together to address the threat of cyber security in today's environment?

Just think how much our personal and professional lives have changed over the past decade. We become more interconnected every day. For example, our use of mobile devices and communication through different platforms has increased to the point where we access personal and work email from the same device, and because of this we have to constantly reevaluate the safeguards we have to protect our systems and information.

Most of our cyber discussions have grown out of our relationship with the Financial Services Information Sharing and Analysis Center, or FS-ISAC. Through this organization we collaborate with financial firms throughout the U.S. and internationally. In addition to the global cybersecurity perspective FS-ISAC provides, we find the local connection through ChicagoFIRST equally informative. ChicagoFIRST provides a forum for Chicago-area financial institutions to meet regularly to discuss cybersecurity threats. ChicagoFIRST connects business and cyber experts to share ideas on what risks are posed to our firms and best practices to counter the threat.

Earlier this year OCC and ChicagoFIRST were involved in the Federal Rollout of NIST Cybersecurity Framework. Can you talk about that initiative and being involved in programs on the national level?

OCC and some other ChicagoFIRST firms participated in the creation of the national cybersecurity framework throughout 2013. After the framework was published in early 2014, ChicagoFIRST held an information session for members and partners to hear from representatives from the National Security Council, U.S. Department of Commerce National Institute of Standards, and Office of Cybersecurity & Communications U.S. Department of Homeland Security. These speakers explained how the framework can be used by all types of firms to strengthen their cybersecurity posture and, more importantly, how the framework provides a common language that can be used to better understand cyber risk.

In addition to cyber security what other areas is ChicagoFIRST working on to build resiliency in the financial community?

We work to help the Chicago Office of Emergency Management Communications, or OEMC, connect to businesses in the Chicago area on matters related to safety and security. ChicagoFIRST maintains a seat in the City's Operation Center in times of heightened alert such as the NATO Summit in 2012 or more recently for the Chicago Marathon. From this seat in the Emergency Operations Center members are able to both receive and request information that could impact their business.

ChicagoFIRST is currently focused on credentialing, in an effort to standardize protocols used by various government agencies that would be called upon during emergencies. Our goal is to harmonize the credentialing process and then train first responders and businesses on protocols. ChicagoFIRST members recently participated in an exercise to demonstrate how common credentialing could work.

Back to Top

Website Enhancements Increase Communication, Functionality

OCC recently implemented enhancements to its website in order to increase communication and transparency with customers and clearing members. All current and historical OCC-issued information memos are now accessible on the public website. Previously, operational, DDS and outage memos were located on MyOCC, which required an ID to access. Redesigned search functionality permits more extensive searching capabilities. This includes filtering by specific memo categories such as Contract Adjustment, Operational, Data Distribution Services, Options Disclosure Document and Outages.

OCC also redesigned the Email Alerts page. Now called the Subscription Center, this page allows email subscription options to support the additional memo categories. Users can also subscribe and receive memos through an RSS feed.

For more information contact the Member Services Help Desk at 800-621-6072 or memberservices@theocc.com.

Back to Top

Register Now!

Register by February 13, 2015, to take advantage of the Early Bird discount for the 2015 Options Industry Conference The event takes place in Miami Beach, Florida, May 6-8. Sponsorship and Exhibitor opportunities are available!

Disclosure Framework Self-Assessment

OCC recently published its Disclosure Framework for Financial Market Infrastructures. The self-assessment is in accordance with the Principles for Financial Market Infrastructures and provides relevant information regarding the methods that OCC uses to manage the risks it faces as a central counterparty.

Volume Update

Volume Update
Interested in reading about what is happening with options volume? Click here for OCC's monthly volume press release.

OCC News Archive

Click here for prior issues.

One North Wacker Drive, Suite 500, Chicago, IL 60606     (312) 322-6200     Email OCC

The information contained in this newsletter is for general information purposes only. Although every attempt is made to ensure the accuracy of the information, OCC assumes no responsibility for any errors or omissions. All materials pertaining to rules and specifications are made subject to and are superseded by the By-Laws and Rules of OCC.