CPMI and IOSCO issue an assessment methodology for the oversight expectations applicable to critical service providers

23 December 2014

The document provides guidance for authorities in assessing an FMI’s critical service providers against oversight expectations.

The Committee on Payments and Market Infrastructures (CPMI) and the IOSCO published the Assessment methodology for the oversight expectations applicable to critical service providers.

This assessment methodology also provides guidance to critical service providers in complying with the oversight expectations.

Typically, this assessment would be conducted (or commanded) by the critical service provider itself, which would then make the (self-)assessment available to the FMI and the latter's regulatory authority. The assessment methodology relies on key questions for each oversight expectation, which address the critical service provider’s approach or framework for managing risks. These questions are not intended to serve purely as a checklist or to be exhaustive. Regulators, supervisors and overseers of FMIs could, at their discretion, pose additional questions as needed to address the particulars of the FMI, its critical service providers or other relevant issues.

The assessment methodology builds upon the existing explanatory text in Annex F and provides more detailed guidance on risk management practices and additional issues of consideration. The key questions seek answers as to whether the critical service provider's policies and procedures in the identified areas are clear and comprehensive, and how these are documented, reviewed and updated. A critical service provider may find it beneficial to disclose its answers to the key questions in the assessment methodology in order to help authorities, FMIs and, where relevant, their participants enhance their understanding of the risks involved in using the critical service provider’s services.

Full Assessment methodology

Full press release


© IOSCO