Skip to main content

Operational Resilience at DTCC

SINCE DTCC’S FOUNDING 50 YEARS AGO, RESILIENCE HAS BEEN AT THE HEART OF OUR VALUE PROPOSITION. IT IS EMBEDDED IN OUR SERVICES; IT IS A CENTRAL COMPONENT OF OUR CULTURE, AND IT IS AMONG OUR MOST IMPORTANT PRIORITIES. RESILIENCE IS A JOURNEY AND AS WE PARTNER WITH THE INDUSTRY OUR RESILIENCE CAPABILITIES WILL EVOLVE. THIS WEBSITE OUTLINES DTCC'S CURRENT PROTOCOLS AND PRACTICES DESIGNED TO MITIGATE RISK AND SECURE THE CAPITAL MARKETS.

Operational resilience is generally defined as the ability to prevent, withstand and quickly recover from disruptive events to continue providing critical business services.

Ensuring operational resilience is a common answer to “What keeps you up at night?” for many financial organizations globally. DTCC is focused on ensuring operational resilience and is helping drive industry-wide efforts to keep financial systems running in the face of disruptions, such as pandemics, natural disasters, cyber-attacks or technology failures. This is a key strategic enabler that is consistent with our mission to deliver the world’s most resilient and secure post-trade infrastructure for our clients.

Resilience Strategy

As a result of accelerating international regulatory expectations, financial institutions like DTCC are reassessing their approach to operational resilience. As the nature of risk continues to evolve, DTCC reviews and – as needed – refines its approach to resilience to ensure a robust program is in place to support business needs and plan for potential incidents.

To support our strategy, teams across the three lines of defense partner to deliver the capabilities outlined, including representatives from Business Resilience, Business Continuity and Resilience, and Information Technology. These teams are supported by other second and third line functions to enable internal controls, regulatory compliance, and ongoing oversight and testing of our processes and capabilities.

Strengthening Our Current Resiliency Capabilities

  • Rapid but safe recovery from various types of disruptions
  • Client tools for business resumption
  • Increased client communication for disruptions
  • Enhanced testing for disruption scenarios
  • Integration of financial authority obligations for operational resilience
Close

Progress Toward a Modern Resilient Architecture

  • Reduce impact of disruptions through loosely coupled applications
  • Minimize reliance on infrastructure for resiliency
  • Facilitate business functions to run in any processing region independently
  • Enable capability for core clearing and settlement to run in the public cloud
  • Evaluate data center location
Close

Strategic Components

There are several components that enable effective preparation for prompt recovery across DTCC. These opportunities increase resilience, decrease risk for the firm and elevate the client experience.

 

Resilience Governance


Definition

Overarching structure to provide direction and transparency of the desired outcomes.

How We Evaluate It

Total work output by the organization over a specified period of time with frequent updates to committees in alignment with our corporate objectives.

X

 

Response Planning


Definition

Multifunctional approach that incorporates business drivers into technology solutions, with a defined criterion for the identification of the firm’s critical services, their interconnections, interdependencies, and risk tolerance thresholds.

How We Evaluate It

Consolidated inventory of scenarios taking into account the threat landscape.

X

 

Test Resilience Capabilities


Definition

Comprehensive set of metrics that are tracked on an ongoing basis to monitor and assess business outcomes.

How We Evaluate It

Tested through regularly scheduled exercises such as the Loss of Region, Reg SCI, and the Ad-Hoc Capabilities testing.

X

 

Actively Monitor Resilience


Definition

Maintain active engagements with the industry, supervisors, and standard setting bodies to identify and promote best practices for operational resilience.

How We Evaluate It

Assessed test results of regularly occurring exercises provide insight into our resilience performance.

X

 

Ensure Resilient Technology


Definition

Improve resiliency posture by implementing our resiliency principles across key categories: Design Resilient Architecture, Regional Availability, Out-of-Region Recovery and Resilience Success.

How We Evaluate It

A resiliency mindset has been established as it is built into the Software Development Lifecycle process. Technology’s continuous improvement effort also ensures that our resiliency capabilities evolve as new technologies become available.

X

Resilience Framework

Leveraging existing modernization efforts across DTCC will increase the opportunity to adopt new solutions to strengthen resilience, therefore enhancing client experience and decreasing risk for the organization. Our operational resilience framework includes:

  • An enterprise-wide definition and application of operational resilience
  • Oversight and escalation protocols
  • Holistic, enterprise-wide business resilience metrics and reporting

Continuity of Services

Through its various exercises DTCC continues to identify technical and operational tools for certain impactful events with testing standards, as well as areas of opportunity whereby enhancements could strengthen its resilience. These tools are accompanied by a decision framework outlining trigger points, compatibility, and timing of when the capabilities may be leveraged. Firms will benefit from creating and identifying such capabilities that may be invoked in response to rare events, with specific exercise criteria to ensure their validity.

An example of these tools is DTC's Settlement Rollover capability.

Settlement Rollover Client Considerations

What is Settlement Rollover?

In the event DTC cannot complete end-of-day funds settlement prior to the close of the Fed’s Funds transfer service, the Settlement Rollover process would be enacted. Settlement Rollover allows DTC to carry current day settlement balances to the next business day.

What is the impact to clients?

As DTC will not be running EOD DTC/NSCC settlement on the day of the outage, client's will be unable to process their settlement obligations and receive any expected funds from their settling bank. DTC will net clients' unsettled Day 1 balances in the following day's DTC/NSCC net settlement. ​

What action(s) will clients need to take in the event of a Settlement Rollover?

Clients will need to monitor their settlement balances in light of DTC not processing DTC/NSCC EOD settlement.

What are the implications to client liquidity?

Access Day 1 Funds on Day 2 – To assist with liquidity for its clients, DTC will allow clients to withdraw Settlement Progress Payments (SPPs) and Principal and Interest (P&I) money in the event of a Settlement Rollover. This process aligns with the standard protocols as outlined in the DTC Settlement Service Guide. Any unwithdrawn funds will be included in the client’s Day 2 DTC/NSCC Consolidated Net Settlement.

Unfunded Money Market Instruments (MMI) Decisions – With respect to Issue Paying Agents (IPAs), the normal funding decision procedures will be followed even if a Settlement Rollover is enacted before any MMI funding decisions are processed. DTC will perform a refusal to pay and, before the maturing obligations are restored, DTC will inform the IPAs that the obligations will be restored. If an IPA provides approval to restore, DTC will restore MMI decisions by the 5pm cutoff on Day 1. If an IPA does not provide approval to restore, the refusal to pay will not be restored.

Collateral Adjustments – At the end of business Day 1, DTC will perform collateral adjustments to recalculate the collateral value of positions based on new haircut and/or prices for Day 2. These adjustments ensure proper risk controls are in place.

Financial Stability Board (FSB) Questionnaire

The following documents contain the responses of The Depository Trust Company (DTC), National Securities Clearing Corporation (NSCC), and The Fixed Income Clearing Corporation (FICC), (collectively the DTCC Clearing Agencies), to the questionnaire published by the FSB. The questionnaire is entitled, FSB Continuity of Access to FMIs for Firms in Resolution, and is intended to streamline the collection of information to support resolution planning. The responses provided by the DTCC Clearing Agencies are intended to assist members and resolution authorities in their resolution planning. Please note that members of multiple DTCC Clearing Agencies should refer to the questionnaire for each applicable clearing agency, as responses may differ based upon the services provided and rules and procedures covering the clearing agency.

SUBJECT DESCRIPTION SUBSIDIARY DATE
  Continuity of Access to DTC DTC’s Responses to FSB Questionnaire
on the Continuity of Access to FMIs for Firms in Resolution
DTC March 1, 2023
  Continuity of Access to FICC FICC’s Responses to FSB Questionnaire
on the Continuity of Access to FMIs for Firms in Resolution
FICC March 1, 2023
  Continuity of Access to NSCC NSCC’s Responses to FSB Questionnaire
on the Continuity of Access to FMIs for Firms in Resolution
NSCC March 10, 2023

Incident Management & Crisis Response

When an unexpected service disruption or degradation occurs, impacting clients’ ability to perform normal operations, DTCC works to restore service as quickly as possible.

Throughout the process, DTCC provides updates to clients and the industry when:

  • A potential or confirmed service disruption is identified
  • We identify and investigate a potential issue
  • There is a change in status or other incident details

Communicate early and often throughout the incident lifecycle to clients and internal stakeholders

  • Communicate promptly when a potential or confirmed service disruption is identified.

  • If the impact is unknown at the start of an incident, provide an early warning to clients by notifying them that "we are investigating a potential issue."

  • Provide updates every 30 minutes, or sooner if there is a change of status or other incident details.

Utilize multiple channels, including email and MyDTCC System Availability Dashboard

  • Clients must subscribe to "Availability and Incident" Notifications to receive incident communications.

  • Subscriptions are managed in the "Manage Preferences" section in the MyDTCC portal.

  • Instructions on how to subscribe to notifications can be found in MyDTCC Features Guide in the DTCC Learning Center.

Communicate with the industry, as appropriate

  • For high severity technology incidents, further communications will be determined by the executive team based on impact.

Client FAQs

How does the firm test its systems resilience?

A: DTCC's Business Continuity Program oversees operational and technical walkthroughs, tabletops, and simulations, including Disaster Recovery exercises, Work Area Recovery exercises, loss of critical or key third-party service provider exercises, and crisis management tabletops.

What is the firm’s approach to cyber response planning?

A: The firm has worked to assess and enhance its ability to respond and recover from a wide range of events, including those with a large impact on the integrity and availability of data. This approach is built on scenario impact, timely and appropriate communication, as well as a rapid and safe recovery.

What tools does DTCC have in place to ensure continuity of its critical services?

A: Resiliency is first and foremost for DTCC in respect to ensuring business continuity for its critical processes. These tools include automated system health alerting and monitoring, recovery playbooks, cross regional system rotation and failover and fallback capabilities. In the event that a critical process were not able to be resolved in a timely fashion, DTCC has a suite of ad hoc functional capabilities designed to direct the firm and clients to the most optimal outcome, such as Response Capabilities.

How does DTCC plan to restore its business data in the event it was either corrupted or destroyed across multiple regions?

A: In the event of an incident with a large-scale data impact, the firm has developed capabilities to resume services in an efficient and secure manner by restoring business data to an earlier point-in-time. The firm along with client input determined the industry would be best served by reverting to a defined point in time within the same business day, where the data is known to be accurate.

Do clients and other external parties have a role to play in DTCC’s response and recovery from an incident with a large-scale data impact?

A: Such an event could create significant business impacts, including the possibility of discrepancies with clients’ books and records due to corruption or destruction of data. In such scenarios, help from clients will be needed in order to reconcile books and records as well as validate and replay data. In order to prepare for these types of events, DTCC has defined external tools to allow clients to help with this reconciliation and is detailed in DTCC's Disaster Recovery Guide.

Given DTCC’s unique position in the industry, what key assumption(s) has the firm defined in its resumption of service following an impactful event?

A: DTCC’s primary goal is to minimize impact to members in the event of an outage, and with that in mind, the firm established that once settlement has occurred and the day is complete, the position record for that business day is considered final. In order to allow the industry to continue to operate, the firm established a “fall forward” procedure, where any prior settlement day’s activity remains unchanged, and errors would be corrected through adjustments in future settlement cycles.

What is the System Disruption Rule?

A: The System Disruption Rule, first implemented by DTCC in 2021, grants DTCC the authority to take decisive actions in response to external security incidents that could significantly affect its operations. These actions may include disconnecting file connectivity and communications between DTCC and its clients. An update is proposed to incorporate best practices and risk mitigation measures in the event of an external security incident.

What is the review and approval process, and timeline for the filing?

A: DTCC is working through the proposed rule draft with the SEC and expects federal register publication later this year for a public comment period. Timing may vary depending on draft review and feedback cycles. DTCC will post an announcement on dtcc.com when the proposed rule is available for review and comment.

Did DTCC consult with the industry when drafting the filing?

A: Yes, DTCC presented at Securities Industry and Financial Markets Association (SIFMA) committees on Cyber, Resilience, and Red Group (Mid-size institutions).

In addition, we consulted with Financial Services Information Sharing and Analysis Center (FSISAC); Options Clearing Corporation (OCC); CME Group; and others.

Does the rule filing replace existing standards, processes, or procedures that DTCC uses to make decisions about disconnecting-reconnecting a client after a cyber incident?

A: The proposed rule enhances existing standards, processes, and procedures to reflect DTCC’s experience and best practices in response to such incidents. These best practices include process changes and an updated governance framework that DTCC believes will enable a clear, effective, and efficient incident management response that helps mitigate risk to DTCC Systems and the financial industry at large.

Will this rule proposal impact all DTCC businesses?

A: This rule filing applies to DTC, NSCC, FICC (MBSD & GSD), their third-party service providers and service bureaus. Many of the concepts and practices from the final rule will be adapted for other business lines, with modifications tailored to specific entities and jurisdictional requirements.

What will DTCC’s updated processes look like?

A:DTCC’s updated process framework, in the proposed rule, better aligns with the series of events that occurs in connection with an outside security incident that may affect DTCC Systems. The framework focuses on process improvements and governance updates to the three major phases of such incidents:

  1. The security incident notification to DTCC.
  2. DTCC’s authority and response in connection with an outside security incident that may affect DTCC Systems, including potential disconnection from DTCC Systems.
  3. The reconnection process after a disconnection due to an outside security incident that may affect DTCC Systems, including specified documentation, testing, and approval requirements.

Are there more details on the upcoming changes and how they will impact me?

A: DTCC will share the review filing once the SEC publishes the proposed rule changes. In the meantime, please reach out to your relationship manager with any questions.

What are the next steps?

A: DTCC is currently collaborating with clients, regulators, and other industry firms regarding the proposed rule changes. We will continue to notify the industry of any updates.

How can I participate in providing feedback?

A: There will be a comment period coordinated by the SEC. In addition, DTCC will post an announcement on dtcc.com when the proposed rule is available for review and comment. Please contact your relationship manager with any questions.

Resources

Recovery and Resolution Planning Video

This pre-recorded session was led by members of DTCC’s Recovery and Resolution Planning (R&R) team and will provide clients and other external stakeholders with insights into the following topics: Continuity of Access to DTCC Firms in Resolution as well as an overview of the DTCC SIFMU Recovery and Wind-Down Plans. At the conclusion, a panel of representatives from DTCC’s Risk, Treasury, and Legal departments join the R&R Team to address some of the most frequently asked questions concerning these topics.

dtccdotcom