How to Make the Most of Your SFTR Reprieve
With the move of the Securities Financing Transactions Regulation (SFTR) go-live to July 2020, firms now have additional time to prepare. Having extensive experience of EMIR, MIFID II across a range of topics including MiFID II RTS 6, Citihub Digital have provided a guide to those actions that we consider most critical to improving a firm’s go-live capability for SFTR reporting.
Perform more bilateral testing with your most frequent counterparts
Conducting further SFTR testing of internal systems and external vendors such as IHS Markit / Pirum or Trax / EquiLend will be a good use of the time. However, Citihub would specifically recommend performing comprehensive bilateral testing with counterparts. This means agreeing specific trades and trade economics between yourself and your trading counterparty and entering those trades as mirror images in a coordinated manner.
Like EMIR, SFTR introduces specific pairing and matching functionality based on a shared Unique Transaction ID (UTI). However, with many firms relying on third-party vendors to assign UTIs for much of their trading activity, if trades between counterparties cannot be paired, unpaired trades without a pre-existing UTI will not be sent to a Trade Repository. This could result in significant under-reporting at go-live. Testing unilaterally (e.g. simply checking that messages pass internal or external validation checks) will not test this important change to market practices and could lead to a false sense of success.
To address this, organising and co-operating on test cases with your most frequently used counterparts will ensure pairing and UTI sharing are working as expected. It will enable both sides to also perform full life cycle tests on trades in a coordinated fashion.
Test with production-like data and production volumes
Lessons learnt from EMIR and MiFID II indicate that even though many firms make go-live; not enough consider the impact to BAU teams for trade and lifecycle event exception management. Testing (ideally bilaterally) with production-like volumes will give firms an early indication into likely exception volumes and causes. Understanding this ahead of time will enable changes to required control frameworks and processes, resulting in improvements to the quality of go-live results. Volume testing is notoriously challenging and is typically why non-functional testing is not performed as well as other areas but this extra time could be usefully spent in this way.
Learn the vendor systems
For many firms, new vendor systems and processes may have been introduced to support SFTR. Citihub recommends using the extra time to allow operations teams and those teams performing control functions to become familiar with new screens, functions and reports that will soon become vital to managing SFTR exceptions in the production environment. Firms should not rely on the fact of getting trades to third-party vendors as an indicator of success for go-live.
Testing predominantly uses expected scenarios to ensure they are processed correctly. Having additional time does allow an opportunity to consider edge cases and failure scenarios that might not have been possible without the added time the SFTR extension provides. Successful pairing and matching of trades with a particular counterparty do not remove the obligation of a trading firm to provide complete and accurate reporting of all eligible trades. In this situation, with extra time, expending effort on some “what-if?” cases could yield benefits post the early days of go-live. Items to plan for in this extended window could include understanding manual fall-back procedures for example if external telecoms lines fail and understanding & documenting the escalation path with your critical vendors if there are service failures.
Update the control framework
Even though firms had years to prepare for SFTR, it is likely there will still be some level of disruption on go-live. There will likely be lower levels of pairing and matching than firms would expect. This is especially so if firms have not engaged in quality bilateral testing, which this SFTR reprieve could allow firms to perform. To mitigate some of these risks, Citihub recommends taking some time to revisit control frameworks. One of the most important areas is to spend some of the additional time to understand responsibilities under the new SFTR operating model. This can mean simply being clear who is monitoring controls and who is actioning the resolution of control breaks. Documenting the specifics of this will prevent control breaks falling into a resolution void.
With the SFTR delay, firms could expand current plans all the way to the new go-live date. Citihub recommends that firms be more targeted with this extra time to focus on bilateral testing, use of production like data and volumes and putting some effort into readying control frameworks and scenario planning. These should all improve the quality of a firm’s SFTR go-live experience.
NYU partnered with Citihub to offer a course on public cloud security technologies
Citihub was recently added as an industry partner to New York University’s (NYU Tandon) Cyber Security program. Exclusive to NYU Cyber...
Ian Tivey & Jim Oulton Named Technical Directors
Ian Tivey and Jim Oulton have been promoted to Technical Directors, a role reserved for senior leaders in Citihub who provide...
In the press
Using a ‘Three Lines of Defense’ Program to Balance Development Stakeholder Needs
Using the NIST three layers of defence as a framework, Citihub’s Glen Notman outlines how to leverage agile development capabilities and underpin them...
In the press
The Balancing Act
In this podcast, we will go into the details of how the “technical” automation-for-speed perspective is shifting to a “business-centric” perspective...
Life (and work) in the time of Corona
Less than two months after starting his job at Citihub, Senior Consultant Luis Carrazana, together with the rest of New York,...
In the press
Role of Security in a Digital First Enterprise
Join Citihub’s Glen Notman as he injects practical insights on how to enable security practices in a digital enterprise.
In the press
Compliance Challenges in a Lockdown World
The ongoing coronavirus crisis has changed business norms around the world, but as organisations struggle to come to terms with large-scale...
In the press
Institutionalizing DevSecOps in the Large Enterprise
Citihub’s Chris Zanelli, joined by several industry peers, will discuss topics across DevOps & DevSecOps, Enterprise Compliance as Code, Cloud Compliance...
Military Veterans are Welcome at Citihub Digital
This Memorial Day, when the rest of the United States of America will pay tribute to the military personnel who have...