- Global Custody Pro
- Posts
- Operational Risk Management in the US and Canada
Operational Risk Management in the US and Canada
Examples to help understand operational risk management in the global custody industry
Operational risk management in North American custody operations focuses on protecting client assets and ensuring smooth processing within the U.S. and Canadian markets. For a major custodian handling American pension funds, mutual funds, and insurance companies, even minor operational issues can have significant impacts. For instance, a processing delay during the U.S. T+1 settlement cycle could result in failed trades worth millions of dollars and trigger SEC reporting requirements.
Settlement processing in North American markets presents unique operational risks. Consider a custodian handling thousands of trades for a large mutual fund family during index rebalancing periods. When the S&P 500 adds or removes companies, many funds need to adjust their holdings simultaneously. A system issue during these high-volume periods could prevent hundreds of trades from settling on time, leading to financing costs and potential SEC compliance issues. Good operational risk management includes having extra processing capacity and backup systems ready for these predictable high-volume events.
Corporate actions in North American markets require careful attention. Take the example of a complex corporate action like Tesla's stock split in 2022. A custodian managing shares for hundreds of institutional clients needs to properly process the split, ensure all client accounts receive the correct number of new shares, and handle any fractional share disposals. To manage this risk, custodians implement multiple verification steps and use automated systems to reconcile pre- and post-split positions.
Tax operations for North American securities have their own complexities. Consider the processing of Qualified Dividend Income (QDI) for mutual fund clients. If a custodian incorrectly flags dividends as non-qualified when they should be qualified, it could result in clients paying higher tax rates than necessary. Good operational risk management includes maintaining detailed databases of dividend tax classifications and regular audits of tax reporting systems.
Technology risk is particularly important when dealing with North American regulatory reporting requirements. For example, when processing Form PF reports for hedge fund clients, a system error in calculating regulatory assets under management (RAUM) could lead to incorrect filings with the SEC. Custodians manage this through rigorous testing of regulatory reporting systems and multiple layers of data validation.
Process risk often involves managing complex chains of events in American depositary receipt (ADR) programs. For instance, when handling an ADR conversion for a Canadian stock, coordination is needed between the depositary bank, the Canadian depository (CDS), and various internal departments. A breakdown in this process could lead to failed conversions or incorrect fee calculations.
External events affecting North American markets require careful planning. When the NYSE had to suddenly switch to electronic trading during the COVID-19 pandemic, custodians had to quickly adjust their trading and settlement processes. Good risk management meant having business continuity plans that could handle completely electronic trading environments and remote work arrangements.
Fraud prevention focuses heavily on protecting against increasingly sophisticated cyber threats targeting U.S. financial institutions. For example, custodians must guard against fraudulent ACH or Fedwire transfer requests that appear to come from legitimate clients. This is managed through multi-factor authentication, callback procedures for unusual requests, and sophisticated fraud detection systems.
People risk is crucial in specialized areas like SEC regulatory reporting. If a custodian's expert in SEC 13F filings leaves unexpectedly, it could affect reporting for all investment manager clients. Good risk management includes maintaining detailed procedures, cross-training staff on regulatory requirements, and having relationships with specialized consulting firms for backup support.
Regulatory risk has become more complex with evolving SEC and Canadian securities regulations. For instance, when the SEC implemented its Regulation Best Interest (Reg BI), custodians had to update their processes for handling retail customer accounts and create new compliance reporting procedures. Getting these processes wrong could lead to significant penalties.
Vendor risk is particularly important when dealing with key market infrastructure providers like the DTCC or Canadian CDS. If a major market utility experiences problems, it could affect all settlement processing. Custodians manage this by maintaining multiple connectivity options and having contingency plans for extended outages.
Communication risk often involves managing time-sensitive information during U.S. market hours. For example, when handling a tender offer for a NYSE-listed stock, client instructions need to be processed and submitted before strict market deadlines. Custodians manage this through automated notification systems and clear escalation procedures for urgent matters.
Documentation requirements follow SEC and Canadian recordkeeping rules. For instance, custodians must maintain detailed records of all client instructions and transactions for at least six years, with the first two years in an easily accessible place. This requires robust document management systems and clear retention policies aligned with regulatory requirements.
Change management becomes critical when adapting to new market practices. For example, the transition to T+1 settlement in U.S. markets requires custodians to completely redesign their settlement processing workflows. This involves extensive testing, client communication, and coordination with market utilities to ensure smooth implementation.