Chief Executive Officer’s Message and Management Discussion and Analysis
From the Board of Directors and Senior Management
Bursa Malaysia • Annual Report 2013
37
By firmly embedding PFMI standards into the risk management framework,
we are reinforcing Malaysia’s reputation as a safe destination for investment
(Malaysia was ranked 4
th
in Investor Protection by the World Bank and the World
Economic Forum). This in turn will help ensure the Exchange is well positioned to
avail itself of the wealth of potential opportunities whilst meeting the challenges
of cross-border trading posed by the ASEAN Trading Link.
An overview of the risk management functions at Bursa Malaysia in accordance
with PFMI standards to manage systemic risk is illustrated below.
upholding market integrity
Bursa Malaysia is duty bound to ensure an orderly and fair market with regard
to the securities and derivatives contracts traded through our facilities, as well
as the securities deposited or lodged with a central depository. We are also duty-
bound to ensure orderly and efficient clearing and settlement arrangements for
any transactions in securities and derivatives contracts cleared or settled through
our facilities. In all that we undertake, we are obliged to act in the public’s best
interest, having particular regard for the need to protect investors.
In 2013, we continued to implement various measures to uphold market integrity
and ensure our markets operate in a fair, orderly and transparent manner. In the
way of enhancing our regulatory framework, we continue to adopt a five-pronged
approach that involves regulatory development, supervision, engagement,
enforcement and stakeholder education. By proactively strengthening these
areas, we are promoting efficiency, growth and transparency within our
marketplace.
ENSURING A SECURE INFRASTRUCTURE
Various policies and controls are in place within the Exchange to uphold
system security and protection of data. These include an IT Security Policy
as well as policies pertaining to email, internet and data confidentiality. Other
initiatives such as restricted physical access to confidential areas as well as
logical access for password and user-IDs too form part of our system and data
protection measures. On top of this, we exercise control over privilege ID to
access systems and change control procedures to manage data changes in
our systems.
We have also implemented a number of cyber-attack mitigation measures.
These security tools to detect and prevent cyber threats serve as added
protection against Distributed Denial of Service (DDOS) attacks and help
strengthen our Internet access vulnerability points. Their ultimate aim is to
prevent business interruptions to Bursa Malaysia’s Internet services as well as
to mitigate loss of critical data and potential downtime or reduced availability
of our critical systems following a cyber-attack.
In 2013, our securities trading system achieved 100% uptime as we switched
over to our new trading engine, BTS2 on 2 December. Similarly for the
Derivatives Market, the Globex trading system achieved 100% uptime for all
our derivatives products.
COMMITTED TO ORDERLY AND EFFICIENT CLEARING,
SETTLEMENT AND DEPOSITORY ARRANGEMENTS
We are committed to meeting the international standards of risk management
as set out in the Principles for Financial Market Infrastructures (PFMI) developed
by the International Organisation of Securities Commissions (IOSCO). These
standards ensure a robust risk management framework that reduces settlement
risk and thereby reinforces the ability of the clearing house to guarantee the
settlement of trades.
Core Function of Risk Management (RM)
Core
RM
Functions
Risk Mitigation/
Policy Development
Risk
Identification
and Assessment
including Stress
Testing
Risk Reviews
Risk Reporting
Risk Monitoring
(KRIs)
In 2013, we further enhanced our risk management capabilities by working on
several fronts to meet the rigorous international risk management standards
for clearing infrastructure set by the IOSCO, particularly in the areas of liquidity
risk framework and Clearing Guarantee Fund adequacy. The SC and the
Malaysian capital market were among the first in the world to be assessed by
the International Monetary Fund and World Bank under these stringent global
standards which included the IOSCO principles, PFMI best practices and an
extensively revised assessment methodology. The final assessment report was
published in March 2013.
The Financial Sector Assessment Programme (FSAP) reported that Bursa
Malaysia Securities Clearing had generally met all of the PFMI standards, with
the exception of Principle Six (Margining) which is still under development.
In relation to Bursa Malaysia Depository, FSAP confirmed that the latter had
observed all of the PFMI principles. Bursa Malaysia Derivatives Clearing (BMDC)
was rated to have observed 17 principles and broadly observed the other four,
while the remaining three principles were not applicable to BMDC.
