CCP.A represents an important part of the Austrian financial market infrastructure and therefore it has implemented a comprehensive risk management framework including measures for mitigating operational risks
- by preventive actions on the one hand as well as
- by planning and testing of business contingency actions on the other hand.
The operational risk management involves the management of risks resulting from IT, external events, internal processes and human resources.
CCP.A has defined measures which enable critical functions to recover within two hours, with backup systems ideally starting processing immediately after an incident. Furthermore, it is ensured with very high probability that no data will be permanently lost.
To minimise the negative impact on business processes, if a risk materialises, and ensure a minimum level of critical functions a business continuity management, according to Art. 26 and 34 of EMIR and Articles 17 – 23 of RTS 153/2013, is established, implemented, maintained and tested on regular basis. The business continuity measures aim to ensure
- the preservation of CCP.A’s core functions,
- the timely recovery of operations and
- the fulfilment of its obligations.
In order to guarantee the economic existence of the organization even after incurring serious damage, CCP.A takes preventive measures to reduce the damage from or probability of occurrence of operational risks including minimum requirements on clearing systems, clearing operations, IT workplaces, information security as well as internal controls.