A central securities depository that has established a link with an external central securities depository as contemplated in Regulation 6, must—
(a) | have rules and procedures that mitigate the risk relating to a conflict of laws by clearly stating the Act and other applicable legislation promulgated in the Republic is applicable to the securities services provided under the Act; |
(b) | have processes that identify, assess, monitor and manage all reasonable risks that could arise from the link, including legal, operational, and custody risks; |
(c) | not offer any credit extensions to the external central securities depository; |
(d) | assess and monitor the operational reliability of any link it intends to open with an external central securities depository; |
(e) | ensure that it and the external central securities depository have adequate rules, processes and procedures in place for the management of reasonable custody, default and liquidity risks; |
(f) | ensure that it has adequate systems in place to ensure effective communication with the external central securities depository so that the link does not pose significant operational risk to the external central securities depository; |
(g) | ensure that it and the external central securities depository apply robust reconciliation procedures for ensuring the accuracy and integrity of their records or holdings; |
(h) | ensure that it and the external central securities depository have adequate processes and procedures for the segregation of assets, and protection of assets in the event of their insolvency or default; |
(i) | ensure that provisional transfer of securities is prohibited; |
(j) | where it establishes links with multiple external central securities depositories, ensure that the risks generated in the link do not affect the soundness of the other links; |
(k) | ensure that there is sufficient and regular exchange of information between itself and the external central securities depository to ensure it is able to perform effective periodic assessments of the operational risk associated with the link; |
(l) | ensure that its risk management arrangements and processing capacity are sufficiently scalable and reliable to operate the link safely for both its current and projected peak volumes of activity over the link; and |
(m) | obtain adequate information on the business continuity plans including disaster recovery plans as well as the plans for orderly wind-up or recovery of the external central securities depository. |