2.6 Technical Matters and Risk Management Controls
A Member shall comply with such technical, operational, information technology, security, risk management and other requirements or restrictions as specified in this Rule 2.6 or as prescribed by the Exchange from time to time.
2.6.2 Controlling Access
A Member shall have security arrangements in place to ensure that unauthorised persons are denied access to the Markets.
2.6.2A Adequacy of Systems
A Member must ensure that its systems and connections to the Markets operate properly, and have adequate and scalable capacity to accommodate trading volume levels.
Refer to Regulatory Notice 2.6.2A.
2.6.3 Risk Management and Financial Controls(1) A corporate Member is required to have written policies and procedures on risk management controls and demonstrate compliance in the following areas:(a) monitoring the credit risks arising from the acceptance of all orders on at least a daily basis;(b) monitoring all account activity on an intraday basis;(c) ensuring that:(i) automated pre-execution risk management control checks are conducted on all orders, including credit control checks on all orders;(ii) there are appropriate internal controls for the setting and modification of any parameters of such automated pre-execution risk management control checks;**Refer to Practice Note 2.6.3(1)(c).(d) having "error-prevention alerts" to bring attention to possible erroneous entries of quantity, price and other data fields;^
^ Refer to Practice Note 2.6.3(1)(d).(e) defining and managing the Member's sources of liquidity to ensure that there are sufficient liquidity facilities to meet increased settlement obligations;(f) limiting the impact of significant market movements through the use of tools such as cash flow projection, stress testing or position limits; and(g) maintaining a strict separation between the credit control, trading, dealing and marketing departments so as to ensure independence and mitigate the risks and consequences of conflicts of interests.#
#Refer to Practice Note 2.6.3(1)(g).(2) A Member referred to in Rule 2.6.3(1) must have automated processes in place to monitor at the firm level if the Member is at risk of breaching capital and financial requirements and prudential limits on exposures to a single Customer and a single Contract, so as to restrict trading activity or inject additional capital if necessary.
Refer to Practice Note 2.6.3(2).
2.6.4 Audit Trails and Records
A Member is required to:—(a) maintain complete and accurate records and audit trails to evidence compliance with this Rules, and in accordance with the requirements in this Rules and;(i) for a General Trading Member that holds a licence specified in Rule 2.4.1(b), in accordance with the requirements of the Relevant Regulatory Authority. The Trading Member shall immediately notify the Exchange on any changes to such requirements. Notwithstanding the foregoing, the Exchange shall have the discretion to prescribe additional requirements; and(ii) for other Members, in accordance with the requirements of the Act;(b) not make, or cause to be made, a false or misleading entry, in hardcopy, or electronic form, in any books, records, slips, documents, statements relating to the business, affairs, transactions, conditions, assets or accounts ("the Documents") of a Member;(c) make all material entries in any of the Documents;(d) not alter or destroy any of the Documents without a valid reason; and(e) make records available to the Exchange at such time as the Exchange requires.
Refer to Regulatory Notice 2.6.4.
2.6.5 Accounting and Book-keeping
A corporate Member shall comply with such accounting, reporting and book-keeping requirements as prescribed by the Exchange from time to time.
2.6.6 Business Continuity Requirements
The following requirements apply:(a) a Member must assess its business and operational risks and maintain adequate business continuity arrangements.(b) a Member must document its business continuity arrangements in a business continuity plan.(c) a Member's senior management shall be responsible for the Member's business continuity plan. Sufficient awareness of the risks, mitigating measures and state of readiness must be demonstrated by way of an attestation to the Member's Board of Directors. A General Trading Member that holds a licence specified in Rule 2.4.1(b) shall comply with such requirements established by the Relevant Regulatory Authority, if any, and principles of good business practice in relation to this subparagraph.(d) a Member must review and test its business continuity plan regularly.(e) a Member must appoint emergency contact persons, and furnish the contact information of such persons to the Exchange. The Member's emergency contact persons must be contactable at all times, and must immediately notify the Exchange in the event of emergencies.