Home | Databases | WorldLII | Search | Feedback New Zealand Securities Commission

Request for approval of Austraclear NZ's proposed electronic registry interface under section 7 of the Securities Transfer Act - Consultative document [2008] NZSecCom 7 (1 September 2008)

Last Updated: 14 November 2014

Ref: 210-060 / #100507

Consultation on request for approval of Austraclear NZ’s proposed electronic registry interface under section 7 of the Securities Transfer Act

1 September 2008

Background

1. The Securities Commission (the “Commission”) seeks comments on a request from the Reserve Bank of New Zealand (the “Reserve Bank”) for the approval of a proposed electronic registry interface for the Austraclear New Zealand System (“Austraclear NZ”) as an electronic securities transfer system under section 7 of the Securities Transfer Act

1991 (the “Act”).

2. Pursuant to section 7 of the Act, the Governor-General may from time to time, on the advice of the Minister of Commerce given in accordance with a recommendation of the Commission, by Order in Council, approve a system or systems that is or are wholly or partly electronic for the transfer of securities.

3. The effect of such an approval is that the registration of securities transferred by an approved electronic transfer system may not be refused on the grounds that the securities have been electronically transferred or that they have not been transferred by other means.

4. The Commission may not make a recommendation under section 7 of the Act unless it has done everything reasonably possible to consult with such persons and organisations as the Commission considers will be substantially affected by any approval pursuant to that section, and those persons or organisations have had the opportunity to comment.

5. Comments should be sent to the Commission by 5.30pm Friday 26 September 2008.

Email: peter.nielsen@seccom.govt.nz

Post: Securities Commission

PO Box 1179

Wellington

Attn: Peter Nielsen

Facsimile: (04) 472 8076

6. The remainder of this consultation paper includes:

a. a brief description of Austraclear NZ and the part of the system to which an approval under section 7 of the Act would apply;

b. an overview of relevant policy considerations and the Commission’s preliminary analysis of those matters;

c. an appendix containing a paper prepared by the Reserve Bank in support of its request entitled ESAS Austraclear NZ – Electronic Registry Interface which provides an overview of Austraclear NZ and the proposed electronic transfer system.

7. The Commission also refers interested parties to information on Austraclear NZ on the Reserve Bank’s website (see http://www.rbnz.govt.nz/payment/austraclear/), particularly the Austraclear New Zealand System Rules and the Austraclear New Zealand Operating Guidelines.

Austraclear NZ

8. Austraclear NZ is a payment and securities settlement system operated by the Reserve Bank. Securities are held in Austraclear by New Zealand Central Securities Depository Limited (“NZCSD”), a wholly-owned limited-purpose subsidiary of the Reserve Bank, as custodian trustee. The Reserve Bank, which is the system operator, acts as managing trustee for the benefit of respective Austraclear NZ members.

9. A securities transfer is effected in Austraclear NZ by book entry across members’ accounts which transfers the beneficial title to the securities between members (legal title remaining with NZCSD). Both parties to a transaction must electronically enter and authorise the transaction for a transfer to occur. However, because a transfer of beneficial ownership of securities in Austraclear NZ between members does not involve any transfer of legal title (i.e. a change of holder on the relevant register), such transfers are not a matter for approval under Securities Transfer Act.

10. To get securities into Austraclear NZ (i.e. to lodge securities) legal title to the securities must be transferred to NZCSD. In addition to being able to lodge their own securities, an Austraclear NZ member can also directly lodge a third party’s securities into the system. Where a third party’s securities are directly lodged into the system, the member lodging the securities is treated as the sole beneficial owner of the securities, and there is no reference within Austraclear NZ to that third party.

11. To get securities out of Austraclear NZ (i.e. to uplift securities) a member must instruct NZCSD to transfer legal title to the securities back to the member or as otherwise directed.

12. Generally, to lodge or uplift securities an Austraclear NZ member and NZCSD must currently deliver a completed paper transfer form to the relevant registry. At each stage of the process, in addition to having to manually handle the paper transfer form, the transfer is processed through manual data entries. An exception to this is that securities that can be transferred through the NZX’s FASTER system can also currently be lodged or uplifted electronically through that system.

13. Currently a transfer form for lodging securities is signed by the Austraclear NZ member, or by the member and by or on behalf of the legal owner where the transfer is from a third party, while a transfer form for uplifting securities is signed by NZCSD on the instruction of the member (i.e. in each case the transfer form is signed by or on behalf of the transferor only).

14. Under the proposed electronic transfer system the member will give only electronic instructions to lodge and uplift securities. Once that instruction has been given, the process for completing and registering the transfer will be fully electronic and automated. That process does involve a transfer of legal title, so the Reserve Bank is seeking approval under section 7 of the Act for the proposed electronic transfer system for lodging and uplifting securities.

15. All securities holders other than NZX FASTER Participants with “owned accounts” have a confidential registry-allocated security holder identification number (FIN) which must be included (as applicable) on the paper transfer form to lodge securities under the existing system. Under the proposed electronic system that number will remain confidential since it will be encrypted on screen entry and will not be displayed nor stored within Austraclear NZ.

16. Under the proposed electronic system, an Austraclear NZ member will lodge or uplift securities by selecting the security holder from a drop down list established by the member. The relevant details for each security holder (other than the FIN, as applicable) will be preloaded and so will not need to be separately entered for each individual transaction. Changes to that list will require two levels of authorisation by the member.

17. The proposed electronic system may also allow direct entry of the relevant details on a one-off basis in respect of securities holders who require a FIN.

18. Members connect electronically to Austraclear NZ through either:

a. SWIFT, a private international messaging network for financial transactions;

b. the private ESAS-Austraclear network; or c. the internet.

19. Messaging is encrypted and both a member and a personal user log-on are required to access Austraclear NZ. Passwords are required to be complex and accounts are disabled after a set number of invalid log-on attempts. For internet connections, members are also required to provide authentication using special purpose RSA SecurID cards (i.e. two- factor authentication). The system also performs a cross-check for each log-on to ensure that the log-on is from the member’s own network or using that member’s RSA SecurID card. In this regard the system allocates a unique identifier confidential to the system to identify each member’s network and each RSA SecurID card. This means that an Austraclear NZ member can only log-on from its own network or using its own RSA SecurID card (i.e. a valid member logon cannot be used from another member’s network or using another member’s SecurID card).

20. Members will also control which users have access to the lodge and uplift functionality.

21. Austraclear NZ connects with the two main registries (Link Market Services and

Computershare) through the private ESAS-Austraclear network.

22. The Reserve Bank as system operator, NZCSD, and Austraclear NZ members are bound by the Austraclear NZ Rules (the “Rules”) which include:

a. provisions relating to membership – for example there are basic fit and proper requirements applying to applicants (see Rule 3.1.2), the Austraclear NZ membership application pack includes an anti money laundering questionnaire, and the system operator has an unfettered discretion to determine whether or not to accept any application for membership (see Rule 3.1.4);

b. member warranties and indemnities regarding title to and rights to transfer securities (see Rules 9.4 and 21.6), and

c. Operating Guidelines (in a stand alone document) setting out the processes for lodging, transferring, and uplifting securities.

23. The Rules may be changed at any time by the system operator (currently the Reserve Bank) in accordance with the process set out in the Rules. Rule changes do not require the consent of members, however, in practice members are consulted about proposed material rule changes. All rule changes must be notified to each member of the system.

24. Austraclear NZ also has a User Advisory Committee (established pursuant to Rule 23).

The purposes and functions of the Committee, and the system operator’s obligations in respect of the Committee, are set out in Schedule A to the Rules. In practice, all changes to the system, to the Rules and to the operating guidelines are tabled at a meeting of the User Advisory Committee before being taken to the wider membership.

25. Accountability within the Reserve Bank for Austraclear NZ, including Rule changes, rests with the Assistant Governor and Head of Operations and, ultimately, with the Governor.

Policy Considerations and Preliminary Analysis

26. An approval under section 7 of the Act gives an electronic transfer system and its participants certainty regarding the registration of electronic securities transfers. As such, an approval under section 7 facilitates the introduction and acceptance of an electronic transfer system.

27. Our preliminary thinking is that there are clear benefits that would flow from Austraclear NZ’s proposed electronic registry interface. It will enable the interface between participants and the system, and between the system and the registries to be automated, which presents significant opportunities to make securities transfer processes quicker, more efficient, and less error prone.

28. A key countervailing consideration is whether a proposed electronic transfer system exposes securities holders or issuers to any greater risk of unauthorised or mistaken transfers than under the existing paper-based system. This is discussed in more detail below.

29. A further consideration is whether, if there is an unauthorised or mistaken transfer, securities holders or issuers are any worse off, in terms of being able to establish what occurred and in seeking to remedy matters, by virtue of the transfer having been electronic rather than paper-based. In that regard the Commission notes that the Reserve Bank states in its description of the proposed electronic transfer system that the new system will provide an extensive audit trail.

30. If there is any increase in risk then, in addition to balancing that cost against the anticipated benefits of the proposed electronic transfer system, it may also be relevant to consider:

a. the extent to which any increase in risk is borne by those external to the system,

b. if any increase in risk is borne by those external to the system, the extent to which the system manages that risk and/or expressly allocates that risk back to the system and/or its participants (i.e. those receiving the direct benefit of the system), and

c. to the extent that any increase in risk is borne by the system and/or its participants, whether they are well placed to identify and manage any such increase.

31. Other relevant considerations include the control of automation risk, and controls around the setting and changing of relevant system rules.

The risk of unauthorised or mistaken transfers

32. The Commission notes that, because an Austraclear NZ member can lodge a third party’s securities into the system and can also uplift securities directly to a third party, the risk of unauthorised or mistaken transfers is not only borne by Austraclear NZ members themselves, but potentially also by securities holders more generally (i.e. including those who are not members of Austraclear NZ) and issuers. While this functionality is not being introduced by the proposed electronic registry interface, it is a point to bear in mind in framing the issues and considering the consequences.

33. The Commission also notes that securities lodged in Austraclear NZ are already dematerialised and it is just the transfer instructions and processes that are becoming electronic. Dematerialisation removes physical possession of unique security certificates as a key factor in managing the risk of unauthorised or mistaken transfer. Dematerialisation therefore gives rise to a number of issues concerning the allocation and management of risk arising from no longer being able to physically possess security certificates. In comparison, paper transfer forms are not unique and so do not perform the same function as physical security certificates. As such, the range of issues concerning Austraclear NZ’s proposed electronic registry interface is narrower than what might be the case if the proposed electronic transfer system also involved introducing the dematerialisation of securities.

34. Unauthorised transfers into or out of Austraclear NZ could in theory result from:

a. the actions of an Austraclear NZ member itself in respect of someone else’s securities, or

b. the actions of staff of an Austraclear NZ member, or an unrelated party holding themselves out as the Austraclear NZ member, in respect of either the member’s own or someone else’s securities.

Unauthorised transfers into Austraclear NZ by a member

35. Our preliminary thinking is that the proposed electronic registry interface does not increase the risk of an Austraclear NZ member intentionally (as opposed to mistakenly) lodging securities into Austraclear NZ without being authorised to do so by the securities holder. The reasons for that are as follows:

a. While the existing paper-based process requires a signed transfer form, the paper form is more of a formality than a security measure since:

i. registries do not hold specimen signatures against which to verify signed transfer forms, and

ii. Austraclear NZ does not have any connection with securities holders more generally or issuers, so is in no position to verify transfer forms purportedly signed by or on behalf of non-members.

b. As such, removing the need for a signed transfer form will not increase the risk of an Austraclear NZ member intentionally (as opposed to mistakenly) transferring securities into Austraclear NZ without being authorised to do so by the securities holder.

c. The main security measures for preventing unauthorised transfer in both the paper-based and electronic transfer processes is in securities holders keeping FINs secure, and in the system operator having and administering appropriate fit and proper requirements as part of the access criteria for becoming an Austraclear NZ member.

d. A third party security holder can request a change of FIN in conjunction with withdrawing an Austraclear NZ member’s authority to deal on their behalf.

e. For securities holders who do not have FINs the risk of an Austraclear NZ member intentionally lodging securities into Austraclear NZ without being authorised to do so by the securities holder is no greater under the electronic system than under the paper-based system. We note there is more control in this respect under the proposed electronic system since a third party who does not have a FIN must be pre-loaded onto the system, which requires additional levels of authorisation (as opposed to simply completing a paper form).

36. The proposed electronic transfer system may increase the risk of an Austraclear NZ member mistakenly lodging securities into Austraclear NZ without being authorised to do so by the securities holder since the process will involve fewer steps and there may be less opportunity to discover or halt an unauthorised transfer. In practice, it is very unlikely that an Austraclear NZ member would mistakenly lodge an unknown third party’s securities where a FIN is required since it would be unlikely to have access to or inadvertently enter the required identification numbers. Preloading a third party’s details

to then select in each instance from a drop-down list would make the risk of mistakenly lodging an unknown third party’s securities even more remote. For one-off direct entries the risk is no different under the electronic system than under the paper-based system.

37. Where the Austraclear NZ member is lodging third party securities by selecting from a drop down list, as opposed to manually entering the details each time, it is potentially easier to select the wrong person. If a FIN is required, the third party selected still needs to match up with a manually entered FIN for the transaction to occur. As such, the risk of mistakenly lodging a known third party’s securities would not seem to be any greater under the proposed electronic process than under the paper-based process where a FIN is required, but is potentially greater if no FIN is required.

38. We note that an Austraclear NZ member can itself easily rectify mistakenly lodging a third party’s securities because it retains control over the securities. Also, securities holders who do not have FINs are likely to be monitoring their holdings regularly enough to promptly identify any mistaken transfer and seek to have it remedied.

39. Our preliminary thinking is therefore that, while the proposed electronic registry interface may expose third party securities holders or issuers to some increased risk of an Austraclear NZ member mistakenly lodging securities into the system, that increase is either negligible (especially as regards unknown third parties) or the consequences are such that the risks and costs would be outweighed by the benefits of the proposed electronic transfer system.

Unauthorised transfers out of Austraclear NZ by a member

40. Our preliminary thinking is that the proposed electronic registry interface does not increase the risk of an Austraclear NZ member intentionally uplifting securities from Austraclear NZ without being authorised to do so. The reasons for that are:

a. Each Austraclear NZ member is entitled to uplift securities held on its account in Austraclear NZ so there is no issue concerning an Austraclear NZ member’s authority to uplift securities held on its own account.

b. An Austraclear NZ member cannot hold itself out as another member and uplift securities into their own or a third party’s name because each member’s log-on only works from its own network or in conjunction with its own RSA SecurID cards (and each network’s and each RSA SecurID card’s identification within Austraclear NZ is confidential to the system operator).

c. Having to deliver a paper transfer form for the depository (i.e. the transferor) to sign does not add any extra security to that process and, if anything, the proposed electronic interface would seem to improve security around the uplift of securities.

Unauthorised transfers by staff of a member

41. Our preliminary thinking is that the proposed electronic registry interface does not increase the risk of staff of an Austraclear NZ member intentionally (as opposed to mistakenly) lodging securities into Austraclear NZ without being authorised to do so. The reason for that is under the proposed electronic system each Austraclear NZ member will control who has user access and which users have access to the lodge an uplift

functionality, with the user login details being personal and only known to each authorised user. In contrast, under the existing paper based system, the apparent control for lodging securities is the signature of an authorised signatory on a transfer form. However, that form does not actually act as a control because the signatures are not validated.

42. For a staff member or unrelated third party to benefit from an unauthorised transfer, securities need to be uplifted from Austraclear NZ. As discussed above, because the existing paper-based transfer form to uplift securities is not signed by the Austraclear NZ member, removing the need for that form does not seem to result in any increased risk of unauthorised uplifts. If anything the new electronic processes would seem to reduce the risk of unauthorised uplifts because a user log-on is confidential to the user.

Unauthorised transfers by an unrelated third party

43. Our preliminary thinking is that under the proposed electronic registry interface it will be more difficult for third parties to compromise the process. First, the process will be more automatic so there is less opportunity for the process to be physically compromised. Secondly, there are more controls around submitting instructions electronically.

44. However, any compromise of an electronic process would potentially be on a greater scale than under the paper-based system. System security therefore becomes even more important. As discussed below under “Control of automation risks”, there are a number of system features that address security issues and Austraclear NZ members should be well placed to assess any such issues and seek to have them addressed by the system operator.

45. The Commission also notes that the interests of Austraclear NZ members are aligned with the interests of securities holders who are not members, and issuers, regarding unauthorised transfers by staff of a member or by an unrelated third party. As such, the interests of non-members should be adequately addressed by any steps members take in this regard to protect their own interests.

Operational mistake

46. Our preliminary thinking is that overall the proposed electronic registry interface is designed to make the process for lodging and uplifting securities more automatic which will reduce the number of points in the process at which operational mistakes could occur.

47. It is also relevant to consider the consequences of a mistake:

a. If securities are lodged by mistake or uplifted by mistake into the members’ own name, the Austraclear NZ member can itself rectify the mistake since it retains control over the securities. The proposed electronic transfer system does not affect that position. We also note that if a member is able to rectify a mistaken transfer it will be able to do so more readily under the proposed electronic system.

b. If a member uplifts securities directly into a third party’s name over whose holding it has no authority to deal, it cannot directly rectify the mistake since it no longer has control over the securities. The risk of that is arguably greater with an

electronic transfer system than with the paper-based system because the electronic transaction is completed more quickly. There is therefore less opportunity to identify a mistake before the transaction is completed.

c. However, the Commission notes that it is optional to use this functionality, the consequences of a mistaken transfer are borne by the member itself (who is therefore appropriately incentivised to manage the risk), and as wholesale financial markets participants Austraclear NZ members can be expected to have appropriate controls in place if they do elect to use that functionality.

Control of automation risks

48. In consultations relating to previous applications under section 7 of the Securities Transfer Act the Commission has also specifically sought comments on the control of automation risks, including:

a. security to prevent unauthorised access and misuse of data;

b. capacity planning to deal with sudden increases in demand;

c. contingency systems to ensure continuous service in the event of system failure, natural disaster or intentional malicious act; and

d. independent technical reviews to confirm that the system performs and continues to perform as intended.

49. As noted on previous occasions, the Commission is not qualified to analyse a system’s adequacy in this respect. However, it is necessary for us to form a view based on the information available and comments made as a result of this consultation. We would therefore particularly welcome any comments on these matters in relation to Austraclear NZ’s proposed electronic registry interface.

50. In terms of security issues, the Commission notes that it is in the system operator’s and members’ interests to ensure that Austraclear NZ is secure. Austraclear NZ’s security measures include:

a. encryption on Austraclear NZ’s messaging networks,

b. two-factor authentication being required for members connecting through the internet, and

c. a member log-on only working from a network or RSA SecurID card that the system recognises as being that member’s network or RSA SecurID card.

51. As regards capacity, it would seem that the electronic registry interface will easily cope with demand peaks. Peak volumes are in the order of 2 to 3 requests per minute, with up to several hundred per day, whereas the capacity of the proposed electronic system will be in excess of a hundred requests per minute.

52. After processing a request the proposed electronic system will check for queued instructions and process them on a first-in-first-out basis. If there are no queued

instructions the system will go to sleep until invoked. Once an instruction has been accepted for processing, because the proposed electronic system is automated and does not require manual data entry by the system operator or registries, lodges and uplifts will be processed more quickly than under the existing paper-based system. The turnaround for lodges and uplifts will be reduced from the current 1 hour plus, to less than 5 minutes

– the time depending on registry processes and the sleep-wake cycles of registry and Austraclear NZ systems (which will be able to be adjusted to ensure optimal performance and throughput).

53. The Commission’s understanding is that that the Reserve Bank has extensive business continuity planning in relation to Austraclear NZ. In particular, the Commission notes that Austraclear NZ has two identical processing systems – one located in Wellington and the other in Auckland. The two systems are continuously live and synchronised, with one system being designated “production” at any point in time. The location of the “production” system is alternated between the Wellington and Auckland systems every few weeks and can be switched immediately (within 15 minutes) if required.

54. As regard independent technical reviews, Rule 19 of the Austraclear NZ Rules requires the system to be independently audited on a quarterly basis (the most recent independent auditor’s report is available on the Austraclear page of the Reserve Bank’s website at http://www.rbnz.govt.nz/payment/austraclear/index.html under the heading “Operational Information”).

55. More generally, the Commission notes that as electronic systems become the norm, the control of automation risks is increasingly factored into system design and operating practice as a result of user demand, regulatory requirements, and benchmarking to international best practice. Also, as wholesale financial markets participants, our expectation is that Austraclear NZ members should be well placed to assess any such risks and seek to have them addressed by the system operator.

56. As such, our preliminary thinking is that there is likely to be appropriate control of automation risks in relation to Austraclear NZ’s proposed electronic registry interface.

The system rules

57. The Commission is also interested in there being an appropriate level of control around the setting and changing of relevant system rules.

58. The Commission notes that the Austraclear NZ Rules are subject to internal controls at the Reserve Bank under the oversight of senior management. We also note that, in practice, proposed rule changes are first discussed with the User Advisory Committee. As such, there appears to be an appropriate level of control over the Rules themselves, including the rules setting out the processes for lodging, transferring, and uplifting securities, the rules and processes relating to membership of Austraclear NZ, and the rules relating to system audits.

Comments sought

59. The Commission is interested in receiving comments on its preliminary analysis and, in particular, is interested in submitters’ views on the following questions:

a. What do you see as the benefits of Austraclear’s NZ’s proposed electronic registry interface?

b. What do you see as the risks and costs associated with Austraclear’s NZ’s proposed electronic registry interface?

c. Are the risks appropriately allocated and adequately managed?

d. Do the benefits of Austraclear’s NZ’s proposed electronic registry interface outweigh the risks and costs?

e. Are there any reasons why you think the Commission should not make a recommendation that Austraclear NZ’s proposed electronic registry interface be approved under section 7 of the Securities Transfer Act?

60. We are also interested in whether there are other any matters which submitters think should be taken into account. Please note that the Commission is seeking comments only on Austraclear NZ’s application under section 7 of the Securities Transfer Act and not on broader issues relating to the structure and regulation of settlement systems in New Zealand.

61. As noted above, comments should be sent to the Commission by 5.30 pm on Friday

26 September 2008.

Appendix

Reserve Bank paper entitled ESAS Austraclear NZ – Electronic Registry Interface

_{ESAS Austraclear NZ}

_{Electronic Registry Interface}

Ref #3201845 v3.4

Introduction

This paper has been prepared¹ for the Securities Commission of New Zealand and provides a general description of an enhancement to the ESAS-Austraclear NZ system that will enable Austraclear NZ members to electronically transfer securities into (lodge) or out of (uplift) New Zealand Central Securities Depository Limited (NZCSD), a custodian fully owned by the RBNZ.

The following areas are discussed:

^{• Overview of the ESAS-Austraclear NZ System and Operation including:}

^{• Background}

^{• Infrastructure}

^{• Ownership}

^{• Membership}

^{• Governance}

• Overview of the ESAS-Austraclear NZ settlement environment

• Overview of the proposed Electronic Transfer System

¹ Donna McDiarmid and Kevin Jamieson.

1.0 Overview: ESAS-Austraclear NZ System and Operation

Background

• A brief overview of ESAS-Austraclear².

The ESAS-Austraclear New Zealand system (ESAS-Austraclear NZ) consists of

two logically separate real-time settlement applications – ESAS and Austraclear. Physically the applications co-exist on one computer, sharing physical and application resources.

(a) ESAS

ESAS is the Reserve Bank of New Zealand’s Exchange Settlement Account

System. ESAS has been in operation since March 1998 and is part of the implementation of the New Zealand Real-Time Gross Settlement (RTGS) environment. The ESAS system is owned and operated by the Reserve

Bank of New Zealand.

There are two interfaces that connect to ESAS; the Austraclear NZ system, which is used for processing securities and funds transfers, and the ESAS/SWIFT interface, which carries instructions into ESAS from the Same Day Cleared Payment service (SCP) which is used by banks for high-value cash transactions.

The terms and conditions of the Exchange Settlement Account are governed by a contract entered into by the Reserve Bank of New Zealand and the Accountholder – this contract is referred to as the Exchange Settlement Account Terms and Conditions.

RTGS makes the New Zealand financial system more robust by processing and completing large payments, transaction by transaction throughout the day, and posting these irrevocably to banks accounts at the Reserve Bank before value is credited/debited to customers. ESAS members (Accountholders - all of whom are currently registered banks) utilise SWIFT to route settlement transactions to ESAS. On an average day 6000-7000

SWIFT transactions, with an approximate value of NZ$35 billion are being settled on ESAS.

(b) Austraclear

The Austraclear NZ system provides depository and settlement services for wholesale financial markets. The system is a real-time service for clearing and settlement of high-value transactions involving debt securities and

equities, and also for cash transfers.

The Reserve Bank has operated the Austraclear system since June 1990³ under a formal contractual agreement with Austraclear Limited. Software support and maintenance services for the Austraclear NZ and ESAS

systems are provided by Datacom Systems (Wellington) Limited⁴.

During 2006-2007 the Austraclear NZ system underwent a significant technology upgrade, extending support for the system until at least 2010, and possibly out to 2015.

² _{A full description of the ESAS and Austraclear systems can be found at http://www.rbnz.govt.nz/payment/}

³ The Reserve Bank of NZ currently has the operating licence for the Austraclear NZ system until 2015. The licence is owned by Austraclear Limited, a company owned by the Australian Securities Exchange (ASX).

⁴ Datacom have provided support services since late 2002.

• ESAS-Austraclear Infrastructure

The ESAS-Austraclear system runs on a single server, with two identical ESAS- Austraclear systems housed at two processing centres – one at the RBNZ building in Wellington and the other at a facilities management site in Auckland. This configuration is shown in diagram 1 below.

Diagram 1 ESAS-Austraclear NZ System and Network Structure.

Both sites and systems are continually live and synchronized, with one system being designated “production” at any point in time. The location of the production system operation is alternated between Wellington and Auckland every few weeks or switched immediately (within 15 minutes) if required.

The ESAS-Austraclear system utilises open system and/or International Standard protocols wherever possible to simplify and reduce the costs of member connections and access, as well as application use and financial market integration. A key component in this design strategy is to encourage members to implement fully automated Straight Through Processing (STP) environments

based on SWIFT⁵ messaging (ISO15022).

Members must install the client ESAS-Austraclear code (a free java runtime application) on their PC, and can then access Austraclear using either:

(a) The Internet, or

(b) The private ESAS-Austraclear network (router access using Telecom’s One- Office).

Alternatively members can use direct access to Austraclear (application-to- application) from their own systems using SWIFTNET to route traffic to the

Austraclear-SWIFT Interface.

Members accessing ESAS-Austraclear via the Internet or Router access utilise Secure Sockets Layer (SSL) technology to encrypt traffic from the member’s PC to the ESAS-Austraclear server – this is in addition to the underlying network encryption. Members accessing the system via the Internet are also required to provide network authentication using RSA SecurID token cards.

To maximise availability and reliability, the connection from each ESAS-Austraclear processing infrastructure i.e. Internet, Telecom’s One-Office, or SWIFTNET, uses multiple connections and service providers.

⁵ SWIFT – Society for Worldwide Inter-bank Financial Telecommunication

• Austraclear Ownership, Membership and Governance

Ownership

The Austraclear NZ system is operated by the RBNZ (System Operator) under licence from Austraclear Limited, an operating subsidiary of SFE Corporation Limited⁶. The Reserve Bank licence enables it to operate the system until 2015.

Governance and Oversight

The Reserve Bank has both an oversight and operational role in the NZ payment system. The operational activities include the operation of ESAS (including the ESAS/SWIFT interface), and Austraclear NZ, where it acts as the System

Operator. For the Austraclear NZ system, the rights and obligations of members to

each other and the rights and obligations of the Reserve Bank of New Zealand are governed by a mutual contract entered into by all members – this contract is

known as the Austraclear Rules⁷.

In addition, the Austraclear New Zealand Operating Guidelines are published by the System Operator from time to time and set out the day-to-day administration, operating times, system functions and processes for the System Operator and Members.

To promote good governance of Austraclear, as well as ensuring Members can contribute to the effectiveness, viability and strategic direction of the system there is an Austraclear User’ Advisory Committee⁸ elected by the membership. In addition,

Members are consulted on and advised of any decisions affecting the operation of the systems, and Austraclear NZ User Group meetings are held six monthly.

In both its oversight and operational roles, the Bank utilises internationally recognised standards for payment and security settlement systems, in particular:

^{• Core Principles for Systemically Important Payment Systems – issued by}

the Committee on Payment and Settlement Systems (CPSS), and

^{• Recommendations for securities settlement systems – issued jointly by}

CPSS and the International Organisation of Securities Commissions

(IOSCO).

The Bank’s payment system oversight role is closely related to its role of promoting the maintenance of a sound and efficient financial system⁹. These overlap significantly with the CPSS Core Principles, and these are used by the Bank to guide its thinking and policy stance on new initiatives and enhancements in

payment systems. Compliance with the Core Principles is fully discussed in the RBNZ Bulletin¹⁰ article “Recent developments in the payment system”, as well as “Outcomes of the Financial Sector Assessment Programme for New Zealand”.¹¹

For both ESAS and Austraclear NZ, there are clear structures and accountabilities in place, reporting to the Assistant Governor of the Bank. System performance is closely monitored and regular external audits conducted.

Membership

Any institution (domestic or foreign) can apply to the Reserve Bank for membership of the Austraclear NZ system. The membership application process and requirements, as well as the rights and obligations of Members, are detailed in the Austraclear Rules (in particular rule 3). Membership application forms and fee

⁶ _{The SFE Corporation Limited merged with the Australian Stock Exchange (ASX) in July 2006.}

⁷ _{Link to the Austraclear Rules - http://www.rbnz.govt.nz/payment/austraclear/3109962.pdf}

⁸ _{The User Advisory Committee consists of 7 elected members, representing 5 classes of membership.}

⁹ The Bank’s principle oversight objectives have been in place for many years. This information is fully discussed in the RBNZ Bulletin volume 66 No 1, article “Recent developments in the payment system”.

¹⁰ _{Volume 66 No1, Alison Stinson and Michael Wolyncewicz.}

¹¹ Michael Gordon, Financial Stability Department, RBNZ – article link www.imf.org/external/pubs/ft/scr/2004/cr04126.pdf.

structures (membership, transactions, set charges) are detailed on the RBNZ web site.

The Austraclear NZ system has three types of membership:

(i) Full Member – access to full system functionality.

(ii) Associate Member – has limited access to system functionality.

^{• Only one branch is allowed.}

^{• Are unable to transact directly with another Associate Member.}

^{• Are not allowed any security sub-accounts.}

(iii) Nominated Trust.

^{• A Nominated Trust member operates as a branch of a full}

member.

^{• The setup on Austraclear gives legal protection to the assets of}

the Nominated Trust Member.

^{• The membership is only available to entities established under}

the New Zealand Trustees Act 1956.

As at December 2007, there were 64 full members, 48 associate and 96 nominated trust members, with the membership list being published on the Bank’s website¹².

• The Austraclear New Zealand System Operation

The Austraclear NZ system is a real-time service for clearing and settlement of

high-value (wholesale) transactions involving debt securities and equities, and also for cash transfers.

Each Austraclear Member has a security account(s) on the system which records the securities held by the Member and available to the Member for settlement transactions. Members are first required to “lodge” securities into their security account on the Austraclear system, which requires the transfer of ownership of the security into the name of New Zealand Central Securities Depository Limited (NZCSD) on the respective registry. NZCSD then becomes the legal owner of the securities on the register and holds the securities on behalf of the member, the beneficial owner. The securities are therefore “immobilized” in NZCSD (the depository) which acts as a bare trustee.

The RBNZ as system operator is the managing trustee and has appointed NZCSD

as the custodian trustee under Section 50 of the Trustee Act 1956, in respect of the securities lodged in the system.

The rights and obligations relating to lodgement and holding of securities into NZCSD and the uplifting of securities from NZCSD are covered in the Austraclear Rules (in particular rule 9 and rule 14), with the procedures for lodgement and uplifting advised in the Operating Guidelines.

The inventory of securities held in the depository is approximately NZ$92 billion, with a settlement volume of 800-1200 transactions per day representing a turn- over of approximately NZ$8 billion.

The Austraclear system offers Delivery versus Payment (DVP) RTGS for the following securities:

^{• Registered Certificates of Deposit.}

^{• Bonds and Treasury Bills.}

^{• Registered Notes.}

^{• Equities.}

It also provides transfer of securities between Members, as well as cash transfers. Austraclear Members are able to settle securities transactions either by entering

^{the settlement instruction into the system directly (on-line), or submitting the}

¹² Membership list - http://www.rbnz.govt.nz/payment/austraclear/0107384.html

settlement instruction via SWIFT. Both sides (parties) must enter and authorise the settlement. The system will then match the transaction (if possible) and then on the settlement date, it will attempt to settle the transaction providing:

(i) The seller has beneficial ownership of the security within NZCSD,

(ii) The buyer has sufficient funds or unutilised limits in their commercial bank account record on the Austraclear system.

If both these requirements are met then a payment request is sent to ESAS. Once completed, ESAS confirms payment to Austraclear NZ and Austraclear settles the transaction irrevocably – with the security and cash records being updated simultaneously.

2.0 Overview: Proposed Electronic Transfer System

2.1 Background

All securities settled in Austraclear must be transferred (lodged) into NZCSD before they can be settled in the Austraclear NZ system, requiring a transfer of ownership of the security from the beneficial owner to NZCSD on the respective registry and the entry of the relevant information in Austraclear. Alternatively a security must be transferred (uplifted) out of NZCSD before the member can settle the security outside of Austraclear, requiring an update to the relevant Austraclear information and a transfer of ownership of the security from NZCSD to the beneficial owner on the respective registry.

On average, there are 400 security transfers in to and out of NZCSD each day, each requiring an associated “lodge” or “uplift” transactions to be processed within Austraclear. These 400 transactions must also be completed either through the NZX FASTER system or directly with the Registrar of the relevant security (non-FASTER), to complete the ownership change of the security (in to or out of NZCSD’s name).

These security transfer transactions are completed via: (a) Manual data entry,

(b) Completion of paper transfer forms, and

(c) Communication via fax, email or telephone.

Because this process is largely manual and paper based, it is relatively inefficient, prone to error, extremely time consuming, and is frustrating for Members, the registries, the system operator and the financial markets. Currently the time to complete a lodge or uplift transaction in Austraclear and for completion of the associated security transfer on the relevant registry is one hour, but can often take longer depending on processing at the registry. This delay causes issues for members as the security is immobilised in Austraclear until the security transfer is

completed. In addition, the delay also limits the amount of time available for members to complete settlements linked to the relevant security.

To address the inefficiencies, issues and costs associated with the current process used for transferring securities directly between NZCSD and the various registries i.e. non-FASTER transferable, it is proposed to implement an electronic security transfer system between Austraclear and the relevant registries in New Zealand. This electronic transfer system will replace the current manual processes with a completely electronic process for non-FASTER transferable securities.

The new electronic process will capture all the relevant transfer information entered by the Member in Austraclear for the relevant lodge or uplift, format that information into a SWIFT message and then send that message to the relevant registry in New Zealand over the existing ESAS-Austraclear NZ network (requiring the registrar to be a member of the Austraclear NZ system). While the new electronic transfer system

will effectively just replace the current manual paper based process (although it will be

possible to revert to the current process at any time), it does offer many advantages and improvements:

^{• The electronic transfer function will only be capable of being invoked from}

within the Austraclear system. Since system access requires a valid

company and user logon, and user access to the actual transfer functionality (granted by the Members system administrator), the new system will provide greater control over the transfer itself as well as providing an extensive audit trail.

^{• The message transfer will take place over the secure ESAS-Austraclear NZ}

network, with the actual messages being sent between systems using

Secure File Transfer Protocol (which utilise SSH technology). This transfer mechanism will therefore be much more secure and robust than the current manual process.

^{• The electronic transfer message will only be sent from the Austraclear}

system to the respective registry if all the required transfer information is

entered in Austraclear by the authorised user. The information that a Member will be required to enter will be at least equivalent to that currently entered on the manual transfer form. Further, the system will undertake

multiple validation checks on the data as it is entered and prior to the

security transfer message being sent. The electronic transfer system will therefore enhance the accuracy and integrity of the data relating to the security transfer request.

^{• The new system will reduce the turnaround time for both lodges and uplifts}

from the current 1 hour (plus) to less than 5 minutes, drastically reducing

the time that the security is immobilized within the Austraclear system.

^{• The new system will process each transfer (lodge or uplift) separately, with}

each request being individually formatted into a SWIFT message for

transfer and processing. Each message transferred between the Austraclear system and each registry system will be uniquely identified, with all systems being able to identify the status of all messages sent and received at any point in time.

^{• Austraclear members will have greater visibility as to the status of their}

lodge/uplift transactions, with the status being updated in Austraclear in real

time.

2.2 Process Flow: Manual vs. Electronic

2.2.1 Lodge of Securities into NZCSD on the Register:

The diagram below illustrates the current process whereby a security is lodged into the name of NZCSD on the Registry with no FASTER interaction.

Those tasks detailed in blue are the aspects of this process that we propose to automate.

Those tasks detailed in red are the aspects of this process that we propose to remove entirely.

_REGISTRY

3. NZCSD faxes paper transfer form to the Registry.

4. The Security is transferred into the name of NZCSD at the Registry via manual data entry.

5. Change of ownership is confirmed by the Registry via manual screen enquiry or via fax.

_NZCSD

1. Austraclear member manually inputs data into Austraclear to lodge a security into the name of NZCSD.

2. A paper transfer form is also completed and faxed to NZCSD.

6. NZCSD confirms the lodge in Austraclear via manual data entry.

AUSTRACLEAR MEMBER

2.2.2 Uplift of Securities from NZCSD on the Register:

The diagram below illustrates the current process whereby a security is uplifted out of the name of NZCSD on the Registry with no FASTER interaction.

Those tasks detailed in blue are the aspects of this process that we propose to automate.

Those tasks detailed in red are the aspects of this process that we propose to remove entirely.

_REGISTRY

3. NZCSD faxes paper transfer form to the Registry.

4. The Security is transferred out of the name of NZCSD at the Registry via manual data entry.

5. Change of ownership is confirmed by the Registry via manual screen enquiry or via fax.

_NZCSD

1. Austraclear member manually inputs data into Austraclear to uplift a security out of the name of NZCSD.

2. A paper transfer form is also completed and faxed to NZCSD.

6. NZCSD confirms the uplift in Austraclear via manual data entry.

AUSTRACLEAR MEMBER

2.3 Transaction Transmission

The existing Austraclear transaction input screen will be redesigned to accommodate information previously contained within the paper transfer form.

The Austraclear member will input all mandatory information and submit the transaction.

Upon submission, the data for each lodge/uplift transaction will be formatted into a separate SWIFT compliant message file and transmitted electronically to the Registry.

This transmission will be completed using Secure File Transfer Protocol (SFTP) which uses the security provided by SSH (Secure Shell).

When the file is pushed to the Registry, a response will be received immediately to recognise failure or acknowledge successful receipt of the transaction.

Assuming the file transfer has been successful, the transaction will be uploaded into the Registry system and a response, in the form of a SWIFT compliant message file, will be returned to Austraclear. This response will be transmitted using the same protocol and algorithm and will confirm either a successful transfer or detail the reason for transfer failure.

Upon receipt of the Registry response, Austraclear will upload the file and the transaction process will be auto-completed.

2.4 Transaction Identification

Each eligible lodge/uplift transaction , when submitted within Austraclear will be given a Unique Transaction Identifier (UTI).

This UTI will be used throughout the transmission process (i.e. within the files sent by both Austraclear and the Registry system) and will serve the following purposes:

ƒ Provide a definitive identification/reference for the electronic transmission

process

ƒ Provide a definitive reference in the event of transaction or transmission failure

ƒ Provide a definitive identifier within the transaction upload process

Transactions will be retained and stored on both the Austraclear and the Registry systems so that they meet or exceed the relevant legal requirements.

2.5 Transaction Failure

Full alert notifications and access to view the transactions ‘below the surface’ via existing functionality will be utilised to inform RBNZ and/or Registry staff of potential issues and assist in the issue diagnosis.

There are several potential points of failure in the file transmission process:

ƒ File fails to leave RBNZ

ƒ File leaves RBNZ but does not arrive at the Registry

ƒ Files leaves RBNZ, arrives at the Registry but is not processed.

_{ƒ File leaves Registry but does not arrive at RBNZ}^∗

ƒ Files leaves Registry, arrives at RBNZ but is not processed

ƒ File is sent twice by either RBNZ or Registry*

These points of failure will be rectified by one of the following:

ƒ Mechanism to auto-resend a failed file transmission

ƒ Ability to manually force a transaction through the secure channel

^∗ In these scenarios the legal ownership has changed as per the transfer/request form.

ƒ Ability to manually confirm the successful transfer as per Step 6 in the above diagrams

ƒ Application support calls to the Austraclear system vendors to view/repair

transmission protocol errors

ƒ Ability to revert to the previous manual processes in the event of a complete

loss of the file transmission protocol.

It will be the responsibility of Austraclear staff to ensure that all transactions are complete at the end of each day and this will be built into current operating procedures.