The Risk
Central Securities Depositories (CSDs) are the central mechanisms for holding and transferring securities in every market in the world. In many cases they are bastions of stability and strengthen a financial market, but they can also pose significant risks to the financial system.
The Solution
Thomas Murray provides intraday monitoring and risk assessments of 140+ CSDs globally. We enable banks and other groups exposed to CSDs to understand the risks they pose, benchmark them against other markets and against best practices globally.
Our analysts are experts in CSD risk, including:
Asset Commitment
Liquidity
Counterparty
Asset Safety
Asset Servicing
Financial
Operational
Governance and Transparency
Thomas Murray scores every CSD
According to a CSDs capabilities, its operational infrastructure and its willingness and ability to protect participants and their clients from losses.
There are two primary use-cases for these assessments:
- Proprietary: where direct and indirect users of a CSD access the assessments for their own use, and they are not published publicly. Users of a CSD include Custody Banks, Broker Dealers, and Institutional Investors.
- Public: where a CSD commissions a rating on itself and makes it publicly available.
In addition to CSD Risk Assessments, Thomas Murray provides Cyber Security Ratings and ESG assessments of every CSD globally.
We safeguard clients and their communities
Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”
ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."
Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
Insights
Why 72 hours is the New Standard for M&A Cyber Due Diligence
A decade ago, cyber due diligence sat somewhere between “nice to have” and “we’ll deal with it post-close.” That world no longer exists.
Thomas Murray Launches Digital Asset Market Information (DAMI)
Thomas Murray, a global leader in risk management, due diligence, and cybersecurity services, is proud to announce the launch of Digital Asset Market Information (DAMI).
Solving the "Scale Paradox": How to Automate Portfolio Oversight with Fewer People
In 2026, private equity technical teams are facing a "Scale Paradox": portfolios are growing in complexity, while in the internal teams responsible for operations and cybersecurity oversight, headcounts remain stagnant.
How Private Equity Hackers Choose Their Targets
Private equity firms sit at the intersection of high-value financial transactions, sensitive deal data, and an expanding portfolio of technology heavy portfolio companies – and it’s this combination that makes PE an attractive target for cyberthreat actors.
Contact an expert
