CPMI-IOSCO Principles for Financial Market Infrastructures: The Problem with Self-Assessments

This is the third in a series of articles on PFMIs.


Agreed and launched in 2012, the CPMI-IOSCO Principles for Financial Market Infrastructures (‘PFMIs’) require that all central securities depositories (CSDs), central clearing houses (CCPs), payment systems, and trade repositories perform a very detailed self-assessment of how well they observe these global standards. The self-assessments are meant to be published as a matter of enforcing transparency on these systemically critical systems, and also to reassure the markets and public that these national institutions are meeting a consistent set of minimum standards. The PFMIs are one set of the body of standards orchestrated by the Financial Stability Board on behalf of G20 governments.

Given the centrality of infrastructures to the work of Thomas Murray Data Services, the firm’s interest in these Principles was piqued when they were being drafted for public review in 2011. Extensive commentary was sent by analysts in London to the authorities’ multi-national drafting team. Since their implementation, TM has provided regular updates to the CPMI and IOSCO secretariats on the firm’s findings in the field, as well as to the Financial Stability Board. The PFMIs are a central tool for global capital markets regulation, and the perspectives of TM as a neutral analytical firm on their take-up have been proving helpful to regulators and policy-makers.

But public policy is always problematic, the more so for global principles when they are not embedded in national law and enforceable under it.

What is right about the PFMIs?

The PFMIs are a body of 24 standards, ranging from legal basis of an infrastructure to its governance, from business risk management to relations with third-party suppliers, and communications with the public, with much in between. They order comprehensive information that describes the operations of the infrastructure. Each is divided into numerous Key Criteria, which together constitute the level of observance of each Principle. When properly thought through and documented, they are a remarkably useful business tool and means of enabling the professional capital markets public and authorities to understand the business.

Not only does each infrastructure’s management benefit from the organisation of material about itself that is of strategic value, but the whole idea of the PFMIs was to create a comparable and standardised body of information on infrastructures that could be picked up and understood across the world. That is a worthy goal in terms of assuring financial stability, but one which is devalued when ignored, not properly enforced or applied inconsistently.

What is problematic about self-assessments as a valuable management and regulatory tool?

The infrastructure is supposed to give reasoned arguments and evidence of its levels of observance of these Principles, and not just copy and paste parts of the rulebook or internal operating procedures. There are several difficulties in doing so: the 24 PFMIs are qualitative in nature. It is hard to demonstrate conclusively the level of observance when there are no hard numbers or percentages to calculate. Also, having developed in a national environment, infrastructures are diverse and dissimilar to one another, and so there is not always a clear fit with one or more principles.

To bridge this gap, Thomas Murray developed a software tool for infrastructures, enabling them to find themselves relative to these ‘soft’ Principles. For the past several years, the firm’s analysts have assisted infrastructures around the world in this task. When drafting together with the infrastructure’s management team, these advisory engagements in fact turn into sectorial benchmarking and business development exercises for the client. That work continues, because the authorities are looking ever more closely at findings; and also, in this competitive business environment, these infrastructures are keen to watch over their shoulders, perform well, and grow their services.

Thomas Murray’s PFMI modelling solution

When it comes to writing a self-assessment, what is it really that is meant to be explained?

Thomas Murray would say that the result should provide good quality information about each of the Principles, backed at every step in the analysis by logical argumentation and evidence of observing the numerous Key Considerations, and then also a summary for each Principle. Is this happening? It certainly is not in terms of responses, which are too often non-existent, old, or sloppy.

Self-assessments are not neutral; it is difficult to be objective.

The problem of objectivity is aggravated by the question of what “mostly observes” versus “partly observes” actually means. The Principles are meant to be “fully observed,” which is probably easier to determine. In short, how can one demonstrate the level of observance with some sense of rigor?

The solution the firm developed to guide the thinking is a model that deconstructs each of the 24 Principles into its constituent Key Considerations. It requires evidence at each step, in order to determine as best one can qualitatively what the level of observance is. Critically, each Key Consideration is given a weighting, which can be adjusted by the infrastructure according to what makes most sense in its circumstances in giving a clear description of its work. The weightings of the Key Considerations then add up to the entire Principle. In turn, the Principles are given weightings to give a summary overall level of observance of the PFMIs. The objective is to combine real evidence of work with a numerical weighted basis, in order to give meaning and rigor to the exercise.


A law, rule, or even a standard is meant to have effect. That is self-evident, but perhaps less immediately appreciated is the difficulty of enforcing global principles or norms as written by expert committees under the supervision and ongoing review of the Financial Stability Board. They are almost nowhere local; [1]they are everywhere aspirations for best practice. Aspirations are not necessarily translated into local law and regulation.

The Principles do, however, carry the full weight and backing of the G20/Financial Stability Board – in financial affairs, that gives them significant political heft. Governments can choose to ignore them, however; and even some G20 member countries have downplayed them, not published, and have gotten late with first versions and updates. This is all the more regrettable because the Principles are well written; and, in fact, in their totality they represent an excellent business checklist well worth senior management time. But infrastructures remain largely unknown entities, even to market professionals, and the PFMIs are even less a familiar part of public policy discourse.

And yet, given the shock of the Global Financial Crisis and the value the PFMIs have in terms of supporting national financial systems, this time the authorities have put some resources into verifying the implementation of what was hard-won public policy. Teams of central bankers and capital markets authorities travel to third countries to perform on-the-ground inspections. Many of the results are published, the idea being to prod this work along. The limitation here is that the joint World Bank-IMF teams monitoring the PFMIs have rolled this validation programme into their pre-existing Financial Stability Assessment Programmes (FSAP) which typically visit markets around every five years, and cover a wide range of systemic issues with a multitude of market actors As such, they are unable to devote significant time to checking the validity and quality of self-assessments and are reliant on the review and sign-off of local regulators


After coming into effect in 2012, the first PFMIs were to be produced by 2014, and updated every two years afterwards. This June, Thomas Murray checked its universe of 104 marketplaces, and found or queried directly every infrastructure operating in each. These findings were posted on the firm’s website in June, and they will be updated quarterly.

Overall in June 2017, for the 104 marketplaces the firm covers in its reviews, including the G20 countries, 173 self-assessments were completed by 2014, 12 were completed since, 32 were in progress, 23 were not completed, and for 115 the firm remains without any information despite contacting these entities.

The problems with the PFMIs include even their basic take-up. Some infrastructures are now years behind with their first self-assessment report, let alone the updates that should have been published in between. With such significant gaps, there is no advancing towards a holistic, global view of clearing and settlement risk post-trade, and this very useful strategic exercise will not come close to fulfilling its potential information value or risk minimization goals.


Given the role of market infrastructures in national financial life, these remaining gaps are enormous – publication alone does not indicate anything about the quality of the report, the evidence presented, or the level of observance of these Principles. Precautionary measures to shore up these businesses are therefore bound to fall short.

From the experience of this firm, which uses PFMIs as an information element in its market risk monitoring programmes for clients, the quality of published self-assessments is highly variable. This is not an easy point for officials watching over implementation and performing spot checks can easily call out for evident diplomatic reasons.

Thomas Murray is preparing a webinar on its model and the results obtained, to be broadcast this November.


[1] They became local when transcribed into European Union law in the form of EMIR (the European Markets Infrastructure Regulation) and CSDR (Central Securities Depository Regulation).  That sense of becoming local and so directly enforceable is a rarity on this topic.


The author, Thomas Krantz, is Senior Advisor, Capital markets, in the firm of Thomas Murray; and served as Secretary General of the World Federation of Exchanges (2000-2012). The views expressed are his own, and not necessarily those of the firm.

Tags: CPMI-IOSCOG20Principles for Financial Markets InfrastructuresPFMIself assessmentsCentral Securities DepositoriesCSDCentral CounterpartyCCPTrade RepositoriesTRsecurities settlement systemsSSSpayment systemsPSFMIpost-trade risk managementinfrastructure risk assessmentscentral bank payments systems