Joint Communication 2 of 2023: Margin Requirements Model Application Suite

1 JOINT COMMUNICATION 2 OF 2023 Margin requirements for non-centrally cleared over the counter derivative transactions-Model Application Suite1

1. PURPOSE The purpose of this communication is to: 1.1. communicate the availability of an updated application suite for use in applications to the Financial Sector Conduct Authority (FSCA) and the Prudential Authority (PA) (hereafter collectively referred to as the Authorities) in accordance with Section 4.6 and Section 6(5)(e) of Joint Standard 2 of 2020: Margin requirements for non-centrally cleared over the counter derivative transactions2 (Joint Standard); and 1.2. confirm that the Appendices to this Joint Communication replace the application forms in Joint Communication 4 of 20213 .
2. UPDATED APPLICATION SUITE FOR USE IN APPLICATIONS TO THE AUTHORITIES 2.1 Section 4.6 and Section 6(5)(e) of the Joint Standard require all providers4 that intend to apply for the use of the quantitative portfolio margin model (QPMM) for the computation of initial margin requirements and/or the risk-sensitive quantitative model-based haircut approach (RQMHA) for the computation of collateral haircuts, respectively, to submit an application to the Authorities for approval. 1 For use in applications to the Financial Sector Conduct Authority (FSCA) and the Prudential Authority (PA) are hereafter collectively referred to as the Authorities 2 https://www.resbank.co.za/en/home/publications/publication-detail-pages/prudential-authority/PA-financial￾sector-regulation/sector-regulation-joint-standards/2020/9975 3 https://www.resbank.co.za/en/home/publications/publication-detail-pages/prudential-authority/pa-financial￾market-infrastructure/market-infrastructure-joint-standards/2021/Joint-Communication-4-of-2021-Margin￾Requirement-Implementation-Suite 4 Provider has the meaning ascribed to it in the Joint Standard

2 2.2 The Authorities hereby inform all providers of the availability of the revised application suite for purposes of an application for the use of the QPMM and/or RQMHA in Appendices A to D. 2.3 The application window opens on 1 August 2023 and will remain open until further notice. 2.4 Table 1 below sets out the structure of the appendices. Table 1: Appendices structure Appendix Description A Application questionnaire for the QPMM and RQMHA B Structural model governance questionnaire C Approval process requirements D Minimum standards for independent assurance providers 2.5 Notwithstanding the information presented set out in Appendices A to D, providers are encouraged to apply themselves rigorously, interrogate the complete Joint Standard and submit any additional information to strengthen their applications. 2.6 The information provided in application submissions needs to demonstrate that the highest standards of rigour have been applied during the provider’s developmental, and application compilation and governance processes. Finally, providers are strongly encouraged to employ the full extent of their resources, capability, and governance to ensure that the requirements of the Joint Standard are comprehensively addressed. 2.7 Should providers foresee any challenges in providing the requisite information set out in this application suite or the Joint Standard, it remains incumbent upon such providers to engage with the Authorities thereon in an expeditious manner. Accordingly, all requests for further engagement and information may be submitted to the PA Market Risk Division (marginrequirements@resbank.co.za) and the FSCA OTC Markets and Issuers Department (queries.otc@fcsa.co.za), with the relevant PA front-line division copied, where applicable. This application suite is available on the websites of the Authorities at www.fsca.co.za and www.resbank.co.za. Unathi Kamlana Fundi Tshazibana Commissioner Chief Executive Officer FINANCIAL SECTOR CONDUCT AUTHORITY PRUDENTIAL AUTHORITY DATE: 29.06.2023 DATE:

3 APPENDIX A – APPLICATION QUESTIONNAIRE FOR THE QPMM AND RQMHA INSTRUCTIONS FOR COMPLETING APPLICATIONS This is a generic application suite applicable to both the QPMM and the RQMHA, for which an application for each model must be managed independently. The specific requirements of the QPMM and the RQMHA model applications are set out in section 4.6 and section 6(5)(e) of the Joint Standard, respectively. Furthermore, applicants must refer to Appendix C for the requisite approval process for application submissions. The provider should ensure appropriate member(s) of senior management are assigned as application agent(s) to ensure that the necessary information and consequential dependencies set out in this application suite are comprehensively addressed and managed. In this regard, the application agent(s) should construct and maintain an Application Completeness Register to reflect that all requisite processes have been completed and all the necessary information requested has been provided. The Application Completeness Register must be approved by the provider’s board of directors and consequently submitted as part of the overall application to the Authorities. The application submission must be based on the information set out in Table 1 above. INTRODUCTORY DETAILS Please provide the following details.

1. Institution name
2. Contact person’s name
3. Email address
4. Name of the model being applied for SECTION 1: MODEL DESCRIPTION AND DEVELOPMENT Provide the following information with respect to the model development. 1.1. Explain the model choice and development process. Where the model was developed by a third party, kindly provide all relevant details with respect to the third party, including any service-level agreements. 1.2. Complete documentation set for the model development (irrespective of the model being internally developed or sourced from a third party).

4 1.3. A detailed account and submission of all relevant documentary evidence demonstrating compliance with the requirements of section 4.6 or section 6(5)(e) of the Joint Standard, respectively, as applicable. SECTION 2: MODEL IMPLEMENTATION Provide the following information with respect to the model implementation. 2.1. Describe in detail the set of all operationalised systems, processes, and associated data flows with respect to the model implementation. SECTION 3: MODEL GOVERNANCE - MODEL VALIDATION AND APPROVAL Provide the following information with respect to the model validation and approval as described in Appendix C-Stage 1. 3.1. Model validation documentation. 3.2. Proof of the approval of the model at the relevant model governance committee/s within the organisation (the minutes signed by the designated chair of the respective committee/s will be accepted as proof of approval). SECTION 4: MODEL GOVERNANCE – MODEL VALIDATION ASSURANCE AND APPROVAL Provide the following information with respect to the independent assurance assessment of the model validation, and an associated approval as described in Appendix C-Stage 1. 4.1. Provide the independent assurance assessment documentation of the model validation described in 3.1 above. 4.2. Proof of the approval of the independent assurance assessment at the relevant assurance/audit committee/s within the organisation (the minutes signed by the designated chair of the respective committee/s will be accepted as proof of approval). SECTION 5: APPLICATION GOVERNANCE - APPLICATION APPROVALS Provide the following information with respect to the application and associated approval as described in Appendix C-Stage 2. 5.1. A detailed submission of all relevant documentary evidence demonstrating compliance with the requirements of section 4.6 or 6(5)(e) of the Joint Standard, as applicable for the respective model.

5 5.2. Proof of the approval of the application at the relevant risk (and capital) committee/s within the organisation (the minutes signed by the designated chair of the respective committee/s will be accepted as proof of approval). SECTION 6: APPLICATION GOVERNANCE - APPLICATION ASSURANCE AND APPROVAL Provide the following information with respect to the independent assurance assessment of the application, and an associated approval as described in Appendix C-Stage 2. 6.1. Provide the independent assurance assessment of the validity and completeness of the application submission described in 5.1 above. 6.2. Proof of the approval of the independent assurance assessment at the relevant assurance/audit committee/s within the organisation (the minutes signed by the designated chair of the respective committee/s will be accepted as proof of approval). SECTION 7: BOARD APPROVAL 7.1. Proof of the approval and resolution of the application by the provider’s board of directors as depicted in Appendix C-Stage 3.

6 APPENDIX B-STRUCTURAL MODEL GOVERNANCE QUESTIONNAIRE SECTION 1: MODEL GOVERNANCE FRAMEWORK Provide the following information with respect to the full model governance value chain (model development, model validation, model risk, and model implementation across model inputs, calibration, methodology and outputs) in the provider’s organisation. Please highlight any simplifying assumptions in your response. 1.1. The roles and responsibilities, policies, procedures, and process documentation. 1.2. An outline of the segregation of duties. 1.3. The controls, processes, procedures, and governance related to updates/modifications to approved models and the documentation thereof. 1.4. A description of the processes in place for the continual assessment of your organisation’s models, with respect to their relevance and appropriateness for intended uses. 1.5. Demonstrate how your organisation ensures that sufficient relevant capacity and capabilities (resource expertise and skills etc.) are allocated and maintained across the full model governance value chain. 1.6. Demonstrate any staff training interventions across the full model governance value chain. 1.7. Any supplementary information.

7 APPENDIX C: APPROVAL PROCESS REQUIREMENTS This appendix describes the approval process for the final submission to the Authorities. In this regard, the Authorities may request purpose-specific engagements with a provider’s board of directors, senior management, and independent assurance/audit function while assessing the relevant submissions. The approval process described in this appendix is illustrated in Figure 1 below. Each stage and set of constituent steps (where applicable) must be completed sequentially. An adverse outcome in one stage may influence the decision to proceed to the next stage. STAGE 1: DUAL MODEL GOVERNANCE With respect to model governance, for both the QPMM and the RQMHA (as applicable), the provider must submit a comprehensive model validation assessment, an independent assurance assessment of the model validation and associated approvals from its highest committees responsible for model governance and independent assurance/audit (collectively referred to as dual model governance), respectively. The model governance and independent assurance/audit committees may convene simultaneously, yet independently (joint sittings will not be permitted). This dual model governance stage must be completed before entry into the dual application governance stage noted below. STAGE 2: DUAL APPLICATION GOVERNANCE All application submissions must be accompanied by an associated independent assurance/audit assessment and approval from a provider’s highest committees responsible for the oversight of risk (and capital), and assurance/audit (hereafter, collectively referred to as dual application governance), respectively. The submissions to the relevant committees in the dual application governance stage must include the outcome of the preceding dual model governance stage. The risk (and capital) and independent assurance/audit committees may convene simultaneously, yet independently (joint sittings will not be permitted). This dual application governance stage must be completed before entry into the board approval stage noted below. STAGE 3: BOARD APPROVAL The results of the dual model governance stage and dual application governance stage must be submitted to the provider’s board of directors to facilitate the final approval process for submission of the overall application (including the Application Completeness Register) to the Authorities. If any of the application and/or model governance components present concerns, the provider’s board of directors must exercise its judgement in terms of withholding the final submission to the Authorities to ensure the remediation of any material deficiencies. A joint sitting of the board and other committees noted in this application suite will not be permitted.

8 Figure 1: Approval process illustration

9 APPENDIX D: MINIMUM STANDARDS FOR INDEPENDENT ASSURANCE PROVIDERS For the purposes of completing the application(s) as described in this Joint Communication, a limited assurance engagement must be conducted. Applicants may leverage their internal assurance/audit providers to complete all relevant assurance assessments. Should a provider deem that it has insufficient capacity, capability, and competence to conduct such assurance/audit assessments, it may appoint a suitably qualified external independent assurance provider (IAP). The conditions on the scope of assurance and the use of internal or external assurance providers may be revised at a later stage. Table 2 below sets out the minimum standards for independent assurance providers across application and model governance. Table 2: Minimum standards for independent assurance providers Index Standards

1. IAPs should comprehensively assess the Joint Standard and this application suite to ensure a sufficient understanding of the contents in order to carry out the independent assurance assessments in a rigorous manner
2. IAPs must document the criteria used to evaluate responses to application questions, findings, and, where relevant, mitigating controls or the lack thereof in the respective assurance report. The assurance engagement must independently test the soundness and integrity of application responses.
3. All independent assurance efforts related to model validations must be conducted by suitably qualified individuals with relevant quantitative analysis qualifications and experience. As such, all model validation assurance reports must document such qualifications and experience.
4. IAPs must report the outcome of an assurance assessment together with substantive motivations against the analysis performed.