The Federal Reserve Board published a FEDS Note setting out a method to estimate banks’ operational risk exposure to third-party payment platform providers used to send and receive Fedwire transactions. The approach combines service provider client-list data with Fedwire payments data and applies network analysis to illustrate how an operational outage, including a cyber event, could disrupt payment activity and propagate beyond a provider’s direct customers. Using supervisory client lists, the note models 227 connections between 215 banks and four payment products and uses a 20-day Fedwire sample from August and September 2023 to estimate mean daily exposures by product, which ranged from tens of millions to the upper billions of dollars. For context, average daily Fedwire Funds transfers in 2023 were approximately USD 4.3 trillion, and the sample banks’ mean aggregate daily volume was USD 176 billion, with 26% occurring after 17:00 and 14% occurring between 18:00 and 19:00 EST. The paper also tests public proxies for payment activity, finding a 60% correlation between total assets and daily payment activity across a 2,464-bank sample (average daily payments-to-assets ratio of 0.129), and stronger relationships for large banks, while yearly payments activity from the FR Y-15 for 24 large banks showed about a 90% correlation with daily payments. In a network exercise focused on one provider, the most central firms in the projected payment network were largely not direct clients of the provider, indicating potential for significant second-order impacts. The note highlights potential extensions, including using more complex network techniques to explore secondary and tertiary effects and identifying additional benchmarks and data sources to infer bank-service provider linkages when direct payment data are unavailable.

Original source View in tracker