(1) Without limiting the generality of the systems and controls obligations of the ATS Operator, an ATS Operator must have in place adequate systems and controls to address market integrity, AML, CTF or investor protection risks in permitting a Direct Access Member to trade on its facility, including procedures to:
(a) identify the ultimate beneficial owner of a Direct Access Member, where such a member is a body corporate;
(b) ensure that appropriate customer due diligence sufficient to address AML and CTF risks has been conducted on each Direct Access Member, prior to permitting that member to trade on its facility;
(c) detect and address market manipulation and abuse;
(d) ensure that there is adequate disclosure relating to the Investment Tokens that are traded on the facility, including through prospectus and on-going disclosure under MKT chapters 2
(2) An ATS Operator must have adequate controls and procedures to ensure that trading in Investment Tokens by Direct Access Members does not pose any risks to the orderly and efficient functioning of the facility’s trading system, including controls and procedures to:
(a) mitigate counterparty risks that may arise from defaults by Direct Access Members through adequate collateral management measures, such as margin requirements, based on the settlement cycle adopted by the ATS Operator;
(b) identify and distinguish orders that are placed by Direct Access Members, and, if necessary, enable the ATS Operator to stop orders of, or trading by, such members;
(c) prevent Direct Access Members from allowing access to other persons to trade on the trading facility; and
(d) ensure that Direct Access Members fully comply with the Operating Rules of the facility and promptly address any gaps and deficiencies that are identified.
(3) An ATS Operator must have adequate resources and systems to carry out front-line monitoring of the trading activities of Direct Access Members.
(4) An ATS Operator must ensure that, to the extent that any of the systems and controls referred to in (1) are embedded within, or otherwise facilitated through DLT, they are included within the scope of the annual audit and the written report required under COB Rule 14.5.1