Impact tolerance is a fundamental component of operational resilience and represents the maximum level of disruption that London Stock Exchange Group (LSEG) is willing to tolerate before unacceptable harm is caused to market participants, customers, regulators, financial markets, or the organisation itself.
For CBS-2 Market Data Distribution Services, impact tolerances provide measurable thresholds that define how long a disruption can persist, how much data degradation is acceptable, and what level of customer impact remains tolerable before urgent recovery and escalation actions are required.
Establishing these tolerances enables LSEG to align resilience capabilities with regulatory expectations, market integrity requirements, customer obligations, and enterprise risk appetite.
Given the critical role of market data in supporting trading decisions, price discovery, risk management, clearing, settlement, and regulatory transparency, the impact tolerances for CBS-2 must incorporate not only operational metrics but also cyber resilience, ICT resilience, data integrity, and third-party dependency risks.
By defining clear thresholds and linking them to proactive monitoring and risk management activities, LSEG can identify emerging vulnerabilities, strengthen resilience controls, and ensure that severe but plausible disruptions remain within acceptable levels of harm.
Table P4: Establish Impact Tolerance for CBS-2
|
Sub-CBS Code |
Sub-CBS |
Impact Tolerance Threshold |
Level of Harm if Exceeded |
Integration of Cyber & ICT Risks |
Evidence of Proactive Risk Management Actions |
|
2.1 |
Market Data Source Acquisition and Feed Collection |
Data source disruption not exceeding 15 minutes |
Loss of market visibility and incomplete pricing information |
Vendor connectivity failure, DDoS attacks, and network outages |
Multi-source redundancy, alternative feed providers, and real-time monitoring |
|
2.2 |
Market Data Validation and Quality Verification |
Validation errors below 0.5% for more than 10 minutes |
Dissemination of inaccurate market data |
Data corruption, malware affecting validation engines |
Automated validation rules, exception alerts, and integrity checks |
|
2.3 |
Market Data Normalisation and Data Transformation |
Processing delay not exceeding 30 seconds |
Delayed distribution and customer impact |
Middleware failure, transformation engine compromise |
Automated failover and parallel processing environments |
|
2.4 |
Instrument and Reference Data Association |
Reference data mismatch rate below 0.1% |
Incorrect instrument identification |
Master data corruption, unauthorised changes |
Data governance controls and reconciliation processes |
|
2.5 |
Real-Time Tick Data Processing |
Latency increase not exceeding 500 milliseconds |
Trading decisions based on stale data |
Infrastructure overload, cyber attacks on processing platforms |
Capacity testing, latency monitoring, resilient architecture |
|
2.6 |
Market Data Aggregation and Consolidation |
Aggregation delay not exceeding 1 minute |
Market view inconsistency across customers |
Database failure, data processing bottlenecks |
Active-active processing clusters and performance monitoring |
|
2.7 |
Data Enrichment and Analytics Processing |
Analytics processing interruption not exceeding 15 minutes |
Reduced customer insight services |
Analytics platform compromise, algorithm failure |
Automated quality assurance and resilience testing |
|
2.8 |
Entitlement and Subscriber Access Management |
Access provisioning disruption not exceeding 30 minutes |
Customers are unable to access subscribed data |
Identity management compromise, access control failures |
IAM monitoring, privileged access reviews |
|
2.9 |
Data Feed Publication and Distribution |
Distribution outage not exceeding 15 minutes |
Widespread customer service interruption |
Distribution network attack, messaging infrastructure failure |
Multi-region distribution infrastructure and failover testing |
|
2.10 |
Low-Latency Data Delivery and Network Routing |
Latency degradation not exceeding 1 second |
Reduced trading effectiveness |
Telecom failure, network congestion, DDoS |
Network redundancy and route optimisation |
|
2.11 |
API Gateway and Connectivity Services |
API service outage not exceeding 15 minutes |
Customer integration failures |
API exploitation, gateway compromise |
API security monitoring, rate limiting, WAF controls |
|
2.12 |
Market Data Synchronisation and Time Management |
Time drift not exceeding 100 milliseconds |
Inaccurate sequencing and regulatory concerns |
NTP compromise, GPS timing failures |
Time synchronisation, monitoring and backup timing sources |
|
2.13 |
Historical Data Capture and Archiving |
Data loss tolerance of zero records; recovery within 4 hours |
Loss of historical market records |
Storage corruption, ransomware attack |
Immutable backups and archive integrity verification |
|
2.14 |
Customer Delivery Channel Integration |
Customer delivery disruption not exceeding 30 minutes |
Customer service degradation |
Integration platform failure, interface compromise |
End-to-end testing and redundancy controls |
|
2.15 |
Exception Handling and Data Recovery Management |
Recovery actions initiated within 15 minutes |
Extended service disruption |
Recovery platform compromise |
Automated incident workflows and recovery playbooks |
|
2.16 |
Market Data Monitoring and Performance Surveillance |
Monitoring visibility loss not exceeding 10 minutes |
Undetected service degradation |
Monitoring platform failure or attack |
Continuous observability and SIEM integration |
|
2.17 |
Incident Response and Service Restoration |
Critical incident response initiated within 15 minutes |
Escalating operational and customer harm |
Cyber incident escalation failures |
Incident response exercises and crisis simulations |
|
2.18 |
Regulatory Reporting and Data Compliance Monitoring |
Reporting delays not exceeding regulatory deadlines |
Regulatory breaches and penalties |
Data leakage, compliance system failures |
Automated compliance checks and audit monitoring |
|
2.19 |
Cybersecurity Monitoring for Data Infrastructure |
Threat detection within 5 minutes; containment within 30 minutes |
Data compromise and systemic disruption |
Advanced persistent threats, ransomware, and insider threats |
SOC monitoring, threat intelligence, EDR deployment |
|
2.20 |
Business Continuity and Resilience Administration |
Recovery objectives validated annually; critical capabilities recoverable within approved tolerances |
Inability to maintain resilience obligations |
BC platform failure, resilience governance breakdown |
Regular resilience exercises, scenario testing, and lessons learned reviews |
|
Impact Dimension |
Typical Tolerance Consideration |
|
Customer Harm |
Number of affected subscribers, exchanges, brokers, and institutional users |
|
Market Integrity Harm |
Accuracy, completeness, and timeliness of market data |
|
Financial Harm |
Revenue loss, compensation costs, and contractual penalties |
|
Regulatory Harm |
Failure to meet reporting, transparency, or compliance obligations |
|
Reputational Harm |
Loss of confidence from market participants and regulators |
|
Cyber Harm |
Data compromise, integrity loss, unauthorised access, or service unavailability |
|
ICT Harm |
Infrastructure outages, network failures, application disruptions, and cloud service failures |
Establishing impact tolerances for CBS-2 Market Data Distribution Services enables the London Stock Exchange Group to define the maximum acceptable level of disruption before significant harm occurs to customers, financial markets, regulators, and the organisation.
These tolerances translate resilience objectives into measurable operational thresholds that can be monitored, tested, and continuously improved.
They also provide management with clear decision-making criteria to prioritise recovery actions in severe but plausible disruption scenarios.
By integrating cyber resilience, ICT resilience, third-party dependency management, and operational risk controls into the impact tolerance framework, LSEG strengthens its ability to maintain the availability, integrity, and timely delivery of critical market data services.
Regular scenario testing, continuous monitoring, threat intelligence integration, and resilience exercises ensure that these tolerances remain realistic, achievable, and aligned with evolving market conditions, regulatory expectations, and emerging technology risks.
Through this disciplined approach, LSEG can sustain confidence in its market data ecosystem while supporting the overall resilience of global financial markets.
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-2 Market Data Distribution Services | |||||
| DP | MIIC | MIID | ITo | SbPS | ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|