[OR] [LSEG] [E3] [CBS] [2] [MIID] Map Interdependencies

CBS-2 Market Data Distribution Services

Market Data Distribution Services is one of the most critical business services delivered by London Stock Exchange Group (LSEG).

The service enables financial institutions, trading participants, market infrastructure operators, regulators, and investors to access accurate, timely, and reliable market information necessary for trading, investment decision-making, risk management, regulatory compliance, and market transparency.

Operational resilience regulations issued by central banks, financial regulators, and market authorities require organisations to identify and document the interdependencies that support the delivery of each Critical Business Service (CBS).

Interdependency mapping goes beyond identifying individual resources to understanding how people, processes, technology, facilities, data, third parties, and external market infrastructures work together to deliver an end-to-end service.

It provides visibility into the reliance relationships that may become points of vulnerability during a disruption.

For LSEG's CBS-2 Market Data Distribution Services, the operational environment is highly interconnected. The service relies on upstream dependencies, including market data providers, trading venues, telecommunications networks, time synchronisation services, cloud and infrastructure providers, cybersecurity functions, and reference data vendors.

It also depends on numerous internal systems, including feed handlers, validation engines, aggregation platforms, entitlement systems, distribution networks, monitoring tools, and business continuity capabilities.

A disruption affecting any of these dependencies could impact the organisation's ability to maintain the availability, integrity, accuracy, and timeliness of market data, as well as regulatory compliance.

The purpose of this chapter is to document and analyse the interdependencies associated with the twenty sub-Critical Business Services that collectively support CBS-2 Market Data Distribution Services.

The mapping identifies critical reliance relationships, potential concentration risks, single points of failure, and resilience measures implemented to maintain service continuity.

This information provides the foundation for impact tolerance assessments, scenario testing, recovery planning, third-party risk management, and resilience improvement initiatives required under operational resilience frameworks.

For regulatory submissions aligned with operational resilience expectations of central banks and financial regulators, the Map Interdependencies table should identify the internal and external dependencies for each sub-CBS, the nature of each dependency, the impact of failure, and the resilience measures implemented to manage disruption risks.

Table P3: Map Interdependencies for CBS-2

Sub-CBS Code	Sub-CBS Name	Dependency Category	Interdependent Entity / Service	Dependency Description	Dependency Type (Internal / External)	Impact if Dependency Fails	Resilience Measures
2.1	Market Data Source Acquisition and Feed Collection	Market Infrastructure	Trading Venues, Exchanges, OTC Platforms	Receives real-time market data feeds from exchanges and trading venues globally	External	Market data unavailable or incomplete	Multiple feed providers, redundant circuits, alternate feed paths
2.1	Market Data Source Acquisition and Feed Collection	Technology	Feed Handler Platforms	Collects and ingests raw market data streams	Internal	Data acquisition interruption	High-availability feed handlers, active-active architecture
2.2	Market Data Validation and Quality Verification	Technology	Data Quality Engines	Validates the accuracy, completeness, timeliness and integrity of market data	Internal	Dissemination of erroneous market data	Automated validation rules and exception management
2.2	Market Data Validation and Quality Verification	Operations	Market Data Operations Team	Reviews exceptions and quality alerts	Internal	Unresolved data integrity issues	Cross-trained personnel and escalation procedures
2.3	Market Data Normalisation and Data Transformation	Technology	Data Transformation Engines	Converts proprietary exchange formats into standardised formats	Internal	Downstream systems unable to consume data	Redundant processing clusters and automated failover
2.4	Instrument and Reference Data Association	Information	Security Master Database	Associates market data with instrument reference attributes	Internal	Incorrect instrument identification	Replicated reference data repositories
		Third Party	External Reference Data Providers	Provides instrument identifiers and corporate action data	External	Incorrect instrument mapping	Multiple vendors and reconciliation controls
2.5	Real-Time Tick Data Processing	Technology	Tick Processing Engines	Processes high-volume market events in real time	Internal	Delayed market data dissemination	Low-latency clustered infrastructure
		Infrastructure	Data Centre Facilities	Provides compute and storage infrastructure	Internal	Processing outage	Dual-site processing facilities
2.6	Market Data Aggregation and Consolidation	Technology	Aggregation Platforms	Consolidates data from multiple sources	Internal	Incomplete market view for customers	Geographic redundancy and load balancing
2.7	Data Enrichment and Analytics Processing	Information	Analytics Models and Calculation Engines	Generates derived analytics and indicators	Internal	Reduced value-added services	Backup calculation engines and validation controls
		Third Party	Benchmark and Index Providers	Supplies benchmark and index information	External	Missing enrichment information	Alternative data sources and contingency procedures
2.8	Entitlement and Subscriber Access Management	Technology	Identity and Access Management (IAM) Systems	Controls customer entitlements and permissions	Internal	Customers unable to access services	Redundant IAM platforms and recovery procedures
		Customer Services	Subscriber Management Platform	Maintains subscriber access records	Internal	Incorrect entitlement assignments	Replicated databases and audit controls
2.9	Data Feed Publication and Distribution	Technology	Market Data Distribution Platform	Publishes validated market data feeds	Internal	Customer service disruption	Active-active distribution nodes
		Network	Content Distribution Networks	Supports global data dissemination	External	Regional delivery disruptions	Multiple network providers
2.10	Low-Latency Data Delivery and Network Routing	Telecommunications	WAN Providers and Telecom Carriers	Provides low-latency connectivity to customers	External	Increased latency or service outage	Diverse telecommunications providers
		Technology	Network Routing Infrastructure	Routes data traffic efficiently	Internal	Delayed market data delivery	Redundant routers and dynamic routing
2.11	API Gateway and Connectivity Services	Technology	API Gateway Platforms	Provides API access to market data services	Internal	API service unavailable	Multi-region API deployment
		Cybersecurity	Authentication Services	Validates API user access	Internal	Access failures and security risks	Redundant authentication services
2.12	Market Data Synchronisation and Time Management	Infrastructure	Time Synchronisation Services (GPS/NTP/PTP)	Maintains accurate timestamps across platforms	Internal/External	Data sequencing errors	Multiple independent timing sources
		Technology	Precision Time Servers	Synchronises distributed systems	Internal	Regulatory compliance issues	Redundant time servers
2.13	Historical Data Capture and Archiving	Technology	Data Archival Platforms	Stores historical market data	Internal	Historical data unavailable	Replicated storage and backup repositories
		Cloud Services	Archival Storage Providers	Provides long-term storage capability	External	Loss of historical records	Multi-site backup storage
2.14	Customer Delivery Channel Integration	Technology	Customer Delivery Platforms	Supports customer-specific delivery channels	Internal	Customers are unable to consume services	Redundant delivery gateways
		External Parties	Customer Systems and Networks	Receives distributed data feeds	External	Customer connectivity issues	Alternative connection methods
2.15	Exception Handling and Data Recovery Management	Operations	Data Operations Team	Investigates and resolves exceptions	Internal	Extended recovery times	24×7 support and escalation procedures
		Technology	Recovery Management Systems	Supports restoration of corrupted data	Internal	Data recovery failure	Automated backup and recovery processes
2.16	Market Data Monitoring and Performance Surveillance	Technology	Monitoring Platforms	Monitors system health and service levels	Internal	Undetected service degradation	Real-time monitoring and alerting
		Operations	Network Operations Centre (NOC)	Monitors infrastructure and performance	Internal	Delayed incident detection	Continuous operations coverage
2.17	Incident Response and Service Restoration	Operations	Incident Management Team	Coordinates incident response activities	Internal	Prolonged service outages	Defined incident response plans
		Technology	Service Recovery Platforms	Facilitates system restoration	Internal	Delayed recovery	Automated failover and recovery tooling
2.18	Regulatory Reporting and Data Compliance Monitoring	Compliance	Regulatory Compliance Function	Ensures adherence to reporting obligations	Internal	Regulatory breaches	Compliance monitoring and audits
		Regulators	Financial Regulators and Authorities	Receives mandatory reporting information	External	Regulatory sanctions	Reporting controls and escalation procedures
2.19	Cybersecurity Monitoring for Data Infrastructure	Cybersecurity	Security Operations Centre (SOC)	Monitors cyber threats affecting data services	Internal	Undetected cyber incidents	24×7 SOC operations
		Third Party	Threat Intelligence Providers	Supplies external threat intelligence	External	Reduced threat visibility	Multiple intelligence sources
2.20	Business Continuity and Resilience Administration	Resilience Management	Operational Resilience Function	Oversees resilience governance and compliance	Internal	Weak resilience oversight	Governance framework and regular reviews
		Crisis Management	Crisis Management Team	Coordinates response to severe disruptions	Internal	Poor crisis response coordination	Crisis management plans and exercises
		Third Party Management	Critical Suppliers and Service Providers	Supports continuity of outsourced services	External	Third-party disruption impacts service delivery	Supplier resilience assessments and exit strategies

Explanatory Notes for Map Interdependencies Fields

Sub-CBS Code

A unique identifier assigned to each Sub-Critical Business Service (Sub-CBS) within a Critical Business Service (CBS).

The code provides a structured reference for tracking, analysis, reporting, and resilience assessments.

Example: 2.1 may represent Market Data Source Acquisition and Feed Collection within CBS-2 Market Data Distribution Services.

Sub-CBS Name

The official name of the Sub-Critical Business Service being analysed.

This field identifies the specific operational process, capability, or service component that contributes to the delivery of the overall Critical Business Service.

The Sub-CBS Name provides context for understanding the dependencies associated with that process.

Dependency Category

Classifies the type of dependency required to support the Sub-CBS.

This field helps group dependencies into meaningful categories for analysis and resilience planning. Common categories include:

People – staff, operational teams, subject matter experts.
Process – business processes, procedures, workflows.
Technology – applications, platforms, databases, infrastructure.
Facilities – offices, data centres, operational sites.
Third Party – vendors, service providers, cloud providers, telecom carriers.
Market Infrastructure – exchanges, clearing houses, payment systems, trading venues.
Information/Data – reference data, market data, security master data, regulatory data.

Interdependent Entity / Service

The specific organisation, system, platform, team, service, facility, or external entity that the Sub-CBS depends upon.

This field identifies the actual dependency source.

Examples include a market data feed provider, an identity and access management system, a cloud storage service, a telecommunications network, or an operational support team.

Dependency Description

A detailed explanation of the dependency relationship and how the Interdependent Entity or Service supports the Sub-CBS.

The description should explain what is provided (for example, data, connectivity, processing capability, operational support, or infrastructure) and why it is necessary to deliver the Critical Business Service.

Dependency Type (Internal / External)

Indicates whether the dependency is provided from within the organisation or by an external party.

Internal – provided by LSEG business units, technology teams, infrastructure teams, operations teams, or internal shared services.
External – provided by third parties, exchanges, market infrastructure providers, telecom carriers, cloud providers, regulators, or other external organisations.

This distinction supports third-party risk management and regulatory reporting requirements.

Impact if Dependency Fails

Describes the operational consequence if the dependency becomes unavailable, degraded, corrupted, delayed, or otherwise fails.

The impact statement should focus on the effect on the Sub-CBS and the overall Critical Business Service, such as:

Service outage
Delayed market data delivery
Data integrity issues
Regulatory non-compliance
Customer access disruption
Increased latency
Extended recovery time
Loss of monitoring visibility

This field helps assess dependency criticality and supports impact tolerance and scenario testing activities.

These definitions align with operational resilience practices for Mapping Interdependencies, where the objective is to identify and document the reliance relationships that support the delivery of a Critical Business Service and to understand the potential impact if those relationships are disrupted.

Recommended Additional Fields for Regulatory Submission

For compliance with operational resilience requirements issued by central banks and market regulators, London Stock Exchange Group should maintain the following additional fields for each interdependency:

Additional Field	Purpose
Dependency ID	Unique identifier for tracking
Criticality Rating	High / Medium / Low
Dependency Owner	Accountable function or individual
Maximum Tolerable Disruption (MTD)	Maximum acceptable outage period
Impact Tolerance Alignment	Link to approved impact tolerance
Single Point of Failure (Y/N)	Identification of concentration risk
Substitutability Rating	Ease of replacement
Recovery Time Objective (RTO)	Target restoration time
Recovery Point Objective (RPO)	Acceptable data loss threshold
Testing Frequency	Annual, Semi-Annual, Quarterly
Last Test Date	Evidence of resilience validation
Regulatory Requirement Reference	FCA, PRA, Bank of England, ESMA, SEC, etc.
Third-Party Criticality Classification	Material / Important / Non-Critical
Exit Strategy Available (Y/N)	Third-party dependency management
Resilience Control Effectiveness	Effective, Partially Effective, Ineffective

This interdependency mapping provides a comprehensive view of the upstream and downstream dependencies that support CBS-2 Market Data Distribution Services, enabling London Stock Exchange Group to demonstrate compliance with operational resilience expectations for dependency mapping, impact tolerance assessment, scenario testing, and resilience governance.

The mapping of interdependencies for CBS-2 Market Data Distribution Services demonstrates the complex ecosystem required to deliver resilient market data services across global financial markets.

The analysis highlights that service delivery depends not only on internal operational capabilities but also on a wide network of external entities, including exchanges, market infrastructure providers, telecommunications carriers, reference data vendors, cloud service providers, cybersecurity partners, and regulatory stakeholders.

By systematically identifying and documenting these interdependencies, London Stock Exchange Group gains a comprehensive understanding of the relationships that support the delivery of market data services and the potential vulnerabilities that could affect operational resilience.

This visibility enables management to assess concentration risks, identify single points of failure, evaluate dependency criticality, and implement appropriate resilience controls to ensure service continuity during severe but plausible disruption scenarios.

The interdependency map also serves as a key input into subsequent operational resilience activities, including impact tolerance setting, scenario testing, vulnerability assessments, third-party resilience reviews, incident response planning, and business continuity strategy development.

As the operating environment, technology landscape, and external dependency ecosystem continue to evolve, this mapping should be reviewed and updated regularly to ensure it remains accurate and reflective of current operational realities.

Ultimately, effective interdependency mapping strengthens LSEG's ability to anticipate disruptions, respond effectively to incidents, recover critical services within established tolerances, and continue delivering reliable market data services that support the stability, transparency, and integrity of global financial markets.

LSEG Thin Banner

eBook 3: Starting Your OR Implementation
CBS-2 Market Data Distribution Services
DP	MIIC	MIID	ITo	SbPS	ST

Gain Competency: For organisations looking to accelerate their journey, BCM Institute’s training and certification programs, including the OR-5000 Operational Resilience Expert Implementer course, provide in-depth insights and practical toolkits for effectively embedding this model.

More Information About OR-5000 [OR-5] or OR-300 [OR-3]

To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.