IIA Best Practice Guidelines

An Index Provider (IP) shall maintain robust governance arrangements, including a clearly defined management structure with transparent lines of reporting and appropriate allocation of authority and responsibility.

(1.1) An IP’s Board, the senior management of the IP, its ultimate corporate parent, or equivalent body should appoint and empower a governance body accountable for the administration, calculation, or maintenance of its indices (the Governance Body). The nature of the Governance Body may vary depending on the type of index and may comprise a formal board, a dedicated committee, or an individual manager. In all instances, however, it is essential that there be a single identifiable authority within the IP with specific accountability for the governance of the index.

(1.2) The Governance Body should provide oversight designed to ensure that:

(A) The IP’s senior managers within the governance function have the requisite skills, capacity, knowledge, and experience to perform the duties assigned to them.
(B) Relevant employees of the IP are allocated specific duties and responsibilities in relation to oversight and control functions, including a compliance infrastructure regarding index services, and have sufficient resources to be able to perform those duties and responsibilities effectively; and
(C) The IP continues to act in compliance with the Practices, as certified through periodic reviews.

(1.3) An IP should have in place appropriate reporting lines and organizational structures to facilitate effective checks and balances and transfers of management information to appropriate senior managers in the IP’s organization.

(1.4) If an IP engages a third party as its agent to administer, calculate, or maintain an index, or it enters into a joint venture, partnership or other similar arrangement for the administration, calculation, or maintenance of an index, the IP should establish clear roles and responsibilities for that party and receive adequate assurances that the party’s index-relevant activities facilitate delivering the index according to the IP’s methodology.

(1.5) If an IP jointly owns an index with another partner, the IP should establish clear roles and responsibilities for the partnership and design clear standards for its activities to facilitate delivering the index according to the IP’s methodology.

(1.6) An IP should conduct regular training for staff on the relevant policies and procedures in relation to its index operations, such as the handling of confidential information, conflicts of interest, personal account dealing, editorial independence, data integrity, and business continuity and disaster recovery plans.

An Index Provider (IP) shall publish or otherwise make available the index methodologies for indices that are intended for commercial use and shall ensure sound administrative review if its index methodologies and the processes related to their calculation and maintenance.

(2.1) An IP should clearly document the methodology for each of its indices and, subject to those qualifications set out below in Standard 2, for each index intended for commercial use, publish the methodology on its website, to the extent practicable and without violating any agreements or applicable laws restricting such publication. Published index methodologies should include a description of the objective of the index and how the index is calculated and maintained, described in sufficient detail to allow users and potential users to assess the objectives of the index and the relevance and suitability of the index to their purposes on an ongoing basis.

(2.2) Material changes to index methodologies should be rigorous and updated in a timely manner. Substantive amendments to an established methodology should be made according to a clear and documented process.

(2.3) An IP should periodically review its indices methodologies to ensure that they continue to be designed to meet the stated objectives of the index.

(2.4) An IP should consider feedback received from subscribers, data contributors, and other market participants in the context of any review of its index methodologies, as appropriate.

An Index Provider (IP) shall take appropriate steps to utilize reliable sources of data and shall maintain clearly defined policies and processes for collecting, evaluating, and utilizing relevant data in connection with index calculation.

(3.1) An IP should specify in its internal records the criteria that define the sources of data which are or may be used in connection with index calculation.

(3.2) An IP should establish and follow consistent procedures designed to ensure that it selects only reputable, reliable vendors or institutions as sources of data used in calculating indices.

(3.3) An IP should establish, implement, and maintain adequate internal controls designed to ensure that data utilized in index calculation are robust and dependable.

(3.4) An IP should, commensurate with a risk-based analysis of its data providers, and to the extent practicable, establish policies and procedures for identifying anomalous data received from sources, excluding such data from the index calculation process as appropriate, and taking appropriate remedial actions where practicable to minimize the possibility of recurrence.

(3.5) An IP will maintain records of the sources of data used in connection with index calculation to the extent practicable and without violating any agreements or applicable laws for the purpose of enabling the verification of the calculation of the index.

(3.6) IPs should construct indices using data that are best suited to measure an index’s objectives. Such date should reflect an existing underlying market based on prices, rates and price assessments derived from price evaluation sources, other data anchored in market-observable information or, where appropriate, valuations using expert judgments. The sources should be separate from the index maintenance functions to ensure all prices used in calculation of the index are anchored by arms-length or other market-observable validation or, where appropriate, valuations using expert judgments.

An Index Provider (IP) shall ensure that its indices are calculated in accordance with its methodologies.

(4.1) An IP should establish policies and procedures to ensure that its indices can be calculated on a consistent, regular, and timely basis.

(4.2) Where practicable and commensurate with a risk-based analysis of its data providers, an IP should implement processes to validate incoming data.

(4.3) Any demonstrable failure by IP staff or third parties engaged as agents to adhere to published index methodologies or processes in calculating indices should be subject to internal review. and, as needed, a remediation process.

An Index Provider (IP) shall ensure that information about its indices is published or otherwise made available in a timely manner, as appropriate to each index.

(5.1) An IP should establish policies and procedures to ensure the well-controlled and timely dissemination of indices that it has agreed to publish.

(5.2) An IP should establish policy and procedures to ensure that any material changes to indices or index methodologies are published or otherwise made available in a timely manner.

(5.3) An IP should establish policies and procedures to ensure that any corrections to information published about an index (in accordance with its stated policies) are disseminated promptly after it is determined that a correction will be implemented with appropriate transparency and breadth of distribution.

(5.4) An IP should maintain appropriate policies and procedures to govern its public announcements concerning its indices.

An Index Provider (IP) shall take appropriate steps to identify and address conflicts of interest arising in connection with index calculation and maintenance.

(6.1) An IP should adopt and maintain appropriate policies to address conflicts of interest. A conflict of interest framework should seek to mitigate existing or potential conflicts of interest created by the IP’s ownership structure or control, or due to other interests in the IP’s staff or wider group may have in relation to index calculation and maintenance. To this end, a conflict of interest framework should establish clear boundaries between index calculation and maintenance within an IP and other business/commercial functional areas within the IP or its broader organizational framework and what action should be taken if any potential/actual conflicts of interests arise.

(6.2) In addition, an IP should:

(A) ensure that personal interests or business connections do not compromise the IP’s performance of its functions;
(B) establish a segregation of reporting lines within the IP, where appropriate, to clearly define responsibilities and prevent unnecessary or undisclosed conflicts of interest or the perception of such conflicts;
(C) put in place effective procedures to control the exchange of information among staff engaged in activities involving a risk of conflicts of interest or between staff and third parties, where that information may reasonably affect any index calculation and maintenance activities;
(D) establish appropriate remuneration policies for those responsible for index calculation and maintenance to ensure that those policies do not create conflicts of interest; and
(E) adopt policies regarding the proper use of material non-public information and compliance with applicable anti-bribery and anti-money laundering laws and regulations.

An Index Provider (IP) shall maintain reasonable business continuity and disaster recovery plans to ensure that, as far as practicable, indices can continue to be calculated and published in an orderly and timely manner notwithstanding the occurrence of disruptive events.

(7.1) An IP should develop plans designed to ensure continuing index calculation and publication in the event of extreme weather, natural disasters, or other events that could affect the IP’s offices.

(7.2) An IP should develop and maintain appropriate security and recovery measures designed to protect its computer networks against viruses, hackers, and other intentional efforts to disrupt or compromise its operation.

(7.3) An IP should develop plans designed to ensure continuing index calculation and publication in the event of the incapacity or unavailability of key business personnel.

An Index Provider (IP) shall maintain appropriate and up-to-date records in connection with index services and implement and maintain appropriate safeguards to protect confidential information.

(8.1) An IP should maintain adequate internal records in connection with index services, such as official publications, evidence of supervisory reviews or approvals, any material complaints, and any methodology changes. Such records should be maintained for at least five (5) years (or otherwise in accordance with applicable laws or corporate record keeping policies).

(8.2) An IP should adopt appropriate control systems and procedures to preserve the confidentiality of sensitive information. An IP should consider such measures an as email and document encryption policy, network firewalls, and restrictions on physical and electronic access to confidential information.

An Index Provider (IP) shall maintain written policies and procedures for promptly and appropriately responding to complaints about its indices.

(9.1) An IP should ensure that there are appropriately documented procedures for the communication, management, and timely resolution of complaints related to its indices or third parties engaged as data suppliers or calculation agents.

(9.2) If the cause of the complaint is fairly attributable to an IP’s third-party supplier of data or calculation agent, the IP should provide prompt written notice of the complaint to the relevant third party.

(9.3) If the cause of the complaint is systematic or likely to recur, an IP should consider appropriate remedial measures to reduce the likelihood of such complaints arising in the future.

An Index Provider (IP) shall establish an appropriate internal control framework to support its compliance with the Practices; its compliance shall be subjected to appropriate review on a periodic basis.

(10.1) An IP should allocate appropriate resources, and have in place adequate control systems, so that the IP, its staff can comply with the Practices.

(10.2) An IP’s executives and staff should be held to high professional standards of integrity and propriety.

(10.3) In accordance with local law, an IP should maintain appropriate escalation policies and procedures for members of staff to raise concerns regarding inappropriate or unlawful practices relating to the indices (for example, a “whistleblowing policy” or an “insider dealing” policy).

(10.4) An IP’s compliance with the Practices should be reviewed periodically as appropriate given the IP’s organizational structure.

(10.5) If material deficiencies in compliance are identified in the course of any such review, an IP should implement remedial measures promptly.

(10.6) The IP’s Board, senior management, or the senior management of its ultimate corporate parent, should be able to confirm that (i) periodic compliance reviews of the Practices have been conducted, (ii) any necessary remedial measures have been taken, and (iii) appropriate parties have been advised as needed of matters arising from the review.

(10.7) Following each periodic review of the IP’s control framework, an IP should consider the detailed findings of that review, and, when remedial measures are necessary or appropriate to address the findings of that review. and, when remedial measures are necessary or appropriate, implement those measures to address the findings of the review. An IP will document all reviews of its control framework, the work papers underlying those reviews, the details and summaries of the results of those reviews and the IP’s responses to those reviews in accordance with the Practices and any applicable law or regulation.

Want to learn more?

Contact us for membership and sponsorship opportunities