Introducing a central bank digital currency (CBDC) will have far-reaching implications for the operations of the issuing central bank and the risk it faces. Both will depend mainly on the particular design adopted and on a large range of factors internal and external to the central bank. This report analyses the operating, technology, third-party and business continuity risks for the issuing central bank. It therefore provides a useful complement to other work on CBDCs, which tends to focus on their implications for financial stability, monetary policy and the wider economy.
The report proposes an integrated risk-management framework that can be applied to the entire life cycle of a CBDC, from the research and design stages to implementation and operation. It discusses the implications of many of the design choices that a central bank needs to take and suggests tools and processes to identify and mitigate the risks that a CBDC poses to the issuing institution. For CBDCs to be a reliable means of payments, central banks also need to address, among others, the risks of interruptions or disruptions and ensure integrity and confidentiality. A key risk are the potential gaps in central banks’ internal capabilities and skills. While many of the CBDC-related activities could in principle be outsourced, doing so requires adequate capacity to select and supervise vendors.
The report is the outcome of the work conducted by BIS member central banks in the Americas within the Consultative Group on Risk Management (CGRM), which brings together representatives of the central banks of Brazil, Canada, Chile, Colombia, Mexico, Peru and the United States. The task force was led by Diego Ballivián from the Central Bank of Chile; subgroups were led by Antonieta Campa from the Bank of Mexico, María Jesús Orellana from the Central Bank of Chile and David Whyte from the BIS. The BIS Americas Office acted as the secretariat.