# Counterparty Risk

Counterparty risk is a core dimension of Usual Protocol’s risk management framework. Because **USD0** is backed by tokenized **Real-World Assets (RWAs)** held through external providers, the integrity, operational resilience, and solvency of each entity in the collateral chain directly affect the safety of the stablecoin and its holders.

***

## Definition

**Counterparty risk** is the possibility that a counterparty (e.g., a financial institution, service provider, or other entity) fails to meet its contractual obligations, defaults on its commitments, or becomes insolvent.

In Usual Protocol, key counterparties form a **three-layer chain**:

* **Tokenizer** — creates and manages the on-chain token representation of the underlying RWA (e.g., **Hashnote** for **USYC**, **Superstate** for **USTBL**).
* **Fund manager** — manages the underlying investment portfolio (e.g., US Treasury Bills, reverse repos, government securities). This may be the tokenizer itself or a dependent party.
* **Banks and custodians** — hold, settle, safeguard, and clear the underlying assets (e.g., **BNY Mellon** for Hashnote custody, **DTCC** for clearing).

***

## Impact on Usual’s Collateral

USD0 collateral can be impaired if any counterparty in the RWA chain fails. The impact depends on where the failure occurs:

* **Tokenizer failure**\
  May prevent or delay minting, redemption, or liquidation of the tokenized RWA. If the tokenizer’s operations or technology are compromised, access to collateral can be disrupted.
* **Fund manager default or insolvency**\
  Can lead to portfolio losses that reduce the value of the collateral pool. Poor investment decisions, unauthorized leverage, or fraud could erode the assets backing USD0.
* **Banking or custodial failure**\
  Can restrict access to funds or lead to direct losses during liquidity crises or insolvencies—historically illustrated by **Lehman Brothers (2008)** and **Silicon Valley Bank (2023)**. The SVB event caused Circle’s USDC to depeg to approximately **$0.95** due to **8%** of reserves being held at the failed bank. Usual’s risk policy is explicitly designed to avoid such exposure.

***

## Collateral Eligibility Requirements

Before any counterparty is accepted into Usual’s collateral system, it must pass a rigorous due diligence process. The protocol enforces strict eligibility criteria across **all three layers** (tokenizer, fund manager, and banking/custody):

| Requirement                | Standard                                                                                                                                           |
| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Full collateralization** | **100% collateralized** — no leverage, no fractional reserves. Excludes any exposure to fractional reserve banking or leveraged positions.         |
| **Asset quality**          | Investments restricted exclusively to **US Treasuries**, quasi-government debt, reverse repos, or cash. **Corporate debt is strictly prohibited.** |
| **Duration limit**         | Individual RWA duration must be **< 0.5 years**; portfolio average duration must not exceed **0.33 years** (\~4 months).                           |
| **FX risk**                | **Zero tolerance** — only USD-denominated assets or positions that are **100% FX-hedged**.                                                         |
| **Credit risk**            | **Zero tolerance** — no corporate credit exposure permitted under any circumstances.                                                               |
| **Liquidity**              | RWAs must be redeemable or sellable with minimal slippage within a maximum of **5 days**.                                                          |
| **Transparency**           | Collateral must be verifiable on-chain in real time and provide high transparency off-chain through frequent public financial audits.              |
| **Regulatory compliance**  | Tokenizers must be fully licensed and regulated under appropriate financial authorities (e.g., **CIMA**, **CFTC**).                                |
| **Asset protection**       | Assets must be ring-fenced in a **bankruptcy remote vehicle (BRV)** in the event of the tokenizer’s insolvency.                                    |

***

## Risk Monitoring and Management

Usual applies a comprehensive, multi-layered approach to counterparty risk using a **three-line-of-mitigation** model. Each line defines (1) criteria, (2) monitoring, and (3) contingency actions across each counterparty layer.

### First Line of Mitigation: Clear Counterparty Criteria

* **Tokenizer**
  * Must operate via **bankruptcy remote vehicles (BRVs)**.
  * Must demonstrate robust operations and financial stability, verified through independent audits.
  * Must undergo thorough technology audits (smart contract audits and operational security audits).
  * Only experienced tokenizers with proven track records are eligible.
* **Fund manager**
  * Must have a demonstrated track record managing Treasury and sovereign debt portfolios.
  * Must be regulated under appropriate financial authorities.
  * Must follow strict guidelines that prohibit leverage, corporate debt, and FX-unhedged positions.
  * Must maintain skilled and compliant asset management teams.
* **Banks and custodians**
  * Must be **highly rated** institutions demonstrating strong risk management, compliance, and capital adequacy (e.g., **BNY Mellon** for institutional-grade custody; **DTCC** with an **AA-** credit rating).
  * Must maintain **diversified banking relationships** to reduce concentration risk at any single institution.

### Second Line of Mitigation: Ongoing Monitoring and Compliance Checks

* **Tokenizer**
  * Periodic audits, security reviews, and performance assessments to ensure continued compliance with technical, regulatory, and operational requirements.
  * Dual-layer monitoring: both the tokenizer and Usual independently monitor holdings for compliance with the risk policy.
* **Fund manager**
  * Regular review of investment decisions, risk exposure, duration profiles, and portfolio composition to ensure alignment with Usual’s risk appetite.
  * The protocol monitors the **weighted average duration** of reserve assets, with:
    * a tolerance threshold of **0.25 years** for minor fluctuations; and
    * alerts triggered when the **rolling 180-day weighted average** deviates more than **±5%** from the previous day or more than **±20%** from the **SOFR** benchmark.
* **Banks and custodians**
  * Continuous monitoring of partner health and stability, including credit ratings, risk exposure, regulatory standing, and liquidity position.
  * Any deterioration triggers escalation procedures.

### Third Line of Mitigation: Contingency Plans and Corrective Actions

* **Tokenizer**
  * Pre-defined contingency plans for tokenizer failure, including alternative redemption paths, collateral liquidation, and migration to backup collateral providers.
  * The DAO can remove underperforming or at-risk collateral types via governance vote.
* **Fund manager**
  * Mechanisms to switch fund management services quickly to minimize disruption.
  * Recovery procedures and asset-transfer protocols are documented and tested.
* **Banks and custodians**
  * Custody and banking are **diversified across multiple institutions** to mitigate single-institution failure risk.
  * Contingency plans include rapid asset reallocation and alternative settlement arrangements.
  * Historical failures (Lehman Brothers, Silicon Valley Bank) are explicitly treated as scenarios the risk policy is designed to withstand.

***

## Insurance Fund Protection

To further mitigate counterparty-related collateral losses, Usual maintains a dedicated **insurance fund** per **Liquid Deposit Token (LDT)**:

| Parameter              | Value                                                                                                  |
| ---------------------- | ------------------------------------------------------------------------------------------------------ |
| **Funding source**     | A portion of yield generated by the LDT (insurance accrual rate set by the DAO, approximately **20%**) |
| **Maximum cap**        | Between **0.33% and 5.33%** of all USD0 LDTs, determined by historical stress testing (VAR analysis)   |
| **Replenishment time** | Approximately **24 days** (at **0.33-year** average duration and **5%** coupon rate)                   |
| **Mechanism**          | Burns LDT held in the insurance fund to increase the salvageable redemption value per LDT              |

The insurance fund cap is calibrated against extreme historical scenarios, including:

* A **75 bps** interest rate rise over a two-week period (observed in 2022)
* A **100 bps** increase over a one-month period (observed in 2022)
* SVB-type counterparty exposure resulting in up to a **5% depeg** (as experienced by USDC in March 2023)

Given the portfolio’s maximum average duration of **0.33 years**, even these extreme scenarios would temporarily reduce collateral value by approximately **0.33%**.

### Counter Bank Run Mechanism (CBR)

The **Counter Bank Run Mechanism (CBR)** adjusts the salvageable redemption value using the insurance fund:

$$
S\_{LDT} = \min \left( \frac{\sum\_{i=1}^n P\_{Collateral\_i} \times C\_{Collateral\_i}}{Supply\_{LDT} - Insurance\_{LDT}},\ F\_{LDT} \right)
$$

If the salvageable redemption value falls below 1, the DAO can temporarily pause the minting engine and direct minting through the secondary market to focus on re-pegging.

***

## Collateral Diversification as Risk Mitigation

Counterparty risk is further reduced through **multi-provider collateral diversification**. USD0 is backed by assets from multiple tokenizers, custodians, and service providers, reducing single points of failure:

| Collateral | Tokenizer     | Key Custodian / Counterparty                                           |
| ---------- | ------------- | ---------------------------------------------------------------------- |
| **USYC**   | Hashnote      | BNY Mellon (custody), DTCC (clearing, AA- rated), Marex (prime broker) |
| **M**      | M0 Foundation | Independent custody and administration                                 |
| **USTBL**  | Superstate    | SEC-regulated, US Treasury Bills                                       |
| **USDC**   | Circle        | Indirect minting collateral via Collateral Providers                   |

The **Multi Collateral Controller** dynamically manages portfolio composition across providers by:

* continuously adjusting reward rates to incentivize balanced collateral contributions; and
* triggering rebalancing when the maximum deviation between actual and optimal portfolio weights exceeds a predefined threshold.

***

## Community Governance of Counterparty Exposure

Counterparty and collateral exposure is governed by the community through **USUAL token governance**. Holders can vote on:

* Adding or removing collateral types and their associated counterparties
* Setting maximum exposure limits per collateral provider
* Adjusting risk parameters based on evolving market conditions
* Responding to counterparty deterioration or emerging risks

This governance layer keeps counterparty-risk decisions transparent, community-driven, and responsive to changing conditions rather than controlled by a single corporate entity.

***