FINRA Investigates Trading Algorithms
The Financial Industry Regulatory Authority (“FINRA”) is investigating Trading Algorithms and whether trading firms that engage in high frequency trading have proper controls in place to ensure their trading algorithms do not malfunction and cause harm to public markets.
The regulator wants to know how at least ten trading firms use and control their high frequency trading algorithms.
The investigation stems from KCG Holdings’ $440 million in losses suffered in August 2012 in connection with a glitch in new software that had been improperly installed.
According to Bloomberg, FINRA sent correspondence to at least 10 high frequency trading firms asking how they design and deploy their algorithms.
FINRA’s letter requests details from the broker-dealers about the controls and processes used in the development and application of trading algorithms, as well as controls surrounding automated trading technology generally.
FINRA’s letter is set forth below.
Re: High Frequency Trading
The Trading Examinations Unit (“TEU”) within the Trading and Market Making Surveillance (“TMMS”) group of the Market Regulation Department at FINRA is conducting a review of the Firm’s controls and processes in connection with the development and use of trading algorithms , as well as controls surrounding automated trading technology. As part of this review, TEU is requesting the following information.
- Provide a detailed description of the Firm’s software development life cycle for trading algorithms and any supporting documentation.
- List all personnel who develop, test, deploy, maintain, and/or modify algorithms. Please specify their title and detail their job function and responsibilities.
- Describe the Firm’s entitlement procedures for granting personnel the ability to develop, test, deploy, maintain and/or modify algorithms.
- Provide a flow chart of the individuals/groups/business lines involved in the software development cycle and their respective roles.
- For the groups identified in part 1.c., above, please state whether the groups are segregated and independent of one another. In addition, please describe in detail which groups are responsible for defining requirements, developing algorithmic code, quality assurance testing of the code, conducting user acceptance testing, and implementing the code once it has been tested and approved. Address whether any functional separation and independence exists between the staff responsible for algorithmic code development, testing, and user acceptance testing (i.e., whether the staff responsible for code development is different from the staff that perform testing, which are different from the staff that perform user acceptance testing). If there is no functional separation and/or independence, please describe any other controls that the Firm may have in place.
- Specify the roles of the Firm’s traders, if any, in writing, developing, testing, or modifying algorithmic code.
- Please identify the Firm’s personnel responsible for the oversight and supervision of the planning, implementation, testing, deployment, and maintenance of algorithms and related software.
- State whether legal, compliance, senior management, and/or other Firm personnel not identified above review and/or approve algorithms and related software before they are deployed. If so, please describe in detail the review and/or approval process. Specify if such a review and/or approval is conducted only once before deployment or on an ongoing basis. If applicable, provide evidence that such a review was conducted from January 2013 through present.
- State whether the Firm conducts any review after an algorithm is deployed to ensure system processes function as intended and by whom the review(s) is conducted. If so, identify and describe any surveillance or reviews the Firm has established to monitor algorithmic trading activity. State whether the Firm conducts other types of monitoring of algorithms and the nature of such monitoring. Provide evidence that such a review was conducted from January 2013 through present.
- Describe any testing performed by the Firm under non-normal market conditions, such as extreme market volatility.
- State whether modifications to algorithms require supervisory approval or performance testing before going into effect.
- Explain the testing, approval, documentation, or review process for modifications, and provide any corresponding Written Supervisory Procedures (“WSPs”) and the date such procedures went into effect.
- Provide evidence that the Firm documented or reviewed changes to algorithms from January 2013 through present.
- Describe whether a trader or other Firm personnel may change the code or parameters of an algorithm once that algorithm is in production, and if so, describe in detail what may be changed and who must approve such changes.
- Provide any and all WSPs in connection with material automated trading malfunctions or system failure (occurring at the Firm or externally) including any written plan addressing the responsibilities of Firm personnel in case of material technology failures.
- Identify the Firm’s contact person(s) for emergency exchange-related technology issues.
- Describe the controls in place to monitor that algorithms are working properly and that, in the event that there is a malfunction, the Firm is able to quickly identify the issue/source and take necessary steps to minimize any resulting market impact or disengage the algorithm.
- State whether the Firm’s monitoring efforts look at algorithmic activity in the aggregate or how individual algorithms behave in the market. If so, please state how often such monitoring efforts are conducted.
- Describe any automatic or manual shut offs or “kill switches” that the Firm may employ, and if so who is responsible for the automatic shut off or kill switch.
- State whether any such shut offs or kill switches are implemented on individual algorithms, across desks, or at the firm level.
- Describe the conditions under which the Firm would engage a shut off or kill switch, and provide any applicable written materials, policies and/or procedures. Please include when they were adopted or implemented.
- Describe any periodic testing that the Firm may conduct regarding automated or manual kill switch parameters.
- Describe the types of blocks/alerts/risk controls that are built into algorithms and related software (including, but not limited to, controls designed to prevent unauthorized access to the algorithmic code, aberrant order messaging activity (such as quote stuffing and quote bursts), self-referencing, excess messaging, duplicative/erroneous orders, manipulation, Reg SHO order marking, locate and pricing violations, etc.).
- Provide copies of internal reviews that focus on algorithms and/or related software governance and control during the period of January 2013 to present.
- Please describe any instances in which the Firm had a malfunction with an algorithm or trading engine which had a material financial impact to the Firm or any instances in which the algorithm’s malfunction caused a market disruption
For further information about this securities law blog post, please contact Brenda Hamilton, Securities Attorney at 101 Plaza Real S, Suite 202 N, Boca Raton, Florida, (561) 416-8956, by email at [email protected] or visit www.securitieslawyer101.com. This securities law blog post is provided as a general informational service to clients and friends of Hamilton & Associates Law Group and should not be construed as, and does not constitute, legal and compliance advice on any specific matter, nor does this message create an attorney-client relationship. Please note that the prior results discussed herein do not guarantee similar outcomes.
Hamilton & Associates | Securities Lawyers
Brenda Hamilton, Securities Attorney
101 Plaza Real South, Suite 202 North
Boca Raton, Florida 33432
Telephone: (561) 416-8956
Facsimile: (561) 416-2855
www.SecuritiesLawyer101.com