View PDF

The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.

How Do Broker-Dealers/Futures Commission Merchants Control the Risks of High Speed
Trading?

Carol Clark and Rajeev Ranjan*

June 2012

*The opinions expressed in this paper are those of the authors and not necessarily those of the
Federal Reserve Bank of Chicago or the Federal Reserve System. The authors gratefully
acknowledge the significant contributions and guidance of John McPartland and Richard
Heckinger.
1

Table of Contents
Background ..................................................................................................................................... 3
Firm Profiles ................................................................................................................................... 4
On-boarding New Customers ......................................................................................................... 5
Organizational Structure of Risk Management............................................................................... 5
Risk Platforms ................................................................................................................................. 6
Types of Pre Trade Risk Checks Performed ................................................................................... 8
Post Trade Risk Controls ................................................................................................................ 9
Audits of Customers That Access the Markets Directly................................................................. 9
Error Trades/Out of Control Algorithms ...................................................................................... 10
Kill Button .................................................................................................................................... 11
Cancel on Disconnect ................................................................................................................... 12
SEC Rule 15c3-5........................................................................................................................... 12
Best practices ................................................................................................................................ 13
Key challenges in managing risk .................................................................................................. 13
Other concerns .............................................................................................................................. 14
How do B-D/FCMs envision HST trading evolving over the next few years? ............................ 15
Do B/D-FCMs think that the markets have reached a saturation point for marginal returns for
HFT trading? ................................................................................................................................. 15
What keeps B-D/FCMs awake at night? ....................................................................................... 15
If B-D/FCMs had the power and ability to change anything for the betterment of the markets,
what would they do? ..................................................................................................................... 16
What are B-D/FCMs’ concerns from a regulatory perspective? .................................................. 17
Conclusion .................................................................................................................................... 17

2

Background
Over the past decade, a confluence of market, regulatory and technological events has radically
changed the microstructure of many exchange traded markets. The decimalization of U.S.
equity and equity options markets has resulted in smaller tick sizes, increased trading volumes,
and an explosion of market data information, which has challenged the data assimilation
capabilities of human traders. At the same time, market liquidity has been fragmented among
various equity trading venues. 1 These changes, combined with technological advances in
communications and digital computing, have expedited the migration from floor-based to
electronic (point-and-click) to high speed trading (HST) where computers programmed by
humans make trading decisions. So called black boxes are capable of reacting to market data,
transmitting thousands of order messages per second, cancelling and replacing orders based on
changing market conditions, and capturing price discrepancies with little or no human
intervention. 2
In a floor based trading environment, customers of broker dealers (B-D) and Futures
Commission Merchants (FCMs) convey their orders to the B-D/FCM via telephone or other
electronic means and B-D/FCMs execute these orders on the trading floor. Customers of BD/FCMs include companies, like airlines (that may want to lock in a future price for oil or hedge
other business exposures), private equity firms, pension funds, mutual funds, retail customers,
etc. As the migration from floor trading to point-and-click trading progressed, some B-D/FCMs
began to offer their trading platforms, which were either developed in house (proprietary) or
purchased from a vendor, to their customers. Doing so provided customers with more direct
access to markets, and quicker execution capabilities.
Over time, some customers found the legacy point-and-click trading systems provided by BD/FCMs were not keeping pace with some of the current technological advances and began to
seek alternative solutions. In response, some trading venues and B-D/FCMs began to allow
certain customers to access their markets directly (send their orders directly to the trading venue
without using the B-D/FCM’s trading system) using proprietary trading platforms the customer
developed and/or vendor provided trading platforms the B-D/FCMs approved.
B-D/FCMs and their customers found other ways to decrease latency (the time it takes to send an
order to a trading venue and for a trading venue to acknowledge the order) in order to increase
their chances of getting their orders executed first. One way customers reduce latency is by
placing (co-locating) their servers as near as possible to the trading venue’s matching engine(s).
Over the past several years, reports have circulated that some B-D/FCMs may not have been
properly controlling the risks associated with their customers’ accessing the markets directly. In
particular, concerns were raised that some B-D/FCMs were allowing their customers to send
their trades to a trading venue without establishing adequate pre trade limits on their trading
platforms (naked access) thereby exposing the B-D/FCMs to financial risk.

3

To ensure that B-D/FCMs are appropriately managing the risks of their customers that access the
markets directly, the SEC implemented Rule 15c3-5 in July 2011, which among other things,
requires B-Ds to maintain a system of controls and supervisory procedures reasonably designed
to limit the financial exposures arising from customers that access the markets directly. The
CFTC also issued a notice of proposed rulemaking in August 2011to bolster risk management at
the FCM level.
Broadly speaking, regulatory and industry attention on high frequency trading has produced
recommendations and best practices related to how pre and post trade risk controls 3 at one or
more levels of the trade life cycle – from trade execution to trade settlement - may be improved
for firms that access the markets directly. Staff from the Federal Reserve Bank of Chicago’s
Financial Markets Group used these recommendations 4 as a baseline to elicit information on the
controls that are currently in place at each level of the trade life cycle to manage the risks of
HST. We define HST as high frequency, automated, and algorithmic trading, since firms
engaging in these styles of trading can potentially send thousands of orders to a trading venue
within a second(s). It is also important to note that it is difficult to quantify the precise number
of orders that would designate a firm as being engaged in HST. As an obvious example, an
algorithmic trader could execute 100 trades over the course of a day, which would not be
considered HST.
Over thirty interviews were conducted with primarily U.S. domiciled technology vendors,
proprietary trading firms, B-Ds and FCMs, and clearing houses. Non-U.S. entities interviewed
include one exchange, one clearing house and one foreign B-D. This article summarizes what
was learned during conversations with five firms that are B-Ds and/or FCMs. The interviews
focused on risk controls and other topics of interest or concern to these firms.

Firm Profiles
The B-D/FCMs interviewed clear products traded in one or more of the following regions:
North America, Europe, Middle-East and/or Asia. The majority of these firms clear multiple
markets such as equities, futures, options, foreign exchange, spot, over the counter (OTC),
mutual funds, etc. Four of the five B-D/FCMs interviewed have customers that access the
markets directly. The fifth B-D/FCM chose to be interviewed in order to express its concerns
about such access.
In addition to providing clearing services, three of the five B-D/FCMs interviewed are market
makers and/or conduct proprietary trading in multiple markets such as futures, options, equities,
FX, and/or OTC. One of these three only executes proprietary trades to hedge against
customer’s positions in the OTC markets.

4

On-boarding New Customers
When a trading firm seeks the services of a B-D/FCM to clear its trades, the B-D/FCMs
interviewed conduct a comprehensive review to assess one or more of the following:
•
•
•
•
•

Credit risk
Market risk
Counterparty risk
Portfolio risk
Regulatory risk

Based on these assessments, the B-D/FCM sets margin requirements for the trading firm.
B-D/FCMs may subject customers desiring to access the markets directly to additional
requirements. These may include one or more of the following:
•

•
•
•
•

•

Requiring them to:
o Submit a qualitative paper that describes how they address risk
o Demonstrate their risk controls, and submit screenshots showing the risk platform
in operation
o Submit additional deposit money. For example, one B-D/FCM requires
additional deposit money from customers that adopt new trading strategies that
may have potential to increase financial risk, like mass quoting in options
Assessing customers’ technical capabilities and market knowledge
Monitoring physical and logical connection(s) to each trading venue(s)
Ensuring that the pre trade limits are applied on the customers and/or vendors’ risk
platform
Ensuring the B-D/FCM is able to remotely access and control the customer’s risk
management platform to:
o view and/or modify risk limits and working orders
o cut off trading for any given trader
Requiring customers to undergo one or more of the above procedures again before
granting access to a new trading venue(s)/product(s).

One B-D/FCM with multiple offices globally has standardized procedures for granting customers
direct access to markets.

Organizational Structure of Risk Management
The B-D/FCMs interviewed employ a variety of organizational models to manage risk. Two
firms interviewed have a hierarchical risk management structure where various risk staff report
to a single risk manager who reports to the CEO/COO. Two firms have a decentralized risk
management structure where there is no single risk manager, but various departments/divisions
5

assess and monitor risk each day. One B-D/FCM has a hybrid decentralized approach where all
staff including senior management is accountable for monitoring risk but there is no single risk
manager.
Only one firm interviewed has a formalized training process for risk management and written
procedures and documentation are stored and available on this firm’s internal website. Risk
management and trading staff at this firm receive risk management training on a quarterly basis,
which includes core compliance with FINRA guidelines.

Risk Platforms
To manage customer positions and exposures, B-D/FCMs purchase risk platforms from a
vendor(s) or build their own proprietary risk platform(s). Two of the B-D/FCMs interviewed use
proprietary risk platforms. One of these two allows its customers to access the markets directly
and uses the following parameters to track risk: overall book size including quantity, value, and
skews; overall exposure in the market including working orders; and credit limits. The other BD/FCM does not allow its customers to access the markets directly and calculates risk in near
real time (based on price change) by comparing the net liquidation value of each customer’s
portfolio to the customer’s margin deposit and rejecting any order that would place a customer’s
margin account in deficit. If a limit is breached, the software automatically sends an order to
liquidate the customers’ positions. This order is placed on hold for a short time, which provides
risk staff the ability to review and stop the automatic liquidation if necessary.
The other three B-D/FCMs interviewed purchased risk platforms from a vendor(s). One of these
three clears a majority of products in the equities and options markets. This B-D/FCM primarily
uses its risk platform to conduct compliance checks for various regulations (e.g. wash trades,
maximum position per symbol, concentration limits, short sales, etc) although a few other types
of pre trade risk checks are also performed. Because this firm has found that the efficiency of
vendor provided risk management software it uses degrades as more customers are added, it is in
the process of building its own proprietary system.
Risk platforms utilize model(s), such as VAR, SPAN, TIMS, or proprietary algorithms that
conduct stress and/or scenario-based tests to estimate risk exposures. Data that feed these
platforms and models are provided by third party vendors and/or by trading venues in near real
time or in batch form. B-D/FCMs make decisions on whether they will subscribe to real time or
batch information, which may include drop copy, fills and other information, based on data
availability and cost. 5 B-D/FCMs may independently validate data for accuracy.
The rate at which the risk platforms of the B-D/FCMs interviewed are able to calculate
exposures varies from near real time (microseconds) to minutes, based on the data sources and/or
the risk models. One B-D/FCM chose a cost effective vendor-provided risk platform; however,
this platform cannot automatically process real time drop copies from trading venues, requires
6

manual intervention to refresh the data feed (which is provided in batches), and takes 5-6
minutes to calculate exposures.
FMG staff also noted that some B/D-FCMs interviewed have operations in multiple locations
and not all risk platforms are able to calculate enterprise wide exposures.
Finally, issues may arise for B-D/FCMs that trade in multiple markets globally when there is a
U.S. holiday and no corresponding holiday in foreign markets. Rather than remaining closed as
was the case in floor-based trading, many U.S. trading venues are open for some duration of time
on U.S. holidays. For example, electronic trading may begin Sunday night prior to Memorial
Day and close sometime Monday morning. However, some B-D/FCM’s risk systems do not
process trades in U.S. markets until Tuesday. This may be related to the fact that while some
U.S. trading venues are open on U.S. holidays, clearing houses and settlement banks are closed.
The end result is that some B-D/FCMs are unable to see their U.S. trading exposures on Monday.
Instead, they download matched trade information on Tuesday morning that includes Friday’s as
well as Monday’s trades.

Pre Trade Risk Checks
In terms of risk checks, prudent business practices and regulatory requirements motivate BD/FCMs to ensure pre trade risk checks are applied to customer orders before they are sent to a
trading venue. These pre trade risk checks may be performed at one or more of the following
three levels:
1. Trading venue level
o Some trading venues subject every order to mandatory pre trade risk checks,
which adds minimum latency equitably for all market participants.
o Some trading venues provide functionality to B-D/FCMs, which enable them to
set pre-trade risk limits for their customers. Depending on the trading venue, use
of this functionality may be mandatory or optional.
 Based on their assessment of risk, some B-D/FCMs may set fewer pre
trade risk limits for some customers. This may result in faster order
submissions for some customers than for others.
o Some trading venues also provide functionality to a customer that enables them to
set pre trade risk limits below the levels set by their B-D/FCMs.
2. B-D/FCM level
Apart from setting pre trade limits using functionality provided at the trading venue level
(where it is offered), B-D/FCMs may also set additional risk limits in one of three ways:
o By introducing pre trade risk limits on their servers and requiring customers with
proprietary/vendor provided trading systems to connect to that server.

7

o By remotely accessing the customers’ proprietary trading system and
reviewing/modifying/setting pre trade limits on that system.
o By using functionality on vendor provided software that enables B-D/FCM to set
pre trade limits for their customers that access the markets directly
The number of pre trade risk limits applied by B-D/FCMs and the time it takes for these risk
limits to be performed, varies by B-D/FCM. One way competition among B-D/FCMs may
arise is by building or buying systems that are capable of conducting pre trade risk checks as
quickly as possible. Having the capability to conduct fast pre trade risk checks may attract
and retain latency sensitive customers.
3. Customer level
Customers using proprietary trading systems typically set risk limits on their own internal
risk platforms.

Types of Pre Trade Risk Checks Performed
The B-D/FCMs interviewed require orders to be subject to the following pre trade risk checks:
•
•
•
•
•
•
•

Each requires order size limits
Three require intraday position limits
Three require credit limits
Some require P&L limits
One requires limits for maximum long/short positions
B-Ds conduct mandatory regulatory pre trade risk checks (e.g. to detect wash trades, to
comply with Regulation SHO, etc.)
The B-D/FCM that does not allow its customers to access the markets directly requires
limits on the number of orders per second that can be sent to a trading venue

Depending on the customer, B-D/FCMs may:
•
•

Set limits by asset class, contract, trading venue, overall firm, etc.
Review limits intraday, 2-4 times a month, monthly, or quarterly

Limits may be modified for various reasons such as:
•
•
•
•

The condition and volatility of the markets
When new market(s)/trader(s) are added
During times of substantial financial exposure, or
Following a HST customer request and analysis of the reasonableness of that request

When a risk limit is breached, one or more of the following occur(s) depending on the nature and
severity of the breach;
8

•
•

•

The risk platform automatically sends e-mails and alerts to risk staff
B-D/FCM staff responds to these alerts, monitors the customer more closely, analyzes
the nature and magnitude of the breach, and may call the customer to obtain more
information
The risk platform may automatically stop the customer from trading or B-D/FCM staff
manually shut down trading.

One B-D/FCM stressed the importance of human interaction, to determine the cause of the
breach, during such scenarios.

Post Trade Risk Controls
Once orders have been sent to a trading venue, B-D/FCMs may receive post trade information on
current and previous days’ orders from one or more of the following:
•
•
•
•

trading venues (if they provide drop copy)
vendors
customers
clearing houses

B-D/FCMs may compare the post trade data from various sources at the end of the day to
identify discrepancies in customer positions. If any are detected, B-D/FCMs contact the
customer(s).
One B-D/FCM said a trading venue had technical difficulties during the May 6, 2010, Flash
Crash 6 and was unable to report positions to B-D/FCMs. As a result, B-D/FCMs were unable to
calculate customer exposures.

Audits of Customers That Access the Markets Directly
B-D/FCMs were asked if they audit their customers that access the markets directly. Most BD/FCMs do not have formalized audit procedures; however, some:
•
•

Check physical and logical connections to trading venues
Verify that customers with proprietary systems have risk limits in place. This may be
done by:
o Requiring customers to submit screen shots of messages sent to trading venues
that displays whether risk controls were binding at the time messages were sent
and/or
o Using virtual private network (VPN) services to remotely access customers’ risk
platforms to ensure risk controls are in place

9

Depending on the B-D/FCM, these procedures may be conducted monthly, quarterly, or
annually.

Error Trades/Out of Control Algorithms
Sometimes, algorithms deployed by high speed trading firms that access the markets directly
may go awry due to corrupt data, programming errors, hardware failures, network issues, or any
number of other unforeseen circumstances. Some out-of-control algorithms and/or erroneous
orders may be detected and stopped by a trading firm’s risk controls. If the trading firm’s risk
controls do not halt the out of control algorithm, the next line of defense for stopping the order(s)
is the B-D/FCM’s risk controls. Should the out-of-control algorithm and/or erroneous trade
bypass the trading firm and B-D/FCM’s risk controls, risk controls at the trading venue level act
as the last line of defense to stop orders before they reach the matching engine. Nevertheless,
risk controls at trading venues vary and the parameters may be set so wide as to be ineffective in
stopping the erroneous order(s). In such circumstances, trading venues may have policies in
place for busting and/or adjusting clearly erroneous trades, but these policies also vary by trading
venue.
During the interviews, FMG staff inquired about the frequency and cause of any error trades and
out of control algorithms that the B-D/FCMs had experienced. One B-D/FCM said clearly
erroneous trades happen about 20 times per month on average. This B-D/FCM also said it
cleared billions of shares during the Flash Crash, but only 7 of these trades were clearly
erroneous. Another B-D/FCM mentioned that mini flash crashes have occurred before, but none
of them had as extensive volume as the Flash Crash.
Two of the four B-D/FCMs interviewed that allow their customers to access the markets directly
experienced out of control algorithms.
One of these two outlined the following occurrences:
•

•

In 2009, a trading venue did not send order acknowledgements to trading firms for almost
two minutes. During that timeframe, a customer’s black box sent 999,000 orders to the
trading venue. Trading venue staff caught the error, called the trading firm, and deleted
the orders at the customer’s request. To address this issue, the trading venue now
controls the number of messages that can be sent to its matching engine and does not
accept new messages from trading firms unless it has acknowledged all the old messages.
A second incident occurred in late 2010, when a customer tweaked old code and placed it
into production. An error in the modified code caused the customer to lose a substantial
amount of money in two minutes. The customers’ risk platform identified the problem,
but not until the firm traded 104 percent of its daily margin. The B-D/FCM said if the
customers’ risk platform did not identify the problem the risk tools at the trading venue
would have.
10

The other B-D/FCM experienced three out of control algorithms over a four year period as
follows:
•

•

•

A customer did not manually reset the message counter at the end of the trading day as
required by one trading venue. The following day, the trading venue’s system did not
acknowledge a portion of the customer’s current days’ trading activity. As a result, the
customer was a larger than intended liquidity provider on the second trading day, traded
30 million shares, lost $500,000 and ultimately shut down its equities trading desk.
A trading firm was in the process of selling itself to another trading firm in October 2008.
As part of a due diligence test, the buying trading firm requested the selling trading firm
to turn off its risk platform near the market close. However, the risk platform had been
blocking a problem in the trading system that had gone undetected up until that time.
When the risk system was shut down, the trading system bought $17-18 million in
securities during the 20 seconds before and 20 seconds after the market close. The
selling trading firm was unable to meet its margin requirements for these trades and was
suspended from trading. The B-D assumed the suspended firms’ positions on its books.
The trading architecture for one trading firm crashed, which resulted in the trading
platform not properly communicating with the risk platform. As a result, the trading
platform continued to send orders to the trading venue and the firm ended up buying $50
million in securities at the market close. The problem was immediately detected, but the
firm lost $50 million and was suspended from trading for 30 days.

Kill Button
Trading firms may experience sudden and unexpected events such as an algorithm going awry, a
substantially large number(s) of unintended orders being sent to a trading venue, or a large risk
exposure during volatile markets. During such scenarios, there is a need for a “kill button”
functionality that can be used in exigent circumstances to lessen exposure by stopping all trading
activity and cancelling orders in the order book. The kill button may be available at one or more
of the following levels:
•

•

•

Trading venues may offer manual “kill button” functionality to market participants. In
addition, some trading venues offer an automatic kill functionality, which is triggered
without human intervention.
B-D/FCMs may build or buy kill button functionality on their systems to have greater
control over customer orders. In some cases, B-D/FCMs also provide this functionality
to customers that access the market directly as a failsafe mechanism.
Trading firms may build or buy kill button functionality on their systems as well.

The majority of B-D/FCMs interviewed have kill button functionality on their systems and
exclusive control over that functionality. In addition, one B-D/FCM can turn off the power to
11

its customers’ servers (which are connected via the B-D/FCM’s network) during extreme
scenarios.
It is interesting to note that one B-D/FCM pointed out that one of the largest U.S. equities
trading venues does not offer kill button functionality to B-Ds. The only way market
participants can stop trading activity and cancel orders in the order book is by telephoning or
faxing this trading venue. This B-D/FCM also mentioned that a common API, offered by all
trading venues, to invoke kill functionality would be beneficial.

Cancel on Disconnect
Sometimes, connectivity between the trading platform and the trading venue server is lost. At
such times, trading firms may become uncertain about status of their orders that are still active in
the market. Some (but not all) trading venues alleviate this uncertainty by offering cancel on
disconnect functionality, which cancels all open orders in the order book when this connectivity
is lost.
Depending on their business and strategy, some trading firms may not choose to subscribe to
cancel on disconnect functionality at trading venues where it is offered. For example, some
market makers may not want their bids and offers to be automatically deleted from the order
book when connectivity is lost. Other high speed trading firms may find subscribing to cancel
on disconnect where it is offered to be a prudent business practice.
When asked whether B-D/FCMs require their customers that access the markets directly to
subscribe to cancel on disconnect where it is offered, B-D/FCMs responded that they do not.
However, most B-D/FCMs mentioned that the majority of trading firms that access the markets
directly do subscribe to the service.

SEC Rule 15c3-5
All of the interviews with B-Ds occurred subsequent to the announcement of SEC Rule 15c3-5,
but prior to its implementation. When asked how the SEC Rule 15c3-5 might affect their
business, one B-D mentioned that prior to the announcement of the rule it had lost customers to
other B-Ds that allowed naked or “light access” (fewer pre trade risk controls). Two other B-Ds
said the new rule has had no impact.
B-D/FCMs also expressed the following opinions regarding SEC Rule 15c3-5:
•

•

There was a lack of clarity with the language of the new rule and the deadline for
implementation was difficult to meet, especially for firms that clear multiple asset
classes.
The timeline for the rule’s implementation could have inhibited some firms from getting
their risk systems right, which could cost them business.
12

•

•

Trading venues actively promoted the proliferation of naked access by failing to
adequately separate their regulatory and marketing/sales powers after converting from
member owned organizations to for profit, stockholder owned, and publicly traded
entities. Trading venues should be required to disclose their revenue model by customer
base before and after demutualization and show where they went to solicit order flow.
Such an exercise would reveal whether trading venues actively targeted their high volume
customers and offered them direct access.
After the new rule prohibiting naked access was announced, one B-D saw an increase in
new customers that previously had naked access through another B-D. Because Rule
15c3-5 subjects all customers to some type of pre trade risk controls regardless of the BD they choose, some customers are seeking other types of benefits from their clearing
relationships such as connectivity to multiple trading venues globally as well as
international clearing and settlement services.

Best practices
The interviews revealed a number of risk management procedures that were either used by BD/FCMs or that were lacking and might be considered a best practice. These include:
•
•
•
•
•
•

Maintain exclusive control of the hardware. Doing so will enable B-D/FCMs to cut off
trading for any trader or trading firm.
Collect trade data in a central repository to calculate intraday exposures and to aid near
real time risk management.
Require customers that access the markets directly to supply information on filled trades,
if the trading venue does not provide this information to B-D/FCMs.
Reconcile fill information from customers that access the markets directly to drop copy
from trading venues in order to identify outlier information.
Add risk scenarios to risk models that track various standard deviation moves like those
experienced during the Flash Crash.
Ensure risk platforms include customers’ previous days open positions.

Key challenges in managing risk
When asked their key challenges in managing risk, B-D/FCMs suggested trading venues adopt
the following best practices:
•
•
•

Trading venues should have consistent standards for amending, busting, or cancelling
trades.
Pre trade risk controls should be consistently applied across trading venues.
Every trading venue should require trading firms that accesses the market(s) directly to
pass a conformance test.
13

•

•
•
•

Trading venues should have a high level understanding of the type of trading strategies
trading firms will utilize (statistical arbitrage, liquidity provision, etc.) before allowing
them to access the markets directly.
Every trading venue should offer drop copy.
Formats for drop copy should be consistent across trading venues
The cost of obtaining drop copies should not be prohibitively high.

Other concerns
During the interviews, B-D/FCMs mentioned a number of other concerns, including:
•

•

•

•
•
•

•

•
•

•
•

A trading venue had system problems in 2008, and was unable to send post trade
information to firms. As a result, one B-D/FCM and its customers were unable to
calculate positions and exposures until the following day, at which time the B-D/FCM
discovered one of its customers was bankrupt.
Tensions may arise with regard to how B-D/FCMs adjust customer risk limits to offset
the impact of trading venues’ matching algorithms. 7 One B-D/FCM provides its
customers larger order size limits for products where order matching is based on pro rata
algorithms in order to increase the customers’ chances of being filled.
B-D/FCMs should ensure their customers have adequate collateral for their orders.
However, B-D/FCMs may not monitor large mutual funds as closely as hedge funds in
this regard. For example, one B-D/FCM said if a large mutual fund calls up and wants to
trade $4 billion, some B-D/FCMs may not ask if it has adequate collateral/inventory to do
so.
New entrants to HST may not have adequate backgrounds in risk management.
Some large trading firms are able to muscle the markets because they have ownership
stakes in trading venues.
Regulators should require high frequency trading firms that are not B-Ds and have no
market making obligations to become market makers to ensure liquidity will be provided
during times of market stress.
There is a massive disconnect between regulations and risk. Thought should be given to
whether risk is being born by the right parties and who is in the best place to manage it.
Certain risk controls, like price banding, should reside at the trading venue level.
When there is a failure in the risk controls that trading venues offer to B-D/FCMs, BD/FCMs should not be held responsible for this failure.
Markets are so fragmented, 95 percent of retail orders flow from e-brokers are traded off
exchange and go through B-D internalizers. If regulators believe the retail flow is being
gamed, they should mandate that orders cannot be routed to B-D internalizers and must
be executed on a public exchange.
Some B-Ds have gotten out of the business because of regulatory burden.
The interconnectivity of the markets and events like the Flash Crash are of great concern.
14

How do B-D/FCMs envision HST trading evolving over the next few
years?
B-D/FCMs had a variety of viewpoints on how HST may evolve over the next few years. Some
feel that certain customers had a speed advantage in the past, but speed has now become
commoditized. As a result, many customers are revisiting their trading strategies and focusing
less on speed. Some B-Ds feel there is no alpha 8 in trading a stock directly. Rather, alpha can be
found in trading something that mimics the stock. These B-Ds noted HST will migrate to
synthetic products. Other B-D/FCMs thought innovation will arise from unique sources of data
that will lead to new trading opportunities.
Some B-Ds feel SEC Rule 15c3-5 will pose challenges and impact the industry and B-D
decisions to offer sponsored access. Moreover, over regulation will cause trading firms to move
to less regulated markets that are easy to access.

Do B/D-FCMs think that the markets have reached a saturation point for
marginal returns for HFT trading?
When asked if markets have reached a saturation point for marginal returns for HFT, FMG staff
noted that B-D/FCMs had differing opinions depending on the asset class as evidenced by the
responses below.
•

•

There will always be trading firms that find ways to make money. In the futures markets
for example, Eurodollar traders are now also trading metals and energy products. The
same core group of trading firms moves from market to market. However, there may be a
saturation point where HFT peaks. Alternatively, it may move into less liquid products.
U.S. equities markets are saturated. Spread capture and alpha capture are very small.
Market volumes in 2011, were lower than in 2010, and volumes in 2010, were lower than
in 2009.

What keeps B-D/FCMs awake at night?
When asked what issues keep them awake at night, B-D/FCMs expressed a wide range of
concerns, which included:
•

•

Some U.S. trading venues are open for business on U.S. holidays. However, some BD/FCMs risk systems are unable to calculate exposures resulting from trading on these
holidays.
Events like the May 6, 2010, Flash Crash keep some B-D/FCMs awake at night.
Nevertheless, interviewees felt HFT should not be demonized as regulation NMS and
decimalization were not the ideas of HFT firms. Moreover, HST firms acted rationally
during the Flash Crash and exited the markets.
15

•

•

•

Regulators do not understand the business or how to manage from a big picture point of
view. Instead of working together with market participants to make the industry better as
they did years ago, they just want to catch you doing something wrong. Regulators have
become fining machines instead of helping machines.
Regulators need to focus on the global picture. Doing so will decrease the need for firms
to build different systems for every region in which they do business to comply with
regulations. Multiple systems increase the cost of doing business.
Regulators may not have adequate resources to investigate unethical trading practices.

If B-D/FCMs had the power and ability to change anything for the
betterment of the markets, what would they do?
B-D/FCMs said they would implement the following changes for the betterment of the markets,
if they had the power and ability to do so:
•
•
•
•
•
•

•

•

•
•

Move OTC trading to electronic trading venues.
Require trading venues to provide price tolerance checks to market orders. If they are
unable to do so, eliminate market orders.
Require trading venues to provide risk information at a granular (account) level.
Connect all the dark pools and bring trading to 2-3 liquidity pools to reduce the risk of
flash crashes.
Focus on standardizing data across the board, including market, execution and clearing
data.
Prevent trading venues from engaging in tying activities, such as requiring market
participants to connect through a single communication network that is more expensive
than other networks.
Regulators should examine trading venues’ revenue models, which may now focus on
revenues from technology services such as charging for ports, co-location services, data,
etc.
Regulators should revisit the rules around short selling because B-D/FCMs may not have
complete information on their customers, like hedge funds. B-D/FCMs can only see a
customer’s total positions if all their business is with one prime broker. Buy-side
customers with multiple B-D relationships should bear the burden of complying with
short selling rules, since they know their overall positions better than their individual BDs.
Regulators should mandate a list of pre trade risk controls that B-Ds must have in order to
comply with the market access rule.
Move trading to trading venues with central counterparty (CCP) clearing. Nevertheless,
clearing trades through multiple CCPs increases counterparty risk.

16

What are B-D/FCMs’ concerns from a regulatory perspective?
•
•
•

Regulators are frequently staffed with people with no trading experience.
Some regulators have retail-based knowledge and lack an understanding of institutional
customers.
Rules should be clear to prevent regulatory arbitrage. If regulators are not prescriptive in
terms of what pre trade risk controls B-D/FCMs are required to have, trading firms will
migrate to B-D/FCMs with the least risk controls.

Conclusion
B-D/FCMs conduct comprehensive risk reviews during the on-boarding process for new
customers. Some B-D/FCMs may subject customers desiring to access the markets directly to
additional screening. However, most of the B-D/FCMs interviewed do not have formalized audit
procedures to periodically monitor customers that access the markets directly subsequent to the
on-boarding process.
B-D/FCMs also build or buy risk platforms to manage customer positions and exposures. BD/FCMs make decisions on whether to use real time or batch data to feed their risk models
depending on data availability and cost. The rate at which risk calculations are performed varies
from near real time to minutes, based on the data sources and risk models used.
Prudent business practices and regulatory requirements motivate B-D/FCMs to ensure pre trade
risk checks are applied to customer orders before they are sent to the matching engine. These pre
trade risk checks may be performed at one or more of the following three levels: customer, BD/FCM, and trading venue. Some B-D/FCMs may rely solely on mandatory pre-trade risk
checks performed by trading venues.
When risk limits are breached, staff at B-D/FCMs is alerted and depending on the nature and
severity of the breach, may take appropriate action. Staff at one B-D/FCM stressed the
importance of human interaction to assess the cause of the breach during such scenarios.
To better manage the risks, B-D/FCMs may want to consider a number of best practices such as:
o Establishing a training process for risk management
o Collecting trade data in a central repository and using the data to calculate intraday
exposures and to aid near real time risk management
o Maintaining exclusive control of hardware to cut off trading for any trader or trading firm
o Periodically monitoring customers that access the markets directly subsequent to the onboarding process.
o Reconciling fill information for customers that access the markets directly to drop copy
o Identifying at a high level when a customer engages in a new trading strategy that may
present significant risk, such as mass quoting in options
17

o Requiring HST customers to subscribe to cancel on disconnect functionality at the trading
venues where it is offered
o Ensuring risk platforms include customers’ previous days’ open positions
o Estimating the costs and benefits of including working orders in risk calculations
o Adding risk scenarios that track various standard deviation moves to risk models
o Having the capability to calculate enterprise wide exposures
B-D/FCMs mentioned a number of challenges and concerns, including:
•

The need for trading venues to:
o Have consistent standards for amending, busting, or cancelling trades
o Focus on standardizing data across the board, including market, execution and
clearing data
o Offer drop copy in consistent formats and at an affordable cost
o Offer a common API to invoke kill button functionality
o Consistently apply pre trade risk controls
o Understand the high level strategy of a trading firm before allowing it to access
the markets directly
o Require trading firms that access the markets directly to pass a conformance test
o Provide price tolerance checks to market orders or eliminate market orders

•

There is a role for regulators to:
o Ensure risk is being born by the party best able to manage it
o Refrain from over regulation that causes firms to move to less regulated markets
o Understand the business and work with market participants to make the industry
better
o Focus on the global picture
o Prevent trading venues from engaging in tying activities, such as requiring market
participants to connect through a particular communication network that is more
expensive than other networks
o Examine trading venues’ revenue models, which may now focus on revenues
from technology services such as charging for ports, co-location services, data,
etc.

In addition, FMG staff noted that regulators may want to consider:
•

Conducting periodic audits of the types of pre trade risk controls B-D/FCMs utilize, the
methodology for how these controls are applied, and the reasonableness of the limits set.
For example, giving equal order size limits in two different products with varying price
volatility like corn and oil will result in unequal exposures.

18

•

•

•

Mandating minimum standards for risk checks that B-D/FCMs are required to perform
For example, a pre trade risk control limiting the number of orders per second that can be
sent to a trading venue may help a B-D/FCM to detect out of control looping algorithms.
Evaluating the methodology B-D/FCMs use to raise customer order size limits to boost
the likelihood of customer orders being filled when trading venue’s use pro rata matching
algorithms. Determine whether other pre trade risk checks, like credit limits, offset these
increased order size limits.
Determining whether a B-D/FCM relies solely on mandatory pre-trade risk checks
performed by trading venues, which may be set wide and vary by trading venue. In such a
scenario, the B-D/FCM should be encouraged to build or buy its own pre trade risk
controls.

Despite the above recommendations and best practices, one B-D/FCM emphasized that even
with the best of efforts, something can always go wrong.

1

Trading venues include exchanges and alternative trading systems (ATS) like Electronic Communication Networks
(ECNs) and dark pools.
2
Black box trading strategies are 100 percent automated, pre-programmed, and traders cannot interact or modify the
algorithms.
3
Risk controls include the processes, procedures and systems a firm needs to prudently manage all the risks
resulting from its trading activities to ensure they are within the firms’ risk appetite. Risk checks scrutinize orders
against a particular limit(s) and are carried out as part of the broader risk control process.
4
See: FIA Asia (2007), “Profile of exchange and FCM risk management practices for direct access customers,”
December 3; OICU-IOSCO (2008), “An overview of the work of the IOSCO technical committee,” July; OICUIOSCO (2007), “Multi-jurisdictional information sharing for market oversight,” April; FIA (2009), Letter from
John Damgard to Greg Tanzer, IOSCO, May 26; FSA (2008), Market Watch, November, Issue no. 30, pp.10-13;
FIA-FOA (2009), Clearing Risk Study; OICU-IOSCO (2009), “Policies on direct electronic access,” February; FIA
(2010), “Market access risk management recommendations,” April; OICU-IOSCO (2010), “Principles for direct
electronic access to markets,” August; FIA (2010), “Recommendations for risk controls for trading firms,”
November; SEC (2010), “Risk management controls for brokers and dealers with market access,” Release No. 3463241; File No. S7-03-10, November; CFTC (2011), “Recommended practices for trading firms, B-D/FCMs and
exchanges involved in direct market access,” Pre-Trade Functionality Subcommittee of the CFTC Technology
Advisory Committee, March. See also “Software Development and Change Management Recommendations”
Futures Industry Association, Principal Traders Group and European Principal Traders Association, March, 2012;
“Market Access Risk Management Recommendations, Futures Industry Association, April, 2010; and
“Recommendations for Risk Controls for Trading Firms, Futures Industry Association’s Principal Traders Group,
November, 2010.
5
Depending on the trading venue, drop copy is a report for a particular trading session that includes trades
executions and one or more of the following: messages, working orders, and/or exception reports. Fills include
matched trade information only.
6
During the May 6, 2010 Flash Crash, many U.S. equity based products experienced an extraordinarily rapid
decline and recovery.
7
Trading venues use different order matching algorithms. First in first out (FIFO) algorithms match orders based on
a strict price and time priority. The matching sequence is based on time stamps assigned by the exchange. If there
are multiple orders at the same price, the order with the earliest time stamp will be matched first. Pro rata
algorithms match orders at the same price based on a variety of factors. For example, the matching sequence may
be based on time stamps assigned by the exchange and orders in the queue may receive a fill proportionate to its
size. Still other trading venues may combine FIFO and pro rata in their order matching algorithms.

19

8

ALPHA is a mathematical estimate of the amount of return expected from an investment’s inherent values, such as
the rate of growth in earnings per share. It is distinct from the amount of return caused by volatility, which is
measured by the BETA coefficient.

20


Federal Reserve Bank of St. Louis, One Federal Reserve Bank Plaza, St. Louis, MO 63102