The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
How Do Broker-Dealers/Futures Commission Merchants Control the Risks of High Speed Trading? Carol Clark and Rajeev Ranjan* June 2012 *The opinions expressed in this paper are those of the authors and not necessarily those of the Federal Reserve Bank of Chicago or the Federal Reserve System. The authors gratefully acknowledge the significant contributions and guidance of John McPartland and Richard Heckinger. 1 Table of Contents Background ..................................................................................................................................... 3 Firm Profiles ................................................................................................................................... 4 On-boarding New Customers ......................................................................................................... 5 Organizational Structure of Risk Management............................................................................... 5 Risk Platforms ................................................................................................................................. 6 Types of Pre Trade Risk Checks Performed ................................................................................... 8 Post Trade Risk Controls ................................................................................................................ 9 Audits of Customers That Access the Markets Directly................................................................. 9 Error Trades/Out of Control Algorithms ...................................................................................... 10 Kill Button .................................................................................................................................... 11 Cancel on Disconnect ................................................................................................................... 12 SEC Rule 15c3-5........................................................................................................................... 12 Best practices ................................................................................................................................ 13 Key challenges in managing risk .................................................................................................. 13 Other concerns .............................................................................................................................. 14 How do B-D/FCMs envision HST trading evolving over the next few years? ............................ 15 Do B/D-FCMs think that the markets have reached a saturation point for marginal returns for HFT trading? ................................................................................................................................. 15 What keeps B-D/FCMs awake at night? ....................................................................................... 15 If B-D/FCMs had the power and ability to change anything for the betterment of the markets, what would they do? ..................................................................................................................... 16 What are B-D/FCMs’ concerns from a regulatory perspective? .................................................. 17 Conclusion .................................................................................................................................... 17 2 Background Over the past decade, a confluence of market, regulatory and technological events has radically changed the microstructure of many exchange traded markets. The decimalization of U.S. equity and equity options markets has resulted in smaller tick sizes, increased trading volumes, and an explosion of market data information, which has challenged the data assimilation capabilities of human traders. At the same time, market liquidity has been fragmented among various equity trading venues. 1 These changes, combined with technological advances in communications and digital computing, have expedited the migration from floor-based to electronic (point-and-click) to high speed trading (HST) where computers programmed by humans make trading decisions. So called black boxes are capable of reacting to market data, transmitting thousands of order messages per second, cancelling and replacing orders based on changing market conditions, and capturing price discrepancies with little or no human intervention. 2 In a floor based trading environment, customers of broker dealers (B-D) and Futures Commission Merchants (FCMs) convey their orders to the B-D/FCM via telephone or other electronic means and B-D/FCMs execute these orders on the trading floor. Customers of BD/FCMs include companies, like airlines (that may want to lock in a future price for oil or hedge other business exposures), private equity firms, pension funds, mutual funds, retail customers, etc. As the migration from floor trading to point-and-click trading progressed, some B-D/FCMs began to offer their trading platforms, which were either developed in house (proprietary) or purchased from a vendor, to their customers. Doing so provided customers with more direct access to markets, and quicker execution capabilities. Over time, some customers found the legacy point-and-click trading systems provided by BD/FCMs were not keeping pace with some of the current technological advances and began to seek alternative solutions. In response, some trading venues and B-D/FCMs began to allow certain customers to access their markets directly (send their orders directly to the trading venue without using the B-D/FCM’s trading system) using proprietary trading platforms the customer developed and/or vendor provided trading platforms the B-D/FCMs approved. B-D/FCMs and their customers found other ways to decrease latency (the time it takes to send an order to a trading venue and for a trading venue to acknowledge the order) in order to increase their chances of getting their orders executed first. One way customers reduce latency is by placing (co-locating) their servers as near as possible to the trading venue’s matching engine(s). Over the past several years, reports have circulated that some B-D/FCMs may not have been properly controlling the risks associated with their customers’ accessing the markets directly. In particular, concerns were raised that some B-D/FCMs were allowing their customers to send their trades to a trading venue without establishing adequate pre trade limits on their trading platforms (naked access) thereby exposing the B-D/FCMs to financial risk. 3 To ensure that B-D/FCMs are appropriately managing the risks of their customers that access the markets directly, the SEC implemented Rule 15c3-5 in July 2011, which among other things, requires B-Ds to maintain a system of controls and supervisory procedures reasonably designed to limit the financial exposures arising from customers that access the markets directly. The CFTC also issued a notice of proposed rulemaking in August 2011to bolster risk management at the FCM level. Broadly speaking, regulatory and industry attention on high frequency trading has produced recommendations and best practices related to how pre and post trade risk controls 3 at one or more levels of the trade life cycle – from trade execution to trade settlement - may be improved for firms that access the markets directly. Staff from the Federal Reserve Bank of Chicago’s Financial Markets Group used these recommendations 4 as a baseline to elicit information on the controls that are currently in place at each level of the trade life cycle to manage the risks of HST. We define HST as high frequency, automated, and algorithmic trading, since firms engaging in these styles of trading can potentially send thousands of orders to a trading venue within a second(s). It is also important to note that it is difficult to quantify the precise number of orders that would designate a firm as being engaged in HST. As an obvious example, an algorithmic trader could execute 100 trades over the course of a day, which would not be considered HST. Over thirty interviews were conducted with primarily U.S. domiciled technology vendors, proprietary trading firms, B-Ds and FCMs, and clearing houses. Non-U.S. entities interviewed include one exchange, one clearing house and one foreign B-D. This article summarizes what was learned during conversations with five firms that are B-Ds and/or FCMs. The interviews focused on risk controls and other topics of interest or concern to these firms. Firm Profiles The B-D/FCMs interviewed clear products traded in one or more of the following regions: North America, Europe, Middle-East and/or Asia. The majority of these firms clear multiple markets such as equities, futures, options, foreign exchange, spot, over the counter (OTC), mutual funds, etc. Four of the five B-D/FCMs interviewed have customers that access the markets directly. The fifth B-D/FCM chose to be interviewed in order to express its concerns about such access. In addition to providing clearing services, three of the five B-D/FCMs interviewed are market makers and/or conduct proprietary trading in multiple markets such as futures, options, equities, FX, and/or OTC. One of these three only executes proprietary trades to hedge against customer’s positions in the OTC markets. 4 On-boarding New Customers When a trading firm seeks the services of a B-D/FCM to clear its trades, the B-D/FCMs interviewed conduct a comprehensive review to assess one or more of the following: • • • • • Credit risk Market risk Counterparty risk Portfolio risk Regulatory risk Based on these assessments, the B-D/FCM sets margin requirements for the trading firm. B-D/FCMs may subject customers desiring to access the markets directly to additional requirements. These may include one or more of the following: • • • • • • Requiring them to: o Submit a qualitative paper that describes how they address risk o Demonstrate their risk controls, and submit screenshots showing the risk platform in operation o Submit additional deposit money. For example, one B-D/FCM requires additional deposit money from customers that adopt new trading strategies that may have potential to increase financial risk, like mass quoting in options Assessing customers’ technical capabilities and market knowledge Monitoring physical and logical connection(s) to each trading venue(s) Ensuring that the pre trade limits are applied on the customers and/or vendors’ risk platform Ensuring the B-D/FCM is able to remotely access and control the customer’s risk management platform to: o view and/or modify risk limits and working orders o cut off trading for any given trader Requiring customers to undergo one or more of the above procedures again before granting access to a new trading venue(s)/product(s). One B-D/FCM with multiple offices globally has standardized procedures for granting customers direct access to markets. Organizational Structure of Risk Management The B-D/FCMs interviewed employ a variety of organizational models to manage risk. Two firms interviewed have a hierarchical risk management structure where various risk staff report to a single risk manager who reports to the CEO/COO. Two firms have a decentralized risk management structure where there is no single risk manager, but various departments/divisions 5 assess and monitor risk each day. One B-D/FCM has a hybrid decentralized approach where all staff including senior management is accountable for monitoring risk but there is no single risk manager. Only one firm interviewed has a formalized training process for risk management and written procedures and documentation are stored and available on this firm’s internal website. Risk management and trading staff at this firm receive risk management training on a quarterly basis, which includes core compliance with FINRA guidelines. Risk Platforms To manage customer positions and exposures, B-D/FCMs purchase risk platforms from a vendor(s) or build their own proprietary risk platform(s). Two of the B-D/FCMs interviewed use proprietary risk platforms. One of these two allows its customers to access the markets directly and uses the following parameters to track risk: overall book size including quantity, value, and skews; overall exposure in the market including working orders; and credit limits. The other BD/FCM does not allow its customers to access the markets directly and calculates risk in near real time (based on price change) by comparing the net liquidation value of each customer’s portfolio to the customer’s margin deposit and rejecting any order that would place a customer’s margin account in deficit. If a limit is breached, the software automatically sends an order to liquidate the customers’ positions. This order is placed on hold for a short time, which provides risk staff the ability to review and stop the automatic liquidation if necessary. The other three B-D/FCMs interviewed purchased risk platforms from a vendor(s). One of these three clears a majority of products in the equities and options markets. This B-D/FCM primarily uses its risk platform to conduct compliance checks for various regulations (e.g. wash trades, maximum position per symbol, concentration limits, short sales, etc) although a few other types of pre trade risk checks are also performed. Because this firm has found that the efficiency of vendor provided risk management software it uses degrades as more customers are added, it is in the process of building its own proprietary system. Risk platforms utilize model(s), such as VAR, SPAN, TIMS, or proprietary algorithms that conduct stress and/or scenario-based tests to estimate risk exposures. Data that feed these platforms and models are provided by third party vendors and/or by trading venues in near real time or in batch form. B-D/FCMs make decisions on whether they will subscribe to real time or batch information, which may include drop copy, fills and other information, based on data availability and cost. 5 B-D/FCMs may independently validate data for accuracy. The rate at which the risk platforms of the B-D/FCMs interviewed are able to calculate exposures varies from near real time (microseconds) to minutes, based on the data sources and/or the risk models. One B-D/FCM chose a cost effective vendor-provided risk platform; however, this platform cannot automatically process real time drop copies from trading venues, requires 6 manual intervention to refresh the data feed (which is provided in batches), and takes 5-6 minutes to calculate exposures. FMG staff also noted that some B/D-FCMs interviewed have operations in multiple locations and not all risk platforms are able to calculate enterprise wide exposures. Finally, issues may arise for B-D/FCMs that trade in multiple markets globally when there is a U.S. holiday and no corresponding holiday in foreign markets. Rather than remaining closed as was the case in floor-based trading, many U.S. trading venues are open for some duration of time on U.S. holidays. For example, electronic trading may begin Sunday night prior to Memorial Day and close sometime Monday morning. However, some B-D/FCM’s risk systems do not process trades in U.S. markets until Tuesday. This may be related to the fact that while some U.S. trading venues are open on U.S. holidays, clearing houses and settlement banks are closed. The end result is that some B-D/FCMs are unable to see their U.S. trading exposures on Monday. Instead, they download matched trade information on Tuesday morning that includes Friday’s as well as Monday’s trades. Pre Trade Risk Checks In terms of risk checks, prudent business practices and regulatory requirements motivate BD/FCMs to ensure pre trade risk checks are applied to customer orders before they are sent to a trading venue. These pre trade risk checks may be performed at one or more of the following three levels: 1. Trading venue level o Some trading venues subject every order to mandatory pre trade risk checks, which adds minimum latency equitably for all market participants. o Some trading venues provide functionality to B-D/FCMs, which enable them to set pre-trade risk limits for their customers. Depending on the trading venue, use of this functionality may be mandatory or optional. Based on their assessment of risk, some B-D/FCMs may set fewer pre trade risk limits for some customers. This may result in faster order submissions for some customers than for others. o Some trading venues also provide functionality to a customer that enables them to set pre trade risk limits below the levels set by their B-D/FCMs. 2. B-D/FCM level Apart from setting pre trade limits using functionality provided at the trading venue level (where it is offered), B-D/FCMs may also set additional risk limits in one of three ways: o By introducing pre trade risk limits on their servers and requiring customers with proprietary/vendor provided trading systems to connect to that server. 7 o By remotely accessing the customers’ proprietary trading system and reviewing/modifying/setting pre trade limits on that system. o By using functionality on vendor provided software that enables B-D/FCM to set pre trade limits for their customers that access the markets directly The number of pre trade risk limits applied by B-D/FCMs and the time it takes for these risk limits to be performed, varies by B-D/FCM. One way competition among B-D/FCMs may arise is by building or buying systems that are capable of conducting pre trade risk checks as quickly as possible. Having the capability to conduct fast pre trade risk checks may attract and retain latency sensitive customers. 3. Customer level Customers using proprietary trading systems typically set risk limits on their own internal risk platforms. Types of Pre Trade Risk Checks Performed The B-D/FCMs interviewed require orders to be subject to the following pre trade risk checks: • • • • • • • Each requires order size limits Three require intraday position limits Three require credit limits Some require P&L limits One requires limits for maximum long/short positions B-Ds conduct mandatory regulatory pre trade risk checks (e.g. to detect wash trades, to comply with Regulation SHO, etc.) The B-D/FCM that does not allow its customers to access the markets directly requires limits on the number of orders per second that can be sent to a trading venue Depending on the customer, B-D/FCMs may: • • Set limits by asset class, contract, trading venue, overall firm, etc. Review limits intraday, 2-4 times a month, monthly, or quarterly Limits may be modified for various reasons such as: • • • • The condition and volatility of the markets When new market(s)/trader(s) are added During times of substantial financial exposure, or Following a HST customer request and analysis of the reasonableness of that request When a risk limit is breached, one or more of the following occur(s) depending on the nature and severity of the breach; 8 • • • The risk platform automatically sends e-mails and alerts to risk staff B-D/FCM staff responds to these alerts, monitors the customer more closely, analyzes the nature and magnitude of the breach, and may call the customer to obtain more information The risk platform may automatically stop the customer from trading or B-D/FCM staff manually shut down trading. One B-D/FCM stressed the importance of human interaction, to determine the cause of the breach, during such scenarios. Post Trade Risk Controls Once orders have been sent to a trading venue, B-D/FCMs may receive post trade information on current and previous days’ orders from one or more of the following: • • • • trading venues (if they provide drop copy) vendors customers clearing houses B-D/FCMs may compare the post trade data from various sources at the end of the day to identify discrepancies in customer positions. If any are detected, B-D/FCMs contact the customer(s). One B-D/FCM said a trading venue had technical difficulties during the May 6, 2010, Flash Crash 6 and was unable to report positions to B-D/FCMs. As a result, B-D/FCMs were unable to calculate customer exposures. Audits of Customers That Access the Markets Directly B-D/FCMs were asked if they audit their customers that access the markets directly. Most BD/FCMs do not have formalized audit procedures; however, some: • • Check physical and logical connections to trading venues Verify that customers with proprietary systems have risk limits in place. This may be done by: o Requiring customers to submit screen shots of messages sent to trading venues that displays whether risk controls were binding at the time messages were sent and/or o Using virtual private network (VPN) services to remotely access customers’ risk platforms to ensure risk controls are in place 9 Depending on the B-D/FCM, these procedures may be conducted monthly, quarterly, or annually. Error Trades/Out of Control Algorithms Sometimes, algorithms deployed by high speed trading firms that access the markets directly may go awry due to corrupt data, programming errors, hardware failures, network issues, or any number of other unforeseen circumstances. Some out-of-control algorithms and/or erroneous orders may be detected and stopped by a trading firm’s risk controls. If the trading firm’s risk controls do not halt the out of control algorithm, the next line of defense for stopping the order(s) is the B-D/FCM’s risk controls. Should the out-of-control algorithm and/or erroneous trade bypass the trading firm and B-D/FCM’s risk controls, risk controls at the trading venue level act as the last line of defense to stop orders before they reach the matching engine. Nevertheless, risk controls at trading venues vary and the parameters may be set so wide as to be ineffective in stopping the erroneous order(s). In such circumstances, trading venues may have policies in place for busting and/or adjusting clearly erroneous trades, but these policies also vary by trading venue. During the interviews, FMG staff inquired about the frequency and cause of any error trades and out of control algorithms that the B-D/FCMs had experienced. One B-D/FCM said clearly erroneous trades happen about 20 times per month on average. This B-D/FCM also said it cleared billions of shares during the Flash Crash, but only 7 of these trades were clearly erroneous. Another B-D/FCM mentioned that mini flash crashes have occurred before, but none of them had as extensive volume as the Flash Crash. Two of the four B-D/FCMs interviewed that allow their customers to access the markets directly experienced out of control algorithms. One of these two outlined the following occurrences: • • In 2009, a trading venue did not send order acknowledgements to trading firms for almost two minutes. During that timeframe, a customer’s black box sent 999,000 orders to the trading venue. Trading venue staff caught the error, called the trading firm, and deleted the orders at the customer’s request. To address this issue, the trading venue now controls the number of messages that can be sent to its matching engine and does not accept new messages from trading firms unless it has acknowledged all the old messages. A second incident occurred in late 2010, when a customer tweaked old code and placed it into production. An error in the modified code caused the customer to lose a substantial amount of money in two minutes. The customers’ risk platform identified the problem, but not until the firm traded 104 percent of its daily margin. The B-D/FCM said if the customers’ risk platform did not identify the problem the risk tools at the trading venue would have. 10 The other B-D/FCM experienced three out of control algorithms over a four year period as follows: • • • A customer did not manually reset the message counter at the end of the trading day as required by one trading venue. The following day, the trading venue’s system did not acknowledge a portion of the customer’s current days’ trading activity. As a result, the customer was a larger than intended liquidity provider on the second trading day, traded 30 million shares, lost $500,000 and ultimately shut down its equities trading desk. A trading firm was in the process of selling itself to another trading firm in October 2008. As part of a due diligence test, the buying trading firm requested the selling trading firm to turn off its risk platform near the market close. However, the risk platform had been blocking a problem in the trading system that had gone undetected up until that time. When the risk system was shut down, the trading system bought $17-18 million in securities during the 20 seconds before and 20 seconds after the market close. The selling trading firm was unable to meet its margin requirements for these trades and was suspended from trading. The B-D assumed the suspended firms’ positions on its books. The trading architecture for one trading firm crashed, which resulted in the trading platform not properly communicating with the risk platform. As a result, the trading platform continued to send orders to the trading venue and the firm ended up buying $50 million in securities at the market close. The problem was immediately detected, but the firm lost $50 million and was suspended from trading for 30 days. Kill Button Trading firms may experience sudden and unexpected events such as an algorithm going awry, a substantially large number(s) of unintended orders being sent to a trading venue, or a large risk exposure during volatile markets. During such scenarios, there is a need for a “kill button” functionality that can be used in exigent circumstances to lessen exposure by stopping all trading activity and cancelling orders in the order book. The kill button may be available at one or more of the following levels: • • • Trading venues may offer manual “kill button” functionality to market participants. In addition, some trading venues offer an automatic kill functionality, which is triggered without human intervention. B-D/FCMs may build or buy kill button functionality on their systems to have greater control over customer orders. In some cases, B-D/FCMs also provide this functionality to customers that access the market directly as a failsafe mechanism. Trading firms may build or buy kill button functionality on their systems as well. The majority of B-D/FCMs interviewed have kill button functionality on their systems and exclusive control over that functionality. In addition, one B-D/FCM can turn off the power to 11 its customers’ servers (which are connected via the B-D/FCM’s network) during extreme scenarios. It is interesting to note that one B-D/FCM pointed out that one of the largest U.S. equities trading venues does not offer kill button functionality to B-Ds. The only way market participants can stop trading activity and cancel orders in the order book is by telephoning or faxing this trading venue. This B-D/FCM also mentioned that a common API, offered by all trading venues, to invoke kill functionality would be beneficial. Cancel on Disconnect Sometimes, connectivity between the trading platform and the trading venue server is lost. At such times, trading firms may become uncertain about status of their orders that are still active in the market. Some (but not all) trading venues alleviate this uncertainty by offering cancel on disconnect functionality, which cancels all open orders in the order book when this connectivity is lost. Depending on their business and strategy, some trading firms may not choose to subscribe to cancel on disconnect functionality at trading venues where it is offered. For example, some market makers may not want their bids and offers to be automatically deleted from the order book when connectivity is lost. Other high speed trading firms may find subscribing to cancel on disconnect where it is offered to be a prudent business practice. When asked whether B-D/FCMs require their customers that access the markets directly to subscribe to cancel on disconnect where it is offered, B-D/FCMs responded that they do not. However, most B-D/FCMs mentioned that the majority of trading firms that access the markets directly do subscribe to the service. SEC Rule 15c3-5 All of the interviews with B-Ds occurred subsequent to the announcement of SEC Rule 15c3-5, but prior to its implementation. When asked how the SEC Rule 15c3-5 might affect their business, one B-D mentioned that prior to the announcement of the rule it had lost customers to other B-Ds that allowed naked or “light access” (fewer pre trade risk controls). Two other B-Ds said the new rule has had no impact. B-D/FCMs also expressed the following opinions regarding SEC Rule 15c3-5: • • There was a lack of clarity with the language of the new rule and the deadline for implementation was difficult to meet, especially for firms that clear multiple asset classes. The timeline for the rule’s implementation could have inhibited some firms from getting their risk systems right, which could cost them business. 12 • • Trading venues actively promoted the proliferation of naked access by failing to adequately separate their regulatory and marketing/sales powers after converting from member owned organizations to for profit, stockholder owned, and publicly traded entities. Trading venues should be required to disclose their revenue model by customer base before and after demutualization and show where they went to solicit order flow. Such an exercise would reveal whether trading venues actively targeted their high volume customers and offered them direct access. After the new rule prohibiting naked access was announced, one B-D saw an increase in new customers that previously had naked access through another B-D. Because Rule 15c3-5 subjects all customers to some type of pre trade risk controls regardless of the BD they choose, some customers are seeking other types of benefits from their clearing relationships such as connectivity to multiple trading venues globally as well as international clearing and settlement services. Best practices The interviews revealed a number of risk management procedures that were either used by BD/FCMs or that were lacking and might be considered a best practice. These include: • • • • • • Maintain exclusive control of the hardware. Doing so will enable B-D/FCMs to cut off trading for any trader or trading firm. Collect trade data in a central repository to calculate intraday exposures and to aid near real time risk management. Require customers that access the markets directly to supply information on filled trades, if the trading venue does not provide this information to B-D/FCMs. Reconcile fill information from customers that access the markets directly to drop copy from trading venues in order to identify outlier information. Add risk scenarios to risk models that track various standard deviation moves like those experienced during the Flash Crash. Ensure risk platforms include customers’ previous days open positions. Key challenges in managing risk When asked their key challenges in managing risk, B-D/FCMs suggested trading venues adopt the following best practices: • • • Trading venues should have consistent standards for amending, busting, or cancelling trades. Pre trade risk controls should be consistently applied across trading venues. Every trading venue should require trading firms that accesses the market(s) directly to pass a conformance test. 13 • • • • Trading venues should have a high level understanding of the type of trading strategies trading firms will utilize (statistical arbitrage, liquidity provision, etc.) before allowing them to access the markets directly. Every trading venue should offer drop copy. Formats for drop copy should be consistent across trading venues The cost of obtaining drop copies should not be prohibitively high. Other concerns During the interviews, B-D/FCMs mentioned a number of other concerns, including: • • • • • • • • • • • A trading venue had system problems in 2008, and was unable to send post trade information to firms. As a result, one B-D/FCM and its customers were unable to calculate positions and exposures until the following day, at which time the B-D/FCM discovered one of its customers was bankrupt. Tensions may arise with regard to how B-D/FCMs adjust customer risk limits to offset the impact of trading venues’ matching algorithms. 7 One B-D/FCM provides its customers larger order size limits for products where order matching is based on pro rata algorithms in order to increase the customers’ chances of being filled. B-D/FCMs should ensure their customers have adequate collateral for their orders. However, B-D/FCMs may not monitor large mutual funds as closely as hedge funds in this regard. For example, one B-D/FCM said if a large mutual fund calls up and wants to trade $4 billion, some B-D/FCMs may not ask if it has adequate collateral/inventory to do so. New entrants to HST may not have adequate backgrounds in risk management. Some large trading firms are able to muscle the markets because they have ownership stakes in trading venues. Regulators should require high frequency trading firms that are not B-Ds and have no market making obligations to become market makers to ensure liquidity will be provided during times of market stress. There is a massive disconnect between regulations and risk. Thought should be given to whether risk is being born by the right parties and who is in the best place to manage it. Certain risk controls, like price banding, should reside at the trading venue level. When there is a failure in the risk controls that trading venues offer to B-D/FCMs, BD/FCMs should not be held responsible for this failure. Markets are so fragmented, 95 percent of retail orders flow from e-brokers are traded off exchange and go through B-D internalizers. If regulators believe the retail flow is being gamed, they should mandate that orders cannot be routed to B-D internalizers and must be executed on a public exchange. Some B-Ds have gotten out of the business because of regulatory burden. The interconnectivity of the markets and events like the Flash Crash are of great concern. 14 How do B-D/FCMs envision HST trading evolving over the next few years? B-D/FCMs had a variety of viewpoints on how HST may evolve over the next few years. Some feel that certain customers had a speed advantage in the past, but speed has now become commoditized. As a result, many customers are revisiting their trading strategies and focusing less on speed. Some B-Ds feel there is no alpha 8 in trading a stock directly. Rather, alpha can be found in trading something that mimics the stock. These B-Ds noted HST will migrate to synthetic products. Other B-D/FCMs thought innovation will arise from unique sources of data that will lead to new trading opportunities. Some B-Ds feel SEC Rule 15c3-5 will pose challenges and impact the industry and B-D decisions to offer sponsored access. Moreover, over regulation will cause trading firms to move to less regulated markets that are easy to access. Do B/D-FCMs think that the markets have reached a saturation point for marginal returns for HFT trading? When asked if markets have reached a saturation point for marginal returns for HFT, FMG staff noted that B-D/FCMs had differing opinions depending on the asset class as evidenced by the responses below. • • There will always be trading firms that find ways to make money. In the futures markets for example, Eurodollar traders are now also trading metals and energy products. The same core group of trading firms moves from market to market. However, there may be a saturation point where HFT peaks. Alternatively, it may move into less liquid products. U.S. equities markets are saturated. Spread capture and alpha capture are very small. Market volumes in 2011, were lower than in 2010, and volumes in 2010, were lower than in 2009. What keeps B-D/FCMs awake at night? When asked what issues keep them awake at night, B-D/FCMs expressed a wide range of concerns, which included: • • Some U.S. trading venues are open for business on U.S. holidays. However, some BD/FCMs risk systems are unable to calculate exposures resulting from trading on these holidays. Events like the May 6, 2010, Flash Crash keep some B-D/FCMs awake at night. Nevertheless, interviewees felt HFT should not be demonized as regulation NMS and decimalization were not the ideas of HFT firms. Moreover, HST firms acted rationally during the Flash Crash and exited the markets. 15 • • • Regulators do not understand the business or how to manage from a big picture point of view. Instead of working together with market participants to make the industry better as they did years ago, they just want to catch you doing something wrong. Regulators have become fining machines instead of helping machines. Regulators need to focus on the global picture. Doing so will decrease the need for firms to build different systems for every region in which they do business to comply with regulations. Multiple systems increase the cost of doing business. Regulators may not have adequate resources to investigate unethical trading practices. If B-D/FCMs had the power and ability to change anything for the betterment of the markets, what would they do? B-D/FCMs said they would implement the following changes for the betterment of the markets, if they had the power and ability to do so: • • • • • • • • • • Move OTC trading to electronic trading venues. Require trading venues to provide price tolerance checks to market orders. If they are unable to do so, eliminate market orders. Require trading venues to provide risk information at a granular (account) level. Connect all the dark pools and bring trading to 2-3 liquidity pools to reduce the risk of flash crashes. Focus on standardizing data across the board, including market, execution and clearing data. Prevent trading venues from engaging in tying activities, such as requiring market participants to connect through a single communication network that is more expensive than other networks. Regulators should examine trading venues’ revenue models, which may now focus on revenues from technology services such as charging for ports, co-location services, data, etc. Regulators should revisit the rules around short selling because B-D/FCMs may not have complete information on their customers, like hedge funds. B-D/FCMs can only see a customer’s total positions if all their business is with one prime broker. Buy-side customers with multiple B-D relationships should bear the burden of complying with short selling rules, since they know their overall positions better than their individual BDs. Regulators should mandate a list of pre trade risk controls that B-Ds must have in order to comply with the market access rule. Move trading to trading venues with central counterparty (CCP) clearing. Nevertheless, clearing trades through multiple CCPs increases counterparty risk. 16 What are B-D/FCMs’ concerns from a regulatory perspective? • • • Regulators are frequently staffed with people with no trading experience. Some regulators have retail-based knowledge and lack an understanding of institutional customers. Rules should be clear to prevent regulatory arbitrage. If regulators are not prescriptive in terms of what pre trade risk controls B-D/FCMs are required to have, trading firms will migrate to B-D/FCMs with the least risk controls. Conclusion B-D/FCMs conduct comprehensive risk reviews during the on-boarding process for new customers. Some B-D/FCMs may subject customers desiring to access the markets directly to additional screening. However, most of the B-D/FCMs interviewed do not have formalized audit procedures to periodically monitor customers that access the markets directly subsequent to the on-boarding process. B-D/FCMs also build or buy risk platforms to manage customer positions and exposures. BD/FCMs make decisions on whether to use real time or batch data to feed their risk models depending on data availability and cost. The rate at which risk calculations are performed varies from near real time to minutes, based on the data sources and risk models used. Prudent business practices and regulatory requirements motivate B-D/FCMs to ensure pre trade risk checks are applied to customer orders before they are sent to the matching engine. These pre trade risk checks may be performed at one or more of the following three levels: customer, BD/FCM, and trading venue. Some B-D/FCMs may rely solely on mandatory pre-trade risk checks performed by trading venues. When risk limits are breached, staff at B-D/FCMs is alerted and depending on the nature and severity of the breach, may take appropriate action. Staff at one B-D/FCM stressed the importance of human interaction to assess the cause of the breach during such scenarios. To better manage the risks, B-D/FCMs may want to consider a number of best practices such as: o Establishing a training process for risk management o Collecting trade data in a central repository and using the data to calculate intraday exposures and to aid near real time risk management o Maintaining exclusive control of hardware to cut off trading for any trader or trading firm o Periodically monitoring customers that access the markets directly subsequent to the onboarding process. o Reconciling fill information for customers that access the markets directly to drop copy o Identifying at a high level when a customer engages in a new trading strategy that may present significant risk, such as mass quoting in options 17 o Requiring HST customers to subscribe to cancel on disconnect functionality at the trading venues where it is offered o Ensuring risk platforms include customers’ previous days’ open positions o Estimating the costs and benefits of including working orders in risk calculations o Adding risk scenarios that track various standard deviation moves to risk models o Having the capability to calculate enterprise wide exposures B-D/FCMs mentioned a number of challenges and concerns, including: • The need for trading venues to: o Have consistent standards for amending, busting, or cancelling trades o Focus on standardizing data across the board, including market, execution and clearing data o Offer drop copy in consistent formats and at an affordable cost o Offer a common API to invoke kill button functionality o Consistently apply pre trade risk controls o Understand the high level strategy of a trading firm before allowing it to access the markets directly o Require trading firms that access the markets directly to pass a conformance test o Provide price tolerance checks to market orders or eliminate market orders • There is a role for regulators to: o Ensure risk is being born by the party best able to manage it o Refrain from over regulation that causes firms to move to less regulated markets o Understand the business and work with market participants to make the industry better o Focus on the global picture o Prevent trading venues from engaging in tying activities, such as requiring market participants to connect through a particular communication network that is more expensive than other networks o Examine trading venues’ revenue models, which may now focus on revenues from technology services such as charging for ports, co-location services, data, etc. In addition, FMG staff noted that regulators may want to consider: • Conducting periodic audits of the types of pre trade risk controls B-D/FCMs utilize, the methodology for how these controls are applied, and the reasonableness of the limits set. For example, giving equal order size limits in two different products with varying price volatility like corn and oil will result in unequal exposures. 18 • • • Mandating minimum standards for risk checks that B-D/FCMs are required to perform For example, a pre trade risk control limiting the number of orders per second that can be sent to a trading venue may help a B-D/FCM to detect out of control looping algorithms. Evaluating the methodology B-D/FCMs use to raise customer order size limits to boost the likelihood of customer orders being filled when trading venue’s use pro rata matching algorithms. Determine whether other pre trade risk checks, like credit limits, offset these increased order size limits. Determining whether a B-D/FCM relies solely on mandatory pre-trade risk checks performed by trading venues, which may be set wide and vary by trading venue. In such a scenario, the B-D/FCM should be encouraged to build or buy its own pre trade risk controls. Despite the above recommendations and best practices, one B-D/FCM emphasized that even with the best of efforts, something can always go wrong. 1 Trading venues include exchanges and alternative trading systems (ATS) like Electronic Communication Networks (ECNs) and dark pools. 2 Black box trading strategies are 100 percent automated, pre-programmed, and traders cannot interact or modify the algorithms. 3 Risk controls include the processes, procedures and systems a firm needs to prudently manage all the risks resulting from its trading activities to ensure they are within the firms’ risk appetite. Risk checks scrutinize orders against a particular limit(s) and are carried out as part of the broader risk control process. 4 See: FIA Asia (2007), “Profile of exchange and FCM risk management practices for direct access customers,” December 3; OICU-IOSCO (2008), “An overview of the work of the IOSCO technical committee,” July; OICUIOSCO (2007), “Multi-jurisdictional information sharing for market oversight,” April; FIA (2009), Letter from John Damgard to Greg Tanzer, IOSCO, May 26; FSA (2008), Market Watch, November, Issue no. 30, pp.10-13; FIA-FOA (2009), Clearing Risk Study; OICU-IOSCO (2009), “Policies on direct electronic access,” February; FIA (2010), “Market access risk management recommendations,” April; OICU-IOSCO (2010), “Principles for direct electronic access to markets,” August; FIA (2010), “Recommendations for risk controls for trading firms,” November; SEC (2010), “Risk management controls for brokers and dealers with market access,” Release No. 3463241; File No. S7-03-10, November; CFTC (2011), “Recommended practices for trading firms, B-D/FCMs and exchanges involved in direct market access,” Pre-Trade Functionality Subcommittee of the CFTC Technology Advisory Committee, March. See also “Software Development and Change Management Recommendations” Futures Industry Association, Principal Traders Group and European Principal Traders Association, March, 2012; “Market Access Risk Management Recommendations, Futures Industry Association, April, 2010; and “Recommendations for Risk Controls for Trading Firms, Futures Industry Association’s Principal Traders Group, November, 2010. 5 Depending on the trading venue, drop copy is a report for a particular trading session that includes trades executions and one or more of the following: messages, working orders, and/or exception reports. Fills include matched trade information only. 6 During the May 6, 2010 Flash Crash, many U.S. equity based products experienced an extraordinarily rapid decline and recovery. 7 Trading venues use different order matching algorithms. First in first out (FIFO) algorithms match orders based on a strict price and time priority. The matching sequence is based on time stamps assigned by the exchange. If there are multiple orders at the same price, the order with the earliest time stamp will be matched first. Pro rata algorithms match orders at the same price based on a variety of factors. For example, the matching sequence may be based on time stamps assigned by the exchange and orders in the queue may receive a fill proportionate to its size. Still other trading venues may combine FIFO and pro rata in their order matching algorithms. 19 8 ALPHA is a mathematical estimate of the amount of return expected from an investment’s inherent values, such as the rate of growth in earnings per share. It is distinct from the amount of return caused by volatility, which is measured by the BETA coefficient. 20