P2.T9.

Current Issues in Financial Markets

“Algorithmic Trading Briefing Note,” New York Fed,

April 2015.

Bionic Turtle FRM Study Notes

By Deepa Raju and David Harper, CFA FRM CIPM
www.bionicturtle.com
“Algorithmic Trading Briefing Note,” New York Fed, April 2015.

IDENTIFY KEY RISKS WITH ALGORITHMIC TRADING. ..................................................................... 3

DESCRIBE HOW RISKS ASSOCIATED WITH ALGORITHMIC TRADING ARE MONITORED AND
CONTROLLED. .......................................................................................................................... 5
EXPLAIN HOW ALGORITHMIC TRADING ACTIVITY IS CAPTURED IN BANKS’ RISK MANAGEMENT
FRAMEWORKS.......................................................................................................................... 6
ASSESS THE EFFECTIVENESS OF RISK MANAGEMENT TOOLS TO MONITOR RISKS ASSOCIATED WITH
ALGORITHMIC TRADING. ............................................................................................................ 9

2
“Algorithmic Trading Briefing Note,” New York Fed, April
2015.
Identify key risks with algorithmic trading.

Describe how risks associated with algorithmic trading are monitored and controlled.

Explain how algorithmic trading activity is captured in banks’ risk management

frameworks.

Assess the effectiveness of risk management tools to monitor risks associated with
algorithmic trading.

Identify key risks with algorithmic trading.

Algorithmic trading has grown and evolved in response to the many changes like advancements
in trading technology, along with regulatory developments that have played a role in
fundamentally changing the structure of markets and the way that securities and derivatives are
traded. High-frequency trading (“HFT”), or high-speed trading (“HST”), a type of algorithmic
trading, referring to automated trading conducted at millisecond or microsecond speeds
throughout the trading day is now
a well-known feature of the global market landscape.

Although certain types of algorithmic trading like HFT may reduce perceived bid-ask spreads,
the risk that algorithmic trading poses to firms and the financial markets has sparked debate and
raised concern among market participants and regulatory agencies globally. Indeed,
unexpected events linked to algorithmic and high- frequency trading have caused significant
volatility and market disruption. Commonly, there are four key risks associated with algorithmic
trading as explained below.
1. Systemic risks may be amplified
An undetected failure with one market participant’s algorithmic trading strategy can
increase, or further transmit risk to another firm, resulting in a sizable impact on the
financial markets through direct errors or the reactions of other algorithms to the error.

Clearinghouses and central counterparties (CCPs) may also be affected by erroneous

trades, though their degree of exposure to clearing members may be limited depending
upon the product category involved and the nature of the events.

As algorithms and their interactions grow in both number and complexity, various types
of algorithmic trading may therefore increase systemic risk.

Moreover, the complexity of market interactions among HFT firms and other market
participants increases the potential for systemic risk to propagate across venues and
asset classes over very short periods of time.

3
2. Significant intraday risks faced without transparency and robust controls
Trading desks generally have risk reporting and risk controls in place to limit and control
risk exposure acquired over the course of the trading day. However, intraday risk
controls may not be robust, reporting may not be complete or timely, or limit breaches
may not be transparent to senior risk of officers.
Owing to the speed of trading and, therefore, the pace at which exposures may
accumulate intraday at algorithmic trading desks, such an unintended accumulation of a
large position during the trading day may result in a firm taking on significant exposure
before end-of-day risk processes take effect.

Also, technology failures, unanticipated market conditions, or an unexpected failure of an

algorithm during the day could force a firm to carry significantly more risk overnight than
it had intended, and without timely senior risk management oversight. 


3. Internal controls may not have kept pace with speed and market complexity.
Malfunctions and outages at financial institutions and exchanges though not new, their
potential impact may be amplified in algorithmic trading.

Further, many banks’ prime brokerage businesses have algorithmic and HFT firms as
clients, and the risk controls and monitoring efforts across these businesses vary widely
among banks and are evolving to keep pace with this type of client activity. 


4. Without adequate controls, losses can accumulate and spread rapidly.

Algorithmic trading increases the operational risk at the individual firms and across the
financial system.

For instance, an algorithmic strategy may fail to maintain risk exposure within a specified
threshold during volatile market conditions, or fail to return to an allowable risk position.
Some examples include:

o The 2010 Flash Crash - a large-order execution algorithm operating in an

unexpected way.
o The 2012 Facebook IPO - an exchange system problem.
o The 2012 Knight Capital incident -the malfunction of an order routing system.

As follow-ups to these events, published regulatory enforcement actions highlighted

control shortcomings related to insufficient testing, and new rules and recent proposals
by market regulators have aimed to increase control strength.

4
Describe how risks associated with algorithmic trading are monitored
and controlled.
In order to monitor and control the risks associated with algorithmic trading activities, the
following is a list of principles for supervisors to consider. These key controls and practices are
both preventative and detective in nature, and are the underpinnings of an overall risk
management framework.

Controls must keep pace with technological complexity and trading speeds.

A multilayered “defense-in-depth” strategy, which increases control redundancy and diversity,

can reduce the risk that an erroneous or destabilizing order will reach financial markets.
Defense-in-depth is a concept from the information security field that calls for multiple
controls at multiple points in a process.
 For example, algorithmic trading controls should exist prior to algorithm launch or
change deployment, during the trade lifecycle, and during the incident response process.
Firms need to have controls that cover all aspects of the trading process, including order
generation, order handling, and order execution.

Governance and management oversight can limit exposure to losses and improve
transparency.

One sound practice is to establish firm-wide governance for algorithmic trading controls being
aligned with the firm’s stated risk appetite framework and apply it consistently within the firm.
Without such consistently applied governance, differences in controls across desks can
introduce unnecessary risk for a firm and can represent a lost opportunity to identify and
implement best practices across all desks.

Testing needs to be conducted during all phases of a trading product’s lifecycle, namely
during development, rollout to production, and ongoing maintenance.
 Initial testing: Firms deploying a new
or updated strategy or algorithm must first
conduct simulations and non-live testing within a trading venue testing environment.
Appropriate testing helps to ensure that algorithms pass the risk management controls
required by the firm and the exchange. 

 Controlled rollout: The algorithms should
be rolled out in a controlled and cautious
fashion. Initially, a firm should self-impose price and position limits as well as limits on
the number of instruments and venues where the algorithm is deployed. 

 Ongoing testing: Firms should test systems and controls to ensure that they can
withstand significant or elevated market volumes and external events that could exert
stress on those systems and controls.
When assessing control depth and suitability, management should ensure sufficient
involvement
of control functions as well as business-unit management. All stakeholders
should have a voice in determining the right balance between risk and controls. Control
functions (such as Compliance, Technology, Operations, Legal, Controllers, and Market Risk)
and developers both need to understand the inherent risks that algorithmic trading poses to
ensure that the proper controls are in place. Defense-in-depth also gains strength when different
layers within a firm play a role.

5
Explain how algorithmic trading activity is captured in banks’ risk
management frameworks.
The extent to which algorithmic trading activity is adequately captured in banks’ risk
management frameworks is an area of inquiry that all supervisors need to explore. There are
three specific oversight levels: business unit or desk management; control functions and senior
management; and the board. For each level, supervised firms can self-assess their current
control state and risk appetite by the asking the following questions. By setting forth risk-based
principles and questions for
the supervised firms, thoughtful discussion and action can be
facilitated on this issue.

Business-Unit/Desk-Management Level

What degree of role overlap is permitted among traders, strategists, and developers?
 The degree of role overlap permitted among traders, strategists, and developers should
be monitored. Management should consider the risks of allowing traders to develop their
own algorithms; of allowing developers to test their own code; and/or of allowing
developers to deploy their own code into production. All of these situations run counter
to separation-of-duties principles and may increase the likelihood of errors. Fast-paced,
iterative development environments require heightened controls.
Does the unit adhere to firm-wide policies and processes?
 The unit should adhere to firm-wide policies and processes. If front-office trading desks
develop their own processes such as change management rather than following firm-
wide processes, risk may exceed the level intended by senior management and the
board. Therefore, independent risk management functions should review and approve
any changes and should inform senior management and/or the board of these
exceptions. Moreover, independent risk management should revisit desk-specific
procedures periodically.
Does the unit seek advice from independent control functions to ensure that
compensating controls are effective and functioning as intended?
 The unit should seek advice from independent control functions to ensure that
compensating controls are effective and functioning as intended. If resource or
personnel constraints prevent a trading desk from implementing optimal controls, the
likelihood of generating erroneous or destabilizing orders increases. The business unit
should establish compensating controls to mitigate both firm-specific and systemic risk.
Independent control functions at the firm should verify, approve, and periodically
reassess the adequacy of these compensating controls.
What types of risk reports does the unit produce, and who in the firm receives those
reports?
 If business units do not provide transparency about risk taken intraday, senior
management and the board may remain unaware of the business’s full risk profile. To
provide transparency, trading desk management should develop appropriate reports (for
example, intraday profit and loss) for independent risk management and/or senior
management and the board.

6
Control-Function and Senior-Management Level

Does an independent risk management function communicate with senior management

about the level of intraday risk taken by each desk at the firm? Can independent risk
management effectively challenge the front office if they identify excess risk?
 In line with the recommendation that desk management should develop appropriate risk
reports, independent
risk management should review those reports and ensure that
senior management is aware of the level of intraday risk taken across the firm. In
addition, independent risk functions should be robust enough to develop their own key
risk indicator reports and provide them to a chief risk of officer, risk committees, or
similar management governance bodies. If risk managers feel that the exposure created
by certain business activities or transactions is too great given the firm’s risk appetite,
they should have the power to delay or decline activity pending senior management
briefing and consideration. In particular, senior management
must have an
understanding of how rapidly positions can accumulate intraday. Independent risk
management and/or senior management also should engage with and challenge
business units as needed to ensure that intraday risk exposure remains within
acceptable limits.
Are control-related functions such as Technology, Operations Management, and
Compliance aware of the controls in place on trading desks, and do they view those
controls as sufficient? Do they have the ability to mandate stronger controls if they
perceive gaps or weaknesses?
 If control functions have only limited input or insight into front-office controls, firms may
miss opportunities to align with industry best practices. They may, furthermore, face
losses or liability if a control gap allows an erroneous or destabilizing order to reach
financial markets. Robust involvement in the control-setting process by control functions
can foster productive discussion about the optimal balance of control strength and
innovation pace, resulting in a stronger, more resilient overall business. Furthermore,
control functions are key secondary and tertiary lines of defense for firms. Their own
control frameworks can be important supplements and complements to those of the front
office.
Who receives reports on major incidents and/or losses? Is senior management aware of
glitches and incidents? How does the firm communicate lessons learned from any
incidents and/or losses?
 Near-misses that are not reported represent lost opportunities to strengthen controls
broadly across a firm. By reporting near-misses through firm-wide incident management
systems, even when no financial loss has occurred, firms gain the opportunity to mitigate
control weaknesses before those weaknesses cause harm to the firm or to financial
markets. Firms should effectively communicate any lessons learned to the entire
organization so that controls can be upgraded across trading desks and so that senior
management can be sure that trading activity does not result in undue risk to the firm or
the financial system.

7
Does senior management understand how incident responses are affected by
exceptional circumstances (such as busting trades) that differ among trading venues and
clearing/settlement firms?
 In a market-wide incident, best-case scenarios tend to occur when trading venues,
market participants, and clearing/settlement firms have clear rules and procedures that
enable them to respond rapidly and effectively to events. Different trading venues and
clearing/settlement firms have different rules and procedures for exceptional
circumstances, such as for busting trades or halting trading. A financial institution’s risk
exposure under these exceptional circumstances can be significant. To manage
exceptional circumstances and assess and manage
risk rapidly and effectively, senior
management must understand in advance how exceptional circumstances, such as
busting trades, are handled at each trading venue and the impact on the firm’s risk
position.
Are incident response processes up-to-date, effective, and communicated to senior
management?
 Markets, market participants, and clearing entities should regularly review their risk
management and operational risk policies and procedures to ensure that they reflect the
latest best practices and to keep response teams current and coordinated within the
firm’s risk management framework. All parties should be aware of their responsibilities
and have established procedures (that are tested regularly) for coordinating with markets
and clearing agencies in responding to market incidents. All incident responses must
integrate well with market-wide rules and protocols so that events and risks are
managed in a timely, effective manner.
Are control functions prepared to execute trading incident response processes?
 Control functions such as Compliance and Internal Audit risk uncoordinated responses
to trading incidents if advance preparation is insufficient. Appropriate, comprehensive,
timely, and coordinated incident reporting and response procedures are required. “Break
glass” (added layer of control over emergency or non-routine action, which automatically
notifies others as the process is triggered) and other similar procedures for worst-case
scenarios must be documented and tested. Procedures for responding to erroneous
trade executions differ by venue and should be understood at all levels of the firm.

Board and Executive Level

Are the board and key management risk committees aware of the level of intraday risk
taken across the firm?
 If the board and executive-level risk committees are not informed of the level of risk
taken intraday across the firm, risk may increase beyond the level intended by the board.
Senior management should leverage information provided by desk-level management
and independent risk management to communicate to executive risk committees and to
the board the level of intraday risk taken firm-wide. This information can inform the
board’s oversight, discussion, and decisions on risk.

8
Are key governance bodies such as the board, audit committees, and control committees
aware of the types of controls in use on trading desks, and does the board view those
controls as sufficient?
 Because trading incidents can have significant firm-specific and market-wide impact,
boards of directors should have, at a minimum, high-level knowledge of the types and
sufficiency of controls in use. Boards should request this information from senior
management, and senior management should be able to collect the information across
desks and present it to the board from a risk perspective. Other management
committees, such as audit or control committees, can be additional resources to provide
oversight of incidents and related follow-up activities occurring within the firm.
Does the board receive reports on significant near-misses and incidents?
 Senior management should inform the board about near-misses and low-impact
incidents that highlight critical control weaknesses. In doing so, management gives the
board an opportunity to assess whether it is still comfortable with the firm’s controls as
well as its trading strategies and risk.

Assess the effectiveness of risk management tools to monitor risks

associated with algorithmic trading.
Please note: because this reading does not contain a directly corresponding section to this
learning objective, we have relied on material from the 2015 FRM Current Issues that did place
a special emphasis on risk management in a high frequency trading (HFT) environment.1
There are tools and controls to monitor the risks associated with algorithmic trading at various
levels in the trading process. These levels include the firm itself, the marketplace and
(importantly) exchanges:
 The firm itself should have its own risk management structure and risk platform(s)
 Pre-trade and post-trade risk controls used in the marketplace
 Exchanges (i.e., trading platforms) use pre-trade risk controls
 Exchanges help their clients manage risk
 Exchanges monitor for (and attempt to mitigate) abnormal trading and market
manipulation

1 Specifically, this Learning Objective relies on the following three previous FRM HFT assignments:
 Clark, C. & Ranjan, R. (2012). How Do Trading Firms Control the Risks of High Speed Trading?
 Clark, C. (2011). How Do Exchanges Control the Risk of High Speed Trading?
 Clark, C. (2010). Controlling Risk in a Lightning-Speed Trading Environment.

9
The firm itself should have its own Risk Management Structure and Risk Platform(s)

Risk Management Structure

There is no single risk management structure that exists in trading firms. Some firms have a
hierarchical risk management structure where trading and risk staffs report to a single risk
manager. Others have a horizontal reporting structure where every trading desk has a risk
manager, but there is no enterprise wide risk manager. Finally, some firms with multiple offices
manage risk from a central location [according to Clark’s survey].

Risk Platform(s)

To help manage and control their exposures, firms either build or buy risk platforms, which
check all trades leaving the trading platform before routing them to the trading venue. A majority
of firms have developed their own proprietary risk platforms [according to Clark’s survey] but a
few firms also use vendor provided risk platforms as an independent verification of their
proprietary risk platforms.

Firms’ risk platforms use various models such as VaR (Value at Risk), SPAN (calculates
performance bond requirements by analysing what-ifs), or some proprietary algorithm.

Some firms do not use VAR or SPAN because they do not hold positions overnight. Models are
fed by data sets from various sources. These may include data compiled by the firm, purchased
from a vendor, and provided and/or purchased from trading venues. Because these data sets
can be corrupt for various reasons, firms may cross check the values using multiple sources to
identify outliers and incorrect or stale price feeds. It is interesting to note that not all trading
firms’ risk platforms are able to calculate enterprise wide portfolio risk.

Role of Risk Platforms

Well-designed trading platforms include pre-trade risk limits that may: Alert a firm when an
order(s) is approaching a preset limit; Stop order entry entirely once a limit is breached, or
Require traders to take opposite positions when a limit is hit
 Depending on the organizational structure of the firm, the business requirements for the
risk model(s) supporting the risk platform are defined by the head of risk, risk managers
at the trading desk, or by the firm’s management.
 Trading limits can be set on the risk platform at one or more of the following levels:
trading desk, account (trader), group, product/symbol, strategy, trading venue, and/or
overall firm level. Depending on the organizational structure of the firm, limits may
be set by the risk manager for the firm or by risk managers at each trading desk.
At most firms, the CEO and/or management committee review risk limits daily, but some
firms conduct more formal reviews on a monthly or quarterly basis.
 When risk limits are breached, the trading platform has the ability to respond in one or
more of the following ways: sending traders audible, text message and/or e-mail alerts,
stopping trades entirely, liquidating trades, and/or requiring traders to take opposite
positions. Alerts can also be sent to risk management staff.

10
Pre-trade and post-trade risk controls used in the marketplace; i.e., clearing members
and non-clearing members

Broker–dealers and FCMs are responsible for verifying the financial integrity and risk controls of
their customers and non-clearing members, whether they are floor, screen-based, or algorithmic
traders.
 Clearinghouses impose risk controls on their members.
 Some clearinghouses, such as the Chicago Mercantile Exchange, provide FCMs with
near real-time information on their customers’ trades.
o This post-trade information enables FCMs to monitor customers and non-clearing
members with unfiltered sponsored access and to make decisions on whether to
allow them to continue trading.
 The speed at which clearing members receive post-trade information from the
clearinghouse and incorporate this information into their risk-management systems so
that erroneous trades can be detected and stopped is very important.
 Clearing members also need an automated means to stop trades, which not all
exchanges provide.

Exchanges (i.e., trading platforms) use pre-trade risk controls

Pre- and post-trade risk controls exist at various levels of the trading process to prevent and
limit losses.
 Some exchanges have pre-trade volume and price limits that stop trades outside a
certain quantity or price from being executed.
 Others have trade bust policies that cancel clearly erroneous trades.
Sometimes, algorithms deployed by high speed trading firms that access the markets directly
may go awry due to corrupt data, programming errors, hardware failures, network issues, or any
number of other unforeseen circumstances. A well-built algorithm contains risk controls, such as
price and quantity limits.
 Depending on the pre-trade risk checks performed by the trading platform, out-of-control
algorithms and/or erroneous orders may be detected and stopped before they are
transmitted to the exchange matching engine.
 If they are not, exchanges act as a last line of defense and can stop orders by:
o Setting pre-trade limits at the exchange level for all market participants and/or
o Providing functionality to clearing members and/or market makers that allows them
to determine limits for their orders as well as set limits on orders of clients that
access the markets directly.
Pre-trade risk checks are performed before orders reach the exchange matching engine and are
one of the many ways exchanges protect the integrity of the markets.

11
The following are the types of risk checks that the exchanges interviewed perform:
 All have order size limits that set a maximum size order that can be placed in the market.
Depending on the exchange, order size limits may be set by product class, product,
customer/clearing member, outrights, spreads, etc.
 All have some types of limits that restrict the number of messages that can be sent to
the matching engine within a specified period of time. Some exchanges allow trading
firms to purchase additional message capacity.
 Four exchanges have a price banding mechanism that only accepts orders within a
specific price range and the fifth has a feature that acts as a price band. A few
exchanges do not reject orders that are outside the price band if they are from market
makers.
 Three exchanges have stop logic functionality that can prevent orders from creating a
domino effect in the market.
 One exchange supports intraday position limits, which set maximum positions a firm can
take at any time within the day, but these limits are optional and not mandatory.
 One exchange has credit limits, which restricts the dollar value a firm can trade.

Equities and options exchanges may find it difficult to set intraday position and credit limits
because products in these markets are fungible and can be bought and sold on numerous
trading venues. Because equities and options exchanges do not typically have information on
trading firms’ exposures at other equities and options exchanges, they cannot determine
whether a position on one is offset at another. This is evidenced by some comments from staffs
at equities and options exchanges:
 “If a trading firm sold $1 trillion on my exchange, how do I know they didn’t buy $1 trillion
on another?“
 “Credit limits are not set because exchange staff cannot determine how exposed trading
firms are in other markets.”

Each level of the trade cycle has responsibilities for setting and administering pre-trade risk
controls.
 Interviews with technology providers revealed that some clearing members may not
establish pre trade risk limits for their customers that access the markets directly in the
race to get more business.
 Staff at one exchange said there is a universe of proprietary trading firms that access the
markets directly and do not have pre trade risk controls on their trading platforms.
Instead, they rely solely on the pre trade risk controls at the exchange.
 Staff at an exchange that offers market makers functionality to set pre trade limits said
most market makers set these limits at levels where pre-trade risk protection is nil. Staff
at a third equity options exchange said credit risk was the clearing house’s concern.

12
Exchanges help their clients manage risk

When clearing members and/or trading firms are uncertain about their orders and positions,
they may telephone exchange staff and request that certain or all orders be cancelled from the
order book.
 Provided proper authorization is given by the clearing/trading firm, exchange staff
manually executes these requests.
 To expedite this manual process, FMG staff inquired if exchanges also provide their
clients with a kill button that can be used in such exigent circumstances.
 One exchange requires clearing members to build kill button capabilities for clients

Three exchanges offer some type of kill button, but:

 Some exchanges only offer a kill button to market makers and/or clearing members.
 Other exchanges offer the kill button to all market participants, including trading firms
that access the markets directly.
 Two of the three exchanges offer clearing members and/or trading firms functionality that
enable them to manually enter parameters that when breached will automatically
activate a kill button.
o At one of these two, the exchange is in the process of developing an API that will
programmatically enable clearing members to automatically cancel or modify any
order.

Cancel on Disconnect

Because trading firms sometimes lose connectivity between their servers and the exchange
servers, exchanges were asked if they provide trading firms cancel on disconnect functionality
that cancels orders in the order book when this connection is lost.
 All five exchanges offer cancel on disconnect functionality. But, how this functionality
works and who it is offered to varies by exchange.
 Some exchanges delete all orders while others provide clients with the option to select
what order types should be cancelled.
 Two exchanges allow trading firms to choose what will happen when cancel on
disconnect is activated – orders can be cancelled or left working in the market.
 Another exchange only provides automatic cancel on disconnect for market maker
orders and requires trading firms to call the exchange to delete their orders.

13
Exchange staff was also asked if high speed trading firms are required to subscribe to cancel on
disconnect.
 Four exchanges leave this decision up to the individual trading firm, but staff at one of
these exchanges said that almost every high speed trading firm subscribes to cancel on
disconnect.
 The fifth exchange requires market makers to subscribe to cancel on disconnect.

Exchanges monitor for (and attempt to mitigate) abnormal trading and market
manipulation

Error Trades/Out-of-Control Algorithm

Each exchange interviewed has dedicated teams that monitor abnormal trading behaviors such
as firms accumulating significantly larger positions and volumes compared to historical data.
 Some exchanges use automated tools to detect unusual trading patterns that might
result in exchange staff calling the clearing member and/or trading firm responsible.
 Exchanges may choose to bust or adjust trades that create a significant price impact
and/or that are caused by out-of-control algorithms or unusual orders. Sometimes,
exchanges honor these trades. The action(s) that is taken in such circumstances
varies by exchange.
o Some exchanges are reluctant to bust trades and choose to adjust the price of the
executed trade instead.
o Other exchanges may bust rather than adjust trades, which could potentially result in
breaking one side of a firm’s hedged position.
o Still other exchanges may only bust trades outside the price band.
o In addition, the time frames trading firms have to report an error trade to an
exchange also differs by exchange and by product (e.g. 8-30 minutes).

14
Exchanges staff was asked about the frequency with which out-of-control algorithms and
erroneous trades occur.
 It was revealed that there is no standard definition of out-of-control algorithms and
there is no clear pattern as to what causes them.
o Staff at one exchange said out-of-control algorithms happen extremely infrequently
and it never had to shut down a trading firm’s server.
o The second exchange stated it had not had an out-of-control algorithm since 2008,
when a trading firm had an algorithm that traded with itself 10,000 times. Following
this occurrence, exchange staff contacted the SEC and had the trades pulled from
the consolidated tape. However, this exchange does see 1-2 erroneous trades a day.
o The third exchange said out-of-control algorithms occur a few times a year and can
only be detected if it creates a significant price impact. Algorithms that slowly add up
positions over time cannot easily be identified, but exchange staff has heard stories
of such occurrences.
o The fourth exchange indicated out-of-control algorithms and/or clearly erroneous
trades occur daily in illiquid options. How long it takes to detect them depends on the
pattern, the impact on the market, and how quickly humans can identify the problem.
o The fifth exchange was unable to quantify the frequency of clearly erroneous trades
or out-of-control algorithms.

Clearing Member Audits

Because clearing members assume the financial risk of all their customers’ trades, FMG staff
concluded that exchanges would be intensely interested in the controls clearing members
have in place to manage the risks associated with high speed trading and would review
these controls during periodic audits.
 Two exchanges outsource the audit process to FINRA.
 A third exchange only looks for irregularities when a new clearing member account is
opened.
 Staff at a fourth exchange said if a trading firm has sponsored access, they check
whether the risk administrator at the clearing member is able to view and control risk
limits on their customers’ trading platforms. This exchange does not approve situations
where the clearing member does not have exclusive access to customers’ pre trade risk
controls.

15
Manipulative Market Practices

Inquiries regarding how exchanges monitor whether spoofing or layering and other types of
order manipulation are occurring revealed that exchanges rely on manual or automated tools
or both to detect such practices.
 Exchanges have the capability to monitor whether manipulative market practices are
occurring at their individual exchange. However, the fragmented structure of equities and
options markets, where products are fungible and firms are able to buy and sell the
same instrument at multiple trading venues, prevents these exchanges from detecting
whether a trading firm is engaging in manipulative practices across multiple exchanges.
 Equities and options exchanges provide the Intermarket Surveillance Group (ISG) with
information for cross market surveillance, but do so on a lagged basis three days after
the trade (T+3).
 In the futures markets, where some products are traded almost exclusively at a single
trading venue, exchange staff is able to view the majority of trades in these products.
However, futures markets face the same challenges in detecting manipulative practices
firms may be engaging in across exchanges.
 Futures exchanges can obtain information on cross market activity from the ISG for this
purpose, subject to the limitations described above.

Drop Copy

Exchanges typically provide drop copies to clearing members and to high speed trading firms
that access the markets directly. Depending on the exchange, drop copies may include details
on filled trades and working orders by trading account. Trading firms may compare the drop
copies against the trade execution records on their trading platforms to identify any
discrepancies in the number of trades recorded by the exchange and the number of trades
recorded on the trading platform.

What is included in and the time it takes to receive drop copies differ by exchange.
 Some exchanges do not include working orders in drop copy while others do.
 Some exchanges provide drop copy in near real time (microseconds) and other only
provide drop copy at the end of the trading day.
 FMG staff inquired if exchanges were working toward standard communication
protocol(s) for drop copy to assist trading firms’ reconciliation efforts. One exchange said
that standard protocol(s) for drop copies and an API capability to send a stop trading
message if a significant discrepancy is identified, is the next logical step. Two options
exchanges indicated that their regulator forbids them to work together with
other options exchanges on joint issues without its expressed permission.

16