Japan Tightens Regulations on High Frequency Trading

Japan’s FSA (Financial Services Agency) is looking to implement tighter regulations on High Frequency Trading (HFT) as soon as 2018. Reuters states that “The growing presence of HFT on the Tokyo Stock Exchange (TSE) has raised concerns high-speed trading could destabilise markets and leave retail investors at a disadvantage.“*

This is an interesting point that we should all consider. Does it really destabilize the market? I haven’t yet seen a definitive presentation or report on this. I have seen reports that run away algos have destabilized the markets but not one on properly functioning HFT systems. It is my opinion that the HFT systems, especially those that are providing liquidity, are not destabilizing the efficient markets. But I too do not have a definitive study to show one way or another.

My big concern is those HFT systems that have “self-regulating” technology. By self-regulating technology I mean that the algo watches itself. It controls:

  • Who can trade and who cannot
  • All decisions to buy and sell
  • All order processing transactions
  • All risk management

This is a fundamental design problem that exists in many algorithmic systems. In the quest for speed and competitive low latency the software designers and algo programmers do not have any incentive to put in place truly effective safety guards. They program for speed, not safety of the market. The hope, or possibly design, is in the algo’s logic which is often written and tested by one person.

Years ago a manager once told me that the difference between a programmer and an analyst is that a programmer writes code and trusts it and the analyst has lost some of his or her trust in the written code. Algo programmers are sometimes optimists trusting in their own code. The hope in self-regulating algos may be misplaced.

At an auto race there are race cars have minimum safety features. They are interested in speed. However the race track has external safety features built in. These include:

  • Fencing and netting to protect the spectators,
  • Track repair crews who protect the drivers by providing a safe environment,
  • Pace Cars that regulate the speed, especially after a crash on the track

In the same way HFT systems need external controls. Here are the three levels of controls I believe to be best practice.

Three Levels of Safety Checks For Algo & HFT Systems

As an industry we need to have external safety features. At a minimum I would suggest that algo systems have three levels of safety checks:

Pre-Trade Checks

The pre-trade checks should be “in application” or “in algo” code that makes sure that order sizes are appropriate and reasonable. They should also check to make sure that the algo is not overstepping approved credit limits.

A good example of these pre-trade checks include the Guardian application implemented by Trading Technologies.

At-Trade Checks

At-Trade checks occur in the moments after the order (or related) transaction has been submitted. This should be external to the algo or trading system. By external I mean that they are implemented by a separate program running on a separate computer. And before you ask, yes I mean an entirely separate physical computer not a virtual machine running on the same hardware.

At-Trade checks should include:

  • Intraday Profit and Loss Limits
  • Order Speed Limit Checks (per second, per minute, per day)
  • Order rejection limits
  • Max intraday position limits (long, short, net)
  • Maximum number of open orders in the market

These checks should be implemented in a way that would alarm, and if necessary stop or kill the algo.

A good example of an at-trade risk system is KillSwitchPlus or the newer generation RiskResponder being deployed by Edge Financial Technologies.

Post Trade Risk

Post Trade Risk is the last layer. This is typically the back office system or some other back office system that is checking for the overall position limits. These checks are looking at the position portfolio in its entirety.  Ideally this system should be more real time than the batch clearing system. Best examples of checks performed at this level include:

  • Firm-Wide risk analytics
  • Cross Product and Exchange Risk Analytics
  • Intraday SPAN margin calculations
  • Calculation and summary positions on “the greeks”
  • Intraday position analysis based on volatility and pricing scenarios
  • Hedging position analysis
  • Value at Risk analysis

A good example of a post trade risk system would include ProOpticus by Prime Analytics.

Action Steps

Each and every trading firm should take some action. Most have something that covers the pre-trade risk, otherwise they would be in violation of several regulations around the world. Many broker dealers have the post-trade systems. Yet many trading firms, especially the less well known trading firms, are lacking in post-trade systems. At-trade is the last. I see few firms that have implemented an effective at trade system. This is, in my opinion, the biggest functional gap in our trading industry.



Reuters: “Japan passes law to tighten regulations on high-frequency trading Fri May 19, 2017

Tayloe Speaking for Markets Wiki 2

Pre-Trade Risk for Futures in the Future

Liquidation Only. Did your heart skip a beat? In futures and options trading when we hear “Liquidation Only” it means that something went wrong. Someone is losing money. The broker wants all new investments to stop.

In the world of electronic trading with direct access through software there is no longer someone thinking about the client and the broker’s role prior to orders being executed. We expect the computer to protect us.

But it can’t. Not yet.

Software pre-trade risk checks and back-office margin or risk controls all provide great tools to help prevent a trader from over extending their ability to invest with further trades. Yet they sometimes seem to be weak when you consider that these systems are designed for speed.  Let’s take a look at the controls that exists.

eTrading Software Pre-Trade Risk

  • Fat Finger or Order Size Risk: Prevents a single large order from entering the market. Prevents someone from entering “Sell 100 at $1.00” when they meant “Sell 1 at $100.00”.
  • Position Limits: Prevents a large accumulation in any one financial instrument.
  • Message Throttle: Prevents a large quantity of orders going in too quickly. This prevents errors like someone leaning on a keyboard or a rogue algo.
  • Price Collars: Prevents errors related to an order being entered for a price too far away from the market to be reasonable.

These examples of controls are all good. Yet they typically have one fundamental flaw in their design; they require complete knowledge of all orders and positions. This is something that they very rarely if ever have.

A prudent trader will have two trading systems, a primary and a backup. In the case that he or she is unable to enter an order in one system they can use another. The trader also has the capability to call a desk broker. In either case, no single system will have a complete view of all orders on any given day.

The complete view can also be compromised by linkage to the back office systems. Not all eTrading systems take a start of day feed from the back office and therefore do not know the true position. They may be very accurate on activity for the day. But consider the following:

  • Day 1. Trader accumulates 100 Jelly Bean Futures by calling the trading desk and placing an order. Position = Long 100.
  • Day 2. Trader places an order to sell 100 using a stop loss order to prevent losing too much money if the price of jelly beans falls.

On day 2, the eTrading software may only know about the sell order. If it gets filled it may consider the position to be short 100 instead of zero.

Back-Office Margin or Risk Controls

Clearing firms calculate the margin requirements for each account every night. Many are now keeping an intraday calculation that is near real time. This ensures that the account has enough funds on deposit to cover the position.

The back-office system feeds have the advantage of seeing all trades regardless of the source of the trade. Therefore the trader using two or more trading systems has positions consolidated in the back-office system. This is especially true if the trader is using multiple brokers.

The risk department at the clearing firms also calculate various risk profiles using post trade positions. These risk profiles may include industry standard calculations like:

  • SPAN – the industry Standardized Portfolio Analysis of Risk which takes consideration between related contracts and options that may be hedging a position.
  • VaR – An industry standard calculation that is used to evaluate the investment portfolio over time.

Each risk department evaluates their portfolio according to the unique needs of the brokerage firm and the client profile.

If a risk department determines that the account has exceeded the approved margin they may place the account into liquidation only. This will prevent any new positions from being added to the account.

The functional shortfall that exists here is that the back-office or risk department rarely know about hedging orders that are entered in the electronic trading systems. For example:

  • An account has 100 Jelly Bean Futures Contracts.
  • The account has an open order to Sell those contracts if the price falls by 10% that remains open until cancelled.

In this case the account isn’t hedged according to SPAN or Var but it is hedged in terms of the open order. This account is not as risky as the account that only has an open position.

Secondly, because the trading systems rarely have a full view of all positions it is difficult to tell a trading system to implement Liquidation Only.

The Kill Switch

In recent years the idea of a kill switch has been implemented. The concept is that the risk department or the trader’s manager can press a button to prevent any additional trading from happening. To do this the kill switch instructs the trading system or market to cancel all open orders. This idea sounds very appealing especially in an algorithmic trading and high frequency trading world.

Having the ability to stop trading is important. Yet the questions that come to mind include:

  • Who or what makes the decision to stop trading?
  • How do you stop trading?
  • What about open orders in the market? Which should be cancelled and which shouldn’t be cancelled?
  • What orders should be allowed to close out of a position?
  • Since most traders have more than one access point to trade, what are the access points that need to be killed?
  • Will killing the access point achieve the desired result?
  • Will pressing the kill switch increase or decrease the brokerage firm liabilities?

The state of the market for kill switches have never made many comfortable with the idea that anyone will press a kill switch because no one has been able to answer these questions.

Don’t be discouraged. Exchange kill switches, and external kill switches (for example Kill Switch+) are advancing the capabilities by adding more sophisticated controls that catch runaway algos, measure risk in terms of financial loss instead of contract counts, and are merging trading from multiple sources including drop copies. Yet the technology isn’t fully where it needs to go yet. There remains more work to be done.

The Future of Pre-Trade and At-Trade Risk Controls

In the future we will see the front office pre-trade risk technology, the back office systems, and the risk modelling systems working more collaboratively. This will require:

  • More risk departments being able to push approved pre-trade risk limits out to the front office trading systems.
  • Pre-Trade risk controls will move from commonly used contract counts to financial measurements (e.g. profit/loss, real time margin requirements, etc.)
  • Alarms being generated to Risk Managers when an approved pre-trade risk limit is increased without approval.
  • Credit approvals being reconciled with pre-trade and post-trade risk configurations. Credit committees, risk departments, and pre-trade support staffs have a separation of duties but should be better linked.
  • Back office Systems being able to transmit new trades to eTrading systems throughout the day as they appear in back office.
  • eTrading systems reconciling between the trades done in the eTrading system and those that appeared in the back office so that there is an accurate current position for the eTrading system to use for pre-trade risk.
  • Risk Management systems being able to see the true risk of both the positions and the open order book for an account.
  • Trade allocations (middle office moving of positions from one account to another) happening intraday so that all risk systems are aware of the position changes.
  • Kill switches that can implement a Liquidation Only instruction.
  • Electronic trading systems that can implement a Liquidation Only instruction.

While some systems have partially implemented these future controls there is still a lot of work yet to be completed.

Recommended Reading

The Futures Industry Association (FIA) Principal Traders Group “Recommendations for Risk Controls for Trading Firms” from November 4th, 2010.

Originally posted on

Re-posted hear with the permission

of author J. Tayloe Draughon 

cftc logo

CFTC Unanimously Approves Proposed Rule on Automated Trading

RELEASE: pr7283-15
November 24, 2015

CFTC Unanimously Approves Proposed Rule on Automated Trading

Washington, DC — The U.S. Commodity Futures Trading Commission (Commission) today unanimously approved proposed rules that mark a comprehensive regulatory response to the evolution of automated trading on U.S. designated contract markets (DCMs). The proposed rules, known collectively as Regulation Automated Trading or Regulation AT, represent a series of risk controls, transparency measures, and other safeguards to enhance the U.S. regulatory regime for automated trading. The notice of proposal will be open for a 90-day public comment period.

Regulation AT takes a multilevel approach by proposing risk control and other requirements for (a) market participants using algorithmic trading systems (ATSs), who are defined as “AT Persons” in the rulemaking, (b) clearing member futures commission merchants (FCMs) with respect to their AT Person customers, and (c) DCMs executing AT Person orders. The proposed rules are intended to reduce potential risks arising from algorithmic trading activity, by requiring the implementation of risk controls such as maximum order message and maximum order size parameters, and the establishment of standards for the development, testing, and monitoring of ATSs, among other requirements. AT Persons and clearing member FCMs would also be required to submit reports on their risk controls to DCMs, and maintain books and records regarding their risk controls and other algorithmic trading procedures for review by DCMs.

Regulation AT also proposes to require the registration of certain proprietary traders that, while responsible for significant trading volumes in key futures products, are not currently registered with the Commission. The proposed registration requirement would be applicable specifically to proprietary traders engaged in algorithmic trading through direct electronic access to a DCM.

The proposed rules would also require the use of self-trade prevention tools by market participants on DCMs, while permitting trades originating from accounts with independent decision makers. In addition, the proposed rules are designed to increase transparency around DCM electronic trade matching platforms, by requiring DCMs to publish a description of rules or known attributes of the trade matching platform that materially affect factors such as the time, price or quantity of execution of market participant orders, the ability to cancel or modify orders, and the transmission of market data and order or trade confirmations to market participants. Furthermore, the proposed rules are intended to foster transparency with respect to DCM programs and activities, including market maker and trading incentive programs.

To help ensure that Regulation AT remains current as markets and trading technologies evolve, the Commission is proposing to require that all AT Persons become members of a registered futures association (RFA), and further require RFAs to consider membership rules addressing algorithmic trading for each category of member in the RFA. Taken together, these provisions would allow RFAs to supplement elements of Regulation AT in response to future industry developments.

Comments may be submitted electronically through the Commission’s Comment Online process.

Last Updated: November 24, 2015

cftc logo

Focus to limit risk from automated bond trading -CFTC official (Reuters)

Oct 21 Any proposals to tighten oversight on automated trading in U.S. Treasuries futures would focus on measures aimed at curbing risks that stem from bad algorithms and inadequate testing of the algorithms, a top U.S. regulator said on Wednesday.

In the wake of the “flash” rally in the Treasuries futures and cash markets on Oct. 15, 2014, when prices swung wildly within minutes in the absence of fundamental news, regulators have increased scrutiny on the growth of automated trading in the near $13 trillion sector.

“In the near term, we are focused on looking at operational risks, and taking steps to minimize the potential for disruptions and other operational problems that may arise,” said Timothy Massad, chairman of the Commodity Futures Trading Commission in a prepared speech on Treasuries market structure at the New York Federal Reserve.

Massad said he expects the CFTC, which regulates trading of U.S. futures, to introduce some proposed reforms on automated trading in Treasuries futures next month.

… Other proposals would pertain to the design, testing and supervision of automated trading systems as well as measures such as “kill switches,”…

See full article on Reuters


NYSE halts trading in all securities for 3.5 hours due to a technical glitch

Trading stopped around 11:30 a.m. ET due to what the exchange called an “internal technical issue.” The NYSE said it did not suspect a cyberattack.

“I can’t say with precision exactly what drove it,” NYSE President Thomas Farley told CNBC. “We found what was wrong and we fixed what was wrong and we have no evidence whatsoever to suspect that it was external.”

“There is no indication that there are malicious actors involved,” White House Press Secretary Josh Earnest said, adding that the White House is monitoring the situation.

The issues did not affect the electronic NYSE Arca and NYSE Amex/Arca Options. The Nasdaq reported no technical problems, saying it continued to trade NYSE-listed stocks during the halt.

Read More Art Cashin: Here’s what to do after halt ends

By about 3:15 p.m. ET, the NYSE said “all systems are functioning normally” except the Openbook data feed for the NYSE MKT primary markets. Volume was light after floor trading restarted and closing auctions continued as normal.

The NYSE said all open orders before the halt, including market on close, limit on close and closing offset, were canceled.

“Do we need to change our protocols? Absolutely. This can’t happen again. We can’t put ourselves in this position again. Exactly what those changes are, I’m not yet prepared to say,” Farley said.

Just after 8 a.m. ET on Wednesday morning, the NYSE put out an alert about “a reported issue with a gateway connection” affecting certain symbols. It issued a notice at 10:37 a.m. ET that the problem was resolved.

“We opened the market as usual. All the NYSE-listed stocks opened without incident. Around mid-morning, we started to see some concerns about the way trading was occurring. Customers weren’t getting all of the messages back that you otherwise expect,” Farley said.

NYSE floor trading volume was 444 million on Wednesday, about half of the 30-day average of 861 million. Still, trading on the NYSE floor makes up only about a quarter of consolidated tape volume, or trading of all NYSE securities on all platforms, based on a recent 30-day average.

“This will not cause a move in any particular direction, so I would kind of wait it out and see what happens,” said Art Cashin, UBS director of floor operations at the NYSE, in a CNBC interview.

Read More Cramer on NYSE halt—We were warned this was coming

Retail investors were largely unaffected by the outage, said JJ Kinahan, chief strategist at TD Ameritrade.

“This is going to make it more difficult to say the floor traders are important when there’s a technical problem. Because the technical problems take out the floor traders, too,” said Richard Repetto, an analyst with Sandler O’Neill & Partners.

Officials widely denied any link to a cyberattack.

The FBI said in a statement it would “monitor the situation” but “no further law enforcement action is needed at this time.” Securities and Exchange Commission Chair Mary Jo White in a statement said “we are in contact with the NYSE and are closely monitoring the situation.”

Homeland Security Secretary Jeh Johnson noted the glitch that caused the trading halt and an earlier computer problem that grounded United Airlines flights appeared unrelated.


OCC and The U.S. Options Exchanges Announce New Risk Control Standards to Strengthen Industry Protections

CHICAGO (September 29, 2014) – OCC and the U.S. options exchanges announced today the adoption of risk control standards that include price reasonability checks, drill-through protections, activity-based protections and kill-switch protections, pending regulatory approval.

Earlier this year, OCC and the options exchanges agreed on a principles-based set of exchange risk control standards designed to reduce the risk of errors or unintended activity that could cause or contribute to a financial loss to market participants and OCC. OCC has adopted the risk control standards and approved an implementation plan. The standards will be implemented through an OCC rule that will apply a principles-based approach to options transactions.

Read the full press release on the OCC’s website.


MFA Recommends Kill Switches

MFA has supported certain standardized market measures and believes they have been extremely effective in limiting market disruptions and reducing investor confusion in times of extreme market volatility. Such measures include the use of market-wide circuit breakers, price collars (i.e., the Limit Up-Limit Down mechanism), and uniform exchange rules on clearly erroneous executions. In addition, MFA has supported the Market Access rule4 and believes it has been effective in reducing risks faced by broker-dealers, their customers including institutional and retail investors, and the markets more generally. However, we believe additional steps can be taken to bolster risk management practices.

Pre-Trade Controls

The Commission or the Financial Industry and Regulatory Authority (“FINRA”) should provide more specific guidance on pre-trade risk controls to increase transparency to investors, encourage greater uniformity of controls among broker-dealers, and reduce concerns with respect to discrepancies in latency.

Standardized Kill Switches

The Commission should direct the Exchanges to work together to develop a standardized mandatory kill switch protocol, methodology, and rules. Standardizing a kill switch protocol will simplify implementation and use by exchange

See full Recommendation from the Managed Funds Association Equity Market Structure Policy Recommendations September 30, 2014


Goldman Sachs to pay $7M over options mistake

Goldman Sachs (GS) will pay $7 million to settle regulatory charges the investment banking giant sent thousands of erroneous trading orders that disrupted options markets in 2013.

The New York-based bank failed to have adequate safeguards to prevent its computers from sending 16,000 mis-priced options orders to financial exchanges in less than an hour on Aug. 20, 2013, the Securities and Exchange Commission said Tuesday.

A software configuration error inadvertently converted Goldman Sachs’ contingent orders for various options series into live orders and assigned each a price of $1, the SEC said in a settlement order.

The problem was “exacerbated by human error,” the order said, referring to findings that showed Goldman Sachs personnel mistakenly overrode circuit breakers that would have prevented the mispriced orders from reaching options markets.

As a result, approximately 1.5 million options contracts were sent to options exchanges during pre-market trading. The contracts, placed on stocks with ticker symbols from I to K, were executed within minutes after the start of regular market trading that day, the SEC said.

The trades sent some prices down. Many of those transactions were later cancelled or had price adjustments pursuant to option exchanges’ rules regarding erroneous trades, the SEC said.

Goldman ultimately suffered $38 million in losses, based on the trade cancellations and price adjustments, the SEC said.

“Firms that have market access need to have proper controls in place to prevent technological errors from impacting trading,” said Andrew Ceresney, head of the SEC’s enforcement division. “Goldman’s control environment was deficient in several ways, significantly disrupted the markets and failed to meet the standard required of broker-dealers under the market access rule.”

Goldman Sachs neither admitted nor denied the SEC allegations. But spokesman Michael DuVally said the bank was pleased with the resolution.

“Since the incident, we have reviewed and further strengthened our controls and procedures,” he said.

However, some market participants argued the SEC penalty should have been higher. Nanex CEO Eric Hunsader, whose company supplies market data to the financial industry, spotted the Goldman Sachs trading glitch as it occurred.

He argued that the SEC should have required a more costly settlement from the bank because the problem may have cost some of Goldman Sachs’ trading partners more than $7 million.

Goldman Sachs shares closed 0.55% higher at $208.79.