A software malfunction on August 1 at Knight Capital Group caused 45 minutes of chaos on the New York Stock Exchange, opened a $400 million financial hole at the New Jersey–based brokerage and sent a new wave of shivers through financial markets about their vulnerability to technological breakdowns.
How did the U.S. Securities and Exchange Commission react? It scheduled a “market technology roundtable” for September 14 at its Washington headquarters. Pulling together the desired panel of computer engineers and algorithmic trading experts posed yet another challenge to an agency struggling to keep pace with changes in equity market structures. The meeting was pushed back to October 2 — a full two months after the Knight incident.
The delay was probably not significant in the vast scheme of things. More time for deliberation might even have been beneficial. Behind the scenes a formal SEC investigation into the events of August 1 had gotten under way, a Knight Capital 10-Q filing in November revealed.
But the wheels of regulation turn slowly. Top officials of the SEC and its derivatives counterpart, the U.S. Commodity Futures Trading Commission, repeatedly complain that they are underfunded, and their technology is clearly deficient in comparison with that of the biggest financial institutions.
Still, what became of the sense of urgency to safeguard markets that flawed computer code can send hurtling out of control? The CFTC and the SEC, where interim chairman Elisse Walter was due to succeed Mary Schapiro in mid-December, have been wrestling with these matters since the “flash crash” of May 6, 2010, next to which the Knight glitch was a well-contained blip.
“I am worried that another disaster is coming,” CFTC commissioner Bart Chilton, an advocate of registration and other controls on high frequency traders, said in November at the Wholesale Markets Brokers’ Association’s Sefcon III conference in New York.
For all the time and attention regulators have devoted to this issue, precious little action has been taken. Instead, they have been focusing on writing rules under the Dodd-Frank Wall Street Reform and Consumer Protection Act, a job that is still only partly finished.
Given the arms-race mentality that pushed electronic markets to their present perilous state, regulators might have to become something akin to United Nations nuclear weapons inspectors. That is the reasoning behind the “consolidated audit trail” that the SEC approved in July to aggregate all equity and options trading data for hypersurveillance. The agency also formed the Office of Analytics and Research, led by former RiskMetrics Group executive and hedge fund manager Gregg Berman, a Prince¬ton University physics Ph.D., to build sophisticated analytical engines to help stave off future flash crashes.
The intentions are good, and the outcomes may be even better, but there are a few caveats that experienced technologists are quick to mention. For one, the quantities of data are staggering, and it will take time to harness the requisite computing resources. “It may take three, five or seven years to use some of the data,” Gregg Rapaport, head of Depository Trust & Clearing Corp.’s data repository operations, said in a Sefcon III panel on derivatives regulations. “The idea now is, at least collect it.”
Even if regulators could hope to match the computing firepower of the high frequency crowd, they’d always be playing catch-up. “Whatever the regulators are able to do, [the banks] would already have done it,” says Simon Garland, chief strategist of Palo Alto, California–based Kx Systems, whose high-powered databases support major institutions’ trading strategies. “If you had that better technology, you’d open a hedge fund.”
Strong enforcement — surveying all trades or registering and monitoring algorithms, many of which exist only for a few days or weeks — may be impractical, but surveillance is not. It happens every day. Transaction-monitoring systems like those of New York–based NICE Actimize and Smarts Group, a company acquired by Nasdaq OMX Group in 2010, have historically been used for compliance and self-regulatory purposes but are increasingly being deployed by the likes of the SEC and the U.K.’s Financial Services Authority. Having brokerages, exchanges and regulators on a common platform is a “unique advantage” for surveillance technology, contends Nasdaq OMX vice president Paul McKeown. That ecosystem model may indeed hold long-term promise.
Given regulators’ ongoing difficulties, says NICE Actimize CEO Amir Orad, “the burden will be more on the firms as the first line of defense.” That’s a far simpler enforcement paradigm than brute force.
