The Gateway to Algorithmic and Automated Trading

A Question of Control - Pre Trade Risk

Published in Automated Trader Magazine Issue 33 Q2 2014

In striking a balance between speed and safety, firms that have direct market access must confront a daunting set of challenges. In the aftermath of the Knight Capital trading disaster, there is also increasing talk of regulators deciding for those firms what's appropriate. Adam Cox reports on how the industry is re-evaluating pre-trade risk controls.

Anthony Masso

Anthony Masso

"The interconnectedness of the market and participants can carry a mistake across related derivatives and the major indices in a microsecond."

For the algorithmic trading community, there are certain dates that stand out. April 9, 2001, when decimilisation
 of the US stock market began, is one. May 6, 2010, when the Flash Crash occurred, is another obvious one.

And of course August 1, 2012 will go down in financial history as the day
 that the importance of pre-trade risk management became spectacularly clear.

That was when Knight Capital lost more than $460 million in a matter
of minutes. The cause of the debacle was attributed to the installation of software to participate in a new NYSE retail liquidity program, software that apparently interacted with old code that had been moved in 2005 and then led to 4 million orders being spit out into the market.

To add insult to injury, Knight had to cough up another $12 million when the Securities and Exchange Commission later found that the firm had breached Rule 15c3-5.

That rule had been approved unanimously less than two years earlier -- November 3, 2010, another landmark date in algo history - and 
it set requirements for firms with "naked" access to an exchange or ATS.

It prohibited broker-dealers from providing customers with such access and required brokers to put in place risk management controls and supervisory procedures to help prevent erroneous orders.

In the aftermath of Knight (and other less dramatic disasters at various firms), brokers have more than the SEC's
 rule to encourage such controls. Self- preservation is an equally powerful incentive.

"Appropriate pre-trade risk limits are the first level of defence against trading disasters," Nick Garrow, global head of e-solutions at Newedge, said.

Anthony Masso, CEO of Succession Systems, which developed the pre-trade compliance system used by Newedge, said the history of electronic trading is littered with mishaps.

"You really have to look at the history of what's been going on in the markets that is driving the absolute need for risk controls. First and foremost it's been a switch into electronic trading and the associated speed and complexity that has launched this whole area of market access risk controls," he said.

For instance, Masso said: "We've known for years that there have been numerous fat finger mistakes but now the mistakes can be automated and replicated in a fraction of a second. The interconnectedness of the market and participants can carry a mistake across related derivatives and the major indices in a microsecond."

The proliferation of high-speed algos and concerns about operational risks, has led to a get-tough approach by regulators. "Just about every regulator throughout the world is trying to address market access controls in one form or another," Masso said.

Keith Ross

Keith Ross

"The high frequency guys, I would call them risk control freaks."

In the brave new world of pre-trade risk controls, brokers, trading firms and technology suppliers see a host of challenges. Can brokers manage a dizzying array of individual client controls? Can vendors build systems that correctly balance the need for speed with the need for safety? Will the regulators become more demanding? The answers to the first two appear to 
be yes, at a cost, while the answer to the last question is unclear. What's not in question is that the industry believes it is best placed to grapple with these issues rather than regulators, if only because of pure self-interest.

In considering their pre-trade controls, trading firms are focused both on their customers and on themselves. Keith Ross, chief executive of PDQ ATS, said the Knight affair has only served to remind firms of the need 
to focus on their systems. "That is an outsized example, but if that does give everyone incentive to make sure that their systems are operating well, I don't know what better way to do it than to scare them with the possibility of big losses," he said.

Position and order exposure tracking

Position and order exposure tracking


Garrow of Newedge described a
wide array of customers, all requiring different trading controls in different ways. At one end of the spectrum are higher-frequency traders who are order- and volume-intensive, and at the other end are those who trade much less frequently."I believe the main challenge at 
the moment is trying to find the balance between the client, especially in latency terms ... and the safety 
of the organisation," said Vladimir Pozdnyakov, head of risk and liquidity services at BCS, a Russian investment bank.

"We insist upon pre-trade risk controls for all customers anywhere in the world," he said.

Vladimir Pozdnyakov

Vladimir Pozdnyakov

"I believe the main challenge at the moment is trying to find the balance between the client, especially in latency terms ... and the safety of the organisation."

"We provide access on a broad range
of markets globally across all major asset classes from exchange-traded derivatives, cash equities, OTC cleared to FX. Different trading venues have different rules and regulations in place regarding the requirement for us to impose specific controls but as a matter of course we implement standard sets of controls across all markets; these may then vary according to specific local requirements."

For a large brokerage, that array of customers can make life complicated.

"We track thousands of users trading on multiple systems and platforms
in multiple geographies. Each of those users has assigned pre-trade risk limits which are then aggregated and calibrated to the risk appetite for that specific customer," Garrow said.

The broker's tool for all this is called Limitedge and it acts as an interface into the various systems and platforms it uses, including Fidessa, TT, CQG and others. Limitedge extracts all of the information on clients, users and limits and puts it into a central database. "By using product and margin data, that central database then calculates client- specific collateral or margin limits."

Brokers can also implement exchange- based controls from some venues.
 The CME, ICE, Eurex and various exchanges can give a firm the capability to put in additional controls.

Depending on a client's business, Newedge may want additional controls or capabilities, so it sets up a system whereby it can reach into some clients' trading environments.

Nick Garrow

Nick Garrow

"We like exchange-based pre-trade risk limits, because we think that's where it kind of levels the playing field for everybody, imposing a fair and equal latency overhead on market participants."

"And the reason for that reach-in is not to see what the client is trading necessarily, but it's for us to gain visibility and control over additional pre-trade risk limits that the client may be setting," Garrow said.

"We like exchange-based pre-trade risk limits, because we think that's where it kind of levels the playing field for everybody, imposing a fair and equal latency overhead on market participants," he added.

Purely from a risk management perspective, whether the control sits 
at the broker level or at the exchange level does not necessarily make a big difference. But Garrow noted: "If an exchange sets limits this way and you have to set that limit for anybody who trades, the speed, the latency, the checks that the clients are governed to are uniform across the market."

He said Newedge lobbies extensively with exchanges to implement such controls.


How much latency do pre-trade checks add?

Succession says it takes between six and nine microseconds for a standard set
 of 20+ pre-trade risk checks, including portfolio capital and credit calculations as well as a host of fat finger order level and related checks.

Those firms which want to be even faster -- getting down to a few microseconds or even nanoseconds
-are generally speaking the sort of companies that will have built their own technology with their own gateways to the exchanges. But despite their focus on speed, high frequency traders are prepared to add a little latency for effective risk controls.

"The high frequency guys, I would call them risk control freaks," he said.

Sylvain Thieullent

Sylvain Thieullent

"The code can go wrong but so can the risk management code because it's part of the same system."

Ross of PDQ, who previously was head of GETCO, said HFT firms were actually among the most cautious out there.

A typical high frequency trader will have a model that will have certain risk controls in terms of maximum losses and the trader himself will have similar controls, in terms of the size of orders and the size of positions. Plus the firm itself may have extra controls.

"So by the time orders get to the exchanges, they've been pretty well scrubbed," he said. "The motivation is actually very selfish, which is a good thing."

Whatever pre-trade risk systems are put in place, many observers will note that operational risk issues can still trump trading factors.

Pozdnyakov of BCS said there was no question that from a risk management perspective, a huge area of focus was operational risk, and the development and change management and control of IP. "Because the root cause (of issues) very often is right there. Professionally it's quite important and you can't underestimate it."

Ross made a similar point. "It wouldn't matter how many risk checks you had if your flow was not going through the risk checks."

Sylvain Thieullent, CEO Electronic Trading at Horizon Software, which markets trading and pre-trade risk management software, noted another problem in terms of low latency risk management.

"In these systems designed to be low latency, you still have some feedback for monitoring, but it's completely within the business logic of the algo," he said. "In ultra low latency, you get some feedback on the execution of trades with the same code ... The code can go wrong but so can the risk management code because it's part of the same system."

In other words, the controls are just as vulnerable as the execution code itself.


Whatever internal controls firms may implement, they also must content with external forces in the form of regulation. Regulators and exchanges around the world have varying approaches to pre-trade controls.

For instance, Masso of Succession described a fundamental difference between the US approach and the German one. Germany's effort, he said, looks at algo-based traders and specifically tries to identify who the HFT actors are.

"Basically all the regulators are trying to bring more transparency to the market, but they are going about it in different ways. In Germany, if you fit a certain criteria, then there will be requirements tacked on to you. The regulators may require analytics on your trades and track order to cancel ratios."

Realtime Credit monitoring

Realtime Credit monitoring

Meanwhile, the US is focused on overlaying a broad requirement across all traders, not just HFTs. In the US, all broker-dealers -- basically anyone who has market access - must have pre-trade risk controls. Whether it's a high- frequency trading firm or any other firm that can enter orders directly into the market, they need to have sufficient pre- trade risk limits.

Identifying who those firms are is less of an issue in the US. "The US is pursuing the identity portion of this approach by putting together the consolidated audit trail and Legal Entity Identifiers," Masso said.

"I do think at some point, the regulatory approaches will all converge, because you need both transparency and trading limits. In fact, to manage point of access risk controls, you must conduct surveillance knowing the identity of the participants." Masso said.

That in turn will bring a lot more information and ultimately he saw that leading to a desire for more identification, with the US possibly going as far as Germany has.

Given that Knight absorbed all its losses and no end-user suffered, one might ask what the regulatory concern is. "The interconnectedness of the markets and the automation of the participants can carry a mistake across related derivatives and the major indices in a microsecond, disturbing the entirety of the capital markets. Like a crowded harbour, one wave can damage a lot of ships," Masso said.

He said that between the two approaches, broker-dealers are struggling with formulating a best practice. "There definitely needs to be more conversation around the implementation of these regulations. The regulations don't just require new systems and technology,
 but require new work methods, new business practices and new client/ broker interactions."

PDQ's Ross said well-thought-through regulation has its place -- and he noted the useful role in terms of limiting direct market access -- but he questioned whether it was needed given the clear self-interest at play.

"In my 10 years at GETCO, we started at a very micro level to check each order all the way up through the food chain and the thing that I feel good about is that the motivation for the people that should be checking their risk is in their heads. Regulation may or may not help them do it better but they're going to do it really well because it's their lifeblood. A lot of these firms, it's their money that's on the line," Ross said.

Garrow said that if there was one thing he would like to see more of, it was consistency. "Within Europe, there are multiple regulatory authorities and one European regulatory authority. Having consistent requirements across the different exchanges and marketplaces is the most important thing for us; followed by more consistency in the types of drop copy services provided 
by exchanges. A full audit trail of all traffic traded at an exchange via a drop copy should be a key requirement for all exchanges to deliver to its members."

A new law in Germany on algo trading, for instance, requires work by brokers to ensure compliance. If a UK regulated exchange, brought in its own rule, it might be broadly similar but it would still have differences.

"When we have to build one-offs for every single exchange and every single marketplace, by definition, the problem itself is harder to solve," Garrow said.

Beyond consistency, many would like to see exchanges have as much responsibility as possible.

"Exchanges have made progress in terms of pre-trade risk controls and pre-trade risk management. There are more and better tools available now than there were three years ago," Garrow said.

He acknowledged that a lot of this has been pushed by regulators as well.

The CFTC, for instance, has pushed US-based futures exchanges into the implementation of these controls.

"So the regulators are doing a good job, but there are differences across jurisdictions. Asia shows the most inconsistencies at this stage due to the sheer size of the region and its number of regulatory regimes," Garrow said.

Brokers can end up recovering some of the extra costs involved, but competitive pressures mean they can ultimately claw back only so much.

One idea that has concerned Ross is talk about regulating algos in terms of design and code.

"I think that's the wrong direction to go. I liken it to the speed limit on a road. You really don't care what the composition of the engine of the car is, as long as it behaves well. And I think the regulators would do much better to focus on the output of the algorithms."

The idea of creating a library of algorithms and having inspections would be "hugely cumbersome, " he said. "And I can't imagine it could be effective."


In the past, the typical response from broker-dealers in the face of new regulation has been to add to existing systems.

"These regulations are introducing entire new requirements as well as extending current requirements for brokers. There are new procedures that need to be written, there are new methodologies that need to be deployed and followed. Regulations such as the market access rule, that do not have precedent, pose difficult real-life operating questions. Just having a regulation, without further guidance to follow makes application very difficult," Masso of Succession said.

Among the new requirements are aggregated firm-wide limits in real
time that track both open and filled trades. Aggregated firm limits can be problematic given different desks, using separate systems, with different margin guidelines, across geographies and asset classes. Many large brokers have siloed trading systems which can cause significant coordination issues.

Another issue is the use of post-trade drop copies as a means to satisfy pre-trade requirements. The SEC has clamped down on such practices.

Hard stops, or kill switches, are another new requirement.

"Switches put in place to halt trading add many complexities. Although it sounds easy, there can be a huge impact to the trading firm," Masso said.

"Kill switches cannot be just blunt instruments. They cannot just prohibit new trades; they must allow off-setting trades and give the trading firm the chance to exit or reduce the position, first."

Masso said market access controls need to allow firms to wind down their position, not halt new orders. "The technology is there to allow real-time collaboration between the broker and trader. In this way the broker can provide oversight, while the expert trader corrects the exposure. "

However, most trading firms have dozens of broker relationships so coordinating across these brokers is becoming a necessary part of an algo trader's responsibility.

"Imagine being a trader with 10 brokers, each with different procedures and shut down controls. Traders must understand what the technicalities are when facing a broker-controlled shut down. Will they know what's been filled, and what is the current open position? How much discretion will the broker-dealer allow them to exercise in a crisis situation? Will they know how to re-start trading in an orderly fashion and can they re- direct order flow to a different broker? " said Masso.

He called for more cooperation between trading firms and exchanges, possibly even clearing. DTCC in the US has its own set of risk requirements.

Masso said that if the industry wants to implement more sophisticated 
limit alerts and trade halts, all of the market participant including exchanges, brokers, clearing firms and traders need to create a 'risk nervous system' to automate and integrate these tools.

"It's time the industry thinks about inter-connected standards for managing risk limits across the entire spectrum of participants. We need to connect the collective brain to the hands and feet of the market," he said.

"One of the biggest problems when you try to use existing systems without tying them together is, you cannot get the whole picture in real time. In a crisis situation, this is untenable and prone to mistakes. All these systems must feed back into an overall control and command system."

PJ Di Giammarino

PJ Di Giammarino


In terms of pre-trade risk controls, Europe is taking a much more protectionist view and insisting on market transparency in a way that other jurisdictions aren't, said PJ Di Giammarino, CEO of regulation think tank JWG Group.

The US, for example, is only just starting a conversation as part of the CFTC's technical advisory committee agenda. In an era of market complexity brought about by automated trading, the committee is gathering ideas on designing a 21st-century surveillance system.

The kinds of questions being asked are:

• What are the essential tools and technologies that the Commission should have in place?

• Should the Commission invest in an order message surveillance system?

• How should the Commission develop cross- product and cross-market surveillance tools?

• What is the current trader and firm ID protocol?

• What additional information, if any, is required to adequately monitor automated systems?

There are yet to be any detailed policy recommendations coming out of those discussions.

"The transatlantic dialogue is leading the global regulatory state," Di Giammarino said. "Other jurisdictions frankly don't have the manpower to try and muscle into that rule making space. They want to see first of all where some of the regulatory froth goes. Does it lean towards the US or European model? Is there an advantage in sitting on the sidelines?"

Jurisdictions the world over are watching the results though what that might mean for how regulation is formulated is still in question.

Outside of the EU, pre-trade risk controls are generally part of existing market abuse monitoring systems, he added. And changing that is unlikely in to be in the interests of profitability.

In Australia for example, financial markets watchdog ASIC played down the controversial revelations over HFT.

"ASIC's lack of hysteria regarding high-frequency trading should not be mistaken for complacency," the regulator wrote in a market supervision update in response to widespread concern after the publication of Michael Lewis's 'Flash Boys'.

"ASIC has actively engaged with the evolution in the electronic marketplace including high- frequency trading, algorithms and automated order processing. We have a new market surveillance system and an impressive staff to ensure we understand and can respond to new challenges."

One of the major factors behind this attitude has to do with remaining competitive.

"If Australia goes ahead on its own in isolation, puts the controls in place, they are going to have less funds doing business in their jurisdiction because it makes it more expensive," said Daniel Simpson, research analyst at JWG.

By contrast, Europe has the kind of environment where detailed pre-trade risk control measures such as those coming out of MiFID are able to come to fruition, in part because of the push to homogenise rules.

So is the Association of South East Asian Nations (ASEAN), with Singapore as its financial centre, next in line then?

Though Di Giammarino has heard some rumblings associated with pre-trade risk controls out of Asia, he would still call it rumour at this stage.

Even though ASEAN is a collective of nations not unlike the EU, it is not likely any time soon, he added. "ASEAN is not the European Commission, there is no real ability in Asia to make a common set of rules."