By Anne Sherry, J.D.
The CFTC's proposal to strengthen regulation of automated trading inspired vociferous debate, particularly on the requirements surrounding source code repositories. Industry groups commented that Regulation AT creates a rigid, inflexible approach and imposes unnecessary burdens on firms, while market watchdogs said that the proposal does not go far enough to curtail market risks.
Reg AT. The proposed rules focus on minimizing the potential for problems that may arise from the automation of order origination, transmission or execution due to malfunctioning algorithms, inadequate testing of algorithms, or other errors. Regulation AT would require the implementation of risk controls such as maximum order message and maximum order size parameters, and the establishment of standards for the development, testing and monitoring of algorithmic trading systems. Certain proprietary traders responsible for significant futures trading volumes would be required to register with the CFTC.
Comment period. Comments on the proposal closed on March 16. To the disappointment of the Futures Industry Association, the Commission denied requests to extend the comment period. The association said that when it disagrees with aspects of a CFTC proposal, it attempts to recommend alternatives. Without the requested extension, FIA was unable to seek input from other organizations and offer consensus solutions. Instead, the organization concentrated on what it called the "most challenging aspects" of the Notice of Proposed Rulemaking.
Definitions. Significantly, FIA takes issue with the way the rule is structured around a defined group of "AT Persons." Applying the various requirements of Regulation AT to a singularly defined group means some requirements will apply too broadly, others too narrowly. For example, risk controls should apply to all electronic trading, not just to AT Persons. Conversely, the rule's documentation, reporting, and testing costs and requirements should not apply to all AT Persons.
Like FIA, the International Swaps and Derivatives Association considers some of the rule's definitions to be too rigid. For example, the definition of algorithmic trading applies indistinguishably to black box trading, which occurs without any human interaction, and standardized execution algorithms, where orders are initiated by a natural person. These models pose different levels of risk, and the definition should reflect the level of human judgment involved in trade execution.
Source code requirements. Industry commenters objected to the proposal's requirement that AT Persons maintain a source code repository and make code available for inspection by agency officials. These "unprecedented" provisions for on-demand inspection without any formal process of law could violate the constitutional rights of source code owners, FIA wrote. SIFMA's Asset Management Group also urged that the source code requirements be removed. These provisions are not adequately tied to risk, and their benefits do not justify threatening the security of proprietary information. ISDA concurred: as the "lifeblood" and most valuable IP of a firm, source code is completely different from traditional books and records.
Americans for Financial Reform, in contrast, strongly supports the source code provisions. Without access to the code, market regulators will not be able to determine the actual causes of trading events, the group wrote. "More fundamentally, any exemption from routine source code inspection would be an unjustified exemption from regulatory oversight that is routine for other types of traders in the financial markets" AFR compared source code to correspondence between humans at a brokerage, such as an email with conditions for carrying out a trade, which would be open to inspection as books and records.
Better Markets also supported the source code requirements, calling them "perhaps the most important and effective provision in the proposed rule." Objections are unfounded, the group said, because no firm will be required to make source code public or submit it for unsolicited examination. Better Markets and AFR both noted the difficulties market regulators faced in piecing together data to determine the causes of the 2010 Flash Crash.
Regulatory approach. Overall, SIFMA's AMG said that the compliance costs of the proposal outweigh any marginal benefits that extend beyond designated contract market (DCM) and industry practices. AMG favors the FIA Guide to the Development and Operation of Automated Trading Systems, whose recommendations have already been adopted by many market participants, over the CFTC's one-size-fits-all approach. ISDA echoed AMG's concerns. While supporting the CFTC's efforts to minimize risk, the association cautioned that impractical, prescriptive requirements could deter market participants from improving their risk control systems.
In contrast to the view of industry groups that see the proposal as a rigid, prescriptivist approach, AFR said that it does not go far enough to rein in market participants. The group described it as "an essentially self-regulatory approach" that permits AT Persons to select their own levels of risk limits. Better Markets urged the CFTC to go further by requiring a threshold test before considering DCM applications; prohibiting per-trade benefits; and requiring DCMs to post incentive programs on their websites.