Alissa Knight
Traders Magazine Online News

Top 10 Trends in Cybersecurity, 2019: User Experience and Machine Learning

2019 will be the year CISOs focus on frictionless user experience, machine learning, and orchestration according to Aite Group.

Traders Poll

If Members Exchange (MEMX) gets SEC approval and launches, do you think it will force downward pressure on market data fees?

Free Site Registration

April 15, 2009

SEC Warns on Systems Development

By Peter Chapman

Also in this article

  • SEC Warns on Systems Development
  • Page 2

The Securities and Exchange Commission is warning brokerages to make sure their compliance departments are involved when building new trading systems.

Speaking at the TradeTech USA conference in New York last week, Duer Meehan, associate director of the Office of Market Oversight in the SEC's Office of Compliance Inspections and Examinations, told attendees "there has been an increase in compliance issues that arise when entities fail to involve compliance in the development process."

The official, a former trader who also designed trading systems at Bloomberg, also warned the crowd to involve compliance during the testing phase of any new system, "to ensure that compliance failures are not the result of a lack of inadequate and thorough testing."

When confronted with "compliance failures" by the SEC, Meehan said, firms will often admit to not involving their compliance departments in the development of their systems. They also tell the SEC they did not do too much testing before launching the system.

"From a regulatory standpoint," Meehan said, "that raises red flags about a firm's compliance culture."

Meehan would not cite specific examples, but told Traders Magazine: "People roll out a new system. Something goes wrong. And then you find out the regulatory people were not involved. I understand there is pressure on firms to compete, to get things out fast, but they need to slow down."

Industry executives say compliance usually is brought into the development process but problems can still arise. The reasons given vary.

High turnover among trading and compliance staff is one factor, sources say. New compliance officials join a project midstream and consequently aren't as familiar with the project as they could be.

At the larger firms, others say, there can be an attitude of not caring about compliance. Large firms are less concerned about regulatory fines in the thousands of dollars.

Others offer a different perspective. Jess Haberman, chief compliance officer at Fidessa, a trading systems developer, noted that there is "variability in the involvement that compliance officers at broker-dealers take in the design and monitoring of automated systems." But "the bigger broker-dealers, probably because they have a larger staff, can devote more time to having people specifically tasked with ensuring that the systems they use conform to their requirements."

Smaller brokers rely more on Fidessa for expertise, Haberman said, although "even for very large firms with strong internal compliance and technology groups, it can be tough to maintain their programs. There is an advantage to using a vendor."

Others note that errors creep into the development process despite the best intentions and efforts of those involved. The degree to which compliance bugs invade a system can depend on whether the system was developed in-house or externally by a vendor.

In the case of an outside vendor, sometimes there is no compliance official on staff. "The problem then becomes: How do you test these things out for compliance?" said Michael Rosen, senior vice president of product management at agency brokerage UNX. "They don't have the code. They are not looking at the actual code. They are just looking at the output. So if something happens, they don't know why it is happening."