Industry Questions Reg SCI’s Effectiveness After SEC Vote

Investment market participants still doubt that the new system risk rule will have any impact in a complex and far-reaching global market structure.

After 18 months of consultation with the cash-equities market participants, the U.S. Securities and Exchange Commission voted to approve Regulation Systems Compliance and Integrity (Reg SCI) on November 20. But the jury is still out among industry members as to whether it will accomplish its goals.

Under the new regulation, self-regulatory organizations (SROs), certain alternative trading system (ATS) operators, market data plan processors and certain exempt clearing agencies will be required to have comprehensive policies and procedures in place for their technological systems.

What are the costs and impications of Reg SCI? Two compliance attoneys weigh in.

The SCI entities will have nine months to bring their systems and procedures in line with the new regulation 60 days after the SEC publishes Reg SCI in the Federal Register and 21 months to comply with sector- or industry-wide coordinated testing requirements, according to SEC officials.

The rules provide greater accountability for those responsible for our critical market systems, helping ensure that such systems operate effectively and that any issues are promptly corrected and communicated to market participants and the Commission, said SEC Chair Mary Jo White yesterday.

However, some within the industry question whether the new reporting regime will mitigate the technology issues that lead to high-profile trading and market data outages that have happened over the past few years.

David Weiss, a senior analyst at industry research firm Aite Group, sees the new regulation as window dressing that will not even act as a Band-Aid for current market structure issues.

I doubt that anyone would attribute the failures in the cash equities markets or derivatives markets to technology, not even Michael Lewis, he said, referrijng to the author of “Flash Boys,” the best-selling book that attacked the methods and ethics of high-frequency traders. This does not address the underlying market structure problems that the SEC encouraged by through Regulation NMS. Almost everything an exchange does has to be explicitly signed off by the SEC.

Reg SCIs reporting requirements also omits key issues like discontinuity in personnel and the industrys adoption of new technology models, such as multi-tenant infrastructure, Weiss added.

The SECs goals of improving investor confidence in the health and robustness of the US equities markets with Reg SCI is important, but SCI entities already have a financial incentive to make sure their systems do not fail, according to Jim Myers, senior manager for business consulting, trading and risk management at industry consultancy Sapient Global Markets.

It is in no ones best interest to have an exchange outage or other headline-making event, Myers explained. We documented when the CBOE had an outage on April 25, 2013, it took the options exchange an entire month to get back to its pre-outage marketshare.

Although Myers says that the benefits of Reg SCI for individual effected organizations might be nebulous, the regulation could produce systemic benefits as the SEC aggregates and analyzes the new reports.

Paying for these benefits will fall squarely on the shoulders of the SRO and ATS operators as they meet their Reg SCI obligations, which might be passed through to the bu side as an extraordinary small uptick in trading costs, Meyers added.

As expected, some financial IT vendors see the passage of Reg SCI as a call to banks to refresh their back office systems in an attempt to mitigate system risk. Mark Brennan, head of business development, Americas at ITRS, an application monitoring and management software provider, said, “Tackling systemic risk has been one of the biggest priorities in recent years and the approval of the SECs long-anticipated Reg SCI is an important step. Reg SCI is an implicit recognition of the importance of exchanges and large venues to market stability and represents a major regulatory incentive for rigorous monitoring.”

Firms will now have to look to their enterprise and rethink how they view their reliability, which is something many firms have paid lip service to over the years. “Monitoring needs to encompass potential infrastructure errors, from a CPU exceeding its upper performance threshold or a FIX gateway outage preventing inbound flow from clients to covering behaviours that could indicate a system glitch or human error,” said Brennan.