May 24 is the deadline for comment on the Securities and Exchange Commission’s proposal mandating technical standards, testing and reporting on material changes to the computing systems of exchanges and alternative trading systems.
The proposal comes in the wake of a series of technical disruptions to equities markets, from the May 6, 2010 flash crash, the flubbed initial public offerings of BATS Global Markets and Facebook stock and the flood of erroneous orders that market maker Knight Capital Group sent out last August 1, which cost it about $1 million a minute.
Here’s the take of James J. Angel, capital markets professor at Georgetown University, now on loan to the Wharton School, on what Regulation Systems Compliance and Integrity will mean.
Q: What do you think the impact on (a) exchanges and (b) brokers of Reg SCI is going to be?
A: The SEC is doing its traditional policies and procedures approach. Basically, all they’re doing is saying you must have policies that your systems will not break, okay. You have to document these policies and you have to document your adherence to these policies.
Q: Why?
A: Given the large number of technical glitches we’ve had, clearly the SEC has to be doing something. But that something is just more paperwork so they can send in under-trained people to check the box to say, the documents are there and, when the systems break, which they inevitably do no matter how careful you are, something bad will happen. It will be prima facie evidence that you have violated your own policies and procedures and therefore they will call in the enforcement staff to do bad things to you.
Q. On the other side?
A. One of the nice things I like is the fact that the [exchanges] will be able to require their participants to participate in testing which they can’t really do right now. The exchanges run their special test days on Saturdays. I’ve actually witnessed them and the people who connect to them may or may not connect.
Q: You’re talking about the brokers. A lot of them just don’t participate, right?
A: Right. Hey, nobody wants to come in and spend their weekends testing the system. Now, every institution has the right financial incentives to make sure that their systems don’t fail, particularly after the Knight incident. Every electronic firm, every exchange, every broker has an electronic sword of Damocles hanging over their head that says you could be out of business in 30 seconds if you mess up. No amount of regulatory paperwork is going to do any better than that to make sure that firms do their absolute utmost best not to mess up Knight style.
Q. Where is the problem?
A. It’s at the network-wide level. What happens when the market itself is overwhelmed by a tsunami of message traffic? The mini-flash crash we had (the “hash crash” involving a faked Associated Press news report) should be a warning. There were plenty of records that were set during those two minutes and trading platforms were reporting late. Imagine if that had been a real incident.
Q: Say there really was a bomb at the White House…
A: Right. Given the instantaneous reaction of everybody, I don’t think the market can handle that.
Q: Why not?
A: It would just overwhelm everybody’s message traffic. Electronic systems have capacity limits. And when you stress a system to its capacity it fails in strange ways, especially with a very complex network like what we have. And you never know whose hard drive is going to fill up or whose data buffers are going to overflow or where the queues in the system are going to make things respond chaotically.
Q: So what do you think should be done in this? How do you protect against that huge market data flow or the huge order flow or both?
A: I think the SEC needs to adopt an attitude more like the FAA (Federal Aviation Authority). I mean, plane crashes kill people, market crashes don’t. And what the FAA does is they have these self-reporting systems. If you self-report and face the issue, that is a safe harbor. You will not be sanctioned even if you are the guilty party. So if the pilot says, whoops, I hit the wrong button in the cockpit and, the flaps went up instead of down, it was pilot error. But it also indicates the design of the buttons might be bad from a human engineering perspective. So, the FAA finds, yeah, the pilot screwed up, he hit the wrong button, but maybe we should redesign where we put the button. So the SEC should follow the FAA’s lead and basically have a safe harbor for any self-reported SCI issues. It’s a simple answer. We need to change the culture of the SEC from a gotcha agency, you know, that sort of measures its progress by the level of fines it imposes and move towards one of a preventative agency. How can we fix things?
Q: What else?
A: Know that, no matter what we do, a system is going to break. We really need to focus on making the network a fail-safe network so that when the IT hits the fan we don’t have the market instability that we saw in the flash crash.
Q: How do you corral that?
A: You can put some human judgment back into the system. The most important thing is that the closing prices have to be accurate. So there needs to be a capability to have humans say, we are going to extend regular hours trading for 30 minutes or an hour, so that we’ll have some normal trading and a normal orderly close. We’re not building that human judgment back into the system. We need instantaneous circuit breakers to prevent erroneous trades. We need human judgment to give us a good reopen.
Q: That’s a good first step. What’s the second?
A: I think we clearly need to think carefully through how to throttle back the market if it is overloaded with message traffic. If you look at electric utilities, they have plans for load shedding when they have an overload. What would load shedding look like in securities markets?
Q: What would you throttle back?
A: Specific customers. Clearly, people who are registered as market makers and who actually are doing market making should not be throttled back. They’re the people who are most needed in these emergency situations. Basically, exchanges need to be doing it at the broker level.
Q: So basically the heavy-duty automated traders.
A: Yeah, but not all of them, okay. The market makers, the ones who are actually providing liquidity to the market, we want them to stay there.
