Direct Market Access Controls
Compliance with Exchange Act Rule 15c3-5 (Market Access Rule) requires firms that provide access to trading in securities on an exchange or ATS to incorporate appropriate controls to mitigate key risks. The Market Access Rule is particularly important with the continued increase in automated and high-speed trading.
Noteworthy Examination Findings
FINRA continued to find many of the same issues identified in the Market Access Controls sections of the 2017 and 2018 Reports, as well as additional challenges with certain other market access controls, especially those related to fixed income transactions.
- Insufficient Controls and WSPs – Some firms’ risk management controls and WSPs did not include pre-trade order limits, pre-set capital thresholds and duplicative and erroneous order controls for accessing ATSs, especially for fixed income transactions.
- Inadequate Financial Risk Management Controls – In some instances, firms with market access, or those that provide it, did not establish appropriate capital thresholds for trading desks, aggregate daily limits, or credit limits on institutional customers and counterparties. In some instances, firms with market access, or those that provide it, did not have reasonably designed risk-management controls or WSPs to manage the financial, regulatory or other risks associated with this business activity. Firms should regularly assess the appropriateness of their capital thresholds and pre-set credit limits for each customer.
- Inadequate Basis for CEO Certification – Some firms did not maintain reasonably designed risk-management controls that could support the CEO’s certification pursuant to the requirements of Exchange Act Rule 15c3-5(e)(2).
- Inaccurate Intra-day (Ad Hoc) Adjustments – FINRA identified weaknesses in some firms’ processes for requesting, approving, reviewing and documenting ad hoc credit threshold increases. For example, institutional clients requested ad hoc (daily) adjustments to financial limits in anticipation of increased order activity related to events such as an index rebalancing or a public offering, but once the event concluded (typically the next trading day), firms did not return the limits to their original values. Some firms maintained a manual process for reverting limits to their original values or did not revert the elevated credit limits in a timely fashion, which exposed clients and firms to elevated levels of financial risk.
- Ineffective Erroneous Trading Controls – Some firms failed to implement adequate controls relating to duplicative and erroneous orders. For example, some firms set controls to prevent the routing of a market order based on impact (Average Daily Volume Control) at unreasonable levels, preventing such firms from blocking erroneous trades. These controls can be effective tools (particularly in thinly traded securities) when set at reasonably high levels, and firms should calibrate them to reflect, among other things, the characteristics of the relevant securities, the business of the firm, and market conditions.
- Insufficient Post-Trade Controls and Surveillance – Some firms that provide direct market access via multiple systems, including sponsored access arrangements, did not employ reasonable controls to confirm that those systems’ records were aggregated and integrated in a timely manner. As a result, those firms were not able to successfully conduct holistic post-trade and supervisory reviews for, among other things, potential manipulative trading patterns.
- Regulatory Notice 15-09 (Guidance on Effective Supervision and Control Practices for Firms Engaging in Algorithmic Trading Strategies)
- Regulatory Notice 16-21 (SEC Approves Rule to Require Registration of Associated Persons Involved in the Design, Development or Significant Modification of Algorithmic Trading Strategies)
- Algorithmic Trading Topic Page
- Market Access Topic Page