Market Access Rule

Regulatory Obligations and Related Considerations

Regulatory Obligations:

Exchange Act Rule 15c3-5 (Market Access Rule) requires firms with market access or that provide market access to their customers to “appropriately control the risks associated with market access so as not to jeopardize their own financial condition, that of other market participants, the integrity of trading on the securities markets and the stability of the financial system.” The Market Access Rule applies generally to securities traded on an exchange or alternative trading system, including equities, equity options, exchange-traded funds (ETFs), debt securities, security-based swaps, security futures products, as well as digital assets that meet the SEC’s definition of a security.

Related Considerations:

• If your firm has or provides market access, does it have reasonably designed risk-management controls and WSPs to manage the financial, regulatory or other risks associated with this business activity?
• If your firm is highly automated, how does it manage and deploy technology changes for systems associated with market access and what controls does it use, such as kill switches, to monitor and respond to aberrant behavior by trading algorithms or other impactful market-wide events?
• How does your firm adjust credit limit thresholds for customers, including institutional customers (whether temporary or permanent)?
• Does your firm use any automated controls to timely revert ad hoc credit limit adjustments?
• If your firm uses third-party vendor tools to comply with its Market Access Rule obligations, does it review whether the vendor can meet the obligations of the rule?
• How does your firm maintain direct and exclusive control of applicable thresholds?
• What type of training does your firm provide to individual traders regarding the steps and requirements for requesting ad hoc credit limit adjustments?
• Does your firm test its market access controls, including fixed income controls, and how do you use that test for your firm’s annual CEO certification attesting to your firm’s controls?
• If your firm operates an ATS that has subscribers that are not broker-dealers, how does your firm comply with the requirements of the Market Access Rule, including establishing, documenting and maintaining a system of controls and supervisory procedures reasonably designed to manage the financial, regulatory and other risks of this business activity?

Exam Findings and Effective Practices

Exam Findings:

• Insufficient Controls – No pre-trade order limits, pre-set capital thresholds and duplicative and erroneous order controls for accessing ATSs, including those that transact fixed income transactions; not demonstrating the reasonability of assigned capital and credit pre-trade financial control thresholds; inadequate policies and procedures to govern intra-day changes to firms’ credit and capital thresholds, including requiring or obtaining approval prior to adjusting credit or capital thresholds, documenting justifications for any adjustments and ensuring thresholds for temporary adjustments revert back to their pre-adjusted values.
• Inadequate Financial Risk Management Controls – For firms with market access, or those that provide it, unreasonable capital thresholds for trading desks, and unreasonable aggregate daily limits or credit limits for institutional customers and counterparties.
• Reliance on Vendors – Relying on third-party vendors’ tools, including those of an ATS or exchange, to apply their financial controls without performing adequate due diligence, not understanding how vendors’ controls operate, or both; and not maintaining direct and exclusive control over controls by allowing the ATS to unilaterally set financial thresholds for firms’ fixed income orders without the involvement of the firm, instead of establishing their own thresholds (some firms were not sure what their thresholds were and had no means to monitor their usage during the trading day).

Effective Practices:

• Pre-Trade Fixed Income Financial Controls – Implementing systemic pre-trade “hard” blocks to prevent fixed income orders from reaching an ATS that would cause the breach of a threshold.
• Intra-Day Ad Hoc Adjustments – Implementing processes for requesting, approving, reviewing and documenting ad hoc credit threshold increases and returning limits to their original values as needed.
• Tailored Erroneous or Duplicative Order Controls – Tailoring erroneous or duplicative order controls to particular products, situations or order types, and preventing the routing of market orders based on impact (Average Daily Volume Control) that are set at reasonable levels (particularly in thinly traded securities); and calibrating to reflect, among other things, the characteristics of the relevant securities, the business of the firm and market conditions.
• Post-Trade Controls and Surveillance – When providing direct market access via multiple systems, including sponsored access arrangements, employing reasonable controls to confirm that those systems’ records were aggregated and integrated in a timely manner and conducting holistic post-trade and supervisory reviews for, among other things, potentially manipulative trading patterns.
• Testing of Financial Controls – Periodically testing their market access controls, which forms the basis for an annual CEO certification attesting to firms’ controls.

Additional Resources

• Regulatory Notice 16-21 (SEC Approves Rule to Require Registration of Associated Persons Involved in the Design, Development or Significant Modification of Algorithmic Trading Strategies)
• Regulatory Notice 15-09 (Guidance on Effective Supervision and Control Practices for Firms Engaging in Algorithmic Trading Strategies)
• FINRA’s Algorithmic Trading Topic Page
• FINRA’s Market Access Topic Page
• SEC’s Responses to Frequently Asked Questions Concerning Risk Management Controls for Brokers or Dealers with Market Access