Skip to main content

Market Access Rule

NEW FOR 2024

Regulatory Obligations and Related Considerations

Regulatory Obligations

Exchange Act Rule 15c3-5 (Market Access Rule) requires firms with market access or that provide market access to their customers to appropriately control the risks associated with market access so as not to jeopardize their own financial condition, that of other market participants, the integrity of trading on the securities markets and the stability of the financial system. The Market Access Rule applies generally to securities traded on an exchange or alternative trading system, including equities, equity options, ETFs, debt securities, security-based swaps and security futures products, as well as crypto assets that meet the Exchange Act’s definition of a security.

Related Considerations

  • If your firm has or provides market access, does it have reasonably designed risk-management controls and WSPs to manage the financial, regulatory or other risks associated with this business activity?
  • If your firm is highly automated, how does it manage and deploy technology changes for systems associated with market access; and what controls does it use, such as kill switches, to monitor and respond to aberrant behavior by trading algorithms or other impactful market-wide events?
  • How does your firm adjust credit limit thresholds for customers, including institutional customers (whether temporary or permanent)?
  • Does your firm utilize “soft” block controls? If so, does your firm maintain procedures surrounding order reviews and overrides, including supervisory reviews?
  • Does your firm make special provisions (e.g., different parameters) for any specific order types (e.g., limit on close)? If so, how does your firm document these provisions?
  • Does your firm use any automated controls to timely revert ad hoc credit limit adjustments?
  • If your firm uses third-party vendor tools to comply with its Market Access Rule obligations, does it review whether the vendor can meet the obligations of the rule?
  • How does your firm maintain direct and exclusive control of applicable thresholds?
  • What type of training does your firm provide to individual traders regarding the steps and requirements for requesting ad hoc credit limit adjustments?
  • Does your firm test its market access controls for effectiveness (e.g., does the type of control fit your firm’s business model) and reasonableness, including fixed income controls, and how do you use that test for your firm’s annual CEO certification attesting to your firm’s controls?
  • If your firm operates an ATS that has subscribers that are not broker-dealers, how does your firm comply with the requirements of the Market Access Rule, including establishing, documenting and maintaining a system of controls and supervisory procedures reasonably designed to manage the financial, regulatory and other risks of this business activity?
  • Does your firm maintain documentation to demonstrate the reasonableness of its controls and corresponding parameters?

Findings and Effective Practices


  • Insufficient Controls:
    • Not establishing pre-trade order limits, pre-set capital thresholds and duplicative and erroneous order controls for accessing ATSs, including those that transact fixed income transactions.
    • Setting pre-trade order limits at unreasonable thresholds based on a firm’s business model.
    • Not demonstrating, and failing to maintain, documentation demonstrating the reasonability of assigned capital, credit and erroneous order pre-trade financial controls.
    • Not establishing adequate policies and procedures to govern intra-day changes to firms’ credit and capital thresholds, including requiring or obtaining approval prior to adjusting credit or capital thresholds, documenting justifications for any adjustments and ensuring thresholds for temporary adjustments revert back to their pre-adjusted values.
  • Failure to Consider Additional Data: Failing to consider a firm’s business model when setting pre-trade order limits or other regulatory requirements (e.g., Limit Up-Limit Down (LULD) thresholds and exchanges’ Limit Order Price Protection thresholds), as well as historical and available liquidity, and the time required for liquidity replenishment, when determining erroneous price and size control thresholds.
  • Impermissible Exclusions: Excluding certain orders from a firm’s pre-trade erroneous controls based on order types (e.g., excluding limit on close orders from a firm’s price controls).
  • Inadequate Financial Risk Management Controls: For firms with market access, or those that provide it, unreasonable capital thresholds for trading desks and unreasonable aggregate daily limits or credit limits for institutional customers and counterparties.
  • Reliance on Vendors: Relying on third-party vendors’ tools, including those of an ATS or exchange, to apply their financial controls without performing adequate due diligence, not understanding how vendors’ controls operate, or both; and not maintaining direct and exclusive control over controls by allowing the ATS to unilaterally set financial thresholds for firms’ fixed income orders without the involvement of the firm, instead of establishing their own thresholds.
  • Failure to Document Annual Review of Effectiveness: Failure to document the firm’s review, conducted at least annually, of the effectiveness of its risk management controls and supervisory procedures (e.g., no inventory of the specific systems, controls, thresholds or functionality that were reviewed), including the reasonableness of the firm’s market access controls applicable to each business/product line in which the firm provides market access.

Effective Practices

  • Pre-Trade Fixed Income Financial Controls: Implementing systemic pre-trade “hard” blocks to prevent fixed income orders from reaching an ATS that would cause the breach of a threshold.
  • Intra-Day Ad Hoc Adjustments: Implementing processes for requesting, approving, reviewing and documenting ad hoc credit threshold increases and returning limits to their original values as needed.
  • Soft Blocks:
    • Implementing detailed and reasonable WSPs that list the steps that firm personnel should take when determining how to handle orders that trigger soft controls; and requiring staff to document their findings and rationale for releasing an order following a review.
    • Conducting a separate supervisory review to ensure that release rationales are appropriate; and requiring the incorporation of review results when assessing the effectiveness of the firm’s controls.
  • Tailored Erroneous or Duplicative Order Controls:
    • Tailoring erroneous or duplicative order controls to particular products, situations or order types; and preventing the routing of market orders based on impact (e.g., Average Daily Volume Control) that are set at reasonable levels (particularly in thinly traded securities); and calibrating to reflect, among other things, the characteristics of the relevant securities, the business of the firm and market conditions.
    • Ensuring that controls apply to all order flow and all trading sessions.
  • Market Impact: Developing reasonable complementary controls (e.g., a market impact check, a liquidity check, an average daily volume control) based upon the firm’s business model and historical order flow; and using a benchmark when pricing child orders for a larger parent market order (e.g., the NBBO or last sale at the time of the initial child order route) to monitor the cumulative market impact of subsequent child orders over a short period-of-time.
  • Reference Data: Using a reasonable process for choosing reference data in developing various controls, so if one piece of data is not obtained another could be substituted (e.g., the NBBO vs. the last sale or the previous day’s closing price).
  • Post-Trade Controls and Surveillance: When providing direct market access via multiple systems, including sponsored access arrangements, employing reasonable controls to confirm that those systems’ records were aggregated and integrated in a timely manner, and conducting holistic post-trade and supervisory reviews for, among other things, potentially manipulative trading patterns.
  • Testing of Risk Management Controls: Regularly testing market access controls, such as:
    • performing a review at least annually of the business activity of the firm in connection with market access (and an annual CEO certification attesting to firms’ controls);
    • maintaining data and documents that evidence the rationale for continued use of implemented controls and parameters;
    • focusing on the parameters for controls and analyzing whether they are reasonable and would prevent the entry of erroneous orders under different scenarios (e.g., the entry of a large order in a thinly-traded or high-priced security) and product types;
    • determining whether hard blocks are working (e.g., triggered when a parameter is triggered);
    • determining whether soft blocks are an effective control (e.g., by outlining specific steps for, and appropriately documenting, those reviews); and
    • documenting reviews and retaining information used in decisions to adjust, maintain, or create new controls (e.g., change in business lines may result in short-period-of-time controls in addition to order-by-order controls).

Additional Resources