SEC Proposes First Update of Automation Controls in 22 Years

The U.S. Securities and Exchange Commission is seeking comment on rules that would require exchanges and many other electronic trading venues to maintain technology systems against disruptions and report any outages.

SEC commissioners voted unanimously to propose automation principles that also would cover dark pools, financial industry self-regulators and networks that provide quotation and trade data to the public. The planned update of 22-year-old standards calls for the entities to regularly audit information systems for resiliency and security and notify the SEC of disruptions.

“This is a vitally important proposal,” SEC Chairman Elisse B. Walter said in a statement. The rule, which was released for 60 days of public comment, would help “ensure that our U.S. securities markets are better insulated from disruption from technology failures and deficiencies in controls.”

The proposal is the latest effort by the SEC to minimize damage from failures caused by automated trading errors such as the malfunction by Knight Capital Group Inc. (KCG) in August, which almost bankrupted the firm and led to its sale to Getco LLC. Exchanges and clearinghouses for more than 20 years have been subject to a voluntary program relying on self-audits and occasional SEC inspections.

The SEC, which accelerated the proposal after the Knight Capital malfunction, already has enacted rules requiring broker checks against erroneous orders and circuit breakers that halt trading during periods of extraordinary volatility.

National Marketplace

The rule proposed today relies on entities to establish policies and procedures to safeguard the integrity and security of their computer systems, which stitch together a complex national marketplace for securities. The systems covered by the proposal include those that directly support trading, clearance and settlement, order routing, market data, regulation or surveillance, according to an SEC fact sheet.

The rules would apply to 44 entities, including the Financial Industry Regulatory Authority, which oversees brokers, and the Municipal Securities Rulemaking Board. Those self- regulators would fall under the rule because they disseminate market data, according to the SEC.

The proposal also would require the entities to ensure they can quickly resume operations after natural disasters such as Hurricane Sandy.

Commissioner Luis A. Aguilar said the rule should be strengthened to include minimum standards and a requirement that compliance be certified by a third party. He criticized the proposal for including a so-called safe harbor against penalties for entities that show they follow a narrower set of industry standards.

‘Falls Short’

The limitations “will result in a rule proposal that falls short of its goals,” Aguilar said.

Commissioner Daniel M. Gallagher said the safe harbor would “incentivize the creation of controls designed to enhance industry compliance with the federal securities laws.”

The proposal would apply to significant alternative trading systems, including equity dark pools and the over-the-counter market. Trading centers would be subject to the rule if they execute 0.25 percent of total trading volume and 5 percent in any one stock, or if their share of total trading volume exceeds 1 percent.

The SEC, which will weigh public comment before moving to finalize the rule, is seeking input on whether it also should apply to brokerages such as Knight Capital.

‘Black Monday’

The voluntary standard, known as Automation Review Policy, was created after the October 1987 market crash known as “Black Monday.” It was intended to ensure the exchanges had enough capacity to handle surges in trading activity.

The SEC last issued policy guidance about the program to exchanges and clearing firms in May 1991.

A report issued by the U.S. Government Accountability Office in 2001 said the SEC devoted limited resources to overseeing the voluntary guidelines. It faulted the SEC for relying on the exchanges and clearinghouses to self-audit their systems instead of using external organizations as an “independent check.”

The GAO also said the SEC hadn’t assessed the compliance of exchanges and clearinghouses with the voluntary guidelines.

Commissioner Troy A. Paredes said today the proposal is an improvement over the voluntary program.

“It’s unrealistic to expect we’re going to have a point in time when we experience zero glitches and zero problems,” Paredes said. “Anytime you have humans, you are going to get errors.”

To contact the reporter on this story: Dave Michaels in Washington at dmichaels5@bloomberg.net

To contact the editor responsible for this story: Maura Reynolds at mreynolds34@bloomberg.net

Bloomberg reserves the right to edit or remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.