The Securities and Exchange Commission’s proposed Regulation SCI (Systems Compliance and Integrity) puts the onus on market participants to have comprehensive policies and procedures in place surrounding their technological systems.
“Regulation SCI should require exchanges and market centers to have appropriate testing in place,” said Slade Winchester, director of U.S. equity derivatives at Citi. “We will be following the development of this rule closely.”
The new requirement will present challenges for compliance professional, especially the Chief Compliance Officer, who is responsible for the creation and enforcement of reasonable supervisory procedures related to the implementation and maintenance of applicable technology and the software that operates it.
“While these responsibilities are far from a routine compliance skill set, Reg SCI is a continuation of a recent trend by the SEC of placing increased reasonability on compliance with respect to policies and procedures for implementing various types of technology,” said John Rapa, CEO of Tellefsen and Co., in a web presentation. Tellefsen and Co. provides compliance consulting to financial market participants.
For the past two decades, self-regulatory organizations have followed a voluntary set of principles articulated in the SEC’s Automation Review Policy and participated in what is known as the ARP Inspection Program, said Rapa.
The SEC has noted that the continuing evolution of the securities markets to where they have become almost entirely electronic and highly dependent on sophisticated trading and other technology (including complex regulatory and surveillance has posed challenges for the ARP Inspection Program.
Reg SCI is designed to ensure that core technology of national securities exchanges, alternative trading systems, clearing agencies, and plan processors meet certain standards, that these entities conduct business continuity testing with their members and participates, and provide certain notification regarding systems disruptions and other types of systems issues.
“It would apply primarily to the systems of SCI entities that are core to the function of the securities markets, such as those that directly support trading, clearance and settlement, order routing, market data, regulation or surveillance,” said Rapa.
Recent technical glitches in the securities markets, including those that arose during the IPOs of Facebook and Bats Global Markets, as well as the Knight Capital trading incident “have illustrated that investors can be at risk when technology fails, and confidence in the markets can falter,” Rapa said.
Following the Flash Crash in May 2010, the SEC approved a series of measures to help limit the impact of such technological errors. For instance, the SEC approved rules to halt trading when a stock price falls too far, too fast as well as rules to provide certainty in advance of when an erroneous trade would be broken and rules to eliminate stub quotes.
Additionally, the SEC approved a rule known as the market access rule, which requires brokers and dealers with market access to put in place risk management controls and supervisory procedures designed to manage the financial, regulatory, and other risks posed to the markets by a malfunctioning of their technological systems.
