Is exchange system monitoring the answer to systemic risk?10.22.2015
Guy Warren of ITRS looks at how exchange system monitoring can help protect the markets, and the reputational, regulatory and revenue drivers for exchanges and trading venues to implement best practice
Do you remember the famous Honda advert a few years ago, known as ‘The Cog’? One small initial movement, through a fascinating series of complicated mechanisms, can result in a much larger result – like moving a car. But they can be incredibly fragile. Move one piece of the puzzle ever so slightly out of position and the machine breaks down. The lesson is that in a complex system, even a small event can contribute to catastrophe.
In the intricate financial services world – and for exchanges and trading venues especially – tackling such systemic risk has been one of the biggest priorities in recent years and it’s essential that venues monitor their technology for potential problems.
Systemic risk is a concern for the entire market, but for exchanges in particular, the stakes are high. Failure to tackle risk can result in devastating failures, and a series of high-profile outages on the Moscow exchange this year has kept the reliability of exchanges in the headlines for all the wrong reasons. But the markets are yet to collapse around us, so might such hiccups merely represent a minor glitch? The answer is no – exchange failures can break the entire machine, and exchanges should be making moves to stop them for three key reasons.
The regulatory push
Ever greater scrutiny of the financial services has been a familiar feature in the post-crisis world. For instance, in February the Securities Exchange Commission (SEC) implemented Regulation Systems Compliance and Integrity (RegSCI), aimed at protecting the market from the vulnerabilities posed by technology system issues.
RegSCI became an increasing priority of the SEC in response to high profile failures at exchanges and trading venues. Though not an exchange error, the Bank of England suffered a major outage for its Real Time Gross Settlement System (RTGS) in October last year. This resulted in working hours extended into the night and the temporary inability to process a number of large payments. An economy is dependent on this basic feature, and it’s easy to guess the effect a more significant outage could have had. The incident reiterated how these, and other system errors, present a huge risk to market integrity.
RegSCI is an implicit recognition of the importance of exchanges and large venues to market stability and represents a major regulatory incentive for rigorous monitoring. Done well, compliance is a significant expense to be balanced against the bottom line; mishandled, it can become a convoluted and incredibly costly burden to a business. In the worst-case scenario, a failure to adhere to regulation can mean large fines: in 2013 the SEC levied fines of $6million and $4.5million for oversight violations on the Chicago Board Options Exchange and the New York Stock Exchange respectively.
Perhaps even more damaging to exchanges though, is the reputational risk associated with high-profile errors. Problems at exchanges and large trading venues garner a lot of attention and many media column inches. Members of exchanges trust them with large sums and a string of reputational knocks can lead them to wonder whether their trades are safe. If this causes members to withdraw, the venue loses liquidity and becomes a less attractive place for the remaining members, potentially creating a vicious circle – especially if problems are not perceived to be dealt with promptly.
Reputation is a nebulous concept – difficult to measure in dollars and pounds – but even if an exchange doesn’t lose members thanks to an error, it can still have a significant effect on the business. With the proliferation of trading venues, the landscape is increasingly competitive – whether for traditional exchanges protecting market share or new and alternative venues establishing their presence. It’s not inconceivable that a strong reputation for reliability could be a differentiating factor in winning members.
Diversification of revenues
Finally, it’s important to recognise that exchanges are rarely just trading venues anymore: modern exchanges are technology companies and data vendors. For example, proprietary market quotes, once a by-product, are now an important chargeable item. Firms such as exchanges, brokers and MTFs are dependent on more areas of their business for revenue.
In order to remain competitive, such firms don’t just need good data, they need high-integrity data and reliable feeds for it. The firm buying the data can’t, for example, make trades based on patchy, or incomplete data. This means exchanges and venues need to ensure the underlying systems – such as their proprietary data feeds – are robust and maintain quality. Outages could mean data clients look elsewhere. Such revenues are a major incentive for venues to act responsibly and therefore reduce systemic risk. Despite these three drivers though, the sheer complexity of these organisations makes the task extremely difficult.
The problem of complexity
Exchanges depend on vast networks of interconnected technology. If an error – be it the result of a glitch or a human mistake – goes undetected, it can have a knock-on effect on other application sets. The error may then escalate into a major incident for the venue, its members or the market as a whole.
To understand the scale of the risk, it’s important to recognise how much can go wrong. Traditional exchanges are complex enough, however their younger siblings, MTFs and ECNs are equally susceptible, relying as they do on third party price feeds. SEFs and other swaps and fixed income venues can also suffer; with the market maker model they have multiple sets of prices and order books for the same instrument to deal with. Other venue types include OTFs, similar to exchanges in that they have their own internal matching engines, and dark pools, which recent headlines have proved are more vulnerable than most to the shocks of reputational damage in particular.
Each of these venues represents a complex network of application sets, and through interaction with the wider markets there is a further layer of complexity to factor in. Inbound order flows into the exchange must be monitored, including client gateways and connectivity. Then, core matching engines are essential too, as are market data distribution feeds (bi-directional: rely on inbound and sell outbound). Connections to back office and clearing systems and CRM and risk platforms are also essential. All of this adds up to a wholly interdependent and mission-critical infrastructure.
A market comprising so many such venues contains a startling number of possible points of failure.
In such complex systems, it’s peculiar – to say the least – that so many firms persist in relying on disparate monitoring practices. Different parts of the company monitor different aspects of the infrastructure applications or flow without a holistic view. This greatly increases the chance that a glitch or human error goes undetected and can have a crossover effect on different systems.
Monitoring needs to encompass potential infrastructure errors, such as a CPU exceeding its upper performance threshold or a FIX gateway outage preventing inbound flow from clients. It must also cover behaviours which could indicate a system glitch or human error. Further, it must give a view across all application software systems and how each one affects another. Monitoring that does all this gives venues visibility of where problems occur in their infrastructure and allows them to resolve errors early, before they escalate, cascade across different systems and spill into the market.
The reward for best-practice monitoring for firms is maximum uptime, protected business data and in and outbound data flows, reduced reputational risk and protected market-data revenue streams as well as readiness for impending regulation from the SEC or other regulators. For its part, the broader market also benefits from a more robust infrastructure that protects exchanges and members, whilst supporting the global aim of reduced systemic risk and more stable financial markets.
The problem of systemic risk is complicated, like a Rube Goldberg machine, and we are unlikely to find a single simple solution, but exchange system monitoring is surely at least part of the answer. Only through a holistic approach to monitoring their complex technological ecosystems can exchanges and trading venues keep the machine running without breaking down.
Market risk has surpassed cyber risk for the first time.
Aim is to provide improved governance and transparency on risk exposures and boost efficiency for brokers.
Risk managers need to look at different metrics over time.
Proposed rule changes would update the membership standards required of covered clearing agencies.
Acuiti report indicates the downturn in crypto valuations will have consequences.