The U.S. Securities and Exchange Commission has voted to adopt Regulation Systems Compliance and Integrity (Regulation SCI) – which imposes requirements on certain key market participants intended to reduce the occurrence of systems issues and improve resiliency when systems problems do occur.

“The rules adopted today mark an historic shift in the Commission’s regulation of the U.S. securities markets that will better protect investors by requiring comprehensive new controls for the technological systems that form the core of our current markets,” said SEC Chair Mary Jo White in a statement. “The rules provide greater accountability for those responsible for our critical market systems, helping ensure that such systems operate effectively and that any issues are promptly corrected and communicated to market participants and the Commission.”

Under Regulation SCI, self-regulatory organizations, certain alternative trading systems (ATSs), plan processors, and certain exempt clearing agencies will be required to have comprehensive policies and procedures in place for their technological systems.

BATS Global Markets said in a statement: “As we’ve stated in the past, BATS supports the policy goals of Reg SCI and we appreciate the Commission’s thoughtful consideration of industry comment letters in finalizing the rule.”

The rules also provide a framework for these entities to, among other things, take appropriate corrective action when systems issues occur; provide notifications and reports to the SEC regarding systems problems and systems changes; inform members and participants about systems issues; conduct business continuity testing; and conduct annual reviews of their automated systems.

“Tackling systemic risk has been one of the biggest priorities in recent years and the approval of the SEC’s long-anticipated Reg SCI is an important step,” said Mark Brennan, head of business development, Americas at ITRS. “Reg SCI is an implicit recognition of the importance of exchanges and large venues to market stability and represents a major regulatory incentive for rigorous monitoring.”

Monitoring needs to encompass potential infrastructure errors, from a CPU exceeding its upper performance threshold or a FIX gateway outage preventing inbound flow from clients to covering behaviours that could indicate a system glitch or human error, according to Brennan.

“The reward for best-practice monitoring for firms goes far beyond regulatory compliance though – it means maximum uptime, reduced reputational risk and protected market-data revenue streams,” he said.

Entities subject to Regulation SCI generally must comply with the requirements nine months after the effective date. ATSs newly meeting the volume thresholds in the rules for the first time, will be provided an additional six months from the time that the ATS first meets the applicable thresholds to comply. Further, entities will have 21 months from the effective date to comply with the industry- or sector-wide coordinated testing requirement.

Featured image via Wikimedia Commons, under creative commons