We look at the most effective ways to ensure software is fit for trading.
Algorithmic trading, or automated trading as it’s known across the Atlantic, has gained significant market share in recent years. One study from the CFTC even found the share of algorithmic trading on some US futures markets to be as high as 80% for FX, 67% for equities, and 62% for interest rates.
Beyond the primary economic drivers of growth for automated trading, there may be a secondary benefit: reducing exposure to conduct risk by eliminating human traders. As some banks have found in recent years, algorithmic trading carries significant conduct risks that may lead to major fines and reputational damage as well as loss of trust and business.
How can businesses guard against conduct risk in an automated trading environment? Removing human traders from the equation eliminates behavioural risks directly associated with trade inception, but it does not completely remove the risk to conduct outcomes expected from banks. The Financial Conduct Authority (FCA) sets three main conduct objectives for firms:
Algorithmic trading systems can undermine any of these three objectives, either due to mistakes and errors in implementation or intentional design features.
The critical path on which an organisation is exposed to conduct risk is much longer for an algorithmic trading business compared to one that uses traditional manual trading. Under the ‘old’ model, the majority of trading conduct issues were due to specific trader behaviours which, at least in theory, could be pinned down to a particular trading desk and subject to a single point of supervision.
Automated trading introduces a complex system of decisions and processes that need to be controlled at each stage to manage conduct risk effectively. Organisations have to consider how to identify, measure and control conduct risk at various stages of the process. This includes the conceptual design of trading systems, the software development cycle (including testing and deployment), pre-trade controls, real-time monitoring, and post-trade detective controls. At each of these stages, organisations are exposed to inherent conduct risks. Risk management therefore becomes more complex in the algorithmic trading environment compared to the traditional manual trading model.
Algorithmic trading has evolved at a faster pace than the corresponding regulation. As such, a number of practices have been adopted by the industry, which have an inherently high conduct risk profile. One of the most prominent examples is the controversial custom ‘Last Look’, which allows market makers to back out of a trade. Even with MiFID II around the corner bringing new sets of rules for algorithmic traders, there is a lack of clear guidelines setting out which specific features of ‘Last Look’ are compatible with good conduct.
Organisations often use disclosure to reduce potential conduct risk. But that’s just the start. Both business and compliance teams need to challenge and review the inherent risks, organisational setup and environmental factors; to assess exposure to conduct risk in the value process – particularly when designing, building, testing, deploying and operating algorithmic trading systems. This end-to-end internal risk assessment process should drive implementation of robust conduct risk mitigation arrangements that will meet regulators’ requirements and achieve the desired outcomes for markets, consumers and fair competition.
© 2021 KPMG LLP a UK limited liability partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more detail about the structure of the KPMG global organisation please visit https://home.kpmg/governance.