Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Regulation & Compliance

Group

Financial Services Regulation
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Regulatory Access to Trading Algorithms is Overkill

The former CFTC commissioner Bart Chilton went on record with CNBC saying that the Source Code requirements in Regulation Algorithmic Trading (REG-AT) is extreme overkill and a very slippery slope.

Many in the listed derivatives trading industry strongly believe that ideas and methods that are expressed in our Source Code is critically important and extremely sensitive. It is our proprietary information. As such it should be provided with the utmost the highest level of legal (and governmental) protection.

Requiring the government to have full access to proprietary code bases is indeed a slippery slope even outside of the trading industry.

Once the CFTC sets the precedent, then what next? What other government employees will have access to proprietary trade secrets that many internal staff at the trading firms don’t have access.

Bart has made a very compelling argument here.

See CNBC for the full story.

 

5085

Channels

Security Regulation & Compliance

Group

Financial Services Regulation
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (1)

A Finextra member
A Finextra member 27 June, 2016, 21:43Be the first to give this comment the thumbs up 0 likes

The Alternative Investment Management Association formerly stated to the CFTC:

"Overall, AIMA members are supportive of an obligation for AT Persons to maintain internal source code repositories. It is existing best practice for AT firms to maintain a proportionate change management audit trail for material changes to their production algorithms. Such an audit-trail obligation is also due to be introduced on 3 January 2018 under Article 5 of MiFID II RTS 6 which specifies that investment firms must maintain records of material changes to software, including: (a) when a change is made; (b) the nature of the change; (c) who made the change; and (d) who approved the change.

However, our members strongly disagree and have significant security concerns about the Regulation AT proposal for firms’ source code and related documents to be available for summary inspection by the Commission and Department of Justice (DoJ). We note that no equivalent obligation is due to be introduced under MiFID II and is not a current obligation in any other major jurisdiction. We do not believe that any attempt to undertake ex ante review of source code by the CFTC would be an efficient or effective way to monitor and protect DCMs from abuse or disorder. In terms of the potential for source code to behave abusively or to exacerbate market disorder, we consider that the central role ought to be played by Clearing FCMs, other DEA providers and the DCMs themselves by providing adequate test functionality to help ensure that all algorithms used in live markets are sufficiently tested for stability and propensity for abusive behaviour."

The full comments are available following the link included above.

Report abuse
Join the discussion
Blog group founder

Member since

0

Location

0

More from member

This post is from a series of posts in the group:

Financial Services Regulation

This network is for financial professionals interested in staying up to date on financial services regulation happening anywhere in the world. CFOs, bankers, fund managers, treasurers welcome.

See all
Community
See all blogs »
Information Security 

What D.O.R.A means for your security team

Andrew Kays

Andrew Kays

API 

Financial Organizations Can’t Stop at Security Frameworks to Protect Their APIs

Will Glazier

Will Glazier

Financial Services Regulation 

How FS organisations can navigate the ever-evolving compliance landscape

Mark Nutt

Mark Nutt

Artificial Intelligence  

Navigating Personal Data in LLMs: A GDPR Perspective

Erica Andersen

Erica Andersen

Now hiring

See more