Alert November 16, 2010

SEC Requires Broker-Dealers with Market Access to Establish and Maintain Risk Management Controls

On November 3, 2010 the SEC adopted new Rule 15c3-5 under the Securities Exchange Act of 1934.  The adopting release is available here.  Rule 15c3-5 will require brokers or dealers with access to trading securities directly on an exchange or alternative trading system (“ATS”), including those providing sponsored or direct market access to customers or other persons, and broker-dealer operators of an ATS that provide access to trading securities directly on their ATS to a person other than a broker-dealer, to establish, document and maintain a system of risk management controls and supervisory procedures.  The risk management controls and procedures must be reasonably designed to:

  • Systematically limit the financial exposure of the broker-dealer that could arise as a result of market access, and
  • Ensure compliance with all regulatory requirements that are applicable in connection with market access.

Direct Market Access: Sponsored and Unfiltered Access

Broker-dealers with market access through an exchange or  ATS are identified by a market participant identifier (“MPID”) which operates as a special pass to the markets.  In the ordinary course of business, such broker-dealers use their market access to place orders for customers.  Some sophisticated customers, such as institutions and high-frequency traders, use technological tools that allow them to place orders and execute high-speed trades directly into the market, using the MPID of their broker.  This is referred to as “direct market access” or “sponsored access.”  If the customer is able to place an order that flows directly into the markets without first passing through the broker’s systems and without being pre-screened by the broker in any manner, this type of sponsored access is known as “unfiltered” or “naked” access. 

The SEC is concerned about the lack of regulatory and risk controls by the broker-dealer in cases of unfiltered access by customers.  In addition to requiring more robust controls for all orders directed to the market by broker-dealers with market access, Rule 15c3-5 will effectively prohibit broker-dealers from providing unfiltered access by their customers to the markets.

Broker-Dealers Subject to the Rule

Rule 15c3-5 will require implementation of risk management controls and supervisory procedures by:

  • Broker-dealers that are members of an exchange or subscribe to an ATS and
  • Broker-dealer operators of an ATS that provide access to trading securities directly on their ATS to a person other than a broker-dealer.

The controls and procedures required by the Rule are the responsibility of the broker-dealer providing access to the market, and cannot be allocated by contract or otherwise to any person other than another broker-dealer, and may only be allocated to another broker-dealer under limited circumstances.  A broker-dealer may allocate control by written contract to a broker-dealer that is a customer if the allocating broker-dealer (1) performs a thorough due diligence review of the customer broker-dealer’s controls and (2) determines that the customer broker-dealer has better access to the ultimate customer and its trading information such that it can more effectively implement the specified controls or procedures.  A broker–dealer may not allocate its responsibilities solely on the basis of convenience or preference.

Financial Risk Management Controls and Supervisory Procedures

The broker-dealer providing market access to customers must implement risk management controls and supervisory procedures reasonably designed to systematically limit the financial exposure of the broker-dealer that could arise as a result of market access, including controls to:

  • Prevent the entry of orders that exceed appropriate pre-set credit or capital thresholds in the aggregate for each customer and the broker-dealer and, where appropriate, more finely-tuned by sector, security or otherwise by rejecting orders if such orders would exceed the applicable credit or capital threshold; and
  • Prevent the entry of erroneous orders, by rejecting orders that exceed appropriate price or size parameters, on an order-by-order basis or over a short period of time, or that indicate duplicative orders.

In the adopting release, the SEC says that because financial exposure through rapid order entry can be incurred very quickly in today’s fast electronic markets, controls that measure compliance with credit or capital thresholds should do so on the basis of orders entered rather than executions obtained.  However, in recognition that some active trading strategies result in only a small number of executions relative to the orders entered, the SEC acknowledges that a reasonably designed risk management control could measure according to orders entered but discount for the probability that the orders will be executed according to reasonable risk management models.

Regulatory Risk Management Controls and Supervisory Procedures

The broker-dealer’s regulatory risk management controls and supervisory procedures should be reasonably designed to:

  • Prevent the entry of orders unless there has been compliance with all regulatory requirements that must be satisfied on a pre-order entry basis;
  • Prevent the entry of orders for securities for a broker-dealer, customer, or other person if such person is restricted from trading those securities;
  • Restrict access to trading systems and technology that provide market access to persons and accounts pre-approved and authorized by the broker-dealer; and
  • Assure that appropriate surveillance personnel receive immediate post-trade execution reports that result from market access.

In response to commenters’ concerns about the scope of the Rule, and the regulatory requirements to be controlled for, the SEC stated: “the term ‘regulatory requirements’ is limited to those ‘that are applicable in connection with market access.’  Accordingly, the regulatory risk management controls and supervisory procedures required under Rule 15c3-5(c)(2) must address those regulatory requirements that flow from a broker-dealer having or providing access to trading securities on an exchange or ATS.”

The effective date of the Rule is January 14, 2011.  Broker-dealers will then have six months, until July 14, 2011, to comply with the Rule.