Members of the CFTC Technology Advisory Committee discussed possible requirements under Regulation Automated Trading (AT), which the agency proposed in November 2015. Several members felt that the proposed registration requirements should be split off into a separate proposal. In addition, many members felt that pre-trade risk controls should be imposed broadly regardless of registration status. Also, a number of members are very worried about a provision that would require firms to make their algorithmic source codes available to the CFTC upon request.
The comment period for proposed Regulation AT is open until March 16.
Registration. The committee repeatedly grappled with definitions, scope, and the question of "who’s in, who’s out." Commissioner J. Christopher Giancarlo is concerned that the proposed rules are essentially a registration scheme and that requiring the registration of trading algorithms does not address public policy considerations arising from the automation revolution. He asked how the CFTC will adapt a regulatory framework designed to catch "bad guys" to now catch "bad algos." Further, what do essential legal concepts like mens rea, scienter, and "failure to supervise" mean in transactions initiated by artificial intelligence rather than direct human action? More broadly, how will the CFTC recondition 20th century trading markets and their essential institutions to benefit from 21st century automated trading, while maximizing marketplace safety, soundness, efficiency, and resiliency?
Some members did not support the proposed registration requirements. Richard Gorelick, CEO of quantitative trading firm RGM Advisors, questioned the need for a new CFTC registration requirement given that the Commission already has extensive access to information in exchange audit trails and membership files. He also wondered how worldwide trading firms with electronic access who use trading algorithms, but never set foot on a trading floor, would fit into the definition of "floor traders." If the CFTC thinks it has a gap in its ability to supervise some trading firms, then it should propose those registration requirements separately, he said.
Chief Commercial Officer Bryan Durkin of the CME Group agreedthat registration requirements should be split off into a separate proposal, because there is a lot of complexity in how they would be applied. CFTC Chairman Massad questioned this point, asking if the registration requirement were separated out, wouldn’t that just imply a package of risk controls that would apply to the stock exchanges and futures commission merchants (FCMs), as well as anybody that is otherwise registered with the CFTC already? Durkin replied that today, FCMs have obligations to monitor and control the interaction of the AT user the platform, but it seems that the proposed rules would shift some of that responsibility to the exchange (designated contract market or DCM). He said more clarity is needed.
Gary DeWaal, special counsel at Katten Muchin, said he suspected that the projected number of 420 "AT persons" captured by the proposed rules was low, due to a narrower definition of "automated systems" by the exchanges. He thinks the actual number will be higher, but it is hard to tell by how much. He believes the definition should be broad, because we do not know what kind of technologies will be used in the future and don’t want to exclude something that comes after the rule is finalized.
Risk controls. Committee members also circled the issue of whether market participants could be required to comply with various risk control measures if they are not registered with the CFTC. Many members agreed that pre-trade risk controls should be broadly required, because firms can create risk without being registered. Several members made the point that the CFTC currently has large trader reporting requirements that apply regardless of registration status. Similarly, risk controls could be required even if a firm is not registered with the CFTC. In addition, DeWaal believes that the CFTC has clear authority to capture "AT persons" under Section 4c(a)(6) of the Commodity Exchange Act, which specifically gives the Commission authority to promulgate rules and regulations that in its judgment are reasonably necessary to prohibit disruptive trading practices described in Section 4c(a)(5).
Gorelick was concerned that the requirement for firms to have pre-trade risk controls is limited to firms that use algorithms, and firms that conduct electronic keyboard trading would not have this requirement. He believes that pre-trade risk control should be required broadly for all firms conducting electronic trading, noting that the SEC’s studies of volatility spikes in the equities markets have found that most of these events were caused by human mistakes like "fat finger" errors, rather than algorithmic trading bugs. He observed that the futures stock exchanges already have robust pre-trade risk controls for all users, with limits configured and managed by FCMs.
Source code. Several on the committee sounded the alarm on a proposal to require firms to allow the CFTC to inspect algorithmic source code upon request. According to Gorelick, the requirement is unprecedented and violates due process. Source code is intellectual property, he said, and the secret formula for Coca-Cola or the source code for Google search algorithms are not available on demand to regulators without a subpoena. Moreover, it would set a dangerous precedent with foreign governments like China, who have sought to obtain source code of U.S. firms. Several other members echoed the concern that source code becomes vulnerable to hackers when it leaves the firm.
Chris Hehmeyer, CEO of proprietary trading firm HTG Capital Partners, said the question of due process was above his pay grade, but he "instinctively" rejects the idea that IP should be available for government to look at whenever they like without a subpoena. However, he noted that the CME Group has that power today.
"If CME wants to see the code that belongs to a trade identifier, then we show it to them or we’re out of business," Hehmeyer said.
Chair Massad said he "appreciated" the concerns about safeguarding source code, but said it is not the first and not the only form of confidential info the Commission has had access to, and protecting confidentiality of information is incredibly important to what the CFTC does and to the markets.
MainStory: TopStory CommodityFutures Derivatives ExchangesMarketRegulation FinancialIntermediaries Swaps
Interested in submitting an article?
Submit your information to us today!Learn More
Securities Regulation Law Daily: Breaking legal news at your fingertips
Sign up today for your free trial to this daily reporting service created by attorneys, for attorneys. Stay up to date on securities regulation legal matters with same-day coverage of breaking news, court decisions, legislation, and regulatory activity with easy access through email or mobile app.