80 FR 78823 2015-30533. Regulation Automated Trading  

  • Action

    Notice Of Proposed Rulemaking.

    Summary

    The Commodity Futures Trading Commission (“CFTC” or “Commission”) is proposing a series of risk controls, transparency measures, and other safeguards to enhance the regulatory regime for automated trading on U.S. designated contract markets (“DCMs”) (collectively, “Regulation AT”). The Commission's proposals build on efforts by numerous entities in recent years to promote best practices and regulatory standards for automated trading, including standards and best practices for algorithmic trading systems (“ATSs”), electronic trade matching engines, and new connectivity methods that characterize modern financial markets. In 2012 the Commission adopted rules requiring futures commission merchants (“FCMs”), swap dealers (“SDs”), and major swap participants (“MSPs”) to use automated means to screen orders for compliance with certain risk-based limits. It also adopted rules requiring certain financial risk control requirements for DCMs offering direct market access to their customers. In 2013 the Commission published an extensive Concept Release on Risk Controls and System Safeguards for Automated Trading Environments (“Concept Release”), compiling in one document a comprehensive discussion of industry practices, Commission regulations, and evolving concerns in automated trading.1 Now, through this notice of proposed rulemaking (“NPRM”) for Regulation AT, the Commission seeks to update Commission rules in response to the evolution from pit trading to electronic trading. In particular, the Commission is proposing to adopt a comprehensive approach to reducing risk and increasing transparency in automated trading. Proposed Regulation AT is designed to consolidate previous work by industry participants, the Commission, and fellow regulators into a unified body of law addressing automation in order placement and execution in U.S. derivatives markets. The Commission welcomes all public comments.

    1 Concept Release on Risk Controls and System Safeguards for Automated Trading Environments, 78 FR 56542 (Sept. 12, 2013).

    Unified Agenda

    Concept Release on Risk Controls and System Safeguards for Automated Trading Environments

    5 actions from September 12th, 2013 to March 2015

    • September 12th, 2013
    • December 11th, 2013
      • ANPRM Comment Period End
    • January 24th, 2014
    • February 14th, 2014
      • ANPRM Extended Comment Period End
    • March 2015
      • NPRM
     

    Table of Contents Back to Top

    Tables Back to Top

    DATES: Back to Top

    Comments must be received on or before March 16, 2016.

    ADDRESSES: Back to Top

    You may submit comments, identified by RIN 3038-AD52, by any of the following methods:

    • CFTC Web site: http://comments.cftc.gov. Follow the instructions for submitting comments through the Comments Online process on the Web site.
    • Mail: Send to Christopher Kirkpatrick, Secretary of the Commission, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street, NW., Washington, DC 20581.
    • Hand Delivery/Courier: Same as Mail, above.
    • Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.

    Please submit comments by only one method. All comments should be submitted in English or accompanied by an English translation. Comments will be posted as received to http://www.cftc.gov. You should submit only information that you wish to make available publicly. If you wish the Commission to consider information that may be exempt from disclosure under the Freedom of Information Act (“FOIA”), a petition for confidential treatment of the exempt information may be submitted according to the procedures established in 17 CFR 145.9. The Commission reserves the right, but shall have no obligation, to review, prescreen, filter, redact, refuse, or remove any or all of your submission from http://www.cftc.gov that it may deem to be inappropriate for publication, such as obscene language. All submissions that have been so treated that contain comments on the merits of the rulemaking will be retained in the public comment file and will be considered as required under the Administrative Procedure Act and other applicable laws, and may be accessible under FOIA.

    FOR FURTHER INFORMATION CONTACT: Back to Top

    Sebastian Pujol Schott, Associate Director, Division of Market Oversight, sps@cftc.gov or 202-418-5641; Marilee Dahlman, Special Counsel, Division of Market Oversight, mdahlman@cftc.gov or 202-418-5264; Mark Schlegel, Special Counsel, Division of Market Oversight, mschlegel@cftc.gov or 202-418-5055; Michael Penick, Economist, Office of the Chief Economist, mpenick@cftc.gov or 202-418-5279; Richard Haynes, Economist, Office of the Chief Economist, rhaynes@cftc.gov or 202-418-5063; Andrew Ridenour, Senior Trial Attorney, Division of Enforcement, aridenour@cftc.gov or 202-418-5438; or John Dunfee, Assistant General Counsel, Office of General Counsel, jdunfee@cftc.gov or 202-418-5396.

    SUPPLEMENTARY INFORMATION: Back to Top

    Table of Contents Back to Top

    I. Introduction

    A. Overview—Development of Automated Trading Environment

    B. Risks and Potential Benefits Associated With Automated Trading

    C. The Proposed Regulations

    1. Overview of NPRM

    2. The Proposed Regulations Under Parts 1, 38, 40, and 170

    II. Background on Regulatory Responses to Automated Trading

    A. The Commission's Regulatory Response to Date

    B. The Commission's 2013 Concept Release

    C. Other Recent Regulatory Responses

    1. SEC Regulatory Initiatives

    2. FINRA Initiatives

    3. European and Other Regulatory Initiatives

    D. Industry and Regulatory Best Practices and Recommendations

    1. NFA Compliance Rule 2-9: Supervision

    2. FIA Reports on Automated Trading

    3. IOSCO Reports on Electronic Trading

    4. CFTC TAC Subcommittee

    5. FIX Risk Management Working Group

    6. Senior Supervisors Group (SSG) Briefing Note

    7. Treasury Market Practices Group Best Practices

    III. Recent Disruptive Events in Automated Trading Environments

    IV. Overview of Regulation AT

    A. Concept Release/Regulation AT Terminology

    B. Commenter Preference for Principles-Based Regulations

    C. Multi-Layered Approach to Pre-Trade Risk Controls and Other Measures

    D. Codification of Defined Terms Used Throughout Regulation AT

    1. “Algorithmic Trading”—§ 1.3(zzzz)

    2. “Algorithmic Trading Compliance Issue”—§ 1.3(tttt)

    3. “Algorithmic Trading Disruption”—§ 1.3(uuuu)

    4. “Algorithmic Trading Event”—§ 1.3(vvvv)

    5. “AT Order Message”—§ 1.3(wwww)

    6. “AT Person”—§ 1.3(xxxx)

    7. “Direct Electronic Access”—§ 1.3(yyyy)

    E. Registration of Certain Persons Not Otherwise Registered With Commission—§ 1.3(x)

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    F. RFA Standards for Automated Trading and Algorithmic Trading Systems—§ 170.19

    1. Policy Discussion

    2. Description of Regulation

    3. Request for Comments

    G. AT Persons Must Become Members of an RFA—§ 170.18

    1. Policy Discussion

    2. Description of Regulation

    3. Request for Comments

    H. Pre-Trade and Other Risk Controls for AT Persons—§ 1.80

    1. Concept Release Comments on Pre-Trade and Other Risk Controls

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    I. Standards for Development, Testing, Monitoring, and Compliance of Algorithmic Trading Systems—§ 1.81

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    J. Risk Management by Clearing Member FCMs—§ 1.82

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Discussion of Persons Subject to Proposed §§ 1.80 and 1.82

    5. Request for Comments

    K. Compliance Reports Submitted by AT Persons and Clearing FCMs to DCMs; Related Recordkeeping Requirements—§ 1.83

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    L. Risk Controls for Trading: Direct Electronic Access Provided by DCMs—§ 38.255(b) and (c)

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    M. Disclosure and Transparency in DCM Trade Matching Systems—§ 38.401(a)

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    N. Pre-Trade and Other Risk Controls at DCMs—§ 40.20

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    O. DCM Test Environments for AT Persons—§ 40.21

    1. Concept Release Comments

    2. Description of Regulation

    3. Request for Comments

    P. DCM Review of Compliance Reports by AT Persons and Clearing FCMs; DCM Rules Requiring Certain Books and Records; and DCM Review of Such Books and Records as Necessary—§ 40.22

    1. Concept Release Comments

    2. Description of Regulation

    3. Policy Discussion

    4. Request for Comments

    Q. Self-Trade Prevention Tools—§ 40.23

    1. Concept Release Comments

    2. Commission Analysis of Amount of Self-Trading in the Marketplace

    3. Description of Regulation

    4. Policy Discussion

    5. Request for Comments

    R. DCM Market Maker and Trading Incentive Programs—§§ 40.25-40.28

    1. Policy Discussion

    2. Description of Regulations

    3. Request for Comments

    V. Related Matters

    A. Calculation of Number of Persons Subject to Regulations

    1. Request for Comments

    B. Calculation of Hourly Wage Rates Used in Related Matters

    C. Regulatory Flexibility Act

    1. FCMs and DCMs

    2. AT Persons

    3. Request for Comments

    D. Paperwork Reduction Act

    1. Information Provided by Reporting Entities/Persons

    a. § 1.3(x)(3)—Submissions by newly registered floor traders

    b. § 1.83(a)—Compliance reports submitted by AT Persons to DCMs

    c. § 1.83(b)—Compliance reports submitted by clearing member FCMs to DCMs

    d. § 1.83(c)—AT Person retention and production of books and records

    e. § 1.83(d)—Clearing member FCM retention and production of books and records

    f. § 38.401(a) and (c)—Public dissemination of information by DCMs pertaining to electronic matching platforms

    g. § 40.23—Information publicly disseminated by DCMs regarding self-trade prevention

    h. § 40.25—Information in public rule filings provided by DCMs regarding Market Maker and Trading Incentive Programs

    i. § 40.26—Information provided by DCMs to the Division of Market Oversight upon request regarding Market Maker and Trading Incentive Programs

    2. Information Collection Comments

    E. Cost Benefit Considerations

    1. The Statutory Requirement for the Commission to Consider the Costs and Benefits of its Actions

    2. Concept Release Comments Regarding Costs and Benefits

    3. The Commission's Cost-Benefit Consideration of Regulation AT—Baseline Point

    4. The Commission's Cost-Benefit Consideration of Regulation AT—Cross-Border Effects

    5. General Request for Comment

    6. The Commission's Cost-Benefit Consideration of Regulation AT—Proposed Definitions

    7. Pre-Trade Risk Controls, Testing and Supervision of Automated Systems, Requirement to Submit Compliance Reports, and Other Related Algorithmic Trading Requirements

    8. Requirements for Certain Entities to Register as Floor Traders

    9. Transparency in Exchange Trade Matching Systems

    10. Self-Trade Prevention

    11. Market-Maker and Trading Incentive Programs

    VI. Aggregate Estimated Cost of Regulation AT

    VII. List of All Questions in the NPRM

    I. Introduction Back to Top

    A. Overview—Development of Automated Trading Environment

    U.S. derivatives markets have historically relied on manual processes for the origination of orders, transmission of information, and execution of trades. Trading decisions were typically initiated by natural persons, and transmitted through intermediaries via comparatively simple communications networks. Execution occurred in open-outcry trading pits operated by DCMs. Access to these pits was limited to brokers and traders granted trading privileges by the exchange. A range of other processing and risk management services were equally reliant on manual processes, and the complete trading system could move only as fast as its human decision-makers. Trading information was often recorded on paper order tickets and trading cards, and time-stamps were recorded only to the nearest minute. The physical element of trading was reflected in exchange or Commission rules governing diverse matters such as the types of trading permitted from the top step of a futures pit,2 as well as requirements that certain orders for execution in a trading pit be recorded in “non-erasable ink.” This basic structure remained constant for decades, and produced a parallel regulatory framework also premised on natural persons and human decision-making speeds.

    Today, derivatives markets have transitioned from the manual processes described above to highly automated trading and trade matching systems. Modern DCMs and DCM market participants, in particular, are characterized by a wide array of algorithmic and electronic systems for the generation, transmission, management, and execution of orders, as well as systems used to confirm transactions, communicate market data, and link markets and market participants through high-speed networks. Collectively, such DCM and market participant trading systems constitute the “automated trading environment” at the center of Regulation AT. Automated trading environments often make use of automated systems for either the generation or the execution of orders (in many cases, both). Such automated systems are based on sets of rules or instructions (commonly referred to as algorithms) and related computer systems used to automate the execution of a trading strategy.3 In futures markets, orders generated by automated trading systems are ultimately transmitted to DCMs that accept, manage and match orders by automated means.

    While technologies have evolved, the underlying functions of derivatives markets remain the same, as do the Commission's responsibilities under the Commodity Exchange Act (the “CEA” or “Act”). Such markets, typically operated by DCMs, provide valuable risk mitigation and price discovery services for numerous financial and physical commodities businesses, including producers and consumers of energy, foodstuff, metals, and other raw materials, as well as natural person investors. The Commission is committed to the safety and integrity of U.S. markets as they continue their rapid technological change. Through proposed Regulation AT, the Commission is taking its next steps in ensuring that its regulatory standards and industry practices properly address current and foreseeable risks arising from automated trading, and promote responsible innovation and fair competition among markets and market participants.4

    Within U.S. derivatives markets, DCMs represent a significant catalyst in the transition to automated trading. From its beginnings with CME Globex in 1992, DCM on-exchange trading now occurs almost exclusively on electronic matching platforms, using internal algorithms to rapidly match incoming orders from an array of market participants.5 Data available to Commission staff indicates that in an approximately two-year period through October 2014, over 95 percent of all on-exchange futures trading occurred on DCMs' electronic trade matching platforms.6 In this regard, the Commission notes that CME Group, the largest U.S. exchange operator, announced in February 2015 its intention to close all but one of its open-outcry trading floors for futures.7 IntercontinentalExchange, the second largest DCM operator, ended all futures open-outcry trading in March 2008, and ended all options open-outcry trading in October 2012. On-exchange trading on DCMs other than the CME Group exchanges and IntercontinentalExchange now occurs exclusively on electronic matching platforms. Concurrent with their transition to electronic trade matching platforms, DCMs have taken steps to increase the speed of trading in their markets. These include offering co-location and proximity hosting services to reduce latencies between the DCM and market participants, as well as measures taken by DCMs to reduce processing times within their electronic trade matching platform. The two largest DCMs, for example, have for several years indicated in their public materials average or median order entry round trip times of less than one millisecond.8

    The largely complete transition of DCMs to electronic trade matching platforms has occurred alongside an equally important shift in the technologies used by market participants to place and manage orders. Market participants have applied a range of sophisticated technological tools to their trading. For example, market participants are increasingly using ATSs, often coupled with high-speed communication networks. Market participants are also increasingly relying on electronic market and other data feeds to inform trading decisions, and on multiple computer algorithms to generate, manage, or route orders to DCMs. Market participants may also make use of direct electronic access and/or co-location services to minimize latencies between an ATS, market data systems, and a DCM's electronic trading matching platform.

    Data available to the Commission highlights the importance of ATS trading on DCMs today. The Commission's analysis of data covering the same approximately two-year period addressed above (through October 2014) indicates that ATSs were present on at least one side in almost 80 percent of foreign exchange futures volume, 67 percent of interest rate futures volume, and 62 percent of equity futures volume analyzed. They were also present on at least one side in approximately 47 percent of metals and energy product volumes. Even in agricultural products, a category not typically associated with automation in recent years, ATSs were present in at least 38 percent of futures volume analyzed. Finally, in the aggregate, ATSs were present in over 60 percent of all futures volume traded across all products in the nearly two-year period that the Commission examined. In highly liquid product categories, ATSs represented both sides of the transaction over 50 percent of the time.9

    Market participants using ATSs may transact on DCMs through registered intermediaries, including their clearing members. Such intermediaries themselves often rely on extensive automation, using ATSs for functions ranging from simple order routing to the generation of independent trading decisions. These registered intermediaries include FCMs, commodity pool operators (“CPOs”), commodity trading advisors (“CTAs”), introducing brokers (“IBs”), and floor brokers (“FBs”). In addition, Commission-registered SDs and MSPs may use ATSs to conduct trading on DCMs. As discussed in more detail below, each of these categories of Commission registrants may be subject to Regulation AT in the event that they conduct algorithmic trading on a DCM.

    B. Risks and Potential Benefits Associated With Automated Trading

    Regulation AT proposes a series of pre-trade risk controls and other measures intended to address the risks related to automated trading on DCMs. The proposed rules primarily address operational risk issues, as well as related issues such as self-trading and market maker and trading incentive programs.

    The potential risks of automated trading were recently described in a report discussing the events of October 15, 2014, when the market for U.S. Treasury securities, futures, and other closely related financial markets experienced an unusually high level of volatility and a very rapid round-trip in prices. On July 13, 2015, five regulatory agencies issued a joint staff report on the unusual market events of October 15, 2014 (the “October 15 Joint Staff Report”).10 In addition to discussing the events of October 15, the report includes an Appendix C that summarizes many of the risks of automated trading. These risks include the following: Operational risks (ranging from malfunctioning and incorrectly deployed algorithms to algorithms reacting to inaccurate or unexpected data); market liquidity risks (arising from abrupt changes in trading strategies even when a firm executes its strategy perfectly); market integrity risks (automated trading can provide new tools to engage in unlawful conduct); transmission risks (shocks based on erroneous orders impacting multiple markets); clearing and settlement risks (as more firms gain access to trading platforms, trades may not be subject to sufficient settlement risk mitigation techniques); and risks to effective risk management (the speed of trade execution may make critical risk mitigation devices less effective).

    Notwithstanding the risks described above, several commentators have argued that algorithmic trading results in a more efficient marketplace. A recent study of the equities market concluded that algorithmic trading narrows spreads, reduces adverse selection, and reduces trade-related price discovery.11 The study also suggested that algorithmic trading improves liquidity and enhances the information provided in quotes. Another recent study of low latency activity in the equities market (typically associated with high frequency trading) concluded that “an increase in low-latency activity reduces quoted spreads and the total price impact of trades, increases depth in the limit order book, and lowers short-term volatility.” 12

    C. The Proposed Regulations

    1. Overview of NPRM

    The Commission is pursuing a number of goals in proposed Regulation AT. As an overarching goal, the Commission seeks to update Commission rules in response to the evolution from pit trading to electronic trading. The risk controls and other rules proposed in this NPRM are focused on algorithmic order origination or routing by market participants, and electronic order execution by DCMs. In addition to mitigating risks arising from algorithmic trading activity, the proposed rules are intended to increase transparency around DCM electronic trade matching platforms and the use of self-trade prevention tools on DCMs.13 Furthermore, the proposed rules are intended to foster transparency with respect to DCM programs and activities, including market maker and trading incentive programs, that have become more prominent as automated trading becomes the dominant market model.

    The Commission notes that Regulation AT generally does not address trading activity on swap execution facilities (“SEFs”). The Commission believes that neither execution nor order entry on SEF markets are sufficiently automated at this time to require the degree of automated safeguards proposed herein.14 In addition, Regulation AT is not proposing a number of measures discussed in the Concept Release, such as the following: Proposals to implement various post-trade reports (post-order drop copies, post-trade drop copies, and post-clearing drop copies), “reasonability checks” on incoming market data used by firms operating automated systems, policies and procedures for identifying “related” contracts, and proposals to standardize and simplify order types, each of which was discussed in the Concept Release.15

    Market participants using automated trading include an important population of proprietary traders that, while responsible for significant trading volumes and liquidity in key futures products, are not registered with the Commission. These unregistered proprietary traders include a number of traders engaged in high-frequency trading (“HFT”). The Commission notes, however, that the risk control requirements under proposed Regulation AT do not vary in response to a market participant's algorithmic trading strategies; the same risk controls would be required in connection with high-frequency and low-frequency algorithmic trading. In particular, HFT is not specifically identified under the proposed regulations, and is not regulated in a different fashion from other types of algorithmic trading under proposed Regulation AT. Instead, the proposed regulations focus on automation of order origination, transmission and execution, and the risks that may arise from such activity. As discussed above, nearly universal electronic order matching at DCMs is increasingly complemented by algorithmic order origination among market participants. Against this backdrop, the Commission believes that appropriate pre-trade and other risk controls are necessary at the level of market participants, clearing FCMs, and DCMs, in order to ensure the integrity of Commission-regulated markets and provide market participants with greater confidence that intentional, bona fide transactions are being executed.

    Principal elements of Regulation AT for market participants and clearing FCMs include: (i) Codification of defined terms used throughout Regulation AT; (ii) registration of certain entities not otherwise registered with the Commission; (iii) new algorithmic trading procedures for trading firms and clearing firms, including pre-trade and other risk controls; (iv) testing, monitoring, and supervision requirements for ATSs; and (v) requirements that certain persons submit compliance reports to DCMs regarding their ATSs. Principal elements for DCMs include: (i) New risk controls for Direct Electronic Access (“DEA”) provided by DCMs; (ii) transparency in DCM electronic trade matching platforms; and (iii) new risk control procedures, including pre-trade risk controls, compliance report review standards, self-trade prevention tool requirements, and market-maker and trading incentive program disclosure and related requirements.

    As mentioned above, Regulation AT is not intended to discriminate across registration categories, connectivity methods, or even “high-frequency” or slower trading strategies. Rather, Regulation AT is focused on reducing risk, increasing transparency and disclosure, and related DCM procedures.16 In developing Regulation AT, the Commission built on the Concept Release and relevant comments received, which are discussed further in section II(B) below. However, interested parties will observe that the Commission has chosen not to pursue certain measures discussed in the Concept Release (as discussed above), while also proposing a small number of new measures not addressed in the Concept Release. In addition, Regulation AT in certain cases seeks only to clarify the scope of existing Commission regulations that may be impacted by the growth of automated trading environments.

    In preparing this NPRM, the Commission has reviewed relevant industry practices, measures taken by other U.S. and foreign regulators, and best practices or guidance set forth by other informed parties. In these sources and comments received in response to the Concept Release, the Commission has identified an emerging consensus around pre-trade risk controls for automated trading and supervision standards for ATSs. The Commission also notes comments received in response to the Concept Release that are supportive of risk controls placed in multiple stages across the life-cycle of order generation, transmission, management and execution (i.e., similar risk controls placed at the levels of market participants, clearing member FCMs, and DCMs). Proposed Regulation AT attempts to balance flexibility in a rapidly changing technological landscape with the need for a regulatory baseline that provides a robust and sufficiently clear standard for pre-trade risk controls, supervision standards, and other safeguards for automated trading environments. The specific regulations and amendments proposed by Regulation AT are discussed in greater detail below.

    2. The Proposed Regulations Under Parts 1, 38, 40, and 170

    Regulation AT proposes new regulations or amendments to existing regulations in parts 1, 38, 40, and 170 of the Commission's regulations. It proposes to amend part 1 by inserting the following defined terms: § 1.3(tttt)—Algorithmic Trading Compliance Issue; § 1.3(uuuu)—Algorithmic Trading Disruption; § 1.3(vvvv)—Algorithmic Trading Event; § 1.3(wwww)—AT Order Message; § 1.3(xxxx)—AT Person; § 1.3(yyyy)—Direct Electronic Access; and § 1.3(zzzz)—Algorithmic Trading. Regulation AT also proposes to amend existing § 1.3(x), which defines Floor Trader.

    In addition, Regulation AT would create a new subpart A in part 1 that includes the following new regulations applicable to AT Persons and their clearing FCMs: § 1.80—requiring AT Persons to implement pre-trade risk controls and other related measures; § 1.81—requiring AT Persons to implement standards for the development, testing, monitoring, and compliance of their ATSs; § 1.82—requiring clearing member FCMs to implement pre-trade risk controls and other related measures for orders from their AT Person customers; and § 1.83—requiring AT Persons and their clearing member FCMs to provide to DCMs annual compliance reports, and to keep and provide upon request to DCMs certain related books and records.

    Regulation AT also proposes to amend part 38 of the Commission's regulations. Specifically, it would amend existing § 38.255—Risk controls for trading, to require DCMs to have in place systems reasonably designed to facilitate the FCM's management of the risks that may arise from their customers' Algorithmic Trading using Direct Electronic Access. Regulation AT would also make corresponding changes to the discussion of risk controls in Appendix B—Guidance on, and Acceptable Practices in, Compliance with Core Principles (Subsection (b)(5)—Acceptable Practices for Risk controls for trading). Finally in part 38, Regulation AT would amend existing § 38.401(a) to require DCMs to provide additional public disclosure regarding their electronic matching platforms.

    Regulation AT would also amend part 40 of the Commission's regulations. It would create the following new regulations: § 40.20—requiring DCMs to implement pre-trade risk controls and other related measures; § 40.21—requiring DCMs to provide a test environment to AT Persons; § 40.22—requiring DCMs to implement a review program for compliance reports regarding Algorithmic Trading submitted by AT Persons and clearing member FCMs, require that certain books and records be maintained by such persons, and review such books and records as necessary; § 40.23—requiring DCMs to implement self-trade prevention tools, mandate their use, and publish statistics concerning self-trading; and §§ 40.25-40.28—requiring DCMs to provide disclosure and implement other controls regarding their market maker and trading incentive programs. Finally, Regulation AT would make changes to the definition of Rule in § 40.1(i) in response to certain of the changes proposed above.

    Finally, Regulation AT proposes to amend part 170 of the Commission's regulations. It would require in new § 170.18 that all AT Persons become members of at least one registered futures association (“RFA”). Regulation AT would create a new subpart D in part 170, and require in proposed § 170.19 that RFAs adopt membership rules, as deemed appropriate by the RFA, requiring pre-trade risk controls and other measures for ATSs; standards for the development, testing, monitoring, and compliance of ATSs; designation and training of algorithmic trading staff; and clearing FCM risk management standards.

    II. Background on Regulatory Responses to Automated Trading Back to Top

    A. The Commission's Regulatory Response to Date

    The Commission has responded to the development of automated trading environments through a number of regulatory measures that address risk controls within both new and existing categories of registrants, including DCMs, SEFs, FCMs, SDs, MSPs and others.17 While focused to a degree on financial and related risks, these provisions reflect the Commission's ongoing commitment to maintaining the safety and soundness of automated trading in modern derivatives markets. The Commission has adopted regulations with respect to DCMs and SEFs that require exchanges to establish risk control mechanisms to prevent market disruptions, including mechanisms that pause or halt trading.18 The guidance and acceptable practices to the SEF and DCM rules in part 37 and 38, respectively, provide examples of acceptable risk controls.19 In addition, in the DCM final rules, the Commission adopted new risk control requirements for exchanges that provide DEA to clients. Regulation 38.607 requires DCMs that permit DEA to have effective systems and controls reasonably designed to facilitate an FCM's management of financial risk.20

    The Commission also adopted relevant regulations for FCMs, SDs, and MSPs. Such firms that are clearing members must establish risk-based limits based on position size, order size, margin requirements, or similar factors for all proprietary accounts and customer accounts.21 The regulations, codified in §§ 1.73 and 23.609, also require these entities to “use automated means to screen orders for compliance with the [risk] limits” when such orders are subject to automated execution.22 In addition, § 1.11 requires FCMs to have “automated financial risk management controls reasonably designed to prevent the placing of erroneous orders” and “policies and procedures governing the use, supervision, maintenance, testing, and inspection” of automated trading programs.23 The Commission also adopted regulations requiring SDs and MSPs that are clearing members to ensure that their “use of trading programs is subject to policies and procedures governing the use, supervision, maintenance, testing, and inspection of the program.” 24

    Finally, the Commission adopted final rules implementing new authority under the CEA to, among other things, broadly prohibit manipulative and deceptive devices and price manipulation.25 The Commission also provided guidance on the scope and application of CEA Section 4c(a)(5), which makes it unlawful for any person to engage in any trading, practice, or conduct on or subject to the rules of a registered entity that violates bids or offers, demonstrates intentional or reckless disregard for the orderly execution of transactions during the closing period, or is, is of the character of, or is commonly known to the trade as, “spoofing.” 26

    B. The Commission's 2013 Concept Release

    Overview of Concept Release. As noted above, in 2013 the Commission issued a “Concept Release on Risk Controls and System Safeguards for Automated Trading Environments,” which provided an overview of the automated trading environment and discussed a series of pre-trade risk controls, post-trade reports and other measures, system safeguards, and additional protections that could be implemented by Commission registrants or other market participants. The Concept Release reflects the Commission's ongoing commitment to the safety and soundness of U.S. derivatives markets in times of technological change, including the growth of automated trading.

    The Concept Release was published in the Federal Register on September 12, 2013.27 The initial 90-day comment period closed on December 11, 2013, but was reopened from January 21 through February 14, 2014, in conjunction with a meeting of the CFTC's Technology Advisory Committee (“TAC”). The Concept Release requested public comment on 124 separate questions regarding the necessity and operation of potential pre-trade risk controls, post-trade reports and other measures, system safeguards and additional protections (such as proposals to identify “related” contracts on trading platforms, and proposals to standardize and simplify order types). The Concept Release served as a vehicle to catalogue existing industry practices, determine their efficacy and implementation to date, and evaluate the need for additional measures. The Concept Release was not a proposed rule, but rather a prior step designed to facilitate a public dialogue and educate the Commission so that it may make an informed determination as to whether rulemaking is necessary and, if so, the substantive requirements of such a rulemaking.

    Topics Discussed in Concept Release. The Concept Release highlighted data on the increased importance of electronic and algorithmic trading across a number of U.S. markets (including equities, futures and fixed income markets). The Concept Release also noted that the infrastructure of automated trading environments has progressively decreased the time necessary to process orders and execute trades, reducing the communication times between market participants and trading venues.28 One exchange group now indicates that its “median inbound latency for order entry” on its trading platform is fifty-two (52) microseconds within its “four walls.”  [29] As discussed in the Concept Release, advances in trading speeds are partly due to the development of dedicated fiber-optic and microwave communications networks that have dramatically reduced transmission times across large distances. [30] On a smaller scale, co-location and proximity hosting are two common methods for reducing the distance, and thus latency, between market participants and the exchanges. Co-location services are now provided by most large electronic trading platforms within the United States.

    Another important latency-reducing advance in connectivity discussed in the Concept Release is Direct Market Access (“DMA”). For purposes of the Concept Release, the Commission defined DMA as a connection method that enables a market participant to transmit orders to a trading platform without reentry or prior review by systems belonging to the market participant's clearing firm. [31] DMA can be provided directly by an exchange or through the infrastructure of a third-party provider, but in all cases, DMA implies that an order is not routed through a clearing firm prior to reaching the trading platform. [32] For purposes of Regulation AT, as discussed in section IV(D)(7) below, the Commission proposes to define a slightly modified term: “Direct Electronic Access” (“DEA”), as opposed to Direct Market Access. Despite the slightly modified name, the Commission intends that the term “Direct Electronic Access” has a meaning similar to “Direct Market Access,” as such term was used in the Concept Release. [33]

    The Concept Release discussed a set of risk controls that would be intended to operate at the same rapid speed at which trading occurs in the automated trading environment. As the industry reduces latency through improvements in technologies for the generation, transmission and execution of orders or management of other data, there is concern that the drive for ever lower latencies may lead to a competitive race toward progressively less stringent risk controls. [34] A separate, but related, concern is that market participants may simply engage in trading at speeds beyond the abilities of their risk management systems, or those tasked with monitoring their activity. Risk management systems operating at these misaligned speeds could allow an active algorithm to breach its prescribed risk controls and disrupt one or more markets.

    In light of the potential for disruptive trading events related to such high-speed algorithmic trading, the Concept Release addressed 23 potential risk controls and other measures broadly grouped into four categories. The first includes “pre-trade risk controls,” such as controls designed to prevent potential errors or disruptions from reaching trading platforms, or to minimize their impact once they have. A second category of safeguards includes “post-trade reports” and “other post-trade measures.” Examples in this category include reports that promote the flow of order, trade and position information; uniform trade adjustment or cancellation policies; and standardized error trade reporting obligations. The third category of risk controls discussed in the Concept Release is termed “system safeguards,” including safeguards for the design, testing and supervision of ATSs, as well as measures such as “kill switches” that facilitate emergency intervention in the case of malfunctioning ATSs. [35] Finally, the Concept Release presented a fourth category of measures focusing on various options for improving market functioning or structure.

    Comments Received on Concept Release and Commission Response. The Commission received a total of 43 public comments on the Concept Release, including comments from DCMs, an array of trading firms, trade associations, public interest groups, members of academia, and consulting, technology and information service providers in the financial industry. All comments are available on www.cftc.gov. Many of the comments received are detailed and thorough, and the Futures Industry Association (“FIA”) conducted surveys to gauge existing risk-management practices. Other commenters provided academic papers in support of their points of view.

    Staff reviewed all comments received and made recommendations to the Commission. This NPRM reflects the Commission's decision to propose regulations in certain areas addressed by the Concept Release, including: Registration of certain entities not otherwise registered with the Commission; enhanced identification of orders placed on exchanges; pre-trade risk controls at exchanges, trading firms and clearing firms; standards for development, testing and supervision of algorithmic systems; trading firm and clearing member FCM compliance reports regarding algorithmic trading; and self-trade prevention tools. Regulation AT also addresses several areas not covered in the Concept Release, including transparency in exchange trade matching systems and market-maker protections, and in certain cases seeks to clarify the scope of existing Commission regulations that may be impacted by the growth of automated trading environments.

    C. Other Recent Regulatory Responses

    1. SEC Regulatory Initiatives

    The SEC has recently taken regulatory steps related to automated trading, aimed at preventing instability in the equities markets. Most significantly, the SEC adopted the Market Access Rule and Regulation SCI.

    The Securities Exchange Act Rule 15c3-5—Risk Management Controls for Brokers or Dealers with Market Access (the “Market Access Rule”), adopted in November 2010, requires brokers and dealers to have risk controls in place before providing their customers with access to the market. [36] Specifically, the Market Access Rule requires risk controls that prevent entry of (i) orders exceeding appropriate pre-set credit or capital thresholds in the aggregate for each customer and the broker-dealer; and (ii) erroneous orders, by rejecting orders that exceed appropriate price or size parameters, on an order-by-order basis or over a short period of time, or those that indicate duplicative orders. [37] These risk controls must be under the direct and exclusive control of the broker-dealer (subject to certain exceptions) and regularly reviewed for effectiveness. [38] In October 2013, the SEC brought its first enforcement action under the Market Access Rule, securing a $12 million settlement with Knight Capital in connection with the firm's August 2012 trading incident that disrupted the markets. [39]

    On November 19, 2014, the SEC adopted Regulation Systems Compliance and Integrity (“Reg SCI”). [40] Reg SCI applies to alternative trading systems, certain self-regulatory organizations (including registered clearing agencies), plan processors, and exempt clearing agencies (collectively, “SCI entities”). Under Reg SCI, SCI entities are required to have comprehensive policies and procedures in place for their technological systems. The SCI entities must, among other things, take appropriate corrective action when systems issues occur; provide notifications and reports to the SEC regarding systems problems and systems changes; inform members and participants about systems issues; conduct business continuity testing; implement standards that result in SCI systems being designed, developed, tested, maintained, operated, and surveilled in a manner that facilitates the successful collection, processing, and dissemination of market data; and conduct annual reviews of their automated systems, which must be summarized in a report that is provided to the SEC. [41]

    The SEC has also taken action in the area of enhancing oversight of proprietary trading firms. In March 2015, the SEC proposed a rule that would narrow an exemption that currently exempts certain broker-dealers from membership in a national securities association. [42] The exemption was originally designed to accommodate exchange specialists and other floor members that might need to conduct limited hedging or other off-exchange activities ancillary to their business. [43] Over time, proprietary trading firms were able to take advantage of this exemption. [44] The SEC's proposed rules would amend the exemption to target those broker-dealers for which it was originally designed, and require broker-dealers trading in off-exchange venues to become members of a national securities association. In the securities markets, this association is the Financial Industry Regulatory Authority (“FINRA”). [45]

    The SEC's Chair explained that the proposed rule “embodies a simple but powerful principle of the federal securities laws—the protection of investors and the stability of our markets require that trading is overseen by both the Commission and a strong self-regulatory organization.”  [46] In its preamble to the proposed rule, the SEC explained that, in the event that a broker-dealer trades electronically across a range of exchange and off-exchange venues, an individual exchange of which the broker-dealer is a member may be unable to effectively regulate the off-exchange activity of the broker-dealer, because the exchange may lack the resources or expertise to oversee such off-exchange activity. [47] The SEC viewed FINRA, the self-regulatory organization (“SRO”) to which off-exchange trades are reported, as being in the best position to regulate cross-market activity by broker-dealers. [48]

    The SEC has taken additional regulatory initiatives in this area. On July 11, 2012, the SEC adopted Rule 613 under Regulation NMS, requiring SROs to submit a plan to the SEC to create, implement, and maintain a consolidated audit trail (“CAT”). This audit trail is intended to increase the data available to regulators investigating illegal activities such as insider trading and market manipulation, and improve the ability to reconstruct broad-based market events in an accurate and timely manner. [49] The SROs submitted the plan on September 30, 2014. [50] In addition, in response to policy recommendations resulting from the Flash Crash events of May 6, 2010, the SEC and the securities industry implemented market-wide circuit breakers as well as a “limit up-limit down” mechanism in order to moderate price volatility in individual securities. [51] The SEC is also working to update its regulatory regime to improve firms' risk management of trading algorithms and to enhance regulatory oversight over their use. [52] The SEC is also developing an anti-disruptive trading rule to address the use of aggressive, potentially destabilizing trading strategies during vulnerable market periods. [53]

    Finally, while not directly relevant to Commission-regulated markets, the SEC is working with equities exchanges and FINRA to minimize latency between different market feeds. Specifically, exchanges must not transmit data directly to customers any sooner than they transmit data to a securities information processor (“SIP”), the system that consolidates market feeds from all platforms and publishes the public price ticker. In addition, the technology used for transmitting data to the SIP must be on a par with what is used for transmitting data to direct feeds. [54] Finally, the SEC is working to address concerns associated with the fragmentation of trading venues, dark trading venues, and broker conflicts. [55]

    2. FINRA Initiatives

    In addition to the SEC, FINRA is developing rules focused on automated trading and transparency in the equities markets. In March 2015, FINRA published a Request for Comment proposing to require registration (as a “Limited Representative—Equity Trader”) persons that are (1) primarily responsible for the design, development or significant modification of an algorithmic strategy; or (2) responsible for supervising such functions. [56] FINRA explained that given today's highly automated environment (according to FINRA, where firms trade using automated systems that initiate pre-programmed trading instructions based on specified variables, referred to as algorithmic trading strategies), it is concerned that persons involved in preparing or supervising algorithmic trading may lack adequate knowledge of securities rules and regulations, which could result in algorithms that do not comply with applicable rules. [57] Accordingly, FINRA believes such persons should meet the same minimum competency standards for knowledge of securities regulations that apply to individual traders. [58]

    In March 2015, FINRA published a regulatory notice (15-09) providing guidance on supervision and control practices for algorithmic trading strategies in the equities markets. [59] The notice offered guidance on practices in five general areas: General risk assessment and response; software/code development and implementation; software testing and system validation; trading systems; and compliance. Among other practices, the notice recommended that firms should consider: Implementing a development and change management process that tracks the development of new trading code or material changes to existing code; implementing a basic summary description of algorithmic trading strategies that enables supervisory and compliance staff to understand the intended function of an algorithm; conducting testing to confirm that core code components operate as intended and do not produce unintended consequences; implementing controls, monitors, alerts and reconciliation processes that enable the firm to quickly identify whether an algorithmic is experiencing unexpected results; and providing for adequate communication between supervisory and compliance staff related to the function and control of algorithms such that the firm meets its regulatory obligations. [60]

    3. European and Other Regulatory Initiatives

    a. ESMA

    The European Securities and Markets Authority (“ESMA”) is an independent EU Authority established in January 2011. ESMA published guidelines on automated trading in February 2012, which became effective across the European Union on May 1, 2012. [61] The ESMA guidelines addressed the operation of an electronic trading system by a regulated market or a multilateral trading facility; the use of an electronic trading system, including a trading algorithm, by an investment firm for dealing on its own account or for the execution of orders on behalf of clients; and the provision of direct market access or sponsored access by an investment firm as part of the service of the execution of orders on behalf of clients. [62]

    Among other elements, the ESMA guidelines recommended that trading platforms should have: Arrangements to prevent the excessive flooding of the order book; arrangements (such as throttling) to prevent capacity limits on messaging from being breached; and arrangements (for example, volatility interruptions or automatic rejection of orders which are outside of certain set volume and price thresholds) to constrain trading or to halt trading in individual or multiple financial instruments when necessary. [63] The ESMA guidelines also recommended that trading platforms should have procedures in place to identify potential market abuse in an automated trading environment, such as ping orders, quote stuffing, momentum ignition, and layering and spoofing. [64]

    In addition, the ESMA guidelines recommended that investment firms should make use of clearly delineated development and testing methodologies prior to deploying an electronic trading system or a trading algorithm, and should monitor their electronic trading systems, including trading algorithms, in real-time. [65] ESMA also recommended that investment firms implement price and size parameters, systems that control messaging traffic to individual trading platforms, financial risk controls, and controls that block a trader's orders if they are for a financial instrument that the trader does not have permission to trade. [66] As to orders submitted via direct market access and sponsored access, ESMA recommended, among other things, that such orders be submitted to the same pre-trade risk controls that it recommends for investment firms (including, for example, price and size parameters). [67]

    On March 18, 2015, ESMA released a report finding that all 30 participating European Economic Area members have incorporated the Guidelines into their legal framework, and all except three have incorporated it into their supervisory framework. [68] The report went on to identify challenges to further enhancing compliance including: Market complexity, IT-knowledge, additional on-site inspections of markets, testing of trading halts, and setting up ring-defense against cyber-attacks. [69]

    As discussed below, ESMA has performed additional work in the area of automated trading, such as developing technical standards for the requirements of MiFID II.

    b. MiFID II

    The European Commission published a new Directive on markets in financial instruments (“MiFID II”) on June 12, 2014. [70] The Directive contains a definition of both `algorithmic trading' and `high-frequency algorithmic trading technique,' which is defined as a specific type of algorithmic trading. Among other requirements, the Directive requires that an investment firm engaged in algorithmic trading must have effective systems and risk controls to ensure that its trading systems are resilient and have sufficient capacity, are subject to appropriate trading thresholds and limits, and prevent the sending of erroneous orders or other system activity that may create or contribute to a disorderly market. [71] Such a firm must also have effective business continuity arrangements to deal with any failure of its trading systems and must ensure its systems are fully tested and properly monitored. [72] Furthermore, an investment firm that engages in a high-frequency algorithmic trading technique must store in an approved form accurate and time sequenced records of all its placed orders, including cancellations of orders, executed orders and quotations on trading venues and make them available to the competent authority upon request. [73]

    The MiFID II Directive also requires a regulated market to be able to temporarily halt or constrain trading if there is a significant price movement in a financial instrument on that market or a related market during a short period. In exceptional cases, a regulated market must be able to cancel, vary or correct any transaction. [74] In addition, the Directive requires a regulated market to have in place effective systems, procedures and arrangements, including requiring members or participants to carry out appropriate testing of algorithms. A regulated market must also provide environments to facilitate such testing, to ensure that algorithmic trading systems cannot create or contribute to disorderly trading conditions on the market. The Directive requires a regulated market to implement systems to limit the ratio of unexecuted orders to transactions that may be entered into the system by a member or participant, to be able to slow down the flow of orders if there is a risk of its system capacity being reached, and to limit and enforce the minimum tick size that may be executed on the market. [75]

    The European Commission requested that ESMA develop technical and implementing standards for MiFID II. On May 22, 2014, ESMA published a consultation paper seeking comments on certain topics in connection with MiFID II, including “micro-structural issues” such as testing and risk control requirements for investment firms engaged in algorithmic trading and trading venues. [76] ESMA published another consultation paper on December 19, 2014, seeking further comments on technical and implementing standards in connection with the implementation of MiFID II and summarizing comments received in response to ESMA's May 2014 paper. [77] The comment period for the December 19, 2014 consultation paper closed in March 2015. In late 2014, ESMA released a final report covering technical advice in certain areas, including the definition of algorithmic trading, HFT, and direct electronic access. [78] In July 2015, ESMA released final technical advice relating to investor protection topics, including procedures for financial services firms to apply for authorized status, information required of firms applying to passport into other jurisdictions, and co-operation between regulatory authorities. [79] On September 28, 2015, ESMA released a final report on draft regulatory and implementing technical standards for MiFID II (“2015 Final Draft Regulatory Standards”). [80] This report provides regulatory standards for investment firms engaged in algorithmic trading as well as for trading venues that allow algorithmic trading. Details regarding ESMA's standards are discussed below as relevant to the Commission's proposed regulations relating to risk controls and other measures that AT Persons, clearing member FCMs and DCMs must implement.

    c. Other European Regulatory Initiatives

    In May 2013, Germany enacted the Act on the Prevention of Risks and Abuse in High-frequency Trading (the “High-frequency Trading Act”). [81] The High-frequency Trading Act requires that firms engaged in high-frequency trading must be licensed. [82] In summary, high-frequency trading is defined to include each of the following four elements: (i) Trading for one's own account, or by proprietary trading firms; (ii) trading algorithmically without human intervention; (iii) trading using low-latency infrastructures; and (iv) trading that generates a high intraday message rate. [83] In addition, exchanges must impose, on a product-by-product basis, an excessive system usage fee and an order-to-trade ratio limit intended to prevent unnecessary messaging. [84] Finally, the High-frequency Trading Act requires identification of algorithmically generated orders and trading algorithms, which is intended to enhance monitoring of manipulative activity. [85]

    In May 2015, the Bank of England's Prudential Regulation Authority (“PRA”), the United Kingdom's prudential supervisor of major trading firms, announced that it would assess the adequacy of existing risk measurement and management practices with respect to trading algorithms, including whether controls around algorithmic trading are “fit for purpose.”  [86] The PRA discussed the growth of automated trading in financial markets, which has included incidents of extreme volatility. For example, volatility seen in the Swiss Franc exchange rate on January 15, 2015, following the Swiss central bank's decision to remove a floor to the exchange rate, may have been exacerbated by high-frequency trading. [87]

    Finally, in July 2015, the United Kingdom's Financial Conduct Authority issued a consultation paper addressing strengthening accountability in banking. [88] The proposed rule specifically set out to capture individuals responsible for the deployment of trading algorithms in its Certification Regime. [89] Pursuant to the proposal, individuals responsible for: (1) Approving the deployment of a trading algorithm or a material part of one; (2) approving the deployment of a material amendment to a trading algorithm or a material part of one, or the combination of trading algorithms; and (3) monitoring or deciding whether or not the use or deployment of a trading algorithm is or remains compliant with the firm's obligations would be captured and subject to the Certification Regime. [90]

    d. The October 15 Joint Staff Report

    As discussed above in section I(B), on July 13, 2015, five regulatory agencies issued the October 15 Joint Staff Report on the unusually high level of volatility and rapid round-trip in prices that occurred on October 15, 2014 in the market for U.S. Treasury securities, futures and other closely related financial markets. [91] In addition to discussing the events of October 15, the report includes an Appendix C that summarizes many of the risks of automated trading. These risks include the following: Operational risks (ranging from malfunctioning and incorrectly deployed algorithms to algorithms reacting to inaccurate or unexpected data); market liquidity risks (arising from abrupt changes in trading strategies even when a firm executes its strategy perfectly); market integrity risks (automated trading can provide new tools to engage in unlawful conduct); transmission risks (shocks based on erroneous orders impacting multiple markets); clearing and settlement risks (as more firms gain access to trading platforms, trades may not be subject to sufficient settlement risk mitigation techniques); and risks to effective risk management (the speed of trade execution may make critical risk mitigation devices less effective).

    D. Industry and Regulatory Best Practices and Recommendations

    Widely recognized organizations and governmental entities or agencies have issued “best practices” for automated trading, including the National Futures Association (“NFA”), the FIA, ESMA, and the International Organization of Securities Commissions (“IOSCO”), among others.

    1. NFA Compliance Rule 2-9: Supervision

    NFA, a registered futures association under Section 17 of the Act, has provided guidance regarding ATSs to industry participants since 2002. Specifically, NFA Interpretive Notice 9046 addresses the “Supervision of the Use of Automated Order-Routing Systems” in the context of NFA's overarching supervision requirements in Compliance Rule 2-9 (Supervision). [92] The Commission believes that Compliance Rule 2-9 and Interpretive Notice 9046 are especially relevant because of their wide applicability as NFA membership rules, binding on FCMs, IBs, CPOs, CTAs, and other NFA members. In addition, these provisions and interpretations have been in place since at least 2006, such that NFA members—and by extension many AT Persons—will have been subject to regulatory requirements concerning algorithmic trading for many years.

    Compliance Rule 2-9 requires each NFA member to “diligently supervise its employees and agents in the conduct of their commodity futures activities for or on behalf of the Member.” Interpretive Notice 9046, first issued in 2002 and revised in 2006, states that NFA's board of directors “firmly believes that supervisory standards do not change with the medium used. How those standards are applied, however, may be affected by technology.” To fulfill their supervisory responsibilities, NFA members “must adopt and enforce written procedures to examine the security, capacity, and credit and risk-management controls provided by the firm's automated order-routing systems (AORSs).” Interpretive Notice 9046 applies to systems “that are within a Member's control, including AORSs that are provided to the Member by an application service provider or an independent software vendor.” NFA acknowledges that NFA members will not control an AORS chosen by an NFA customer, such as direct access systems provided by exchanges. In such circumstances, the NFA member must nevertheless adopt procedures “reasonably expected to address the trading, clearing, and other risks attendant to [their] customer relationship[s].”

    Among other requirements, Interpretive Notice 9046 addresses the following standards for automated systems:

    • Pre-Execution Controls (including both credit and “fat-finger” protections): “An AORS should allow the Member to set limits for each customer based on commodity, quantity, and type of order or based on margin requirements. It should allow the Member to impose limits pre-execution and to automatically block any orders that exceed those limits.”  [93]
    • Post-Execution Controls: “For customers subject to post-execution controls, the Member should have the ability to monitor trading promptly. The AORS should generate alerts when limits are exceeded through that system. The system should also allow the Member to block subsequent orders, either in their entirety or by kind (e.g., to block orders that create a new position or increase an existing position but not orders that liquidate some or all of an existing position).”  [94]
    • Direct Access Systems: “When authorizing [customer] use of a direct access system that does not allow the Member to monitor trading promptly, the Member should utilize pre-execution controls, if available, to set pre-execution limits for each customer, regardless of the nature of the customer.”
    • Review: “Members should use AORSs in conjunction with their credit-review/risk-management systems and should evaluate the controls imposed on each customer as part of their regular credit and risk-control procedures.”

    A number of the controls summarized above are in keeping with the Commission's proposed requirements for AT Persons, including proposed § 1.80, which requires pre-trade risk controls and other measures reasonably designed to prevent an Algorithmic Trading Event, including but not limited to maximum order message and execution frequencies per unit time; order price parameters and maximum order sizes; and certain order cancellation capabilities. The Commission notes once again its intent in much of Regulation AT to build on existing regulatory requirements and industry practices so that its proposed regulations facilitate an ongoing transition to effective risk controls in algorithmic trading. The Commission believes that the existence of related regulatory standards enforced by NFA since 2002 and updated in 2006 would help minimize any potential disruptions or burdens that would otherwise be associated with a number of the Commission's proposed rules for AT Persons. The Commission also believes that NFA's prior experience in this area will assist in complying with the requirements of proposed § 170.19, discussed in detail in section IV(F) below.

    2. FIA Reports on Automated Trading

    On March 23, 2015, FIA released the “FIA Guide to the Development and Operation of Automated Trading Systems” (the “FIA Guide”), which provides recommendations concerning appropriate risk controls at the trader, broker and exchange levels. [95] Risk controls recommended by FIA include maximum order size limits, maximum intraday position limits, market data reasonability checks, price tolerance limits, repeated automated execution limits, exchange dynamic price collars, exchange market pauses, exchange message programs, message throttles, self-trade prevention tools, kill switches, cancel-on-disconnect service and exchange-provided order management tools. FIA also recommended audit trail procedures that identify automated trading system operators; certain post-trade measures to monitor for potential credit events or unintended trading; measures related to co-location services; and disaster recovery and business continuity procedures. Finally, FIA recommended measures related to automated trading system development and support, including general principles related to testing; policies and procedures related to security; systems monitoring procedures; and documentation procedures. Consistent with the approach the Commission intends to pursue in Regulation AT, the FIA Guide states that, “[c]are should be taken to avoid implementing overly prescriptive standards or rules that impose a one-size-fits-all approach to all entities.”  [96]

    The Commission encourages industry participants to consider FIA's recommendations. In the event that the FIA Guide recommends best practices that are not proposed in Regulation AT, the Commission encourages industry participants to consider implementing the FIA best practices if they are appropriate to their business and are reasonably designed to prevent an Algorithmic Trading Event. FIA's recommendations may also serve as a useful starting point for an RFA considering potential measures in response to proposed § 170.19, discussed in section IV(F) below.

    FIA has issued several additional reports related to the appropriate best practices that should be implemented with respect to automated trading. In April 2010, FIA issued a report addressing the risks of direct market access and providing recommendations for risk controls to be implemented by exchanges and applied across all trading firms. [97] In November 2010, FIA's Principal Traders Group (“FIA PTG”) released a report setting out recommended risk controls for trading firms that have direct access to exchange matching engines, [98] as well as a global survey of futures exchanges to determine what controls were in place to manage the risks in providing trading firms with direct market access. [99] In March 2012, FIA PTG and FIA European Principal Traders Association issued recommendations to assist trading firms in establishing internal procedures, processes and controls for the development, testing and deployment of trading software. [100] Finally, in September 2013, FIA released recommendations for increasing the usefulness of drop copy systems in exchange-traded markets. [101]

    3. IOSCO Reports on Electronic Trading

    IOSCO is an international body of securities regulators. IOSCO develops, implements and promotes adherence to internationally recognized standards for securities regulation. Its membership regulates more than 95% of the world's securities markets in more than 115 jurisdictions. [102] In October 2011, IOSCO released recommendations to promote the integrity and efficiency of markets in order to mitigate risks posed by the latest technological developments. [103] Among other things, IOSCO recommended that regulators ensure that trading venues have in place suitable trading control mechanisms such as trading halts, volatility interruptions, and limit-up/limit-down controls to deal with volatile market conditions, as well as trading systems that have the ability to adjust to changes in message traffic (including sudden increases). [104] In addition, IOSCO recommended that all order flow of trading participants, regardless of whether they access the market directly, be subject to appropriate controls, including automated pre-trade controls. IOSCO also recommended that regulators should identify any risks arising from currently unregulated direct participants of trading venues and take steps to address them. [105]

    More recently, in April 2015, IOSCO released a consultation report entitled “Mechanisms for Trading Venues to Effectively Manage Electronic Trading Risks and Plans for Business Continuity.”  [106] The report compiles the results of a survey that IOSCO sent to trading venues across more than 30 different jurisdictions. Based on the information compiled, the report proposes best practices that should be considered by trading venues when developing and implementing risk mitigation mechanisms. These practices are intended to promote the integrity, resiliency and reliability of trading systems and business continuity plans. With respect to managing risks originating from market participant technology, the report explains that most trading venues have policies, procedures and tools to detect and address the operational risks associated with electronic trading. These tools include, among others, pre-trade risk controls (such as price and volume controls or filters and order entry controls), the ability to block, suspend or disconnect a user (e.g., a kill switch), measures to halt trading in the event of sudden price movements, and throttles that constrain the number or frequency of messages from any given participant. [107] IOSCO also explained that many trading venue participants use pre-trade risk controls such as order volume, price per security, credit, notional value of order, order value, capital, position checks, price deviation thresholds, and regulatory integrity checks. [108] Finally, IOSCO addressed direct market access by referring to a previous report it issued in 2010, called “Principles for Direct Electronic Access to Markets.” In that report, IOSCO recommended that intermediaries (including clearing firms) have adequate operational and technical capability to appropriately manage the risks posed by DEA. [109]

    4. CFTC TAC Subcommittee

    In 2011, the Pre-Trade Functionality Subcommittee (“TAC Subcommittee”) of the CFTC's TAC issued recommendations for pre-trade controls for trading firms, clearing firms and exchanges which use, or provide, direct market access. [110] The TAC Subcommittee recommended the following risk controls for trading firms: Quantity limits on individual orders; price collars; execution throttles; message throttles; and a kill switch that would cancel all existing orders and prevent the firm from placing new orders. The TAC Subcommittee further recommended that clearing firms trading on their own behalf should comply with those risk controls. In addition, clearing firms should confirm that their client firms are implementing such controls, approve the parameters used by the trading firm, and have access to the kill switch. Exchanges should implement, and require trading firms to use, pre-trade quantity limits on individual orders; intra-day position limits; price collars; and message throttles. The TAC Subcommittee also recommended that exchanges implement clear and consistent error trade policies, order cancellation policies that allow for automatic cancellation of orders on disconnect, and the ability for clearing firms to view their firm's orders and to cancel working orders.

    5. FIX Risk Management Working Group

    Additional organizations have released best practices documents, including FIX Protocol Ltd.'s (“FIX”) Americas Risk Management Working Group. FIX is a non-profit, industry standards association that owns, maintains and continuously develops the Financial Information eXchange (FIX) Protocol in response to market requirements. In 2012, FIX released risk control guidelines for algorithmic trading orders and direct market access orders. [111] FIX identified typical order scenarios that brokers attempt to detect, which include the following: An order for an exceedingly large quantity; an order that will adversely impact the market for a given security; an order with incomplete or conflicting instructions; an order that is potentially duplicative or unintentionally repeating; an order where adverse or favorable price moves impact the order while it is working; and an order that may be stale or may have been replaced by the client or a system. [112] FIX explained that the absence of appropriate risk controls can result in market dislocation, failure to settle/deliver, conflict between the client's intent and order execution, and trading the wrong product. [113] FIX provides a recommended matrix of risk controls, which includes maximum order quantity, average daily volume checks, price limit checks, favorable/adverse price move checks, position limits, credit checks, and stale, runaway, and duplicate order checks. [114]

    6. Senior Supervisors Group (SSG) Briefing Note

    In April 2015, the Senior Supervisors Group (“SSG”), composed of the staff of banking and other financial regulatory agencies from ten countries and the European Union, issued an “Algorithmic Trading Briefing Note.”  [115] The Note focused on how large financial institutions currently monitor and control for the risks associated with algorithmic trading during the trading day. The Note identified several risks that SSG believes are common to algorithmic trading across jurisdiction and asset class: (i) Systemic risk may be amplified; (ii) algorithmic trading desks may face a significant amount of risk intraday without transparency and robust controls; (iii) internal controls may not have kept pace with speed and market complexity; and (iv) without adequate controls, losses can accumulate and spread rapidly. [116] The Note provided a list of principles for supervisors to consider when evaluating controls over algorithmic trading at banks: (a) Controls must keep pace with technological complexity and trading speeds; (b) governance and management oversight can limit exposure to losses and improve transparency; (c) testing needs to be conducted during all phases of a trading product's lifespan, namely during development, rollout to production, and ongoing maintenance; and (d) when assessing control depth and suitability, management should ensure sufficient involvement of control functions (including compliance, technology, legal, and controllers), as well as business-unit management. [117]

    7. Treasury Market Practices Group Best Practices

    In June 2015, the Treasury Market Practices Group, a group sponsored by the Federal Reserve Bank of New York, and comprised of legal, compliance and business representatives from institutions related to U.S. Treasury market primary and secondary trading, released a white paper on Automated Trading  [118] and an updated Best Practices document for trading in U.S. cash Treasury securities markets. [119] The Best Practice updates, among other things, expanded the scope of recommended risk controls that address the risks of automated trading (automated trading, for purposes of the Best Practices document, means the subset of electronic trading that relies on computer algorithms for decision-making and execution of order submissions), including the documentation of internal policies and procedures, additional transparency in exchange or trading platform market data, error trade rules and exchange provided services, expanded design and testing environments at firms and exchanges, and updated risk controls that align with the speed of trading technology. The white paper notes that these updates were issued in a period when cash Treasury securities markets, like many other asset classes, have experienced a strong increase in automated trading on electronic platforms.

    III. Recent Disruptive Events in Automated Trading Environments Back to Top

    The Concept Release discussed malfunctions in automated trading systems, in both derivatives and securities markets, that illustrate the technological and operational vulnerabilities inherent to automated trading environments. [120] As an example, the Flash Crash of May 2010 involved an automated trading system with a design flaw that impacted both the derivatives and securities markets. According to the CFTC/SEC joint report on the Flash Crash, an automated execution algorithm did not take price or time variables into account. Given the parameters of the program, the algorithm continued to send orders even as prices moved far beyond traditional daily ranges. [121] In another example, in 2012 a securities trading firm, Knight Capital Group, made a coding error in an automated equity router, and then incorrectly deployed new code in the same router. [122] Because of these coding errors, the firm's automated trading system inadvertently built up unintended positions in the equity market, eventually resulting in losses of more than $460 million for the firm. [123] The malfunction impacted the broader market, creating swings in the share prices of almost 150 companies; these price swings were high enough to trigger pauses in the trading of five stocks. [124]

    Foreign markets have also experienced disruptive events in recent years. For example, in May 2012 in Mexico, a “fat finger” error by a market participant resulted in the execution of 1.13 million shares (representing U.S. $3.78 billion). [125] In February 2015, there was a five minute delay in opening futures and options on the Eurex exchange in Germany because a market participant's system was transmitting duplicate orders. [126] In February 2014, trading in three-year Korean treasury bonds was halted for almost two hours at the Korea Exchange due to a system malfunction resulting from an improper order from a brokerage house. [127] On October 26, 2011, the Bombay Stock Exchange had to cancel all derivatives trading due to unusually high volumes and price volatility as a result of a flawed algorithm used by a member firm. [128]

    Goldman Sachs was recently fined $7 million by the SEC for violating its Market Access Rule and causing a disruptive trading event. [129] On August 20, 2013, a configuration error in one of Goldman's options order routers erroneously sent thousands of limit orders to the options exchanges prior to the start of regular market trading. [130] By the time the creation of additional orders was disabled, and efforts to cancel unintended orders were taken, approximately 1.5 million unintended orders (representing 150 million underlying shares) had been executed on the market. [131] The existing risk management controls and supervisory procedures in place at Goldman failed to stop the erroneous orders, and human error and failure to follow best practices exacerbated the errors. [132] While some erroneous orders were able to be cancelled, Goldman's loss ultimately totaled $38 million. [133]

    Disruptive events illustrate the importance of effective risk controls. The risk controls contemplated in Regulation AT are intended to limit the extent of market disruption caused by ATSs or trading platform malfunctions. For example, a pre-trade risk control such as a message throttle will prevent submission of orders that exceed a predetermined frequency per unit time. Such a control could be operated by the market participant generating orders, the clearing firm guaranteeing its trades, or the trading platform on which orders would be executed, and would limit the impact of an algorithmic trading system not operating as intended. As another example, monitoring and supervision standards for algorithmic trading may help ensure that human supervisors intervene quickly when automated systems experience unexpected or degraded performance, and that supervision staff have the both the authority and knowledge to take appropriate steps in this scenario.

    IV. Overview of Regulation AT Back to Top

    A. Concept Release/Regulation AT Terminology

    The Concept Release used the term “automated trading system” (abbreviated “ATS”) to refer to the algorithms used to automate the generation and execution of a trading strategy. [134] In discussing comments to the Concept Release, the Commission will continue to use the term automated trading system. However, for greater precision, the proposed rules and preamble for Regulation AT instead refer to “algorithmic trading system” (also abbreviated “ATS”). This change is intended only as a change in in nomenclature. ATSs as described herein should not be confused with alternative trading systems in equities markets.

    B. Commenter Preference for Principles-Based Regulations

    As an initial matter, the Commission notes a preference expressed in comments to the Concept Release for principles-based, as opposed to prescriptive, regulations. Fifteen commenters advocated a limited or “principles-based” approach to any regulation arising from the Concept Release. [135] Commenters indicated that prescriptive requirements will become obsolete, stifle innovation, discourage self-reporting of technological failures, may not account for the unique characteristics of market participants, and would result in participants designing around such measures. [136]

    More specifically, FIA  [137] and CME Group, Inc. (“CME”) suggested that the best way to achieve standardization of risk controls is through implementing “best practices” developed through working groups of DCMs, FCMs, and other market participants. [138] Similarly, IntercontinentalExchange, Inc. (“ICE”) indicated that “exchanges are able to better implement and update risk controls on a market-by-market basis than through a Commission rulemaking,” and should be allowed flexibility in designing exchange risk controls. [139] Susquehanna International Group (“SIG”) stated that the Commission should “allow the exchanges to work with firms on tailoring the rules for implementation in ways that best consider the technical intricacies between firms and exchanges.”  [140] Virtu Financial LLC (“VFL”) suggested that “mandating risk controls and supervisory systems that are `reasonably designed' or `provide reasonable assurance' of protection would allow participants to tailor these controls to the specific risks associated with their business.”  [141]

    In addition, five commenters indicated that the Commission already has robust regulations in place to address the risks of automated trading. [142] Such comments cited the DCM and SEF Core Principles;  [143] Commission regulations 1.73, 23.609, 38.255, and 38.607;  [144] and CEA and Commission market manipulation and disruptive trading practices rules. [145]

    In contrast to a limited or principles-based approach to regulation, several commenters supported a more prescriptive approach to a rulemaking addressing the risks of automated trading. [146] These commenters include the Institute for Agriculture and Trade Policy (“IATP”), Better Markets, and Americans for Financial Reform (“AFR”). For example, IATP stated that unless the Commission receives documentation that the risk controls of firms and exchanges are consistent and effective, the Commission should assume that regulatory standardization will be beneficial for each risk control and at each phase of the trade lifecycle. [147] In addition, several academic commenters discussed concerns with automated, high speed trading and advocated specific changes to the trade matching or order submission process to increase market liquidity and efficiency. [148]

    As discussed below, consistent with comments received, the Commission has taken a balanced approach to the regulations it believes are necessary to manage the risks of algorithmic trading. For example, the Commission proposes a principles-based approach to its risk controls requirements, in that it would require particular controls but allow the relevant entity—a trading firm, clearing member FCM, or DCM—discretion in the design of such control and the parameters that would be used.

    C. Multi-Layered Approach to Pre-Trade Risk Controls and Other Measures

    In response to the Commission's questions in the Concept Release about the appropriate location for risk controls and other measures, commenters generally supported a multi-layered approach to risk controls, with each level—trading firm, clearing firm, and exchange—implementing risk controls that are adjusted depending on circumstance. [149]

    For example, FIA commented that “[i]ntroducing redundant risk controls at more than one focal point in the trading lifecycle may increase the integrity of the marketplace when careful consideration is given to their differences in roles, implementations and configurations.”  [150] However, FIA also stated that “we caution against a mandated proliferation of redundant risk controls because the existence of similar but not identically implemented risk controls may do more harm than good. Each new implementation of a control will increase complexity and may cause misunderstanding between traders and risk managers as a consequence of conflicting risk limits.”  [151] As an example of a control that may be appropriately implemented at multiple levels, FIA stated that maximum order size limits may be implemented at both market participant and FCM levels without redundancy because they reflect the different responsibilities of each participant. [152] FIA further explained that if an FCM has implemented customer-specific controls within its infrastructure, it would be redundant to use the same controls at the DCM level, though as an additional protection, it is permissible to set higher limits at the DCM that apply across all customers. [153]

    CME cited the TAC Subcommittee's “Recommendations on Pre-Trade Practices for Trading Firms, Clearing Firms and Exchanges involved in Direct Market Access,” and commented that “each level of the `electronic trading `supply chain' (trading firms, clearing firms, and exchanges) must share in the effort to preserve market integrity through the implementation of effective risk controls, no matter if that participant has direct market access or is routing to the exchange via its clearing member firm”. [154] Specifically with respect to kill switch functionality, CME indicated that kill switch functionality deployed at multiple levels should not be considered redundant. [155] CME further suggested that while multi-layered kill switch functionality is not necessary for effective risk control, it is nevertheless beneficial as it adds additional measures of protection. [156] CME made a general point that registrants should establish controls appropriate to the nature of their business that are reasonably designed to control access, effectively monitor trading, and prevent errors as well as other inappropriate activity. [157] CME indicated that, regardless of whether orders are entered manually through an electronic system or entered through an automated trading system, such principles are equally important, because the method of order entry does not lessen the impact of a particular order on the market. [158]

    Other commenters supported a multi-layered approach to risk controls. AIMA indicated that risk controls should be “broadly similar” and applied at the trading firm, clearing firm, and exchange levels. [159] KCG stated that “risk management is most effective when it is multi-layered and overlapping.”  [160] VFL stated that a “multilayered system of risk controls is a key ingredient to protect the market from disruptive events.”  [161]

    The Commission agrees with the comments above that it should adopt a multi-layered approach to regulations intended to mitigate the risks of automated trading. As explained below, the Commission proposes to impose requirements at multiple stages of the lifecycle of an order. The Commission acknowledges FIA's comment that the different role of entities at various stages in the trade lifecycle must be carefully evaluated. While Regulation AT requires the same types of pre-trade and other risk controls to be implemented by different entities, the Commission notes that the proposed regulations allow for discretion in the appropriate design and parameters of each risk control. Accordingly, a trading firm, clearing member FCM, and DCM may each choose to design and calibrate the same control in different ways, depending on how the control is used by each entity to manage risks.

    The Commission notes that ESMA's 2015 Final Draft Regulatory Standards require pre-trade risk controls at both investment firms and trading venues. [162] ESMA acknowledged commenter disagreement with such redundancy and stated, “ESMA believes that at least two lines of defence are appropriate in this complex business and thus continues to require the pre-trade risk controls conducted by both investment firms and trading venues.”  [163] ESMA's regulatory standards further provide that where a client is granted market access either through an intermediary's systems, or directly without using the intermediary's systems, the direct electronic access provider must apply the required pre-trade risk controls. [164] Regulation AT requires pre-trade and other risk controls at both the AT Person and clearing member FCM level (as well as the DCM level) based on its understanding that the risks—and the resulting calibration levels of the controls—may be different given those entities' distinct priorities and understanding of the risks to themselves and their customers.

    Below is a summary of each element of Regulation AT. For each element, the Commission addresses relevant Concept Release comments, summarizes the proposed regulation, and asks questions concerning the proposed regulation.

    D. Codification of Defined Terms Used Throughout Regulation AT

    1. “Algorithmic Trading”—§ 1.3(zzzz)

    a. Concept Release Comments

    The Concept Release requested comment concerning whether the Commission should define ATS or algorithm for purposes of any ATS identification system. Commenters disagreed on whether the Commission should adopt a definition of “ATS.” FIA and CME opposed a regulatory definition, arguing that industry already has a definition of automated trading system. [165] FIA and CME indicated that the definition of ATS is self-evident and has been in use for a long time, and that ATS, or automated orders, are orders that are generated and/or routed without human intervention. This includes orders generated by a computer system as well as orders that are routed using functionality that manages order submission by automated means (i.e., execution algorithms). [166] Another commenter, Gelber Group, LLC (“Gelber”), stated that the Commission should adopt a “strong but appropriately flexible definition” of ATS aligned with existing exchange definitions. [167]

    The Commission's evaluation of this issue is also informed by the work of the TAC Subcommittee. In particular, the TAC Subcommittee described “automated trading” as follows: “[Automated trading] covers systems employed in the decision-making, routing and/or execution of an investment or trading decision, which utilizes a range of technologies including software, hardware, and network components to facilitate efficient access to the financial markets via electronic trading platforms.”  [168]

    b. Description of Regulation

    While the Commission does not define the term “ATS” in this NPRM, the Commission does propose a new § 1.3(zzzz) that defines the related activity of “Algorithmic Trading.” This proposed term means trading in any commodity interest as defined in Regulation 1.3(yy)  [169] on or subject to the rules of a DCM, where: (1) One or more computer algorithms or systems determines whether to initiate, modify, or cancel an order, or otherwise makes determinations with respect to an order, including but not limited to: the product to be traded; the venue where the order will be placed; the type of order to be placed; the timing of the order; whether to place the order; the sequencing of the order in relation to other orders; the price of the order; the quantity of the order; the partition of the order into smaller components for submission; the number of orders to be placed; or how to manage the order after submission; and (2) such order, modification or order cancellation is electronically submitted for processing on or subject to the rules of a DCM; provided, however, that Algorithmic Trading does not include an order, modification, or order cancellation whose every parameter or attribute is manually entered into a front-end system  [170] by a natural person, with no further discretion by any computer system or algorithm, prior to its electronic submission for processing on or subject to the rules of a DCM. [171]

    The term “Algorithmic Trading” is a critical underpinning of other elements of this NPRM. Specifically, the Commission proposes a number of requirements related to Algorithmic Trading, including that trading firms (i.e., AT Persons, as defined in section IV(D) below), clearing member FCMs, and DCMs implement certain pre-trade risk controls for Algorithmic Trading; that trading firms implement certain standards for the development, testing, monitoring, and compliance of ATSs; and that trading firms and clearing members FCMs submit compliance reports describing the new pre-trade risk controls. In addition, the term “Algorithmic Trading” is employed in the proposed definition of “AT Person,” a term that identifies those persons or entities subject to the Commission's proposed new pre-trade risk control requirements, among other requirements.

    The Commission notes that its definition of Algorithmic Trading is similar to the definition of algorithmic trading adopted by the European Commission under MiFID II. [172] However, the definition of algorithmic trading under MiFID II does not include systems that only make decisions as to the routing of orders to one or more trading venues. [173] Similarly, for purposes of a proposal relating to registration of persons who develop algorithmic trading strategies, FINRA's definition of “algorithmic trading strategy” does not include an order router alone. [174] In contrast to MiFID II and FINRA, the Commission intends that the definition of Algorithmic Trading includes systems that make determinations regarding any aspect of the routing of an order, i.e., systems that only make decisions as to the routing of orders to one or more trading venues. The Commission believes that automated order routers have the potential to disrupt the market to a similar extent as other types of automated systems, and therefore should not be treated differently under the proposed regulations. For example, the SEC determined that Knight Capital made errors related to the coding and testing of an automated equity router, which caused the firm to acquire several billion dollars in unwanted positions and sustain a loss of more than $460 million, in addition to causing substantial market disruption. [175]

    The Commission has taken this approach to automated order routers after considering existing industry definitions of “automated trading systems.” For example, CME defines “ATS” as “a trading method in which a computer makes decisions and enters orders without a person entering those orders. This is a programmatic way of representing the trader.”  [176] Similarly, ICE defines “ATS” as “any system that automates the generation and submission of orders to ICE.”  [177] The Commission anticipates that entities using automated order routers will be using similar or related automated technology to determine other parameters of an order. In addition to the consideration that order routing systems have the potential to disrupt the market, the Commission believes that, given the interconnectedness of trading firm systems, carving out a particular subset of automated systems from the definition of Algorithmic Trading, e.g., order routing systems, would introduce unnecessary complexity and reduce the effectiveness of the safeguards provided in its proposed regulations. [178]

    The Commission notes that even if a computer algorithm or system makes one or more determinations with respect to an order (such as product, timing, price or quantity), the submission of the order would not constitute Algorithmic Trading if every parameter or attribute of the order is manually entered into a front-end system by a natural person, with no further discretion by any computer system or algorithm, prior to its electronic submission for processing on or subject to the rules of a DCM. However, if a natural person does not manually enter an order as described in the preceding sentence, but nonetheless intervenes in the order in some other and more limited manner, the submission of the order would still represent Algorithmic Trading if the other elements of the definition are met. The Commission believes that the risks of Algorithmic Trading continue to exist in trading where there is some limited natural person intervention at particular stages of order submission or execution, and Regulation AT requirements should apply to such trading to the same extent that it does to trading that is entirely automated. In sum, the only circumstance in which natural person intervention by definition would cause trading to not represent Algorithmic Trading is if the proviso in clause (2) of the definition of Algorithmic Trading were met.

    Finally, the Commission clarifies that there are certain automated functions that do not fall within the proposed definition of Algorithmic Trading. For example, the use of automated programs that incorporate electronic indicators or other technical analysis features to notify a trader regarding specified market activity (e.g., a product reaches a particular price) would not in itself represent Algorithmic Trading, unless the same program makes the determinations described in clause (1) of the definition, and clause (2) is also met. Similarly, if an entity (such as an introducing broker) uses certain electronic systems as part of its business practices, but does not submit orders to a trading platform, that entity's use of electronic systems would not of itself be considered Algorithmic Trading. Finally, the application of risk filters to an order that is otherwise entered through entirely manual means (i.e., an order whose every parameter or attribute is manually entered into a front-end system by a natural person, with no further discretion by any computer system or algorithm)  [179] would not be considered Algorithmic Trading solely due to the use of risk filters. For example, existing §§ 1.11 and 1.73 require FCMs and clearing member FCMs, respectively, to establish certain automated financial or risk-based controls, including limits based on position size, order size and margin requirements or capital, credit or volume thresholds. The application of such automated controls would not, on their own, cause an order to fall within the definition of Algorithmic Trading.

    The Commission notes that ESMA's 2015 Final Draft Regulatory Standards address the distinction between “investment decision algorithms” (which make automated trading decisions by determining which assets to purchase or sell) and “order execution algorithms” (which optimize order execution processes by automatic generation and submission of orders or quotes to one or several trading venues once the investment decision is made). ESMA's standards provide that pure investment decision algorithms which generate orders that are only to be executed by non-automated means and with human intervention are excluded from ESMA testing requirements. [180]

    c. Request for Comments

    1. Is the Commission's definition of “Algorithmic Trading” generally consistent with what algorithmic trading is understood to mean in the industry? If not, please explain how it is inconsistent and how the definition should be modified. In your answer, please explain whether the definition inappropriately includes or excludes a particular type or aspect of trading.

    2. Should the Commission adopt a definition of “Algorithmic Trading” that is more closely aligned with any definition used by another regulatory organization?

    3. For purposes of the Commission's definition of Algorithmic Trading, is it necessary for the Commission to define “computer algorithms or systems”? If so, please explain what should be included in such a definition.

    4. Should the Commission's definition of “Algorithmic Trading” include systems that only make determinations as to the routing of orders to different venues (which is contemplated in the proposed definition)? With respect to the definition of “Algorithmic Trading,” should the Commission differentiate between different types of algorithms, such as alpha-generating algorithms and order routing algorithms?

    5. Is the Commission's understanding correct that most entities using automated order routers will be using similar or related automated technology to determine other parameters of an order?

    6. The Commission posits a scenario in which an AT Person submits orders through Algorithmic Trading, and a non-clearing FCM or other entity acts only as a conduit for these AT Person orders. If the non-clearing FCM or other entity does not make any determinations with respect to such orders, the conduit entity would not be engaged in Algorithmic Trading, as that definition is currently proposed. Should the definition of Algorithmic Trading be modified to capture a conduit entity such as a non-clearing FCM in this scenario, thereby making the entity an AT Person subject to Regulation AT? In other words, should non-clearing FCMs be required to manage the risks of AT Person customers? How would non-clearing FCMs do so if the non-clearing FCMs do not have risk controls comparable to the risk controls specified in proposed § 1.82?

    7. The Commission, recognizing that natural person traders who manually enter orders also have the potential to cause market disruptions, is considering expanding the definition of Algorithmic Trading to encompass orders that are generated using algorithmic methods (e.g., an algorithm generates a buy or sell signal at a particular time), but are then manually entered into a front-end system by a natural person, who determines all aspects of the routing of the orders. Such order entry would not represent Algorithmic Trading under the currently proposed definition. The Commission requests comment on this proposed expansion of the definition of Algorithmic Trading, which the Commission may implement in the final rulemaking for Regulation AT. The Commission requests comment on the costs and benefits of this proposal, in addition to any other comments regarding the effectiveness of this proposal in terms of risk reduction.

    2. “Algorithmic Trading Compliance Issue”—§ 1.3(tttt)

    a. Description of Regulation

    The Commission proposes to define three new, related terms: “Algorithmic Trading Compliance Issue,” “Algorithmic Trading Disruption,” and “Algorithmic Trading Event” (which encompasses Algorithmic Trading Compliance Issues or Algorithmic Trading Disruptions). As a general matter, the proposed regulations contained in Regulation AT are intended to address the risks of automated trading. Malfunctioning or incorrectly deployed algorithms deploying erroneous messages to trading venues can significantly impact markets and market participants. The speed at which trading occurs can magnify the harm caused by a malfunctioning system, for example, in driving unwarranted price changes. The proposed definitions work in conjunction with proposed regulations requiring certain risk controls and other measures and are intended to describe the types of market disruptions, regulatory violations, or other events that Regulation AT is designed to prevent or mitigate.

    The three proposed terms Algorithmic Trading Compliance Issue, Algorithmic Trading Disruption, and Algorithmic Trading Event have analogues under Reg SCI's definitions of “Systems compliance issue,” “Systems disruption,” and “SCI event.”  [181] The term “SCI event,” under Reg SCI, encompasses systems compliance issues and systems disruptions. Similar to Regulation AT, Reg SCI requires that an SCI entity's policies and procedures must include monitoring of systems to identify potential SCI events, and that SCI entities must establish escalation procedures to quickly inform responsible SCI personnel of potential SCI events. [182]

    The term “Algorithmic Trading Compliance Issue” is defined in proposed § 1.3(tttt), and means “an event at an AT Person that has caused any Algorithmic Trading of such entity to operate in a manner that does not comply with the CEA or the rules and regulations thereunder, the rules of any designated contract market to which such AT Person submits orders through Algorithmic Trading, the rules of any registered futures association of which such AT Person is a member, the AT Person's own internal requirements, or the requirements of the AT Person's clearing member, in each case as applicable.”

    The term is relevant to Regulation AT's pre-trade risk and other control requirements for AT Persons as provided in proposed § 1.80, which requires the specified controls and measures to be reasonably designed to prevent or mitigate an “Algorithmic Trading Event.” The term Algorithmic Trading Event, as discussed below, means either an Algorithmic Trading Compliance Issue or an Algorithmic Trading Disruption. The defined term Algorithmic Trading Compliance Issue is also relevant to Regulation AT's proposed testing requirements on AT Persons. Specifically, proposed § 1.81(c) requires each AT Person to establish procedures requiring its staff to review Algorithmic Trading systems in order to detect potential Algorithmic Trading Compliance Issues. Regulation § 1.81(c) also would require a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading designed to detect and prevent Algorithmic Trading Compliance Issues. Finally, proposed § 40.20 requires a DCM to establish and maintain pre-trade and other risk controls reasonably designed to prevent the occurrence of an Algorithmic Trading Disruption (or similar disruption) or an Algorithmic Trading Compliance Issue. The proposed definition of Algorithmic Trading Compliance Issue was not discussed in the Concept Release.

    b. Request for Comments

    8. Should the definition of Algorithmic Trading Compliance Issue be modified to include other potential compliance failures involving an AT Person that may have a significant detrimental impact on such AT Person, the relevant DCM, or other market participants?

    3. “Algorithmic Trading Disruption”—§ 1.3(uuuu)

    a. Description of Regulation

    Regulation AT proposes a defined term “Algorithmic Trading Disruption.” The term is defined in new § 1.3(uuuu), and means “an event originating with an AT Person that disrupts, or materially degrades, (1) the Algorithmic Trading of such AT Person, (2) the operation of the designated contract market on which such AT Person is trading or (3) the ability of other market participants to trade on the designated contract market on which such AT Person is trading.”  [183] The Commission notes that it interprets clause (3) of the definition broadly (“an event originating with an AT Person that disrupts, or materially degrades . . . the ability of other market participants to trade on the designated contract market on which such AT Person is trading.”) Among other events that would meet the Commission's understanding of “disrupts, or materially degrades,” the Commission interprets clause (3) as including an event originating with an AT Person that prohibits other market participants from trading on the designated contract market on which such AT Person is trading.

    The term Algorithmic Trading Disruption is relevant to Regulation AT's pre-trade risk and other control requirements for AT Persons and FCMs that are clearing members for a DCO, as provided in proposed §§ 1.80 and 1.82(a), respectively. The controls and measures required by proposed § 1.80 must be reasonably designed to prevent or mitigate an “Algorithmic Trading Event,” The term “Algorithmic Trading Event,” as discussed below, means either an “Algorithmic Trading Compliance Issue” or an “Algorithmic Trading Disruption.” The controls and measures required of clearing member FCMs in proposed § 1.82(a), in contrast to those required of AT Persons in proposed § 1.80, must be reasonably designed to prevent or mitigate only the narrower Algorithmic Trading Disruption. Finally, proposed § 40.20 requires a designated contract market to establish and maintain pre-trade and other risk controls reasonably designed to prevent an Algorithmic Trading Disruption. The proposed definition of Algorithmic Trading Disruption was not discussed in the Concept Release.

    b. Request for Comments

    9. Should the definition of Algorithmic Trading Disruption be modified to include other types of disruptive events that may originate with an AT Person?

    10. Should the definition be expanded to include other types of disruptive downstream consequences that may result from an Algorithmic Trading Disruption originating with an AT Person, and which may negatively impact the relevant designated contract market, other market participants, or other persons? Alternatively, should the scope of the definition be reduced, and if so, why?

    11. In addition, should the reference to “materially degrades” in the definition of Algorithmic Trading Disruption be expanded or otherwise modified to encompass other types of disruptions that may impact the relevant designated contract market, other market participants, or other persons? Please provide examples of real-world events originating with AT Persons (as defined under Regulation AT) that resulted in disruptions that may not be captured by the reference to “materially degrades” in the definition.

    4. “Algorithmic Trading Event”—§ 1.3(vvvv)

    Regulation AT proposes a new definition in § 1.3(vvvv) (Algorithmic Trading Event) that means either an Algorithmic Trading Compliance Issue or an Algorithmic Trading Disruption. As noted above, the term Algorithmic Trading Event is used in proposed § 1.80 requiring AT Persons to implement risk controls that are reasonably designed to prevent or mitigate an “Algorithmic Trading Event.” The proposed definition is also used in rules under proposed § 1.81(a) that require AT Persons to conduct regular back-testing of Algorithmic Trading using historical transaction, order, and message data to identify circumstances that may contribute to future Algorithmic Trading Events. The definition is also used in rules under proposed § 1.81(b) that require AT Persons to conduct continuous real-time monitoring of Algorithmic Trading to identify potential Algorithmic Trading Events, and in rules under proposed § 1.81(d) that require AT Persons to establish training procedures for communicating and escalating instances of Algorithmic Trading Events to the appropriate personnel. The proposed definition was not discussed in the Concept Release.

    5. “AT Order Message”—§ 1.3(wwww)

    a. Description of Regulation

    The Commission is proposing to define an “AT Order Message” (new § 1.3(wwww)) as each new order or quote submitted through Algorithmic Trading to a DCM by an AT Person and each change or deletion submitted through Algorithmic Trading by an AT Person  [184] with respect to such an order or quote. This term is used in the proposed regulations requiring AT Persons, clearing member FCMs and DCMs to implement pre-trade risk controls and other measures with respect to AT Order Messages. The proposed controls include a maximum AT Order Message frequency per unit time, which is also known as a message throttle requirement. [185] The Commission notes that its definition of AT Order Message is consistent with ESMA's definition of message in its HFT analysis. [186] The proposed language does not impose specific requirements concerning the design of the AT Order Message throttle or the particular thresholds that must be used.

    The Commission believes that defining AT Order Message is necessary in proposed §§ 1.80, 1.82, 38.255(b) and (c), and 40.20(a)(1) to specify the type of messages that should be subject to frequency controls. The Commission intends that required maximum message frequency controls would apply to new orders, order cancellations, and changes to important order terms that have the potential to impact the market. [187] Notwithstanding the foregoing, while the definition of AT Order Message would only apply to order-related messages, the Commission recognizes that certain message types outside of the definition of AT Order Message may cause market disruptions by affecting the operation of a DCM's electronic matching platform. A DCM has the discretion to implement controls throttling excessive heartbeat  [188] or administrative-type messages if it believes that such controls are necessary to prevent fraud or manipulation or otherwise ensure the proper functioning of its electronic matching platform and market.

    As discussed below, the Commission believes that requiring maximum order message frequencies at the trading firm, clearing member FCM and DCM levels serves important policy goals. Order entry frequencies that are much larger than intended could result in an accumulation or reduction of positions at speeds that outpace or overload associated risk management systems. Large quantities of unintended orders could also impact the market by increasing engine matching times or order submission latencies.

    b. Request for Comments

    12. Please comment on the proposed scope of the Commission's definition of AT Order Message. Is the proposed definition too expansive, in that it would limit the submission of messages that do not have the potential to disrupt the market? Alternatively, is the scope of the AT Order Message too limited, in that it could allow messages not related to orders (i.e., heartbeat messages or requests for mass quotes) to intentionally or unintentionally flood the DCM's systems and slow down the matching engine? Please explain how this definition would be more appropriately limited or expanded.

    6. “AT Person”—§ 1.3(xxxx)

    a. Description of Regulation

    The Concept Release did not specifically address whether regulations in the area of algorithmic trading should include a defined term “AT Person.” However, the Commission determined that such a defined term is necessary in order to identify which entities are subject to the proposed regulations addressing trading firms' management of the risks of algorithmic trading. These regulations include, for example, pre-trade and other risk controls on the orders initiated by the trading firm; development, testing and supervision standards; and the requirement to submit compliance reports regarding the new risk controls.

    The proposed definition under new § 1.3(xxxx) lists those particular persons or entities that may be considered an AT Person: Persons registered or required to be registered as FCMs, floor brokers, SDs, MSPs, CPOs, CTAs, or IBs that engage in Algorithmic Trading on or subject to the rules of a DCM, or persons registered or required to be registered as floor traders as defined in § 1.3(x)(3). [189] Regulation § 1.3(x)(3) is a proposed revision to the Commission's existing definition of floor trader, and is discussed in detail below (see section IV(E) below on Registration of Certain Persons Not Otherwise Registered with the Commission). Such persons or entities would be AT Persons if they engage in Algorithmic Trading on or subject to the rules of a DCM. See section IV(H) below for a more detailed discussion of which persons would be designated as AT Persons for purposes of proposed § 1.80 and other regulations, and which persons would not be AT Persons, but would nonetheless be subject to proposed § 1.82.

    b. Request for Comments

    13. The Commission notes that the FIA Guide recommends certain pre-trade risk controls and contemplates three levels at which these controls can be placed: Automated trader, broker, and exchange. FIA defines “automated trader” as any trading entity that uses an automated system, including hedge funds, buy-side firms, trading firms, and brokers who deploy automated algorithms, and defines “broker” as FCMs, other clearing firms, executing brokers and other financial intermediaries that provide access to an exchange.

    a. Should the Commission's definition of “AT Person” explicitly include or exclude any of the classes of parties included in FIA's term “automated trader”? Please explain. Are there any types of entities not present in this list that should be included in the “AT Person” definition?

    b. Should Regulation AT use the term “broker,” as understood by FIA? If so, please explain. Is there another term that would be more appropriate in defining the scope of AT Persons?

    14. Algorithmic Trading carries technological and personnel costs, and the Commission expects that such trading will be performed by entities, not natural persons. Is this a reasonable assumption? For purposes of quantifying the number of AT Persons that will be subject to the regulations, do you believe that any AT Person (a definition that encompasses the following persons if engaged in Algorithmic Trading: FCMs, floor brokers, swap dealers, major swap participants, commodity pool operators, commodity trading advisors, introducing brokers, and newly registered floor traders using Direct Electronic Access) will be a natural person or a sole proprietorship with no employees other than the sole proprietor?

    15. The Commission recognizes that a CPO could use Algorithmic Trading to enter orders on behalf of a commodity pool which it operates. In these circumstances, should the Commission consider the CPO that operates the commodity pool or the underlying commodity pool itself as “engaged in Algorithmic Trading” pursuant to the definition of AT Person?  [190]

    16. The Commission notes that pursuant to § 1.57(b) of the Commission's regulations IBs may not carry proprietary accounts. However, certain customer relationships may cause an IB to fall under the definition of AT Person. The Commission requests comment on the types of IB customer relationships that could cause IBs to fall under the definition of AT Persons. What activities are currently being conducted by IBs that could cause an IB to be considered engaging in Algorithmic Trading on or subject to the rules of a DCM and would therefore cause the IB to be considered an AT Person?

    17. Should the definition of AT Person be limited to persons using DEA? In other words, should the definition capture persons registered or required to be registered as FCMs, floor brokers, SDs, MSPs, CPOs, CTAs, or IBs that engage in Algorithmic Trading on or subject to the rules of a DCM, or persons registered or required to be registered as floor traders as defined in § 1.3(x)(3), in each case if such persons are using DEA? The Commission requests comment on the costs and benefits of this approach, including comments on whether this more limited definition of AT Persons would adequately mitigate the risks associated with algorithmic trading.

    7. “Direct Electronic Access”—§ 1.3(yyyy)

    a. Concept Release Comments

    The Concept Release asked whether there are specific risk controls that should apply in the context of direct market access, and whether the implementation of risk controls should be modified in the context of direct market access. [191]

    Several commenters agreed that any potential risk controls should also apply to those with direct access to the market. [192] For example, FIA described market participants' access to markets as consisting of two broad categories: “Direct ATS Participants,” characterized by use of an ATS directly connected to a DCM without using an FCM's infrastructure to route orders, and “Indirect ATS Participants,” characterized by use of an ATS that routes orders through an FCM's infrastructure. [193] FIA stated that all types of market access create risks; therefore, the same principles should apply to all types of market access. [194] FIA also explained that since market participants may now access a DCM directly without passing through an FCM's infrastructure, “the only consistent opportunity for risk control is at the DCM and the market participant.”  [195]

    Additional commenters made similar points. CME stated that all entities—whether they have direct market access or not—must “share in the effort to preserve market integrity.”  [196] ICE explained that it treats every order and trade equally regardless of connection method or participant type. [197] KCG Holdings, Inc. (“KCG”) commented that “any pre-trade risk control requirements [must] be applied so as to not permit market participants to avoid their application based on the manner in which the participant accesses the market.”  [198] VFL commented that “the privilege of direct exchange access should bring with it the obligation to deploy a system designed to protect the integrity of the marketplace.”  [199] VFL explained that all exchange members should be required to employ pre- and post-trade risk controls, and all non-members should be required to access exchanges only through a member's risk control layer. [200]

    b. Description of Regulation

    Consistent with the comments discussed above, the Commission proposes a new § 1.3(yyyy) that defines “Direct Electronic Access” (“DEA”) and, through other proposed rules, requires that AT Order Messages originating with an AT Person and submitted by AT Persons through such DEA be subjected to the same types of pre-trade and other risk controls that such orders would pass through if they flowed through the infrastructure of an FCM before entering the market.

    The Commission notes that the Concept Release used the term “direct market access,” or “DMA,” and such term is commonly used in industry. The Commission intends that “Direct Electronic Access” be consistent with the term “direct market access” as it is used in Commission-regulated markets. The Commission determined to employ the term Direct Electronic Access, as opposed to direct market access, in the interest of regulatory consistency. The term “Direct Electronic Access” by FCM customers is used in existing Regulation 38.607, where it is described as “allowing customers of futures commission merchants to enter orders directly into a designated contract market's trade matching system for execution.”  [201]

    The Commission proposes that the term “Direct Electronic Access” means an arrangement where a person electronically transmits an order to a DCM, without the order first being routed through a separate person who is a member of a DCO to which the DCM submits transactions for clearing. By “routed,” the Commission means the process by which an order physically goes from a customer to a designated contract market. [202] As indicated below, the Commission requests comment on its definition of DEA and whether there are particular scenarios where it would be unclear whether a customer is trading through DEA.

    DEA is relevant to several of the proposed regulations. As explained below, DEA is used as a filter to help define a new category of market participants required to register as floor traders and be subject to the requirements of Regulation AT (see proposed § 1.3(x)(3), discussed below). In addition, the term DEA is relevant to revised § 38.255, which would require DCMs to have in place systems and controls reasonably designed to facilitate FCM's management of the risks that may arise from Algorithmic Trading, and proposed § 1.82, which requires FCMs to implement such DCM-provided controls for DEA orders. This approach recognizes that when DEA is used, clearing FCMs do not have the ability to apply market risk controls to orders they receive for clearing before these orders reach the DCM. This approach of enabling clearing FCMs to implement DCM-based controls is similar to how the Commission addresses financial risk management by FCMs, as reflected in existing DCM regulation § 38.607.

    The Commission's proposed definition of DEA differs from SEC, ESMA and IOSCO terminology. The SEC characterizes “direct market access” as an arrangement whereby a broker-dealer permits customers to enter orders into a trading center but such orders flow through the broker-dealer's trading systems prior to reaching the trading center. [203] “Sponsored access” generally refers to an arrangement whereby a broker-dealer permits customers to enter orders into a trading center that bypass the broker-dealer's trading system and are routed directly to a trading center, in some cases supported by a service bureau or other third-party technology provider. [204] “Unfiltered” or “naked” access is a subset of sponsored access, where pre-trade filters or controls are not applied to orders before such orders are submitted to an exchange or ATS. [205] Similarly, ESMA and IOSCO refer to “direct electronic access” as including direct market access and sponsored access; “direct market access,” as an arrangement where a member of a trading venue provides a connecting system to a person to transmit orders; and “sponsored access” as an arrangement where such an infrastructure is not used by a person. [206] While the Commission's proposed terminology differs from that used by other regulatory organizations, the Commission believes that its defined term DEA is consistent with existing Commission regulations. References to “DEA” and “Direct Electronic Access” throughout this preamble shall refer to the term proposed in § 1.3(yyyy).

    c. Request for Comments

    18. Please explain whether the Commission's proposed definition of DEA will encompass all types of access commonly understood in Commission-regulated markets as “direct market access.” In light of the proposed regulations concerning pre-trade and other risk controls and standards for the development, testing and supervision of algorithmic trading systems, do you believe that the proposed definition of Direct Electronic Access is too limited (or, alternatively, too expansive)? If so, please explain why and how the definition should be revised.

    19. Should the Commission define “routed” in its definition of DEA? If so, how? Are there specific examples of trading or routing arrangements where it would be unclear whether trading was performed through DEA?

    20. Should the Commission use the term “direct market access” instead of DEA, and if so why?

    21. Should the Commission define sub-categories of DEA, such as sponsored market access?

    22. The Commission's proposed definition of DEA in § 1.3(yyyy) differs from definitions of direct electronic access in § 38.607 and direct access for FBOTs in § 48.2(c). The Commission believes that the more technical definition in proposed 1.3(yyyy) is appropriate for Regulation AT. The Commission solicits comment regarding proposed 1.3(yyyy), whether all definitions of “direct” access should be harmonized across the Commission's rules, and if so how. Do you believe that two definitions would create confusion with respect to Commission requirements as to direct electronic access? With respect to §§ 1.80, 1.82 and 38.255(b) and (c) provisions imposing risk control requirements on AT Persons, FCM and DCMs, should the Commission use the existing definition of direct electronic access provided in § 38.607?

    E. Registration of Certain Persons Not Otherwise Registered With Commission—§ 1.3(x)

    The Commission proposes to amend the definition of “Floor trader” in Commission regulation 1.3(x), in order to facilitate the registration of proprietary traders using DEA for Algorithmic Trading on a DCM. Such persons would be required to register as Floor traders pursuant to proposed § 1.3(x)(3), assuming that they were not already registered or required to register with the Commission in another capacity. The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release requested comment on whether all firms operating ATSs to trade solely for their own account should be required to register with the Commission. As discussed in greater detail below, a registration requirement for firms operating ATSs and not otherwise registered with the Commission would enhance the Commission's oversight capabilities and allow for wider implementation of some or all of the pre-trade controls and risk management tools discussed in this NPRM and currently used in the market today. In particular, registration will help ensure that all market participants that actively trade on Commission-regulated markets implement appropriate controls, including those trading firms that access the market directly and use algorithmic trading systems that could malfunction and create systemic risk to all market participants.

    In the Concept Release, the Commission requested specific comment on whether firms operating ATSs to trade solely for their own account would meet the definition of “floor trader” in Section 1a(23) of the Act, and whether registering such firms as floor traders would effectuate the purposes of the Act. The “floor trader” definition in CEA 1a(23) states that, in general, the term “floor trader” means any person who, in or surrounding any pit, ring, post or other place provided by a contract market for the meeting of persons similarly engaged, purchases, or sells solely for such person's own account. [207] Given the evolution of futures trading over recent years, electronic trading platforms have now become a primary “other place” in which proprietary market making and trading generally, takes place.

    Seven commenters (including FIA, CME, MFA and the Chicago Fed) opposed registration for reasons including: DCMs already use Operator IDs; the DCM audit trail already satisfies the goals of registration; implementing the Commission's final rule on ownership and control reporting (“OCR”) will provide additional information on trading identities; and the Commission already has access to trade data (i.e., Regulation 1.40 and part 38's mandate that DCMs require market participants to submit to a DCM's jurisdiction). [208] In response to the Concept Release question seeking information concerning whether firms operating ATSs would meet the definition of “floor trader” under the CEA, CME and Gelber stated that the term floor trader is an anachronism that is irrelevant to automated trading environments. [209]

    In contrast, Better Markets, AFR, and TCL supported ATS registration. [210] AFR stated that “[t]he enhancement of investigative authority is extraordinarily important given that the Commission staff would often need to involve itself in the workings of the ATSs to anticipate problems and to detect and investigate problems that have occurred. HFT firms should have the highest priority.”  [211]

    Finally, AIMA and VFL supported registration for participants with direct market access. [212] VFL commented that if an exchange provides a participant the ability to connect directly, then that participant enjoys all of the rights of a member and should be regulated at the federal and exchange level. [213] Finally, while Chicago Fed opposed a requirement that ATSs register with the Commission, it suggested that participants with direct market access must register with the exchange. [214]

    2. Description of Regulation

    The Commission proposes to require the registration of proprietary traders using DEA for Algorithmic Trading on a DCM. As discussed in greater detail in section 3 below, registration of entities with DEA as floor traders would mean that such firms must implement the pre-trade controls and risk management tools that Regulation AT requires of AT Persons. If the Commission were to only require those firms that are already registered with the Commission to implement such controls, some market participants conducting Algorithmic Trading on Commission-regulated markets would not be subject to the Commission's risk control requirements.

    In order to achieve registration of proprietary traders using DEA for Algorithmic Trading on a DCM, the Commission proposes amending the definition of “Floor trader” in Commission regulation 1.3(x). The amended definition would expressly include any person who purchases or sells futures or swaps solely for such person's own account in a place provided by a contract market for the meeting of persons similarly engaged, where such place is accessed by such person in whole or in part through DEA (as defined in proposed § 1.3(yyyy)) for Algorithmic Trading, and such person is not otherwise registered with the Commission as a futures commission merchant, swap dealer, floor broker, major swap participant, commodity pool operator, commodity trading advisor, or introducing broker. The Commission notes, however, that persons otherwise registered or required to register with the Commission in another capacity (e.g., as a swap dealer) would not be exempt from such registration simply by registering as a Floor trader pursuant to proposed § 1.3(x)(3).

    CEA 1a(23) states that the term “floor trader” means any person who, in or surrounding any pit, ring, post or other place provided by a contract market for the meeting of persons similarly engaged, purchases, or sells solely for such person's own account. [215] The term was added to the Act in the Futures Trading Practice Act of 1992 (the “1992 Act”). [216] The 1992 Act also amended Section 4e of the Act to require registration of floor traders, and tasked the Commission with issuing rules to implement the requirement within 180 days of the date of enactment.

    In 1993, pursuant to the 1992 Act, the Commission finalized rules regarding registration of floor traders. [217] The Commission established a definition for the term “floor trader” in Regulation 1.3(x). The Commission noted in the preamble to that final rule that “certain persons trading through electronic systems come within the [floor trader] definition.”  [218] Given the prevalence of pit trading in 1992 and the short time frame to implement floor trader registration, the Commission determined to require registration for floor traders operating “on the trading floor of an exchange” and “to defer consideration of the application of floor trader registration requirements to persons using electronic trading systems and to reconsider the subject at a later date.”  [219] The Commission expressly stated that, “[i]n order to preserve flexibility in this area, the definition of floor trader in Rule 1.3(x) states that it shall include any person required to register as [a floor trader] by rule or regulation of the Commission pertaining to the operation of an electronic trading system.”  [220]

    On July 21, 2010, President Obama signed the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”). [221] Title VII of the Dodd-Frank Act amended the CEA definition of “floor trader.”  [222] This amendment maintained the language from the 1992 Act defining a floor trader as a person “who, in or surrounding any pit, ring, post, or other place provided by a contract market . . . for the meeting of persons similarly engaged, purchases, or sells solely for such person's own account” any commodity for future delivery. However, the amended definition also applied to trading in swaps, and provided that the definition includes “anyone who is registered with the Commission as a floor trader.” Finally, the amendment allows for the Commission by regulation to include within the definition or exclude from the definition anyone who meets the statutory definition. Subsequently, the Commission amended the definition of floor trader in Rule 1.3(x) to precisely mirror the language contained in section 1a(23)(A) of the Act. [223]

    3. Policy Discussion

    In order to enhance the Commission's oversight capabilities as they relate to entities with DEA and allow for wider implementation of some or all of the pre-trade controls and risk management tools discussed in this NPRM and currently used in the market today, the Commission proposes amending Regulation 1.3(x) to expressly include such firms within the definition of “floor trader.” The Commission emphasizes that the “floor trader” definition is not being expanded to capture all proprietary traders engaged in Algorithmic Trading; rather, the revised floor trader definition is limited to firms using DEA to engage in Algorithmic Trading. Historically, pursuant to the Commission's preamble discussion in the Registration of Floor Traders Rule and the original formulation of Regulation 1.3(x) discussed above, the Commission has only required registration of floor traders conducting business on the physical trading floor of an exchange. However, the Act contemplates floor traders in “other places” besides the trading floor, and the Commission has previously noted that the Act's definition applies to persons using electronic trading systems. [224]

    Registration of entities with DEA as floor traders would enhance the pre-trade controls and risk management tools discussed elsewhere in this NPRM by making such entities subject to the various regulations governing AT Persons under the NPRM. For example, the pre-trade risk controls listed in proposed § 1.80—maximum AT Order Message frequencies per unit time, maximum execution frequencies per unit time, order price parameters and maximum order size limits—must be established and used by all AT Persons. If the Commission were to only require those firms that are already registered with the Commission to implement such controls, it would be ignoring a significant number of market participants that actively trade on Commission-regulated markets, each of which has ATSs that could malfunction and create systemic risk to all market participants. Registration as floor traders would also require entities using DEA, as AT Persons, to maintain certain books and records, thus enhancing the Commission's ability to gather information.

    The Commission estimates that there are approximately one hundred proprietary trading firms engaged in Algorithmic Trading in Commission-regulated markets. Some of these firms may already be registered with the Commission in some capacity. In the event that one of these firms engaged in Algorithmic Trading is already registered with the Commission, the firm would be considered an AT Person under clause (1) of the proposed definition of AT Person, and would not be required to also register as a floor trader. The proposed requirement under revised § 1.3(x) is intended to require firms not otherwise registered to become registered with the Commission. Given that a technological malfunction in a single trading firm's systems can significantly impact other markets and market participants, the proposed registration requirement is critical to ensuring that all such firms are subject to appropriate risk control, testing, and other requirements of Regulation AT.

    4. Request for Comments

    23. Should firms operating Algorithmic Trading systems in CFTC-regulated markets, but not otherwise registered with the Commission, be required to register with the CFTC? If not, what alternatives are available to fully effectuate the purpose and design of Regulation AT?

    24. Should all firms deploying Algorithmic Trading systems be required to register with the Commission? Are there additional characteristics of AT Persons that should be taken into consideration for registration purposes? For example, should the Commission limit registration to trading firms meeting certain trading volume, order or message levels? In other words, should there be a minimum volume, order or message test in order to meet the definition of “floor trader,” or otherwise to meet the definition of AT Person? If so, what should be measured and what specific thresholds should be used?

    25. In the alternative, should the Commission broaden the registration requirements in proposed § 1.3(x)(3)(ii) so that all persons trading on a contract market through DEA are required to register, instead of only those who are engaged in Algorithmic Trading?

    26. Please supply any information or data that would help the Commission in deciding whether firms may or may not meet the definition of “floor trader” in Section 1a(23) of the Act.

    27. Do you believe that the registration of such firms as “floor traders” would help effectuate the purposes of the CEA to deter and detect price manipulation or any other disruptions to market integrity? If you believe that registration of such firms will not help effectuate the purposes of the CEA, or that the same purposes can be achieved by other means, please explain.

    F. RFA Standards for Automated Trading and Algorithmic Trading Systems—§ 170.19

    To fully effectuate the design and intent of Regulation AT, the Commission is proposing a new § 170.19 requiring RFAs to adopt certain membership rules—as deemed appropriate by the RFA—relevant to algorithmic trading for each category of member in the RFA. RFAs would have discretion as to the rules they issue and the categories of members to which their rules apply. Further, to ensure that all AT Persons are subject to rules of an RFA regarding algorithmic trading, the Commission is also proposing a new § 170.18 requiring AT Persons to become members of at least one RFA. Proposed § 170.18 is discussed in detail in section G below. Taken together, §§ 170.18 and 170.19 would allow RFAs to supplement elements of Regulation AT as markets and trading technologies evolve over time, and allow frontline regulators to drive future incremental enhancements to the Commission's basic regulatory structure for algorithmic trading by AT Persons.

    1. Policy Discussion

    In developing Regulation AT, the Commission sought to balance meaningful regulatory baselines against the need for standards sufficiently flexible to keep pace with changing industry practices and technologies. The Commission's determination to balance both interests is particularly reflected in its treatment of AT Persons and in proposed §§ 1.80, 1.81, and 1.82, which address: (1) Pre-trade risk controls and other measures for ATSs; (2) standards for the development, testing, monitoring, and compliance of ATSs; (3) designation and training of algorithmic trading staff; and (4) clearing FCM risk management. A number of the proposed sections and subsections in these rules include well-established risk control and other practices among market participants. The proposed pre-trade risk controls in § 1.80(a), for example, are generally limited to risk controls identified as best practices by FIA in 2015, and the text of the rules is intentionally flexible so that AT Persons may determine for themselves how required pre-trade risk controls and other measures should be designed and calibrated. Other proposed rules addressing AT Persons offer flexibility in that they require AT Persons to implement specific programs, but provide latitude regarding how such programs are to be designed. Thus, proposed § 1.81(a)(1)(vi) requires AT Persons to maintain a source code repository to manage source code access, persistence, copies of production code, and changes to production code, but does not impose a prescriptive standard for how the source code repository must be structured or maintained. Similarly, proposed §§ 1.81(a)(1)(iii) and (a)(1)(iv) require regular back testing of Algorithmic Trading and stress testing of ATSs, but impose no specific testing protocols and do not specify a minimum testing frequency. The Commission also notes the existence of numerous other pre and post-trade risk controls and measures available to AT Persons but not incorporated as requirements in Regulation AT. Some, such as drop-copy reporting, were raised in the Concept Release, and others were addressed in responsive public comments.

    The Commission has determined to focus in Regulation AT on areas where the safety and soundness of derivatives markets would benefit from a core set of pre-trade risk controls and other measures applicable to all AT Persons. As noted above, the Commission believes that effective rules for AT Persons are best structured as clear regulatory requirements combined with embedded flexibility to adapt to changing markets and technologies. Accordingly, the Commission's proposed rules in §§ 1.80, 1.81, and 1.82 address only a subset of potentially responsive risk controls and other measures. Each AT Person shall also determine what additional safeguards would be reasonably designed to prevent an Algorithmic Trading Event given its trading strategies, technologies, or the markets in which it participates. The proposed rules also provide a degree of flexibility regarding the design, implementation, or calibration of those pre-trade risk control or other measures that are specifically required in §§ 1.80, 1.81, and 1.82, again allowing each AT Person to adapt the rules to its own trading and technology.

    Given the structure of proposed §§ 1.80, 1.81, and 1.82 as regulatory baselines with a degree of embedded flexibility, the Commission has determined to provide RFAs with a discretionary role in augmenting the requirements of Regulation AT for AT Persons. [225] RFAs serve a vital regulatory function as frontline regulators of their members, which would include all AT Persons pursuant to proposed § 170.18. RFAs promulgate binding membership rules and can supplement Commission rules as appropriate. RFAs can also operate examination programs to monitor members' compliance with association rules, and can sanction members for non-compliance. The Commission believes that RFAs are well-positioned to address rules in areas experiencing rapid evolution in market practices and technologies, including particularly §§ 1.80, 1.81, and 1.82. Proposed § 170.19 is described below.

    2. Description of Regulation

    Proposed § 170.19 would require RFAs to (1) establish and maintain a program (2) for the prevention of fraudulent and manipulative acts and practices, the protection of the public interest, and perfecting the mechanisms of trading on DCMs (3) by adopting rules for each category of member, as deemed appropriate by the RFA, requiring: (i) Pre-trade risk controls and other measures for ATSs (§ 170.19(a)(1)); (ii) standards for the development, testing, monitoring, and compliance of ATSs (§ 170.19(a)(2)); (iii) designation and training of algorithmic trading staff (§ 170.19(a)(3)); and (iv) operational risk management standards for clearing member FCMs with respect to customer orders originating with ATSs (§ 170.19(a)(4)). With respect to rules (prong 3 above), the areas RFAs must address pursuant to proposed § 170.19 are similar to those that AT Persons and clearing FCMs must address in proposed §§ 1.80, 1.81, and 1.82. RFAs, however, would be required in § 170.19 to consider whether additional rules or granularity are appropriate as baseline SRO requirements and binding membership rules for one or more categories of RFA members. [226] The Commission notes that § 170.19 would require that RFAs consider the need for additional rules, and issue such rules where appropriate. However, § 170.19 would not require RFAs to issue any rules pursuant to § 170.19 where the RFA believes they are unnecessary. Rather, the proposed regulation leaves discretion to the RFAs to determine what rules would prevent fraudulent and manipulative acts and practices, protect the public interest, and perfect the mechanisms of trading on DCMs.

    When evaluating potential membership rules regarding algorithmic trading, proposed § 170.19 would also require RFAs to consider how such rules could help prevent fraudulent and manipulative acts, protect the public interest, and perfect the mechanisms of trading on DCMs (prong 2 above). The Commission believes that these are important elements in the requirements proposed to be codified in § 170.19. RFAs should be cognizant, for example, of the overarching requirement in proposed § 1.80 that AT Persons take steps reasonably designed to prevent an Algorithmic Trading Event, defined in proposed § 1.3(vvvv) to include both Algorithmic Trading Compliance Issues and Algorithmic Trading Disruptions. Algorithmic Trading Compliance Issues include events at an AT Person that cause its algorithmic trading to operate in a manner that does not comply with the CEA, Commission regulations, or the rules of a DCM. Algorithmic Trading Disruptions include events originating with an AT Person that disrupt or materially degrade the operation of a DCM or the ability of other market participants to trade on the DCM. In short, an AT Person's algorithmic trading should neither disrupt the market nor violate law. RFAs should consider these factors when determining whether and what further rules they may promulgate over time pursuant to § 170.19.

    Proposed § 170.19 would require an RFA to “establish and maintain a program” (prong 1 above) for the prevention of fraud and manipulation, protection of the public interest, and perfecting the mechanisms of trading on DCMs. The Commission anticipates that an RFA would include in its routine examinations of members pursuant to such program a verification that such members are complying with any rules that the RFA may determine to issue pursuant to proposed § 170.19. The Commission intends for proposed § 170.19 to provide RFAs with a wide measure of latitude in both the rules they may elect to adopt and in the members to whom they apply such rules. It is the Commission's further intent that RFAs consider the need for rules pursuant to proposed § 170.19, and that they adopt such rules where the RFA considers it necessary. However, the determination as to both the necessity of rules and their application to specific categories of members remains with the RFA.

    Finally, the Commission notes that while proposed § 170.19 would require RFAs to issue rules as they deem appropriate, RFAs would remain free to take other steps when potential rules regarding algorithmic trading are not yet ripe. As both membership and self- regulatory organizations, RFAs are uniquely positioned to gain insights from members through examination programs and coordination with other self-regulatory or standard-setting bodies. In addition to rulemaking when necessary, RFAs could leverage these resources to issue guidance or best practices, hold periodic discussions with relevant stakeholders, and otherwise provide leadership as risks, risk control technologies, market practices evolve over time. The Commission also affirms that proposed § 170.19 is not intended to create conflicting obligations between an RFA's role in establishing algorithmic trading standards for its members and a DCM's role as a self-regulatory organization. Accordingly, the requirements of proposed § 170.19 specifically address pre-trade risk controls for ATSs, standards for the designing, testing, monitoring, and supervision of ATSs, and the designation and training of algorithmic trading staff. The Commission believes that these areas are appropriate for potential future standards issued by an RFA in an evolving technological and market environment, and that such standards will be best implemented as uniform requirements of an RFA for its relevant members as opposed to potentially varying approaches by individual DCMs.

    3. Request for Comments

    28. The Commission requests comment on the scope of responsibilities assigned to RFAs under proposed § 170.19. Should RFAs be responsible for fewer or additional areas regarding AT Persons, ATSs, and algorithmic trading than specified in proposed § 170.19, prongs (1), (2), (3), and (4) (§ 170.19(a)(1)-(a)(4))? Regulation 170.19 requires RFAs to consider the need for rules in the areas listed in prongs (1)-(4) (§ 170.19(a)(1)-(a)(4)). Should RFAs be responsible for considering whether to adopt rules in fewer or additional areas?

    29. The Commission requests comment on the latitude afforded to RFAs in proposed § 170.19. Should RFAs have more or less latitude to issue rules than specified in proposed § 170.19?

    30. The Commission requests comment on RFAs' obligation in proposed § 170.19 to establish and maintain a program for the prevention of fraud and manipulation, protection of the public interest, and perfecting the mechanisms of trading, including through rules it may determine to adopt pursuant to § 170.19. The proposed rules anticipate that an RFA's program will include examination and enforcement components. Is this the appropriate approach?

    31. The Commission requests comment on whether proposed § 170.19 may result in duplicative obligations on AT Persons or any other market participant. In particular, please comment on potential duplication, if any, between algorithmic trading requirements that an RFA may impose upon its members pursuant to § 170.19, and similar requirements that may be imposed by a DCM in its role as a self-regulatory organization. What amendments would be appropriate in any final rules arising from this NPRM to clarify that unintended overlap between the role of an RFA and a DCM in this context?

    G. AT Persons Must Become Members of an RFA—§ 170.18

    1. Policy Discussion

    An RFA is an association of persons registered with the Commission as such pursuant to section 17 of the CEA. [227] Subject to Commission oversight, RFAs serve a vital self-regulatory role by functioning as frontline regulators of their members, including in large measure most Commission registrants who will qualify as AT Persons pursuant to proposed § 1.3(xxxx). [228] Entities that are not members of an RFA, however, are not bound by the rules of the RFA. [229] As such, the Commission previously adopted §§ 170.15 and 170.16 to require each registered FCM, and each registered SD and MSP, respectively, to be an RFA member, subject to an exception for certain notice registered securities brokers or dealers. [230] The Commission also recently adopted § 170.17 to require that all registered IBs and CPOs, and most registered CTAs, to become RFA members. [231]

    Together §§ 170.15, 170.16, and 170.17 require many, but not all, Commission registrants who may be considered AT Persons pursuant to proposed § 1.3(xxxx) to become RFA members. In particular, floor brokers and floor traders, who have historically been overseen by the DCMs on which they operate, are not required by §§ 170.15, 170.16, or 170.17 to become members of an RFA. In order to ensure that all AT Persons will be subject to any rules promulgated by an RFA pursuant to proposed § 170.19, including floor brokers and floor traders, the Commission is proposing a new § 170.18. This provision would require that all AT Persons that are not otherwise required to be a member of a RFA pursuant to §§ 170.15, 170.16, or 170.17 be a member of an RFA.

    2. Description of Regulation

    The Commission is proposing a new § 170.18 to require all Commission registrants that are AT Persons to be members of an RFA. The membership requirements proposed by § 170.18 will ensure that all AT Persons would be subject to membership rules promulgated by an RFA, including those membership rules promulgated pursuant to proposed § 170.19 to address algorithmic trading. Specifically, proposed § 170.18 requires that each registrant that is an AT Person that is not otherwise required to be a member of an RFA pursuant to §§ 170.15, 170.16, or 170.17 must become and remain a member of at least one RFA that provides for the membership of such registrant, unless no such futures association is so registered.

    3. Request for Comments

    32. The Commission requests comment on whether the regulatory framework established by Regulation AT would require all AT Persons to be members of an RFA in order to be effective. Alternatively, could the goals of Regulation AT be realized without requiring all AT Persons to be members of an RFA?

    H. Pre-Trade and Other Risk Controls for AT Persons—§ 1.80

    The Commission proposes as a fundamental element of Regulation AT a new § 1.80 of its regulations, requiring AT Persons to implement pre-trade risk controls, order cancellation systems, and other measures reasonably designed to prevent an Algorithmic Trading Event. Such controls include, but are not limited to, maximum AT Order Message frequency and maximum execution frequency per unit time; order price parameters and maximum order size limits; order cancellation and Algorithmic Trading disconnect systems; and connectivity monitoring systems for AT Persons with DEA. In addition, proposed § 1.80 requires AT Persons to: Notify applicable clearing member FCMs and DCMs that the AT Person will engage in Algorithmic Trading; and calibrate or otherwise implement DCM-provided self-trade prevention tools. [232] It would also require AT Persons to periodically review the sufficiency and effectiveness of their compliance with § 1.80. The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments on Pre-Trade and Other Risk Controls

    The Concept Release requested comment on various pre-trade and other types of risk controls, including message and execution throttles, maximum order sizes, price collars, and order management controls, such as connectivity monitoring services, automatic cancellation of orders on disconnect and kill switches. The Concept Release contemplated that such controls would apply at the trading firm, clearing member and trading platform levels. As discussed below, the Commission has determined to require that AT Persons, FCMs, and DCMs  [233] implement such pre-trade and other risk controls. Relevant comments to the Concept Release are discussed below.

    a. Message and Execution Throttles

    The Concept Release described message throttles as establishing maximum message rates per unit in time and execution throttles as establishing limits on the maximum number of orders that an ATS can execute in a given direction per unit in time. The Concept Release also sought comment on a particular form of execution throttle, the repeated automated execution throttle, which would disable a trading system after a configurable number of repeated executions until a human re-enables the system. [234] The Concept Release stated that the throttles would be calibrated to address the potential for unintended message flow or executions from a malfunctioning ATS. [235]

    Commenters indicated that message and execution throttles are widely used in the industry. FIA PTG surveyed its members and found that almost all firms that responded used message and execution throttles. [236] Commenters noted certain benefits to messaging and execution throttles, including that they may mitigate the risk and impact of disruptive events, alert market participants to potential problems with their automated order entry systems, and help ensure a level playing field for all market participants. [237] Commenters also noted that message or execution limits have potential negative effects because they can block risk-reducing orders. [238]

    Commenters addressing this topic did not support regulations mandating throttle thresholds because appropriate limits will vary per market participant, depending on each participant's unique systems and trading strategy. [239] MFA strongly advised against required use of the repeated automated execution throttle, stating that it is best for market participants to determine which controls are most appropriate for their ATSs. [240] IATP commented on the difficulty in setting standardized throttle thresholds, and alternatively suggested standardizing a graduated levy on order cancellations. [241] Finally, Chicago Fed commented that regulators should assess the methodology that trading firms use to set throttle limits, the reasonableness of those limits, and the procedures followed when they are breached. [242]

    As to the appropriate design of throttles, CME and AIMA commented that throttles implemented by market participants should be based on the specific attributes of an entity or account, including the nature of a firm's trading strategies, the market it trades in, and the speed of its systems. [243] AIMA indicated that applying throttles on a per-algorithm basis would distort the output of the ATS because an algorithm interacts with many other algorithms within the same ATS. [244] In contrast, AFR indicated that in order to detect a malfunctioning algorithm, the threshold should be based on the algorithm's trading strategy. [245]

    b. Maximum Order Sizes

    Commenters indicated that maximum order size controls are already used in the industry. According to FIA PTG's survey, all responding trading firms use maximum order size limits. [246] AIMA indicated that many market participants use maximum order sizes limits, [247] and Gelber, a trading firm, stated that it uses this risk control. [248] KCG, Gelber and 3Red commented that market participants should use exchange-provided maximum order size controls. [249]

    With respect to implementing maximum order size limits, FIA and CME indicated that this control should be applied per product or contract. [250] KCG suggested that exchange-provided maximum order size controls should provide flexibility to the market participant in setting different levels for users within a firm, for example, based on trader ID or customer. [251] Alternatively, the market participant should rely on tighter internal controls. [252] CME and KCG opposed standardization of maximum order size protections, stating that implementation of this control depends on individual customers and the market, [253] while FIX and IATP supported uniformity with respect to these controls. [254]

    c. Price Collars

    The Concept Release requested comment on price collars, a control in which trading platforms would assign a range of acceptable order and execution prices for each product and all market participants would establish similar limits to ensure that orders outside of a particular price range are not transmitted to the trading platform. While most comments addressing this topic focused on price collars implemented by exchanges, FIA indicated that its FIA PTG survey reflected that almost all responding trading firms used either price collars or trading pauses. [255]

    d. Connectivity Indications and Cancel on Disconnect

    The Concept Release requested comment regarding “system heartbeats” that would indicate proper connectivity between a trading firm's automated trading system and the trading platform, and “auto-cancel on disconnect,” an exchange tool allowing trading firms to determine whether their orders will be left in the market upon disconnection. Two exchanges stated that they provide an optional cancel-on-disconnect functionality. [256] FIA characterized cancel-on-disconnect as a “widely adopted DCM-hosted pre-trade risk control” and indicated that it is increasingly common for FCMs to employ cancel-on-disconnect for their connections to the DCM. [257] Several commenters indicated that they support exchanges offering system heartbeats and/or cancel-on-disconnect to their market participants. [258]

    e. Order Cancellation Systems

    The Concept Release also addressed selective working order cancellation, a tool that enables an exchange to immediately cancel one, multiple, or all resting orders from a market participant as necessary in an emergency situation. Such a tool will mitigate impact to the market of a malfunctioning Algorithmic Trading system because it will limit additional erroneous orders from being submitted to a trading platform and executed. The Concept Release also considered order cancellation mechanisms that would immediately cancel all working orders and prevent submission (by the market participant), transmittal (by the clearing member), or acceptance (by the trading platform) of any new orders from a market participant or a particular trader or ATS of such market participant.

    In response to the Concept Release, numerous commenters addressed kill switches, discussing industry use; opposition to prescriptive requirements; the importance of flexibility in design; potential triggers; and content of kill switch procedures. For purposes of this discussion, the term “kill switch” means generally any order cancellation tools that cancels or prevents submission of orders. Commenters generally indicated that kill switches could be beneficial, but also stressed the complexity involved in their design and use.

    Several commenters described order cancellation mechanisms currently employed in the industry. One exchange commented that it has two kill switch tools: A kill switch used by the exchange, clearing firm, or trading firm to remove an entity from the market completely; and an order management tool that enables clearing firms and end-users to cancel orders at a more granular level. [259] Another exchange explained that it can cancel orders and quotes in an emergency and it also provides a kill switch to clearing members that cancels all orders and quotes from a market participant. [260] While commenters noted the importance of placing kill switches at the DCM level, [261] several commenters stated that kill switches should be implemented by market participants and clearing firms in addition to exchanges. [262]

    Commenters stressed the importance of flexibility in the design of kill switches  [263] and generally opposed prescriptive requirements regarding their design and implementation. [264] Reasons included challenges concerning setting the correct level of granularity (i.e., whether the control should apply to one participant and not others at the same firm); the possibility that kill switches may prevent a firm from being able to enter risk-reducing orders; prescriptive requirements will become outdated; that time is of the essence, and therefore exchanges and firms need to be free from time-consuming processes concerning the use of the kill switch; the standardization of kill switches, if poorly calibrated or too widely applied, could result in increased costs and disruption of legitimate trading operations; and a concern over adding more layers of complexity into an already complex market. [265]

    A critical concern raised by commenters was how order cancellation mechanisms should address risk-reducing activity. [266] Gelber and KCG suggested that kill switches enable a firm to mitigate risk through manual order entry, and that allowing the market participant to set trigger thresholds will help ensure that orders entered for the purpose of reducing risk are not cancelled. [267] In contrast, CME stated that a kill switch should exist solely to completely remove an entity from the market, and that other tools can be used to enter risk reducing orders. CME argued that allowing entry of risk reducing orders as an exception to the kill switch process introduces too much uncertainty and complexity. [268]

    Finally, commenters discussed procedures concerning activation of a kill switch. For example, FIA and Gelber suggested that a kill switch have both automated and manual triggers. [269] KCG suggested that if the total risk of a portfolio exceeds certain thresholds, firm systems should automatically send only risk reducing orders and supervisors should be able to stop trading entirely. [270] TCL commented that an exchange or ATS operator will not implement a system that abdicates control to an automated kill switch. TCL suggested that monitoring systems identify irregular market activity and alert staff that have access to a kill switch. [271] Similarly, Chicago Fed recommended that a human decide whether to use a kill switch based on internal and market conditions. [272]

    Additional Concept Release comments, including comments on kill switch functionality, are discussed below with respect to Regulation AT pre-trade risk and other control requirements on FCMs and DCMs.

    2. Description of Regulation

    The Commission proposes a new § 1.80 of its regulations to require that AT Persons implement pre-trade risk controls and other measures for all AT Order Messages that are reasonably designed to prevent an Algorithmic Trading Event. Relevant controls and measures required by § 1.80 include, but are not limited to: Maximum AT Order Message frequency and maximum execution frequency per unit time; order price parameters and maximum order size limits; order cancellation and ATS disconnect systems; and connectivity monitoring systems. They also include several other specific requirements, such as notification by AT Persons to applicable DCMs and clearing member FCMs that they will engage in Algorithmic Trading; calibrating or otherwise implementing DCM-provided self-trade prevention tools; and periodic consideration of the sufficiency and effectiveness of the controls that an AT Person has implemented. Consistent with comments received in response to the Concept Release, proposed § 1.80 provides market participants latitude in the design and implementation of required controls, and in fact requires only a small number of specific controls that the Commission understands are already widely implemented by likely AT Persons (e.g., proposed §§ 1.80(a), 1.80(b) and 1.80(c)). In this regard, proposed § 1.80 provides each AT Person with the flexibility to identify and implement any additional controls that such AT Person believes are appropriate for its Algorithmic Trading. The Commission is cognizant that prescriptive regulations in this area may fail to take into account the unique characteristics of market participants and trading strategies, or may become obsolete as technology evolves. The Commission has attempted to provide appropriate flexibility to accommodate such variety and evolution, while also establishing a regulatory floor that reflects its evaluation of basic requirements for all AT Persons. [273]

    3. Policy Discussion

    Proposed § 1.80 requires AT Persons to implement pre-trade risk controls and other measures reasonably designed to prevent an Algorithmic Trading Event. This requirement is central to the purposes of § 1.80. As discussed below, the Commission believes that proposed § 1.80 would reduce the potential for market disruptions arising from system malfunctions, other errors, or intentional disruptive conduct. The Commission notes that the risks of such disruptions are heightened by the increased use of high-speed algorithmic trading, which makes the implementation of pre-trade risk controls and other measures even more necessary. Without effective risk controls, erroneous orders can significantly impact many market participants in a short amount of time. The prevention of Algorithmic Trading Events pursuant to § 1.80 would help ensure the integrity of Commission-regulated markets and provide market participants with greater confidence that intentional, bona fide transactions are being executed.

    The pre-trade risk controls and other measures required by proposed § 1.80 include, but are not limited to, those described in clauses (a)-(e) of § 1.80. The Commission believes that each of these enumerated controls and other measures will promote the goals of § 1.80, as described above. Proposed § 1.80(f) also promotes the goals of § 1.80, by requiring each AT Person to periodically review its compliance with § 1.80 to determine whether it has effectively implemented sufficient measures reasonably designed to prevent an Algorithmic Trading Event. Each AT Person must take prompt action to remedy any deficiencies it identifies.

    a. Maximum AT Order Message and Execution Frequencies

    Proposed § 1.80(a)(1)(i) requires AT Persons to set pre-trade risk controls that establish maximum AT Order Message and execution frequencies per unit time. These controls are commonly referred to in industry as message and execution throttles. These controls are designed to prevent excessive messaging or trading which could disrupt, slow down, or impede normal market activity. The Commission's proposed regulation on maximum order message and execution frequencies is aimed at preventing market disruptions caused by either inadvertent or intentional submission of AT Order Messages. This proposed regulation should not prevent DCMs from maintaining any and all additional safeguards intended to prevent intentional activity such as quote stuffing, or to apply such safeguards to message or data flows that are broader than the proposed definition of AT Order Messages. As indicated above, commenters to the Concept Release indicated that message and execution throttles are already widely used in the industry. [274] Commenters indicated that the benefits of these risk controls include mitigating the risk and impact of disruptive events, alerting market participants to potential problems with their automated trading systems, helping to ensure a level playing field for all market participants, and deterring predatory and disruptive activities. [275] In light of these benefits, and the already extensive use of this risk control, the Commission includes maximum AT Order Message and execution frequencies in its proposed rule.

    The Commission notes that ESMA's 2015 Final Draft Regulatory Standards require investment firms to establish a maximum messages limit and repeated automated execution throttle. [276] The execution throttle should limit the number of times a strategy is applied only where appropriate to the specific trading venue, strategy or product. [277] ESMA requires that the controls be calibrated as appropriate for the investment firm's capital base, clearing arrangements, trading strategy, risk tolerance and experience. [278] ESMA further requires that firms take into account variables such as length of time since engaged in algorithmic trading and reliance on third-party vendors, and firms must re-calibrate in order to account for the changing impact of the orders on the relevant market due to different price and liquidity levels. [279] In addition, the calculations supporting each control should take into account all orders sent to a trading venue. [280] FIA has recently recommended that automated traders implement message throttles and repeated automated execution limits. [281]

    As to the appropriate thresholds of these controls, the Commission agrees with Concept Release comments indicating that regulations should not mandate specific thresholds because, among other things, flexibility is necessary to respond to the dynamics of the market, and appropriate limits will vary by participant. [282] For example, commenters suggested that message and execution throttles should be based on the specific attributes of the trading firm or account, including the nature of the firm's trading strategies, the market it trades in, and the speed of its systems. [283] Therefore, the proposed rules do not prescribe particular limits or thresholds, aside from the overarching requirement that the controls be reasonably designed to prevent an Algorithmic Trading Event, and § 1.80(a)(2)'s requirement that the controls be set at the level of each AT Person, or such other more granular level as the AT Person may determine, including but not limited to, by product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message. While several commenters supported greater Commission involvement in setting risk control parameters, the Commission believes that it is not in the best position to determine the appropriate message or execution rate for each trading firm, trading strategy, product, and every other potentially relevant factor that should be taken into account when establishing thresholds. As discussed below, DCMs would receive information as to the specific quantitative settings used by each AT Person as part of Commission-required compliance reports pursuant to proposed § 1.83. Pursuant to this reporting process, DCMs would be able to identify AT Persons that have message or execution throttle thresholds that appear insufficient.

    The Commission notes that several commenters cited potential negative effects of controls establishing message or execution limits (e.g., they can block risk-reducing orders and decrease liquidity). The Commission believes that the overall benefits to maximum order message and execution frequencies, as noted above, outweigh potential negative effects. In addition, allowing market participants discretion in the design and implementation of message and execution throttles, as well as in establishing appropriate thresholds, would enable market participants to address and limit the potential negative effects of this risk control.

    Finally, as noted above, proposed § 1.80(a)(2) requires the controls to be implemented at the AT Person-level. Consistent with § 1.80's overarching requirement that an AT Person shall implement pre-trade risk controls and other measures reasonably designed to prevent an Algorithmic Trading Event, each AT Person must evaluate whether the controls should be set at a more granular level—for example, by product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message. Where deemed appropriate by the AT Person, the controls should be set at such more granular levels. In addition, proposed § 1.80(a)(3) requires that natural person monitors at the AT Person be promptly alerted when the controls are breached. The purpose of this requirement is to ensure that the AT Person would take any further action that is necessary to prevent or mitigate an Algorithmic Trading Event.

    b. Order Price Parameters and Maximum Order Size Limits

    Proposed § 1.80(a)(1)(ii) requires pre-trade risk controls that limit the prices and quantities associated with individual order messages. By requiring “order price parameters,” the Commission means that AT Persons must establish price limits intended to prevent orders with prices far from the prevailing market from entering the market. At the trading firm or clearing member level, such controls may be called “price tolerance limits” that define a maximum amount that an order price may deviate from a pre-determined price, such as the last trade price, or the market open price. [284] By requiring “maximum order size limits,” the Commission means the risk control generally understood in industry as “fat-finger” limits. Commenters to the Concept Release indicated that maximum order size controls are already widely used by trading firms and that this control is effective at reducing the likelihood that an exchange would need to make use of its error trade policy. [285]

    The Commission notes that ESMA's 2015 Final Draft Regulatory Standards require investment firms to establish price collars, maximum order value limits and maximum order volume limits, appropriately calibrated for their capital base, clearing arrangements, trading strategy, risk tolerance and experience. [286] IOSCO has also indicated that many market participants already employ order price and volume limits. [287] In addition, FIA has recently recommended that automated traders employ maximum order size and price tolerance limits. [288] Finally, the Commission also notes that the SEC's Market Access Rule requires controls that prevent entry of erroneous orders, by rejecting orders that exceed appropriate price or size parameters, on an order-by-order basis or over a short period of time, or that indicate duplicative orders. [289]

    Given the usefulness of price and order size parameters in preventing the execution of erroneous trades, the Commission determined to require that AT Persons establish such controls on all orders submitted through Algorithmic Trading. The proposed regulations are intended to be sufficiently flexible so that as required controls improve or new types controls emerge, they may be incorporated into an AT Person's pre-trade risk control program and satisfy the requirements of proposed § 1.80(a). Similarly, this regulation is intended to be sufficiently flexible that exchanges, AT Persons, and clearing member FCMs may set the specific thresholds that will be most effective in preventing an Algorithmic Trading Event.

    Accordingly, the Commission proposes to require that each order pass through price parameter and maximum order size limit checks in order to protect the natural price discovery process from disruptive behavior such as unintentionally large orders. Consistent with the Commission's approach to the other pre-trade risk controls, the Commission will not impose thresholds, but will leave design of the control and specific thresholds to the discretion of market participants. Finally, the Commission notes that market participants could comply with the pre-trade and other risk controls required by Regulation AT in multiple ways: By internally developing such controls from scratch, upgrading existing systems, or purchasing a risk management solution from an outside vendor. The Commission understands that market participants may also be able to purchase some risk management solutions from DCMs. The Commission notes that implementation of exchange-provided controls, such as a maximum order size limit, would comply with Regulation AT's requirement that AT Persons use that control. However, an AT Person's use of a DCM-provided maximum order size limit would not constitute DCM compliance with proposed regulations requiring that DCMs implement maximum order sizes limits at the exchange level.

    c. Order Management Controls

    Proposed § 1.80(b) requires that AT Persons implement certain order management controls. The required controls must have the ability to: (i) Immediately disengage Algorithmic Trading; (ii) cancel selected or up to all resting orders when system or market conditions require it; and (iii) prevent submission of any new AT Order Messages (i.e., a “kill switch”). The parameters for the order cancellation systems must be reasonably designed to prevent an Algorithmic Trading Event. In addition, proposed § 1.80(c) requires that AT Persons with Direct Electronic Access (as defined in proposed § 1.3(yyyy)) must implement systems to indicate on an ongoing basis whether they have proper connectivity with the trading platform and any systems used by a DCM to provide the AT Person with market data. Proposed § 1.80(b)(2) requires that prior to an AT Person's initial use of Algorithmic Trading to submit a message or order to a DCM's trading platform, such AT Person must notify the applicable DCM whether all of its resting orders should be cancelled or suspended in the event of disconnect with the trading platform.

    The order cancellation systems requirements provided in proposed § 1.80(b) and (c) are intended to protect against erroneous trading activity caused by an algorithmic trading system malfunction. As to connectivity monitoring and cancel-on-disconnect, several commenters supported exchanges offering such functionality to trading firms. [290] Given the possibility of a technology failure that causes a market participant's orders to be left in the market upon disconnect, leaving the trader or trading firm unable to manage the orders, the Commission believes that systems indicating proper connectivity and cancel-on-disconnect are important risk management tools that should be required. The Commission notes that commenters to the Concept Release indicated cancel-on-disconnect functionality should be a flexible tool, allowing market participants to determine whether orders should be left in the market upon disconnection. [291] FIA has explained that automated traders must decide whether cancellation upon disconnect mitigates or increases risk. [292] Accordingly, the Commission does not require cancellation or suspension of orders upon disconnect. Rather, it requires AT Persons, prior to engaging in Algorithmic Trading, to notify the DCM as to what action it should take in the event of disconnect, which may depend on the facts and circumstances.

    As to “kill switch” functionality, comments to the Concept Release indicated that exchanges already provide kill switch functionality for use by market participants or clearing members, and additional commenters suggested that such functionality should be implemented by market participants and clearing firms in addition to exchanges. [293] The Commission notes the challenges identified by commenters around setting the correct level of granularity of an order cancellation tool, and of the potential need for trading firms to submit risk-reducing orders. The Commission believes that requiring that order cancellation tools allow for submission of risk-reducing orders may introduce too much uncertainty or complexity into the market, or may be technically infeasible at this time. In light of such considerations, the Commission's proposed regulations do not mandate specific elements of kill switch design, such as the parameters or procedures concerning when the control must be triggered, or require that the functionality must allow for submission of risk-reducing orders. Rather, § 1.80(b)(1) would require that AT Persons have the ability and authority to disengage Algorithmic Trading, cancel selected resting orders, and prevent submission of new AT Order Messages, but does not specify when such functionality should be triggered. The Commission allows flexibility for AT Persons to design and implement appropriate parameters and procedures that are appropriate for their trading strategy or markets.

    The Commission's approach to order cancellation systems is consistent with current recommendations in the European regulatory context. ESMA's 2015 Final Draft Regulatory Standards require that investment firms know which algorithm and which trader, trading desk or, where applicable, client is responsible for each order, and have the ability, as an emergency measure, to cancel unexecuted orders submitted to individual trading venues originated by individual traders, trading desks, or where applicable, clients. Investment firms must also have the ability, as an emergency measure, to immediately cancel all the firm's outstanding orders at all trading venues to which it is connected. [294] The Commission also notes that FIA recently recommended that automated traders build their own kill switch functionality into their trading systems where it is possible to implement it on a sufficiently granular level to identify individual trading systems. [295] FIA also recommended that where an exchange provides a kill switch, there should be a registration process and entitlement system that requires automated traders or brokers to specify which staff are authorized to use the functionality. [296] The Commission believes that FIA (in its recent Guide to the Development and Operation of Automated Trading Systems), other industry organizations, and commenters to the Concept Release provided reasonable recommendations as to the design and implementation of order cancellation systems. The Commission urges AT Persons and other market participants to consider such recommendations in the implementation of order cancellation and connectivity systems.

    d. Notification of Algorithmic Trading

    Proposed § 1.80(d) requires that, prior to an AT Person's initial use of Algorithmic Trading to submit a message or order to a DCM, such AT Person must notify its clearing member FCM, as well as the DCM on which the AT Person is trading, that it will engage in Algorithmic Trading. The Commission intends that this requirement ensure that clearing member FCMs and exchanges have sufficient advance notice to implement and calibrate pre-trade and other risk controls to manage risks arising from the AT Person's trading.

    e. Self-Trade Prevention Tools

    Proposed § 1.80(e) requires that, to the extent that implementation of a DCM's self-trade prevention tools requires calibration or other action by an AT Person, such AT Person must calibrate or take such other action as is necessary to apply such tools. This proposed regulation is designed to operate in conjunction with proposed § 40.23, which requires DCMs to either apply, or provide and require the use of, self-trade prevention tools. [297]

    f. Periodic Review for Sufficiency and Effectiveness

    Finally, proposed § 1.80(f) requires that each AT Person shall periodically review its compliance with § 1.80 to determine whether it has effectively implemented sufficient measures reasonably designed to prevent an Algorithmic Trading Event. Proposed § 1.80(f) would also require that an AT Person take prompt action to remedy any deficiencies it identifies. The Commission recognizes through proposed § 1.80(f) that trading practices, technologies for algorithmic trading, and best practices in risk controls will necessarily evolve over time. It believes that periodic review by AT Persons of their own pre-trade risk controls and other measures will help to ensure compliance with proposed § 1.80 in an engaged and proactive manner.

    g. Certain Measures Not Adopted in This NPRM

    The Commission determined not to address in this NPRM some measures that were discussed in the Concept Release and supported by Concept Release commenters. For example, various commenters favored standardization around drop copies and error trade policies. FIA commented that drop copies should be available for all trading venues and products whenever technologically practicable and that trade reports and other information provided by drop copy should be disseminated to the consumer in real-time or as near real-time as practicable. [298] As to error trade policies, FIA suggested that they be clear and deterministic enough for all participants to understand, promote a marketplace where all trades stand as executed, protect participants who are counterparties to error trades, and not be subject to discretion. [299] KCG, MFA, Citadel and SIG also made similar comments. [300] The Commission believes that standardization of drop copy reports and error trade policies, as well as other measures addressed in the Concept Release, merit further consideration within the Commission as well as in industry. However, the Commission determined to include particular risk controls in Regulation AT, and not others, based on its understanding of the critical importance of controls required in proposed § 1.80 in preventing and mitigating market disruptions, as well as their current widespread industry use.

    In addition, as noted above, the Commission has taken a principles-based approach to its requirements relating to risk controls and other measures. Proposed § 1.80 provides market participants discretion in the design and implementation of controls, and requires only a small number of specific controls that the Commission understands are already widely implemented. Proposed § 1.80 provides AT Persons with flexibility to identify and implement any additional controls appropriate for their Algorithmic Trading. The Commission is aware that prescriptive regulations in this area may not take into account the unique characteristics of each market participant, and may become obsolete. The proposed regulation reflects the Commission's intent to accommodate the diverse and evolving nature of market participants' businesses and technology, while establishing basic regulatory requirements of essential risk controls and related measures that each market participant engaged in Algorithmic Trading should have.

    4. Request for Comments

    33. Are any pre-trade and other risk controls required by § 1.80 ineffective, not already widely used by AT Persons, or likely to become obsolete?

    34. Are there additional pre-trade or other risk controls that should be specifically enumerated in proposed § 1.80?

    35. Do you believe that the pre-trade and other risk controls required in § 1.80 sufficiently address the possibility of technological advances in trading, and the development of new, more effective controls that should be implemented by AT Persons?

    36. The Commission welcomes comment on whether the regulation's requirements relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    37. The Commission notes that § 1.80(d) requires that prior to initial use of Algorithmic Trading, an AT Person must notify its clearing member FCM and the DCM that it will engage in Algorithmic Trading. The Commission welcomes comment on whether the content of that notification requirement is sufficient, or whether clearing member FCMs and DCMs should also be notified of additional information. For example, should AT Persons be required to notify their clearing member FCMs of particular changes to their Algorithmic Trading systems that would affect the risk controls applied by the clearing member FCM?

    38. Is § 1.80(f)'s requirement that each AT Person periodically review its compliance with § 1.80 appropriate? Should there be more prescriptive and granular requirements to ensure that each AT Person periodically reviews its pre-trade and other risk controls and takes appropriate steps to update or recalibrate them in order to prevent an Algorithmic Trading Event? Alternatively, is § 1.80(f) necessary? Does the Commission need to explicitly require AT Persons to conduct a periodic review of their compliance with § 1.80?

    39. AT Persons that are registered FCMs are required by existing Commission regulation 1.11 to have formal “Risk Management Programs,” including, pursuant to § 1.11(e)(3)(ii), “automated financial risk management controls reasonably designed to prevent the placing of erroneous orders” and “policies and procedures governing the use, supervision, maintenance, testing, and inspection of automated trading programs.” As described in § 1.11, an FCM's Risk Management Program must include a risk management unit independent of the business unit; quarterly risk exposure reports to senior management and the governing body of the FCM, with copies to the Commission; and other substantive requirements. The Commission requests public comment regarding whether one or more of the proposed requirements applicable to FCMs in §§ 1.80, 1.81, 1.83(a), and 1.83(c) (as described below) should be incorporated within an FCM's Risk Management Program and be subject to the requirements of such program as described in § 1.11. In this regard, any final rules arising from this NPRM could place all requirements applicable to FCMs in §§ 1.80, 1.81, 1.83(a), and 1.83(c) within the operational risk measures required in § 1.11(e)(3)(ii). Such incorporation could help improve the interaction between an FCM's operational risk efforts and its pre-trade risk controls; development, monitoring, and compliance efforts; and reporting and recordkeeping requirements, pursuant to §§ 1.80, 1.81, 1.83(a), and 1.83(c). It could also help ensure that an FCM's §§ 1.80, 1.81, 1.83(a), and 1.83(c) processes benefit from the same internal rigor and independence required by the Risk Management Program in § 1.11.

    40. The Commission proposes to adopt a multi-layered approach to regulations intended to mitigate the risks of automated trading, including pre-trade risk controls and other procedures applicable to AT Persons, clearing member FCMs and DCMs. Please comment on whether an alternative approach, for example one which does not impose requirements at each of these three levels, would more effectively mitigate the risks of automated trading and promote the other regulatory goals of Regulation AT.

    I. Standards for Development, Testing, Monitoring, and Compliance of Algorithmic Trading Systems—§ 1.81

    The Commission proposes regulations under § 1.81 requiring AT Persons to establish policies and procedures that accomplish a number of objectives with respect to the development, testing, monitoring, and compliance of Algorithmic Trading. The proposed regulations are intended to standardize a set of principles in order to reduce the operational risk of such systems. The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release requested comment on testing procedures for ATSs. The Concept Release contemplated, among other things, that market participants operating ATSs must test each ATS internally and on each trading platform on which it will operate, and trading platforms must provide test environments that simulate the production environment. In particular, the Concept Release asked for comment on when it is most beneficial for firms to test an ATS after it has been modified, and how the Commission and market participants should distinguish between major modifications and minor modifications.

    Commenters support ATS testing and discussed current and best practices, but disagreed as to whether regulatory measures are appropriate to standardize these practices. Most commenters (including FIA, CME, CFE, and MFA) oppose standardized ATS testing procedures. [301] FIA indicated that it is impractical to implement prescriptive standardized procedures for development, testing and change management given the diversity of technologies and business operations at DCMs. FIA pointed to the testing recommendations outlined in its March 2012 “Software Development and Change Management Recommendations” as best practices for trading firms, which could also apply to all participants. FIA described different types of testing and supports DCMs providing robust test environments and market participants using such environments. [302] CME cited the FIA PTG's “Recommendations for Risk Controls for Trading Firms” as an appropriate principles-based approach to management, oversight, and testing of electronic trading systems. [303] CME noted that exchange systems vary widely, and each exchange should develop and test in a manner that comports with industry best practices. [304]

    SIG indicated that DCMs should provide test environments and stated that ATS testing procedures should be standardized “where possible.”  [305] Gelber stated that standardizing development, testing and change management might be helpful, but it is more important that these procedures are clear and comprehensive at each exchange than that they are standardized. [306]

    Both FIA and CME noted the difficulty of establishing objective criteria to determine what constitutes a “major” or “minor” modification of an ATS. [307] CFE noted that DCMs are already subject to DCM Core Principle 20 and Commission regulation 38.1051(h), which require DCMs to conduct periodic, objective testing and review of their automated systems to ensure that they are reliable, secure, and have adequate scalable capacity. [308] In addition, KCG argued that a “testing process that creates too many frictions can discourage making changes that improve a system.”  [309] Similarly, TCL stated that the testing procedures suggested in the Concept Release are overly broad and could force ATS operators to take a narrow view of what constitutes a change. [310]

    In contrast, several commenters support regulatory involvement in this area. Chicago Fed noted that many industries have standards-setting bodies, but because there is no corollary for the development of ATSs within an “HFT environment,” market participants and the TAC should work together to formulate such standards and guidelines that will help mitigate the impact of operational risks. [311] IATP stated that out of all of the safeguards addressed in the Concept Release, ATS testing has the greatest potential to reduce market disruptions. IATP recommended that the Commission review and select from current best practices. [312] MFA recommended that industry engage in more robust testing, and that trading platforms should offer testing where a firm's software interacts with other types of software. [313]

    AIMA opposes standardization, and suggested alternatively that “CFTC principles” create a legal requirement for a certain standard of testing and change management. AIMA cited as an example the Department of Energy Software Engineering Methodology. [314] While MFA also opposes standardization, it stated that “rules or industry practice should encourage more robust and more routine testing at the trading platform level.”  [315]

    Finally, as to current ATS testing practices, MFA indicated that “many, if not all, exchanges provide market participants a test facility to test trading software and algorithms, as well as offer test symbols to trade.”  [316] CME and CFE described their own testing practices. CME indicated that market participants routinely test in their own testing environments using historical data to test trading strategies against a range of market conditions, and that exchanges commonly make their own historical data available for testing purposes. CME explained that it requires all systems interfacing with CME Globex to be certified on the order entry and/or market data interfaces prior to deployment. [317] CFE provides a user testing environment that simulates the production environment. [318] TCL described FIA industry-wide testing of backup systems. [319]

    FIX stated that it has a working group that is developing best practices related to testing and is working to increase the availability of test financial instruments. [320] Similarly, IIT commented that a working group named AT 9000, which is affiliated with the International Organization for Standardization, is developing a quality management system for automated trading. The goals of AT 9000 are to help automated trading industry organizations satisfy their responsibility for trading safety, to satisfy regulatory requirements, and to improve the efficiency and effectiveness of automated trading. [321]

    The Concept Release also requested comment on ATS development and change development. Among other things, the Concept Release contemplated that trading platforms and market participants operating ATSs must maintain a development environment that is adequately isolated from the production trading environment, and that market participants must have policies and procedures concerning approval and verification of changes to their trading systems. In particular, the Concept Release asked for comment on what challenges or benefits may result from the implementation of standardized development and change management procedures.

    FIA described the core components of a change management as including authorization (effective pre-deployment review of the proposed change) and auditability (procedures for communicating requirements, changes and functionality related to proprietary software and technical infrastructure). FIA indicated that prescriptive development and change management standards are impractical given the diversity of market participants, but principles such as authorization and auditability can serve as “building blocks” that market participants can use to tailor a change management process to fit their needs. [322]

    Similarly, TCL indicated that exchanges and ATSs should have formal processes for change management, which include a production installation authorization process in which no one may change the production systems after it has been submitted for authorization, followed by a formal signoff. [323] KCG recommended that policies for deploying new software include staged deployment (deploying new software in phases, with explicit rollback procedures), and validation (manual and automated evaluation of whether a change is successful). [324]

    In addition, the Concept Release requested comment on ATS monitoring and supervision. In particular, the Concept Release requested comment on the extent to which human monitors have been trained in how to respond to unexpected problems, and been given the requisite authority to intervene at these times. The Concept Release suggested that market participants operating ATSs must ensure that their ATSs are subject to continuous real-time monitoring and supervision by trained and qualified staff at all times while engaged in trading. Two commenters addressed ATS monitoring and supervision, but did not specifically express support or opposition to regulatory action. KCG recommended that a monitoring process identify “smoke signals” (unusual or abnormal behaviors), investigate the cause of the smoke signals, and, if the smoke signal is an error, the monitoring alerts should be adjusted to take that information into account. [325] MFA commented that there should be at least one designated individual who is available and authorized to suspend a firm's trading program. MFA also suggested that FCMs should have “plan-of-action” protocols that include scenarios where trading is suspended based on specific types of events. [326]

    2. Description of Regulation

    The Commission proposes regulations requiring AT Persons to establish policies and procedures that accomplish a number of objectives with respect to the design, testing, and supervision of Algorithmic Trading. The proposed regulations are intended to standardize a set of principles in order to reduce the operational risk of such systems. The proposed regulations require each AT Person to: Implement written policies and procedures for the development and testing of ATSs (§ 1.81(a)); implement written policies and procedures reasonably designed to ensure that each of its ATSs is subject to continuous real-time monitoring and supervision by knowledgeable and qualified staff while such ATS is engaged in trading (§ 1.81(b)); implement written policies and procedures reasonably designed to ensure that ATSs operate in a manner that complies with the CEA and the rules and regulations thereunder, and ensure that staff are familiar with the CEA and the rules and regulations thereunder, the rules of any DCM to which such AT Person submits orders through Algorithmic Trading, the rules of any RFA of which such AT Person is a member, the AT Person's own internal requirements, and the requirements of the AT Person's clearing member FCM, in each case as applicable (§ 1.81(c)); and implement written policies and procedures to designate and train staff responsible for Algorithmic Trading (§ 1.81(d)). The proposed rules are described in greater detail below.

    As a complement to the proposed design and testing requirements, Regulation AT proposes a new requirement that DCMs (under proposed § 40.21, discussed in section IV(O) below) provide a test environment that will enable market participants to simulate production trading and conduct exchange-based conformance testing of their Algorithmic Trading systems.

    Development and Testing of Algorithmic Trading Systems. Regulation AT proposes a new requirement (§ 1.81(a)(1)) that each AT Person must implement written policies and procedures for the development and testing of its Algorithmic Trading systems. Such policies and procedures must at a minimum include the following: (i) Maintaining a development environment that is adequately isolated from the production trading environment (the development environment may include computers, networks, and databases, and should be used by software engineers while developing, modifying, and testing source code); (ii) testing of all Algorithmic Trading code and related systems and any changes to such code and systems prior to their implementation, including testing to identify circumstances that may contribute to future Algorithmic Trading Events (such testing must be conducted both internally with the AT Person and on each designated contract market on which Algorithmic Trading will occur); (iii) regular back-testing of Algorithmic Trading using historical transaction, order, and message data to identify circumstances that may contribute to future Algorithmic Trading Events; (iv) regular stress tests of Algorithmic Trading systems to verify their ability to operate in the manner intended under a variety of market conditions; (v) procedures for documenting the strategy and design of proprietary Algorithmic Trading software used by an AT Person, as well as any changes to such software if such changes are implemented in a production environment; and (vi) maintaining a source code repository to manage source code access, persistence, copies of all code used in the production environment, and changes to such code (such source code repository must include an audit trail of material changes to source code that would allow AT Persons to determine, for each such material change: Who made it; when they made it; and the coding purpose of the change. The source code must also be maintained in accordance with Commission regulation § 1.31).

    Monitoring of Algorithmic Trading Systems. Regulation AT proposes a new requirement (§ 1.81(b)) that each AT Person must implement written policies and procedures reasonably designed to ensure that each of its ATSs is subject to continuous real-time monitoring by knowledgeable and qualified staff while such ATS is engaged in trading. Such policies and procedures must at a minimum include the following: (i) Continuous real-time monitoring of Algorithmic Trading to identify potential Algorithmic Trading Events; (ii) automated alerts when an ATS's AT Order Message behavior breaches design parameters, upon loss of network connectivity or data feeds, or when market conditions approach the boundaries within which an ATS is intended to operate, to the extent applicable;  [327] (iii) monitoring staff of the AT Person shall have the ability and authority to disengage an Algorithmic Trading system and to cancel resting orders when system or market conditions require it, including the ability to contact staff of the applicable designated contract market and clearing firm, as applicable, to seek information and cancel orders; and (iv) procedures that will enable AT Persons to track which monitoring staff is responsible for an Algorithmic Trading system during trading hours. The Commission believes that staff persons who are responsible for monitoring the trading of other AT Person staff should typically not be actively engaged in trading at the same time, because it would be difficult to adequately and consistently monitor trading of other AT Person staff while engaged in trading activities. [328]

    Compliance of Algorithmic Trading Systems. Regulation AT proposes a new requirement (§ 1.81(c)) that each AT Person shall implement written policies and procedures reasonably designed to ensure that each of its Algorithmic Trading systems operates in a manner that complies with the CEA and the rules and regulations thereunder. AT Persons must also implement procedures requiring staff of the AT Person to review Algorithmic Trading systems in order to detect potential Algorithmic Trading Compliance Issues. Such staff must include staff of the AT Person familiar with the CEA and the rules and regulations thereunder, the rules of any DCM to which such AT Person submits orders through Algorithmic Trading, the rules of any RFA of which such AT Person is a member, the AT Person's own internal requirements, and the requirements of the AT Person's clearing member FCM, in each case as applicable. The procedures should also include a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls, which plan should be designed to detect and prevent Algorithmic Trading Compliance Issues.

    Designation and Training of Algorithmic Trading Staff. Regulation AT proposes a new requirement (§ 1.81(d)) that each AT Person must implement written policies and procedures to designate and train its staff responsible for Algorithmic Trading. Such policies and procedures must at a minimum include the following: (i) Procedures for designating and training all staff involved in designing, testing and monitoring Algorithmic Trading, and documenting training events (training must, at a minimum, cover design and testing standards, Algorithmic Trading Event communication procedures, and requirements for notifying staff of the applicable designated contract market when Algorithmic Trading Events occur); (ii) training policies reasonably designed to ensure that natural person monitors are adequately trained for each Algorithmic Trading system or strategy (or material change to such system or strategy) for which such monitors are responsible; and (iii) escalation procedures to inform senior staff as soon as Algorithmic Trading Events are identified. The training described in clause (ii) above must include, at a minimum, the trading strategy for the Algorithmic Trading system, as well as the automated and non-automated risk controls that are applicable to the Algorithmic Trading system or strategy. Adequate training should ensure that monitors are effectively educated regarding the typical behavior of each Algorithmic Trading system or strategy (or material change to such system or strategy) that they are responsible for overseeing in production. It should also allow monitors to understand when risk controls may be triggered, and how to respond once they are. As result of the training they receive, monitors should be capable of making rapid, appropriate decisions in real time to help contain or mitigate ATS issues.

    3. Policy Discussion

    Consistent with the comments received, the Commission is taking a principles-based approach in this area, which is intended to provide discretion to AT Persons, particularly with respect to the development and testing of Algorithmic Trading systems. The Commission acknowledges that prescriptive regulations in this area may fail to take into account the unique characteristics of various market participants' trading strategies, and may become obsolete as technology and development standards evolve. For example, the Commission recognizes that software development practices continue to evolve, and therefore is not imposing very granular coding or testing requirements. The Commission believes that this principles-based approach is consistent with other regulatory initiatives and best practice guides issued in this area, as further discussed below.

    Guidelines, Best Practices and Regulatory Standards on Testing and Development

    As noted above, the ESMA guidelines recommended that investment firms should make use of clearly delineated development and testing methodologies prior to deploying an electronic trading system or a trading algorithm, and should monitor their electronic trading systems, including trading algorithms, in real-time. [329] The MiFID II Directive requires a regulated market to have in place effective systems, procedures and arrangements, including requiring members or participants to carry out appropriate testing of algorithms and providing environments to facilitate such testing. The Directive seeks to reduce the likelihood that algorithmic trading systems may create or contribute to disorderly trading conditions, and to promote effective resolution of any disorderly trading conditions that do arise from algorithmic trading systems. [330] With respect to MiFID II, ESMA's 2015 Final Draft Regulatory Standards include requirements relating to the role of compliance and monitoring staff, testing (including conformance testing, stress testing, and testing environments), annual review and validation of systems, change management procedures, and real-time market monitoring procedures. [331] These standards include, among other things, that a firm must have clear lines of accountability for the development, deployment and updates of algorithms, and effective procedures for communication of information; compliance staff must have a general understanding of how trading systems and algorithms operate, and be in continuous contact with persons with detailed technical knowledge of trading systems and algorithms; testing must ensure that systems conform with the rules and systems of the trading venue, risk controls work as intended, and systems will not contribute to disorderly trading and can continue to work effectively in stressed market conditions; firms must run an annual validation process, which includes preparation of a validation report; firms must keep records of material changes made to software, including when a change was made, who made it, who approved it, and the nature of the change; and monitoring systems must have real-time alerts that assist staff in identifying when an algorithm is not behaving as expected, and firms must have a process for remedial action when alerts occur, including a process for an orderly withdrawal from the market. [332]

    With respect to the U.S. securities markets, the SEC's Reg SCI requires SCI entities to implement a program to review and keep current systems development and testing methodology for SCI systems, and to implement standards that result in SCI systems being designed, developed, tested, maintained, operated, and surveilled in a manner that facilitates the successful collection, processing, and dissemination of market data. [333] In addition, FINRA Notice 15-09, published in March 2015, offered guidance on effective supervision and control practices for market participants that use algorithmic trading strategies in the equities market. The FINRA notice provided guidance in five general areas: General risk assessment and response; software/code development and implementation; software testing and system validation; trading systems; and compliance. [334]

    The Commission further notes that the FIA Guide provides an overview of development and testing procedures, including software development, source code management and implementation, exchange-based conformance testing, and post-deployment verification, while noting that “market participants and exchanges should have the flexibility necessary to establish procedures that are appropriate and proportional to their operations.”  [335] The IOSCO 2015 Consultation Report notes that “many regulatory authorities have introduced specific requirements and guidelines regarding the introduction of new systems and changes to existing systems,” and recommends that trading venues should consider establishing policies and procedures related to the development, modification, testing and implementation of critical systems, and establishing a governance model for the management of critical systems. [336] The IOSCO report also notes that most trading venues have procedures and tools designed to address the operational risk associated with electronic trading, including monitoring of trading in real-time (or near real-time), and monitoring of the trading venue's system performance in real-time. [337] Finally, the Senior Supervisors Group Algorithmic Trading Briefing Note, published in April 2015, recommended that market participants using algorithmic trading conduct testing during all phases of a trading product's lifestyle, namely during development, rollout to production, and ongoing maintenance. [338]

    The rules proposed under § 1.81 are intended to be consistent with these regulatory initiatives and best practices. The Commission believes that most market participants and DCMs have implemented controls regarding the design, testing, and supervision of Algorithmic Trading systems, in light of the numerous best practices and regulatory requirements promulgated in this area. The proposed regulations are intended to standardize a set of principles relating to the design, testing, and supervision of Algorithmic Trading systems in order to reduce the operational risk of such systems. In their response to the Concept Release, IATP noted that, out of all the safeguards discussing in the Release, they believed ATS testing had the greatest potential to reduce market disruptions. [339] By standardizing principles in this area, Regulation AT is intended to reduce the risk of disorderly trading, including the risk that orders will be unintentionally sent into the marketplace by a poorly designed or insufficiently supervised algorithm.

    For example, the regulations proposed under § 1.81 may reduce the risk of market disruptions such as the 2012 incident involving Knight Capital. The SEC later concluded that, among other failures, Knight Capital did not have adequate controls and procedures for code deployment and testing for its order router, did not have sufficient controls and written procedures to guide employees' responses to significant technological and compliance incidents, and did not have an adequate written description of its risk management controls. [340] As discussed above, proposed § 1.81 requires written policies and procedures relating to the following: Testing of all Algorithmic Trading code and relates systems and any changes to such code and systems prior to their implementation; regular stress tests of Algorithmic Trading systems to verify their ability to operate in the manner intended under a variety of market conditions; a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls; and procedures for documenting the strategy and design of proprietary Algorithmic Trading software used by an AT Person, among other controls. The standardization of such written policies and procedures may make disruptive events like the Knight Capital incident less likely in the future.

    4. Request for Comments

    41. The Commission understands that the requirements for developing, testing, and supervising algorithmic systems proposed in § 1.81(a)-(d) are already widely used throughout the industry. Are any specific requirements proposed in this section not widely used by persons that would be designated as AT Persons under Regulation AT, and if not, why not? If any requirements described in § 1.81(a)-(d) are not widely used, please provide an estimate of the cost that would be incurred by an AT Person to implement such requirements.

    42. Are there any aspects of § 1.81(a)-(d) that are unnecessary for purposes of reducing the risks from Algorithmic Trading, and should not be mandated by regulation? If so, please explain.

    43. Are the procedures described above for the development and testing of Algorithmic Trading sufficient to ensure that algorithmic systems are thoroughly tested before being used in production, and will operate in the manner intended in the production environment?

    44. Are there any additional procedures for the development and testing of Algorithmic Trading that should be required under Regulation AT?

    45. Are any of the required procedures for the development and testing of Algorithmic Trading likely to become obsolete in the near future as development and testing standards evolve?

    46. Are the procedures for designating and training Algorithmic Trading staff of AT Persons sufficient to ensure that such staff will be knowledgeable in the strategy and operation of Algorithmic Trading, and capable of identifying Algorithmic Trading Events and promptly escalating them to appropriate staff members?

    47. Is it typical that persons responsible for monitoring algorithmic trading do not simultaneously engage in trading activity?

    48. Proposed §§ 1.80, 1.81, and 1.83 would impose certain requirements on all AT Persons regardless of the size, sophistication, or other attributes of their business. The Commission requests public comment regarding whether these requirements should vary in some manner depending on the AT Person. If commenters believe proposed §§ 1.80, 1.81, and 1.83 should vary, please describe how and according to what criteria.

    J. Risk Management by Clearing Member FCMs—§ 1.82

    The Commission proposes a new § 1.82 to require clearing member FCMs to implement pre-trade risk and order management controls with respect to AT Order Messages originating with an AT Person. Specifically, such clearing member FCMs must make use of pre-trade risk controls reasonably designed to prevent or mitigate an Algorithmic Trading Disruption, including at a minimum, those pre-trade risk controls described in § 1.80(a)(1). The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release inquired about clearing members' use of the same pre-trade and other risk controls discussed above in section IV(H) with respect to AT Persons.

    a. Message and Execution Throttles

    FIA indicated that message and execution throttles are already widely used by clearing members. FIA PTG surveyed its members and found that all responding FCMs used message and execution throttles, either internally or at the exchange level. [341] FIA also indicated that most DCMs provide tools to allow FCMs to set pre-trade controls for their customers, which are a prerequisite for an FCM to provide direct access to a market participant without routing orders through the FCM's infrastructure. [342] FIA explained that FCMs encourage DCMs to provide pre-trade risk controls that can be set at various levels, whether at session level, customer level or account level. [343] CFE commented that it provides an execution throttle to clearing members. [344]

    FIA stated that DCM message rate limits should be supplemented at the market participant or FCM level. [345] FIA explained that where an FCM facilitates market access, it has the ability to impose the FCM's own message rate limits. These limits should be documented and discussed with market participants to ensure that they are appropriate for the participants' type of activity. [346] FIA further stated that FCMs that choose to implement message rate limits within their infrastructure should be transparent to their customers regarding the reason for the control and the maximum message rate that can be supported by the FCM. [347] In the case of direct access, FIA explained that the FCM should rely on DCM-provided message rate limits and any controls implemented by the market participants themselves. [348]

    Additional commenters indicated that FCMs should implement messaging or execution limits. [349] For example, Gelber stated that “in many cases, FCMs receive fills from the exchanges and have no control over the amount of messaging coming from a customer controlled-and-run applications. Therefore, FCMs need to have the ability to coordinate throttle rates through the account identifier at the exchange.”  [350] Gelber indicated that such limits should take into account financial risk and FCMs' understanding of their clients' business. [351] MFA stated that clearing members, as the gateways to the markets, should have financial and regulatory risk management controls to reduce risks associated with market access. [352] Similarly, CME supported allowing clearing members to provide direct market access to their customers as long as the clearing member has appropriately vetted the client and implemented appropriate risk management controls. [353] CME stated that clearing firms should decide the exact nature of the throttles to impose across their customer base, taking into consideration financial risk to the extent possible and their understanding of their clients' businesses. [354] Finally, SIG commented that clearing firms should have the ability to throttle orders at the exchange level in connection with credit limits set by the clearing firm, and that exchanges should make this same protection available to executing brokers executing for customers for whom they do not clear. [355]

    b. Maximum Order Sizes

    Commenters indicated that clearing members already use maximum order sizes. FIA explained that FIA PTG conducted a survey and all responding FCMs used this control. [356] CME commented that it allows clearing members to use its technology to set maximum order sizes for specific customers or accounts. [357] CFE stated that it allows clearing members to set maximum order size limits by product, and then set maximum order and quote size limits by the “log-in” of trading privilege holders. [358] FIX indicated that it is becoming increasingly common for futures and equities exchanges to provide tools that allow an FCM the ability to set checks for each client that accesses the exchange directly. [359] AIMA suggested that many market participants already use maximum order sizes when trading through their brokers, but may have less access to this control in the case of direct market access. [360] MFA commented that some FCMs already offer their customers this control, which can be set at the following levels: Each direct market access order, each individual algorithmic order, net sell and buy order limits, and total contract limits. [361] MFA suggested that all FCMs offer this maximum order size control at the trader-level. [362] Similarly, KCG believes that exchange-provided maximum order size controls should allow the market participant flexibility in setting different maximum order size levels for different users within a firm, such as based on trader ID or customer. [363] Chicago Fed supports a requirement that clearing firms must use this control at the account level. [364]

    c. Price Collars

    Most comments addressing this control focused on price collars implemented by exchanges. However, the FIA FCM Survey reflected that almost all responding FCMs used price collars, administered either internally or at the exchange level. [365]

    d. Order Management Controls

    As noted above, the Concept Release requested comment regarding “system heartbeats” and “auto-cancel on disconnect,” and commenters that addressed this topic indicated that exchanges provide these tools. In addition, FIA indicated that it is increasingly common for FCMs to employ cancel-on-disconnect for their connections to the DCM. [366]

    Some commenters addressed the implementation of “kill switch” functionality by FCMs. Two exchanges commented that their kill switch functionality allows clearing firms to cancel orders  [367] and several commenters stated that kill switches should be implemented by market participants and clearing firms in addition to exchanges. [368] Barclays commented that if a kill switch is located at the FCM level, then the Commission should provide “clear regulatory guidance” about when the FCM should alter or cancel orders, given that altering or cancelling orders could expose the FCM to significant financial or legal liability. [369]

    FIA explained that if a DCM cannot provide the appropriate level of granularity in the function of its kill switch, the focus of this functionality should be at the FCM level. [370] FIA recommended that a kill switch implemented by an FCM should be able to be invoked “at the finest resolution possible” and should include both manual and automated methods for triggering the kill switch. [371] FIA stressed that a kill switch should be used as a “final measure” only when other processes have not been successful, and that policies and procedures for when an FCM will invoke a kill switch should be clearly communicated to the market participant. [372]

    2. Description of Regulation

    The Commission proposes a new § 1.82 to require clearing member FCMs to implement pre-trade risk controls and order management controls with respect to AT Order Messages originating with an AT Person. Specifically, such clearing member FCMs must make use of pre-trade risk controls reasonably designed to prevent or mitigate an Algorithmic Trading Disruption, including at a minimum, those pre-trade risk controls described in § 1.80(a)(1). (Proposed § 1.80(a)(1) requires AT Persons to implement, at a minimum, maximum AT Order Message frequency per unit time and maximum execution frequency per unit time, order price parameters and maximum order size limits.) The Commission notes that proposed § 1.82 requires clearing member FCMs to address “Algorithmic Trading Disruptions,” rather than the broader “Algorithmic Trading Events” that AT Persons are required to address under proposed § 1.80. As discussed in section IV(D) above, an Algorithmic Trading Disruption is defined in proposed § 1.3(uuuu) as an event originating with an AT Person that disrupts, or materially degrades, (1) the Algorithmic Trading of such AT Person, (2) the operation of the DCM on which such AT Person is trading or (3) the ability of other market participants to trade on the DCM on which such AT Person is trading. In contrast to an Algorithmic Trading Event (defined in proposed § 1.3(vvvv)), an Algorithmic Trading Disruption does not specifically incorporate violations of the CEA or the rules thereunder. The Commission anticipates that some Algorithmic Trading Disruptions may be the result of violations of the CEA or Commission regulations, and some Algorithmic Trading Disruptions may not. Proposed § 1.82 requires clearing member FCMs to make use of pre-trade risk controls reasonably designed to prevent or mitigate an Algorithmic Trading Disruption, regardless of whether such disruptions were the result of a violation of the CEA or Commission regulations. It otherwise does not require clearing member FCMs to ensure that their customers' order flow does not violate the CEA or Commission regulations. However, nothing in proposed § 1.82 relieves FCMs of their obligations under all other applicable Commission regulations.

    Proposed § 1.82 also requires that pre-trade risk controls must be set at the level of each AT Person, or such other more granular level as the clearing FCM may determine, including but not limited to: By product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message. In addition, § 1.82 would require the clearing member FCM to have policies and procedures reasonably designed to ensure that natural person monitors at the FCM are promptly alerted when pre-trade risk control parameters established pursuant to this section are breached, and make use of the order cancellation systems described in § 1.80(b)(1). (The order cancellation systems are the same controls that proposed § 1.80(b)(1) requires AT Persons to implement, i.e., systems that have the ability to immediately disengage Algorithmic Trading, cancel selected or up to all resting orders when system or market conditions require it, and prevent the submission of new orders.)

    Pursuant to proposed § 1.82(b) and (c), the location of the pre-trade and other risk controls calibrated by the clearing member FCM varies, according to whether an AT Person's orders are placed through DEA or intermediated by its clearing FCM.

    DEA Orders—Controls Reside at DCM. Proposed § 1.82(b) addresses AT Order Messages originating with an AT Person and submitted through DEA. In the case of DEA, pre-trade and other risk controls would be established by and located at the DCM, and be controlled or calibrated by the clearing FCM. This approach recognizes that clearing FCMs do not have the ability to apply market risk controls to customers' DEA orders before they reach a DCM. With respect to financial risk, existing § 38.607 requires DCMs to establish controls facilitating FCMs' management of financial risk, and existing § 1.73 provides requirements with respect to clearing FCMs' implementation of such controls. [373] Consistent with that structure, proposed amendments to § 38.255 establish a similar structure in which DCMs must establish pre-trade and other risk controls addressing the risks of Algorithmic Trading for use by FCMs. Proposed § 1.82(b), accordingly, requires FCMs to implement such controls residing at the DCM.

    Non-DEA Orders—FCM Implements and Calibrates Controls. Proposed § 1.82(c) addresses the scenario in which AT Order Messages originating with an AT Person are not submitted to a trading platform through DEA, but instead are routed through a clearing member FCM. In the case of such intermediated orders, the controls would not reside at the DCM. Instead, the clearing member FCM itself would have the obligation to implement and calibrate pre-trade risk and other controls with respect to such orders.

    The Commission notes that while the controls implemented by the FCM are the same types of controls that would be implemented by AT Persons pursuant to § 1.80 (and by DCMs pursuant to § 40.20, discussed below), each entity would be responsible for ensuring the appropriate calibration of the control. Accordingly, an FCM's setting of a maximum order size limit, for example, may be different from the setting used by an AT Person, depending on each entity's assessment of the potential for an Algorithmic Trading Event or an Algorithmic Trading Disruption, as applicable. The Commission will not mandate exactly when intervention by an FCM to modify or cancel orders is necessary; rather, the Commission believes that each FCM is best positioned to determine appropriate parameters that will prevent or mitigate an Algorithmic Trading Disruption. Furthermore, the Commission will not specify a mandate which, if complied with by an FCM, would absolve the FCM of liability (as requested by Barclays). [374]

    3. Policy Discussion

    The Commission agrees with comments to the Concept Release that suggested that all types of market access create risks; therefore, the same principles should apply to all types of market access. When an order does not pass through a clearing member FCM's infrastructure before entering the market, it is critical that DCMs provide clearing member FCMs with the ability to subject such orders to controls that prevent or mitigate the impact of unintended or disruptive trading. In addition, where orders pass through a clearing member FCM's infrastructure before entering the market, that clearing member FCMs should subject such orders to similar controls. The Commission believes that an order should pass through the same pre-trade risk controls regardless of trading strategy or means of market access, and that all market participants have a responsibility to implement risk controls appropriate to their role in the lifecycle of an order.

    As discussed above, commenters indicated that the required controls (i.e., message and execution throttles and price and size parameters) are already widely used by clearing members, either internally or as provided by the DCM. The Commission also notes that IOSCO and ESMA have stressed the importance of adequate risk controls where a user is granted access to the market via an intermediary's systems or directly, without using the intermediary's systems. IOSCO has recommended that intermediaries (including clearing firms) have adequate operational and technical capabilities to manage appropriately the risks posed by such access. [375] ESMA's 2015 Final Draft Regulatory Standards require that the intermediary providing access apply pre-trade risk controls on the order flow of their clients. [376] ESMA's regulatory standards provide that the direct electronic access provider may use its own proprietary controls, controls purchased from a third-party, or controls offered by a trading venue, but in each of those circumstances the provider remains responsible for the effectiveness of those controls and is solely entitled to set or modify any parameters and limits. [377]

    4. Discussion of Persons Subject to Proposed §§ 1.80 and 1.82

    The following discussion is intended to provide detailed examples of which persons will be subject to proposed §§ 1.80 (applicable to all AT Persons when acting as such) and 1.82 (applicable only to clearing FCMs). Proposed § 1.80 would apply to AT Persons—i.e., any FCM, floor broker, SD, MSP, CPO, CTA, IB or floor trader as defined in proposed § 1.3(x)(3) when engaged in Algorithmic Trading on or subject to the rules of a DCM. In contrast, proposed § 1.82 would apply to clearing FCMs when acting as clearing members for their customers with respect to an AT Order Message.

    An entity could be subject to both § 1.80 and § 1.82 in certain circumstances. For example, in the event that a clearing FCM engages in both Algorithmic Trading for its own account and acts a clearing member with respect to its customers' AT Order Messages, such clearing FCM would be subject to both proposed § 1.80 (as an AT Person with respect to its own Algorithmic Trading) and to proposed § 1.82 (as a clearing member). The Commission is providing further clarity regarding who would be AT Persons for purposes of § 1.80 and other regulations, including some detailed order flow scenarios that demonstrate the application of §§ 1.80 and 1.82, below.

    Question One: In the scenario in which a non-clearing FCM trading for a proprietary account submits orders to a separate clearing FCM, could the clearing FCM ever engage in Algorithmic Trading and be an AT Person?

    If an FCM trading for a proprietary account submits an order to a separate clearing FCM, the separate clearing FCM could be an AT Person if it uses computer algorithms or systems to determine any of the elements of the definition of Algorithmic Trading (e.g., determinations regarding order routing). If the clearing FCM is not making any of these determinations, the clearing FCM is not an AT Person.

    If an FCM trading for a proprietary account submits an order to a separate non-clearing FCM who then submits it to an additional separate clearing FCM, the clearing FCM is not engaged in Algorithmic Trading, provided that it is not determining any of the elements of the definition of Algorithmic Trading.

    Question Two: Is it correct to say that all FCMs using Algorithmic Trading to engage in proprietary trading are AT Persons?

    Yes. A non-clearing or clearing FCM that uses Algorithmic Trading to engage in proprietary trading is an AT Person.

    Question Three: Is it correct to say that an FCM accepting orders from its customer may be an AT Person, if its computer algorithms or systems determine any of the elements of the definition of Algorithmic Trading?

    Yes. A non-clearing or clearing FCM that accepts customer orders, and that uses computer algorithms or systems to determine any of the elements of the definition of Algorithmic Trading (e.g., determinations regarding order routing), would be an AT Person with respect to the customer's orders.

    Below are some detailed order flow scenarios that demonstrate the application of §§ 1.80 (which applies to AT Persons) and 1.82.

    Example 1: Back to Top

    Order flow prior to execution by DCM: (i) Customer to (ii) non-clearing FCM to (iii) separate clearing FCM. Customer is not registered with the Commission; uses algorithms but not DEA. Neither the non-clearing FCM nor the clearing FCM make any of the determinations regarding the order described in the definition of Algorithmic Trading.

    Who is an AT Person?

    (i) The customer is not an AT Person, because it is not registered and does not use DEA.

    (ii) The non-clearing FCM is not an AT Person, because it doesn't make any determinations regarding the order and therefore doesn't engage in Algorithmic Trading.

    (iii) The clearing FCM is not an AT Person, for the same reason as (ii). The clearing member FCM is also not subject to 1.82, because the customer in (i) originating orders isn't an AT Person.

    Example 2: Back to Top

    Order flow prior to execution by DCM: (i) Customer to (ii) non-clearing FCM to (iii) separate clearing FCM. Customer is not registered with the Commission; uses algorithms but not DEA. Non-clearing FCM's computer algorithms or systems make some of the determinations regarding the order described in the definition of Algorithmic Trading.

    Who is an AT Person?

    (i) The customer is not an AT Person, because it is not registered and does not use DEA.

    (ii) The non-clearing FCM is an AT Person, because it engages in Algorithmic Trading regarding the customer's order.

    (iii) The clearing FCM is not an AT Person, assuming it doesn't make any determinations regarding order and therefore doesn't engage in Algorithmic Trading. The clearing FCM is also not subject to 1.82, because the customer originating orders isn't an AT Person (even though the non-clearing FCM in the order flow is an AT Person).

    Example 3: Back to Top

    Order flow prior to execution by DCM: (i) Customer to (ii) a clearing FCM. Customer is not registered with the Commission; uses algorithms but not DEA. Clearing FCM just clears trades, and does not make any of the determinations regarding the order described in the definition of Algorithmic Trading.

    Who is an AT Person?

    (i) The customer is not an AT Person, because it is not registered and does not use DEA.

    (ii) The clearing FCM is not an AT Person, because it doesn't make any determinations regarding the order and therefore doesn't engage in Algorithmic Trading. The clearing FCM is also not subject to 1.82, because the customer originating orders isn't an AT Person.

    Example 4: Back to Top

    Order flow prior to execution by DCM: (i) FCM trading for its proprietary account to (ii) a separate clearing FCM. The FCM trading for a proprietary account uses Algorithmic Trading; clearing member FCM does not make any of the determinations described in the definition of Algorithmic Trading.

    Who is an AT Person?

    (i) The FCM trading for the proprietary account is an AT Person, because it engages in Algorithmic Trading.

    (ii) The clearing FCM is not an AT Person, because it doesn't make any determinations regarding the order and therefore doesn't engage in Algorithmic Trading. But the clearing FCM is subject to § 1.82, because the FCM originating the orders is an AT Person.

    5. Request for Comments

    49. Are any pre-trade or other risk controls required by § 1.82 ineffective, not already widely used by clearing member FCMs, or likely to become obsolete?

    50. Are there any aspects of proposed § 1.82 that pose an undue burden for clearing member FCMs and are unnecessary for purposes of reducing the risks associated with Algorithmic Trading? If so, please explain (1) the burden; (2) why it is not necessary to reduce the risks associated with Algorithmic Trading, particularly in the case of DEA. What alternatives are available consistent with the purposes of Regulation AT?

    51. Please describe the technological development that would be required by clearing member FCMs to comply with the requirement to implement and calibrate the pre-trade and other risk controls required by § 1.82(c) for non-DEA orders. To what extent have clearing member FCMs already developed the technology required by this provision, for example in connection with existing requirements under § 1.11, and §§ 1.73 and 38.607 for clearing FCMs to manage financial risks?

    52. Are there additional pre-trade or other risk controls that should be specifically required pursuant to proposed § 1.82?

    53. Do you believe that the pre-trade and other risk controls required in § 1.82 sufficiently address the possibility of technological advances in trading and development of new, more effective controls that should be implemented by FCMs?

    54. The Commission welcomes comment on whether the requirements of § 1.82 relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    55. Proposed § 1.82 does not require FCMs to have connectivity monitoring such as “system heartbeats” or automatic cancel-on-disconnect functions. Do you believe that § 1.82 should require FCMs to have such functionality?

    56. Proposed § 1.82 requires clearing FCMs to implement controls with respect to AT Order Messages originating with an AT Person. The Commission is considering modifying proposed § 1.82 to require clearing FCMs to implement controls with respect to all orders, including orders that are manually submitted or are entered through algorithmic methods that nonetheless do not meet the definition of Algorithmic Trading. Such a requirement would correspond to the requirement under proposed § 40.20(d) that DCMs implement risk controls for orders that do not originate from Algorithmic Trading. If the Commission were to incorporate such amendments in any final rules arising from this NPRM, its intent would be to further reduce risk by ensuring that all orders, regardless of source, are screened for risk at both the clearing member FCM and the DCM level. Risk controls at the point of order origination would continue to be limited to AT Persons. The Commission requests comment on this proposed amendment to § 1.82, which the Commission may implement in the final rulemaking for Regulation AT. The Commission requests comment on the costs and benefits to clearing FCMs of this proposal, in addition to any other comments regarding the effectiveness of this proposal in terms of risk reduction.

    K. Compliance Reports Submitted by AT Persons and Clearing FCMs to DCMs; Related Recordkeeping Requirements—§ 1.83

    The Commission is proposing new § 1.83(a) and (b) of its regulations to require that AT Persons and clearing member FCMs provide the DCMs on which they operate with information regarding their compliance with §§ 1.80(a) and 1.82(a)(1). Specifically, the proposed rules would require AT Persons prepare, certify, and submit annual reports regarding their controls for: (1) Maximum AT Order Message frequency; (2) maximum execution frequency; (3) order price parameters; and (4) maximum order sizes. The proposed rules would require each FCM that is a clearing member for an AT Person to prepare, certify, and submit annual reports regarding its program for establishing and maintaining those same controls for its AT Persons (in the aggregate). As described in section IV(H) and (J) above, the use of such pre-trade risk controls would be mandatory for both AT Persons and clearing member FCMs pursuant to §§ 1.80(a)(1) and 1.82(a)(1), respectively.

    The reports proposed by § 1.83, together with the DCM review program proposed by § 40.22, will enable DCMs to have a clearer understanding of the pre-trade risk controls of all AT Persons that are engaged in Algorithmic Trading on such DCM. Furthermore, because AT Persons and clearing member FCMs will have great flexibility in how they implement their pre-trade risk controls pursuant to proposed §§ 1.80(a)(1) and 1.82(a)(1), the annual reporting obligations in proposed § 1.83 and DCM review provisions in § 40.22 will help ensure that such controls are being implemented and are reasonably designed and calibrated.

    As a complement to the compliance report program described above, proposed § 1.83(c) and (d) would require AT Persons and clearing member FCMs for AT Persons to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs).

    The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release requested comment on whether it would be appropriate to require periodic self-certifications by all market participants operating ATSs and by clearing firms that provide clearing services to those market participants. [378] In the Concept Release, the Commission set forth potential areas that a self-certification for market participants might cover. The Commission stated that a certification might attest that: “(1) The ATS contains structural safeguards to provide reasonable assurance that the trading system will not be disruptive to fair and equitable trading; (2) the market participant's ATSs have been designed to avoid violations of the CEA, Commission regulations, or exchange rules related to fraud, disruptive trading practices, manipulation and trade practice violations; and (3) such systems have been sufficiently tested and documented in a manner that is appropriate to the intended design and use of that system.”  [379] The Concept Release also requested comment on a number of different aspects of a self-certification program. These included: (1) Whether the chief executive officer or chief compliance officer, or similar ranking official of each market participant should attest to the certification; (2) how often should a market participant make the self-certification; (3) which entities should receive the certification; and (4) should DCMs, SEFs, or clearing member FCMs be required to audit the certifications of market participants. [380]

    Commenters were mixed in their support of a certification requirement for market participants operating ATSs and for clearing firms that provide clearing services to those market participants. Some commenters, such as AFR, supported certifications. [381] Others, such as AIMA, FIA, and CME, oppose a certification requirement set by the Commission. [382] AIMA argued that a certification requirement “could merely create extra administrative costs for firms and the CFTC.”  [383] FIA and CME stated that it should be left to individual DCMs to define certification policies for their market participants. [384] FIA commented that instead of formal certification, market access should depend on attestation that the highest quality standards are maintained and appropriate risk controls and escalation procedures are in place. [385] CME argued that “[g]iven the breadth of risk profiles across the spectrum of clients, it would be unduly burdensome and cost-prohibitive for the exchanges or the Commission to mandate specific risk management parameters and the continuous auditing or formal certification thereof.”  [386]

    With respect to what information might be included in the certifications, Gelber argued that “[a] market participant should certify that each of its ATS employs pre-trade risk controls, post-trade reports and system safeguards.”  [387] FIA and CME also commented that if the Commission were to impose a certification requirement, the standards for such requirement should be principles-based. [388]

    Most commenters support requiring senior management to make the certification. FIA argued that if a certification requirement is imposed, this certification should be the responsibility of senior management at the market participant, DCM or FCM. [389] Gelber commented that the certification should be from a chief technology officer or equivalent, and attested to by another c-level executive officer. [390] AFR commented that certifications “should be made by the CEO, as well as both the CCO and CRO to make certain that responsibility for the underlying systems and algorithms is taken by those officers having direct responsibility.”  [391] CME commented that any attestation should lie with the supervisors with business line responsibility for, and knowledge of, the systems at issue. CME also stated that the certifications “should be tendered to each level of the supply chain with supervisory authority.”  [392]

    With respect to the frequency of the certifications, Gelber commented that market participants should certify twice per year and whenever there has been a material change to a program that they employ. [393] TCL stated that ATSs should be required to make the certification annually, or whenever a major functional change to their business environment is implemented. [394] With respect to the auditing of the certifications, FIA argued that audit responsibilities should only be determined after standards are in place. [395] Alternatively, Gelber argued that exchanges should require firms to maintain certifications and produce them upon request. Gelber stated that it should be at the exchanges' discretion as to whether they audit such certifications. [396]

    2. Description of Regulation

    Compliance Report Program. Proposed § 1.83(a) and (b) would require that AT Persons and clearing member FCMs, respectively, provide the DCMs on which they operate with information regarding their compliance with §§ 1.80(a) and 1.82(a)(1). Specifically, the proposed rules would to require AT Persons to prepare, certify, and submit annual reports regarding their controls for: (1) Maximum AT Order Message frequency; (2) maximum execution frequency; (3) order price parameters; and (4) maximum order sizes. The proposed rules would require each FCM that is a clearing member for one or more AT Persons to prepare, certify, and submit annual reports regarding its program for establishing and maintaining those same controls for its AT Persons in the aggregate. As described in section IV(H) and (J) above, the use of such pre-trade risk controls would be mandatory for AT Persons pursuant to § 1.80(a)(1), and mandatory for clearing member FCMs pursuant to § 1.82(a)(1).

    The Commission is also proposing a new § 40.22 (discussed in more detail below) to require that each DCM that receives a report described in § 1.83 establish a program for effective review and evaluation of the reports. The reports proposed by § 1.83 and the review program proposed by § 40.22 would enable DCMs to have a clearer understanding of the pre-trade risk controls and compliance procedures of all AT Persons that are engaged in Algorithmic Trading on such DCM. The proposed reports and review program will also give DCMs a better understanding of the program for establishing and maintaining the pre-trade risk controls used by any FCM of an AT Person that is engaged in Algorithmic Trading on such DCM.

    The Commission notes that the SEC's Market Access Rule, as discussed in greater detail above, has a similar certification requirement for certain broker-dealers. [397] The Market Access Rule requires that certain broker-dealers maintain a system for regularly reviewing the effectiveness of the risk management controls and supervisory procedures required by the Market Access Rule. It also requires that the Chief Executive Officer (or equivalent officer) of a broker-dealer subject to the Market Access Rule certify, on an annual basis, that the risk management controls and supervisory procedures established by the broker-dealer comply with the Market Access Rule, and that the broker-dealer conducted the required review of the risk management controls and supervisory procedures. The certification required by the Market Access Rule must be preserved by the broker-dealer as part of its books and records.

    The Commission also notes that ESMA's 2015 Final Draft Regulatory Standards require an annual self-assessment and validation process in which investment firms must review their algorithmic trading systems and trading algorithms, and overall compliance with Article 17 of Directive 2014/65/EU (MiFID II's requirements on firms that engage in Algorithmic Trading). [398] ESMA sets out elements that investment firms should consider in its self-assessment, which include elements relating to the nature of its business (e.g., level of automation, types of strategies it employs, latency sensitivity), the scale of its business (e.g., number of algorithms, number of trading desks, messaging volume capabilities), and the complexity of its business (e.g., diversity of trading systems and connectivity methods, and the speed of trading). The validation report must be approved by the firm's senior management and the firm must remedy any deficiencies identified.

    While not identical to the certification required of broker-dealers in the Market Access Rule or ESMA's annual self-assessment process for investment firms, the compliance report program proposed by § 1.83 and § 40.22 is similarly designed to ensure that market participants have effective risk controls in place and that these risk controls are regularly reviewed. Specifically, proposed § 1.83(a) would require each AT Person to annually prepare a report, and submit such report by June 30 to each DCM on which such AT Person engaged in Algorithmic Trading, that covers from May 1 of the previous year to April 30 of the year such report is submitted. Together with the annual report, each AT Person would be required to submit copies of the written policies and procedures developed to comply with § 1.81(a) and (c). The report must include descriptions of the AT Person's pre-trade risk controls required by proposed § 1.80(a)(1), and the parameters and specific quantitative settings used for the risk controls. The report would also be required to include a certification by the chief executive officer or chief compliance officer of the AT Person that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete.

    Proposed § 1.83(b) would require each FCM that is a clearing member for an AT Person to annually prepare a report, and submit such report by June 30 to each DCM on which such AT Person engaged in Algorithmic Trading, that covers from May 1 of the previous year to April 30 of the year such report is submitted. The report must include a description of the FCM's program for establishing and maintaining the pre-trade controls required by proposed § 1.82(a)(1) for its AT Persons (in the aggregate) at the DCM. The requirements of proposed § 1.83(b) apply to the pre-trade risk controls implemented by the FCM for AT Persons using DEA, as well as for AT Persons that do not use DEA. The report would also be required to include a certification by the chief executive officer or chief compliance officer of the FCM that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete. Related to these reporting requirements in proposed § 1.80(a) and (b), proposed § 40.22(c)  [399] would require DCMs to establish a program for effective periodic review and evaluation of AT Person and clearing member FCM reports.

    Recordkeeping Requirements. As a complement to the compliance report review program, proposed § 1.83(c) and (d) would require AT Persons and clearing member FCMs for AT Persons to keep and provide upon request to DCMs books and records regarding their compliance with proposed §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs). Related to these provisions, the Commission is also proposing a new § 40.22(d) (discussed in more detail below) to require DCMs to implement rules that require each AT Person to keep and provide to the DCM books and records regarding such AT Person's compliance with all requirements pursuant to § 1.80 and § 1.81, and require each clearing member FCM to keep and provide to the DCM books and records regarding such clearing member FCM's compliance with all requirements pursuant to § 1.82. Finally, proposed § 40.22(e) would require DCMs to review and evaluate, as necessary, books and records maintained by AT Persons and clearing member FCMs regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs).

    3. Policy Discussion

    The Commission is proposing § 1.83 because it believes that Regulation AT must include a mechanism to ensure that AT Persons and clearing member FCMs are complying with the requirement to implement certain pre-trade risk controls. Moreover, an assessment of such compliance requires an adequate level of expertise and knowledge of markets and market participants' technological systems and trading strategies. In this regard, the Commission notes that reports proposed by § 1.83 will enable DCMs to have a better understanding of the pre-trade risk controls of all AT Persons engaged in Algorithmic Trading. Furthermore, because the Commission's pre-trade risk control requirements in proposed §§ 1.80(a)(1) and 1.82(a)(1) offer substantial flexibility, the annual reporting obligations in proposed § 1.83 will help ensure that such controls are reasonably designed and calibrated. The Commission believes that a review program requiring AT Persons and clearing member FCMs to provide information concerning compliance with §§ 1.80(a) and 1.82(a)(1), and requiring DCMs to review such information, is the most effective method to ensure that all market participants are implementing measures that are reasonably designed to prevent an Algorithmic Trading Event or Algorithmic Trading Disruption.

    The recordkeeping requirements proposed under § 1.83(c) and (d) and § 40.22(d) and (e) complement the compliance report program. These provisions will enable DCMs to review the compliance of AT Persons and clearing member FCMs with their various obligations under §§ 1.80, 1.81, and 1.82, by inspecting the books and records of AT Persons and clearing member FCMs as necessary. For example, a DCM may find it necessary to conduct such a review if: It becomes aware if an AT Person's kill switch is frequently activated, or otherwise performs in an unusual manner; if a DCM becomes aware that an AT Person's algorithm frequently performs in a manner inconsistent with its design, which may raise questions about the design or monitoring of the AT Person's algorithms; if a DCM identifies frequent trade practice violations at an AT Person, which are related to an algorithm of the AT Person; or if an AT Person represents significant volume in a particular product, thereby requiring heightened scrutiny, among other reasons.

    4. Request for Comments

    57. The Commission welcomes comment on the type of information that should be included in the reports required by proposed § 1.83. Should different or additional descriptions be included in the reports, which will be evaluated by DCMs under proposed § 40.22?

    58. How often should the reports required by proposed § 1.83 be submitted to the relevant DCMs? Should the report be submitted more or less frequently than annually?

    59. When should the reports required by proposed § 1.83 be submitted to the relevant DCMs? Should the reports be submitted on a date other than June 30 of each year?

    60. Should a representative of the AT Person or clearing member FCM other than the chief executive officer or the chief compliance officer be responsible for certifying the reports required by proposed § 1.83? Should only the chief executive officer be permitted to certify the report? Alternatively, should only the chief compliance officer be permitted to certify the report?

    61. Are there any aspects of proposed § 1.83(b) that pose an undue burden for clearing member FCMs and are unnecessary for purposes of reducing the risks associated with Algorithmic Trading? If so, please explain (1) the burden; (2) why it is not necessary to reduce the risks associated with Algorithmic Trading, particularly in the case of DEA. What alternatives are available consistent with the purposes of Regulation AT, including in particular Regulation AT's intent that § 1.83 reports benefit from the third-party SRO review performed by DCMs with respect to such reports?

    62. Should the reports required by proposed § 1.83 be sent to any entity other than each DCM on which the AT Person operates, such as the Commission or an RFA? For example, should the Commission require that AT Persons that are members of a RFA send compliance reports to RFA upon NFA's request?

    63. Proposed § 1.83(c) includes recordkeeping requirements imposed on AT Persons, and proposed § 1.83(d) includes recordkeeping requirements imposed on clearing member FCMs. Should the recordkeeping requirements of § 1.83(c) be distributed throughout the sections of the Commission's regulations that contain recordkeeping requirements for various categories of Commission registrants that will be classified as AT Persons? Should § 1.83(d) be transferred to section 1.35 of the Commission's regulations, which contains recordkeeping requirements for clearing member FCMs?

    L. Risk Controls for Trading: Direct Electronic Access Provided by DCMs—§ 38.255(b) and (c)

    The Commission proposes to amend § 38.255 (Risk controls for trading) by adding new § 38.255(b) requiring DCMs to implement systems and controls reasonably designed to facilitate a clearing FCM's management of Algorithmic Trading risks arising from its DEA customers. The Commission also proposes to amend § 38.255 by adding new paragraph (c), which would require that DCMs who permit DEA also mandate the use of § 38.255(b) risk controls by all clearing member FCMs with respect to the Algorithmic Trading of their DEA customers. The Commission notes that the risk controls and requirements described in proposed § 38.255(b) and (c), while provided by and residing at the DCM, are fundamentally intended to facilitate a clearing member FCM's management of the risks posed by the clearing member FCM's DEA customers. In this regard, proposed § 38.255(b) and (c) should be read in conjunction with proposed § 1.82(b), which would require clearing member FCMs to make use of the systems provided by DCMs pursuant to § 38.255(b). The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal. [400]

    1. Concept Release Comments

    As noted above in section IV(D)(7), in the Commission's discussion of its proposed definition of Direct Electronic Access, several commenters agreed that any potential risk controls should also apply to those with direct access to the markets. [401] FIA stated, for example, that all types of market access create risks. [402] Similarly, CME stated that all entities—whether they have direct market access or not—must “share in the effort to preserve market integrity.”  [403] In addition, commenters indicated that exchanges already provide certain pre-trade risk controls for use by clearing firms. Please see the discussion at section IV(H)(1) above for a discussion of Concept Release comments with respect to clearing firms' use of exchange-provided pre-trade and other risk controls.

    2. Description of Regulation

    The Commission proposes to amend § 38.255 (Risk controls for trading) to require DCMs to have in place systems and controls designed to facilitate a clearing member FCM's management of the risks that may arise from Algorithmic Trading by its AT Person customers using DEA (as defined in proposed § 1.3(yyyy)). The DCM regulations already address financial risk using a similar structure. Existing § 38.607 provides that, in the context of direct electronic access, a DCM must have in place systems and controls designed to facilitate an FCM's management of “financial risk.” The DCM must also require FCMs to use such controls.

    The pre-trade risk controls and order cancellation systems that DCMs must provide to clearing member FCMs are the same as those that proposed § 1.80(a) requires AT Persons to implement, i.e., maximum AT Order Message frequency per unit time and maximum execution frequency per unit time, and order price parameters and maximum order size limits. The order cancellation systems that DCMs must establish for implementation by the clearing member FCM are the same controls that proposed § 1.80(b)(1) requires AT Persons to implement, i.e., systems that have the ability to immediately disengage Algorithmic Trading, cancel selected or up to all resting orders when system or market conditions require it, and prevent the submission of new orders.

    The proposed regulation text is articulated broadly enough to allow DCMs the flexibility to design controls for use by clearing member FCMs that are appropriate to their markets and market participants. Proposed § 38.255(b)(1)(ii) provides that the pre-trade risk controls established by the DCMs must enable the clearing member FCM to set the controls at the level of each AT Person, product, account number or designation, and one or more identifiers of natural persons associated with an AT Order Message. DCM rules should permit clearing member FCMs to choose the level at which they place the control, as long as clearing member FCMs use at least one of the levels. Similarly, proposed § 38.255(b)(2) provides that the DCM-provided order cancellation systems should enable the clearing member FCM to apply such systems to orders from each AT Person, product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message. A DCM that permits DEA must require FCMs to use the § 38.255(b) controls with respect to all AT Order Messages originating with an AT Person that are submitted through DEA.

    3. Policy Discussion

    The Commission believes that its proposed amendments to § 38.255, and corresponding proposed § 1.82 applicable to clearing member FCMs, is consistent with those comments to the Concept Release that suggested that pre-trade risk controls should apply to those with direct market access. [404] As FIA explained, all types of market access create risks; therefore, the same principles should apply to all types of market access. [405] In addition, the Commission's approach to controls that should exist in the context of DEA is consistent with recommendations of or steps taken by other regulatory organizations. For example, IOSCO has recommended that intermediaries (including clearing firms) should have adequate operational and technical capabilities to manage appropriately the risks posed by direct electronic access. [406] In addition, as discussed above, ESMA's 2015 Final Draft Regulatory Standards require direct electronic access providers to apply pre-trade controls on the order flow of their clients consistent with the controls that ESMA requires for investment firms. [407] ESMA's standards further provide, among other things, that trading venues must have public rules pursuant to which direct electronic access providers provide their service, and in the case of sponsored access (where a client transmits orders directly to a trading platform without such orders passing through an intermediary's infrastructure), the trading venue must require such firms to implement the same pre-trade risk controls as the trading venue's members. [408] The Commission believes that requiring DCMs to establish pre-trade risk controls and order management controls for use by clearing member FCMs with respect to their direct access customers will ensure that all orders, regardless of access method, are subjected to the same tools that mitigate the risks posed by Algorithmic Trading.

    4. Request for Comments

    64. Are there any pre-trade and other risk controls required by § 38.255(b) and (c) that will be ineffective, not already widely provided by DCMs for use by FCMs, or likely to become obsolete?

    65. Are there additional pre-trade or other risk controls that DCMs should be specifically required to provide to FCMs pursuant to proposed § 38.255(b) and (c)?

    66. Do you believe that the pre-trade and other risk controls required pursuant to § 38.255(b) sufficiently address the possibility of technological advances in trading? For example, do they appropriately address the potential for the future development of additional effective controls that should be provided by DCMs and implemented by FCMs?

    67. The Commission welcomes comment on whether § 38.255(b)'s requirements relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    68. Proposed § 38.255(b) and (c) do not require DCMs to provide to FCMs connectivity monitoring systems such as “system heartbeats” or automatic cancel-on-disconnect functions. Should § 38.255 require such functionality?

    M. Disclosure and Transparency in DCM Trade Matching Systems—§ 38.401(a)

    Regulation AT proposes to amend § 38.401(a) of the Commission's regulations to enhance public transparency regarding the design and operation of a DCM's electronic matching platform. Currently, § 38.401(a) requires DCMs to have procedures, arrangements, and resources for disclosing to the Commission, market participants, and the public accurate information on the rules and specifications of their electronic matching platforms or trade execution facilities. The proposed amendments to § 38.401(a) would clarify that such existing obligations include disclosure of any attributes of an electronic matching platform or trade execution facility that materially impact market participant orders, but which are not readily apparent to a market participant. The proposed amendments recognize that the structure, architecture, mechanics, characteristics, attributes, or other elements of an electronic matching platform or trade execution facility—elements that are under the design control of the DCM—may affect how market participant orders are received or executed. The Commission believes that each market participant should have ready access to information that explains the existence and operation of any attribute within an electronic matching platform or trade execution facility that will impact how a market participant experiences the market. The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    As noted above, the proposed amendments to § 38.401(a) focus in large measure on attributes of an electronic matching platform or trade execution facility that impact the timing and sequencing of specific events on the exchange. While the Concept Release did not directly address proposed § 38.401(a), it did ask for public comment on latencies in the transmission of various types of messages between exchanges, firms and vendors wherein differences in latency could provide opportunities for informational advantage. [409] It pointed to press reports that one exchange sent confirmations to the traders involved in an executed transaction before the DCM posted the transaction on its market data feed to the marketplace as a whole. [410] The Commission asked for comments on: (a) Whether the extent of latency in message transmission can have an adverse impact on market quality or fairness; and (b) whether exchanges, vendors and firms should be required to audit their systems and processes on a periodic basis to identify and resolve such latencies. [411]

    The Concept Release also asked for public comment on the advisability of requiring each trading platform to provide market quality indicators on a periodic basis for each product traded on its platform. [412] The Concept Release also asked for comments on what types of market quality data would be helpful to market participants and promote market efficiency through transparency and market competition.

    Several commenters supported increased transparency by the exchanges in the operation of their electronic matching platforms. AIMA, for example, would welcome new requirements for transparency by exchanges on issues of latency, noting that market participants without DMA are currently not able to calculate many measures of latency and market quality that are available to those with DMA. [413] Bell noted that the disclosure of latencies in CME's electronic matching platform removed the informational advantage held by those market participants who knew of the latency compared to those who did not. [414] However, Bell also cautioned that the threat of sanctions against an exchange for the existence of a latency arbitrage opportunity in an electronic matching platform could discourage that exchange from publicly disclosing such information. FIA noted that real-time access to additional information regarding the order book creates a more transparent marketplace, which ultimately breeds confidence among market participants. [415]

    CME and FIA noted that latency is a natural component of market structure because of the time it takes computer systems to process information as well as the communications systems involved in transmitting order message information. [416] Even if no latencies existed within an exchange's infrastructure, market participants may still face latencies in clearing and executing firms' systems. [417]

    Several commenters addressed the specific issue of whether participants in a trade should receive confirmations of that trade before, or at least not after, the trade is reflected in market data sent to all market participants (“confirmation-first latency”). [418] FIA commented that the confirmation-first latency on one exchange was not hidden, and that it could be measured and understood by anyone with the proper market access. [419] FIA stated that it is imperative that the market data broadcast to all market participants not be sent before the participants to a trade know that the trade was executed (“market data-first latency”). [420] FIA also stated that market data-first latency would cause liquidity providing participants to be unaware of their positions and therefore hamper their ability to hedge risk effectively. The commenter believed that this would cause market makers to widen the spreads they offer. OneChicago suggested that confirmation-first latency should not be considered an unfair advantage. [421] SIG suggested that confirmation-first latency would encourage liquidity by allowing an executing trader to hedge a position before quickly responding momentum traders exhausted available liquidity in the market. [422]

    2. Description of Regulation

    Current § 38.401(a) requires DCMs to have procedures, arrangements, and resources for disclosing to the Commission, market participants, and the public accurate information on, inter alia, the rules and specifications concerning the operation of the DCM's electronic matching platform or trade execution facility. Current § 38.401(b) requires DCMs to provide such information that “it believes, to the best of its knowledge, is accurate and complete, and must not omit material information.” Current § 38.401(c) requires DCMs to make publicly available on their Web sites any new product listings, rules, rule amendments, or other changes to previously-disclosed information, concurrent with filing such submissions with the Commission. The proposed amendments to § 38.401 build on these disclosure, accuracy, and timing requirements, and extend the disclosure requirements to cover certain attributes of the operation of electronic matching platforms.

    The Commission proposes to amend § 38.401(a)(1)(iii) to require DCMs to disclose to the Commission, market participants and the public accurate information pertaining to rules or specifications pertaining to the operation of the electronic matching platform or trade execution facility, including but not limited to those pertaining to the operation of its electronic matching platform that materially affect the time, priority, price, or quantity of execution, or the ability to cancel, modify, or limit display of market participant orders.

    The Commission also proposes to amend § 38.401(a)(1) by adding a new requirement (§ 38.401(a)(1)(iv)) that DCMs must disclose to all market participants any known attributes of the electronic matching platform, other than those already disclosed in rules or specifications under section (a)(1)(iii), that materially affect the time, priority, price, or quantity of execution of market participant orders, the ability to cancel, modify, or limit display of market participant orders, or the dissemination of real-time market data to market participants, including but not limited to latencies or other variability in the electronic matching platform and the transmission of message acknowledgements, order confirmations, or trade confirmations, or dissemination of market data. The Commission notes, however, that proposed § 38.401(a)(1)(iii) and (iv) are not intended to require the disclosure of trade secrets by any DCM.

    Finally, the Commission also proposes to amend § 38.401(c) by adding a new requirement (§ 38.401(c)(3)) that a DCM, in making available on its Web site information pursuant to paragraphs (a)(1)(iii) and (iv) of § 38.401(c), must place such information and submissions on its Web site within a reasonable time, but no later than 10 business days, following the identification of or changes to such attributes. Such information shall be disclosed prominently and clearly in plain English. The Commission emphasizes that the disclosure of information prominently and clearly by a DCM precludes such DCM from placing information required by this rule behind registration, log in, user name, password or other walls on the DCM's Web site.

    a. What Must Be Disclosed Under the Proposed Regulations

    The proposed § 38.401(a)(1)(iii) and (iv) would apply to all known attributes of an electronic matching platform that materially affect the time, priority, price, or quantity of execution of market participant order messages, or the ability to cancel, modify, or limit display of, market participant order messages. The Commission proposes a “materiality” threshold to such obligations so that the disclosure requirements would not capture aspects of exchange systems that do not have a discernible effect on how orders are entered or executed. [423]

    An “attribute” for purposes of proposed § 38.401(a)(1)(iv) would mean any aspect of the structure, architecture, mechanics, characteristics, or other elements of the design or operation of an electronic matching platform that materially affects how market participant orders are received and executed, and how information on such orders and executed trades are communicated to other market participants. “Attributes” would include, but are not limited to, aspects of the platform that may provide an advantage or disadvantage to a category of market participants. [424] “Attributes” would also include aspects of the platform that affect orders from all market participants regardless of access method or membership status, such as latencies within the matching engine and any data feeds. [425]

    The Commission's proposals under § 38.401(a)(1)(iii) and (iv) apply to “electronic matching platforms,” which comprise all systems under the control or operation of the DCM that interact with market participant order messages and are involved in market data dissemination. Such systems are not limited to matching engines, but would apply more broadly to the network architecture that accepts and processes order messages, and disseminates market data and messages to market participants. To the extent that they impact order entry and execution, the electronic matching platform would also include pre-trade risk management systems and controls such as self-trade prevention tools. [426]

    The Commission's proposals under § 38.401(a)(1)(iii) and (iv) are intended to apply to various aspects of how an electronic platform operates, beyond the technical process of how any order is actually matched. The proposed regulations explicitly require the disclosure of information relating to latencies in the matching of orders and transmission of that information to market participants. In addition, if they have a material impact on market participants, exchanges must disclose information on exchange functions such as self-trade prevention, implied spread markets, and priority assignment of orders in a central limit order book, where applicable. Exchanges also must disclose how available order types would be executed (or not) under different market conditions, where applicable. The Commission is mindful that DCMs should only be required to describe attributes of their own systems. However, such systems would include platform systems or components that are monitored, leased from, or otherwise operated by an affiliate or third party. [427]

    The Commission has also proposed under amended § 38.401(a)(2) that a DCM must provide a description of known attributes of its electronic trading platform under paragraph (a)(1)(iv). However, this may not relieve an exchange of the obligation to disclose information if the exchange should have known of an attribute. The Commission notes that DCMs must regularly test and review their automated systems, [428] monitor trading on their facilities, and identify any market or system anomalies. [429] The Commission cautions, however, that compliance with Regulation AT's disclosure requirements may not absolve a DCM of other statutory or regulatory obligations. For instance, DCMs must promote fair and equitable trading and protect markets and market participants from abusive practices. [430]

    b. How Information Should Be Disclosed

    The Commission proposes under § 38.401(a)(1)(iv) that DCMs be required to disclose any known attributes of their electronic matching platform, other than those already disclosed pursuant to § 38.401(a)(1)(iii). This description should, at a minimum, identify what the attribute is and how it may affect market participant orders. To the extent such information is necessary for market participants to understand the significance of an attribute, the description may need to provide statistics or examples. As with all information provided to market participants under current regulation 38.401, the description must include information that the DCM believes, to the best of its knowledge, to be accurate and complete, and not omit material information. [431] Cost estimates for the Commission amendments to § 38.401 are provided in this NPRM's cost-benefit considerations below.

    The Commission proposes under § 38.401(c)(3) that DCMs be required to disclose information on the attributes of their platforms “prominently and clearly” on their Web sites. The Commission also proposes under § 38.401(c)(3) that information regarding attributes of the electronic matching platforms be provided in “plain English.” Because market participants may have different degrees of technical understanding, the Commission aims to make information on the electronic matching platforms accessible to market participants regardless of their technical proficiency or sophistication. Providing highly complex information on the platforms may allow more technically-proficient market participants to understand the operations of the platform, but may be inaccessible to other market participants.

    c. When Information Should Be Disclosed

    The Commission's proposals on DCM transparency are intended to account for two situations: (1) Where the DCM makes a change to the platform, resulting in an impact on the execution of market participant orders, and (2) where the DCM becomes aware of an existing attribute within the platform that affects the execution of such orders. Under the first situation, as clarified in the proposed amendment to the definition of “rule” under § 40.1(i), information submitted to the Commission under §§ 40.5(a) or 40.6(a) would be public information, except to the extent that confidential treatment is granted pursuant to § 40.8. Furthermore, a DCM would be required to post the relevant submission on its Web site concurrent with the provision of such submission to the Commission pursuant to current § 38.401(c). Under the second situation, the Commission's proposals would require the DCM to make the relevant information available “within a reasonable time, but no later than 10 days” following the identification or change to the attribute. DCMs must also ensure that information can be accessed by visitors to the Web site without the need to register, log in, provide a user name, or obtain a password.

    d. Changes in Definition of “Rule”

    The Commission also proposes amending the definition of “rule” under § 40.1(i), which is relevant to regulations common to all registered entities. [432] The proposed change to the definition of “rule” would track language in the transparency requirements under proposed § 38.401(a)(1)(iv) (which applies only to DCMs). The proposed change to the definition would make clear that “trading protocols” includes “any operation of an electronic matching platform that materially affects the time, priority, price, or quantity of execution of market participant orders, the ability to cancel, modify, or limit display of market participant orders, or the dissemination of real-time market data to market participants.” As with any other rule change, changes to a registered entity's trading protocols must be submitted to the Commission pursuant to existing §§ 40.5 or 40.6.

    The Commission notes that this proposed amendment to the definition of “rule” also adds a reference to market maker and trading incentive programs. This change clarifies and codifies the Commission's current interpretation of the definition of “rule” under § 40.1(i), in which registered entities are required to submit new rules and rule amendments to the Commission when changes are made to, among other things, matching algorithms, market maker or trading incentive program agreements, and available order types. This proposed change to § 40.1(i), which reflects the Commission's understanding of “rule”, should be distinguished from the proposed regulations regarding market maker and trading incentive programs under §§ 40.25-40.28, which represent new requirements that apply only to DCMs.

    3. Policy Discussion

    With the proposed transparency requirements, the Commission aims to increase the relevant information available to market participants that may influence their choice of trading venue. The Commission believes that such will foster competition among exchanges by incentivizing them to provide the most efficient and fairest venue for trading. Should an exchange intentionally or unintentionally structure its trading systems to potentially or actually advantage one category of market participant over others, the potentially disadvantaged market participants may opt to trade on another venue.

    One Concept Release commenter noted that market participants, if they have direct market access, could calculate market quality metrics including latencies and therefore would be aware of many of the attributes of a platform that affect order execution. The requirements proposed under § 38.401(a)(1)(iii) and (iv) give all market participants an equal footing in terms of understanding how the platform operates independent of access methods and services such as colocation.

    4. Request for Comments

    69. The Commission has proposed that certain components of an exchange's market architecture should be considered part of the “electronic matching platform” for purposes of the DCM transparency provision. Are there any additional systems that should fall within the meaning of “electronic matching platforms” for purposes of proposed § 38.401(a)?

    70. The Commission has specifically identified, as “attributes” that must be disclosed, latencies within a platform and how a self-trade prevention tool determines whether to cancel an order. Are there any other attributes that would materially affect the execution of market participant orders and therefore should be made known to all market participants? Should the Commission revise the final rule so that it only applies to latencies within a platform and how a self-trade prevention tool determines whether to cancel an order?

    71. What information should be disclosed as part of the description of relevant attributes of the platform? For instance, with latencies within a platform, should statistics on latencies be required? If so, what statistics would help market participants assess any impact on their orders? Would a narrative description of attributes be preferable, including a description of how the attributes might affect market participant orders under different market conditions, such as during times of increased messaging activity?

    72. The Commission notes that proposed § 38.401(a)(1)(iii) and (iv) are not intended to require the disclosure of a DCM's trade secrets. The Commission requests comments on whether the proposed rules might inadvertently require such disclosure, and if so, how they might be amended to address this concern. Furthermore, the Commission anticipates that the mechanisms and standards for requesting confidential treatment already codified in existing § 40.8 could be used by DCMs to identify and request confidential treatment for information otherwise required to be disclosed pursuant to proposed § 38.401(a)(1)(iii) and (iv), for example by incorporating § 40.8's mechanisms and standards into any final rules arising from this NPRM. If commenters believe that the mechanisms and standards in § 40.8 are inappropriate for this purpose, please describe any other mechanism that should be included in any final rules to facilitate DCM requests for confidential treatment of information otherwise required to be disclosed pursuant to proposed § 38.401(a)(1)(iii) and (iv).

    73. The Commission notes that DCMs are required, as part of voluntary submissions of new rules or rule amendments under § 40.5(a) and self-certification of rules and rule amendment under § 40.6(a), to provide inter alia an explanation and analysis of the operation, purpose and effect of the proposed rule or rule amendment. Would the information required under §§ 40.5(a) or 40.6(a) provide market participants and the public with sufficient information regarding material attributes of an electronic matching platform?

    74. The Commission recognizes that DCMs are required to have system safeguards to ensure information security, business continuity and disaster recovery under DCM Core Principle 20. The Commission understands that some attributes of an electronic matching platform designed to implement those safeguards should be maintained as confidential to prevent cybersecurity or other threats. Does existing § 40.8, 17 CFR 40.8 (2014) provide sufficient basis for DCMs to publicly disclose the relevant attributes of their platforms while maintaining as confidential information concerning system safeguards?

    75. With respect to material attributes affecting market participant orders caused by temporary or emergency situations, such as network outages or the temporary suspension of certain market functionality, what is the best way for DCMs to alert market participants? How are DCMs currently handling these situations?

    76. The Commission proposes that DCMs provide a description of the relevant material attributes in a single document “disclosed prominently and clearly” on the exchange's Web site. The Commission also proposes that this document be written in “plain English” to allow market participants, even those not technically proficient, to understand the attributes described. Would these requirements be practical and help market participants locate and understand the information provided?

    77. The Commission proposes requiring DCMs to disclose information on the relevant attributes: (a) When filing a rule change submission with the Commission for changes to the electronic matching platform; or (b) within a “reasonable time, but no later than ten days” following the identification of such attribute. Do the proposed timeframes provide sufficient time for DCMs to disclose the relevant information? Do the proposed timeframes offer sufficient notice of changes or discovered attributes to market participants to allow them to adjust any systems or strategies, including any algorithmic trading systems?

    78. The Commission proposes requiring disclosure of newly identified attributes within 10 days of discovery. Does this provide DCMs sufficient time to analyze the attribute and provide a description? Should DCMs be required to provide notice of the existence of the attribute and supplement as further analysis is performed?

    N. Pre-Trade and Other Risk Controls at DCMs—§ 40.20

    The Commission proposes a new § 40.20 to require DCMs to establish pre-trade and other risk controls specifically designed to address the risks that may arise from Algorithmic Trading. The Commission is also proposing to codify in § 40.20 basic pre-trade risk control requirements and order cancellation capabilities for orders that do not originate from Algorithmic Trading. In this regard, the Commission recognizes that natural person traders manually entering orders also have the potential to cause market disruptions. While the majority of the pre-trade and other risk controls in Regulation AT address Algorithmic Trading, the Commission believes it is also important to promote a basic degree of risk control for all trading regardless of source.

    The pre-trade and other risk controls required of DCMs pursuant to proposed § 40.20 reflect Regulation AT's layered approach to risk mitigation in automated trading. In particular, the measures required of DCMs in § 40.20 are similar to those required of AT Persons in proposed § 1.80(a)(1) and (b)(1), and also similar to those required of clearing member FCMs in § 1.82(a). The Commission intends to offer AT Persons, clearing member FCMs and DCMs the flexibility to design and calibrate such controls according to their own distinct priorities and understanding of the risks to themselves, their customers, and the broader market. In this regard, while certain proposed rules may appear duplicative on their face, Regulation AT is designed to address the diverse needs of market participants trading across multiple markets, by spreading the requirement to impose risk controls across AT Persons, clearing member FCMs and DCMs and encouraging them to each independently calibrate such controls.

    The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release requested comment on various pre-trade and other types of risk controls, including message and execution throttles, maximum order sizes, price collars, and order management controls, such as connectivity monitoring services, automatic cancellation of orders on disconnect and kill switches. The Concept Release contemplated that such controls would apply at the trading firm, clearing member and trading platform levels. As explained above, proposed § 1.80 requires AT Persons to implement certain pre-trade risk controls and order management controls. By reference to the proposed § 1.80 regulations, proposed § 40.20 will require DCMs to establish similar pre-trade and other risk controls specifically designed to address the risks that may arise from Algorithmic Trading, and to establish similar controls for orders entered manually. Relevant comments to the Concept Release addressing pre-trade and other risk controls for DCMs are discussed below.

    a. Message and Execution Throttles

    As discussed above, the Concept Release described message throttles as establishing maximum message rates per unit of time and execution throttles as establishing limits on the maximum number of orders that an ATS can execute in a given direction per unit in time. The Concept Release also sought comment on a particular form of execution throttle, the repeated automated execution throttle, which would disable a trading system after a configurable number of repeated executions until a human re-enables the system. [433] The Concept Release stated that the throttles would be calibrated to address the potential for unintended message flow or executions from a malfunctioning ATS. [434]

    Commenters indicated that DCMs are already implementing messaging rate limits. Two exchanges described their own message rate limits  [435] and four commenters stated generally that many exchanges have messaging rate limits in place. [436] Commenters generally discussed throttles at the exchange as being “messaging” limits. KCG explained that many participants' trading strategies include trading activity on multiple markets, and thus the responsibility for establishing limits on executions must reside with the market participant and its clearing firm. [437] Benefits of exchange-based messaging limits noted by commenters include identifying potentially malfunctioning ATSs, preventing a platform overload that would impact the processing of messages across all market participants, ensuring a level playing field for all market participants, mitigating risk to the DCO, and deterring predatory and disruptive activities that require high message traffic. [438] SIG cautioned that exchanges should not impose “speed-bump” throttles on order messaging as a means to “slow down trading for its own sake.”  [439] FIA suggested that a DCM should never reject an order cancellation request due to message rate limits. [440]

    Commenters indicated that exchanges should have flexibility in setting messaging limits because exchanges are in the best position to respond to the dynamics of the market, monitor the activity of all participants, and determine the impact of messaging. [441] Commenters indicated that throttle limits implemented by DCMs should be based on the unique characteristics of each product; the capacity and performance of a DCM's network and matching engine and the matching algorithm; and the market participant's role (i.e., liquidity providers may be excluded from limits). [442] FIA noted that a DCM's message rate limit should not adjust to market conditions because participants must always know what the limit is. [443] Chicago Fed commented that regulators should assess the methodology that trading venues use to set throttle limits, the reasonableness of those limits, and the procedures followed when they are breached. [444] Finally, IATP commented on the difficulty in setting standardized throttle thresholds, and alternatively suggested standardizing a graduated levy on order cancellations. [445]

    b. Maximum Order Sizes

    Commenters indicated that exchanges already implement maximum order size limits. Two exchanges, CME and CFE, stated that they apply order size limits on each of their products. [446] AIMA also stated that maximum order sizes are normally applied per product at the DCM or FCM level to all customers. [447] Chicago Fed commented that exchanges should implement maximum order size limits. [448] MFA also recommended that maximum order size controls be implemented at the FCM and/or exchange level, and apply to both manual and automated traders. [449] FIA commented that while it “has been a proponent of standardization of pre-trade risk controls across DCMs we understand that each DCM needs to have discretion on how these controls are implemented.”  [450]

    c. Price Collars

    The Concept Release requested comment on price collars, a control in which trading platforms would assign a range of acceptable order and execution prices for each product and all market participants would establish similar limits to ensure that orders outside of a particular price range are not transmitted to the trading platform. Commenters indicated that exchanges already implement price collars. CME and CFE described their own price collar mechanisms. [451]

    FIA indicated that price collars are a “widely adopted” DCM-hosted risk control and are effective at preventing orders from disrupting the market and affecting the price discovery process. [452] FIA further explained that they have been proven to minimize erroneous trading by controlling the range of execution prices and can ensure the integrity of trades cleared through the DCO by dramatically reducing the chance that a trade may be deemed erroneous and subsequently adjusted or busted. [453] FIA recommended that price collars be used on all contracts, set by the DCM based on estimates of volatility and market conditions. [454] FIA cautioned that price collars should not be mandated at the same levels across all products. [455]

    Other commenters made similar points. KCG stated that “the futures markets' price collars work well,” and reduce the potential for erroneous trades. [456] KCG supports requiring exchanges to establish price collars on all contracts, but believes that exchanges should have discretion in setting the price collars. [457] Gelber stated that exchanges should establish price collars and that this control protects DCOs and market participants from volatile markets. [458] MFA stated that price collars in the futures markets have been effective in maintaining fair and orderly markets, and have fewer unintended consequences than trading pauses. [459] SIG also stated that the markets benefit from price collars. [460] Finally, Chicago Fed and AFR recommended that trading venues implement price collars. [461]

    In contrast to the above comments, AIMA acknowledged that price collars may be beneficial, but explained that price collars have potentially negative consequences in that they may impede the efficient price discovery process. [462] In particular, AIMA suggested that market participants should be encouraged to place bids and offers far above or below the current market price. [463] Among other things, AIMA suggested that brief trading pauses were preferable to price collars, and that if a collar or pause is activated, market participants should be notified as soon as possible. [464]

    d. Connectivity Indications and Cancel on Disconnect

    As noted above, the Concept Release requested comment regarding “system heartbeats” that would indicate proper connectivity between a trading firm's automated trading system and the trading platform, and “auto-cancel on disconnect,” an exchange tool that allows trading firms to determine whether their orders will be left in the market upon disconnection. Two exchanges stated that they provide an optional cancel-on-disconnect functionality  [465] and FIA characterized cancel-on-disconnect as a “widely adopted DCM-hosted pre-trade risk control.”  [466] Several commenters indicated that they support exchanges offering system heartbeats and/or cancel-on-disconnect to their market participants. [467]

    e. Order Cancellation Systems

    As discussed above, the Concept Release addressed selective working order cancellation, a tool in which an exchange can immediately cancel one, multiple, or all resting orders from a market participant as necessary in an emergency situation and well as order cancellation mechanisms that would immediately cancel all working orders and prevent submission (by the market participant), transmittal (by the clearing member), or acceptance (by the trading platform) of any new orders from a market participant or a particular trader or ATS of such market participant. The Commission notes that comments to the Concept Release generally discussing the design and implementation of kill switches are addressed above with respect to order cancellation systems requirements on AT Persons.

    Specifically as to exchanges, the Commission notes that one exchange indicated that it has two kill switch tools: A kill switch used by the exchange, clearing firm, or trading firm to remove an entity from the market completely; and an order management tool that enables clearing firms and end-users to cancel orders at a more granular level. [468] Another exchange explained that it can cancel orders and quotes in an emergency and also provides a kill switch to clearing members that cancels all orders and quotes from a market participant. [469]

    Some commenters noted the importance of placing kill switches at the DCM level. [470] For example, Citadel noted that “kill switches can operate at a number of levels—at the market participant, at the clearing firm, or at the trading platform. While all are advisable, their use at the trading platform level is of paramount importance. Trading platforms sit at the center of trading and are therefore best positioned to efficiently and consistently monitor activity across a wide variety of market participants.”  [471] While commenters generally opposed prescriptive kill switch requirements and indicated the challenges of standardization, several noted that there could be some benefits to standardized kill switch processes across exchanges. [472]

    Commenters also stressed the importance of clear, transparent procedures governing use of the kill switch. [473] FIA stated that “a failure to communicate policies that govern the use of kill switches, any potential changes to such policies, or the utilization of a kill switch in a live trading environment without prior notification can introduce significant risk to a market participant's trading operation as well as the wider marketplace.”  [474] MFA commented that trading platforms should have clear and objective policies detailing the circumstances that warrant use of a kill switch. [475] In contrast, CME stressed that the kill switch tool must be free of restrictive policies and procedures, because time is of the essence in use of the kill switch. However, CME stated that if policies do govern an exchange's use of a kill switch, such policies should define a hierarchy of authority for who can send kill instructions. [476]

    Regarding activation of the kill switch, FIA cautioned that this tool should only be used as a “final safeguard” that should be a redundant control as long as appropriate risk controls are implemented at the FCM and DCM levels. [477] FIA suggested that a kill switch have both automated and manual triggers, but a DCM should contact the market participant before activating the kill switch. [478] FIA also suggested that a DCM be allowed to terminate market access without contacting the participant if necessary to protect market integrity or the financial integrity of participants. [479] Citadel commented that exchange systems should employ robust and reliable systems that automatically identify potentially erroneous activity, and this activity could trigger automatic notifications to the participant; review by exchange staff; automatic blocks of further activity; and, under appropriate circumstances, a confidential notification to other trading platforms that a firm's trading is halted. [480] KCG stressed that market participants should establish thresholds for kill switches, [481] and Gelber cautioned that exchanges should apply kill switches on an ATS, not firm-wide, level. [482] SIG suggested that exchanges set kill switches at the gateway level, firm level, or an account level. [483]

    An issue related to pre-trade and other risk controls implemented by DCMs is the testing of exchange systems. The Concept Release did not directly explore the testing of DCM automated systems. Moreover, commenters did not raise the issue. Nevertheless, the Commission notes that there have been incidents following automated system changes that might have been prevented or mitigated by additional testing. For example, in early 2015, certain European futures exchanges experienced outages in their trading platforms following updates to their automated systems. [484] In September 2010, 30,000 test orders were accidentally submitted to the CME Globex system (due to human error), resulting in numerous executed trades. [485] In April 2014, the Globex system halted, forcing traders to execute futures trades on the trading floor. [486] The Commission further notes that IOSCO published in April 2015 a consultation report recommending that exchanges consider “establishing policies and procedures related to the development, modification, testing and implementation of new, or changes to, critical systems.”  [487] Existing § 38.1051(h) requires DCMs to “conduct regular, periodic, and objective testing of its automated systems to ensure that they are reliable, secure, and have adequate scalable capacity” and § 38.1051(a)(5) requires exchanges to address risk analysis and oversight for “systems development and quality assurance.” While the Commission is not proposing any amendments to § 38.1051 in this NPRM, the Commission requests comment on whether the existing rule provides the Commission with adequate authority to require DCMs to adequately test planned changes to their matching engines and other automated systems.

    2. Description of Regulation

    Existing § 38.255 requires DCMs to establish risk control mechanisms to prevent and reduce the potential risk of price distortions and market disruptions, including market restrictions that pause or halt trading. The Commission proposes a new § 40.20 to require DCMs to establish pre-trade and other risk controls specifically designed to address the risks that may arise from Algorithmic Trading, and to establish similar controls for orders entered manually.

    The controls required by § 40.20 are consistent with the controls that Regulation AT would require AT Persons and clearing member FCMs to implement. By reference to the pre-trade and other risk controls required of AT Persons pursuant to § 1.80(a)(1), proposed § 40.20 would require message and execution throttles and controls establishing price and size parameters. Proposed § 40.20 would also require DCMs to implement the above risk controls for orders that do not originate from Algorithmic Trading.

    The proposed regulation, by reference to § 1.80(b) and (c), would also require DCMs to establish certain order cancellation and connectivity monitoring systems. The cancellation systems must have the ability to: (i) Immediately disengage Algorithmic Trading; (ii) cancel selected or up to all resting orders when system or market conditions require it; (iii) prevent acceptance or submission of any new orders; and (iv) cancel or suspend all resting orders from AT Persons in the event of disconnect with the trading platform. The connectivity monitoring systems established by the DCM must enable the systems of AT Persons with DEA to indicate to the AT Persons on an intermittent or continuous basis whether they have proper connectivity with the trading platform, including any systems used by a DCM to provide the AT Person with market data.

    Finally, the Commission is amending the Acceptable Practices for Core Principle 4 in part 38 of the DCM regulations. The existing Acceptable Practices provide that the DCM may choose from risk controls, including pre-trade limits on order size, price collars or bands around the current price, message throttles and daily price limits, to comply with Core Principle 4. Such controls are now required. Accordingly, the Acceptable Practices will be revised to correspond to the new requirements set forth in § 40.20.

    3. Policy Discussion

    Consistent with its multi-layered approach to regulations intended to mitigate the risks of automated trading, the Commission proposes in § 40.20 to require that DCMs establish and implement certain pre-trade risk controls and order management controls that are broadly similar to those that would be required of AT Persons and clearing member FCMs. The Commission's determination to require DCM-implemented controls is consistent with several Concept Release comments that indicated that pre-trade risk and order management controls should be placed at the exchange level, with one commenter explaining that exchanges sit at the center of trading, and are therefore best positioned to monitor activity across a wide variety of participants. [488] The Commission notes that its approach is consistent with ESMA's 2015 Final Draft Regulatory Standards, in that ESMA requires pre-trade risk controls at both the investment firm and trading venue level. [489] In addition, with respect to kill switch functionality, ESMA's 2015 Final Draft Regulatory Standards set out two different obligations: Trading venues must have their own kill functionality, and separately, investment firms must have the ability to cancel unexecuted orders. [490]

    The Commission believes that the controls required in proposed § 40.20 are in many cases largely consistent with controls already used by DCMs. As discussed above, commenters to the Concept Release addressing this topic generally indicated that exchanges already use message rate limits, maximum order size limits, and price limits. Comments to the Concept Release indicated that order cancellation systems and connectivity monitoring systems are already used by DCMs as well. Although some commenters did indicate that execution throttles are more appropriate for trading firms than for DCMs, the Commission believes that pre-trade risk controls and other measures serve different functions and may be designed or calibrated distinctly at each entity in the life-cycle of an AT Order Message. As noted above, proposed § 40.20 and other elements of Regulation AT reflect the proposed rules' layered approach to risk mitigation in automated trading. In this regard, Regulation AT is designed to address the diverse needs of market participants trading across multiple markets, by spreading the requirement to impose risk controls across AT Persons, clearing member FCMs and DCMs and encouraging them to each make independent use of such controls.

    The Commission notes that IOSCO has recently explained that most trading venues have tools used to mitigate the operational risks of electronic trading, and such tools include price and volume controls, messaging throttles, and kill switches. [491] In addition, ESMA's 2015 Final Draft Regulatory Standards require that trading venues have price collars that automatically block or cancel orders that do not meet set price parameters with respect to different financial instruments, on an order-by-order basis; and maximum order value and maximum order volume limits. [492] ESMA's regulatory standards also require throttles limiting the number of orders each member may submit per second. [493] Trading venues must also determine a maximum ratio of unexecuted orders to transactions at a level they deem appropriate, consistent with a calculation methodology provided by ESMA. [494] ESMA standards further require a kill functionality to cancel unexecuted orders upon request of a market participant that is technically unable to delete its own orders, when the order book is corrupted by erroneous duplicated orders, or following a suspension initiated by the market operator or the competent authority. [495]

    The Commission's proposed rules do not impose a “one-size-fits-all” standard on DCMs for compliance. Rather, the DCM's pre-trade risk controls must be set at the level of each AT Person, and exchanges must evaluate whether the controls should be set at a more granular level, including by product or one or more identifiers of natural persons associated with an AT Order Message, and then take appropriate action to set the controls at that more granular level. The Commission expects that it will often be beneficial to set controls at a more granular level. As noted above, while some commenters to the Concept Release indicated that Commission involvement in setting thresholds for these controls might be useful, the Commission agrees with those commenters indicating that exchanges need discretion to determine how these controls are implemented. The Commission believes that it is not in the best position to determine the appropriate control parameters for each trading strategy, product, capacity of exchange matching engine, and every other potentially relevant factor that should be taken into account by a DCM when establishing thresholds. The proposed rules do not prescribe particular limits or thresholds. Rather, they require that the DCM set the controls at levels intended to prevent an Algorithmic Trading Event.

    The Commission believes that allowing DCMs discretion in the design and implementation of risk controls is particularly important in the area of order cancellation functions. FIA has stated that “[a]ctivation of a kill switch is based on a decision that such action protects market integrity or the financial integrity of the counterparties involved,” and should “only be invoked based on a qualitative decision taken as a last resort when other actions have failed or may not be feasible.”  [496] Furthermore, FIA has explained that the conditions under which a kill switch may be used by an exchange should be clearly communicated to the counterparties. [497] Similarly, MFA commented that trading platforms should have clear and objective policies detailing when a kill switch will be used. [498] CME indicated that restrictive policies governing use of a kill switch could be detrimental, given the speed with which a kill switch may need to be implemented. [499] The Commission believes that exchanges should have clear and public policies governing use of a kill switch, but understands that the specifics of such policies may different depending on the nature of an exchange's market and market participants. Therefore, the Commission has determined that its proposed rules in this area should provide exchanges with the discretion to design policies and procedures appropriate to their market. The Commission stresses that exchanges should clearly communicate such policies and procedures to market participants.

    The Commission notes that § 40.20(d) would require a DCM to implement the pre-trade and other risk control mechanisms described in § 40.20(a) and (b)(1)(i) (meaning, message and execution throttles and order and price parameters and order cancellation systems) for orders that do not originate from Algorithmic Trading, after making any adjustments to such controls that the DCM determines are appropriate for such orders. The Commission recognizes that certain activity that such controls are designed to address can be caused by manual order entry in addition to Algorithmic Trading. For example, fat-finger errors are a commonly-cited example of an unintentional error that can have a significant disruptive effect, which can be caused by, and may even be more likely to occur in the context of, manual order entry.

    4. Request for Comments

    79. The Commission proposes to require DCMs to set pre-trade risk controls at the level of the AT Person, and allows discretion to set controls at a more granular level. Should the Commission eliminate this discretion, and require that the controls be set at a specific, more granular, level? If so, please explain the more appropriate level at which pre-trade risk controls should be set by a DCM.

    80. The Commission requests public comment on the pre-trade and other risk controls required of DCMs in proposed § 40.20. Are any of the risk controls required in the proposed rules unhelpful to operational or other risk mitigation, or to market stability, when implemented at the DCM level?

    81. Are there additional pre-trade or other risk controls that should be specifically enumerated in proposed § 40.20?

    82. The Commission proposes, with respect to its kill switch requirements, to allow DCMs the discretion to design a kill switch that allows a market participant to submit risk-reducing orders. The Commission also does not mandate particular procedures for alerts or notifications concerning kill switch triggers. Does the proposed rule allow for sufficient flexibility in the design of kill switch mechanisms and the policies and procedures concerning their implementation? Should the Commission consider more prescriptive rules in this area?

    83. Does existing § 38.1051 provide the Commission with adequate authority to require DCMs to adequately test planned changes to their matching engines and other automated systems?

    O. DCM Test Environments for AT Persons—§ 40.21

    The Commission proposes a new § 40.21 to require DCMs to provide a test environment that will enable AT Persons to simulate production trading.

    1. Concept Release Comments

    The Concept Release contemplated that trading platforms must provide to their market participants test environments that simulate the production environment. FIA supports DCMs providing robust test environments and market participants using such environments. [500] SIG also indicated that DCMs should provide test environments. [501] MFA indicated that many, if not all, exchanges currently provide market participants a test facility to test trading software and algorithms. [502]

    2. Description of Regulation

    Regulation AT proposes a new requirement that DCMs (under proposed § 40.21) provide a test environment that will enable AT Persons to simulate production trading. The required test environment should provide access to historical transaction, order and message data. The test environment should also enable AT Persons to conduct conformance testing of their Algorithmic Trading systems to verify compliance with the requirements of proposed § 1.80(a)-(c) (which address pre-trade risk controls and other measures), § 1.81(a)(1)(ii)-(iv) and § 1.81(c)(1) (which address the testing and compliance of algorithmic trading systems). The Commission anticipates that AT Persons would use the DCM test environment in connection with the testing of their Algorithmic Trading systems, to identify issues that may arise in a production environment that may not have been identified through testing in the AT Person's development environment.

    3. Request for Comments

    84. Should the test environment provided by DCMs under proposed § 40.21 offer any other functionality or data inputs that will promote the effective design and testing of Algorithmic Trading by AT Persons?

    P. DCM Review of Compliance Reports by AT Persons and Clearing FCMs; DCM Rules Requiring Certain Books and Records; and DCM Review of Such Books and Records as Necessary—§ 40.22

    The Commission proposes a new § 40.22 that complements the requirement under § 1.83 for AT Persons and clearing member FCMs to submit compliance reports to DCMs. Sections 40.22(a) and (b) would require a DCM to require each AT Person that trades on the DCM, and each FCM that is a clearing member for such AT Person, to submit the reports described in § 1.83(a) and (b) annually. Further, § 40.22(c) would require each DCM to establish a program for effective review of such reports and remediation of any deficiencies found. DCMs would have considerable latitude, however, in the design of their review programs. Proposed § 40.22(d) would require DCMs to implement rules that require each AT Person to keep and provide to the DCM books and records regarding such AT Person's compliance with all requirements pursuant to § 1.80 and § 1.81, and require each clearing member FCM to keep and provide to the DCM books and records regarding such clearing member FCM's compliance with all requirements pursuant to § 1.82. Finally, proposed § 40.22(e) would require DCMs to review and evaluate, as necessary, books and records maintained by AT Persons and clearing member FCMs regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs). This proposed provision also provides DCMs with considerable latitude in the implementation of their review function. The remainder of this section presents Concept Release comments on this topic, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    As noted in the discussion of proposed § 1.83 above, the Concept Release requested comment on whether it would be appropriate to require periodic self-certifications by all market participants operating ATSs and by clearing firms that provide clearing services to those market participants. [503] Comments addressing this topic are addressed in section IV(I)(1) above.

    2. Description of Regulation

    Proposed § 40.22 complements the requirement under § 1.83 for AT Persons and clearing member FCMs to submit compliance reports to DCMs. Proposed § 40.22(a) requires a DCM to implement rules that require each AT Person that trades on the DCM, and each FCM that is a clearing member of a DCO for such AT Person, to submit the reports described in § 1.83(a) and (b), respectively. Under proposed § 40.22(b), a DCM must require the submission of such reports by June 30th of each year. Proposed § 40.22(c) requires a DCM to establish a program for effective periodic review and evaluation of reports described in paragraph (a) of § 40.22, and of the measures described therein. An effective program must include measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies and procedures described in such reports, including identification and remediation of any inadequate quantitative settings or calibrations of pre-trade risk controls required of AT Persons pursuant to § 1.80(a).

    In addition, as an additional complement to the compliance report review program described above, proposed § 40.22(d) requires DCMs to implement rules requiring each AT Person to keep and provide to the DCM books and records regarding their compliance with all requirements pursuant to § 1.80 and § 1.81, and requires each clearing member FCM to keep and provide to the DCM market books and records regarding their compliance with all requirements pursuant to § 1.82. Finally, proposed § 40.22(e) requires DCMs to review and evaluate, as necessary, books and records required to be kept pursuant to proposed § 40.22(d), and the measures described therein. A DCM could find it necessary to conduct such a review if: It becomes aware if an AT Person's kill switch is frequently activated, or otherwise performs in an unusual manner; if a DCM becomes aware that an AT Person's algorithm frequently performs in a manner inconsistent with its design, which may raise questions about the design or monitoring of the AT Person's algorithms; if a DCM identifies frequent trade practice violations at an AT Person, which are related to an algorithm of the AT Person; or if an AT Person represents significant volume in a particular product, thereby requiring heightened scrutiny, among other reasons. An appropriate review pursuant to § 40.22(e) should include measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies, and procedures described in such books and records.

    3. Policy Discussion

    In proposing this regulation, the Commission disagrees with comments to the Concept Release opposing such a review requirement and suggesting that it would merely create extra administrative costs. [504] The Commission acknowledges that the review program required by § 40.22 would impose costs on DCMs, but believes that Regulation AT must include a mechanism to ensure that AT Persons and clearing member FCMs are complying with the requirement to implement certain pre-trade and other risk controls. Moreover, an assessment of such compliance requires an adequate level of expertise and knowledge of markets and market participants' technological systems and trading strategies. The Commission believes that a review program requiring AT Persons to describe the pre-trade risk controls required by § 1.80(a) and clearing member FCMs to describe their program for establishing and maintaining the pre-trade risk controls required by 1.82(a)(1), and requiring DCMs to review such information, is the most effective method to ensure that all market participants are implementing measures that are reasonably designed to prevent an Algorithmic Trading Event or Algorithmic Trading Disruption. The requirements of proposed § 40.22(d) and (e) will enable DCMs to perform a more intensive review, as necessary, of AT Persons' compliance with §§ 1.80 and 1.81, and clearing member FCMs' compliance with § 1.82, by among other factors, helping to ensure that necessary books and records are maintained and available to a DCM.

    The Commission notes, in particular, that DCMs are best positioned to assess the measures taken by market participants on their exchange, and identify outliers that may not have implemented adequate measures or particular parameters as compared to other market participants. The Commission believes that it is in the interest of the DCM, as well as all market participants trading on the DCM, to ensure that no market participants are conducting Algorithmic Trading without adequate protections in place.

    Some commenters indicated that any certification requirements should be principles-based. [505] The Commission agrees that a DCM should have discretion in the design and implementation of its review program. Accordingly, proposed § 40.22 provides a general framework for the DCM's review program: e.g., a DCM must require the submission of reports by June 30 of each year; and the DCM must establish a program for effective periodic review and evaluation of the reports, including measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies and procedures described in such reports. Beyond the specific requirements set forth in proposed § 40.22, however, each DCM may tailor its review program in the manner it believes will be most effective to understand the measures its market participants have taken to address the risks of Algorithmic Trading, and evaluate whether they are sufficient.

    4. Request for Comments

    85. In lieu of a DCM's affirmative obligation in proposed § 40.22 to review AT Person and clearing member FCM compliance reports, should DCMs instead be permitted to rely on the CEO or CCO representations required by proposed § 1.83(a)(2)? If so, what events in the Algorithmic Trading of an AT Person should trigger review obligations by the DCM?

    86. Should § 40.22(c) provide more specific requirements regarding a DCM's establishment of a program for effective periodic review and evaluation of AT Person and clearing member FCM reports? For example, § 40.22(c) could require review at specific intervals (e.g., once every two years). Alternatively, § 40.22(c) could provide greater discretion to DCMs in establishing their programs for the review of reports. Please comment on the appropriateness of these alternative approaches.

    87. Should § 40.22(e) provide more specific requirements regarding the triggers for a DCM to review and evaluate the books and records of AT Persons and clearing member FCMs required to be kept pursuant to § 40.22(d)? For example, § 40.22(e) could require review at specific intervals (e.g., once every two years), or it could require review in response to specific events related to the Algorithmic Trading of AT Persons. Please comment on the appropriateness of these alternative approaches.

    88. Does § 40.22 leave enough discretion to the DCM in determining how to design and implement an effective compliance review program regarding Algorithmic Trading? Alternatively, is there any aspect of this regulation that should be more specific or prescriptive?

    89. Should § 40.22 specifically authorize a DCM to establish further standards for the organization, method of submission, or other attributes of the reports described in § 40.22(a)?

    Q. Self-Trade Prevention Tools—§ 40.23

    The Commission understands that self-trade activity has grown as trading has migrated to an electronic trading environment. The Commission has determined to propose rules in this area, which would address both intentional and unintentional self-trading activity, with the goal of benefiting market participants and enhancing the price discovery process. Specifically, the Commission is proposing § 40.23(a) to require DCMs to implement rules reasonably designed to prevent self-trading, excluding certain “permitted self-trades” described below. Proposed § 40.23(a) defines self-trading as the matching of orders for accounts that have common beneficial ownership  [506] or are under common control. As discussed below, a trade that results from the matching of opposing orders both generated by a firm or a single or commonly owned account does not shift risk between different market participants. There is a possibility that such trades may inaccurately signal the level of liquidity in the market and may result in a non-bona fide price. Risk controls that identify and limit self-trading may result in more accurate indications of the level of market interest on both sides of the market and help ensure arms-length transactions that promote effective price discovery.

    The Commission recognizes that there could be legitimate reasons for self-trades, and hence is proposing to provide DCMs and market participants the appropriate flexibility in implementation of the self-trade prevention tools. DCMs have begun offering self-trade prevention tools to market participants in recent years, and a large fraction of market participants have started using these tools. Analysis of self-match use at DCMs has found that the majority of orders in many liquid contracts already make use of this tool. While acknowledging the growing use of such tools, the Commission is interested in strengthening regulatory standards to increase transparency and ensure more effective limitation of unintentional self-trades. By standardizing self-trade prevention use across firms, it should be easier for the marketplace as a whole to differentiate permitted self-trading. The Commission's proposed rules on self-trade prevention are also intended as a complement to the prohibition under the CEA regulations regarding wash trades. [507] Wash trading has been defined as “entering into, or purporting to enter into, transactions to give the appearance that purchases and sales have been made, without incurring market risk or changing the trader's market position.”  [508] Therefore, intentional self-trades could constitute wash trades.

    The remainder of this section presents Concept Release comments on this topic, a Commission analysis of the amount of self-trading in the marketplace, a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Concept Release Comments

    The Concept Release requested comment on self-trading controls. The Concept Release considered whether trading platforms should provide, and market participants apply, technologies to identify and limit the transmission of orders from their systems to a trading platform that would result in self-trades. Numerous commenters addressed self-trading controls, including the extent of their use by industry; the types of trades that self-trade controls should prevent; and the appropriate design of self-trade controls. Commenters disagreed as to whether there should be regulation in this area, but most either oppose regulation or express concern about how it would be implemented, for reasons similar to those stated by FIA: “To require the adoption of DCM-based self-match prevention as a ‘one-size-fits-all’ approach may result in unnecessary financial exposure caused by the inherent blocking of legitimate transactions. . . . The options for this type of functionality must be flexible enough so that market participants can choose the method that best suits their business and preserves legitimate trading.”  [509]

    Commenters indicated that exchange-provided self-trading controls are widely used by market participants. [510] The FIA PTG Survey reflected that 25 of 26 responding firms use such controls. [511] Both CME and ICE provide self-trade prevention controls, a capability which was introduced, and refined, in recent years. [512] CME's self-trade control is optional rather than required. It allows market participants to prevent buy and sell orders for the same account, or accounts with common beneficial ownership, from matching with each other. CME noted that its self-trade control can be applied by market participants at the executing firm level or at more granular levels, including at an individual user level. [513] CME stated that more than 100 firms have registered for this control since it was launched in June 2013. [514] ICE noted that its self-trade prevention tool is mandatory for proprietary traders with DEA. [515] Another exchange, CFE, commented that it will be employing self-trade prevention functionality in the near future. [516]

    While FIA believes that DCMs should offer self-trading controls, FIA and four other commenters (including CME) oppose self-trading regulation at this time. [517] Reasons articulated by FIA and other commenters included: The technology supporting this risk control is not sufficiently developed, although industry is already working to improve it and is in the best position to do so; regulating self-trading controls would lock in standards or technology that will become obsolete; self-trade controls may cause an accumulation of either resting orders or new orders, depending on how the controls are calibrated, which does not advance the regulatory goal of protecting the marketplace; and there are ways to prevent self-trades without using a self-trade prevention tool (i.e., trading firms may choose to simply modify their trading strategies). [518] OneChicago commented that self-trading controls should be implemented and calibrated at the clearing firm level, not at the DCM level. [519]

    In contrast, IATP and AFR support the Commission requiring exchanges and market participants to use self-trading controls. [520] SIG believes that exchanges should offer self-trade prevention functionality, with parameters set by firms. [521]

    As to cost considerations, CME stated that self-trade controls require significant investments in technology and resources by exchanges and trading firms. [522] MFA noted that it is more cost-effective for exchanges, rather than market participants, to develop self-trade controls. [523]

    Finally, comments addressed the specific functionality of self-trade controls currently used by exchanges and firms. For example, five comments addressed the type of trades that such controls should prevent. [524] FIA explained that self-trading controls should only address trades submitted by the same trading desk that are matched despite best efforts to avoid self-trading. This is different from wash trades, which are intentional self-trades that Commission and DCM rules already effectively address, and bona fide self-trades, which are buy and sell orders for accounts with common beneficial ownership that are independently initiated for legitimate business purposes, but which coincidentally cross. [525] FIA and Gelber stated that CME's November 19, 2013 advisory notice on wash trades  [526] provides an accurate description of when self-matching is acceptable. [527] SIG stated that exchanges should focus on trades that would create material, not immaterial, market misperceptions. [528] Finally, KCG stated that it does not believe the CFTC needs to prohibit all self-trading, but that “market participants must be able to demonstrate, through information barriers or other effective policies and procedures, that any self-trading is between unrelated strategies and not designed with a manipulative intent.”  [529]

    Commenters also addressed the appropriate level at which self-trade controls should be calibrated. [530] Several stressed that DCMs should allow market participants to tailor this control to their own needs. [531] FIA commented that self-trade controls should be offered at varying levels of granularity (i.e., firm level, group level, trader ID level, customer account level and strategy level), and certain levels can be combined. [532] AIMA stated that self-trade controls set at the firm trader ID level could be “gamed” by traders creating a shell company under a different ID. [533] SIG suggested that the controls be customizable at the “aggregation unit level” and “user-defined tag level.”  [534]

    Six comments addressed whether exchanges should require market participants to use the exchanges' self-trading controls. [535] CME noted that it is optional for market participants to use its self-trade tools, and FIA supported this approach. [536] In contrast, AIMA suggested mandatory confidential flagging of self-trades to the market participant, but only optional cancellations of orders. [537] Gelber and KCG support mandatory use at the “trader ID” level. [538] Gelber noted that ICE's controls are mandatory for some market participants. [539] Finally, IATP suggested requiring exchanges to provide self-trading controls and apply them to all participants and all products, arguing that requiring such controls for some but not others creates arbitrage opportunities. [540]

    Comments also addressed order cancellation options in order to prevent self-trading, which can include cancel resting, cancel new, cancel both, and decrement order quantity (canceling the smaller order and reducing the larger order by the size of the smaller order). [541] As described below, the Commission's proposed self-trade prevention requirements do not mandate a particular technological approach, nor do they specify which order or set of orders should be canceled in order to prevent a self-trade.

    2. Commission Analysis of Amount of Self-Trading in the Marketplace

    The pervasive growth of algorithmic trading by firms deploying large numbers of strategies has likely increased the incidence of self-trading activity. In order to estimate the percentage of self-trading in the marketplace, the Commission recently reviewed twelve months of trade data received from several large DCMs, focusing primarily on the most active products. Among other findings, the Commission learned that intra-firm self-trades, including both proprietary and customer trades, can comprise a meaningful percentage of daily trading activity in individual futures contracts. [542] For example, in February 2015 intra-firm self-trades in one examined futures contract were almost 10 percent of all trades in that contract, increasing to almost 15 percent on individual days. Self-trade rates for a few other contracts were around 5 percent of total activity. The Commission found similar patterns at individual firm levels, with cumulative self-trade volumes at times in the millions of contracts for some market participants over the course of the 12-month sample period. The average size of a firm's self-trades ranged from approximately two contracts per trade to over two thousand contracts per trade.

    3. Description of Regulation

    The Commission is proposing new requirements under § 40.23 that would require DCMs to apply, or provide and require the use of, tools reasonably designed to prevent self-trading. Proposed § 40.23 defines self-trading for purposes of this regulation as the matching of orders for accounts that have common beneficial ownership or are under common control. These requirements are intended to prevent self-trading, while still allowing what FIA has characterized as “bona fide and desirable self-match trades,” i.e. buy and sell orders for accounts with common beneficial ownership that are independently initiated for legitimate business purposes, but which coincidentally cross. [543] While the proposed rules contain exceptions for bona fide self-match trades (described in § 40.23(b)), they are intended to address all unintentional self-trading, and do not include a de minimis exception for a certain percentage of unintentional self-trading. In addition, the proposed rules would provide for an important new element of transparency around bona fide self-match trades to furnish all market participants with greater information regarding the markets on which they trade.

    Description of § 40.23(a). Regulation 40.23(a) would require a DCM to implement rules reasonably designed to prevent self-trading by market participants, except as specified in paragraph (b). The regulation defines “self-trading,” for purposes of § 40.23, as the matching of orders for accounts that have common beneficial ownership or are under common control. Regulation 40.23(a) would require that a DCM shall either apply, or provide and require the use of, self-trade prevention tools that are reasonably designed to prevent self-trading and are applicable to all orders on its electronic trade matching platform. If a DCM does not implement and apply self-trade prevention tools, then it must provide such tools to its market participants and require all market participants to use the tools. For purposes of complying with the requirements of proposed § 40.23, a DCM could either determine for itself which accounts should be prohibited from trading with each other, or require market participants to identify to the DCM which accounts should be prohibited from trading with each other. The proposed regulations allow DCMs to exercise discretion in the design and implementation of self-trade prevention tools, in response to Concept Release commenter concerns that the technology supporting this control is still being developed, and overly prescriptive regulations in this area may lock in standards or technology that will become obsolete.

    Description of § 40.23(b). The requirements of proposed § 40.23(a) are subject to the proviso in § 40.23(b) that a DCM may, in its discretion, implement rules that permit a self-trade resulting from the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers. A DCM could, through its rules, further define for its market participants “independent decision makers.” This exception is closely based on FIA's comment letter description of how a bona fide self-trade that should be permitted to occur. [544] The Commission considered FIA's concept of permissible self-trading to be a reasonable one, which would be easily understood by exchanges and market participants. In addition to the foregoing exception relating to common beneficial ownership, § 40.23(b) allows a DCM to permit a self-trade resulting from the matching of orders for accounts under common control where such orders comply with the DCM's cross-trade, minimum exposure requirements or similar rules, and are for accounts that are not under common beneficial ownership.

    Description of § 40.23(c). Under proposed § 40.23(c), a DCM must require market participants to receive approval from the DCM to forego self-trade prevention tools with respect to specific accounts under common beneficial ownership or control, on the basis that they meet the criteria of paragraph (b). The DCM must require that such approval request be provided to it by a compliance officer or senior officer of the market participant. The Commission emphasizes that the approval request to not apply self-trade prevention tools to certain orders should not be made by an individual trader or other non-management or more junior employee of the trading firm. Market participants must withdraw or amend an approval request if any change occurs that would cause the information provided in such approval request to be no longer accurate or complete. The Commission notes that any approval request submitted to the DCM would be subject to section 9(a)(4) of the Act, 7 U.S.C. 13(a)(4) (2012), which prohibits, inter alia, making false, fictitious, or fraudulent statements to a registered entity.

    Description of § 40.23(d). Finally, proposed § 40.23(d) would require that for each product and expiration month traded on a DCM in the previous quarter, the DCM must prominently display on its Web site the following information: (i) The percentage of trades in such product including all expiration months that represent self-trading approved (pursuant to paragraph (c) of § 40.23) by the DCM, expressed as a percentage of all trades in such product and expiration month; (ii) the percentage of volume of trading in such product including all expiration months that represents self-trading approved (pursuant to paragraph (c) of § 40.23) by the DCM, expressed as a percentage of all volume in such product and expiration month; and (iii) the ratio of orders in such product and expiration month whose matching was prevented by the self-trade prevention tools described in paragraph (a) of § 40.23, expressed as a ratio of all trades in such product and expiration month. The Commission emphasizes that the “prominent display” of information by a DCM precludes such DCM from placing information required by this rule behind registration, log in, user name, password or other walls on the DCM's Web site.

    4. Policy Discussion

    The Commission understands that for various reasons, firms might operate multiple algorithms, each following a different trading strategy, but transacting in the same instrument/futures contract. This can cause buy and sell orders for the same instrument to be generated at the same instant by different algorithms, which in turn can get matched with each other as self-trades. Certain firms might choose to prevent these self-trades from occurring, or limit the extent of self-trades. They could choose to do this by building tools that scan all orders being generated from within the firm and stop those that could potentially result in self-trades. But there are challenges in building efficient firm-level solutions, especially in modern low latency markets. In response, DCMs have implemented self-trade prevention tools to help firms manage and limit the extent of self-trades that would otherwise be generated by these algorithms. These trading system-level solutions appear to be more efficient in helping firms manage their self-trade activity.

    The Commission has included self-trade prevention requirements in Regulation AT to ensure that there are regulatory standards to more effectively and fairly limit unintentional self-trading across Commission-regulated markets, aiding in the risk management and trading efficiency of individual firms.

    In addition, while existing Commission regulations address market manipulation and wash sales, these types of violative behavior require some level of intent. Therefore, the Commission has determined to propose regulations in the area of self-trading that address both matching of orders for accounts that have common beneficial ownership or are under common control, independent of intent.

    The proposed regulations are intended to take into account Concept Release comments advising that the Commission should not be overly prescriptive in requiring specific types of self-trade prevention tools, or specific settings or controls in connection with such tools, because such tools are still technologically evolving. Furthermore, the Commission agrees with comments stating that exchanges are in the position, from a technology standpoint, to develop these types of controls. Accordingly, the Commission proposes to require the use of self-trade prevention tools in proposed § 40.23, but allow exchanges and market participants the discretion to tailor the design of such tools and how to most effectively calibrate them in order to prevent unintentional self-matching. The Commission believes that the requirements of proposed § 40.23 are generally consistent with how exchange-provided self-trade prevention tools currently operate, as indicated by comment letters. [545] The proposed regulations would also require DCMs to publish statistics on their Web site regarding self-trading that they have both authorized and prevented on their platform. The Commission is proposing this Web site reporting requirement because it understands that the design of self-trade prevention tools may vary among DCMs. These statistics will serve a critical purpose in disclosing to market participants the extent of self-trading that occurs in each product. The Commission believes that such transparency is a key element of the proposed rules as it will help furnish all market participants with better information regarding the markets in which they trade.

    While some commenters to the Concept Release were not supportive of Commission action in this area, the commenters also indicated that self-trade prevention tools are already widely implemented in industry. [546] Moreover, FINRA Rules already address self-trade prevention. In June 2014, FINRA published a regulatory notice stating that the SEC had approved new supplementary material to FINRA Rule 5210 (Publications of Transactions and Quotations) to address transactions in a security resulting from the unintentional interaction of orders originating from the same firm that involve no change in the beneficial ownership of the security (self-trades). [547] Effective August 25, 2014, firms must have policies and procedures in place that are reasonably designed to review their trading activity for, and prevent, a pattern or practice of self-trades resulting from orders originating from a single algorithm or trading desk, or related algorithms or trading desks.

    In addition, the FIA Guide sets forth guidelines for self-trade prevention, and recommends that exchanges should offer participants a selection of self-trade tools to allow market participants to tailor self-trade prevention to their individual needs by offering various options (e.g., cancel resting, cancel new, cancel both, and decrement order size) and various levels of granularity (e.g., firm level, group level, trader ID level, customer account level and strategy level). [548] The FIA Guide recommends that the use of such self-trade tools by market participants should remain optional. [549] The new Regulation AT requirements, by contrast, would make use of exchange-provided self-trade prevention tools mandatory by market participants.

    5. Request for Comments

    90. The Commission seeks to require self-trade prevention tools that screen out unintentional self-trading, while permitting bona-fide self-matched trades that are undertaken for legitimate business purposes. Under the regulations proposed above, DCMs shall implement rules reasonably designed to prevent self-trading (“the matching of orders for accounts that have common beneficial ownership or are under common control”), but DCMs may in their discretion implement rules that permit “the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers.”

    a. Do these standards accomplish the goal of preventing only unintentional self-trading, or would other standards be more effective in accomplishing this goal? For example, should the Commission consider adopting in any final rules arising from this NPRM an alternative requirement modeled on FINRA Rule 5210 and require market participants to implement policies and procedures to review their trading activity for, and a prevent a pattern of, self-trades?

    b. While the regulations contain exceptions for bona fide self-match trades (described in § 40.23(b)), the regulations are intended to prevent all unintentional self-trading, and do not include a de minimis exception for a certain percentage of unintentional self-trading. Should the regulations permit a certain de minimis amount of unintentional self-trading, and if so, what amount should be permitted (e.g., as a percentage of monthly trading volume)?

    c. The following terms are used in proposed § 40.23(a) and (b): (1) Self-trading, (2) common beneficial ownership, (3) independent decision makers, and (4) common control. Do any of these terms require further definition? If so, how should they be defined? Should any alternatives be used and, if so, how should such substitute terms be defined?

    d. With respect to “common beneficial ownership,” the Commission requests comment on the minimum degree of ownership in an account that should trigger a determination that such account is under common beneficial ownership. For example, should an account be deemed to be under common beneficial ownership between two unrelated persons if each person directly or indirectly has a 10% or more ownership or equity interest in such account? The Commission refers commenters to the aggregation rules in part 150 of its regulations, including specifically § 150.4, and requests comment on a potential Commission definition of common beneficial ownership that is modeled on § 150.4.

    e. The Commission also requests comment on whether “common beneficial ownership” should be defined in any final rules arising from this NPRM, or whether such definition should be left to each DCM with respect to its program for implementing proposed § 40.23.

    91. Are there any other types of self-trading that should be permitted in addition to the exceptions permitted in § 40.23(b)(1) and (2)? If so, please describe such other types of acceptable self-trading and explain why they should be permitted.

    92. Proposed § 40.23 provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to prevent unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the account that should be prohibited from trading from each other, so long as this goal is met. Should any other identification methods be permitted in § 40.23? For example, please comment on whether the opposite approach is preferable: market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other).

    93. The Commission believes that its requirements concerning self-trade prevention tools must strike the appropriate balance between flexibility (allowing market participants with diverse trading operations and strategies the discretion in implementation so as effectively prevent only unintentional self-trades) and simplicity (a variety of design and implementation options may render this control too complex to be effective). [550] Does the Commission allow sufficient discretion to exchanges and market participants in the design and implementation of self-trade prevention tools? Is there any area where the Commission should be more prescriptive? The Commission is particularly interested in whether there is a particular level at which it should require implementation of self-trade prevention tools, i.e., if the tools must prevent matching of orders from the same trading firm, the same trader, the same trading algorithm, or some other level.

    94. Proposed § 40.23(a) would require DCMs to either apply, or provide and require the use of, self-trade prevention tools. Please comment whether § 40.23(a) should, in addition, permit market participants to use their own self-trade prevention tools to meet the requirements of proposed § 40.23(a), and if so, what additional regulations would ensure that DCMs are able to: Ensure that such tools are comparable to DCM-provided tools; monitor the performance of such tools; and otherwise review such tools and ensure that they are sufficiently rigorous to meet the requirements of § 40.23.

    95. Is it appropriate to require implementation of self-trade prevention tools with respect to all orders? Should such controls be mandatory for only a particular subset of orders, i.e., orders from AT Persons or orders submitted through DEA?

    96. Please comment on the requirement that DCMs disclose self-trade statistics. Is the data required to be disclosed appropriate? Is there any other category of self-trade data that DCMs should be required to disclose?

    97. Should DCMs be required to disclose the amount of unintentional self-trading that occurs each month, alongside the self-trade statistics required to be published under proposed § 40.23(d)?

    98. As noted above, the Commission understands that there is some potential for self-trade prevention tools to be used for wrongful activity that may include disruptive trading or other violations of the Act or Commission regulations on DCMs. Are there ways to design self-trade prevention tools so that they do not facilitate disruptive trading (such as spoofing) or other violations of the Act or Commission regulations on DCMs? Are additional regulations warranted to ensure that such tools are not used to facilitate such activities?

    R. DCM Market Maker and Trading Incentive Programs—§§ 40.25-40.28

    Proposed §§ 40.25-40.28 would require DCMs to provide additional public information regarding their market maker and trading incentive programs, restrict certain types of payments by DCMs in connection with such programs, and require DCMs to perform surveillance of such programs to prevent abusive practices. The remainder of this section presents a description of the proposed regulation, a discussion of the policy justification for the proposal, and a request for comments on the proposal.

    1. Policy Discussion

    Although not discussed in the Concept Release, the Commission has determined to address in Regulation AT certain aspects of DCM market maker and trading incentive programs that it believes are particularly relevant in the context of automated trading. [551] Formal market making and incentive programs were not common in the days of pit trading. In the modern trading environment, DCM trading incentive programs (which may also be called a liquidity provider program) typically compensate one or more market participants with financial or non-financial incentives or benefits for meeting certain volume thresholds or providing liquidity. A market maker program (which may also be called, for example, a market specialist, designated market maker, lead market maker, or liquidity provider program) is a more focused offering that involves a contractual agreement between the DCM and a market participant. It typically compensates one or more market participants with financial or non-financial incentives or benefits for fulfilling certain affirmative obligations in a particular product or products, such as maintaining two way prices and volumes or a pre-determined minimum bid/ask spread for a specified period of the trading day.

    The number of such programs self-certified to the Commission has risen sharply in recent years, as has the complexity of the programs and size of the incentives. In 2010, 56 market maker and incentive programs were self-certified by DCMs; in 2013, DCMs had self-certified 341 programs, an increase by over 600 percent compared to the number of programs self-certified by DCMs in 2010. In 2012, nearly every contract at one DCM was part of a market maker or incentive program, including highly liquid contracts.

    The Commission understands that DCMs have launched market making and other incentive programs to encourage liquidity provisioning and order flow to their electronic trading platforms. While the Commission does not object to such goals, the Commission's proposed regulations in §§ 40.25-40.28 reflect its concern that market maker and trading incentive programs could have the potential to spur market participants to trade in ways designed to collect program benefits, independently of any contribution they may be making to liquidity or price discovery. Such practices may potentially also lead to abusive trading practices in violation of DCM and Commission rules. Notably for purposes of Regulation AT, market participants using ATSs can magnify these concerns in several respects. First, the automation and speed of ATSs can allow market participants to quickly reach market-maker or trading incentive program thresholds, depending on the liquidity of a market and threshold levels. Second, the trading strategies pursued through ATSs can sometimes result in a large number of trades between the same ATS or between two or more ATSs owned or controlled by the same market participants. In this regard, the Commission is also proposing new § 40.23 to help prevent self-trading on DCMs, and provide market participants with greater transparency around DCM depth and liquidity when self-trading does occur. [552]

    Proposed §§ 40.25-40.28 will further the Commission's policy objectives in three key areas: (1) Transparency; (2) market integrity; and (3) effective self-regulation by all DCMs. The proposed regulations would further transparency through proposed §§ 40.25 and 40.26, which would require greater disclosure of information to the public and to the Commission regarding market maker and trading incentive programs. Together with proposed amendments to the definition of “rule” in § 40.1(i) to explicitly include market maker and trading incentive programs, the proposed regulations would also help eliminate any potential ambiguity that may exist regarding the Commission's authority over such programs. [553] Proposed § 40.25 will enhance the types of information that DCMs should expect to provide the Commission when requesting approval or self-certifying market-maker or trading incentive programs, and will also require that information regarding market-maker and trading incentive programs be easily located on a DCM's Web site.

    The Commission notes that in June 2012 it adopted core principles and final rules modernizing the regulatory regime applicable to all DCMs (“DCM Final Rules”). The DCM Final Rules emphasized DCMs' obligations as the front-line regulators of their markets, including extensive trade practice and market surveillance responsibilities. In addition, the Commission codified new requirements that a DCM offer its “members [and] persons with trading privileges . . . with impartial access to its markets and services,” including: (1) “Access criteria that are impartial, transparent and applied in a non-discriminatory manner” and (2) “comparable fee structures . . . for equal access to, or services from” the DCM. Taken together, proposed §§ 40.25-40.28 will facilitate the Commission's oversight of DCMs' market maker and trading incentive programs, and will also help the Commission ensure that market maker and trading incentive programs are in compliance with Commission rules regarding trade practice and market surveillance and impartial access requirements.

    Importantly, the proposed regulations would promote market integrity by requiring in proposed § 40.27(a) that DCMs implement policies and procedures reasonably designed to prevent payment of market maker or trading incentive program benefits for self-trades. In this regard, the proposed regulations are designed to ensure that market maker or trading incentive programs do not incentivize abusive, manipulative, or disruptive trading practices, and also do not encourage or facilitate behavior that distorts markets and give the appearance of false market depth. Proposed § 40.28 clarifies DCMs' surveillance obligations regarding market maker or trading incentive programs and their participants. Separately, the Commission believes that proposed §§ 40.25-40.28 will also provide DCMs and market participants with greater certainty as to what types of trading incentive and market maker programs are inappropriate. The proposed regulations are described in detail below. The proposed rules will work in conjunction with the proposed amendments to the definition of “rule” in proposed § 40.1(i) to explicitly include market maker and trading incentive programs.

    In sum, the Commission's proposed amendments to § 40.1(i) and new §§ 40.25-40.28 will increase transparency around DCM market-maker and trading incentive programs, underline existing regulatory expectations, and introduce basic safeguards in the conduct of such programs. The proposed regulations would make clear that market-maker and trading incentive programs are “rules” for purposes of part 40, and establish information and disclosure requirements when DCMs request Commission approval or self-certify new rules pursuant to part 40. They would also make clear that DCMs' existing surveillance responsibilities in part 38 apply equally to market-maker and trading incentive programs. Finally, the proposed regulations would codify the Commission's expectation that DCM market-maker and trading incentive programs should not provide payments or incentives for market-maker or trading activity between accounts under common ownership.

    2. Description of Regulations

    Proposed §§ 40.25-40.28 would require DCMs to provide additional public information regarding their market maker and trading incentive programs. Proposed § 40.25(a) would require that, when submitting a rule regarding a market maker or trading incentive program pursuant to § 40.5 or § 40.6, a DCM must, in addition to information required by such sections, include specific additional information in its public rule filing. [554] Additional information to be provided would include: (1) The name of the market maker program or trading incentive program, the date on which it will begin, and the date on which it will terminate (if applicable); (2) an explanation of the specific purpose for the program; (3) a list of the product(s) the trading of which is eligible for benefits under the market maker or trading incentive program, and list of the potential service(s) rendered by a market participant to which the market maker or trading incentive program applies (e.g., trading at certain hours; trading originating from certain geographic zones; trading originating with certain types or categories or market participants; or the bid/ask spread to be maintained by a market participant); (4) a description of any eligibility criteria or categories of market participants defining who may participate in the program; (5) for any market maker or trading incentive program that is not open to all market participants, an explanation of why the program is limited to the chosen eligibility criteria or categories of market participants, and an explanation of how such limitation complies with the impartial access and comparable fee structure requirements of § 38.151(b) for DCMs; (6) an explanation of how persons eligible for the market maker or trading incentive program may apply to participate, and how eligibility will be evaluated by the DCM; (7) a description of any payments, incentives, discounts, considerations, inducements or other benefits that program participants may receive, including any non-financial incentives (non-financial incentives may include, for example, enhanced trading priorities or preferential access to market data, including order and trade data); (8) a description of the obligations, benchmarks, or other measures that a participant in a market maker or trading incentive program must meet to receive the benefits described in paragraph (a)(7) of this section; and (9) a description of any legal affiliation between the DCM and any entity acting as a market maker or participating in a market maker or trading incentive program. [555] Proposed § 40.25(b) would require that, in addition to any public notice required pursuant to part 40 (including without limitation the requirements of § 40.5(a)(6) and § 40.6(a)(2)), a DCM must ensure that the information required by § 40.25(a)(1)-(8) is easily located on its public Web site during the lifetime of the market maker or trading incentive program, that is, from the time that the DCM begins accepting participants in the program through the time the program ceases operation.

    Proposed § 40.25(c) would require a DCM to notify the Commission upon the termination of a market maker or trading incentive program when such program terminates prior to the date previously notified the Commission. Any extension or renewal of a market maker or trading incentive program beyond its original termination date would require a new rule filing pursuant to this part.

    Proposed § 40.26 would require that, upon request by the Commission or the Director of the Division of Market Oversight, a DCM must provide such information and data as may be requested regarding participation in market maker or trading incentive programs offered by the DCM, including but not limited to, individual program agreements, names of program participants, benchmarks achieved by program participants, and payments or other benefits conferred upon program participants.

    Proposed § 40.27(a) would require a DCM to implement policies and procedures reasonably designed to prevent payment of market maker or trading incentive program benefits, including but not limited to payments, discounts, or other considerations, for trades between accounts that are: (1) Identified to the DCM as under common beneficial ownership pursuant to the approval process described in § 40.23(c); or (2) otherwise known to the DCM as under common ownership. [556]

    Finally, proposed § 40.28 would require that a DCM, consistent with its obligations pursuant to subpart C of part 38, must review all benefits accorded to participants in market maker and trading incentive programs, including but not limited to payments, discounts, or other considerations, to ensure that such benefits are not earned through abusive practices. The Commission notes that such determination is not intended as a substitute for DCMs' trade practice surveillance, market surveillance, and other surveillance obligations with respect to all trading.

    3. Request for Comments

    99. To what extent do market participants currently trade in ways designed primarily to collect market maker or trading incentive program benefits, rather than for risk management purposes?

    100. To what extent do that market maker and trading incentive programs currently provide benefits for self-trades? To what extent do market participants collect such benefits for self-trades?

    101. The Commission requests comment regarding whether the information proposed to be collected in § 40.25 would be sufficient for it to determine whether a DCM's market-maker or trading incentive program complies with the impartial access requirements of § 38.151(b). If additional or different information would be helpful, please identify such information.

    102. The Commission requests comment regarding whether DCMs should be required to maintain on their public Web sites the information required by proposed § 40.25(a) and (b) for an additional period beyond the end of the market maker or trading incentive program. The Commission may determine to include in any final rules arising from this NPRM a requirement that such information remain publicly available pursuant to proposed § 40.25(b) for an additional period up to six months following the end of a market maker or trading incentive program.

    103. The Commission requests comment regarding whether the text of proposed § 40.27(a) identifies with sufficient particularity the types of trades that are not eligible for payments or benefits pursuant to a DCM market-maker or trading incentive program. What amendments, if any, are necessary to clearly identify trades that are not eligible?

    104. Section 40.27(a) provides that DCMs shall implement policies and procedures that are reasonably designed to prevent the payment of market-maker or trading incentive program benefits for trades between accounts under common ownership. Are there any other types of trades or circumstances under which the Commission should also prohibit or limit DCM market-maker or trading incentive program benefits?

    105. The Commission is proposing in § 40.27(a) certain requirements regarding DCM payments associated with market maker and trading incentive programs. Please address whether the proposed rules will diminish DCMs' ability to compete or build liquidity by using market maker or trading incentive programs. Does any DCM consider it appropriate to provide market maker or trading incentive program benefits for trades between accounts known to be under common beneficial ownership?

    106. In any final rules arising from this NPRM, should the Commission also prohibit DCMs from providing trading incentive program benefits where such benefits on a per-trade basis are greater than the fees charged per trade by such DCMs and its affiliated DCO (if applicable)? The Commission also specifically requests comment on the extent, if any, to which one or more DCMs engage in this practice.

    107. Proposed § 40.25(b) imposes certain transparency requirements with respect to both market maker and trading incentive programs. The Commission requests public comment regarding:

    a. The most appropriate place or manner for a DCM to disclose the information required by proposed § 40.25(b);

    b. The benefits or any harm that may result from such transparency, including any anti-competitive effect or pro-competitive effect among DCMs or market participants;

    c. Whether transparency as proposed in § 40.25(b) is equally appropriate for both market maker programs and trading incentive programs, or are the proposed requirements more or less appropriate for one type of program over the other?

    d. Whether any of the enumerated items required to be posted on a DCM's public Web site pursuant to proposed § 40.25(b) could reasonably be considered confidential information that should not be available to the public, and if so, what process should be available for a DCM to request from the Commission an exemption from the requirements of proposed § 40.25(b) for that specific enumerated item?

    V. Related Matters Back to Top

    A. Calculation of Number of Persons Subject to Regulations

    AT Persons. The Related Matters discussion below includes a number of hourly burden estimates and cost estimates for persons subject to new or revised regulations under Regulation AT. In order to estimate the number of AT Persons, the Commission used a sample of orders sent to DCMs. This data includes new orders, modifications to orders, and cancellations of the same. Of those available to the Commission, this data set is the one most closely related to the requirements included in the proposed rules. It includes the data elements potentially generated by an algorithm, often routed through a clearing member, and accepted by the matching engine for execution. The data set includes identifiers for the firm that generated and/or routed the order to the exchange, and indicators of whether the order is associated to an automated system. Using this participant-identified data, the Commission estimated the number of unique firms actively sending in algorithmic orders to the DCMs, making them potentially subject to requirements of AT Persons.

    Some of the firms included in this count, although they use automated systems, may not fully satisfy the requirements for an AT Person, possibly making the current estimate higher than the actual number of AT Persons. For example, firms identified in the data set as submitting algorithmic orders may not be required to register with the Commission under current or proposed rules and thus would not be AT Persons (e.g., registration triggers under proposed § 1.3(x)(3)(ii) include a DEA component in addition to an Algorithmic Trading component). However, because the Commission does not historically receive the complete order book audit trail, the estimate by necessity only used a subset of all orders sent into the DCMs. To generate an accurate estimate of automated order activity, the estimate included many of the most active products on the DCMs, where participant diversity would be greatest. This analysis resulted in approximately 350 potential AT Persons. To further address AT Persons that may not be identified in its data set, the Commission increased its finding of approximately 350 potential AT Persons by 20 percent, yielding a total of 420 potential AT Persons subject to the rules proposed herein. The Commission understands and acknowledges that this could lead to estimates which are incomplete, and welcomes any comments which might provide a more complete and/or more accurate count of AT Persons. This estimate of 420 AT Persons is used for purposes of the calculations in the Related Matters discussion below.

    Floor Traders (A Component of AT Persons). As noted in section IV(E) above, the Commission proposes to require the registration of proprietary traders using DEA for Algorithmic Trading on a DCM. In order to achieve registration, the Commission proposes amending the definition of “Floor trader” in Commission Regulation 1.3(x). Newly registered floor traders would be included in the definition of AT Persons. In order to estimate the number of these firms, the Commission made use of reference information for the connection methods used by active futures trading firms. These data files include information about the characteristics of the connection, including the location where orders are generated. In order to identify direct connections, the Commission isolated those connections associated with co-location or other services likely related to DEA. These filters generated an estimate of approximately 100 potential firms that may need to register under proposed § 1.3(x)(3). This calculation did not exclude those firms which may already be registered with the Commission in some capacity. As a result, the 100 estimate is potentially higher than the actual number of floor traders that would register under the new provision.

    Clearing member FCMs and DCMs. Finally, the Commission estimated the number of clearing member FCMs and DCMs that would be subject to proposed Regulation AT. The Commission arrived at an estimate of 57 clearing member FCMs, based on the financial data for FCMs reported on the CFTC Web site. This data states that there were 57 FCMs in March 2015 that required “Customer's Segregation of Funds.”  [557] The Commission arrived at an estimate of 15 DCMs, based on the list of designated DCMs as of the date of this NPRM, as reported on the CFTC Web site. [558] This number does not include dormant or pending DCMs.

    1. Request for Comments

    108. The Commission requests comment on its calculation of the number of AT Persons, newly registered floor traders, clearing member FCMs, and DCMs that will be subject to Regulation AT.

    B. Calculation of Hourly Wage Rates Used in Related Matters

    The Related Matters discussion below estimates the cost of various regulations proposed under Regulation AT. These costs incorporate hourly wage rates derived from salary information compiled by the Securities Industry and Financial Markets Association (“SIFMA”). Specifically, the hourly wage rates are based on salaries and bonuses across different professions that are listed in the SIFMA Report on Management & Professional Earnings in the Securities Industry 2013, modified to account for an 1800-hour work-year and multiplied by 1.3 to account for overhead and other benefits. [559] The following professions and hourly wages are referenced throughout the Related Matters:

    Back to Top
    2013 SIFMA report profession and code Description of role in related matters Total mean 2012 compensation with bonus—2013 SIFMA report Hourly wage rate (rounded) 560
    Project Manager (1030) Project Manager 561 97,138 $70
    Business Analyst (Intermediate) (602) Business Analyst 562 72,650 52
    Business Analyst (Intermediate) (602) Tester 563 72,650 52
    Programmer Analyst (Senior) (1607) Developer 564 103,851 75
    Compliance Examiner (Senior) (409) Senior Compliance Examiner 565 79,992 58
    Compliance Specialist (Senior) (406) Senior Compliance Specialist 566 78,250 57
    Chief Compliance Officer (Mutual Funds/Investment Advisory Services) (413) Chief Compliance Officer 567 192,367 139
    Compliance Attorney (1103) Compliance Attorney 568 133,059 96

    C. Regulatory Flexibility Act

    The Regulatory Flexibility Act (“RFA”) requires that agencies consider whether the rules they propose will have a significant economic impact on a substantial number of small entities and, if so, provide a regulatory flexibility analysis regarding the impact. [569] A regulatory flexibility analysis or certification is typically required for “any rule for which the agency publishes a general notice of proposed rulemaking” pursuant to the notice-and-comment provisions of the Administrative Procedure Act, 5 U.S.C. 553(b). [570]

    1. FCMs and DCMs

    The Commission has previously determined that FCMs and clearing members are not small entities for purposes of the RFA. [571] The Commission has also previously determined that DCMs are not small entities for purposes of the RFA. [572] Accordingly, the Chairman, on behalf of the Commission, hereby certifies pursuant to 5 U.S.C. 605(b) that the rules proposed in Regulation AT imposing requirements on FCMs and DCMs would not have a significant economic impact on a substantial number of small entities. The Commission invites public comment on this determination.

    2. AT Persons

    Regulation AT would also impose requirements on “AT Persons,” a definition that includes: FCMs, floor brokers, SDs, MSPs, CPOs, CTAs or IBs, as well as “floor traders” as defined in proposed § 1.3(x)(3), that engage in Algorithmic Trading.

    The Commission has previously determined that FCMs, foreign brokers, SDs, MSPs, CPOs, and natural persons are not small entities for purposes of the RFA. [573] As indicated above, the Commission believes that it is likely that no natural persons will be AT Persons, given the technological and personnel costs associated with Algorithmic Trading. The Commission, pursuant to question #106 below, asks whether this assumption is correct.

    The Commission has previously decided to evaluate, within the context of a particular rule proposal, whether all or some floor brokers, floor traders, CTAs, and IBs should be considered to be small entities, and if so, to analyze the economic impact on them of any such rule. [574] In 2012, the Commission stated that it has not made a determination regarding floor traders, since all registered traders at the time were individuals, and individuals are not subject to the small entity analysis under the RFA. [575]

    Accordingly, the Commission must address whether, in the context of Regulation AT, floor brokers, floor traders, CTAs, and IBs that engage in Algorithmic Trading should be considered small entities for purposes of the RFA. As discussed below, the Commission believes that the proposed rules regarding pre-trade and other risk controls, as well as standards relating to the design, testing, and supervision of Algorithmic Trading, are already being widely implemented in industry. Accordingly, while Regulation AT would have a significant economic impact on entities that are not currently implementing such measures, based on its best understanding, the Commission believes that it would not have a significant economic impact on a substantial number of small entities. However, the Commission is not in a position to determine how many of such entities would be affected, or the extent of such impact, given the varying sizes, technological systems, and business strategies of such entities. Therefore, pursuant to 5 U.S.C. 603, the Commission offers for public comment this initial regulatory flexibility analysis addressing the impact of Regulation AT on small entities:

    i. A Description of the Reasons Why Action Is Being Considered

    The Commission is taking action because the increased use of algorithmic trading and increasingly interconnected nature of markets means that a technological malfunction or error can have widespread, significant impact on many market participants. In this time of technological change, the Commission believes that it is necessary to enact new and amended regulations requiring risk controls, testing standards and other measures that will safeguard the integrity of markets.

    ii. A Succinct Statement of the Objectives of, and Legal Basis for, the Proposals

    The objective of Regulation AT is to address the risks of algorithmic trading through a series of pre-trade risk controls and other measures that AT Persons, clearing member FCMs and DCMs must implement. The legal authority for the proposed rules is Sections 4c(a)(6), 4s(b)(4) 1a(23), 3(b) and 8a(5) of the CEA. [576]

    iii. A Description of and, Where Feasible, an Estimate of the Number of Small Entities to Which the Proposed Rules Will Apply

    The small entities to which the proposed amendments may apply are those floor brokers, floor traders (as defined in proposed § 1.3(x)(3)), CTAs and IBs that engage in Algorithmic Trading and fall within the definition of a “small entity” under the RFA, including size standards established by the Small Business Administration. [577] Each of the categories of persons discussed below would fall within the definition of “AT Persons.” As discussed in section V(A) above, the Commission estimates that approximately 420 persons will be AT Persons.

    • Floor brokers. The Commission's best understanding is that at this time, all floor brokers are natural persons. Given the technological and personnel costs associated with Algorithmic Trading, the Commission's expectation is that only entities, not natural persons, will meet the definition of “AT Person.” Accordingly, the Commission estimates that no floor brokers will be “small entities” for purposes of the RFA.
    • Floor traders. The Commission estimates that there is a maximum of 100 proprietary firms engaged in Algorithmic Trading that will be considered “floor traders” under proposed § 1.3(x)(3) of Regulation AT. See section V(A) above for a discussion of how the Commission generated this estimate.
    • CTAs. Based on NFA's registration directory, the Commission estimates that there are approximately 2,464 CTAs. [578] The Commission notes that some registered CTAs are individuals, and not all CTAs will be engaged in Algorithmic Trading. It is not feasible for the Commission to estimate what portion of the 420 AT Persons will be CTAs.
    • IBs. Based on NFA's registration directory, the Commission estimates that there are approximately 1,375 IBs. [579] The Commission notes that some registered IBs are individuals, and not all IBs will be engaged in Algorithmic Trading. It is not feasible for the Commission to estimate what portion of the 420 AT Persons will be IBs.

    Beyond the above estimates of the maximum number of floor brokers, floor traders (as defined in proposed § 1.3(x)(3)), CTAs and IBs, it is not feasible for the Commission to provide a more exact estimate of the number of small entities to which Regulation AT will apply. The Commission estimates that no floor brokers will be “small entities” for purposes of the RFA, and that a maximum of 100 proprietary firms engaged in Algorithmic Trading will be considered “floor traders” under § 1.3(x)(3) of the proposed rulemaking. The Commission estimates that the information collection will apply to no more than a total of 320 CTAs and IBs, and likely significantly less than 320. Based on the numbers described above, the Commission does not believe that a substantial number of small entities will be impacted by the information collection. Further, the definition of AT Person is limited to entities that conduct Algorithmic Trading and, the definition of new floor traders under proposed § 1.3(x)(3) is further limited to those entities with Direct Electronic Access. The Commission believes that entities with such capabilities are generally not small entities. This NPRM asks specific questions on the issue of how the proposed regulations may affect small entities, in particular, whether sole proprietorships would be considered AT Persons and whether Regulation AT requirements should vary depending on the size, sophistication or other attributes of the AT Person.

    iv. A Description of the Projected Reporting, Recordkeeping, and Other Compliance Requirements of the Rules, Including an Estimate of the Classes of Small Entities Which Will Be Subject to the Requirements and the Type of Professional Skills Necessary for Preparation of the Report or Record

    The following section discusses the projected reporting, recordkeeping, and other compliance requirements that will be imposed upon AT Persons under the proposed rules.

    • § 1.3(x)(3)—New Registration of Floor Traders

    Regulation AT would impose new registration requirements on certain entities with Direct Electronic Access as a result of the proposed amendment to the definition of “Floor trader” in Commission Regulation 1.3(x). The Commission provides detailed estimates of the costs associated with registration as a floor trader in section E below. As discussed more fully below, the Commission estimates that new registrants will incur a one-time cost of approximately $2,106 per registrant ($1,050 in application fees plus $1,056 in preparation costs). Accordingly, assuming (as discussed above) that there are 100 new registrants as Floor traders, the total one-time cost of registration would be approximately $210,600. [580]

    • § 170.18—AT Persons Must Become Members of an RFA

    Regulation AT would require all registrants that are AT Persons that are not otherwise required to become members of an RFA pursuant to §§ 170.15, 170.16, or 170.17 to become members of an RFA. Taken together, §§ 170.15, 170.16, and 170.17 require most registrants who may be considered AT Persons to become RFA members. The Commission estimates that the requirements of proposed § 170.18 will result in requiring the 100 new floor traders that will be registered pursuant § 1.3(x)(3) to become members of an RFA. The Commission estimates that the floor trader registrants will incur initial and annual RFA membership dues of $5,625. [581] Accordingly, assuming (as discussed above) that there are 100 new floor trader members, the total initial cost of RFA membership would be approximately $562,500 and the annual cost would be approximately $562,500.

    • § 1.80—Pre-Trade Risk Controls

    Based on Concept Release comments, best practices documents issued by industry or regulatory organizations, as well as existing regulations, the Commission believes that a significant number of trading firms already implement the specifically-enumerated pre-trade and other risk controls required pursuant to proposed § 1.80. For example, in its survey of member firms, PTG found the following: (i) 25 out of 26 responding firms use message and execution throttles; (ii) all 26 responding firms use maximum order size limits, either using their own technology, the exchange's technology, or some combination;  [582] and (iii) 24 out of 26 responding firms use either price collars or trading pauses. [583] As to order management controls, two comments to the Concept Release from exchanges stated that they provide an optional cancel-on-disconnect functionality. [584] Those exchanges also indicated that they provide kill switch functionality to market participants. [585] In addition, the types of controls required by proposed § 1.80 have been included in best practices documents for years, such those best practices documents issued by FIA PTG, [586] ESMA, [587] the CFTC TAC  [588] and the TMPG. [589] Finally, many trading firms that do securities trading in addition to futures trading may already have these systems in place in order to comply with the SEC's Market Access Rule, which requires brokers and dealers to have risk controls that prevent the entry of erroneous orders, by rejecting orders that exceed appropriate price or size parameters, on an order-by-order basis or over a short period of time, or that indicate duplicative orders. [590]

    Nevertheless, the Commission recognizes that there may be some trading firms within a given registration category that do not yet implement the risk controls required by Regulation AT, or that may need to upgrade their systems in order to comply with Regulation AT. Accordingly, Regulation AT would impose technology and personnel costs on this subset of trading firms; these costs would likely include both initial risk control creation costs and ongoing maintenance costs.

    The Commission provides detailed estimates of the implementation costs of risk controls in section E below. [591] The Commission considered the possibility that a trading firm already implements the controls required by proposed § 1.80, but the controls may not comply with every aspect of the regulation. In such a case, as discussed in greater detail below, the Commission estimates that it will cost an AT Person approximately $79,680 to upgrade its controls (i.e., evaluate current systems, modify or create new code, and test systems) in order to comply with § 1.80. Accordingly, assuming (as discussed above) that there are 420 AT Persons, the Commission estimates that the total industry cost to implement § 1.80 would be approximately $33,465,600.

    • § 1.81—Standards for Development, Testing and Monitoring of Algorithmic Trading Systems

    The Commission believes that most market participants and DCMs have implemented controls regarding the design, testing, and supervision of ATSs, in light of the numerous best practices and regulatory requirements promulgated in this area. These efforts include the FIA PTG's November 2010 “Recommendations for Risk Controls for Trading Firms,” FIA's March 2012 “Software Development and Change Management Recommendations,” ESMA and MiFID II guidelines and directives on the development and testing of algorithmic systems, Reg SCI requirements on the development, testing, and monitoring of SCI systems, FINRA's March 2015 Notice 15-09 on effective supervision and control practices for market participants that use algorithmic trading strategies in the equities market, IOSCO's April 2015 Consultation Report, summarizing best practices that should be considered by trading venues when developing and implementing risk mitigation mechanisms, and the Senior Supervisors Group (SSG) April 2015 Algorithmic Trading Briefing Note, which described how large financial institutions currently monitor and control for the risks associated with algorithmic trading during the trading day.

    Notwithstanding the standards described above, the Commission has calculated a maximum cost to an AT Person that has not implemented any of the design, testing, and supervision standards required by proposed § 1.81.

    Development and Testing. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(a) (development and testing of Algorithmic Trading Systems) would incur a total cost of $349,865 to implement these requirements. This cost is broken down as follows: 1 Project Manager, working for 1,707 hours (1,707 × $70 = $119,490); 2 Business Analysts, working for 853 hours (853 × $52 = $44,356); 3 Testers, working for a combined 2,347 hours (2,347 × $52 = $122,044); and 2 Developers, working for a combined 853 hours (853 × $75 = $63,975). [592]

    Monitoring. The Commission estimates that an AT Person that has not implemented any of the requirements of § 1.81(b) (monitoring of Algorithmic Trading Systems) would incur a total cost of $196,560 to implement these requirements. This cost is broken down as follows: 1 Senior Compliance Specialist, working for 2,080 hours (2,080 × $57 = $118,560); and 1 Business Analyst, working for 1,500 hours (1,500 × $52 = $78,000).

    Compliance. The Commission estimates that an AT Person that has not implemented any of the requirements of § 1.81(c) (compliance of Algorithmic Trading Systems) would incur a total cost of $174,935 to implement these requirements. This cost is broken down as follows: 1 Project Manager, working for 853 hours (853 × $70 = $59,710); 2 Business Analysts, working for a combined 427 hours (427 × $52 = $22,204); 3 Testers, working for a combined 1,173 hours (1,173 × $52 = $60,996); and 2 Developers, working for a combined 427 hours (427 × $75 = $32,025).

    Designation and Training of Staff. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(d) (designation and training of Algorithmic Trading staff) would incur a total cost of $101,600 to implement these requirements. This cost is broken down as follows: 1 Senior Compliance Specialist, working for 500 hours (500 × $57 = $28,500); 1 Project Manager, working for 500 hours (500 × $70 = $35,000); 1 Developer, working for 300 hours (300 × $75 = $22,500); and 1 Business Analyst, working for 300 hours (300 × $52 = $15,600).

    Notwithstanding these estimates, the Commission believes that proposed § 1.81 standardizes existing industry practices in this area, but does not impose additional requirements that are not already followed by the majority of market participants. As a result, the Commission does not believe that § 1.81 would impose additional costs on AT Persons.

    • § 1.83(a)—Compliance Reports Submitted by AT Persons

    Proposed § 1.83 would require AT Persons and FCMs that are clearing members for AT Persons to annually submit reports regarding their compliance with § 1.80(a) and pursuant to § 1.82(a)(1), respectively, to each DCM on which they operate. The report prepared by an AT Person pursuant to § 1.83(a) would include a description of the AT Person's pre-trade risk controls and the parameters and specific quantitative settings used for such pre-trade risk controls. Together with the annual report, each AT Person would be required to submit copies of the written policies and procedures developed to comply with § 1.81(a) and (c). The report would also be required to include a certification by the chief executive officer or chief compliance officer of the AT Person that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete.

    AT Person Compliance Reports. AT Persons will incur the cost of annually preparing and submitting the reports to their DCMs. The Commission estimates that an AT Person will incur a total annual cost of $4,240 to draft the report required by proposed § 1.83(a). This cost is broken down as follows: 1 Senior Compliance Specialist, working for 50 hours (50 × $57 per hour = $2,850) and 1 Chief Compliance Officer, working for 10 hours (10 × $139 per hour = $1,390) for a total cost of $4,240 per year. The approximately 420 AT Persons to which § 1.83(a) would apply would therefore incur a total annual cost of $1,780,800 (420 × $4,240) to prepare and submit the report required by § 1.83(a).

    • § 1.83(c)—AT Person Recordkeeping Requirements

    Proposed § 1.83(c) would require each AT Person to keep, and provide upon request to each DCM on which such AT Person engages in Algorithmic Trading, books and records regarding such AT Person's compliance with all requirements pursuant to proposed §§ 1.80 and 1.81.

    The Commission estimates that, on an initial basis, an AT Person will incur a cost of $5,130 to draft and update recordkeeping policies and procedures and make technology improvements to recordkeeping infrastructure. This cost is broken down as follows: 1 Compliance Attorney, working for 30 hours (30 × $96 = $2,880); and 1 Developer, working for 30 hours (30 × $75 = $2,250). The 420 AT Persons would therefore incur a total initial cost of $2,154,600 (420 × $5,130).

    The Commission estimates that, on an annual basis, an AT Person will incur a cost of $2,670 to ensure continued compliance with DCM recordkeeping rules relating to § 1.82 compliance, including the updating of policies and procedures and technology infrastructure, and in respond to DCM record requests. This cost is broken down as follows: 1 Compliance Attorney, working for 20 hours (20 × $96 = $1,920); and 1 Developer, working for 10 hours (10 × $75 = $750). The 420 AT Persons would therefore incur a total annual cost of $1,121,400 (420 × $2,670).

    • § 40.23(c)—Approval Requests Submitted by Market Participants re: Self-Trading Controls

    Market participants will incur costs in the event that they prepare and submit the self-trading approval requests contemplated by proposed § 40.23(c). This provision, which is discussed in more detail in section IV(Q) above, requires market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control. The Commission estimates that, on an annual basis, a market participant will incur a cost of $3,810 to prepare and submit these approval requests. This cost is broken down as follows: 1 Business Analyst, working for 30 hours (30 × $52 per hour = $1,560); and 1 Developer, working for 30 hours (30 × $75 per hour = $2,250). [593]

    The Commission cannot predict how many market participants would likely submit the approval requests contemplated by proposed § 40.23(c) on an annual basis. The Commission believes that not all market participants trading on a DCM would submit such requests. In the view of the Commission, for example, a limited subset of market participants will own two or more accounts, but operate them through “independent decision makers,” as contemplated by proposed § 40.23(b). Similarly, a limited subset of market participants will find it advantageous to incur the costs associated with the self-trading described by § 40.23(b), such as trading costs and clearing fees. In addition, the Commission believes that market participants submitting orders through Algorithmic Trading are more likely than traders submitting orders manually to inadvertently self-trade through independent decision-makers. The Commission estimates that, notwithstanding the fact that the DCM rules described in § 40.23(c) are directed to all market participants, the number of market participants that will submit the approval requests described therein are equivalent to the number of AT Persons calculated above (420). [594] On this basis, the Commission estimates that market participants will incur a total annual cost of $1,600,200 to submit the approval requests contemplated by § 40.23(c) ($3,810 per market participant × 420 market participants).

    v. An Identification, to the Extent Practicable, of All Relevant Federal Rules Which May Duplicate, Overlap or Conflict With the Rules

    The Commission is unaware of any Federal rules that could duplicate, overlap, or conflict with the proposal.

    vi. A description of any significant alternatives to the proposed rule which accomplish the stated objectives of applicable statutes and which minimize any significant impact of the proposed rule on small entities. These may include, for example, (1) the establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rule for such small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the rule, or any part thereof, for such small entities.

    A potential alternative to Regulation AT that would minimize any significant impact on small entities would be to amend or propose new rules requiring trading firms implement pre-trade and other risk controls, but limit application of such requirements to entities that would not be considered “small entities” for purposes of the RFA. However, the Commission does not believe that this is a viable alternative. A principal basis for Regulation AT's risk control requirements is that a technological malfunction or error can have a significant, detrimental impact on other market participants across Commission-regulated markets. Importantly, such a technological malfunction or error can arise from any size of firm, including a very small proprietary trading firm with few employees. In today's interconnected markets, where a small error can cause a severe disruption in minutes, it is equally important that small firms have risk controls as large firms. The Commission believes that the risk controls required by Regulation AT will help ensure that all entities—not just large entities with the most technological and financial resources—will have effective risk controls. The Commission is aware that smaller firms may have different trading strategies and technology than larger firms; accordingly, the proposed regulations allow all trading firms, including small entities, the discretion to design controls appropriate to their own business and to implement them in the most cost-effective manner.

    The Commission is also considering alternatives with respect to proposed § 1.83, which would require AT Persons to submit compliance reports to DCMs on an annual basis. Such reports would need to be submitted and certified annually by the chief executive officer or the chief compliance officer of the AT Person. Proposed § 40.22 would require DCMs to establish a program for effective periodic review and evaluation of these reports. The Commission has proposed these regulations, using the deadlines described above, because it believes they represent an appropriate balancing of the transparency and risk reduction provided by the reports against the burden placed on AT Persons and DCMs of providing and reviewing the reports. The Commission is considering the alternative of requiring AT Persons to submit such reports more or less frequently than annually. The Commission is also considering the alternatives of placing the responsibility for certifying the reports required by proposed § 1.83 only on the chief executive officer, only on the chief compliance officer, or permitting certification from other officers of the AT Person. The Commission notes that it considered the alternative of requiring additional information to be included in the § 1.83 reports, such as descriptions of how AT Persons comply with § 1.81 requirements and how clearing member FCMs comply with all § 1.82 requirements. In the interest of minimizing costs to AT Persons and clearing member FCMs, the Commission determined at this time to require, pursuant to proposed § 1.83(c) and (d), that AT Persons and clearing member FCMs instead retain and provide to DCMs books and records regarding their compliance with §§ 1.80, 1.81 and 1.82 requirements. Proposed § 40.22(d) includes a corresponding requirement that DCMs implement rules requiring AT Persons and clearing member FCMs to keep and provide such books and records.

    Finally, the Commission is considering alternatives with respect to proposed § 40.23. This proposed regulation provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to prevent unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the account that should be prohibited from trading from each other, so long as this goal is met. The Commission has considered whether other identification methods should be made available to market participants when submitting the approval requests described in § 40.23. For example, the Commission has requested comment on whether the opposite approach is preferable: Market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other).

    3. Request for Comments

    109. The Commission requests comment on each element of its RFA analysis. In particular, the Commission specifically invites comment on the accuracy of its estimates of potential firms that could be considered “small entities” for RFA purposes.

    110. The Commission also requests comment on whether any natural persons will be designated as AT Persons under the proposed definition of that term.

    D. Paperwork Reduction Act

    The Paperwork Reduction Act (“PRA”)  [595] imposes certain requirements on Federal agencies in connection with their conducting or sponsoring any collection of information as defined by the PRA. This proposed rulemaking would result in new collection of information requirements within the meaning of the PRA. The Commission therefore is submitting this proposal to the Office of Management (OMB) for review in accordance with 44 U.S.C. 3507(d) and 5 CFR 1320.11. The following requirements of this rulemaking will result in new collection of information requirements within the meaning of the PRA: § 1.83(a) would require AT Persons to submit reports to DCMs concerning compliance with § 1.80(a), as well as copies of the written policies and procedures developed to comply with § 1.81(a) and (c); § 1.83(b) would require clearing member FCMs to submit reports to DCMs concerning compliance with § 1.82(a)(1); § 1.83(c) and (d) would require AT Persons and clearing member FCMs, respectively, to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs); § 40.23(c) states that a DCM must require market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to certain types of accounts; § 40.23(d) would require that DCMs display information about percentage and ratio of self-trading. The title for this collection of information is Regulation Automated Trading. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid control number. The OMB has not yet assigned this collection a control number. As used below, “burden” means the total time, effort, or financial resources expended by persons to generate, maintain, retain, disclose or provide information to or for a federal agency.

    Additional Regulation AT requirements will amend existing collections of information. Proposed § 1.3(x)(3) (requiring certain persons with DEA to prepare and submit forms to register with the Commission) would amend existing collection of information “Registration Under the Commodity Exchange Act,” OMB Control Number 3038-0023. Proposed § 38.401(a) and (c) (requiring DCMs to publicly post information regarding certain aspects of their electronic matching platforms) and § 40.26 (permitting the Commission or the director of DMO to require certain information from DCMs regarding their market-maker or trading incentive programs) would amend existing collection of information “Core Principles and Other Requirements for DCMs,” OMB Control Number 3038-0052. Finally, proposed § 40.25 (requiring DCMs to provide the Commission with certain information regarding their market-maker and trading incentive programs when submitting such programs as rules pursuant to part 40) would amend existing collection of information “Part 40, Provisions Common to Registered Entities,” OMB Control Number 3038-0093.

    The collections of information under these proposed regulations are necessary to implement certain provisions of the CEA, as amended by the Dodd-Frank Act. Section 8a(5) of the CEA provides the Commission with authority to promulgate rules as reasonably necessary to effectuate any of the provisions or to accomplish any of the purposes of the Act, and Section 4c(a)(6) of the CEA provides rulemaking authority to prohibit disruptive trading practices. As provided in Section 3(b) of the CEA, it is the purpose of the CEA to deter and prevent price manipulation or any other disruptions to market integrity; to ensure the financial integrity of all transactions subject to this chapter and the avoidance of systemic risk; to protect all market participants from fraudulent or other abusive sales practices and misuses of customer assets; and to promote responsible innovation and fair competition among boards of trade, other markets and market participants. [596] Proposed regulations requiring registration with the Commission, submission of compliance reports to DCMs, implementation of self-trade prevention tools and increased disclosure of certain aspects of electronic matching platforms and market maker and trading incentive programs, will help prevent or mitigate technological malfunctions that will disrupt market integrity, protect market participants from fraudulent or disruptive practices, and promote fair competition among boards of trade, other markets and market participants.

    If the proposed regulations are adopted, responses to the collections of information would be mandatory. The Commission will protect proprietary information according to the Freedom of Information Act and 17 CFR part 145, “Commission Records and Information.” In addition, Section 8(a)(1) of the CEA strictly prohibits the Commission, unless specifically authorized by the CEA, from making public “data and information that would separately disclose the business transactions or market positions of any person and trade secrets or names of customers.” The Commission is also required to protect certain information contained in a government system of records according to the Privacy Act of 1974, 5 U.S.C. 552a.

    1. Information Provided by Reporting Entities/Persons

    The following is a brief description of the PRA responsibilities of various entities under Regulation AT. In summary, § 1.3(x)(3) would require certain floor traders with DEA to prepare and submit forms to register with the Commission; § 1.83(a) and (b) would require AT Persons and clearing member FCMs to submit reports to DCMs concerning compliance with § 1.80(a) and § 1.82(a)(1), respectively; § 1.83(c) and (d) would require AT Persons and clearing member FCMs, respectively, to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs); § 38.401(a) and (c) would require DCMs to publicly post information regarding certain aspects of their electronic matching platforms; § 40.23(c) states that a DCM must require market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to certain types of accounts; § 40.23(d) would require that DCMs display information about percentage and ratio of self-trading; § 40.25 would require DCMs to provide the Commission with certain information regarding their market-maker and trading incentive programs when submitting such programs as rules pursuant to part 40; and § 40.26 would permit the Commission or the director of DMO to require certain information from DCMs regarding their market-maker or trading incentive programs.

    a. § 1.3(×)(3)—Submissions by Newly Registered Floor Traders

    The Commission estimates that the proposed rules requiring certain floor traders with Direct Electronic Access to register will result in 11 hours of burden per affected entity, and 1100 burden hours in total. The Commission estimates that each affected entity will require 1 hour to prepare and submit one Form 7-R (for the entity) and 10 hours to prepare and submit 10 Forms 8-R (one form for each principal of the entity). [597] The estimated burden was calculated as follows:

    Burden: Complete Form 7-R and 8-R to register as a floor trader.

    Respondents/Affected Entities: 100 new floor traders.

    Estimated number of responses: 100.

    Estimated total burden on each respondent: 11 hours.

    Frequency of collection: One-time initial registration fee.

    Burden statement-all respondents: 100 respondents × 1 hour = 100 Burden Hours.

    The Commission estimates that a new registrant will incur a one-time cost of $96 to complete one Form 7-R and a one-time cost of $960 to complete 10 Forms 8-R. These costs represent the work of 1 Compliance Attorney per affected entity, working for 1 hour per form (a total of 11 hours × $96 = $1,056). [598] The 100 entities that will be subject to the registration requirement under § 1.3(×)(3) would therefore incur a total one-time cost of $105,600 (100 × $1,506). [599]

    b. § 1.83(a)—Compliance Reports Submitted by AT Persons to DCMs

    The Commission estimates that the proposed rules requiring AT Persons to submit annual reports regarding their pre-trade risk controls required pursuant to proposed § 1.80(a) (as well as copies of the written policies and procedures developed to comply with § 1.81(a) and (c)) to each DCM on which they operate will result (on an annual basis) in 60 hours of burden per AT Person, and 25,200 burden hours in total. The estimated burden was calculated as follows:

    Burden: Compliance reports submitted by AT Persons to DCMs.

    Respondents/Affected Entities: 420 AT Persons.

    Estimated number of responses: 420.

    Estimated total burden on each respondent: 60 hours.

    Frequency of collection: Annual.

    Burden statement-all respondents: 420 respondents × 60 hours = 25,200 Burden Hours per year.

    The Commission estimates that, on an annual basis, an AT Person will incur a cost of $4,240 to submit the compliance reports required by proposed § 1.83(a). This cost is broken down as follows: 1 Senior Compliance Specialist, working for 50 hours (50 × $57 = $2,850); and 1 Chief Compliance Officer, working for 10 hours (10 × $139 = $1,390). [600] The 420 AT Persons that will be subject to § 1.83(a) would therefore incur a total annual cost of $1,780,800 (420 ×$4,240). [601]

    c. § 1.83(b)—Compliance Reports Submitted by Clearing Member FCMs to DCMs

    The Commission estimates that the proposed rules requiring clearing member FCMs to submit annual reports (describing the clearing member FCM's program for establishing and maintaining the pre-trade risk controls required by proposed § 1.82(a)(1) for its AT Person customers in the aggregate) to each DCM on which they operate will result (on an annual basis) in 110 hours of burden per clearing member, and 6,270 burden hours in total. The estimated burden was calculated as follows:

    Burden: Compliance reports submitted by clearing member FCMs to DCMs.

    Respondents/Affected Entities: 57 clearing member FCMs.

    Estimated number of responses: 57.

    Estimated total burden on each respondent: 110 hours.

    Frequency of collection: Annual.

    Burden statement-all respondents: 57 respondents × 110 hours = 6,270 Burden Hours per year.

    The Commission estimates that, on an annual basis, a clearing member FCM will incur a cost of $7,090 to submit the compliance reports required by § 1.83(b). This cost is broken down as follows: 1 Senior Compliance Specialist, working for 100 hours (100 × $57 = $5,700); and 1 Chief Compliance Officer, working for 10 hours (10 × $139 = $1,390). [602] The 57 clearing member FCMs that will be subject to § 1.83(b) would therefore incur a total annual cost of $404,130 (57 ×$7,090). [603]

    d. § 1.83(c)—AT Person Retention and Production of Books and Records

    Initial Costs. The Commission estimates that rules pursuant to proposed § 1.83(c) requiring AT Persons to keep and provide books and records relating to §§ 1.80 and 1.81 compliance will result in initial costs of 60 hours of burden per AT Person, and 25,200 burden hours in total. The estimated burden was calculated as follows:

    Burden: Rule requiring AT Persons to keep and produce records relating to §§ 1.80 and 1.81 compliance.

    Respondents/Affected Entities: 420 AT Persons.

    Estimated total burden on each respondent: 60 hours.

    Burden statement&all respondents: 420 respondents × 60 hours = 25,200 Burden Hours initial year.

    The Commission estimates that, on an initial basis, an AT Person will incur a cost of $5,130 to draft and update recordkeeping policies and procedures and make technology improvements to recordkeeping infrastructure. This cost is broken down as follows: 1 Compliance Attorney, working for 30 hours (30 × $96 = $2,880); and 1 Developer, working for 30 hours (30 × $75 = $2,250). The 420 AT Persons would therefore incur a total initial cost of $2,154,600 (420 × $5,130).

    Annual Costs. The Commission estimates that rules pursuant to proposed § 1.83(c) requiring AT Persons to keep and provide books and records relating to §§ 1.80 and 1.81 compliance will result in annual costs of 30 hours of burden per AT Person, and 12,600 burden hours in total. The estimated burden was calculated as follows:

    Burden: Rules requiring AT Persons to keep and produce records relating to §§ 1.80 and 1.81 compliance.

    Respondents/Affected Entities: 420 AT Persons.

    Estimated number of responses: 420.

    Estimated total burden on each respondent: 30 hours.

    Frequency of collection: Intermittent.Burden statement-all respondents: 420 respondents × 30 hours = 12,600 Burden Hours per year.

    The Commission estimates that, on an annual basis, an AT Person will incur a cost of $2,670 to ensure continued compliance with the § 1.83(c) recordkeeping rules relating to § 1.82 compliance, including the updating of policies and procedures and technology infrastructure, and to respond to DCM record requests. This cost is broken down as follows: 1 Compliance Attorney, working for 20 hours (20 × $96 = $1,920); and 1 Developer, working for 10 hours (10 × $75 = $750). The 420 AT Persons would therefore incur a total annual cost of $1,121,400 (420 × $2,670).

    e. § 1.83(d)—Clearing Member FCM Retention and Production of Books and Records

    Initial Costs. The Commission estimates that rules pursuant to proposed § 1.83(d) requiring clearing member FCMs to keep and provide books and records relating to § 1.82 compliance will result in initial costs of 60 hours of burden per clearing member FCM, and 3,420 burden hours in total. The estimated burden was calculated as follows:

    Burden: Rules requiring clearing member FCMs to keep and produce records relating to § 1.82 compliance.

    Respondents/Affected Entities: 57 clearing member FCMs.

    Estimated total burden on each respondent: 60 hours.

    Burden statement-all respondents: 57 respondents × 60 hours = 3,420 Burden Hours initial year.

    The Commission estimates that, on an initial basis, a clearing member FCM will incur a cost of $5,130 to draft and update recordkeeping policies and procedures and make technology improvements to recordkeeping infrastructure. This cost is broken down as follows: 1 Compliance Attorney, working for 30 hours (30 × $96 = $2,880); and 1 Developer, working for 30 hours (30 × $75 = $2,250). The 57 clearing member FCMs would therefore incur a total initial cost of $292,410 (57 × $5,130).

    Annual Costs. The Commission estimates that that DCM rules pursuant to proposed § 1.83(d) requiring clearing member FCMs to keep and provide books and records relating to § 1.82 compliance will result in annual costs of 30 hours of burden per clearing member FCM, and 1,710 burden hours in total. The estimated burden was calculated as follows:

    Burden: Rules requiring clearing member FCMs to keep and produce records relating to § 1.82 compliance.

    Respondents/Affected Entities: 57 clearing member FCMs.

    Estimated number of responses: 57.

    Estimated total burden on each respondent: 30 hours.

    Frequency of collection: Intermittent.

    Burden statement-all respondents: 57 respondents × 30 hours = 1,710 Burden Hours per year.

    The Commission estimates that, on an annual basis, a clearing member FCM will incur a cost of $2,670 to ensure continued compliance with the § 1.83(d) recordkeeping rules relating to § 1.82 compliance, including the updating of policies and procedures and technology infrastructure, and to respond to DCM record requests. This cost is broken down as follows: 1 Compliance Attorney, working for 20 hours (20 × $96 = $1,920); and 1 Developer, working for 10 hours (10 × $75 = $750). The 57 clearing member FCMs would therefore incur a total annual cost of $152,190 (57 × $2,670).

    f. § 38.401(a) and (c)—Public Dissemination of Information by DCMs Pertaining to Electronic Matching Platforms

    The proposed amendments to regulations 38.401(a) and 38.401(c) require DCMs to publicly post information regarding certain aspects of their electronic matching platforms. DCMs should already be performing tests on their electronic matching platforms that would identify such attributes; therefore the added burden under the proposed amendments would be limited to drafting the description of such attributes and making the description available on the DCM's Web site. The Commission estimates that the proposed rules will result (on an annual basis) in 200 hours of burden per DCM, and 3,200 burden hours in total. This estimate assumes that DCMs are already compliant with the requirements to post the specifications of their electronic matching platform under current regulation 38.401(a).

    Burden: Public Dissemination of Information by DCMs—Electronic Matching Platforms.

    Respondents/Affected Entities: 15 DCMs.

    Estimated total burden on each respondent: 200 hours per year.

    Frequency of collection: Intermittent.

    Burden statement-all affected entities: 15 affected entities × 200 hours = 3,000 Burden Hours per year.

    The Commission estimates that, on an annual basis, a DCM will incur a cost of $19,200 to comply with amended § 38.401(a) and (c). This cost represents the work of 1 Compliance Attorney, working for 200 hours (200 × $96 = $19,200). [604] The 15 DCMs that will be subject to amended §§ 38.401(a) and (c) would therefore incur a total annual cost of $288,000 (15 × $19,200). [605] The Commission anticipates that this figure would decrease in subsequent years as the descriptions provided would only need to be amended to reflect changes to the electronic matching platform or the discovery of previously unknown attributes.

    g. § 40.23—Information Publicly Disseminated by DCMs Regarding Self-Trade Prevention

    Regulation AT proposes a new requirement (§ 40.23) that a DCM shall implement rules reasonably designed to prevent self-trading by market participants, except as specified in paragraph (b) of § 40.23. Section 40.23(b) states that a DCM may, in its discretion, implement rules that permit the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers. A DCM may also permit under § 40.23(b) the matching of orders for accounts under common control where such orders comply with the DCM's cross-trade, minimum exposure requirements or similar rules, and are for accounts that are not under common beneficial ownership. Section 40.23(c) states that a DCM must require market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control, on the basis that they meet the criteria of paragraph (b).

    Proposed § 40.23(d) would require that for each product and expiration month traded on a DCM in the previous quarter, the DCM must prominently display on its Web site the following information: (1) The percentage of trades in such product including all expiration months that represent self-trading approved (pursuant to paragraph (c)(2) of § 40.23) by the DCM, expressed as a percentage of all trades in such product and expiration month; (2) the percentage of volume of trading in such product including all expiration months that represents self-trading approved (pursuant to paragraph (c)(2) of § 40.23) by the DCM, expressed as a percentage of all volume in such product and expiration month; and (3) the ratio of orders in such product and expiration month whose matching was prevented by the self-trade prevention tools described in paragraph (a) of § 40.23, expressed as a ratio of all trades in such product and expiration month.

    Market Participant Approval Requests. Market participants will incur costs in the event that they prepare and submit the approval requests contemplated by proposed § 40.23(c). This provision requires market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control. The Commission estimates that § 40.23(c) will result (on an annual basis) in 60 hours of burden per market participant, and 185,340 burden hours in total. The estimated burden was calculated as follows:

    Burden: Market Participant Submission of Self-Trade Approval Requests.

    Respondents/Affected Entities: 420. [606]

    Estimated number of responses: 1 per respondent per year. Market participants may choose to submit approval requests more frequently, but regardless of how frequently market participants submit approval requests, the Commission estimates a total burden of 60 hours per market participant per year.

    Estimated total burden on each respondent: 60 hours per year.

    Burden statement—all respondents: 420 respondents × 60 hours per year = 25,200 Burden Hours per year.

    The Commission estimates that, on an annual basis, a market participant will incur a cost of $3,810 to prepare and submit the approval requests contemplated by 40.23(c). This cost is broken down as follows: 1 Business Analyst, working for 30 hours (30 × $52 per hour = $1,560); and 1 Developer, working for 30 hours (30 × $75 per hour = $2,250). [607] The estimated 420 market participants that will be subject to § 40.23(c) would therefore incur a total annual cost of $1,600,200 (420 x $3,810). [608]

    DCM Publication of Statistics Regarding Self-Trade Prevention. The Commission estimates that the requirement under proposed § 40.23(d) that DCMs publish statistics regarding self-trade prevention will result (on an annual basis) in 100 hours of burden per DCM, and 1,500 burden hours in total for all 15 DCMs. The estimated burden was calculated as follows:

    Burden: DCM Publication of Statistics Regarding Self-Trade Prevention.

    Respondents/Affected Entities: 15 DCMs.

    Estimated total burden on each affected entity: 100 hours per year for DCMs to generate and publish statistics.

    Frequency of collection: 4 DCM Web site updates per year (one per quarter).

    Burden statement-all affected entities: 15 respondents × 100 hours of DCM time per year = 1,500 Burden Hours per year.

    The Commission estimates that, on an annual basis, a DCM will incur a cost of $6,650 to publish the statistics required by proposed § 40.23(d). This cost is broken down as follows: 1 Senior Compliance Examiner, working for 50 hours (50 × $58 per hour = $2,900); and 1 Developer, working for 50 hours (50 × $75 per hour =$3,750). [609] The 15 DCMs that will be subject to § 40.23(d) would therefore incur a total annual cost of $99,750 (15 × $6,650). [610]

    h. § 40.25—Information in Public Rule Filings Provided by DCMs Regarding Market Maker and Trading Incentive Programs

    Proposed § 40.25 would require DCMs to provide the Commission with certain information regarding their market-maker and trading incentive programs when submitting such programs as rules pursuant to part 40. Among other information, DCMs would be required to provide a description of any categories of market participants or eligibility criteria limiting who may participate in the program. They would also be required to provide an explanation of the specific purpose for a market-maker or trading incentive program; a list of all products or services to which the program applies; a description of any payments, incentives, discounts, considerations, inducements or other benefits that program participants may receive; and other requirements. To ensure public transparency in market-maker and trading incentive programs, proposed § 40.25 would require DCMs to ensure that the information described above is easily located on their public Web sites.

    While proposed § 40.25 may appear on its face to require substantial new information from DCMs regarding their market-maker or trading incentive programs, the proposed rule is largely similar to existing rule filing requirements in part 40. For example, existing §§ 40.5 and 40.6 each require a DCM requesting approval or self-certifying rules to provide the Commission with the rule text; the proposed effective date or date of intended implementation; and an “explanation and analysis of the operation, purpose, and effect” of the proposed rule. Existing §§ 40.5 and 40.6 also require each DCM to provide the Commission with an assessment of the rule's “compliance with applicable provisions of the Act, including core principles, and the Commission's regulations thereunder;” and “a brief explanation of any substantive opposing views expressed to [the DCM] by governing board or committee members, members of the entity or market participants that were not incorporated into the rule . . . .” Further, these existing provisions each require a DCM to certify that the DCM posted on its public Web site a notice of pending rule or certification and to also post a copy of the DCM's submission to the Commission on the DCM's Web site.

    The Commission believes proposed § 40.25 adds important clarity to existing rule filing requirements in part 40 when such filings pertain to market-maker or trading incentive programs. However, the Commission also believes that there is significant overlap between proposed § 40.25 and existing requirements for DCMs in §§ 40.5 and 40.6. Proposed § 40.25 does not create a new category of rule filings, nor does it or require more frequent filings. For these reasons, the Commission believes that any additional Paperwork Reduction Act obligations in proposed § 40.25 will be minor per DCM.

    Burden: Information regarding market maker and trading incentive program rule filings pursuant to part 40.

    Respondents/Affected Entities: 15 DCMs.

    Estimated total burden on each affected entity: 156 hours of DCM time per year.

    Frequency of collection: Intermittent.

    Burden statement-all affected entities: 15 respondents × 156 hours of DCM time per year = 2,340 Burden Hours per year.

    i. § 40.26—Information Provided by DCMs to the Division of Market Oversight Upon Request Regarding Market Maker and Trading Incentive Programs

    Proposed § 40.26 would permit the Commission or the director of DMO to require certain information from DCMs regarding their market-maker or trading incentive programs. The Commission believes that proposed § 40.26 will impose no additional Paperwork Reduction Act burdens on DCMs. The proposed regulation permits the Commission or the director of DMO to require information from a DCM regarding the DCM's market-maker or trading incentive programs. It is a more targeted iteration of existing § 38.5, which requires a DCM to file with the Commission such “information related to its business as a designated contract market” as the Commission may require. Section 38.5 also requires a DCM upon request by the Commission or the director of DMO to file “a written demonstration” that the DCM “is in compliance with one or more core principles as specified in the request” or “satisfies its obligations under the Act,” including “supporting data, information and documents.” Proposed § 40.26 does not alter a DCM's existing obligations under § 38.5, but rather makes clear that Commission and DMO information requests may pertain specifically to market-maker and trading incentive programs. It imposes no new obligation to provide information, and does not increase the frequency which information must be provided.

    Burden: Information requests from the Commission or the Director of the Division of Market Oversight.

    Respondents/Affected Entities: 15 DCMs.

    Estimated total burden on each affected entity: 0 hours of DCM time per year.

    Frequency of collection: Intermittent.

    Burden statement-all affected entities: 15 respondents × 0 hours of DCM time per year = 0 Burden Hours per year.

    2. Information Collection Comments

    The Commission invites the public to comment on any aspect of the paperwork burdens discussed herein. Copies of the supporting statements for the collections of information from the Commission to OMB are available by visiting RegInfo.gov. Pursuant to 44 U.S.C. 3506(c)(2)(B), the Commission solicits comments in order to: (i) Evaluate whether the proposed collections of information are necessary for the proper performance of the functions of the Commission, including whether the information will have practical utility; (ii) evaluate the accuracy of the Commission's estimate of the burden of the proposed collections of information; (iii) determine whether there are ways to enhance the quality, utility, and clarity of the information proposed to be collected; and (vi) minimize the burden of the proposed collections of information on those who are to respond, including through the use of appropriate automated collection techniques or other forms of information technology.

    Those desiring to submit comments on the proposed information collection requirements should submit them directly to the Office of Information and Regulatory Affairs, OMB, by fax at (202) 395-6566, or by email at OIRAsubmissions@omb.eop.gov. Please provide the Commission with a copy of submitted comments so that all comments can be summarized and addressed in the final rule preamble. Refer to the Addresses section of this notice of proposed rulemaking for comment submission instructions to the Commission.

    E. Cost Benefit Considerations

    1. The Statutory Requirement for the Commission To Consider the Costs and Benefits of Its Actions

    Section 15(a) of the CEA requires the Commission to “consider the costs and benefits” of its actions before promulgating a regulation under the CEA or issuing certain orders. [611] Section 15(a) further specifies that the costs and benefits must be evaluated in light of the following five broad areas of market and public concern: (1) Protection of market participants and the public; (2) efficiency, competitiveness, and financial integrity of futures markets; (3) price discovery; (4) sound risk management practices; and (5) other public interest considerations. The Commission considers the costs and benefits resulting from its discretionary determinations with respect to the section 15(a) factors below. As a general matter, the Commission considers the incremental costs and benefits of these proposed rules, taking into account what it believes is industry practice given the Commission's existing regulations and industry best practices, as described below. Where reasonably feasible, the Commission has endeavored to estimate quantifiable costs and benefits. The Commission also identifies and describes costs and benefits qualitatively.

    2. Concept Release Comments Regarding Costs and Benefits

    In the Concept Release, the Commission sought comments on most of the measures now addressed by Regulation AT. Six commenters made general points on cost-benefit considerations. Specifically, FIA and CME noted that the cost of implementing risk controls varies widely. [612] FIA stated that many of the risk controls addressed in the Concept Release are already used in the futures industry and their benefit is clearly understood. [613] FIA further stated that the implementation cost to individual firms varies widely based on the systems they have and the market and products they trade. [614] Similarly, CME indicated that as to risk controls, specific costs as to development, implementation and ongoing operational figures will vary widely across the futures industry supply chain. [615] CME declined to provide detailed analysis as to its own expenditures. [616]

    CFE commented that if the Commission proposes risk control requirements, it should perform a careful cost-benefit analysis and allow DCMs at least two years to implement the controls. [617] TCL stated that most entities have the technology to address the “spirit” of the controls described in the Concept Release. [618] AFR noted that cost-benefit analysis should be based on costs and benefits to the public as a whole, not on private benefits to individual actors. [619] Finally, IATP stated that the Concept Release asked more frequently about costs of risk controls as compared to benefits of increased market stability, which can be more difficult to quantify. [620]

    3. The Commission's Cost-Benefit Consideration of Regulation AT—Baseline Point

    As a preliminary matter, the Commission notes that certain aspects of Regulation AT, as discussed below, codify existing norms and best practices of trading firms, clearing member FCMs and DCMs. In that regard, in 2013, FIA surveyed FCMs and FIA PTG member firms regarding their use of risk controls and self-trade controls and found that all or most respondents currently use such controls. [621] Comment letters to the Concept Release indicated that implementation of pre-trade and other risk controls was already widespread. Moreover, existing statutory schemes (e.g., the SEC's Market Access Rule and the CFTC's requirements relating to financial risk) means that many entities will already have systems in place relevant to the controls proposed in Regulation AT. Accordingly, as discussed below, the existing norms or best practices serve as the Commission's guide for determining the status quo baseline against which to measure the incremental costs and benefits of the proposed regulations. The Commission recognizes, however, that some individual firms currently may not be operating at industry best practice levels; for such firms costs and benefits attributable to the proposed regulations will be incremental to a lower status quo baseline. In many cases, the Commission assumes that compliance with regulations will require an upgrade to existing systems, rather than building risk control systems from scratch.

    To assist the Commission and the public in assessing and understanding the economic costs and benefits of the proposed rule, the Commission has analyzed the costs of the proposed regulations that impose additional requirements on trading firms, clearing member FCMs and DCMs above and beyond the baseline. In many instances, full quantification of the costs is not reasonably feasible because costs depend on the size, structure, and practices of trading firms, clearing member FCMs and DCMs. Within each category of entity, the size, structure and practices of such entities will vary markedly. In addition, the quantification may require information or data that the Commission does not have or was not provided in response to the Concept Release or other requests. The Commission notes that to the extent that the regulations proposed in this rulemaking results in additional costs, those costs will be realized by trading firms, clearing member FCMs and exchanges in order to protect market participants and the public. Finally, in general, full quantification of the benefits of the proposed rule is also not reasonably feasible, due to the difficulty in quantifying the benefits of a reduction in market disruptions and other significant market events due to the risk controls and other measures proposed in Regulation AT.

    4. The Commission's Cost-Benefit Consideration of Regulation AT—Cross-Border Effects

    The Commission notes that the consideration of costs and benefits below is based on the understanding that the markets function internationally, with many transactions involving U.S. firms taking place across international boundaries; with some Commission registrants being organized outside of the United States; with leading industry members typically conducting operations both within and outside the United States; and with industry members commonly following substantially similar business practices wherever located. Where the Commission does not specifically refer to matters of location, the below discussion of costs and benefits refers to the effects of the proposed rules on all activity subject to the proposed and amended regulations, whether by virtue of the activity's physical location in the United States or by virtue of the activity's connection with or effect on U.S. commerce under CEA Section 2(i). [622] In particular, the Commission notes that some AT Persons are located outside of the United States.

    5. General Request for Comment

    111. Beyond specific questions interspersed throughout its discussion, the Commission generally requests comment on all aspects of its consideration of costs and benefits, including: (a) Identification, quantification, and assessment of any costs and benefits not discussed therein; (b) whether any of the proposed regulations may cause FCMs or DCMs to raise their fees for their customers, or otherwise result in increased costs for market participants and, if so, to what extent; (c) whether any category of Commission registrants will be disproportionately impacted by the proposed regulations, and if so whether the burden of any regulations should be appropriately shifted to other Commission registrants; (d) what, if any, costs would likely arise from market participants engaging in regulatory arbitrage by restructuring their trading activities to trade on platforms not subject to the proposed regulations, or taking other steps to avoid costs associated with the proposed regulations; (e) quantitative estimates of the impact on transaction costs and liquidity of the proposals contained herein; (f) the potential costs and benefits of the alternatives that the Commission discussed in this release, and any other alternatives appropriate under the CEA that commenters believe would provide superior benefits relative to costs; (g) data and any other information to assist or otherwise inform the Commission's ability to quantify or qualitatively describe the benefits and costs of the proposed rules; and (h) substantiating data, statistics, and any other information to support positions posited by commenters with respect to the Commission's consideration of costs and benefits.

    6. The Commission's Cost-Benefit Consideration of Regulation AT—Proposed Definitions

    The Commission notes that Regulation AT proposes certain defined terms, including “AT Person,” “Algorithmic Trading,” and “Direct Electronic Access” (as an element of the revised definition of the term “Floor Trader”). While the defined terms themselves do not impose costs, the Commission recognizes that the scope of such definitions will impact the potential costs of other regulations. For example, proposed § 1.80 imposes risk control requirements on “AT Persons,” and the defined term “Algorithmic Trading” is an element of the term AT Person. The broader the definition of AT Person and Algorithmic Trading, the greater the number of firms that would be required to meet the requirements of § 1.80.

    The Commission believes its definition of AT Person is appropriate and its inclusion of “floor traders,” consistent with the proposed changes to § 1.3(x), will mean that certain currently unregistered market participants who actively trade on Commission-regulated markets will be subject to risk control requirements that will prevent or mitigate the risks of malfunctioning algorithmic trading systems. Similarly, the proposed definition of Algorithmic Trading captures such trading activity that has the potential, when there is a technological malfunction, to harm market participants and disrupt markets at a speed that is difficult to mitigate. The Commission asks questions concerning the scope of the definition of Algorithmic Trading, for example whether order routing systems should be included within such definition. The Commission acknowledges that any change made to scope of AT Person and Algorithmic Trading made in accordance with any comments received will impact the cost of regulations that use those definitions.

    7. Pre-Trade Risk Controls, Testing and Supervision of Automated Systems, Requirement To Submit Compliance Reports, and Other Related Algorithmic Trading Requirements

    a. Summary of Proposed Rules

    This section addresses the following proposed regulations: (i) The requirement that AT Persons implement pre-trade risk controls and other related measures (§ 1.80); (ii) standards for the development, testing, and monitoring of Algorithmic Trading systems by AT Persons (§ 1.81); (iii) registered futures association (“RFA”) standards for algorithmic trading systems (“ATSs”) operated by their members and clearing member FCMs with respect to customer orders originating with ATSs (§ 170.19); (iv) the requirement that AT Persons must become a member of a futures association (§ 170.18); (v) the requirement that clearing member FCMs implement pre-trade risk controls and other related measures (§ 1.82); (vi) the requirements of § 1.83, including that: AT Persons submit compliance reports to DCMs regarding their § 1.80(a)-required risk controls, as well as copies of the written policies and procedures developed to comply with § 1.81(a) and (c) (§ 1.83(a)); clearing member FCMs submit compliance reports to DCMs regarding their program for establishing and maintaining the pre-trade risk controls required by § 1.82(a)(1) for AT Person customers (§ 1.83(b)); AT Persons keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (§ 1.83(c)); and clearing member FCMs keep and provide upon request to DCMs books and records regarding their compliance with § 1.82 (§ 1.83(d)); (vii) the requirement that DCMs implement pre-trade risk controls and other related measures (§§ 38.255 and 40.20); (viii) the requirement that DCMs provide test environments where AT Persons may test their ATSs (§ 40.21); and (ix) the requirements of § 40.22, including that DCMs: implement rules requiring AT Persons and clearing member FCMs to submit compliance reports each year (§ 40.22(a) and (b)), establish a program for effective periodic review and evaluation of the reports (§ 40.22(c)), implement rules that require each AT Person to keep and provide to the DCM books and records regarding their compliance with all requirements pursuant to § 1.80 and § 1.81, and require each clearing member FCM to keep and provide to the DCM market books and records regarding their compliance with all requirements pursuant to § 1.82 (§ 40.22(d)), and require DCMs to review and evaluate, as necessary, books and records required to be kept pursuant to § 40.22(d), and the measures described therein (§ 40.22(e)).

    The pre-trade risk controls and other measures required by §§ 1.80, 1.82, 38.255, and 40.20 would require the following enumerated pre-trade risk controls: Maximum AT Order Message and execution frequencies, price parameters, and maximum order size limits. The regulations would also require certain order management controls, including kill switch and cancel-on-disconnect functionalities. Proposed § 170.19 would require an RFA to adopt certain membership rules—as deemed appropriate by the RFA—relevant to ATSs and algorithmic trading for each category of member in the RFA. Proposed § 170.18 would require all AT Persons to be registered as a member of an RFA.

    Proposed § 1.81 would require AT Persons to establish policies and procedures that accomplish a number of objectives relating to the design, testing, and supervision of Algorithmic Trading. More specifically, proposed § 1.81 would require each AT Person to: Implement written policies and procedures for the development and testing of ATSs (§ 1.81(a)); implement written policies and procedures reasonably designed to ensure that each of its ATSs is subject to continuous real-time monitoring and supervision by knowledgeable and qualified staff while such ATS is engaged in trading (§ 1.81(b)); implement written policies and procedures reasonably designed to ensure that ATSs operate in a manner that complies with the CEA and the rules and regulations thereunder, and ensure that staff are familiar with the CEA and the rules and regulations thereunder, the rules of any DCM to which such AT Person submits orders through Algorithmic Trading, the rules of any RFA of which such AT Person is a member, the AT Person's own internal requirements, and the requirements of the AT Person's clearing member FCM, in each case as applicable (§ 1.81(c)); and implement written policies and procedures to designate and train staff responsible for Algorithmic Trading (§ 1.81(d)). As a complement to the proposed design and testing requirements, proposed § 40.21 would require DCMs to provide a test environment that will enable market participants to simulate production trading and conduct exchange-based conformance testing of their Algorithmic Trading systems.

    Proposed § 1.83(a) would require AT Persons to submit annual reports to each DCM on which they operate regarding their pre-trade risk controls as required by § 1.80(a). Together with such annual reports, each AT Person would also be required to submit copies of the written policies and procedures developed to comply with § 1.81(a) and (c). Proposed § 1.83(b) would require clearing member FCMs for AT Persons to submit reports to DCMs describing their program for establishing and maintaining the pre-trade risk controls required by § 1.82(a)(1). The Commission is also proposing a new § 40.22(c) to require that each DCM that receives a report described in § 1.83 establishes a program for effective periodic review and evaluation of the reports. In addition, proposed § 1.83(c) and (d) would require AT Persons and clearing member FCMs for AT Persons to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs). The Commission is also proposing a new § 40.22(d) and (e) to require that DCMs implement rules requiring AT Persons and clearing member FCMs to keep and provide such books and records, and to require DCMs to review and evaluate such books and records, and identify and remediate any insufficient mechanisms, policies and procedures therein.

    b. Costs and Benefits

    i. § 1.80 Costs—Pre-Trade and Other Risk Controls (AT Persons)

    Based on Concept Release comments, best practices documents issued by industry or regulatory organizations, as well as existing regulations, the Commission believes that a significant number of AT Persons already implement the specifically-enumerated pre-trade and other risk controls required pursuant to proposed § 1.80. Specifically, in its survey of member firms, PTG found the following: (i) 25 out of 26 responding firms use message and execution throttles; (ii) all 26 responding firms use maximum order size limits, either using their own technology, the exchange's technology, or some combination;  [623] and (iii) 24 out of 26 responding firms use either price collars or trading pauses. [624] As to order management controls, two comments to the Concept Release from exchanges stated that they provide an optional cancel-on-disconnect functionality. [625] Those exchanges also indicated that they provide kill switch functionality to market participants. [626]

    The Commission notes that these types of controls have been included in industry best practices for years. For example, FIA PTG recommended, among other things, that trading firms implement message limits, a repeated automated execution throttle, fat-finger limits and price collars, as well as “heartbeats” with the exchange, use of exchange-provided cancel-on-disconnect functionality, and a kill button that disables the system's ability to trade and cancels all resting orders. [627] In addition, ESMA guidelines from 2012 recommended, among other things, that investment firms implement messaging traffic controls and price or size parameters. [628] The Commission also notes that the SEC's Market Access Rule, adopted in November 2010, requires brokers and dealers to have risk controls that prevent entry of erroneous orders, by rejecting orders that exceed appropriate price or size parameters, on an order-by-order basis or over a short period of time, or that indicate duplicative orders. [629] Given that many firms are registered both with the SEC and the CFTC, it is likely that there is overlap between the set of firms covered under the SEC's Market Access Rule and this Proposed Rule. Finally, in 2011, the CFTC TAC recommended, among other things, that trading firms implement message and execution throttles, maximum quantity limits, price collars, and a kill button. [630]

    The Commission also notes that, as discussed in detail above in section II.E.1, NFA has provided guidance regarding ATSs to industry participants since 2002. Such guidance includes NFA Interpretive Notice 9046, which addresses the “Supervision of the Use of Automated Order-Routing Systems” in the context of NFA's overarching supervision requirements in Compliance Rule 2-9 (Supervision). This rule and interpretive notice are widely applicable to almost all registered futures market participants and therefore apply to many AT Persons. In particular, Compliance Rule 2-9 requires each NFA member to “diligently supervise its employees and agents in the conduct of their commodity futures activities for or on behalf of the Member.” Interpretive Notice 9046, first issued in 2002 and revised in 2006, provided, among other things, that an AORS should allow the Member to set limits for each customer based on commodity, quantity, and type of order or based on margin requirements, and should allow the Member to impose limits pre-execution and to automatically block any orders that exceed those limits. In addition, the interpretive notice provided that when authorizing use of a direct access system, the Member should utilize pre-execution controls, if available, to set pre-execution limits for each customer, regardless of the nature of the customer.

    Although proposed § 1.80 is consistent with accepted industry best practices of long standing and existing Commission and SEC regulations to which many AT Persons now comply, Regulation AT's risk control requirements will impose technology and personnel costs on AT Persons. These costs include initial risk control creation costs and possibly ongoing maintenance costs. Many AT Persons already have the controls required by Regulation AT in place, and will only need to upgrade such controls to ensure compliance. To the extent some AT Persons may be outliers that do not currently implement risk controls consistent with industry best practice—a number the Commission lacks data to accurately identify and quantify—these firms would incur costs greater than “upgrade” costs. The costs to any such outlier firms would vary based on each firm's unique size, business model, technology and existing risk controls. The Commission recognizes that some firms will already have entirely compliant systems requiring no upgrade and, at the other end of the spectrum, some firms may not be currently implementing the § 1.80 required risk controls at all. Accordingly, the Commission estimates the “upgrade” costs for AT Persons to comply with Regulation AT risk control requirements, and welcomes comment on the accuracy of such estimates.

    Aside from costs to individual AT Persons in creating and maintaining the controls required by Regulation AT, in quantifying costs of § 1.80, the Commission considered that this regulation may impose general costs to the marketplace as a whole. For example, while the Commission expects that most AT Persons will only need to upgrade systems in order to comply with Regulation AT, it is possible that costs related to the implementation of new risk controls could lead to adverse effects. For example, compliance costs may cause some AT Persons to reduce, or cease, their activities in certain markets. This may result in a decrease in market liquidity, which may cause the costs of trading to increase. In order to mitigate these potential concerns, the Commission has (as discussed further in the consideration of alternatives) limited the compliance requirements to what it preliminarily believes is the minimum level needed to protect market participants and the public. In addition, as discussed in section (ii) below, the Commission believes that the standardization of risk controls may result in the provision of additional liquidity.

    Other potential costs related to risk controls are similarly hard to quantify. Kill switches aim to cease unintended message behavior, and the potential losses and disruption associated with such behavior. However, the mandatory triggering of a kill switch when not appropriate to a particular firm could also prevent the firm's legitimate, risk-reducing activity, and instead result in increased costs for such firm. This distinction emphasizes the need to appropriately calibrate risk controls on an individual basis, and the Commission has proposed rules that accommodate that need. While the Commission attempts to quantify costs to individual firms, the Commission is also aware of the broader impact of the proposed rules on markets once firms apply the proposed risk controls, including potential effects on liquidity. The Commission welcomes comments on these and other potential market-wide effects of the proposed regulations.

    In addition to the potential costs to the market as a whole discussed above, individual AT Persons may incur costs of risk control implementation, in particular the cost of upgrading systems in order to comply with the proposed regulations. Specifically, if a particular AT Person's systems are not already compliant with § 1.80, it will need to comply with the pre-trade and other risk controls in one of several ways: By internally developing such controls from scratch, upgrading existing systems, or through purchasing a risk management solution from an outside vendor. Each approach potentially has initial costs and annual ongoing costs. Based on responses to the FIA survey, industry best practice standards, and existing regulations both in Commission-regulated markets as well as SEC-regulated markets, the Commission believes that many AT Persons will be able to substantially satisfy the risk control requirements of Regulation AT with their existing systems and controls. For others, the costs of upgrading and introducing the required systems would vary considerably based on current controls and procedures, as well as particular business models. [631]

    Rather than develop or upgrade its own systems, AT Persons may choose to purchase a risk management solution from a third-party vendor, a DCM, or a clearing member FCM. These costs could similarly vary, depending on the AT Persons' current systems and controls in place, the types of trading strategies it uses, the volume and speed of its trading activity, and the pricing model utilized by the software vendor. As one example, the Commission notes that CME provides a number of risk management tools to its market participants and clearing firms. These tools include: Cancel-on-disconnect, CME Globex credit controls, a Risk Management Interface (RMI) (which allows clearing members to manage risk), drop copy, FirmSoft (the ability to view and cancel orders), a kill switch (a single step shutdown of trading activity) and self-trade prevention. [632] As another example, NASDAQ OMX Group, Inc. offers risk management tools that include fat finger price checks, maximum order quantity checks, daily accumulated quantity checks, maximum order rate per second checks, disconnect safeguards, email notifications when limits or warning levels are breached, and an administration interface that allows emergency actions. [633] Many of these mirror, or complement, risk controls included within this proposed rule.

    The Commission estimated the costs for AT Persons to comply with proposed § 1.80. In making its estimates, the Commission made several assumptions. The Commission assumes that the effort to adjust any one control (by “control,” in this context, the Commission means the pre-trade risk controls, order cancellation systems, and connectivity systems required by § 1.80) would require assessment and possible modifications to all controls. [634] The required programming changes could be applied using flexible and generalizable methods and leveraged across all algorithms. The Commission recognizes that execution speed is considered to be a significant factor in algorithmic trading, and understands that controls have the potential to impact execution speed; however, the Commission believes that requiring a base set of risk controls will, rather than further increasing speed disadvantages across market participants, partially reduce them by ensuring that no firm avoids the use of a given control to gain an advantage. Because each AT Person is unique and technological systems across AT Persons will vary, the following estimates reflect staff's best efforts, and the Commission welcomes comments on their accuracy.

    Estimate—Upgrade of Controls. The Commission considered the scenario where an AT Person already implements controls as required by proposed § 1.80, but the controls may not comply with every aspect of the regulation. In such instance, an AT Person will need to evaluate its current risk control systems to determine whether it is compliant with new regulatory requirements; modify existing code or creating new code to address any gaps between current risk control systems and new regulatory requirements; and test current systems and new code to verify correct operation and compliance. The Commission assumes that AT Persons will generally already have some code in place for the basic controls required by § 1.80, or for something similar that can be added to or modified, rather than need to build entire pre-trade systems from scratch. For example, an AT Person may have an existing library of “code blocks,” with a block being useful for multiple related purposes.

    Accordingly, the Commission estimates that an AT Person would incur a one-time cost of $79,680 to upgrade its systems to comply with proposed § 1.80. This cost is broken down as follows: 1 Project Manager, working for 320 hours (320 × $70 per hour = $22,400); 1 Business Analyst, working for 320 hours (320 × $52 per hour = $16,640); 1 Tester, working for 320 hours (320 × $52 per hour = $16,640); and 1 Developer, working for 320 hours (320 × $75 per hour = $24,000). The Commission estimates that if an AT Person already has at least some of the controls required by § 1.80, there will be no additional annual costs to maintain the modifications required to bring the systems into compliance with § 1.80. Assuming (as discussed above) that there are 420 AT Persons, the Commission estimates that the total one-time industry cost to implement § 1.80 would be approximately $33,465,600.

    The Commission notes that AT Persons could choose not to develop these controls internally, but rather may purchase a solution from an outside vendor (or DCM or clearing member FCM) in order to comply with § 1.80. The Commission welcomes comments providing estimates concerning the cost for an AT Person to use an outside vendor to comply with this proposed regulation.

    SEC Estimates. The proposing release for the SEC's Market Access Rule, which requires brokers and dealers to have risk controls in place before providing their customers with access to the market, provided compliance costs estimates. [635] The Commission's upgrade estimates are generally consistent with the cost estimates provided by the SEC. For example, the SEC estimated that it would cost a broker-dealer approximately $270,404 ($167,904 in technology personnel costs and $102,500 in hardware and software costs) to build a risk control management system from scratch and that it would cost a broker-dealer $39,401 ($27,984 for technology personnel and $11,517 for hardware and software) to substantially upgrade an existing risk control system. [636] The SEC estimated that the total annual ongoing cost to maintain an in-house risk control management system would be $47,300 per broker-dealer ($26,800 for technology personnel and $20,500 for hardware and software). [637] Finally, with respect to outsourcing such controls, the SEC estimated that a broker-dealer would pay approximately $8,000 per month ($96,000 annually) for a startup contract. [638] To be conservative, the SEC estimated the same amount for an annual ongoing cost. [639]

    The Commission notes that in addition to the general requirements of proposed § 1.80 to implement pre-trade risk controls, order cancellation systems and connectivity systems, § 1.80 imposes additional requirements relating to such controls. Regulation § 1.80(a)(2) provides requirements as to the level at which pre-trade risk controls should be set and § 1.80(a)(3) requires that natural person monitors be promptly alerted when such parameters are breached. The Commission assumes that such requirements impose no additional costs or are part of the costs described above. Establishing particular parameters of controls is a necessary part of establishing and implementing any control. In addition, as discussed below, the Commission assumes that it is already industry practice to employ a natural person to test and monitor a firm's algorithmic trading systems. Accordingly, requiring that natural person monitors at the AT Person be alerted with pre-trade risk control parameters are breached should not impose additional costs on AT Persons.

    Proposed § 1.80(d) requires each AT Person, prior to its initial use of Algorithmic Trading, to submit a message or order to a DCM's trading platform, must notify its clearing member FCM and the DCM on which it will be trading that it will engage in Algorithmic Trading. Subject to consideration of relevant comments, the Commission preliminarily believes that this requirement of this initial notification to clearing firms and DCMs will impose minimal or no costs on AT Persons. The Commission welcomes comment on the costs, if any, of this notification requirement.

    Proposed § 1.80(e) requires AT Persons to implement a DCM's self-trade prevention tools. The Commission's self-trade prevention requirements are principally directed toward DCMs, in that § 40.23 would require DCMs to apply, or provide and require the use of, self-trade prevention tools. The Commission believes that DCMs would incur the costs of developing or upgrading such tools as necessary to comply with § 40.23. To the extent that AT Persons are not already complying with DCM-provided self-trade prevention tools already used in industry, the Commission believes that the cost to an AT Person in calibrating or otherwise applying such a tool would be a minimal, involving provision of the relevant account or other necessary information in the DCM in order to apply the tool. The Commission welcomes comment on the costs, if any, to an AT Person in complying with § 1.80(e).

    Finally, proposed § 1.80(f) requires that each AT Person shall periodically review its compliance with § 1.80 to determine whether it has effectively implemented sufficient measures reasonably designed to prevent an Algorithmic Trading Event. AT Persons must take prompt action to document and remedy deficiencies in such policies and procedures. The Commission believes that this periodic review is necessary to comply with § 1.83(a), which, as discussed below, requires AT Persons to annually submit reports regarding their pre-trade risk controls required pursuant to proposed § 1.80(a) and copies of the written policies and procedures developed to comply with § 1.81(a) and (c) to each DCM on which they operate. Accordingly, the Commission believes that articulating such requirement explicitly in the final subsection of this rule will not engender costs separate from those previously discussed and considered.

    The Commission emphasizes that costs for each AT Person will vary. Finally, the Commission notes that, as indicated above, these estimates may overstate the actual costs to the industry. Based on Concept Release comments, best practices issued by industry and regulatory organizations, as well as existing regulations, the Commission believes that all or most AT Persons are already using the pre-trade and other risk controls required by proposed § 1.80. The Commission welcomes public comment on the above analysis and estimates.

    ii. § 1.80 Benefits—Pre-Trade and Other Risk Controls (AT Persons)

    Proposed § 1.80 should benefit market participants by mitigating credit, market, and operational risks faced by trading firms. Standardization of pre-trade and other risk controls is particularly critical in the context of potential outlier trading firms that have chosen not to implement appropriate risk controls in the absence of regulation. As noted above (for example, with respect to the Knight Capital incident), a technological malfunction at such a single firm can have far-reaching impact across markets and market participants. Credit, market and operational risks are mitigated through ensuring that each order accurately reflects the intentions of the participant and does not otherwise violate the CEA or Commission regulations. The pre-trade and other risk controls required by proposed § 1.80 should improve both price efficiency and price transparency in Commission-regulated markets by reducing the chances of large, unintended orders moving prices away from appropriate market values. Absent protections, unintended and erroneous trades resulting from a malfunctioning trading system could potentially expose not just the original market participant, but any participant exposed to the given market, to unexpected financial burdens as a result of price moves. These burdens may include the financial impact on market participants with open positions impacted by price moves, or market participants with market orders in the order book. In addition to these losses, and potentially uncertain trading positions, sudden, large unintentional market activity can disrupt the efficiency, competitiveness and financial integrity of the futures markets. Because much of the impact of such unintended trades is independent of connection method, it is in the individual trading firm's interest, and the interest of Commission-regulated markets as a whole, to have all types of algorithmic trading orders, regardless of access method, be subjected to sound risk controls.

    As noted, the Commission believes that proposed regulation § 1.80 standardizes existing industry practices in this area, and does not impose additional requirements beyond existing best practices that most market participants satisfy. Accordingly, the Commission notes that many of the benefits of § 1.80 are already being realized. This proposed rule, however, may serve to limit a “race to the bottom” in which certain entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. The proposed rules, by standardizing the risk controls required to be used by firms, would help ensure that the benefits of these risk controls are more evenly distributed across a wide set of market participants, and reduce the likelihood that an outlier firm without sufficient risk controls causes significant market disruption.

    Incidents like the one involving Knight Capital highlight the importance of using pre-trade and other risk control protections. Specifically, an SEC investigation found that Knight Capital did not have adequate safeguards in place to limit the risks posed by its access to the markets, and, as a result, failed to prevent the entry of millions of erroneous orders. [640] Knight Capital also failed to conduct adequate reviews of control effectiveness. [641] The SEC charged Knight Capital with multiple violations of the SEC's Market Access Rule, which included failure to have adequate controls at a point immediately prior to its submission of orders to the market, such as a control to compare orders leaving the router with those entered. [642] Knight also failed to adequately review its business activity in connection with its market access to ensure the overall effectiveness of its risk management controls and supervisory procedures. [643] As a result of these failures, the SEC found that Knight put not only themselves, but the markets in general, at risk. The Commission views prevention of disruptive events like that involving Knight Capital as an important benefit of § 1.80 that impacts all market participants and the public.

    By requiring, and standardizing, certain risk controls implemented by traders and trading firms, the Commission intends to foster a level playing field across market participants, and avoid a situation where firms with stronger risk control systems face speed disadvantages. The Commission also recognizes that in the absence of a rule requiring implementation of certain risk controls, some market participants may be compelled by competitive and economic pressures to submit orders, or allow the submission of orders, without appropriate controls to safeguard against the risks of a malfunctioning algorithm. The race for speed may reduce the incentive to add risk controls, and the absence of risk controls can magnify the effect, and cost, of errors in the high speed trading environment. In addition, the mitigation of significant system risks should help ensure market integrity and provide the investing public with greater confidence that all transactions, along with the resulting price movements, are intentional and bona fide. Regulation AT should promote investor confidence as well as enhance the fair and efficient operation of the markets.

    The Commission believes that market participants, in particular those currently using risk controls, may face a number of disadvantages due to the fact that risk controls for algorithmic trading are not standardized, and that these disadvantages may discourage market participants from providing liquidity. Market participants may be concerned about their exposure to potential losses due to Algorithmic Trading events and various market abuses in the absence of standardized risk controls and other measures. Market participants may also be concerned whether market orders and trades in fact reflect the intent of the market participants submitting them. The Commission thus expects, subject to consideration of comments, that standardization of risk control requirements for all AT Persons via Regulation AT will reduce such costs and trading disincentives for market participants arising from Algorithmic Trading events and market abuses. The Commission also expects, subject to consideration of comments, that standardization will reduce unexpected costs that market participants currently experience when unfavorable price movements occur due to the behavior of another market participant's faulty algorithm. As a result, the Commission, subject to consideration of comments, views the proposed standardized risk controls as a tool likely to encourage AT Persons and other market participants to provide additional liquidity, mitigating the potential negative impact on market liquidity from certain costs associated with Regulation AT, as previously discussed in section (i) above.

    iii. § 1.81 Costs—Development, Testing and Supervision of Algorithmic Systems (AT Persons)

    The Commission believes that most market participants and DCMs have implemented controls regarding the design, testing, and supervision of Algorithmic Trading systems, in light of the numerous best practices and regulatory requirements promulgated in this area. For this fully compliant majority, the codification of such standards in proposed § 1.81 should not engender additional costs. For any market participants that are not fully compliant, some additional costs may be expected. These efforts include the FIA PTG's November 2010 “Recommendations for Risk Controls for Trading Firms,” FIA's March 2012 “Software Development and Change Management Recommendations,” ESMA and MiFID II guidelines and directives on the development and testing of algorithmic systems, SEC Regulation SCI requirements on the development, testing, and monitoring of SCI systems, FINRA's March 2015 Notice 15-09 on effective supervision and control practices for market participants that use algorithmic trading strategies in the equities market, IOSCO's April 2015 Consultation Report, summarizing best practices that should be considered by trading venues when developing and implementing risk mitigation mechanisms, and the Senior Supervisors Group (SSG) April 2015 Algorithmic Trading Briefing Note, which described how large financial institutions currently monitor and control for the risks associated with algorithmic trading during the trading day.

    The Commission has calculated an estimated maximum cost to an AT Person that has not implemented any of the design, testing, and supervision standards required by proposed § 1.81 as further described below. To the extent an AT Person is already in partial compliance with § 1.81, as the Commission believes many are likely to be, their costs should be less than the maximum described.

    Development and Testing. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(a) (development and testing of Algorithmic Trading Systems) would incur a total cost of $349,865 to implement these requirements. This cost is broken down as follows: 1 Project Manager, working for 1,707 hours (1,707 × $70 = $119,490); 2 Business Analysts, working for a combined 853 hours (853 × $52 = $44,356); 3 Testers, working for a combined 2,347 hours (2,347 × $52 = $122,044); and 2 Developers, working for a combined 853 hours (853 × $75 = $63,975). [644]

    Monitoring. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(b) (monitoring of Algorithmic Trading Systems) would incur a total cost of $196,560 to implement these requirements. This cost is broken down as follows: 1 Senior Compliance Specialist, working for 2,080 hours (2,080 × $57 = $118,560); and 1 Business Analyst, working for 1,500 hours (1,500 × $52 = $78,000). [645]

    Compliance. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(c) (compliance of Algorithmic Trading Systems) would incur a total cost of $174,935 to implement these requirements. This cost is broken down as follows: 1 Project Manager, working for 853 hours (853 × $70 = $59,710); 2 Business Analysts, working for a combined 427 hours (427 × $52 = $22,204); 3 Testers, working for a combined 1,173 hours (1,173 × $52 = $60,996); and 2 Developers, working for a combined 427 hours (427 × $75 = $32,025).

    Designation and Training of Staff. The Commission estimates that an AT Person that has not implemented any of the requirements of proposed § 1.81(d) (designation and training of Algorithmic Trading staff) would incur a total cost of $101,600 to implement these requirements. This cost is broken down as follows: 1 Senior Compliance Specialist, working for 500 hours (500 × $57 = $28,500); 1 Project Manager, working for 500 hours (500 × $70 = $35,000); 1 Developer, working for 300 hours (300 × $75 = $22,500); and 1 Business Analyst, working for 300 hours (300 × $52 = $15,600).

    Notwithstanding these estimates, the Commission believes that proposed § 1.81 standardizes existing industry practices in this area, but does not impose additional requirements that are not already followed by the majority of market participants. As a result, subject to consideration of relevant comments, the Commission preliminarily believes that regulation § 1.81 would not impose additional costs on the majority of AT Persons and that the costs imposed on AT Persons that are in partial compliance with § 1.81 will be less than the amounts described above.

    iv. § 1.81 Benefits—Development, Testing and Supervision of Algorithmic Systems (AT Persons)

    The rules proposed with respect to the design, testing, and supervision of Algorithmic Trading systems are intended to further mitigate the risk of Algorithmic Trading. In their response to the Concept Release, IATP noted that, out of all the safeguards discussing in the Release, they believed ATS testing had the greatest potential to reduce market disruptions. [646] By standardizing principles in this area, Regulation AT is intended to reduce the risk of disorderly trading, including the risk that orders will be unintentionally sent into the marketplace by a poorly designed or insufficiently supervised algorithm.

    For example, the regulations proposed under § 1.81 may reduce the risk of market disruptions such as the 2012 incident involving Knight Capital. The SEC later concluded that, among other failures, Knight Capital did not have adequate controls and procedures for code deployment and testing for its order router, did not have sufficient controls and written procedures to guide employees' responses to significant technological and compliance incidents, and did not have an adequate written description of its risk management controls. [647] Proposed § 1.81 requires written policies and procedures relating to the following: Testing of all Algorithmic Trading code and relates systems and any changes to such code and systems prior to their implementation; regular stress tests of ATSs to verify their ability to operate in the manner intended under a variety of market conditions; a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls; and procedures for documenting the strategy and design of proprietary Algorithmic Trading software used by an AT Person, among other controls. The standardization of such written policies and procedures may make disruptive events like the Knight Capital incident less likely in the future.

    As noted, the Commission believes that proposed regulation § 1.81 standardizes existing industry practices in this area, and does not impose additional requirements that are not already followed by the majority of market participants. Accordingly, the Commission notes that many of the benefits of § 1.81 are already being realized. The proposed rule would help ensure that the benefits of the required testing and supervision will be fully realized and sustained into the future.

    v. § 170.19 Costs—RFA Standards for Automated Trading and Algorithmic Trading Systems (RFAs)

    Proposed § 170.19 requires an RFA to establish and maintain a program for the prevention of fraudulent and manipulative acts and practices, the protection of the public interest, and perfecting the mechanisms of trading on designated contract markets through membership rules, as deemed appropriate by the RFA, requiring: (1) Pre-trade risk controls and other measures for ATSs; (2) standards for the development, testing, monitoring, and compliance of ATSs; (3) designation and training of algorithmic trading staff; and (4) operational risk management standards for clearing member FCMs with respect to customer orders originating with algorithmic trading systems.

    Proposed § 170.19 will impose costs on an RFA to establish and maintain a program as described in the rule. However, RFAs would only be required to adopt rules as they deem appropriate; any rulemaking pursuant to proposed § 170.19 would be entirely at the discretion of the RFA. The Commission believes that the costs to an RFA of proposed § 170.19 cannot reasonably be quantified given RFAs' complete discretion to adopt many, several, or no rules in the foreseeable future pursuant to § 170.19. In addition, relevant rulemaking by an RFA is likely to be episodic, as circumstances warranting rulemaking will typically not arise on an annual basis. With those caveats, however, for purposes of this analysis and as a basis for comment, the Commission is using its own experience to quantify the potential costs of proposed § 170.19 to an RFA on those occasions when it determines to adopt rules. For purposes of this exercise, the Commission anticipates that an RFA could potentially seek to codify industry best practices in order to establish a baseline of regulatory standardization around such practices.

    The Commission believes that the work of adopting these rules would fall primarily to legal, information technology, and compliance staff within an RFA. It estimates 450 hours of burden for an RFA to adopt rules. This includes analysis of existing industry best practices, consultation with market participants, drafting rules, further consultations, including potentially with Commission staff, and adoption of final rules. The Commission estimates a total cost of $34,200 for these efforts. This cost is broken down as follows: 2 Compliance Attorneys, working for a combined 150 hours (150 hours × $96 per hour = $14,400); 2 Developers, working for a combined 150 hours (150 hours × $75 per hour = $11,250); and 2 Senior Compliance Specialists, working for a combined 150 hours (150 hours × $57 per hour = $8,550), for a total cost of $34,200. [648]

    The Commission notes that an RFA, after familiarizing itself with relevant best practices, may determine that additional membership rules pursuant to proposed § 170.19 are unnecessary. Under those circumstances, elements of the work described above would not be required, and the total estimated cost of $34,200 would not be incurred. The Commission believes, for example, that Compliance Attorneys, Developers, and Senior Compliance Specialists could analyze best practices and determine that additional membership rules are not required after a combined 150 hours of work (50 hours of work for each professional role). The Commission estimates a total cost of $11,400 for these efforts. This cost is broken down as follows: 2 Compliance Attorneys, working for a combined 50 hours (50 hours × $96 per hour = $4,800); 2 Developers, working for a combined 40 hours (50 hours × $75 per hour = $3,750); and 2 Senior Compliance Specialists, working for a combined 50 hours (50 hours × $57 per hour = $2,850), for a total cost of $11,400. [649]

    vi. § 170.19 Benefits—RFA Standards for Automated Trading and Algorithmic Trading Systems (RFAs)

    The Commission believes that proposed § 170.19, by requiring RFAs to establish and maintain a program addressing the automated trading and algorithmic trading systems of its members, will help to advance the goals described in § 170.19: Prevention of fraudulent and manipulative acts and practices, the protection of the public interest, and perfecting the mechanisms of trading on designated contract markets.

    RFAs serve a vital regulatory function as frontline regulators of their members, which would include all AT Persons pursuant to proposed § 170.18. RFAs promulgate binding membership rules and can supplement Commission rules as appropriate. RFAs can also operate examination programs to monitor members' compliance with association rules, and can sanction members for non-compliance. The Commission believes that because RFAs have these and other tools at their disposal, RFAs are well-positioned to address rules in areas experiencing rapid evolution in market practices and technologies, including particularly §§ 1.80, 1.81, and 1.82.

    The Commission believes that the structure of proposed §§ 1.80, 1.81, and 1.82 makes it particularly appropriate to give RFAs a discretionary role in augmenting the requirements of Regulation AT for AT Persons. Proposed §§ 1.80, 1.81, and 1.82 address only a subset of potentially responsive risk controls and other measures. Each AT Person remains free to adopt additional safeguards reasonably designed to prevent an Algorithmic Trading Event given its trading strategies, technologies, or the markets in which it participates. The proposed rules also provide a degree of flexibility regarding the design, implementation, or calibration of those pre-trade risk control or other measures that are specifically required in §§ 1.80, 1.81, and 1.82, again allowing each AT Person to adapt the rules to its own trading and technology. Given the degree of flexibility embedded in these rules, RFAs will be well positioned to work with their member AT Persons to develop standards that are appropriate to each AT Person's specific trading approach and technology, and that best serve to promote the goals described in § 170.19.

    vii. § 170.18 Costs—AT Person Membership in a Registered Futures Association (AT Persons)

    Proposed § 170.18 requires each registrant that is an AT Person that is not otherwise required to be a member of an RFA pursuant to §§ 170.15, 170.16, or 170.17 to become and remain a member of at least one RFA that provides for the membership of such registrant, unless no such futures association is so registered. Proposed § 170.18 would only affect those entities that are not required to become members of an RFA pursuant to §§ 170.15, 170.16, or 170.17. Floor brokers and floor traders, who have historically been overseen by the DCMs on which they operate, are not required by §§ 170.15, 170.16, or 170.17 to become members of an RFA and would likely be the entities impacted by proposed regulation 170.18. The new membership requirements would require affected entities to pay initial and annual NFA membership dues.

    NFA charges each FCM registrant $5,625 in initial membership dues and $5,625 per year for continuing NFA membership where NFA is the SRO. The Commission estimates that membership dues for AT Person floor traders or floor brokers may also be $5,625, but that actual dues may be different than this. This is because while NFA will generally have more limited oversight responsibilities for AT Person floor traders and floor brokers, it may pass on the costs of proposed § 170.19 to AT Person members in the form of higher dues. [650] The Commission estimates that there will be approximately 100 entities that are AT Persons and will register as floor traders under the new registration requirements of § 1.3(x)(3). It is likely that these 100 entities will be the only entities that will be required to become members of an RFA pursuant to proposed regulation 170.18. Accordingly, the Commission estimates that entities affected by proposed regulation 170.18 will incur a total initial cost of about $562,500 for NFA membership dues (about $5,625 in annual membership dues per registrant, paid each year by 100 registrants) and a total annual cost of about $562,500.

    The Commission also preliminarily believes that the rule may impose certain compliance costs on affected entities. However, such costs should not be substantially different from or significantly exceed the costs associated with current Commission regulations and proposed Regulation AT generally. As discussed above, proposed § 170.18 will likely only affect those floor traders that were required to register with the Commission pursuant to § 1.3(x)(3). NFA, as the only currently registered RFA, has not to date promulgated any rules specific to floor traders or AT Persons. As a result, the only current NFA membership rules that these entities would be required to follow are those rules that are generally applicable to all NFA members. Many of these rules are general in nature and mirror current Commission regulations or those proposed in Regulation AT. Accordingly, these entities would not incur any additional general, ongoing compliance costs as a result of NFA membership.

    viii. § 170.18 Benefits—AT Person Membership in a Registered Futures Association (AT Persons)

    Because entities that are not members of an RFA are not bound by the rules of the RFA, the Commission is proposing § 170.18 to ensure that all AT Persons (including newly registered floor traders) would become members of an RFA and would therefore be subject to any membership rules promulgated by such RFA. Regulation AT proposes to establish a role for RFAs in setting the framework in which AT Persons operate. Proposed § 170.19, which is described in greater detail above, requires an RFA to adopt rules, as deemed appropriate by the RFA, requiring (i) pre-trade risk controls for ATSs; (ii) standards for the development, testing, monitoring and compliance of ATSs; (iii) designation and training of algorithmic trading staff; and (iv) operational risk management standards for clearing member FCMs with respect to customer orders originating with ATSs. The benefits of these risk controls and other measures are described in more detail throughout this section. [651]

    ix. § 1.82 Costs—Pre-Trade and Other Risk Controls (FCMs)

    Based on Concept Release comments, best practices documents issued by industry or regulatory organizations, as well as existing regulations, the Commission believes that clearing member FCMs already implement the specifically-enumerated pre-trade and other risk controls required pursuant to proposed § 1.82. Specifically, in its survey of FCMs, FIA found that all responding firms used message and execution throttles, maximum order sizes, price collars, and order cancellation capabilities, including a kill switch, either administered internally or at the exchange level. [652] FIA also indicated that most DCMs provide tools to allow the FCM to set pre-trade controls for their customers, which are a prerequisite for an FCM to provide direct access to a market participant without routing orders through the FCM's infrastructure. [653] Two exchanges commented that their kill switch functionality allows clearing firms to cancel orders. [654]

    The Commission notes that these types of controls have been subject of industry best practices for years. For example, FIA's Market Access Risk Management Recommendations from 2010 recommended, among other things, that a clearing firm providing direct access to a market should implement maximum quantity limits, price banding or dynamic price limits and exchange-provided order cancellation capabilities. [655] The ESMA Guidelines from 2012 recommended that firms providing direct market access or sponsored access (as such terms are defined by ESMA)  [656] must, among other things, implement controls that limit messaging traffic and establish price and size parameters. [657]

    Nevertheless, the Commission recognizes that there could be costs associated with implementation of the risk controls in § 1.82. Specifically, for purposes of Direct Electronic Access (DEA), defined in proposed § 1.3(yyyy), if clearing members do not already use DCM-provided systems, they will need to implement additional DCM-provided systems. For non-DEA orders, clearing firms will need to internally develop such controls from scratch, upgrade existing systems, or purchase a risk management solution from an outside vendor. Each approach potentially has initial costs and annual ongoing costs, although the costs of upgrading and implementing the required systems would vary considerably based on current controls and procedures, as well as particular business models. For example, the needs of a clearing member will vary based on its current systems and controls in place, the comprehensiveness of its controls and procedures, the types of trading strategies its customers use, and the volume and speed of its customers' trading activity.

    Estimate-DEA Orders, Update to Controls. The Commission also estimated costs to a clearing member that already uses DCM-provided controls with respect to DEA orders and only needs to assess and update its implementation in order to ensure it fully complies with § 1.82. The Commission assumed that message handling already exists and little is needed to update the clearing member's systems in order to comply with § 1.82. As noted above with respect to AT Persons and compliance with § 1.80, the Commission believes that upgrading existing systems to comply with § 1.82 would involve evaluating current risk control systems to determine compliance with new regulatory requirements; modifying existing code or creating new code to address gaps between current risk control systems and new regulatory requirements; and testing current systems and new code to verify correct operation and compliance. The Commission estimates that the cost for a clearing member to assess and update its implementation of controls required by § 1.82 is $49,800. This cost is broken down as follows: 1 Project Manager, working for 200 hours (200 × $70 per hour = $14,000); 1 Business Analyst, working for 200 hours (200 × $52 per hour = $10,400); 1 Tester, working for 200 hours (200 × $52 per hour = $10,400); and 1 Developer, working for 200 hours (200 × $75 per hour = $15,000). The 57 clearing members that will be subject to § 1.82 would therefore incur a total one-time cost of $2,838,600 (57 × $49,800) to update their controls. [658] The Commission estimates that if a clearing member already implements at least some of the DCM-provided controls required by § 1.82, there will be no additional annual costs to maintain the modifications required to bring the clearing member's systems into compliance with § 1.82.

    Estimate-Non-DEA Orders, Update to Controls. The Commission also estimated costs to clearing members to comply with § 1.82's requirements with respect to non-DEA orders assuming that the clearing member already has the pre-trade and other risk controls in place, and must only update the controls to ensure that they comply with the regulation. The Commission estimates that the cost for a clearing member to assess and update its implementation of such controls is $159,360. This cost is broken down as follows: 1 Project Manager, working for 640 hours (640 × $70 per hour = $44,800); 1 Business Analyst, working for 640 hours (640 × $52 per hour = $33,280); 1 Tester, working for 640 hours (640 × $52 per hour = $33,280); and 1 Developer, working for 640 hours (640 × $75 per hour = $48,000). The 57 clearing members that will be subject to § 1.82 would therefore incur a total one-time cost of $9,083,520 (57 × $159,360) to update their controls. [659] The Commission estimates that if a clearing member already implements at least some of the DCM-provided controls required by § 1.82, there will be no additional annual costs to maintain the modifications required to bring the clearing member's systems into compliance with § 1.82.

    The Commission emphasizes that costs listed above are estimates, and it welcomes comment on their accuracy. The Commission further emphasizes that the costs for each clearing member will vary. Finally, the Commission notes that, as indicated above, these estimates may overstate the actual costs to the industry. Based on Concept Release comments, best practices issued by industry and regulatory organizations, as well as existing regulations, the Commission believes that clearing members are largely already using the pre-trade and other risk controls required by § 1.82.

    x. § 1.82 Benefits—Pre-Trade and Other Risk Controls (FCMs)

    The Commission notes that many of the benefits discussed above with respect to pre-trade and other risk controls required of trading firms pursuant to § 1.80 also apply with respect to the benefits of controls that FCMs must implement pursuant to proposed § 1.82. Specifically, requiring such controls contributes to orderly markets by preventing orders that are outside of pre-determined parameters and ensuring a level-playing field among clearing members. The benefits also include allowing clearing members to have control over the trading flow of their customers, regardless of their customers' method of access—DEA or non-DEA.

    In addition, given that different entities have differing information about the trading activities of their customers/ users, identification of unintended market behavior may be easier for certain entity types, such as trading firms. For example, with respect to trading firms that mostly trade through a single clearing member, but across a disparate set of products, these metrics may be more easily calculated at the FCM than at the DCM. To protect against the broadest set of errors, there are benefits to implementing risk controls at multiple points in the order chain, including the FCM.

    As noted, the Commission believes that proposed § 1.82 standardizes existing industry practices in this area, and some of the requirements are already followed by the majority of clearing members. Accordingly, the Commission notes that many of the benefits of § 1.82 are already being realized. This proposed rule may serve to limit a “race to the bottom” in which some entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. Thus, the proposed rule would help ensure that the benefits of the required risk controls will be fully realized.

    xi. § 1.83 Costs—AT Persons and FCM Clearing Members Must Submit Compliance Reports and Maintain Certain Books and Records

    Proposed § 1.83 would require AT Persons and FCMs that are clearing members for AT Persons to annually submit reports regarding compliance with § 1.80(a) and § 1.82(a)(1), respectively, to each DCM on which they operate. The reports prepared by AT Persons would have descriptions of the AT Person's pre-trade risk controls as required by proposed § 1.80(a). The reports prepared by FCMs that are clearing members for AT Persons would have a description of the FCM's program for establishing and maintaining the pre-trade risk controls required by proposed § 1.82(a)(1) for its AT Persons at the DCM. The reports would also be required to include a certification by the chief executive officer or chief compliance officer of the AT Person or clearing member FCM, as applicable, that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete.

    In addition, proposed § 1.83(c) and (d) would require AT Persons and clearing member FCMs for AT Persons to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs). The Commission is also proposing pursuant to § 40.22(d) that DCMs must require each AT Person to keep and provide to the DCM books and records regarding the AT Person's compliance with all §§ 1.80 and 1.81 requirements, and each clearing member FCM to keep and provide to the DCM books and records regarding such clearing member FCM's compliance with all § 1.82 requirements. The proposed recordkeeping requirements will cause AT Persons and clearing member FCMs to incur costs, as discussed below.

    AT Person Compliance Reports. AT Persons and FCMs that are clearing members of AT Persons will incur the cost of annually preparing and submitting the reports to their DCMs, as well as the written policies and procedures developed to comply with § 1.81(a) and (c). The Commission estimates that an AT Person will incur a total annual cost of $4,240 to draft the report and submit the policies and procedures as required by § 1.83(a). This cost is broken down as follows: 1 Senior Compliance Specialist, working for 50 hours (50 × $57 per hour = $2,850) and 1 Chief Compliance Officer, working for 10 hours (10 × $139 per hour = $1,390) for a total cost of $4,240 per year. The approximately 420 AT Persons to which § 1.83(a) would apply would therefore incur a total annual cost of $1,780,800 (420 × $4,240) to prepare and submit the report and written policies and procedures required by § 1.83(a).

    Clearing Member FCM Compliance Reports. The Commission further estimates that an FCM will incur a total cost annually of $7,090 to draft the report required by § 1.83(b). This cost is broken down as follows: 1 Senior Compliance Specialist, working for 100 hours (100 × $57 per hour = $5,700) and 1 Chief Compliance Officer, working for 10 hours (10 × $139 per hour = $1,390), for a total cost of $7,090 per year. The 57 FCMs to which § 1.83(b) would apply would therefore incur a total annual cost of $404,130 (57 × $7,090) to prepare and submit the report required by § 1.83(b).

    AT Person and Clearing Member FCM Retention of Books and Records. As discussed above, the Commission believes that AT Persons and clearing member FCMs already implement the risk controls, testing standards and other measures that would be required pursuant to §§ 1.80, 1.81, and 1.82. Retention of records relating to such measures is prudent business practice and the Commission anticipates that many AT Persons and clearing member FCMs already maintain some form of these records in the ordinary course of their business. Accordingly, the Commission believes that AT Persons and clearing member FCMs will adapt their current infrastructure to accommodate new DCM rules relating to recordkeeping, and AT Persons and clearing member FCMs will not have substantial expenditures related to new recordkeeping technology or re-programming existing recordkeeping technology. The Commission expects that additional expenditure related to § 1.83(c) and (d) recordkeeping requirements would be limited to the drafting and maintenance of recordkeeping policies and procedures by in-house counsel and programmer burden hours associated with recordkeeping technology improvements, as well as annual costs in ensuring that recordkeeping policies and procedures and related technology comply with DCM rules. As noted below, with respect to § 40.22(e), the Commission estimates that a DCM would find it necessary to review the books and records of approximately 10% of AT Persons and clearing member FCMs on an annual basis. The production of such records would result in additional burden hours by AT Person and clearing member FCM in-house counsel, a consideration which the Commission included in its annual cost estimates below.

    AT Person Recordkeeping Costs. The Commission estimates that, on an initial basis, an AT Person will incur a cost of $5,130 to draft and update recordkeeping policies and procedures and make technology improvements to recordkeeping infrastructure. This cost is broken down as follows: 1 Compliance Attorney, working for 30 hours (30 × $96 = $2,880); and 1 Developer, working for 30 hours (30 × $75 = $2,250). The 420 AT Persons would therefore incur a total initial cost of $2,154,600 (420 × $5,130).

    The Commission estimates that, on an annual basis, an AT Person will incur a cost of $2,670 to ensure continued compliance with DCM recordkeeping rules relating to § 1.82 compliance, including the updating of policies and procedures and technology infrastructure, and in respond to DCM record requests. This cost is broken down as follows: 1 Compliance Attorney, working for 20 hours (20 × $96 = $1,920); and 1 Developer, working for 10 hours (10 × $75 = $750). The 420 AT Persons would therefore incur a total annual cost of $1,121,400 (420 × $2,670).

    Clearing Member FCM Recordkeeping Costs. The Commission estimates that, on an initial basis, a clearing member FCM will incur a cost of $5,130 to draft and update recordkeeping policies and procedures and make technology improvements to recordkeeping infrastructure. This cost is broken down as follows: 1 Compliance Attorney, working for 30 hours (30 × $96 = $2,880); and 1 Developer, working for 30 hours (30 × $75 = $2,250). The 57 clearing member FCMs would therefore incur a total initial cost of $292,410 (57 × $5,130).

    The Commission estimates that that DCM rules pursuant to proposed § 40.22(d) requiring clearing member FCMs to keep and provide books and records relating to § 1.82 compliance will result in annual costs of 30 hours of burden per clearing member FCM, and 1,710 burden hours in total. The estimated burden was calculated as follows:

    The Commission estimates that, on an annual basis, a clearing member FCM will incur a cost of $2,670 to ensure continued compliance with DCM recordkeeping rules relating to § 1.82 compliance, including the updating of policies and procedures and technology infrastructure, and in respond to DCM record requests. This cost is broken down as follows: 1 Compliance Attorney, working for 20 hours (20 × $96 = $1,920); and 1 Developer, working for 10 hours (10 × $75 = $750). The 57 clearing member FCMs would therefore incur a total annual cost of $152,190 (57 × $2,670).

    As discussed further in the consideration of § 15(a) factors below, the Commission also acknowledges that the compliance requirements of Regulation AT could have adverse effects on small clearing firms. Any compliance costs that go beyond existing industry practice could potentially cause some FCMs to scale back operation. Thus the rule has some potential to contribute to increased concentration among clearing firms, i.e., fewer competing clearing firms.

    The Commission emphasizes that costs listed above are estimates, and it welcomes comment on their accuracy. The Commission further emphasizes that the costs for each AT Person and each FCM will vary.

    xii. § 1.83 Benefits—AT Persons and FCM Clearing Members Must Submit Compliance Reports and Maintain Certain Books and Records

    Proposed § 1.83 would require AT Persons and FCMs that are clearing members for AT Persons to annually submit reports regarding compliance with § 1.80(a) and § 1.82(a)(1), respectively, to each DCM on which they operate. Proposed § 1.83(c) and (d) would require AT Persons and clearing member FCMs, respectively, to keep and provide upon request to DCMs books and records regarding their compliance with §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs). The reports and recordkeeping proposed by § 1.83, and the review program proposed by § 40.22, will enable DCMs to have a clearer understanding of the pre-trade risk controls of all AT Persons that are engaged in Algorithmic Trading on such DCM. The proposed reports will also enable DCMs to set up the review program required by § 40.22. The review program would improve the standardization of market participants' pre-trade risk controls. The standardization of such systems and procedures should further reduce the risk that a market participant will engage in disorderly trading due to inadequate pre-trade risk controls.

    xiii. § 38.255(b) and (c) Costs—DCMs Must Provide Controls to FCMs

    As noted above with respect to proposed § 1.82, based on Concept Release comments, best practices documents issued by industry or regulatory organizations, as well as existing regulations, the Commission believes that most DCMs already have established the specifically-enumerated pre-trade and other risk controls for use by clearing members that would be required pursuant to revised § 38.255. The Commission also notes that existing § 38.607 requires that DCMs that permit direct electronic access must have in place effective systems and controls reasonably designed to facilitate an FCM's management of financial risk, such as automated pre-trade controls that enable member FCMs to implement appropriate financial risk limits. Accordingly, even if DCMs do not currently and voluntarily implement the specific controls addressing the risks of Algorithmic Trading proposed under § 38.255(b), they should already have in place similar systems addressing FCMs' management of financial risk pursuant to existing § 38.607.

    Estimate-Upgrade of Controls. With respect to a DCM that already has the controls required by § 38.255(b) in place, and only needs to update them to meet regulatory requirements (i.e., evaluate current systems, modify or create new code, and test systems), the Commission estimates that the cost to the DCM would be $155,520. This cost is broken down as follows: 1 Project Manager, working for 480 hours (480 × $70 per hour = $33,600); 1 Business Analyst, working for 480 hours (480 × $52 per hour = $24,960); 1 Tester, working for 480 hours (480 × $52 per hour = $24,960); and 2 Developers, working for a combined 960 hours (960 × $75 per hour = $72,000). Commission staff estimates that if a DCM already has at least some of the controls required by § 38.255(b), there will be no additional annual costs to maintain the modifications required to bring the systems into compliance with this regulation.

    Accordingly, the Commission estimates that the 15 DCMs that will be subject to § 38.255(b) would therefore incur a total one-time cost of $2,332,800 (15 × $155,520) to update their controls.

    The Commission believes that the above estimates would change if a DCM must upgrade its systems in order to comply with § 40.20 (discussed below). Under such circumstances, where the DCM is already upgrading controls for its own implementation pursuant to § 40.20, total cost to upgrade controls for use by FCMs pursuant to § 38.255 should decrease. The controls required by § 40.20 should include interfaces to support external interactions and expanding them to support FCMs should not have additional costs.

    The Commission emphasizes that costs listed above are estimates, and it welcomes comment on their accuracy. The Commission further emphasizes that the costs for each DCM will vary. Finally, the Commission notes that, as indicated above, these estimates may overstate the actual costs to DCMs. Based on Concept Release comments, best practices issued by industry and regulatory organizations, as well as existing regulations, the Commission believes that DCMs have largely already established and are providing to FCMs the pre-trade and other risk controls required by § 38.255(b).

    xiv. § 38.255(b) and (c) Benefits—DCMs Must Provide Controls in DEA Context

    An additional benefit to Regulation AT is the reduction of system risk in the context of Direct Electronic Access. As noted above, the Commission believes that Algorithmic Trading creates risks regardless of the method of access. Because of this, the Commission seeks to ensure that all types of trading, including through DEA, is subject to pre-trade and other risk controls. The requirements of proposed § 38.255(b) specifically address the structure of DEA, in which orders submitted by an AT Person do not flow through the clearing member FCM's infrastructure prior to submission to the DCM. Currently, credit risk in the DEA context is addressed through clearing member FCM-implemented controls provided by the DCM, as required pursuant to existing regulations §§ 38.607 and 1.73. Proposed § 38.255(b) and (c) follow a similar approach that would allow clearing members to have control over the trading flow of their DEA customers for purposes of addressing the operational risks of Algorithmic Trading. Accordingly, § 38.255(b) would contribute to orderly markets by preventing orders that are outside of pre-determined parameters and ensuring a level-playing field among clearing members.

    As noted, the Commission believes that proposed regulations § 38.255(b) and (c) standardize existing industry practices in this area, and that many of the requirements are already followed by the majority of DCMs. Accordingly, the Commission notes that many of the benefits of § 38.255(b) and (c) are already being realized. The proposed rule would help ensure that the benefits of the required risk controls will be fully realized across all DEA active participants and sustained in the future.

    xv. § 40.20 Costs—Pre-Trade and Other Risk Controls (DCMs)

    Based on Concept Release comments, best practices documents issued by industry or regulatory organizations, as well as existing regulations, the Commission believes that most DCMs already implement the specifically-enumerated pre-trade and other risk controls required pursuant to proposed § 40.20. In response to the Concept Release, CME and CFE indicated that they implement message rate limits, [660] order size limits, and price collar mechanisms. [661] In addition, they indicated that they provide an optional cancel-on-disconnect functionality  [662] and kill switch tools. [663] The Commission notes that these types of controls have been subject of industry best practices for years. For example, ESMA guidelines from 2012 recommended that trading platforms implement, among other things, throttling limits and controls filtering order price and quantity. [664] In addition, the CFTC TAC recommended in 2011 that exchanges implement, among other things, message throttles, order quantity limits, price collars, and order cancellation policies that allow clearing firms and clients to opt for automatic cancellation of order upon disconnect and provide clearing firms with a tool that allows them to view and cancel orders. [665]

    While the Commission believes that most DCMs already implement the controls required by § 40.20, it acknowledges that there may be DCMs that do not currently implement such controls, and those DCMs would incur some costs to comply with this regulation. An initial investment would be required to develop and implement processes necessary for compliance, and ongoing costs would be incurred to maintain such controls. The costs for each DCM will vary depending on the degree to which its current practices are or are not in compliance, as well as the procedures it selects and implements in order to comply. In addition, as noted above with respect to § 38.255(b) and (c), the Commission acknowledges that Regulation AT could have adverse effects on smaller DCMs. Any compliance costs that go beyond existing industry practice could potentially cause some DCMs to cease or scale back operation, and could potentially impact the entry of new DCMs.

    Estimate—Upgrade of Controls. With respect to a DCM that already has the controls required by proposed § 40.20 in place, and only needs to update them to meet regulatory requirements (i.e., evaluate current systems, modify or create new code, and test systems), the Commission estimates that the cost to the DCM would be $155,520. This cost is broken down as follows: 1 Project Manager, working for 480 hours (480 × $70 per hour = $33,600); 1 Business Analyst, working for 480 hours (480 × $52 per hour = $24,960); 1 Tester, working for 480 hours (480 × $52 per hour = $24,960); and 2 Developers, working for a combined 960 hours (960 × $75 per hour = $72,000). The Commission estimates that if a DCM already has at least some of the controls required by § 40.20, there will be no additional annual costs to maintain the modifications required to bring the systems into compliance with this regulation.

    Accordingly, the Commission estimates that the 15 DCMs that will be subject to § 40.20 would therefore incur a total one-time cost of $2,332,800 (15 × $155,520) to update their controls.

    The Commission notes that a DCM can choose not to develop these controls internally, but rather may purchase a solution from an outside vendor (or another DCM) in order to comply with § 40.20. The Commission welcomes comments providing estimates concerning the cost for a DCM to use technology solution from an outside party to comply with this proposed regulation. In addition, as discussed above, the Commission believes that the above estimates for § 40.20 would change if a DCM is simultaneously upgrading its systems in order to comply with § 38.255. Where the DCM is already upgrading controls for FCM implementation pursuant to § 38.255, the cost of upgrading controls for its own implementation pursuant to § 40.20 should decrease.

    The Commission emphasizes that costs listed above are estimates, and it welcomes comment on their accuracy. The Commission further emphasizes that the costs for each DCM will vary. Finally, the Commission notes that, as indicated above, these estimates may overstate the actual costs to DCMs. Based on Concept Release comments, best practices issued by industry and regulatory organizations, as well as existing regulations, the Commission believes that DCMs are largely already using the pre-trade and other risk controls required by § 40.20.

    xvi. § 40.20 Benefits—Pre-Trade and Other Risk Controls (DCMs)

    The Commission believes that the pre-trade risk and order management control requirements that DCMs must implement pursuant to proposed § 40.20, inasmuch as they are not currently implemented, will contribute to a system-wide reduction in operational risk, and will help standardize risk management practices across exchanges. These enhanced risk management practices should help reduce unintended market volatility and mitigate and prevent significant disruptive activity caused by algorithmic trading malfunctions.

    In addition, given that FCMs may have differing information about the trading activities of their customers/users, a DCM may be better able to identify unintended market behavior. For example, with respect to a trading firm active in a single product and using multiple clearing firms, identifying total order frequencies or inventory levels may be more easily done at the market venue. To protect against the broadest set of errors, there are benefits to implementing risk controls at multiple points in the order chain, including the DCM.

    As noted, the Commission believes that proposed § 40.20 standardizes existing industry practices in this area, and that many of the requirements are already followed by the majority of DCMs. Accordingly, the Commission notes that many of the benefits of § 40.20 are already being realized. The proposed rule would help ensure that the benefits of the required risk controls will be fully realized and sustained in the future.

    xvii. § 40.21 Costs—DCM Test Environments for AT Persons (DCMs)

    The Commission believes that the majority of DCMs have implemented test environments in which market participants may test their algorithmic systems. The Commission received comments in response to the Concept Release that “many, if not all, exchanges provide market participants a test facility to test trading software and algorithms, as well as offer test symbols to trade.”  [666] The Commission believes that most if not all DCM's already provide test environments that would comply with proposed § 40.21. As a result, subject to consideration of relevant comments, the Commission preliminarily believes that DCMs will not incur any material additional costs to comply with the proposed regulation. The Commission is therefore not estimating any costs for DCMs in connection with the proposed regulation in this discussion.

    xviii. § 40.21 Benefits—DCM Test Environments for AT Persons (DCMs)

    As noted, the Commission believes that proposed § 40.21 standardizes existing industry practices in this area, and that the requirements are already followed by the majority of DCMs. Accordingly, the Commission notes that many of the benefits of § 40.21 are already being realized. The proposed rule will help ensure that the benefits are being realized at all DCMs and sustained in the future. Proposed § 40.21 requires DCMs to provide test environments in which market participants may test their algorithmic systems. This regulation is designed to promote testing of algorithmic systems using data and market conditions that approximate as closely as possible those of a live trading environment. Such testing should enable market participants to discover potential issues in the design of their algorithmic systems that were not discovered in their own test environment, thereby mitigating the risk that algorithmic systems cause market disruptions by failing to operate as intended in the production environment. Comments received in response to the Concept Release indicate that DCMs recognize the benefit of providing such test environments to their market participants. For example, CME indicated that market participants routinely test in their own testing environments using historical data to test trading strategies against a range of market conditions, and that exchanges commonly make their own historical data available for testing purposes. CME stated that it requires all systems interfacing with CME Globex to be certified on the order entry and/or market data interfaces prior to deployment. [667] FIA also recommended the use of DCM test environments, noting in its comment letter, “We encourage DCMs to develop more robust test environments that more closely simulate trading in the production environment, and market participants to thoroughly test new and modified software in these DCM provided simulators when necessary.”  [668]

    xix. § 40.22 Costs—DCM Review of Compliance Reports (DCMs)

    Proposed § 40.22 complements the requirement under § 1.83 for AT Persons and clearing member FCMs to submit compliance reports to DCMs. Proposed 40.22(a) requires a DCM to implement rules that require each AT Person that trades on the DCM, and each FCM that is a clearing member of a DCO for such AT Person, to submit the reports described in § 1.83(a) and (b), respectively. Under proposed § 40.22(b), a DCM must require the submission of such reports by June 30th of each year. Proposed § 40.22(c) requires a DCM to establish a program for effective periodic review and evaluation of reports described in paragraph (a) of § 40.22, and of the measures described therein. An effective program must include measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies and procedures described in such reports, including identification and remediation of any inadequate quantitative settings or calibrations of pre-trade risk controls required of AT Persons pursuant to § 1.80(a).

    In addition, as a complement to the compliance report review program described above, proposed § 40.22(d) requires each AT Person to keep and provide to the DCM books and records regarding their compliance with all requirements pursuant to § 1.80 and § 1.81, and requires each clearing member FCM to keep and provide to the DCM market books and records regarding their compliance with all requirements pursuant to § 1.82. Finally, proposed § 40.22(e) requires DCMs to review and evaluate, as necessary, books and records required to be kept pursuant to § 40.22(d), and the measures described therein. An appropriate review pursuant to § 40.22(e) should include measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies, and procedures described in such books and records.

    DCM Establishment of Review Program. The Commission estimates that a DCM will incur a total one-time cost of $37,000 to establish the review program required by proposed § 40.22. This cost is broken down as follows: 1 Tester, working for 200 hours (200 × $52 per hour = $10,400); 1 Developer, working for 200 hours (200 × $75 per hour = $15,000); and 1 Senior Compliance Examiner, working for 200 hours (200 × $58 per hour = $11,600). [669] The 15 DCMs to which § 40.22 would apply would therefore incur a total one-time cost of $555,000 (15 × 37,000) to establish the review program required by § 40.22. [670]

    DCM Review of Compliance Reports (§ 40.22(c)). Proposed § 40.22(a) and (b) would require DCMs to implement rules that require AT Persons, and FCMs that are clearing members for AT Persons, to submit the reports required of AT Persons and clearing member FCMs by proposed § 1.83. Proposed § 40.22(c) requires a DCM to establish a program for effective periodic review and evaluation of reports described in paragraph (a) of § 40.22, and of the measures described therein. As discussed in section V(D)(e) above, Commission staff estimates that each DCM will review 120 reports per year pursuant to § 40.22(c). The Commission estimates that a DCM will incur a total cost of $925 to review each report required by § 40.22. This cost is broken down as follows: 1 Tester, working for 5 hours (5 × $52 per hour = $260); 1 Developer, working for 5 hours (5 × $75 per hour = $375); and 1 Senior Compliance Examiner, working for 5 hours (5 × $58 per hour = $290), for a total review cost of $925 per report. If a DCM reviews an average of 120 reports per year, a DCM would require 1,800 hours per year to review the 120 reports (15 hours × 120 reports), and would incur a cost of $111,000 per year. The 15 DCMs to which § 40.22 would apply would incur a total annual cost of $1,665,000 (15 × $111,000) to conduct such a review.

    DCM Communication of Remediation Instructions (§ 40.22(c)). Proposed § 40.22(c) states that an effective review program must include measures by the DCM reasonably designed to identify and remediate any insufficient mechanisms, policies and procedures described in such reports, including identification and remediation of any inadequate quantitative settings or calibrations of pre-trade risk controls required of AT Persons pursuant to proposed § 1.80(a). The Commission estimates that a DCM will communicate remediation instructions in connection with approximately 20% of the reports reviewed on an annual basis (or 24 reports, which is 20% of 120 reports). The Commission estimates that a DCM will incur a total cost of $925 to communicate remediation instructions for a report required by § 40.22. This cost is broken down as follows: 1 Tester, working for 5 hours (5 × $52 per hour = $260); 1 Developer, working for 5 hours (5 × $75 per hour = $375); and 1 Senior Compliance Examiner, working for 5 hours (5 × $58 per hour = $290), for a total review cost of $925 per report giving rise to remediation instructions. If a DCM provides remediation instructions in connection with 24 reports per year, a DCM would require 360 hours per year to review the 24 reports (15 hours × 24 reports), and would incur a cost of $22,200 per year. The 15 DCMs to which § 40.22(c) would apply would incur a total annual cost of $333,000 (15 × $22,200) to conduct such a review.

    DCM Review of Books and Records (§ 40.22(e)). Proposed § 40.22(d) requires each AT Person to keep and provide to the DCM books and records regarding their compliance with all requirements pursuant to §§ 1.80 and 1.81, and requires each clearing member FCM to keep and provide to the DCM market books and records regarding their compliance with all requirements pursuant to § 1.82. The cost of these obligations to AT Persons and clearing member FCMs under § 40.22(d) is discussed above in this section.

    Proposed § 40.22(e) requires DCMs to review and evaluate, as necessary, books and records required to be kept pursuant to § 40.22(d), and the measures described therein. The Commission notes that § 40.22(e) does not prescribe how frequently DCMs should perform this review, or how many AT Persons and clearing member FCMs should be evaluated on an annual basis. For purposes of generating a cost estimate, the Commission anticipates that a DCM will find it necessary to review the books and records of approximately 10% of AT Persons and clearing member FCMs on an annual basis. For example, a DCM may find it necessary to conduct such a review if: it becomes aware if an AT Person's kill switch is frequently activated, or otherwise performs in an unusual manner; if a DCM becomes aware that an AT Person's algorithm frequently performs in a manner inconsistent with its design, which may raise questions about the design or monitoring of the AT Person's algorithms; if a DCM identifies frequent trade practice violations at an AT Person, which are related to an algorithm of the AT Person; or if an AT Person represents significant volume in a particular product, thereby requiring heightened scrutiny, among other reasons. DCMs may find it appropriate to review the books and records of AT Persons and clearing member FCMs on a more or less frequent basis, depending on other relevant considerations.

    The Commission estimates that AT Persons will generally be active on half of the 15 DCMs. If a DCM reviews the books and records of 10% of AT Persons and clearing member FCMs on an annual basis, a DCM will review 24 entities on an annual basis (420 AT Persons + 57 clearing member FCMs = 477. 477/2 = 239 entities. 239 × .1 = 24). The Commission estimates that a DCM will incur a total cost of $4,620 to review the books and records of an entity pursuant to § 40.22(e). This cost is broken down as follows: 1 Senior Compliance Examiner, working for 30 hours (30 × $58 per hour = $1,740); and 1 Compliance Attorney, working for 30 hours (5 × $96 per hour = $2,880), for a total review cost of $4,620 per entity reviewed by a DCM. If a DCM reviews the books and records of 24 entities per year, a DCM would require 1,440 hours per year to review the 24 entities (60 hours × 24 entities), and would incur a cost of $110,880 per year. The 15 DCMs to which § 40.22(e) would apply would incur a total annual cost of $1,663,200 (15 × $110,880) to review such books and records.

    Total Cost to DCMs for Proposed § 40.22 Requirements. A DCM will therefore incur $133,200 ($111,000 + $22,200) on an annual basis to review all reports received at least once every two years, communicate instructions to persons whose controls the DCM has determined are insufficient, and will incur $110,880 on an annual basis to review the books and records of 24 AT Persons and clearing member FCMs. The 15 DCMs to which § 40.22 would apply would therefore incur a total annual cost of $3,661,200 ($1,665,000 + $333,000 + $1,663,200) to maintain the review program required by § 40.22.

    The Commission also acknowledges that the compliance requirements on DCMs in Regulation AT could have adverse effects on smaller DCMs. Any compliance costs that go beyond existing industry practice could potentially cause some DCMs to cease or scale back operation, and impact the entry of new DCMs.

    xx. § 40.22 Benefits—DCM Review of Compliance Reports (DCMs)

    Proposed § 40.22 is a complement to proposed § 1.83, which would require AT Persons, and FCMs that are clearing members for AT Persons, to submit reports regarding compliance with § 1.80(a) and pursuant to § 1.82(a)(1), respectively, to each DCM on which they operate, and to keep and provide upon request to DCMs books and records regarding their compliance with all §§ 1.80 and 1.81 (for AT Persons) and § 1.82 (for clearing member FCMs) requirements. New § 40.22 would require each DCM that receives a report described in § 1.83 to establish a program for effective review and evaluation of the reports. By requiring DCMs to review the reports, identify outliers, and communicate instructions to outliers in order to remediate their pre-trade risk controls, proposed § 40.22 will standardize market participants' pre-trade risk controls required pursuant to proposed § 1.80(a). Further, DCM review of compliance reports is an important safeguard to prevent trading firms, the “outliers” described above, from operating without sufficient controls. Proposed § 40.22(e) will complement the review of compliance reports, by requiring DCMs to review and evaluate, as necessary, the books and records kept by AT Persons to demonstrate their compliance with §§ 1.80 and 1.81, and the books and records kept by clearing member FCMs to demonstrate their compliance with § 1.82. A single Algorithmic Trading malfunction at a single market participant can significantly impact markets and market participants. Accordingly, all DCMs and market participants benefit from a review program that ensures that market participants conducting Algorithmic Trading have adequate pre-trade risk controls in place.

    c. Section 15(a) Factors

    This section discusses the CEA section 15(a) factors for the following proposed regulations: (i) The requirement that AT Persons implement pre-trade risk controls and other related measures (§ 1.80); (ii) standards for the development, testing, and monitoring of Algorithmic Trading systems by AT Persons (§ 1.81); (iii) RFA standards for automated trading and algorithmic trading systems of their members (§ 170.19); (iv) the requirement that AT Persons must become a member of a futures association (§ 170.18); (v) the requirement that clearing member FCMs implement pre-trade risk controls and other related measures (§ 1.82); (vi) the requirement that AT Persons submit compliance reports to DCMs regarding their risk controls and Algorithmic Trading procedures and clearing member FCMs submit compliance reports to DCMs regarding their risk control program for AT Person customers, and that AT Persons and clearing member FCMs keep and provide upon request to DCMs certain related books and records (§ 1.83); (vii) the requirement that DCMs implement pre-trade risk controls and other related measures (§§ 38.255 and 40.20); (viii) the requirement that DCMs provide test environments where AT Persons may test their Algorithmic Trading systems (§ 40.21); and (ix) the requirements of § 40.22, including that DCMs: implement rules requiring AT Persons and clearing member FCMs to submit compliance reports each year (§ 40.22(a) and (b)); establish a program for effective periodic review and evaluation of the reports (§ 40.22(c)); require each AT Person to keep and provide to the DCM books and records regarding their compliance with all requirements pursuant to §§ 1.80 and 1.81, and require each clearing member FCM to keep and provide to the DCM market books and records regarding their compliance with all requirements pursuant to § 1.82 (§ 40.22(d)); and require DCMs to review and evaluate, as necessary, books and records required to be kept pursuant to § 40.22(d), and the measures described therein (§ 40.22(e)).

    i. Protection of Market Participants and the Public

    The Commission preliminarily believes that Regulation AT would protect market participants and the public by limiting a “race to the bottom,” in which certain entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. The proposed rules, by standardizing the risk controls required to be used by firms, would help ensure that the benefits of these risk controls are more evenly distributed across a wide set of market participants, and reduce the likelihood that an outlier firm without sufficient risk controls causes significant market disruption. The requirements under proposed §§ 170.18 and 170.19 that all AT Persons be registered as a member of a futures association, and subject to an RFA program promulgating standards for automated trading and algorithmic trading systems, further promotes the standardization of risk controls. Moreover, the proposed rules, to the extent that they increase the usage of effective risk and order management controls, may reduce the likelihood that market participants execute trades at terms they do not intend. This is particularly important as to price, as market participants and members of the public rely on the prices of trades executed on DCMs, often for products not directly traded on the DCM. The requirements of proposed § 40.22, which requires DCMs to review the compliance reports and the books and records of AT Persons and clearing member FCMs, may promote protection of market participants and the public by helping to ensure that the risk control rules are followed in a consistent manner and may further reduce the likelihood of Algorithmic Trading Events and Algorithmic Trading Disruptions. Applying Regulation AT to all market levels—the trading firm, the clearing member, and the exchange—may further protect market participants and the public by providing multiple layers of protection against market disruptions. In addition, including automated order routers in the Algorithmic Trading definition may protect market participants and the public by providing these protections to a wider set of automated systems that may have the potential to disrupt the markets.

    Finally, the absence of pre-trade risk and order management controls at automated firms increases the chances for unintended trading behavior, including algorithms acting beyond their parameters or risk levels, resulting in unexpected market volatility or market disruptions (potentially across multiple market venues), distorted prices, and risks that could harm the economy and the public.

    ii. Efficiency, Competitiveness, and Financial Integrity of Futures Markets

    The Commission preliminarily believes that by addressing pre-trade risk controls, testing, and order management controls at all market levels—the trading firm, the clearing member, and the exchange—Regulation AT provides standards that can be interpreted and enforced in a uniform manner. Implementation of Regulation AT would help mitigate instabilities in the markets and ensure market efficiency and integrity. Regulation AT may serve to limit a “race to the bottom,” in which certain entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. The proposed rules, by standardizing the risk controls required to be used by firms, would help ensure that the benefits of these risk controls are more evenly distributed across a wide set of market participants, and reduce the likelihood that an outlier firm without sufficient risk controls causes significant market disruption.

    In particular, the implementation of such controls and systems would help prevent the occurrence of unintended and erroneous trades, and therefore contribute to market efficiency and integrity. For example, Regulation AT requires that trading firms, clearing members and exchanges implement maximum order size limits. That control is intended to prevent unintentionally large orders from entering the market and causing unintended executions. The Commission believes that a positive trading intention behind an execution is integral to the operations of an efficient market and to market integrity. By limiting the potential for erroneous executions, Regulation AT should enhance market efficiency and integrity by minimizing the number of trades that are subsequently broken and ensuring that publicly reported transaction prices are valid. Similarly, Regulation AT requires message and execution throttles, which mitigate the risks of executing large numbers of unintended orders, potentially harming market efficiency and integrity. Ensuring that only bona fide and intentional orders are entered into the market may also help promote market competitiveness by helping to ensure that a single entity does not inadvertently dominate the market due to unintended excessive orders.

    The Commission acknowledges that certain aspects of Regulation AT, such as the compliance reports, could have adverse effects on some trading firms due to the cost of creating and submitting the compliance reports, and to the extent that firms do not already do so, implementing and maintaining the proposed regulation's required pre-trade risk and order management controls. In order to mitigate costs to trading firms, the Commission is restricting the need for trading firm level risk controls and the associated compliance reports to those entities that are registered with the Commission in some capacity. For those who are not required to register, pre-trade risk controls will be executed by the entity's clearing firm and the contract market the entity trades on and compliance reports will be submitted by the clearing FCM.

    According to a study by the Commission's Division of Swap Dealer and Intermediary Oversight that was presented to the Commission's Agricultural Advisory Committee on September 22, 2015, [671] the number of active FCMs has declined in recent years from 180 in 2005 to 76 in December 2014. The decline over this period in the number of FCMs holding customer assets was not as large as the overall decline in the number of FCMs: from 85 to 60. The decline in the number of FCMs can be attributed to a number of factors, including low interest rates (which can reduce FCM profitability by lowering the rate of return on the investment of customer funds) and the changing regulatory environment. The compliance and other costs on clearing FCMs that go beyond existing industry practice could, in conjunction with existing factors that are pressuring FCMs, potentially cause some additional FCMs to scale back operations, or make it less likely that new FCMs will enter the market. The Commission also notes the possibility that if clearing FCMs are required to establish and maintain pre-trade risk controls and order cancellation systems pursuant to § 1.82(c) with respect to AT Order Messages originating with AT Persons that do not use DEA and to submit compliance reports regarding their risk controls, they may refuse to serve such firms in light of the additional costs or may raise trading fees to cover these costs. Such potential increased costs may make it more difficult for new trading firms to enter the market and for certain existing trading firms to remain in the market. This could happen if FCMs determines to cease serving firms that, in light of the increased costs, are no longer profitable for the FCM. However, it is possible that the rule will create a market opportunity for certain FCMs to specialize in monitoring the operation of Algorithmic Trading systems used by trading firms that do not use DEA. This may mitigate the impact of other FCMs exiting the market or new FCMs choosing not to enter the market and may mitigate the impact on trading firms.

    The potential reduction in the number of clearing FCMs and market participants due to increased costs could reduce liquidity and increase transaction costs in futures markets. The proposed rules also impose costs on DCMs that, to the extent they go beyond existing industry practice (including the costs of reviewing submissions from AT Persons and FCMs pursuant to proposed § 40.22), may significantly affect small or start-up DCMs. However, the Commission emphasizes the general benefits that Regulation AT provides to the market, such as the protection of market integrity and efficiency, which were impacted by previous disruptive market events. As noted in section III above, for example, the events at Knight Capital significantly impacted the equities market. Due to coding errors in Knight's systems, the firm's automated trading system inadvertently built up unintended positions in the equity market, eventually resulting in losses of more than $460 million for the firm. [672] In addition, the Flash Crash in 2010 impacted market efficiency in several respects; for example, due to the extreme price movement, the exchanges and FINRA made a determination to cancel a significant number of trades that were executed during the crash. [673]

    The Commission has preliminarily determined that burdens placed on market participants, FCMs, and DCMs imposed by Regulation AT is justified by the benefits in ensuring that all orders submitted through Algorithmic Trading pass through effective controls and systems that mitigate the risks of malfunctioning automated trading systems. The Commission has endeavored to minimize the compliance burden in Regulation AT to the minimum level necessary to protect market participants and the public.

    The proposed rules may promote the financial integrity of futures markets by reducing the likelihood of flash crashes and other automated trading disruptions. Such disruptions can place financial strain on market participants, intermediaries, and DCOs.

    iii. Price Discovery

    Requiring trading firms, clearing members and exchanges to implement pre-trade risk controls, testing, and order management control requirements in order to mitigate the risk of a malfunctioning trading algorithm or automated trading disruption promotes the price discovery process by reducing the likelihood of transactions at prices that do not accurately reflect market forces.

    iv. Sound Risk Management Practices

    The Commission believes that the pre-trade risk and order management control requirements contained in Regulation AT will contribute to a system-wide reduction in operational risk, and will help standardize risk management practices across similar entities within the marketplace. The reduction in operational risk may simplify the tasks associated with sound risk management practices. These enhanced risk management practices should help reduce unintended market volatility, which will aid in efficient market making, and reduce overall transaction costs as they relate to price movements, which should encourage market participants to trade in Commission-regulated markets. Market participants and those who rely on prices as determined within regulated markets should benefit from markets that behave in an orderly and expected fashion.

    v. Other Public Interest Considerations

    The Commission has not identified any effects that these proposed rules would have on other public interest considerations other than those addressed above.

    d. Consideration of Alternatives

    i. Pre-Trade and Other Risk Controls

    In proposing these regulations, the Commission considered alternatives suggested by comments to the Concept Release. The Commission notes that the Concept Release raised numerous potential measures and controls, not all of which are proposed in Regulation AT. Accordingly, comments supporting or opposing regulation in the area of automated trading were made without the benefit of knowing specifically what regulations would be proposed. Some commenters indicated that there was already sufficient regulation in the area of risk controls. For example, FIA suggested that “the best approach to achieve standardization is to reflect industry best practices through working groups of DCMs, FCMs and market participants.”  [674] CFE stated that there is already sufficient regulation of DCMs in relation to risk controls and that exchange risk control practices should evolve as technology and markets evolve. [675] MFA indicated that current CFTC regulations and existing best practices require entities to have sufficient and effective pre-trade risk controls. [676] ICE commented that exchanges are better able to implement and update risk controls on a market-by-market basis than through a Commission rulemaking. [677] OneChicago indicated that “additional mandates” as to exchange risk controls will increase costs and complexity. [678]

    As noted above, the Concept Release addresses a number of potential measures that are not proposed as part of Regulation AT. With respect to the pre-trade risk and other controls proposed in this NPRM, the Commission acknowledges that many best practices as to risk controls have been developed without a regulatory mandate, and that trading firms, clearing member FCMs, and DCMs are in the best position to determine the most effective design of their own particular risk controls and innovate new forms of controls. However, the Commission believes that regulation in this area will better foster standardization of controls across all entities, including smaller firms or exchanges that may, without regulation, implement some but not all of the controls required by Regulation AT. This rulemaking may serve to limit a “race to the bottom” in which some entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. In the context of automated trading, a technological malfunction at a single firm can have a significant impact across markets and market participants. [679] Given that reality, it is insufficient that some, but not all, industry participants have the appropriate risk controls. Requiring the implementation of certain risk controls through regulation will help ensure that all industry participants have the appropriate risk controls, thus fostering trade certainty and market integrity for all market participants. In determining which risk controls discussed in the Concept Release should be proposed in this NPRM, the Commission has attempted to propose those core risk controls that it believes are currently implemented by the majority of market participants, foregoing certain risk controls that are implemented by relatively few market participants and may be of less value in mitigating risk.

    In addition, some commenters to the Concept Release explained the appropriate implementation or design of particular pre-trade risk controls, which are discussed above as relevant to each control. Also as discussed above, the Commission determined that, while it believes that these comments are reasonable and merit further consideration by market participants as they implement risk controls, the specific design and operation of risk controls should not be mandated by regulation. Rather, given the wide variety of trading firms, technology, trading strategies, markets, and products, the relevant entities—trading firms, clearing firms, and DCMs—should have the discretion to determine the appropriate design of the specific controls required by Regulation AT.

    The remainder of this discussion focuses on various alternative measures that the Commission considered in proposing these regulations, some of which were discussed in the Concept Release, and some of which are contained in other regulatory systems. The Commission evaluated various regulatory definitions of algorithmic trading when considering how to draft a definition for purposes of this NPRM. The Commission has proposed that the definition of Algorithmic Trading will include systems that make determinations regarding any aspect of the routing of an order, i.e., systems that only make decisions as to the routing of orders to one or more trading venues. The Commission notes analogous definitions adopted by the European Commission under MiFID II and by FINRA do not include automated systems that only route orders as algorithmic trading. Excluding automated order routers would reduce the number of automated systems captured by Regulation AT relative to the Commission's proposal and may reduce the number of AT Persons subject to the costs of the regulation. Nevertheless, the Commission believes that automated order routers have the potential to disrupt the market to a similar extent as other types of automated systems, and that there are significant benefits to including automated order routers in the proposed regulations.

    The Commission is also considering expanding the definition of Algorithmic Trading to encompass orders that are generated using algorithmic methods (e.g., an algorithm generates a buy or sell signal at a particular time), but are then manually entered into a front-end system by a natural person, who determines all aspects of the routing of the orders. Such an alternative would increase the number of automated systems captured by Regulation AT relative to the Commission's proposal and may increase the number of AT Persons subject to the costs of the regulation. The Commission preliminarily believes that such manually entered orders present less risk than fully automated orders and that the benefits of including them in the definition of Algorithmic Trading would therefore be limited.

    In the event that a non-clearing FCM or other entity acts only as a conduit for orders, and does not make any determinations with respect to such orders, the conduit entity would not be engaged in Algorithmic Trading, as that definition is currently proposed. The Commission preliminarily believes that expanding the definition to include conduit entities would not sufficiently enhance the benefits associated with Regulation AT relative to the additional costs.

    The Commission determined not to extend Regulation AT to SEFs, a proposal that was supported by one Concept Release commenter. CFE stated that any risk control requirements should apply to SEFs, in addition to DCMs. CFE explained that there must be a level playing field between both DCMs and SEFs and that there be no regulatory disparities that would make it more advantageous to list a swap on a SEF as opposed to a DCM. [680] The Commission believes in fostering a level playing field in its markets, and as a result any requirements on DCMs arising out of Regulation AT may ultimately be imposed on SEFs at a later date. However, as noted in section (C)(1) above, an important consideration for the Commission is that SEFs and SEF markets are much newer and less liquid than the more established and liquid DCMs and DCM markets. While SEFs and SEF markets are still in this nascent stage, the Commission does not want to impose additional requirements that may have the effect of decreasing the number of SEFs or decreasing liquidity. Moreover, the Commission, based on its present knowledge, believes that automated trading is not as prevalent in SEF markets as compared to DCM markets. Therefore, the policy considerations underlying Regulation AT are not as critical, at least at this time, in the SEF context.

    Proposed § 1.82 requires clearing FCMs to implement controls with respect to AT Order Messages originating with an AT Person. The Commission is considering modifying proposed § 1.82 to require clearing FCMs to implement controls with respect to all orders, including orders that are manually submitted. Such a requirement would correspond to the requirement under proposed § 40.20(d) that DCMs implement risk controls for orders that do not originate from Algorithmic Trading. The Commission is considering this modification because it recognizes that manually entered orders also have the potential to cause significant market disruption. The Commission requests comment on this proposed alternative formulation of § 1.82, which the Commission may implement in the final rulemaking for Regulation AT. The Commission acknowledges that this proposed alternative formulation would impose additional costs on clearing FCMs relative to the currently proposed § 1.82. The Commission requests comment on the potential benefits of this proposal relative to the increased costs to clearing FCMs, in addition to any other comments regarding the effectiveness of this proposal in terms of risk reduction.

    ii. Compliance Reports

    Proposed § 1.83 would require AT Persons and clearing FCMs to submit compliance reports to DCMs on an annual basis. Such reports would need to be submitted and certified annually by the chief executive officer or the chief compliance officer of the AT Person or FCM. Proposed § 40.22 would require DCMs to establish a program for effective periodic review and evaluation of the reports. The Commission has proposed these regulations, using the deadlines described above, because it believes they represent an appropriate balancing of the transparency and risk reduction provided by the reports against the burden placed on AT Persons, clearing FCMs, and DCMs of providing and reviewing the reports.

    The Commission is considering the alternatives of requiring AT Persons and clearing FCMs to submit such reports more or less frequently than annually. The Commission is also considering the alternatives of placing the responsibility for certifying the reports required by proposed § 1.83 only on the chief executive officer, only on the chief compliance officer, or permitting certification from other officers of the AT Person or FCM. While proposed § 40.22 would require DCMs to establish a program for effective periodic review and evaluation of the reports, the Commission is considering the alternative of requiring DCMs to review the reports at more specific intervals.

    The Commission considered the alternative of requiring additional information in the reports by AT Persons to DCMs under proposed § 1.83, including (1) descriptions of order cancellation systems; (2) policies and procedures for the development, testing, and monitoring of Algorithmic Trading systems; and (3) policies and procedures for the training of Algorithmic Trading staff. The Commission determined not to propose these additional requirements in order to limit costs both to AT Persons and to the DCMs that will be required to review the reports under proposed § 40.22, while retaining the benefits of protecting market participants and the public from disruptions and other adverse events associated with automated trading.

    Requirements related to RFAs. The Commission is considering making adjustments to the scope of RFA responsibility under proposed § 170.19. For example, RFAs could be responsible for fewer or additional areas regarding AT Persons, ATSs, and algorithmic trading than specified in proposed § 170.19 and could have more or less latitude to issue rules than under the proposal.

    e. Request for Comments

    Pre-Trade and Other Risk Controls

    112. How would an alternative definition of Algorithmic Trading that excludes automated order routers affect the costs and benefits of the pre-trade and other risk controls in comparison to the costs and benefits of the proposed definition that includes automated order routers? Would such an alternative definition reduce the number of AT Persons captured by Regulation AT?

    113. Would the benefits of Regulation AT be enhanced significantly if the definition of Algorithmic Trading were modified to capture a conduit entity such as a non-clearing FCM, thereby making the entity an AT Person subject to Regulation AT? How would such a modification affect costs?

    114. Would the benefits of Regulation AT be enhanced significantly if the definition of Algorithmic Trading were expanded to encompass orders that are generated using algorithmic methods (e.g., an algorithm generates a buy or sell signal at a particular time), but are then manually entered into a front-end system by a natural person? How would such a modification affect costs? Please comment on the costs and benefits of an alternative whereby the Commission would implement specific rules regarding the appropriate design of the specific controls required by Regulation AT and compare them to the costs and benefits of the Commission's proposal whereby the relevant entities—trading firms, clearing firms, and DCMs—would have the discretion to determine the appropriate design of those controls.

    115. Does one particular segment of trading firms, clearing member FCMs or DCMs (e.g., smaller entities) currently implement fewer of the pre-trade and other risk controls required by Regulation AT than some other segment of trading firms, clearing member FCMs or DCMs? If so, please describe any unique or additional costs that will be imposed on such persons to develop the technology and systems necessary to implement the pre-trade and other risk controls required by Regulation AT.

    116. In question 14, the Commission asks whether there are any AT Persons who are natural persons. Would AT Persons who are natural persons (or sole proprietorships with no employees other than the sole proprietor) be required to hire staff to comply with the risk control, testing and monitoring, or compliance requirements of Regulation AT?

    117. Do you agree with the accuracy of cost estimates provided by the Commission as to how much it will cost a trading firm, clearing member FCM or DCM to internally develop the technology and systems necessary to implement the pre-trade and other risk controls required by Regulation AT? If you disagree with the Commission's analysis, please provide your own quantitative estimates, as well as data or other information in support. Please specify in your answer the type of entity and which specific pre-trade risk or order management controls for which you are providing estimates.

    In addition, please differentiate between the situations where an entity (i) already has partially compliant controls in place, and only needs to upgrade such technology and systems to bring it into compliance with the regulations; and (ii) needs to build such technology and systems from scratch. Please include, as applicable, hardware and software costs as well as the hourly wage information of the employee(s) necessary to develop such risk controls (i.e., technology personnel such as programmer analysts, senior programmers and senior systems analysts).

    118. The Commission has assumed that the effort to adjust any one risk control (by “control,” in this context, the Commission means the pre-trade risk controls, order cancellation systems, and connectivity systems required by § 1.80) will require assessment and possible modifications to all controls. Is this assumption correct, and if not, why not?

    119. As indicated above, the Commission lacks sufficient information to provide full estimates of costs that a trading firm, clearing member FCM or DCM will incur if it chooses not to internally develop such controls, and instead purchases the solutions of an outside vendor in order to comply with Regulation AT's pre-trade and other risk controls requirements. Please provide quantitative estimates of such costs, including supporting data or other information. In addition, please specify in your answer the type of entity and which specific pre-trade risk or order management control for which you are providing estimates.

    In addition, please differentiate between the situations where an entity (i) already uses an outside vendor to at least some extent to implement the controls; and (ii) does not currently implement the controls and must obtain all applicable technology and systems from an outside vendor necessary to comply with Regulation AT. Please include, if applicable, hardware and software costs as well as the hourly wage information of the employee(s) necessary to effectuate the implementation of such controls from an outside vendor.

    120. Do you agree with the Commission's estimates of how much it will cost a trading firm, clearing member FCM or DCM to annually maintain the technology and systems for the pre-trade and other risk controls required by Regulation AT, if it uses internally developed technology and systems? If not please provide quantitative estimates and supporting data or other information with respect to how much it will cost a trading firm, clearing member FCM or DCM to annually maintain the technology and systems for pre-trade and other risk controls required by Regulation AT, if it uses an outside vendor's technology and systems.

    121. Is it correct to assume that many of the trading firms subject to § 1.80 are also subject to the SEC's Market Access Rule, and, accordingly, already implement many of the systems required by Regulation AT for purposes of their securities trading?

    Please specify in your answer the type of entity and which specific pre-trade risk or order management control is already required pursuant to the Market Access Rule, and the extent of the overlap.

    122. Please comment on the costs and benefits (including quantitative estimates with supporting data or other information) to clearing FCMs of an alternative to proposed § 1.82 that would require clearing FCMs to implement controls with respect to all orders, including orders that are manually submitted or are entered through algorithmic methods that nonetheless do not meet the definition of Algorithmic Trading and compare those costs and benefits to those costs and benefits of proposed § 1.82.

    123. Please comment on the additional costs (including quantitative estimates with supporting data or other information) to AT Persons of complying with each of the following specific requirements of § 1.80:

    a. § 1.80(a)(2) (pre-trade risk control threshold requirements);

    b. § 1.80(a)(3) (natural person monitors must be alerted when thresholds are breached)

    c. § 1.80(d) (notification to DCM and clearing member FCM that AT Person will use Algorithmic Trading);

    d. § 1.80(e) (self-trade prevention tools); and

    e. § 1.80(f) (periodic review of pre-trade risk controls and other measures for sufficiency and effectiveness).

    124. The Commission welcomes comment on the estimated costs of the pre-trade risk controls proposed in § 1.80 as compared to the annual industry expenditure on technology, risk mitigation and/or technology compliance systems.

    125. Please comment on the costs to AT Persons and clearing member FCMs of complying with DCM rules requiring retention and production of records relating to §§ 1.80, 1.81, and 1.82 compliance, pursuant to § 40.22(d), including without limitation on the extent to which AT Persons and clearing member FCMs already have policies, procedures, staffing and technological infrastructure in place to retain such records and produce them upon DCM request.

    126. The Commission anticipates that Regulation AT may promote confidence among market participants and reduce market risk, consequently reducing transaction costs, but has not estimated this reduction in transaction costs. The Commission welcomes comment on the extent to which Regulation AT may impact transaction costs and effects on liquidity provision more generally.

    AT Person Membership in RFA; RFA Standards for Automated Trading and Algorithmic Trading Systems

    127. The Commission estimates that the costs of membership in an RFA associated with proposed § 170.18 will encompass certain costs, such as those associated with NFA membership dues. Has the Commission correctly identified the costs associated with membership in an RFA?

    128. The Commission expects that entities that will be required to become members of an RFA would not incur any additional compliance costs as a result of their membership in an RFA. The Commission requests comment on the accuracy of this expectation. What additional compliance costs, if any, would a registrant face as a result of being required to become a member of an RFA pursuant to proposed § 170.18?

    129. Has the Commission accurately estimated that approximately 100 entities will be affected by the membership requirements of § 170.18?

    130. The Commission invites estimates on the cost to an RFA to establish and maintain the program required by § 170.19, and the amount of that cost that will be passed along to individual categories of AT Person members in the RFA.

    Development, Testing, and Supervision of Algorithmic Systems

    131. Proposed § 1.81(a) establishes principles-based standards for the development and testing of Algorithmic Trading systems and procedures, including requirements for AT Persons to test all Algorithmic Trading code and related systems and any changes to such code and systems prior to their implementation. AT Persons would also be required to maintain a source code repository to manage source code access, persistence, copies of all code used in the production environment, and changes to such code, among other requirements. Are any of the requirements of § 1.81(a) not already followed by the majority of market participants that would be subject to § 1.81(a) (or some particular segment of market participants), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    132. Proposed § 1.81(b) requires that an AT Person's Algorithmic Trading is subject to continuous real-time monitoring and supervision by knowledgeable and qualified staff at all times while Algorithmic Trading is occurring. Proposed § 1.81(b) also requires automated alerts when an Algorithmic Trading system's AT Order Message behavior breaches design parameters, upon loss of network connectivity or data feeds, or when market conditions approach the boundaries within which the ATS is intended to operate, to the extent applicable, among other monitoring requirements. Are any of the requirements of § 1.81(b) not already followed by the majority of market participants that would be subject to § 1.81(b), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    133. Proposed § 1.81(c) requires that AT Persons implement policies designed to ensure that Algorithmic Trading operates in a manner that complies with the CEA and the rules and regulations thereunder. Among other controls, the policies should include a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls. Are any of the requirements of § 1.81(c) not already followed by the majority of market participants that would be subject to § 1.81(c), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    134. Proposed § 1.81(d) requires that AT Persons implement policies to designate and train their staff responsible for Algorithmic Trading, which policies should include procedures for designating and training all staff involved in designing, testing and monitoring Algorithmic Trading. Are any of the requirements of § 1.81(d) not already followed by the majority of market participants that would be subject to § 1.81(d), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    AT Person and FCM Compliance Reports

    135. Please comment on whether any of the alternatives discussed above regarding compliance reports would provide a superior cost-benefit profile relative to the Commission's proposal.

    DCM Test Environments

    136. Do any DCMs not currently offer a test environment that simulates production trading to their market participants, as would be required by proposed § 40.21? If so, how much would it cost a DCM to implement a test environment that would comply with the requirements of § 40.21?

    DCM Review of Compliance Reports

    137. Please comment on the cost estimates provided above with respect to DCMs' review of compliance reports provided under § 40.22 and related review requirements, including the estimated cost for DCMs to: Establish the review program required by § 40.22; review the reports provided by AT Persons and clearing member FCMs; communicate remediation instructions to a subset of AT Persons and clearing member FCMs; and review and evaluate, as necessary, books and records of AT Persons and clearing member FCMs as contemplated by proposed § 40.22(e).

    Section 15(a) Considerations

    138. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in § 15(a) of the CEA.

    139. Are the compliance costs associated with the proposed rules of sufficient magnitude to potentially cause smaller market participants, FCMs, or DCMs to cease or scale back operations? Do these costs create significant barriers to entry?

    8. Requirements for Certain Entities To Register as Floor Traders

    a. Background

    The Commission proposes to require registration for certain market participants with Direct Electronic Access. To achieve registration, the Commission proposes amending the definition of “Floor trader” in Commission regulation 1.3(x). The amended definition would include any person who purchases or sells futures or swaps solely for such person's own account in any other place provided by a contract market for the meeting of persons similarly engaged where such place is accessed for Algorithmic Trading by such person in whole or in part through Direct Electronic Access (as defined in proposed § 1.3(yyyy)).

    b. Costs

    Registration and Membership Fees. The new registration requirements imposed on certain entities with Direct Electronic Access would require these entities to pay certain one-time registration charges. NFA currently charges non-natural persons applying for registration as floor traders $200 per application (on Form 7-R), and charges individuals $85 per application (on Form 8-R). The Commission estimates that there will be approximately 100 entities with Direct Electronic Access that will register as Floor Traders under the new registration requirements. The Commission further estimates that each entity will be required to file 10 Forms 8-R in relation to its principals. Accordingly, the Commission estimates that new registrants will incur one-time registration costs of $105,500 for Form 7-R and 8-R fees combined (Form 7-Rs submitted by 100 new registrants, at $200 per Form 7-R plus 10 Forms 8-R submitted by each of 100 new registrants, at $85 per Form 8-R). [681]

    Costs for Submitting Applications. In addition, the Commission estimates that new registrants will incur a total one-time cost of $105,600 to prepare and submit Forms 7-R and 8-R. This cost represents the work of 1 Compliance Attorney per registrant, working for 11 hours (11 × $96 = $1,056 per registrant). [682] The 100 new registrants will therefore incur a total one-time cost of $105,600.

    Other Indirect Costs. The Commission preliminarily believes that there are additional indirect costs, beyond the cost of registration, to new registrants resulting from the new registration requirement. New floor traders required to register under proposed § 1.3(x)(3) will be included in the definition of “AT Person.” These proposed rules establish various requirements for AT Persons, including the implementation of risk controls for algorithmic systems (proposed § 1.80), the implementation of standards for development, testing, and supervision of algorithmic systems (proposed § 1.81), and the submission to DCMs of compliance reports regarding risk controls and, upon request, certain related books and records (proposed § 1.83). Because these provisions apply to AT Persons, new floor traders under Proposed § 1.3(x)(3) will only be required to follow these provisions as a result of their status as a floor trader. Thus, any costs associated with these rules are also indirect costs of registration itself. [683]

    c. Benefits

    The Commission preliminarily believes that registration of certain entities with Direct Electronic Access would enhance the pre-trade controls and risk management tools discussed elsewhere in this NPRM. For example, the pre-trade risk controls listed in proposed § 1.80(a)—maximum AT Order Message frequencies per unit time, maximum execution frequencies per unit time, order price parameters and maximum order size limits—must be established and used by all AT Persons. If the Commission were to only require those trading firms or clearing member FCMs that are already registered with the Commission to implement such controls, it would be ignoring a significant number of market participants that actively trade on Commission-regulated markets, each of which has algorithmic trading systems that could malfunction and create systemic risk to all market participants. The Commission estimates that there are approximately one hundred proprietary trading firms engaged in Algorithmic Trading in Commission-regulated markets. However, a technological malfunction in a single trading firm's systems can significantly impact other markets and market participants. Accordingly, the proposed registration requirement accomplished through revised § 1.3(x) is critical to ensuring that all such firms are registered and subject to appropriate risk control, testing, and other requirements of Regulation AT.

    A number of commenters to the Concept Release pointed out benefits of additional registration. [684] AFR stated that “[t]he enhancement of investigative authority is extraordinarily important given that the Commission would often need to involve itself in the workings of the ATSs to anticipate problems and to detect and investigate problems that have occurred. HFT firms should have the highest priority.”  [685]

    AIMA and VFL specifically emphasized benefits of registration for participants with direct market access. [686] VFL commented that if an exchange provides a participant the ability to connect directly, then that participant enjoys all of the rights of a member and should be regulated at the federal and exchange level. [687]

    d. Section 15(a) Factors

    This section discusses the section 15(a) factors for the proposed amendment of the definition of “Floor trader” in Commission Regulation 1.3(x), for purposes of registering participants with Direct Electronic Access.

    i. Protection of Market Participants and the Public

    The Commission preliminarily believes that requiring market participants with Direct Electronic Access to register with the Commission will further the protection of market participants and the public by enhancing the Commission's ability to seek information from such firms and allow for wider implementation of many of the pre-trade risk controls and other tools discussed in this release. Broader use of these tools will reduce the likelihood of market disruptions that adversely impact market participants and the public. Regulation AT may serve to limit a “race to the bottom,” in which certain entities sacrifice effective risk controls in order to minimize costs or increase the speed of trading. The proposed rules, by standardizing the risk controls required to be used by firms, would help ensure that the benefits of these risk controls are more evenly distributed across a wide set of market participants, and reduce the likelihood that an outlier firm without sufficient risk controls causes significant market disruption. Thus, the proposed registration requirement may help ensure the protections of market participants and the public that these tools provide as discussed above.

    ii. Efficiency, Competitiveness, and Financial Integrity of Futures Markets

    The Commission preliminarily believes that requiring market participants with Direct Electronic Access to register with the Commission will further the efficiency, competitiveness, and financial integrity of futures markets by enhancing the Commission's ability to seek information from such firms and allow for wider implementation of many of the pre-trade risk controls and other tools discussed in this release. Broader use of these tools will reduce the likelihood of market disruptions that may adversely impact the efficiency and integrity of the futures markets. Consistent use of these tools may also even the playing field within groups of automated firms, such as market-makers, or across firms with differing strategies. This consistency can improve firm competitiveness and reduce disadvantages experienced by those firms who would employ more comprehensive risk control and order management programs even absent a rule requiring use of such tools. Thus, the proposed registration requirement may help ensure the furtherance of efficiency, competitiveness, and financial integrity that these tools provide as discussed above.

    iii. Price Discovery

    The Commission preliminarily believes that requiring market participants with direct market access to register with the Commission will also further price discovery by enhancing the Commission's ability to seek information from such firms and allow for wider implementation of many of the pre-trade controls and risk management tools discussed in this release. Broader use of these tools will reduce the likelihood of market disruptions that may interfere with the price discovery process. Thus, the proposed registration requirement may help ensure the furtherance of price discovery protections that these tools provide as discussed above.

    iv. Sound Risk Management Practices

    The Commission preliminarily believes that requiring market participants with direct market access to register with the Commission will also further sound risk management practices by enhancing the Commission's ability to seek information from such firms and allow for wider implementation of many of the pre-trade controls and risk management tools discussed in this release. Broader use of these tools will reduce the likelihood of market disruptions that may interfere with sound risk management practices. Thus, the proposed registration requirement may help ensure the furtherance of sound risk management practices that these tools provide as discussed above.

    v. Other Public Interest Considerations

    The Commission has not identified any effects that these proposed rules would have on other public interest considerations other than those addressed above.

    e. Consideration of Alternatives

    The Commission considered a number of alternatives to the proposed approach of requiring registration for entities with Direct Electronic Access. In the Concept Release, the Commission sought comments regarding broader registration of proprietary traders generally. Based upon the comments received, many of which did not support registration, the Commission is not proposing broad registration of proprietary traders at this time.

    As an alternative to requiring the registration of entities engaged in proprietary Algorithmic Trading through DEA, the Commission considered reaching such entities indirectly through the DCMs on which they trade. This approach would have necessitated that DCMs implement rules requiring relevant entities to meet the substantive standards of Regulation AT. These DCM rules would have needed to require, for example, that relevant entities implement pre-trade risk controls, establish policies and procedures for testing and monitoring of ATSs, and provide compliance reports regarding their algorithmic trading to DCMs (which are currently proposed as direct obligations upon AT Persons under §§ 1.80, 1.81, and 1.83, respectively). This alternative would have reduced the costs for such entities, since they would not be required to register with the Commission. However, such costs would instead have been borne by DCMs, and potentially passed back on to relevant entities. The Commission did not pursue this approach for a number of other reasons as well. In particular, the Commission wanted to ensure that such entities are directly subject to Commission regulations, rather than impose obligations indirectly through DCMs. In addition, the Commission wanted to ensure a uniform baseline of regulatory expectations which might not arise where numerous DCMs are independently producing their own self-regulatory standards in lieu of the Commission's standards. Furthermore, the Commission also wanted to combine the requirement to register with the Commission with the requirement under § 170.18 that all AT Persons must become a member of a registered futures association, so that the RFA can consider adopting standards for automated trading and ATSs applicable to AT Persons. These standards are described under § 170.19. As discussed above, the Commission believes that §§ 170.18 and 170.19 would allow RFAs to supplement elements of Regulation AT as markets and trading technologies evolve over time, and do so in a uniform manner that would not be available through separate initiatives by individual DCMs.

    The Commission also considered not requiring currently unregistered entities to register with the Commission as floor traders. A number of commenters supported such an approach, including FIA, which suggested “[r]ather than creating a new registration framework, expanding the information required in [the DCM's] audit trail may be a more direct and efficient way to address the Commission's concerns.”  [688] Other commenters also focused on whether the Commission already had access to the information that registration would ostensibly enable it to acquire. Commenters pointed out that: DCMs already use Operator IDs; the DCM audit trail already satisfies the goals of registration; implementing the Commission's final rule on ownership and control reporting (OCR) will provide additional information on trading identities; and the Commission already has access to trade data (i.e., Regulation 1.40 and part 38's mandate that DCMs require market participants to submit to jurisdiction). [689] The Commission notes that obtaining information from proprietary traders is not the primary purpose of the proposed registration requirement, and therefore believes that the goals of Regulation AT can only be realized by requiring currently unregistered entities to register with the Commission as floor traders.

    As discussed more fully in section IV(E)(3) above, the “floor trader” definition is not being expanded to capture all proprietary traders engaged in Algorithmic Trading; rather, the revised floor trader definition is limited to firms using DEA to engage in Algorithmic Trading. Registration of entities with DEA as floor traders would enhance the pre-trade controls and risk management tools discussed elsewhere in this NPRM by making such entities subject to the various regulations governing AT Persons under the NPRM. For example, the pre-trade risk controls listed in proposed § 1.80—maximum AT Order Message frequencies per unit time, maximum execution frequencies per unit time, order price parameters and maximum order size limits—must be established and used by all AT Persons. The Commission is also considering whether it is appropriate to further limit the registration requirement by adding a de minimis exception, whereby only those persons with DEA who also meet certain trading volume or message volume thresholds would be required to register.

    f. Request for Comments

    140. The Commission estimates that the costs of registration will encompass direct costs (those associated with NFA membership, and reporting and recordkeeping with the Commission), and indirect costs (e.g. those associated to risk control requirements placed on all registered entities). Has the Commission correctly identified the costs associated with the new registration category? What firm characteristics would change the level of direct and indirect costs associated with the registration?

    141. Has the Commission accurately estimated that approximately 100 currently unregistered entities will be captured by the new registration requirement in proposed § 1.3(x)(3).

    142. Has the Commission accurately estimated that each currently unregistered entity captured by the new registration requirement in proposed § 1.3(x)(3) will have approximately 10 persons required to file Form 8-R?

    143. As defined, the new floor trader category restricts the registration requirement to those who make use of Direct Electronic Access. Is this requirement overly restrictive or unduly broad from a cost-benefit perspective? Are there alternate, or additional, characteristics of trading activity to determine registration status that would be preferable from a cost-benefit standpoint? For example, should persons with trading volume or message volume below a specified threshold be exempted from registration?

    144. Will any currently unregistered entities change their business model or exit the market in order to avoid the proposed registration requirement?

    145. The Commission believes that the risk control protocols required of registered entities, specifically those under the new registration category, will provide a general benefit to the safety and soundness of market activity and price formation. Has the Commission correctly identified the type and level of benefits which arise from placing these requirements on a new set of significant market participants?

    146. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    9. Transparency in Exchange Trade Matching Systems

    a. Background

    The proposed regulations concerning additional disclosure by DCMs regarding their trade matching systems (amendments to §§ 38.401(a) and 40.1(i)) provide that DCMs publicly disclose certain information prominently and clearly. These proposed regulations would require DCMs to provide a description of attributes of trade matching systems that materially affect the entry and execution of orders and requests for quotes, including any changes to trade matching systems that would cause such effects.

    b. Costs

    The Commission notes that DCMs are currently obligated under DCM core principles and existing regulations to make available certain types of information concerning the operation of their electronic matching platforms through publication of rulebooks and through the required posting of specifications of platforms on their Web site. DCMs are also obligated under DCM core principles and existing regulations to establish and maintain a program of risk analysis and oversight to identify and minimize sources of operation risk, which should identify and remediate aspects of an electronic matching platform that could negatively affect market participants' orders. Therefore, to a large extent, the Commission believes that the disclosure requirements under proposed § 38.401(a) would not materially impact a DCM's operations costs.

    The Commission anticipates that additional costs under proposed § 38.401(a) would be staff hours associated with drafting descriptions of such attributes that the DCMs should already be determining as part of their systems testing and disclosure of platform specifications. Such drafting may also require additional determinations as to the materiality of attributes and, where applicable, additional testing of systems to ensure an accurate description of those attributes in public documents. This may also involve attorneys' fees associated with reviewing any disclosures.

    The proposed amendments to § 38.401(a) and (c) require DCMs to publicly post information regarding certain aspects of their electronic matching platforms. The Commission anticipates that DCMs are likely to be aware of these aspects of their platforms based on their daily work in operating their matching engines, monitoring performance, and receiving customer feedback, among other internal monitoring activities. As a result, the added burden under the proposed amendments would be limited to drafting the description of such attributes and making the description available on the DCM's Web site.

    The Commission estimates that a DCM would incur an annual cost of $19,200 to comply with amended § 38.401(a)-(c), assuming the DCM is already compliant with the requirements to post the specifications of its electronic matching platform under current § 38.401(a). This cost represents the work of 1 Compliance Attorney, working for 200 hours (200 × $96 per hour = $19,200). [690] The 15 DCMs that would be subject to amended § 38.401(a)-(c) would therefore incur a total annual cost of $288,000 (15 × $19,200). [691] The Commission anticipates that this figure would decrease in subsequent years as the descriptions provided would only need to be amended to reflect changes to the electronic matching platform or the discovery of previously unknown attributes.

    The proposed amendment to Regulation 40.1(i) that adds the language “(including but not limited to any operation of an electronic matching platform that materially affects the time, priority, price, or quantity of execution of market participant orders, the ability to cancel, modify, or limit display of market participant orders, or the dissemination of real-time market data to market participants)” would not result in any additional costs for DCMs. The Commission notes that the proposed change to Regulation 40.1(i) clarifies and codifies the Commission's existing interpretation of the term “rule.” Moreover, the proposal is consistent with industry practice, whereby DCMs have submitted as rule changes information regarding proposed changes to electronic trade matching platform that affect the entry and execution of market participant orders and quotes. Therefore, the Commission does not anticipate that DCMs will be required to file submissions relating to any changes to the platform that should not already be filed under current Commission interpretation and industry practice.

    c. Benefits

    The Commission believes that the additional disclosure by DCMs regarding their trade matching systems, pursuant to the proposed amendments to §§ 38.401(a) and 40.1(i), would have substantial benefits for market participants. With a better understanding of how their order messages interact with an electronic matching platform, market participants can more efficiently use the electronic markets to hedge risks. Moreover, the disclosure required by the proposed rule would foster greater transparency in the operation of electronic markets. This enhanced transparency would foster confidence in the markets and ensure the availability of efficient markets to hedge risks. Finally, this increased transparency would encourage competition among DCMs to provide the best platforms for market participants, as market participants would be able to evaluate better the relative benefits of trading on individual exchanges. The Commission believes that, to the extent that DCMs are currently in compliance with the proposed amendments to §§ 38.401(a) and 40.1(i), many of the benefits of the proposed amendments are already being realized. The proposed rule will ensure that the benefits are being realized by market participants at all DCMs.

    d. Section 15(a) Factors

    This section discusses the Section 15(a) factors for the proposed regulations requiring additional disclosure by DCMs regarding their trade matching systems (amendments to §§ 38.401(a) and 40.1(i)).

    i. Protection of Market Participants and the Public

    The Commission preliminarily believes that the proposed disclosure requirement and the enhanced transparency that it would foster will protect market participants by providing them with a better understanding of how their order messages interact with an electronic matching platform, thus facilitating their ability to tailor their orders to their understanding of the matching engine and reducing the likelihood of unpleasant surprises regarding order fills.

    ii. Efficiency, Competitiveness, and Financial Integrity of Futures Markets

    Requiring submissions for changes to available order types and platform functionalities also ensures transparency on the operation of such platforms, further encouraging competition among DCMs and enhancing market integrity. The increased transparency may increase investor confidence and expand participation in the futures markets.

    iii. Price Discovery

    The proposed rule may protect and enhance the price discovery process by providing market participants and the public with a better understanding of how buy and sell orders interact on the trading platform, thus making the price discovery process more transparent.

    iv. Sound Risk Management Practices

    The proposal may promote sound risk management practices by providing market participants with more detailed information regarding how their order messages will be processed once they reach the trading platform, and how their messages will interact with messages from other market participants, including the priority with which they will be executed. This information will enable market participants to calibrate their risk controls more effectively.

    v. Other Public Interest Considerations

    The Commission has not identified any effects that these proposed rules would have on other public interest considerations other than those addressed above.

    vi. Consideration of Alternatives

    The Commission is considering the alternative of applying the transparency requirement only with respect to latencies within a platform and how a self-trade prevention tool determines whether to cancel an order. The Commission preliminarily believes that the broader language that it is proposing would better ensure that DCMs disclose any additional attributes of an electronic matching platform that may materially impact market participant orders and any material attributes that may arise in the future as the structures of matching engines continue to evolve. This additional information may enable market participants to make better and more informed decisions about their trading decisions.

    e. Request for Comments

    147. The Commission anticipates that costs associated with the transparency requirement would come from some additional testing of platform systems and from drafting and publishing descriptions of any relevant attributes of the platform. What new costs would be associated with providing descriptions of attributes of electronic matching platforms that affect market participant orders and quotes?

    148. Please compare the costs and benefits of the alternative of applying the transparency requirement only with respect to latencies within a platform and how a self-trade prevention tool determines whether to cancel an order with the costs and benefits of the proposed rule.

    149. What benefits might market participants receive through increased transparency into the operation of electronic matching platforms, particularly for those market participants without direct electronic access who may not be able to accurately measure latencies or other metrics of market efficiency?

    150. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    10. Self-Trade Prevention

    a. Background

    Regulation AT proposes a new requirement (§ 40.23) that a DCM shall implement rules reasonably designed to prevent self-trading by market participants, except as specified in paragraph (b) of § 40.23. “Self-trading” is defined for purposes of § 40.23 as the matching of orders between accounts that have common beneficial ownership or are under common control. A DCM must either apply, or provide and require the use of, self-trade prevention tools that are reasonably designed to prevent self-trading and are applicable to all orders on its electronic trade matching platform. This requirement is subject to the proviso in proposed § 40.23(b) that a DCM may, in its discretion, implement rules that permit the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers. Under § 40.23(b), a DCM could also permit the matching of orders for accounts under common control where such orders comply with the DCM's cross-trade, minimum exposure requirements or similar rules, and are for accounts that are not under common beneficial ownership.

    Proposed § 40.23(c) states that a DCM may only permit the self-trading described in § 40.23(b) if the DCM complies with certain requirements, including the requirement under § 40.23(c) that the DCM requires market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control, on the basis that they meet the criteria of § 40.23(b). Finally, proposed § 40.23(d) would require DCMs to publish statistics on their Web site with respect to self-trading activity on their platform. For example, each DCM would be required to describe the amount of trading on its platform that represents permitted self-trading approved pursuant to § 40.23(b).

    b. Costs

    The Commission assumes that most, if not all, DCMs currently offer self-trade prevention controls or plan to implement them and provide them for use by market participants in the near future. FIA recommends that DCMs offer such controls, [692] and several DCMs provide the controls, a capability which was introduced, and refined, in recent years. [693] As a result, subject to consideration of relevant comments, the Commission preliminarily believes that DCMs would not incur additional costs to develop and offer self-trade prevention controls as required by § 40.23(a). The Commission has, nonetheless, estimated the cost to a DCM that does not currently offer self-trade prevention tools to develop and implement such tools for purposes of complying with § 40.23(a).

    Cost to DCMs to Implement Self-Trade Prevention Tools. The Commission estimates that a DCM would incur a total one-time cost of $155,520 to implement these § 40.23(a) requirements, in the absence of any existing controls. This cost is broken down as follows: 1 Project Manager, working for 480 hours (480 × $70 = $33,600); 1 Business Analyst, working for 480 hours (480 × $52 = $24,960); 1 Tester, working for 480 hours (480 × $52 = $24,960); and 2 Developers, working for a combined 960 hours (960 × $75 = $72,000). [694] Notwithstanding these estimates, the Commission believes that the requirement under proposed § 40.23(a) that DCMs either apply self-trade prevention tools, or provide such tools to market participants, standardizes existing industry practice. As a result, subject to consideration of relevant comments, the Commission preliminarily believes that this requirement under § 40.23(a) will not impose additional costs on DCMs.

    DCM Review of Approval Requests. DCMs will, however, incur additional costs in connection with proposed § 40.23(c). This provision requires market participants to request approval from the DCM that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control, on the basis that they meet the criteria of § 40.23(b). DCMs will incur costs to review these § 40.23(c) approval requests. These costs may vary significantly depending on the number of approval requests a DCM receives. The Commission has therefore estimated the average annual costs that a DCM will incur, while acknowledging that DCMs may incur lower or higher costs depending on the number of requests received. On average, the Commission estimates that, on an annual basis, a DCM will incur a cost of $22,000 to review these approval requests. This cost is broken down as follows: 1 Senior Compliance Examiner, working for 200 hours (200 × $58 per hour = $11,600); and 1 Business Analyst, working for 200 hours (200 × $52 per hour = $10,400). [695] The 15 DCMs that will be subject to § 40.23(c) would therefore incur a total annual cost of $330,000 (15 × 22,000). [696]

    DCM Publication of Statistics Regarding Self-Trade Prevention. In addition, DCMs will incur costs to generate and publish the self-trade statistics on their Web site required by § 40.23(d). The Commission estimates that, on an annual basis, a DCM will incur a cost of $6,650 to generate and publish these statistics. This cost is broken down as follows: 1 Developer, working for 50 hours (50 × $75 per hour = $3,750); and 1 Senior Compliance Examiner, working for 50 hours (50 × $58 per hour = $2,900). [697] The 15 DCMs that will be subject to § 40.23(c) and (d) would therefore incur a total annual cost of $99,750 (15 × 6,650). [698] These costs may vary significantly depending on the size of a DCM and the number of products it lists for trading.

    As noted above, proposed § 40.23 requires DCMs to apply, or provide and require the use of, self-trade prevention tools that are reasonably designed to prevent self-trading and are applicable to all orders on its electronic trade matching platform. To the extent that a DCM offers self-trade prevention tools to market participants, in lieu of the DCM internalizing and directly applying these tools, then market participants will be required to use these tools. Commenters indicated that exchange-provided self-trading controls are widely used by market participants. [699] The FIA PTG Survey indicated that 25 of 26 responding firms use such controls. [700] In the event that a market participant is required to use self-trade prevention tools in the scenario described above, and was not previously using such tools, the Commission estimates that the market participant will not incur any additional costs beyond those costs already incurred to implement the pre-trade risk controls required by Regulation AT.

    Market Participant Approval Requests. Market participants will, however, incur additional costs in the event that they prepare and submit the approval requests contemplated by § 40.23(c). This provision requires market participants to request approval from DCMs on which they are active that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control. The Commission estimates that, on an annual basis, a market participant will incur a total cost of $3,810 to prepare and submit these approval requests to the DCMs on which the market participant is active. This cost is broken down as follows: 1 Business Analyst, working for 30 hours (30 × $52 per hour = $1,560); and 1 Developer, working for 30 hours (30 × $75 per hour = $2,250). [701]

    The Commission cannot predict how many market participants would likely submit the approval requests contemplated by § 40.23(c) on an annual basis. The Commission believes that not all market participants trading on a DCM would submit such requests. In the view of the Commission, for example, a limited subset of market participants will own two or more accounts, but operate them through “independent decision makers” that initiate orders for “separate business purposes,” as contemplated by § 40.23(b). Similarly, a limited subset of market participants will find it advantageous to incur the costs associated with the self-trading described by § 40.23(b), such as trading costs and clearing fees. In addition, the Commission believes that market participants submitting orders through Algorithmic Trading are more likely than traders submitting orders manually to inadvertently self-trade through independent decision-makers. The Commission estimates that, notwithstanding the fact that the DCM rules described in § 40.23(c) are directed to all market participants, the number of market participants that will submit the approval requests described therein are equivalent to the number of AT Persons calculated above (420). [702] On this basis, the Commission estimates that market participants will incur a total annual cost of $1,600,200 to submit the approval requests contemplated by § 40.23(c) ($3,810 per market participant × 420 market participants).

    c. Benefits

    The Commission notes that, to the extent that DCMs are offering self-trade prevention tools and market participants are using them, many of the benefits of the proposed rules are already being realized. Nonetheless, the Commission has determined to propose rules in the area of self-trading that address both intentional and unintentional matching of orders for accounts that have common beneficial ownership or are under common control, with the goal of benefiting markets and market participants. In particular, the proposed rules would codify a regulatory baseline for self-trade prevention across DCMs, and provide all market participants with enhanced transparency regarding the products in which they trade.

    Regulation AT addresses certain self-trading as provided in § 40.23(a) and (b) (trades between accounts that have common beneficial ownership or are under common control, with certain exceptions). At their extreme, intentional self-trades, or wash sales, may indicate an intent to manipulate a market by creating a false impression of supply or demand or distortions in prices. While Section 4c of the CEA prohibits wash sales, unintentional self-trades are not specifically prohibited under the statute. While existing Commission rules address market manipulation, including wash sales, the use of self-trade tools (as compared to an electronic market without such controls) can improve market functioning, aid firm and market efficiency, and minimize unintentional, and often unnecessary, trading by firms that may be difficult for firms to track on their own. Absent self-trade controls, it has become even more difficult for firms to avoid unintentional self-matches due to their use of automated strategies, which make trading decisions in isolation from the rest of the firm at very high speeds. The Commission preliminarily believes that the proposed rule, by standardizing the use of self-trade controls, will ensure that these benefits of self-trade controls will be available to all market participants. The Commission believes that DCMs are best situated to promulgate rules designed to limit the frequency of self-trading on their platforms, and to provide disclosure to the marketplace regarding the frequency of self-trade activity on their platform.

    Proposed § 40.23(c) requires market participants to request approval from DCMs on which they are active that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control. The Commission preliminarily believes that this rule will benefit the market by providing, to the DCMs, additional transparency on the relationships between accounts and trading strategies within a firm. In addition, the rule will better ensure that firms will apply self-trade prevention tools in a consistent manner.

    The Commission preliminarily believes that publication of self-trade statistics by DCMs (proposed § 40.23(d)) will benefit market participants by providing transparency about the frequency of certain categories of self-trades on each DCM, which can aid in a better understanding of the sources, and characteristics, of liquidity demand and supply across futures products.

    d. Section 15(a) Factors

    This section discusses the Section 15(a) factors for the new proposed requirement (§ 40.23) that a DCM shall implement rules reasonably designed to prevent self-trading by market participants, except as specified in paragraph (b) of § 40.23.

    i. Protection of Market Participants and the Public

    The Commission preliminarily believes that the proposed rule would protect market participants and the public by codifying the use of self-trade controls and increasing transparency around self-trading as required by proposed § 40.23(d). It may also incentivize practices that help to reduce the likelihood of wash trades and self-trades.

    ii. Efficiency, Competitiveness, and Financial Integrity of Futures Markets

    The Commission preliminarily believes that the proposed rule standardizing the use of self-trade controls and increasing transparency around self-trading would promote the efficiency of the markets. The use of self-trade controls may promote financial integrity by helping to limit self-trades (including intentional and potentially manipulative self-trades). Moreover, requiring that DCMs provide self-trade controls and that market participants use them may enhance competitiveness by preventing a race to the bottom; that is, eliminating the possibility that a DCM or market participant could elect not to require or implement self-trade prevention in order to gain competitive advantage.

    iii. Price Discovery

    The proposed rule may protect and enhance the price discovery process by standardizing the use of self-trade controls and increasing transparency around self-trading.

    iv. Sound Risk Management Practices

    The proposed rule may promote sound risk management practices since self-trade controls (which the rule codifies) give market participants greater ability to avoid unintentional self-trading that could expose them to various financial risks.

    v. Other Public Interest Considerations

    The Commission has not identified any effects that these proposed rules would have on other public interest considerations other than those addressed above.

    e. Consideration of Alternatives

    Proposed § 40.23 provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to address unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the accounts that should not trade with each other, so long as this goal is met. The Commission has requested comment on whether other identification methods should be permitted in § 40.23. For example, the Commission has requested comment on whether the opposite approach is preferable: market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other). The Commission has also asked for comment on whether other identification methods would reduce costs for market participants or be easier for both market participants and DCMs to administer. Upon consideration of comments, the Commission may choose to adopt these other methods in lieu of what is now proposed.

    f. Request for Comments

    151. Please comment on the cost estimates described above for DCMs and market participants to comply with the requirements of § 40.23. The Commission is interested in commenter opinion on all aspects of its analysis, including its estimate of the number of entities impacted by the proposed regulation and the amount of costs such entities may incur to comply with the regulation.

    152. Please comment on the benefits described above. Do you agree with the Commission's position that self-trade prevention requirements will result in more accurate indications of the level of market interest on both sides of the market and help ensure arms-length transactions that promote effective price discovery? Are there additional benefits to regulatory self-trade prevention requirements not articulated above?

    153. Are there any DCMs that neither internalize and apply self-trade prevention tools, nor provide self-trade prevention tools to their market participants? If so, please provide an estimate of the cost to such a DCM to comply with the requirement under § 40.23(a) to apply, or provide and require the use of, self-trade prevention tools.

    154. Would any DCMs that currently offer self-trade prevention tools need to update their tools to meet the requirements of § 40.23? If so, please provide an estimate of the cost to such a DCM to comply with the requirements of § 40.23.

    155. What percentage of market participants do not currently make use of exchange-provided self-trade prevention tools, when active on a DCM that provides, but does not require such tools? Please provide an estimate of the cost to such a market participant to initially calibrate and use exchange-provided self-trade prevention tools, in accordance with § 40.23. Please also comment on any other direct or indirect costs to a market participant that does not currently use self-trade prevention tools arising from the proposed requirement to implement such tools.

    156. The Commission estimates above that the number of market participants that will submit the approval requests described by § 40.23(c) is approximately equivalent to the number of AT Persons. Please comment on whether the estimate of the number of market participants submitting such approval requests should be higher or lower. For example, should the estimate be raised to account for proprietary algorithmic traders that will not be AT Persons, because they do not use Direct Electronic Access and therefore will not be required to register as floor traders?

    157. Proposed § 40.23 provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to prevent unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the account that should be prohibited from trading from each other, so long as this goal is met. Should any other identification methods be permitted in § 40.23? For example, please comment on whether the opposite approach is preferable: market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other). In particular, please comment on whether this approach or other identification methods would reduce costs for market participants or be easier for both market participants and DCMs to administer.

    158. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    11. Market-Maker and Trading Incentive Programs

    a. Summary of Proposed Rules

    The Commission is proposing new regulations in part 40 to increase transparency around DCM market-maker and trading incentive programs, underline existing regulatory expectations, and introduce basic safeguards in the conduct of such programs. The proposed regulations would amend existing § 40.1(i), which applies to all registered entities, to make clear that market-maker and trading incentive programs are “rules” for purposes of part 40, and therefore subject to part 40's rule filing requirements. They would also establish information requirements when DCMs file rules for Commission approval pursuant to existing § 40.5 or self-certify rules pursuant to existing § 40.6. Information requirements would be codified in proposed § 40.25, including § 40.25(a) for information to be provided to the Commission and § 40.25(b) specifying information that must be available on a DCM's public Web site. Relatedly, proposed § 40.26 would permit the Commission or the director of DMO to require certain information from DCMs regarding their market-maker or trading incentive programs, including but not limited to copies of program agreements, names of program participants, and payments or other benefits conferred pursuant to a program.

    The most substantive provisions of the Commission's proposed rules for market-maker and trading incentive programs are in new § 40.27(a). Proposed § 40.27(a) would codify DMO's long-standing guidance to DCMs that market-maker and trading incentive programs should not provide payments or incentives for trades between accounts under common ownership. Finally, the proposed regulations would also make clear in § 40.28 that DCMs' existing trade practice and market surveillance responsibilities in subparts C and E of part 38 apply equally to market-maker and trading incentive programs.

    b. Costs

    i. Rule 40.1(i)—Definition of “Rule”; and Rule 40.26—Information Requests From the Commission or the Director of the Division of Market Oversight

    Proposed amendments to § 40.1 and new § 40.26 serve in large part to emphasize existing regulatory requirements and Commission or staff authorities. As such, they are not expected to impose meaningful costs on DCMs. While they may in some cases impose minor incremental costs, they should not require entirely new programs, systems, or categories of employees for DCMs that are already compliant with parts 38 and 40 of the Commission's regulations.

    The Commission proposes to amend § 40.1(i) to make clear that market-maker and trading incentive programs are “rules” for purposes of part 40. This codification of a previously articulated Commission standard with broad industry-wide acceptance should not give rise to new costs for market participants. The Commission has previously stated its view, in a Final Rule regarding Provisions Common to Registered Entities, that a market-maker or trading incentive program is an “agreement” corresponding to “trading protocol” as such terms are used within § 40.1(i)'s existing definition of “rule.”  [703] In the same Final Rule, the Commission stated that “all market maker and trading incentive programs must be submitted to the Commission in accordance with the procedures established in part 40.”  [704] DCMs, for example, certify numerous market-maker and trading incentive programs to the Commission annually, including 341 such self-certifications in 2013. For these and other rule filings, DCMs already employ corresponding staff and other resources to comply with their part 40 obligations. The proposed amendments to § 40.1(i) do not create a new category of rule filings, nor do they require more frequent filings. Furthermore, the proposed amendments would require no additional staff or other resources beyond those already in place to meet existing rule filing requirements in part 40. Accordingly, the Commission believes that the proposed amendments to § 40.1(i) will impose no additional costs on the registered entities to which it applies.

    Proposed § 40.26 is a new regulatory provision that would permit the Commission or the director of DMO to require certain information from DCMs regarding their market-maker or trading incentive programs. As with § 40.1(i), the Commission believes that proposed § 40.26 will impose no additional costs on DCMs. The proposed regulation is a more targeted iteration of existing § 38.5, which requires a DCM to file with the Commission such “information related to its business as a designated contract market” as the Commission may require. Section 38.5 also requires a DCM upon request by the Commission or the director of DMO to file “a written demonstration” that the DCM “is in compliance with one or more core principles as specified in the request” or “satisfies its obligations under the Act,” including “supporting data, information and documents.”

    Proposed § 40.26 does not alter a DCM's existing obligations under § 38.5, but rather makes clear that Commission and DMO information requests may pertain specifically to market-maker and trading incentive programs. It also provides a non-exhaustive list of the types of “supporting data, information and documents” that the Commission or the director of DMO may request that is particularly appropriate to market-maker and trading incentive programs. Proposed § 40.26 imposes no new obligation to provide information, and does not increase the frequency which information must be provided. The Commission is aware that DCMs already employ legal, business, technology, and other staff and resources necessary to respond to § 38.5 information requests. The Commission believes that the same staff will be appropriate for any § 40.26 information request that it may issue to focus specifically on market-maker or trading incentive programs. Accordingly, the Commission believes that proposed § 40.26 will impose no additional costs on DCMs.

    ii. Rule 40.25—Additional Public Information Required for Market Maker and Trading Incentive Programs; and Rule 40.28—Surveillance of Market Maker and Trading Incentive Programs

    Proposed § 40.25(a) would require DCMs to provide the Commission with certain information regarding their market-maker and trading incentive programs when submitting such programs as rules pursuant to part 40. Specifically, when requesting approval of a new program pursuant to § 40.5, or self-certifying a program pursuant to § 40.6, DCMs would be required to provide the name of the program, the date on which it begins, and the date on which it terminates (if applicable). DCMs would also be required to provide a description of any categories of market participants or eligibility criteria limiting who may participate in the program. For any market-maker or trading incentive program open to only some market participants, proposed § 40.25(a) would require DCMs to explain why the program was limited to the chosen participants or criteria. Proposed § 40.25(a) would also require DCMs to include in their rule filings an explanation of how persons eligible for a market-maker or trading incentive program would apply to participate, and how eligibility would be evaluated by the DCM.

    Separately, proposed § 40.25(a) would require DCMs to provide an explanation of the specific purpose for a market-maker or trading incentive program, and a list of all products or services to which the program applies. It would also require a description of any payments, incentives, discounts, considerations, inducements or other benefits that program participants may receive, including any non-financial incentives. Finally, proposed § 40.25(a) would require a description of the obligations, benchmarks, or other measures that participants in a market-maker or trading incentive program must meet to receive benefits.

    To ensure public transparency in market-maker and trading incentive programs, proposed § 40.25(b) would enlarge upon DCMs' existing obligations in part 40 to provide public notice and other information regarding their rule filings. Specifically, proposed § 40.25(b) would require DCMs to ensure that the information described above in § 40.25(a) is easily located on their public Web sites. Lastly, proposed § 40.25(c) would require DCMs to notify the Commission upon the termination of a market maker or trading incentive program.

    While proposed § 40.25 would require information from DCMs regarding their market-maker or trading incentive programs, the Commission believes it largely incorporates existing rule filing requirements in part 40. For example, existing §§ 40.5 and 40.6 each require a DCM requesting approval or self-certifying rules to provide the Commission with the rule text; the proposed effective date or date of intended implementation; and an “explanation and analysis of the operation, purpose, and effect” of the proposed rule. Existing §§ 40.5 and 40.6 also require each DCM to provide the Commission with an assessment of the rule's “compliance with applicable provisions of the Act, including core principles, and the Commission's regulations thereunder;” and “a brief explanation of any substantive opposing views expressed to [the DCM] by governing board or committee members, members of the entity or market participants that were not incorporated into the rule. . . . ” Furthermore, these existing provisions each require a DCM to certify that the DCM posted on its public Web site a notice of pending rule or certification and to also post a copy of the DCM's submission to the Commission on the DCM's Web site.

    The Commission believes proposed § 40.25 adds important clarity to existing rule filing requirements in part 40 when such filings pertain to market-maker or trading incentive programs. However, it also recognizes important overlaps between proposed § 40.25 and existing regulations in §§ 40.5 and 40.6. Furthermore, proposed § 40.25 does not create a new category of rule filings, nor does it or require more frequent filings. For these reasons, the Commission believes that additional costs to DCMs attributable to § 40.25 will not be significant. As an example of such costs, DCMs will need to evaluate § 40.25 and assess whether and what filings must be made to comply with the regulation. In addition, the more explicit requirements of proposed § 40.25, as compared to existing regulations, may prompt DCMs to make filings that they otherwise may not have made. The Commission estimates the costs of proposed § 40.25 per DCM as described below.

    The Commission believes that the work of proposed § 40.25 will fall primarily upon DCM Compliance Attorneys already employed in completing part 40 rule filings. The Commission estimates that a DCM (through its Compliance Attorneys) will incur a total annual cost of $14,976 to comply with proposed § 40.25. This cost is broken down as follows: 1 Compliance Attorney, working for 156 hours  [705] (156 × $96 per hour = $14,976). [706] On average, the 15 DCMs to which proposed § 40.25 would apply would therefore incur a total annual cost of $224,640 (15 × $14,976) to comply with proposed § 40.25. The Commission notes, however, that actual costs per DCM may vary depending on the number of market-maker and trading incentive program rule filings submitted by an individual DCM on an annual basis.

    Finally, proposed § 40.28 requires that a DCM, “consistent with its obligations pursuant to subparts C and E of part 38 . . . review all benefits accorded to participants in market maker and trading incentive programs . . . to ensure that such benefits are not earned through abusive practices.” Notably, the proposed regulation points to preexisting requirements in the Commission's rules—and to costs that DCMs must already assume independently of proposed § 40.28. Subpart C of part 38, entitled “Compliance with Rules,” requires DCMs to prohibit abusive trading practices on its markets by all members and market participants, including but not limited to a series of enumerated trade practice violations. It also requires DCMs to have the capacity to detect and investigate rule violations, including sufficient compliance staff and resources, automated trade surveillance systems, and real-time market monitoring. Subpart E, “Prevention of Market Disruptions,” requires DCMs to “collect and evaluate data on individual traders' market activity on an ongoing basis in order to detect and prevent manipulation, [and] price distortions.” In addition, subpart E requires a DCM to have the ability to “comprehensively and accurately” reconstruct trading on its markets, obtain information from its market participants, and implement additional requirements for cash-settled and physically-settled contracts.

    Proposed § 40.28 does not add to the oversight responsibilities outlined above, but rather makes clear that a DCM's existing obligations in subparts C and E of part 38 apply equally in the context of market-maker and trading incentive programs. The Commission believes that proposed § 40.28 will impose no significant new costs on DCMs, but acknowledges that it may result in minor administrative costs. Specifically, a DCM not already doing so will be required to ensure appropriate communication between its compliance staff tasked with detecting abusive practices and its business staff that may administer the DCM's market-maker or trading incentive programs. For example, in the case of an incentive program based on a market participant's gross trading volume, compliance staff would be required to inform business staff of trades that should not be credited towards the incentive program because they were conducted in violation of an exchange rule. The Commission believes that the costs associated with proposed § 40.28 are not significant due in part to DCMs' existing surveillance capabilities, which are typically highly automated.

    The Commission estimated the costs of complying with proposed § 40.28. In making its estimates, the Commission determined that the primary costs associated with the regulation will be communication between a DCM's compliance and business staffs. The Commission estimates that a DCM will incur a total annual cost of $12,710 to comply with proposed § 40.28. This cost is broken down as follows: 1 Compliance Attorney, working for 62 hours (62 × $96 per hour = $5,952); 1 Senior Compliance Specialist, working for 62 hours (62 × $57 per hour = $3,534); and 1 Business Analyst, working for 62 hours (62 × $52 per hour = $3,224). [707] In the event that no DCM is currently in compliance with proposed § 40.28, the 15 DCMs to which proposed § 40.28 would apply would therefore incur a total annual cost of $190,650 (15 × $12,710) to comply with proposed § 40.28. [708]

    iii. Rule § 40.27—Payment for Trades With No Change in Ownership Prohibited

    The Commission is also proposing new § 40.27(a) to require that DCMs implement policies and procedures reasonably designed to prevent the payment of market-maker or trading incentive payments for trades between accounts identified to the DCM as under common beneficial common ownership or known to the DCM as under common ownership. Proposed § 40.27(a) is consistent with guidance provided to DCMs by the Commission that incentive payments should not be made for “self-trades.” In this regard, the proposed regulation ratifies staff's previous guidance  [709] and further develops the Commission's expectations regarding appropriate uses of market-maker and trading incentive programs. However, because the subject matter of proposed § 40.27(a) is not explicitly addressed in existing regulations, the Commission is analyzing it as an entirely new cost to DCMs for this purpose.

    The Commission believes that the costs associated with proposed § 40.27(a) will be administrative in nature. DCMs will be required to implement policies and procedures reasonably designed to ensure that self-trades permitted pursuant to § 40.23 nonetheless do not receive market-maker or trading incentives payments, discounts or other considerations. DCMs will also be required to implement policies and procedures reasonably designed to ensure that any other self-trades known to the DCM do not receive market-maker or trading incentive payments, discounts or other considerations.

    The Commission believes a DCM could efficiently implement proposed § 40.27(a) by requiring the DCM's compliance staff (Senior Compliance Specialist) to periodically provide its business staff (Business Analyst) with summary statistics regarding self-trades by market participants. Business Analysts responsible for administering a market-maker or trading incentive program could then discount such trades from any payments, benefits, or other considerations made pursuant to a program. Reports regarding self-trades could be automated at the DCM's discretion. When necessary, Senior Compliance Specialists could collaborate with the DCM's legal staff (Compliance Attorney) to address instances in which the existence of a self-trade is unclear. Similarly, Business Analysts could collaborate with legal or compliance counterparts where a market participant challenges the DCM's determinations or payments. The Commission believes that a similar process of information flow to Business Analysts administering payments, benefits, or other considerations pursuant to a market-maker or trading incentive program would also be appropriate to implement proposed § 40.27(a). The Commission estimates the costs of compliance as described below.

    The Commission estimates that a DCM will incur a total annual cost of $30,108 to comply with proposed § 40.27(a). This cost is broken down as follows: 1 Compliance Attorney, working for 52 hours (52 × $96 per hour = $4,992); 1 Senior Compliance Specialist, working for 156 hours (156 × $57 per hour = $8,892); and 1 Business Analyst, working for 312 hours (312 × $52 per hour = $16,224). [710] The 15 DCMs to which proposed § 40.27(a) would apply would therefore incur a total annual cost of $451,620 (15 × $16,224) to comply with proposed § 40.27(a). [711]

    c. Benefits

    The Commission anticipates that the proposed amendments to § 40.1(i) and new §§ 40.25-40.28 will facilitate Commission oversight; increase public transparency; and help ensure market-maker and trading incentive programs that are compliant with the Act and Commission regulations. The proposed rules are consistent with existing regulatory expectations. To the extent that they impose requirements beyond those of existing Commission regulations and to the extent that DCMs are currently not in compliance with the proposed rules, the Commission expects the rules to increase transparency around DCM market-maker and trading incentive programs, and introduce basic safeguards in the conduct of such programs. Building on the Dodd-Frank Act, the Commission adopted in June 2012 core principles and final rules modernizing the regulatory regime applicable to all DCMs (“DCM Final Rules”). Among other areas, the DCM Final Rules emphasized DCMs' obligations as the front-line regulators of their markets. These include extensive trade practice responsibilities pursuant to subpart C of part 38, and market surveillance responsibilities pursuant to subpart E. In addition, the Commission codified new requirements that a DCM offer its “members [and] persons with trading privileges . . . with impartial access to its markets and services,” including: (1) “Access criteria that are impartial, transparent and applied in a non-discriminatory manner” and (2) “comparable fee structures . . . for equal access to, or services from” the DCM.

    Substantively, the Commission believes that the proposed regulations for market-maker and trading incentive programs will help facilitate Commission oversight by eliminating any potential ambiguity that may exist regarding its authority over such programs. Proposed amendments to the definition of “rule” in § 40.1(i), in particular, will codify previous statements by the Commission regarding the treatment of market-maker and trading incentive programs as “rules” pursuant to part 40, which statements however were not explicitly reflected in existing § 40.1(i). Proposed § 40.25 will enhance the types of information that DCMs should expect to provide the Commission when requesting approval or self-certifying market-maker or trading incentive programs. Such information will include a description of any eligibility criteria for participation in a market-maker or trading incentive program, and an explanation for programs with limited eligibility. Proposed § 40.25 will also require that information regarding market-maker and trading incentive programs be easily located on a DCM's Web site. Taken together, these measures will for example facilitate the Commission's oversight of DCMs' compliance with impartial access and comparable fee structure requirements in § 38.151(b) adopted by the Commission in 2012.

    Proposed § 40.27(a) is designed to promote market integrity and to discourage abusive trading practices. The Commission believes it is imperative that market participants are not incentivized to trade solely for the purpose of collecting market-maker or trading incentive program benefits. Trading for the sake of collecting such benefits may, for example, inaccurately signal the level of liquidity in the market and may result in a non-bona fide price. Key public statistics published by DCMs regarding trades, orders, and other measures of liquidity on their markets must not be inflated through trading strategies that may be violative of DCM or Commission rules and that are designed solely to collect incentives or to meet market-maker program requirements. For example, the Commission seeks to eliminate incentives that may encourage market participants to engage in illegal behavior such as wash trading, which is prohibited under the CEA and Commission regulations. [712]

    d. Section 15(a) Factors

    This section discusses the Section 15(a) factors for the proposed new regulations in part 40 to increase transparency around DCM market-maker and trading incentive programs, underline existing regulatory expectations, and introduce basic safeguards in the conduct of such programs. The proposed regulations would amend existing § 40.1(i) and create new §§ 40.25- 40.28.

    i. Protection of Market Participants and the Public

    The Commission preliminarily believes that the proposed rule would protect market participants and the public by eliminating potential ambiguity that may exist regarding the Commission's expectations and requirements with respect to market-maker and trading incentive programs and by guarding against such programs incentivizing self-trading. By so doing, the proposed rules would help ensure that volume reports accurately reflect levels of bona fide risk shifting transactions activity rather than self-trades. It may also reduce the frequency of self-trades, and eliminate incentives that may encourage market participants to engage in illegal behavior such as wash trading, by prohibiting market-maker or trading incentive program payments for transactions involving accounts under common ownership.

    ii. Efficiency, Competitiveness, and Financial Integrity of Futures Markets

    The Commission preliminarily believes that the proposed rule would promote the efficiency, competitiveness and financial integrity of futures markets by clarifying Commission requirements and expectations regarding market-maker and trading incentive programs. The proposed rule regarding payments to accounts with common ownership may reduce incentives to self-trade and thus may also help further ensure (beyond the rules related to self-trades also being proposed in this release) that market volumes reflect only trades that shift risk between different counterparties and thus accurately reflect supply and demand in the market and true market liquidity. The proposed rule regarding payments to accounts with common ownership may promote financial integrity by helping to prevent intentional self-trades (wash trades) that could lead to price distortions.

    iii. Price Discovery

    The Commission expects that the proposed rule regarding payments to accounts with common ownership to protect and enhance the price discovery process by helping to prevent intentional self-trades (wash trades) that could lead to price distortions. The proposed rules also would make clear Commission requirements designed to prevent market-maker and trading incentive programs from interfering with or doing harm to the price discovery process.

    iv. Sound Risk Management Practices

    The proposed rule regarding payments to accounts with common ownership may promote sound risk management practices by helping to ensure that market-maker and trading incentive programs do not incentivize self-trades or wash trades. The proposed rules also would make clear Commission requirements designed to prevent market-maker and trading incentive programs from deterring sound risk management considerations.

    v. Other Public Interest Considerations

    The Commission has not identified any effects that these proposed rules would have on other public interest considerations other than those addressed above.

    e. Consideration of Alternatives

    As discussed, the proposed rules regarding market-maker and trading incentive programs largely refer to and clarify the Commission's existing rules and guidance and make Commission expectations more clear to new and existing DCMs. The Commission considered not proposing these rules. Absent these rules, the Commission could still realize many of the benefits by enforcing the existing regulations, but it would be more difficult to ensure that DCMs provide information regarding market-maker and trading incentive programs prominently on their Web sites. Moreover, absent the proposed rule, there would only be guidance rather than a rule regarding payments for self-trades. The Commission has determined to propose these rules to provide increased regulatory certainty to DCMs and market participants regarding market-maker and trading incentive programs and to ensure that such programs do not permit self-trade payments.

    f. Request for Comments

    159. The Commission requests comment on the accuracy of its cost estimates.

    160. To what extent are the costs imposed on the DCMs by the proposed rule already incurred pursuant to existing rules?

    161. To what extent are the benefits of the proposed rule currently being realized?

    162. Do DCM Web sites currently provide adequate information regarding market-maker and trading incentive programs, and is such information easily located?

    163. To what extent do DCMs currently make payments for self-trades pursuant to market-maker and trading incentive programs?

    164. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    VI. Aggregate Estimated Cost of Regulation AT Back to Top

    Summarizing the cost estimates presented above, the Commission estimates that Regulation AT will impose the following costs on persons subject to its rules. These costs are broken into one-time costs for initial compliance, and annual costs following thereafter. As discussed in section V above, the Commission calculated costs for certain risk mitigation procedures, but determined that they generally will not be imposed upon market participants because, among other reasons, they relate to procedures or controls that are already widely used in the industry. [713] The two charts below do not include such costs.

    In addition, as noted above, the Commission believes that the risk controls and other measures required by §§ 1.80 and 1.82 are already widely used by market participants. Upgrading such systems to come into full compliance with the proposed regulations will impose initial one-time costs, which are included in the one-time costs chart below. However, the Commission believes that because market participants already have these systems in place, the proposed regulations will generally not result in increased annual costs to maintain such systems.

    One-time costs:

    Back to Top
    Regulation Description Cost per entity Cost for all entities
    New Floor Traders (100 Entities)      
    1.3(x)/170.18 714 Registration of new floor traders with CFTC and as members of RFA—Form 7-R Fee $200 $20,000
    1.3(x)/170.18 Registration of new floor traders with CFTC and as members of RFA—preparation of Form 7-R 96 9,600
    1.3(x)/170.18 Registration of new floor traders with CFTC and as members of RFA—Form 8-R Fee for 10 principals 850 85,000
    1.3(x)/170.18 Registration of new floor traders with CFTC and as members of RFA—preparation of Form 8-R for 10 principals 960 96,000
    Total New Floor Traders 2,106 210,600
    AT Persons (420 Entities)      
    1.80 Risk controls 79,680 33,465,600
    1.83(c) Recordkeeping 5,130 2,154,600
    Total AT Persons 84,810 35,620,200
    Clearing Member FCMs (57 Entities)      
    1.82 Risk controls—DEA orders 49,800 2,838,600
    1.82 Risk controls—non-DEA orders 159,360 9,083,520
    1.83(d) Recordkeeping 5,130 292,410
    Total Clearing Member FCMs 214,290 12,214,530
    DCMs (15 Entities)      
    38.255(b) Provide controls to FCMs 155,520 2,332,800
    40.20 Risk controls 155,520 2,332,800
    40.22(c) Establish compliance report review program 37,000 555,000
    Total DCMs 348,040 5,220,600
    Total All Entities 53,265,930

    Annual costs:

    Back to Top
    Regulation Description Cost per entity Cost for all entities
    New Floor Traders (100 Entities)      
    170.18 RFA annual membership dues (payable first year of membership and each year after) $5,625 $562,500
    Total New Floor Traders 5,625 562,500
    AT Persons (420 Entities)      
    1.83(a) Submit compliance reports/written policies 4,240 1,780,800
    1.83(c) Recordkeeping 2,670 1,121,400
    40.23 Submit approval requests to DCMs to forego self-trade controls 3,810 1,600,200
    Total AT Persons 10,720 4,502,400
    Clearing Member FCMs (57 Entities)      
    1.83(b) Submit compliance reports 7,090 404,130
    1.83(d) Recordkeeping 2,670 152,190
    Total Clearing Member FCMs 9,760 556,320
    DCMs (15 Entities)      
    38.401 Disclosure of trade matching programs 19,200 288,000
    40.22(c) Review of compliance reports 111,000 1,665,000
    40.22(c) Remediation of compliance reports 22,200 333,000
    40.22(e) Review books and records 110,880 1,663,200
    40.23(c) Review approval requests from market participants re self-trading 22,000 330,000
    40.23(d) Publish statistics on self-trading 6,650 99,750
    40.25 Provide information on market maker programs in rule filings 14,976 224,640
    40.27 Restrictions on payments under marker maker programs 30,108 451,620
    40.28 Surveillance of market maker programs for abusive practices 12,710 190,650
    Total DCMs 349,724 5,245,860
    Total All Entities 10,867,080

    The Commission is also presenting the following costs applicable to an RFA pursuant to proposed § 170.19. The Commission anticipates that an RFA will incur these costs on an episodic basis in connection with § 170.19.

    Episodic costs:

    Back to Top
    Regulation Description Cost per entity Cost for all entities
    RFAs (1 Entity)      
    170.19 RFA Standards $34,200 $34,200
    Total RFAs 34,200 34,200

    VII. List of All Questions in the NPRM Back to Top

    Listed below are all questions raised in the preceding sections of this NPRM, organized according to the section of the NPRM in which the question appears. The Commission welcomes any and all comments on any aspect of Regulation AT regardless of whether it is addressed by a particular question. If responding to a specific question enumerated in this NPRM, the Commission requests that commenters in their comment letters refer to that question being answered.

    IV(D) Codification of Defined Terms

    “Algorithmic Trading”—§ 1.3(zzzz)

    1. Is the Commission's definition of “Algorithmic Trading” generally consistent with what algorithmic trading is understood to mean in the industry? If not, please explain how it is inconsistent and how the definition should be modified. In your answer, please explain whether the definition inappropriately includes or excludes a particular type or aspect of trading.

    2. Should the Commission adopt a definition of “Algorithmic Trading” that is more closely aligned with any definition used by another regulatory organization?

    3. For purposes of the Commission's definition of Algorithmic Trading, is it necessary for the Commission to define “computer algorithms or systems”? If so, please explain what should be included in such a definition.

    4. Should the Commission's definition of “Algorithmic Trading” include systems that only make determinations as to the routing of orders to different venues (which is contemplated in the proposed definition)? With respect to the definition of “Algorithmic Trading,” should the Commission differentiate between different types of algorithms, such as alpha-generating algorithms and order routing algorithms?

    5. Is the Commission's understanding correct that most entities using automated order routers will be using similar or related automated technology to determine other parameters of an order?

    6. The Commission posits a scenario in which an AT Person submits orders through Algorithmic Trading, and a non-clearing FCM or other entity acts only as a conduit for these AT Person orders. If the non-clearing FCM or other entity does not make any determinations with respect to such orders, the conduit entity would not be engaged in Algorithmic Trading, as that definition is currently proposed. Should the definition of Algorithmic Trading be modified to capture a conduit entity such as a non-clearing FCM in this scenario, thereby making the entity an AT Person subject to Regulation AT? In other words, should non-clearing FCMs be required to manage the risks of AT Person customers? How would non-clearing FCMs do so if the non-clearing FCMs do not have risk controls comparable to the risk controls specified in proposed § 1.82?

    7. The Commission, recognizing that natural person traders who manually enter orders also have the potential to cause market disruptions, is considering expanding the definition of Algorithmic Trading to encompass orders that are generated using algorithmic methods (e.g., an algorithm generates a buy or sell signal at a particular time), but are then manually entered into a front-end system by a natural person, who determines all aspects of the routing of the orders. Such order entry would not represent Algorithmic Trading under the currently proposed definition. The Commission requests comment on this proposed expansion of the definition of Algorithmic Trading, which the Commission may implement in the final rulemaking for Regulation AT. The Commission requests comment on the costs and benefits of this proposal, in addition to any other comments regarding the effectiveness of this proposal in terms of risk reduction.

    “Algorithmic Trading Compliance Issue”—§ 1.3(tttt)

    8. Should the definition of Algorithmic Trading Compliance Issue be modified to include other potential compliance failures involving an AT Person that may have a significant detrimental impact on such AT Person, the relevant DCM, or other market participants?

    “Algorithmic Trading Disruption”—§ 1.3(uuuu)

    9. Should the definition of Algorithmic Trading Disruption be modified to include other types of disruptive events that may originate with an AT Person?

    10. Should the definition be expanded to include other types of disruptive downstream consequences that may result from an Algorithmic Trading Disruption originating with an AT Person, and which may negatively impact the relevant designated contract market, other market participants, or other persons? Alternatively, should the scope of the definition be reduced, and if so, why?

    11. In addition, should the reference to “materially degrades” in the definition of Algorithmic Trading Disruption be expanded or otherwise modified to encompass other types of disruptions that may impact the relevant designated contract market, other market participants, or other persons? Please provide examples of real-world events originating with AT Persons (as defined under Regulation AT) that resulted in disruptions that may not be captured by the reference to “materially degrades” in the definition.

    “AT Order Message”—§ 1.3(wwww)

    12. Please comment on the proposed scope of the Commission's definition of AT Order Message. Is the proposed definition too expansive, in that it would limit the submission of messages that do not have the potential to disrupt the market? Alternatively, is the scope of the AT Order Message too limited, in that it could allow messages not related to orders (i.e., heartbeat messages or requests for mass quotes) to intentionally or unintentionally flood the DCM's systems and slow down the matching engine? Please explain how this definition would be more appropriately limited or expanded.

    “AT Person”—§ 1.3(xxxx)

    13. The Commission notes that the FIA Guide recommends certain pre-trade risk controls and contemplates three levels at which these controls can be placed: Automated trader, broker, and exchange. FIA defines “automated trader” as any trading entity that uses an automated system, including hedge funds, buy-side firms, trading firms, and brokers who deploy automated algorithms, and defines “broker” as FCMs, other clearing firms, executing brokers and other financial intermediaries that provide access to an exchange.

    a. Should the Commission's definition of “AT Person” explicitly include or exclude any of the classes of parties included in FIA's term “automated trader”? Please explain. Are there any types of entities not present in this list that should be included in the “AT Person” definition?

    b. Should Regulation AT use the term “broker,” as understood by FIA? If so, please explain. Is there another term that would be more appropriate in defining the scope of AT Persons?

    14. Algorithmic Trading carries technological and personnel costs, and the Commission expects that such trading will be performed by entities, not natural persons. Is this a reasonable assumption? For purposes of quantifying the number of AT Persons that will be subject to the regulations, do you believe that any AT Person (a definition that encompasses the following persons if engaged in Algorithmic Trading: FCMs, floor brokers, swap dealers, major swap participants, commodity pool operators, commodity trading advisors, introducing brokers, and newly registered floor traders using Direct Electronic Access) will be a natural person or a sole proprietorship with no employees other than the sole proprietor?

    15. The Commission recognizes that a CPO could use Algorithmic Trading to enter orders on behalf of a commodity pool which it operates. In these circumstances, should the Commission consider the CPO that operates the commodity pool or the underlying commodity pool itself as “engaged in Algorithmic Trading” pursuant to the definition of AT Person?  [715]

    16. The Commission notes that pursuant to § 1.57(b) of the Commission's regulations IBs may not carry proprietary accounts. However, certain customer relationships may cause an IB to fall under the definition of AT Person. The Commission requests comment on the types of IB customer relationships that could cause IBs to fall under the definition of AT Persons. What activities are currently being conducted by IBs that could cause an IB to be considered engaging in Algorithmic Trading on or subject to the rules of a DCM and would therefore cause the IB to be considered an AT Person?

    17. Should the definition of AT Person be limited to persons using DEA? In other words, should the definition capture persons registered or required to be registered as FCMs, floor brokers, SDs, MSPs, CPOs, CTAs, or IBs that engage in Algorithmic Trading on or subject to the rules of a DCM, or persons registered or required to be registered as floor traders as defined in § 1.3(x)(3), in each case if such persons are using DEA? The Commission requests comment on the costs and benefits of this approach, including comments on whether this more limited definition of AT Persons would adequately mitigate the risks associated with algorithmic trading.

    “Direct Electronic Access”—§ 1.3(yyyy)

    18. Please explain whether the Commission's proposed definition of DEA will encompass all types of access commonly understood in Commission-regulated markets as “direct market access.” In light of the proposed regulations concerning pre-trade and other risk controls and standards for the development, testing and supervision of algorithmic trading systems, do you believe that the proposed definition of Direct Electronic Access is too limited (or, alternatively, too expansive)? If so, please explain why and how the definition should be revised.

    19. Should the Commission define “routed” in its definition of DEA? If so, how? Are there specific examples of trading or routing arrangements where it would be unclear whether trading was performed through DEA?

    20. Should the Commission use the term “direct market access” instead of DEA, and if so why?

    21. Should the Commission define sub-categories of DEA, such as sponsored market access?

    22. The Commission's proposed definition of DEA in § 1.3(yyyy) differs from definitions of direct electronic access in § 38.607 and direct access for FBOTs in § 48.2(c). The Commission believes that the more technical definition in proposed 1.3(yyyy) is appropriate for Regulation AT. The Commission solicits comment regarding proposed 1.3(yyyy), whether all definitions of “direct” access should be harmonized across the Commission's rules, and if so how. Do you believe that two definitions would create confusion with respect to Commission requirements as to direct electronic access? With respect to §§ 1.80, 1.82, and 38.255(b) and (c) provisions imposing risk control requirements on AT Persons, FCM and DCMs, should the Commission use the existing definition of direct electronic access provided in § 38.607?

    IV(E) Registration of Certain Persons Not Otherwise Registered With Commission—§ 1.3(x)

    23. Should firms operating Algorithmic Trading systems in CFTC-regulated markets, but not otherwise registered with the Commission, be required to register with the CFTC? If not, what alternatives are available to fully effectuate the purpose and design of Regulation AT?

    24. Should all firms deploying Algorithmic Trading systems be required to register with the Commission? Are there additional characteristics of AT Persons that should be taken into consideration for registration purposes? For example, should the Commission limit registration to trading firms meeting certain trading volume, order or message levels? In other words, should there be a minimum volume, order or message test in order to meet the definition of “floor trader,” or otherwise to meet the definition of AT Person? If so, what should be measured and what specific thresholds should be used?

    25. In the alternative, should the Commission broaden the registration requirements in proposed § 1.3(x)(3)(ii) so that all persons trading on a contract market through DEA are required to register, instead of only those who are engaged in Algorithmic Trading?

    26. Please supply any information or data that would help the Commission in deciding whether firms may or may not meet the definition of “floor trader” in Section 1a(23) of the Act.

    27. Do you believe that the registration of such firms as “floor traders” would help effectuate the purposes of the CEA to deter and detect price manipulation or any other disruptions to market integrity? If you believe that registration of such firms will not help effectuate the purposes of the CEA, or that the same purposes can be achieved by other means, please explain.

    IV(F) RFA Standards for Automated Trading and Algorithmic Trading Systems—§ 170.19

    28. The Commission requests comment on the scope of responsibilities assigned to RFAs under proposed § 170.19. Should RFAs be responsible for fewer or additional areas regarding AT Persons, ATSs, and algorithmic trading than specified in proposed § 170.19, prongs (1), (2), (3), and (4) (§ 170.19(a)(1)-(a)(4))? Regulation 170.19 requires RFAs to consider the need for rules in the areas listed in prongs (1)-(4) (§ 170.19(a)(1)-(a)(4)). Should RFAs be responsible for considering whether to adopt rules in fewer or additional areas?

    29. The Commission requests comment on the latitude afforded to RFAs in proposed § 170.19. Should RFAs have more or less latitude to issue rules than specified in proposed § 170.19?

    30. The Commission requests comment on RFAs' obligation in proposed § 170.19 to establish and maintain a program for the prevention of fraud and manipulation, protection of the public interest, and perfecting the mechanisms of trading, including through rules it may determine to adopt pursuant to § 170.19. The proposed rules anticipate that an RFA's program will include examination and enforcement components. Is this the appropriate approach?

    31. The Commission requests comment on whether proposed § 170.19 may result in duplicative obligations on AT Persons or any other market participant. In particular, please comment on potential duplication, if any, between algorithmic trading requirements that an RFA may impose upon its members pursuant to § 170.19, and similar requirements that may be imposed by a DCM in its role as a self-regulatory organization. What amendments would be appropriate in any final rules arising from this NPRM to clarify that unintended overlap between the role of an RFA and a DCM in this context?

    IV(G) AT Persons Must Become Members of an RFA—§ 170.18

    32. The Commission requests comment on whether the regulatory framework established by Regulation AT would require all AT Persons to be members of an RFA in order to be effective. Alternatively, could the goals of Regulation AT be realized without requiring all AT Persons to be members of an RFA?

    IV(H) Pre-Trade and Other Risk Controls for AT Persons—§ 1.80

    33. Are any pre-trade and other risk controls required by § 1.80 ineffective, not already widely used by AT Persons, or likely to become obsolete?

    34. Are there additional pre-trade or other risk controls that should be specifically enumerated in proposed § 1.80?

    35. Do you believe that the pre-trade and other risk controls required in § 1.80 sufficiently address the possibility of technological advances in trading, and the development of new, more effective controls that should be implemented by AT Persons?

    36. The Commission welcomes comment on whether the regulation's requirements relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    37. The Commission notes that § 1.80(d) requires that prior to initial use of Algorithmic Trading, an AT Person must notify its clearing member FCM and the DCM that it will engage in Algorithmic Trading. The Commission welcomes comment on whether the content of that notification requirement is sufficient, or whether clearing member FCMs and DCMs should also be notified of additional information. For example, should AT Persons be required to notify their clearing member FCMs of particular changes to their Algorithmic Trading systems that would affect the risk controls applied by the clearing member FCM?

    38. Is § 1.80(f)'s requirement that each AT Person periodically review its compliance with § 1.80 appropriate? Should there be more prescriptive and granular requirements to ensure that each AT Person periodically reviews its pre-trade and other risk controls and takes appropriate steps to update or recalibrate them in order to prevent an Algorithmic Trading Event? Alternatively, is § 1.80(f) necessary? Does the Commission need to explicitly require AT Persons to conduct a periodic review of their compliance with § 1.80?

    39. AT Persons that are registered FCMs are required by existing Commission regulation 1.11 to have formal “Risk Management Programs,” including, pursuant to § 1.11(e)(3)(ii), “automated financial risk management controls reasonably designed to prevent the placing of erroneous orders” and “policies and procedures governing the use, supervision, maintenance, testing, and inspection of automated trading programs.” As described in § 1.11, an FCM's Risk Management Program must include a risk management unit independent of the business unit; quarterly risk exposure reports to senior management and the governing body of the FCM, with copies to the Commission; and other substantive requirements. The Commission requests public comment regarding whether one or more of the proposed requirements applicable to FCMs in §§ 1.80, 1.81, 1.83(a), and 1.83(c) should be incorporated within an FCM's Risk Management Program and be subject to the requirements of such program as described in § 1.11. In this regard, any final rules arising from this NPRM could place all requirements applicable to FCMs in §§ 1.80, 1.81, 1.83(a), and 1.83(c) within the operational risk measures required in § 1.11(e)(3)(ii). Such incorporation could help improve the interaction between an FCM's operational risk efforts and its pre-trade risk controls; development, monitoring, and compliance efforts; and reporting and recordkeeping requirements, pursuant to §§ 1.80, 1.81, 1.83(a), and 1.83(c). It could also help ensure that an FCM's §§ 1.80, 1.81, 1.83(a), and 1.83(c) processes benefit from the same internal rigor and independence required by the Risk Management Program in § 1.11.

    40. The Commission proposes to adopt a multi-layered approach to regulations intended to mitigate the risks of automated trading, including pre-trade risk controls and other procedures applicable to AT Persons, clearing member FCMs and DCMs. Please comment on whether an alternative approach, for example one which does not impose requirements at each of these three levels, would more effectively mitigate the risks of automated trading and promote the other regulatory goals of Regulation AT.

    IV(I) Standards for Development, Testing, Monitoring, and Compliance of Algorithmic Trading Systems—§ 1.81

    41. The Commission understands that the requirements for developing, testing, and supervising algorithmic systems proposed in § 1.81(a)-(d) are already widely used throughout the industry. Are any specific requirements proposed in this section not widely used by persons that would be designated as AT Persons under Regulation AT, and if not, why not? If any requirements described in § 1.81(a)-(d) are not widely used, please provide an estimate of the cost that would be incurred by an AT Person to implement such requirements.

    42. Are there any aspects of § 1.81(a)-(d) that are unnecessary for purposes of reducing the risks from Algorithmic Trading, and should not be mandated by regulation? If so, please explain.

    43. Are the procedures described above for the development and testing of Algorithmic Trading sufficient to ensure that algorithmic systems are thoroughly tested before being used in production, and will operate in the manner intended in the production environment?

    44. Are there any additional procedures for the development and testing of Algorithmic Trading that should be required under Regulation AT?

    45. Are any of the required procedures for the development and testing of Algorithmic Trading likely to become obsolete in the near future as development and testing standards evolve?

    46. Are the procedures for designating and training Algorithmic Trading staff of AT Persons sufficient to ensure that such staff will be knowledgeable in the strategy and operation of Algorithmic Trading, and capable of identifying Algorithmic Trading Events and promptly escalating them to appropriate staff members?

    47. Is it typical that persons responsible for monitoring algorithmic trading do not simultaneously engage in trading activity?

    48. Proposed §§ 1.80, 1.81, and 1.83 would impose certain requirements on all AT Persons regardless of the size, sophistication, or other attributes of their business. The Commission requests public comment regarding whether these requirements should vary in some manner depending on the AT Person. If commenters believe proposed §§ 1.80, 1.81, and 1.83 should vary, please describe how and according to what criteria.

    IV(J) Risk Management by Clearing Member FCMs—§ 1.82

    49. Are any pre-trade or other risk controls required by § 1.82 ineffective, not already widely used by clearing member FCMs, or likely to become obsolete?

    50. Are there any aspects of proposed § 1.82 that pose an undue burden for clearing member FCMs and are unnecessary for purposes of reducing the risks associated with Algorithmic Trading? If so, please explain (1) the burden; (2) why it is not necessary to reduce the risks associated with Algorithmic Trading, particularly in the case of DEA. What alternatives are available consistent with the purposes of Regulation AT?

    51. Please describe the technological development that would be required by clearing member FCMs to comply with the requirement to implement and calibrate the pre-trade and other risk controls required by § 1.82(c) for non-DEA orders. To what extent have clearing member FCMs already developed the technology required by this provision, for example in connection with existing requirements under § 1.11, and §§ 1.73 and 38.607 for clearing FCMs to manage financial risks?

    52. Are there additional pre-trade or other risk controls that should be specifically required pursuant to proposed § 1.82?

    53. Do you believe that the pre-trade and other risk controls required in § 1.82 sufficiently address the possibility of technological advances in trading and development of new, more effective controls that should be implemented by FCMs?

    54. The Commission welcomes comment on whether the requirements of § 1.82 relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    55. Proposed § 1.82 does not require FCMs to have connectivity monitoring such as “system heartbeats” or automatic cancel-on-disconnect functions. Do you believe that § 1.82 should require FCMs to have such functionality?

    56. Proposed § 1.82 requires clearing FCMs to implement controls with respect to AT Order Messages originating with an AT Person. The Commission is considering modifying proposed § 1.82 to require clearing FCMs to implement controls with respect to all orders, including orders that are manually submitted or are entered through algorithmic methods that nonetheless do not meet the definition of Algorithmic Trading. Such a requirement would correspond to the requirement under proposed § 40.20(d) that DCMs implement risk controls for orders that do not originate from Algorithmic Trading. If the Commission were to incorporate such amendments in any final rules arising from this NPRM, its intent would be to further reduce risk by ensuring that all orders, regardless of source, are screened for risk at both the clearing member FCM and the DCM level. Risk controls at the point of order origination would continue to be limited to AT Persons. The Commission requests comment on this proposed amendment to § 1.82, which the Commission may implement in the final rulemaking for Regulation AT. The Commission requests comment on the costs and benefits to clearing FCMs of this proposal, in addition to any other comments regarding the effectiveness of this proposal in terms of risk reduction.

    IV(K) Compliance Reports Submitted by AT Persons and Clearing FCMs to DCMs; Related Recordkeeping Requirements—§ 1.83

    57. The Commission welcomes comment on the type of information that should be included in the reports required by proposed § 1.83. Should different or additional descriptions be included in the reports, which will be evaluated by DCMs under proposed § 40.22?

    58. How often should the reports required by proposed § 1.83 be submitted to the relevant DCMs? Should the report be submitted more or less frequently than annually?

    59. When should the reports required by proposed § 1.83 be submitted to the relevant DCMs? Should the reports be submitted on a date other than June 30 of each year?

    60. Should a representative of the AT Person or clearing member FCM other than the chief executive officer or the chief compliance officer be responsible for certifying the reports required by proposed § 1.83? Should only the chief executive officer be permitted to certify the report? Alternatively, should only the chief compliance officer be permitted to certify the report?

    61. Are there any aspects of proposed § 1.83(b) that pose an undue burden for clearing member FCMs and are unnecessary for purposes of reducing the risks associated with Algorithmic Trading? If so, please explain (1) the burden; (2) why it is not necessary to reduce the risks associated with Algorithmic Trading, particularly in the case of DEA. What alternatives are available consistent with the purposes of Regulation AT, including in particular Regulation AT's intent that § 1.83 reports benefit from the third-party SRO review performed by DCMs with respect to such reports?

    62. Should the reports required by proposed § 1.83 be sent to any entity other than each DCM on which the AT Person operates, such as the Commission or an RFA? For example, should the Commission require that AT Persons that are members of a RFA send compliance reports to RFA upon NFA's request?

    63. Proposed § 1.83(c) includes recordkeeping requirements imposed on AT Persons, and proposed § 1.83(d) includes recordkeeping requirements imposed on clearing member FCMs. Should the recordkeeping requirements of § 1.83(c) be distributed throughout the sections of the Commission's regulations that contain recordkeeping requirements for various categories of Commission registrants that will be classified as AT Persons? Should § 1.83(d) be transferred to § 1.35 of the Commission's regulations, which contains recordkeeping requirements for clearing member FCMs?

    IV(L) Direct Electronic Access Provided by DCMs—§ 38.255(b) and (c)

    64. Are there any pre-trade and other risk controls required by § 38.255(b) and (c) that will be ineffective, not already widely provided by DCMs for use by FCMs, or likely to become obsolete?

    65. Are there additional pre-trade or other risk controls that DCMs should be specifically required to provide to FCMs pursuant to proposed § 38.255(b) and (c)?

    66. Do you believe that the pre-trade and other risk controls required pursuant to § 38.255(b) sufficiently address the possibility of technological advances in trading? For example, do they appropriately address the potential for the future development of additional effective controls that should be provided by DCMs and implemented by FCMs?

    67. The Commission welcomes comment on whether § 38.255(b)'s requirements relating to the design of controls and the levels at which the controls should be set are appropriate and sufficiently granular.

    68. Proposed § 38.255(b) and (c) do not require DCMs to provide to FCMs connectivity monitoring systems such as “system heartbeats” or automatic cancel-on-disconnect functions. Should § 38.255 require such functionality?

    IV(M) Disclosure and Transparency in DCM Trade Matching Systems—§ 38.401(a)

    69. The Commission has proposed that certain components of an exchange's market architecture should be considered part of the “electronic matching platform” for purposes of the DCM transparency provision. Are there any additional systems that should fall within the meaning of “electronic matching platforms” for purposes of proposed § 38.401(a)?

    70. The Commission has specifically identified, as “attributes” that must be disclosed, latencies within a platform and how a self-trade prevention tool determines whether to cancel an order. Are there any other attributes that would materially affect the execution of market participant orders and therefore should be made known to all market participants? Should the Commission revise the final rule so that it only applies to latencies within a platform and how a self-trade prevention tool determines whether to cancel an order?

    71. What information should be disclosed as part of the description of relevant attributes of the platform? For instance, with latencies within a platform, should statistics on latencies be required? If so, what statistics would help market participants assess any impact on their orders? Would a narrative description of attributes be preferable, including a description of how the attributes might affect market participant orders under different market conditions, such as during times of increased messaging activity?

    72. The Commission notes that proposed § 38.401(a)(1)(iii) and (iv) are not intended to require the disclosure of a DCM's trade secrets. The Commission requests comments on whether the proposed rules might inadvertently require such disclosure, and if so, how they might be amended to address this concern. Furthermore, the Commission anticipates that the mechanisms and standards for requesting confidential treatment already codified in existing § 40.8 could be used by DCMs to identify and request confidential treatment for information otherwise required to be disclosed pursuant to proposed § 38.401(a)(1)(iii) and (iv), for example by incorporating § 40.8's mechanisms and standards into any final rules arising from this NPRM. If commenters believe that the mechanisms and standards in § 40.8 are inappropriate for this purpose, please describe any other mechanism that should be included in any final rules to facilitate DCM requests for confidential treatment of information otherwise required to be disclosed pursuant to proposed § 38.401(a)(1)(iii) and (iv).

    73. The Commission notes that DCMs are required, as part of voluntary submissions of new rules or rule amendments under § 40.5(a) and self-certification of rules and rule amendment under § 40.6(a), to provide inter alia an explanation and analysis of the operation, purpose and effect of the proposed rule or rule amendment. Would the information required under §§ 40.5(a) or 40.6(a) provide market participants and the public with sufficient information regarding material attributes of an electronic matching platform?

    74. The Commission recognizes that DCMs are required to have system safeguards to ensure information security, business continuity and disaster recovery under DCM Core Principle 20. The Commission understands that some attributes of an electronic matching platform designed to implement those safeguards should be maintained as confidential to prevent cybersecurity or other threats. Does existing § 40.8, 17 CFR 40.8 (2014) provide sufficient basis for DCMs to publicly disclose the relevant attributes of their platforms while maintaining as confidential information concerning system safeguards?

    75. With respect to material attributes affecting market participant orders caused by temporary or emergency situations, such as network outages or the temporary suspension of certain market functionality, what is the best way for DCMs to alert market participants? How are DCMs currently handling these situations?

    76. The Commission proposes that DCMs provide a description of the relevant material attributes in a single document “disclosed prominently and clearly” on the exchange's Web site. The Commission also proposes that this document be written in “plain English” to allow market participants, even those not technically proficient, to understand the attributes described. Would these requirements be practical and help market participants locate and understand the information provided?

    77. The Commission proposes requiring DCMs to disclose information on the relevant attributes: (a) When filing a rule change submission with the Commission for changes to the electronic matching platform; or (b) within a “reasonable time, but no later than ten days” following the identification of such attribute. Do the proposed timeframes provide sufficient time for DCMs to disclose the relevant information? Do the proposed timeframes offer sufficient notice of changes or discovered attributes to market participants to allow them to adjust any systems or strategies, including any algorithmic trading systems?

    78. The Commission proposes requiring disclosure of newly identified attributes within 10 days of discovery. Does this provide DCMs sufficient time to analyze the attribute and provide a description? Should DCMs be required to provide notice of the existence of the attribute and supplement as further analysis is performed?

    IV(N) Pre-Trade and Other Risk Controls at DCMs—§ 40.20

    79. The Commission proposes to require DCMs to set pre-trade risk controls at the level of the AT Person, and allows discretion to set controls at a more granular level. Should the Commission eliminate this discretion, and require that the controls be set at a specific, more granular, level? If so, please explain the more appropriate level at which pre-trade risk controls should be set by a DCM.

    80. The Commission requests public comment on the pre-trade and other risk controls required of DCMs in proposed § 40.20. Are any of the risk controls required in the proposed rules unhelpful to operational or other risk mitigation, or to market stability, when implemented at the DCM level?

    81. Are there additional pre-trade or other risk controls that should be specifically enumerated in proposed § 40.20?

    82. The Commission proposes, with respect to its kill switch requirements, to allow DCMs the discretion to design a kill switch that allows a market participant to submit risk-reducing orders. The Commission also does not mandate particular procedures for alerts or notifications concerning kill switch triggers. Does the proposed rule allow for sufficient flexibility in the design of kill switch mechanisms and the policies and procedures concerning their implementation? Should the Commission consider more prescriptive rules in this area?

    83. Does existing § 38.1051 provide the Commission with adequate authority to require DCMs to adequately test planned changes to their matching engines and other automated systems?

    IV(O) DCM Test Environments for AT Persons—§ 40.21

    84. Should the test environment provided by DCMs under proposed § 40.21 offer any other functionality or data inputs that will promote the effective design and testing of Algorithmic Trading by AT Persons?

    IV(P) DCM Review of Compliance Reports by AT Persons and Clearing FCMs—§ 40.22

    85. In lieu of a DCM's affirmative obligation in proposed § 40.22 to review AT Person and clearing member FCM compliance reports, should DCMs instead be permitted to rely on the CEO or CCO representations required by proposed § 1.83(a)(2)? If so, what events in the Algorithmic Trading of an AT Person should trigger review obligations by the DCM?

    86. Should § 40.22(c) provide more specific requirements regarding a DCM's establishment of a program for effective periodic review and evaluation of AT Person and clearing member FCM reports? For example, § 40.22(c) could require review at specific intervals (e.g., once every two years). Alternatively, § 40.22(c) could provide greater discretion to DCMs in establishing their programs for the review of reports. Please comment on the appropriateness of these alternative approaches.

    87. Should § 40.22(e) provide more specific requirements regarding the triggers for a DCM to review and evaluate the books and records of AT Persons and clearing member FCMs required to be kept pursuant to § 40.22(d)? For example, § 40.22(e) could require review at specific intervals (e.g., once every two years), or it could require review in response to specific events related to the Algorithmic Trading of AT Persons. Please comment on the appropriateness of these alternative approaches.

    88. Does § 40.22 leave enough discretion to the DCM in determining how to design and implement an effective compliance review program regarding Algorithmic Trading? Alternatively, is there any aspect of this regulation that should be more specific or prescriptive?

    89. Should § 40.22 specifically authorize a DCM to establish further standards for the organization, method of submission, or other attributes of the reports described in § 40.22(a)?

    IV(Q) Self-Trade Prevention Tools—§ 40.23

    90. The Commission seeks to require self-trade prevention tools that screen out unintentional self-trading, while permitting bona-fide self-matched trades that are undertaken for legitimate business purposes. Under the regulations proposed above, DCMs shall implement rules reasonably designed to prevent self-trading (“the matching of orders for accounts that have common beneficial ownership or are under common control”), but DCMs may in their discretion implement rules that permit “the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers.”

    a. Do these standards accomplish the goal of preventing only unintentional self-trading, or would other standards be more effective in accomplishing this goal? For example, should the Commission consider adopting in any final rules arising from this NPRM an alternative requirement modeled on FINRA Rule 5210 and require market participants to implement policies and procedures to review their trading activity for, and a prevent a pattern of, self-trades?

    b. While the regulations contain exceptions for bona fide self-match trades (described in § 40.23(b)), the regulations are intended to prevent all unintentional self-trading, and do not include a de minimis exception for a certain percentage of unintentional self-trading. Should the regulations permit a certain de minimis amount of unintentional self-trading, and if so, what amount should be permitted (e.g., as a percentage of monthly trading volume)?

    c. The following terms are used in proposed § 40.23(a) and (b): (1) Self-trading, (2) common beneficial ownership, (3) independent decision makers, and (4) common control. Do any of these terms require further definition? If so, how should they be defined? Should any alternatives be used and, if so, how should such substitute terms be defined?

    d. With respect to “common beneficial ownership,” the Commission requests comment on the minimum degree of ownership in an account that should trigger a determination that such account is under common beneficial ownership. For example, should an account be deemed to be under common beneficial ownership between two unrelated persons if each person directly or indirectly has a 10% or more ownership or equity interest in such account? The Commission refers commenters to the aggregation rules in part 150 of its regulations, including specifically § 150.4, and requests comment on a potential Commission definition of common beneficial ownership that is modeled on § 150.4.

    e. The Commission also requests comment on whether “common beneficial ownership” should be defined in any final rules arising from this NPRM, or whether such definition should be left to each DCM with respect to its program for implementing proposed § 40.23.

    91. Are there any other types of self-trading that should be permitted in addition to the exceptions permitted in § 40.23(b)(1) and (2)? If so, please describe such other types of acceptable self-trading and explain why they should be permitted.

    92. Proposed § 40.23 provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to prevent unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the account that should be prohibited from trading from each other, so long as this goal is met. Should any other identification methods be permitted in § 40.23? For example, please comment on whether the opposite approach is preferable: market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other).

    93. The Commission believes that its requirements concerning self-trade prevention tools must strike the appropriate balance between flexibility (allowing market participants with diverse trading operations and strategies the discretion in implementation so as effectively prevent only unintentional self-trades) and simplicity (a variety of design and implementation options may render this control too complex to be effective). [716] Does the Commission allow sufficient discretion to exchanges and market participants in the design and implementation of self-trade prevention tools? Is there any area where the Commission should be more prescriptive? The Commission is particularly interested in whether there is a particular level at which it should require implementation of self-trade prevention tools, i.e., if the tools must prevent matching of orders from the same trading firm, the same trader, the same trading algorithm, or some other level.

    94. Proposed § 40.23(a) would require DCMs to either apply, or provide and require the use of, self-trade prevention tools. Please comment whether § 40.23(a) should, in addition, permit market participants to use their own self-trade prevention tools to meet the requirements of proposed § 40.23(a), and if so, what additional regulations would ensure that DCMs are able to: ensure that such tools are comparable to DCM-provided tools; monitor the performance of such tools; and otherwise review such tools and ensure that they are sufficiently rigorous to meet the requirements of § 40.23.

    95. Is it appropriate to require implementation of self-trade prevention tools with respect to all orders? Should such controls be mandatory for only a particular subset of orders, i.e., orders from AT Persons or orders submitted through DEA?

    96. Please comment on the requirement that DCMs disclose self-trade statistics. Is the data required to be disclosed appropriate? Is there any other category of self-trade data that DCMs should be required to disclose?

    97. Should DCMs be required to disclose the amount of unintentional self-trading that occurs each month, alongside the self-trade statistics required to be published under proposed § 40.23(d)?

    98. As noted above, the Commission understands that there is some potential for self-trade prevention tools to be used for wrongful activity that may include disruptive trading or other violations of the Act or Commission regulations on DCMs. Are there ways to design self-trade prevention tools so that they do not facilitate disruptive trading (such as spoofing) or other violations of the Act or Commission regulations on DCMs? Are additional regulations warranted to ensure that such tools are not used to facilitate such activities?

    IV(R) DCM Market Maker and Trading Incentive Programs—§§ 40.25-40.28

    99. To what extent do market participants currently trade in ways designed primarily to collect market maker or trading incentive program benefits, rather than for risk management purposes?

    100. To what extent do that market maker and trading incentive programs currently provide benefits for self-trades? To what extent do market participants collect such benefits for self-trades?

    101. The Commission requests comment regarding whether the information proposed to be collected in § 40.25 would be sufficient for it to determine whether a DCM's market-maker or trading incentive program complies with the impartial access requirements of § 38.151(b). If additional or different information would be helpful, please identify such information.

    102. The Commission requests comment regarding whether DCMs should be required to maintain on their public Web sites the information required by proposed § 40.25(a) and (b) for an additional period beyond the end of the market maker or trading incentive program. The Commission may determine to include in any final rules arising from this NPRM a requirement that such information remain publicly available pursuant to proposed § 40.25(b) for an additional period up to six months following the end of a market maker or trading incentive program.

    103. The Commission requests comment regarding whether the text of proposed § 40.27(a) identifies with sufficient particularity the types of trades that are not eligible for payments or benefits pursuant to a DCM market-maker or trading incentive program. What amendments, if any, are necessary to clearly identify trades that are not eligible?

    104. Section 40.27(a) provides that DCMs shall implement policies and procedures that are reasonably designed to prevent the payment of market-maker or trading incentive program benefits for trades between accounts under common ownership. Are there any other types of trades or circumstances under which the Commission should also prohibit or limit DCM market-maker or trading incentive program benefits?

    105. The Commission is proposing in § 40.27(a) certain requirements regarding DCM payments associated with market maker and trading incentive programs. Please address whether the proposed rules will diminish DCMs' ability to compete or build liquidity by using market maker or trading incentive programs. Does any DCM consider it appropriate to provide market maker or trading incentive program benefits for trades between accounts known to be under common beneficial ownership?

    106. In any final rules arising from this NPRM, should the Commission also prohibit DCMs from providing trading incentive program benefits where such benefits on a per-trade basis are greater than the fees charged per trade by such DCMs and its affiliated DCO (if applicable)? The Commission also specifically requests comment on the extent, if any, to which one or more DCMs engage in this practice.

    107. Proposed § 40.25(b) imposes certain transparency requirements with respect to both market maker and trading incentive programs. The Commission requests public comment regarding:

    a. The most appropriate place or manner for a DCM to disclose the information required by proposed § 40.25(b);

    b. The benefits or any harm that may result from such transparency, including any anti-competitive effect or pro-competitive effect among DCMs or market participants;

    c. Whether transparency as proposed in § 40.25(b) is equally appropriate for both market maker programs and trading incentive programs, or are the proposed requirements more or less appropriate for one type of program over the other?

    d. Whether any of the enumerated items required to be posted on a DCM's public Web site pursuant to proposed § 40.25(b) could reasonably be considered confidential information that should not be available to the public, and if so, what process should be available for a DCM to request from the Commission an exemption from the requirements of proposed § 40.25(b) for that specific enumerated item?

    Related Matters—A. Calculation of Number of Persons Subject to Regulations

    108. The Commission requests comment on its calculation of the number of AT Persons, newly registered floor traders, clearing member FCMs, and DCMs that will be subject to Regulation AT.

    Related Matters—C. Regulatory Flexibility Act Analysis

    109. The Commission requests comment on each element of its RFA analysis. In particular, the Commission specifically invites comment on the accuracy of its estimates of potential firms that could be considered “small entities” for RFA purposes.

    110. The Commission also requests comment on whether any natural persons will be designated as AT Persons under the proposed definition of that term.

    Related Matters—E. Cost Benefit Considerations

    111. Beyond specific questions interspersed throughout its discussion, the Commission generally requests comment on all aspects of its consideration of costs and benefits, including: (a) Identification, quantification, and assessment of any costs and benefits not discussed therein; (b) whether any of the proposed regulations may cause FCMs or DCMs to raise their fees for their customers, or otherwise result in increased costs for market participants and, if so, to what extent; (c) whether any category of Commission registrants will be disproportionately impacted by the proposed regulations, and if so whether the burden of any regulations should be appropriately shifted to other Commission registrants; (d) what, if any, costs would likely arise from market participants engaging in regulatory arbitrage by restructuring their trading activities to trade on platforms not subject to the proposed regulations, or taking other steps to avoid costs associated with the proposed regulations; (e) quantitative estimates of the impact on transaction costs and liquidity of the proposals contained herein; (f) the potential costs and benefits of the alternatives that the Commission discussed in this release, and any other alternatives appropriate under the CEA that commenters believe would provide superior benefits relative to costs; (g) data and any other information to assist or otherwise inform the Commission's ability to quantify or qualitatively describe the benefits and costs of the proposed rules; and (h) substantiating data, statistics, and any other information to support positions posited by commenters with respect to the Commission's consideration of costs and benefits.

    § 1.80 Pre-Trade and Other Risk Controls

    112. How would an alternative definition of Algorithmic Trading that excludes automated order routers affect the costs and benefits of the pre-trade and other risk controls in comparison to the costs and benefits of the proposed definition that includes automated order routers? Would such an alternative definition reduce the number of AT Persons captured by Regulation AT?

    113. Would the benefits of Regulation AT be enhanced significantly if the definition of Algorithmic Trading were modified to capture a conduit entity such as a non-clearing FCM, thereby making the entity an AT Person subject to Regulation AT? How would such a modification affect costs?

    114. Would the benefits of Regulation AT be enhanced significantly if the definition of Algorithmic Trading were expanded to encompass orders that are generated using algorithmic methods (e.g., an algorithm generates a buy or sell signal at a particular time), but are then manually entered into a front-end system by a natural person? How would such a modification affect costs? Please comment on the costs and benefits of an alternative whereby the Commission would implement specific rules regarding the appropriate design of the specific controls required by Regulation AT and compare them to the costs and benefits of the Commission's proposal whereby the relevant entities—trading firms, clearing firms, and DCMs—would have the discretion to determine the appropriate design of those controls.

    115. Does one particular segment of trading firms, clearing member FCMs or DCMs (e.g., smaller entities) currently implement fewer of the pre-trade and other risk controls required by Regulation AT than some other segment of trading firms, clearing member FCMs or DCMs? If so, please describe any unique or additional costs that will be imposed on such persons to develop the technology and systems necessary to implement the pre-trade and other risk controls required by Regulation AT.

    116. In question 14, the Commission asks whether there are any AT Persons who are natural persons. Would AT Persons who are natural persons (or sole proprietorships with no employees other than the sole proprietor) be required to hire staff to comply with the risk control, testing and monitoring, or compliance requirements of Regulation AT?

    117. Do you agree with the accuracy of cost estimates provided by the Commission as to how much it will cost a trading firm, clearing member FCM or DCM to internally develop the technology and systems necessary to implement the pre-trade and other risk controls required by Regulation AT? If you disagree with the Commission's analysis, please provide your own quantitative estimates, as well as data or other information in support. Please specify in your answer the type of entity and which specific pre-trade risk or order management controls for which you are providing estimates.

    In addition, please differentiate between the situations where an entity (i) already has partially compliant controls in place, and only needs to upgrade such technology and systems to bring it into compliance with the regulations; and (ii) needs to build such technology and systems from scratch. Please include, as applicable, hardware and software costs as well as the hourly wage information of the employee(s) necessary to develop such risk controls (i.e., technology personnel such as programmer analysts, senior programmers and senior systems analysts).

    118. The Commission has assumed that the effort to adjust any one risk control (by “control,” in this context, the Commission means the pre-trade risk controls, order cancellation systems, and connectivity systems required by § 1.80) will require assessment and possible modifications to all controls. Is this assumption correct, and if not, why not?

    119. As indicated above, the Commission lacks sufficient information to provide full estimates of costs that a trading firm, clearing member FCM or DCM will incur if it chooses not to internally develop such controls, and instead purchases the solutions of an outside vendor in order to comply with Regulation AT's pre-trade and other risk controls requirements. Please provide quantitative estimates of such costs, including supporting data or other information. In addition, please specify in your answer the type of entity and which specific pre-trade risk or order management control for which you are providing estimates. In addition, please differentiate between the situations where an entity (i) already uses an outside vendor to at least some extent to implement the controls; and (ii) does not currently implement the controls and must obtain all applicable technology and systems from an outside vendor necessary to comply with Regulation AT. Please include, if applicable, hardware and software costs as well as the hourly wage information of the employee(s) necessary to effectuate the implementation of such controls from an outside vendor.

    120. Do you agree with the Commission's estimates of how much it will cost a trading firm, clearing member FCM or DCM to annually maintain the technology and systems for the pre-trade and other risk controls required by Regulation AT, if it uses internally developed technology and systems? If not please provide quantitative estimates and supporting data or other information with respect to how much it will cost a trading firm, clearing member FCM or DCM to annually maintain the technology and systems for pre-trade and other risk controls required by Regulation AT, if it uses an outside vendor's technology and systems.

    121. Is it correct to assume that many of the trading firms subject to § 1.80 are also subject to the SEC's Market Access Rule, and, accordingly, already implement many of the systems required by Regulation AT for purposes of their securities trading? Please specify in your answer the type of entity and which specific pre-trade risk or order management control is already required pursuant to the Market Access Rule, and the extent of the overlap.

    122. Please comment on the costs and benefits (including quantitative estimates with supporting data or other information) to clearing FCMs of an alternative to proposed § 1.82 that would require clearing FCMs to implement controls with respect to all orders, including orders that are manually submitted or are entered through algorithmic methods that nonetheless do not meet the definition of Algorithmic Trading and compare those costs and benefits to those costs and benefits of proposed § 1.82.

    123. Please comment on the additional costs (including quantitative estimates with supporting data or other information) to AT Persons of complying with each of the following specific requirements of § 1.80:

    a. § 1.80(a)(2) (pre-trade risk control threshold requirements);

    b. § 1.80(a)(3) (natural person monitors must be alerted when thresholds are breached);

    c. § 1.80(d) (notification to DCM and clearing member FCM that AT Person will use Algorithmic Trading);

    d. § 1.80(e) (self-trade prevention tools); and

    e. § 1.80(f) (periodic review of pre-trade risk controls and other measures for sufficiency and effectiveness).

    124. The Commission welcomes comment on the estimated costs of the pre-trade risk controls proposed in § 1.80 as compared to the annual industry expenditure on technology, risk mitigation and/or technology compliance systems.

    125. Please comment on the costs to AT Persons and clearing member FCMs of complying with DCM rules requiring retention and production of records relating to §§ 1.80, 1.81, and 1.82 compliance, pursuant to § 40.22(d), including without limitation on the extent to which AT Persons and clearing member FCMs already have policies, procedures, staffing and technological infrastructure in place to retain such records and produce them upon DCM request.

    126. The Commission anticipates that Regulation AT may promote confidence among market participants and reduce market risk, consequently reducing transaction costs, but has not estimated this reduction in transaction costs. The Commission welcomes comment on the extent to which Regulation AT may impact transaction costs and effects on liquidity provision more generally.

    AT Person Membership in RFA; RFA Standards for Automated Trading and Algorithmic Trading Systems

    127. The Commission estimates that the costs of membership in an RFA associated with proposed § 170.18 will encompass certain costs, such as those associated with NFA membership dues. Has the Commission correctly identified the costs associated with membership in an RFA?

    128. The Commission expects that entities that will be required to become members of an RFA would not incur any additional compliance costs as a result of their membership in an RFA. The Commission requests comment on the accuracy of this expectation. What additional compliance costs, if any, would a registrant face as a result of being required to become a member of an RFA pursuant to proposed § 170.18?

    129. Has the Commission accurately estimated that approximately 100 entities will be affected by the membership requirements of § 170.18?

    130. The Commission invites estimates on the cost to an RFA to establish and maintain the program required by § 170.19, and the amount of that cost that will be passed along to individual categories of AT Person members in the RFA.

    Development, Testing, and Supervision of Algorithmic Systems

    131. Proposed § 1.81(a) establishes principles-based standards for the development and testing of Algorithmic Trading systems and procedures, including requirements for AT Persons to test all Algorithmic Trading code and related systems and any changes to such code and systems prior to their implementation. AT Persons would also be required to maintain a source code repository to manage source code access, persistence, copies of all code used in the production environment, and changes to such code, among other requirements. Are any of the requirements of § 1.81(a) not already followed by the majority of market participants that would be subject to § 1.81(a) (or some particular segment of market participants), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    132. Proposed § 1.81(b) requires that an AT Person's Algorithmic Trading is subject to continuous real-time monitoring and supervision by knowledgeable and qualified staff at all times while Algorithmic Trading is occurring. Proposed § 1.81(b) also requires automated alerts when an Algorithmic Trading system's AT Order Message behavior breaches design parameters, upon loss of network connectivity or data feeds, or when market conditions approach the boundaries within which the ATS is intended to operate, to the extent applicable, among other monitoring requirements. Are any of the requirements of § 1.81(b) not already followed by the majority of market participants that would be subject to § 1.81(b), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    133. Proposed § 1.81(c) requires that AT Persons implement policies designed to ensure that Algorithmic Trading operates in a manner that complies with the CEA and the rules and regulations thereunder. Among other controls, the policies should include a plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls. Are any of the requirements of § 1.81(c) not already followed by the majority of market participants that would be subject to § 1.81(c), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    134. Proposed § 1.81(d) requires that AT Persons implement policies to designate and train their staff responsible for Algorithmic Trading, which policies should include procedures for designating and training all staff involved in designing, testing and monitoring Algorithmic Trading. Are any of the requirements of § 1.81(d) not already followed by the majority of market participants that would be subject to § 1.81(d), and if so, how much will it cost for a market participant to comply with such requirement(s)?

    AT Person and FCM Compliance Reports

    135. Please comment on whether any of the alternatives discussed above regarding compliance reports would provide a superior cost-benefit profile relative to the Commission's proposal.

    DCM Test Environments

    136. Do any DCMs not currently offer a test environment that simulates production trading to their market participants, as would be required by proposed § 40.21? If so, how much would it cost a DCM to implement a test environment that would comply with the requirements of § 40.21?

    DCM Review of Compliance Reports

    137. Please comment on the cost estimates provided above with respect to DCMs' review of compliance reports provided under § 40.22 and related review requirements, including the estimated cost for DCMs to: Establish the review program required by § 40.22; review the reports provided by AT Persons and clearing member FCMs; communicate remediation instructions to a subset of AT Persons and clearing member FCMs; and review and evaluate, as necessary, books and records of AT Persons and clearing member FCMs as contemplated by proposed § 40.22(e).

    Section 15(a) Considerations

    138. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    139. Are the compliance costs associated with the proposed rules of sufficient magnitude to potentially cause smaller market participants, FCMs, or DCMs to cease or scale back operations? Do these costs create significant barriers to entry?

    Registration—§ 1.3(x)(3)

    140. The Commission estimates that the costs of registration will encompass direct costs (those associated with NFA membership, and reporting and recordkeeping with the Commission), and indirect costs (e.g. those associated to risk control requirements placed on all registered entities). Has the Commission correctly identified the costs associated with the new registration category? What firm characteristics would change the level of direct and indirect costs associated with the registration?

    141. Has the Commission accurately estimated that approximately 100 currently unregistered entities will be captured by the new registration requirement in proposed § 1.3(x)(3).

    142. Has the Commission accurately estimated that each currently unregistered entity captured by the new registration requirement in proposed § 1.3(x)(3) will have approximately 10 persons required to file Form 8-R?

    143. As defined, the new floor trader category restricts the registration requirement to those who make use of Direct Electronic Access. Is this requirement overly restrictive or unduly broad from a cost-benefit perspective? Are there alternate, or additional, characteristics of trading activity to determine registration status that would be preferable from a cost-benefit standpoint? For example, should persons with trading volume or message volume below a specified threshold be exempted from registration?

    144. Will any currently unregistered entities change their business model or exit the market in order to avoid the proposed registration requirement?

    145. The Commission believes that the risk control protocols required of registered entities, specifically those under the new registration category, will provide a general benefit to the safety and soundness of market activity and price formation. Has the Commission correctly identified the type and level of benefits which arise from placing these requirements on a new set of significant market participants?

    146. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    Transparency in Exchange Trade Matching Systems

    147. The Commission anticipates that costs associated with the transparency requirement would come from some additional testing of platform systems and from drafting and publishing descriptions of any relevant attributes of the platform. What new costs would be associated with providing descriptions of attributes of electronic matching platforms that affect market participant orders and quotes?

    148. Please compare the costs and benefits of the alternative of applying the transparency requirement only with respect to latencies within a platform and how a self-trade prevention tool determines whether to cancel an order with the costs and benefits of the proposed rule.

    149. What benefits might market participants receive through increased transparency into the operation of electronic matching platforms, particularly for those market participants without direct electronic access who may not be able to accurately measure latencies or other metrics of market efficiency?

    150. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    Self-Trade Prevention

    151. Please comment on the cost estimates described above for DCMs and market participants to comply with the requirements of § 40.23. The Commission is interested in commenter opinion on all aspects of its analysis, including its estimate of the number of entities impacted by the proposed regulation and the amount of costs such entities may incur to comply with the regulation.

    152. Please comment on the benefits described above. Do you agree with the Commission's position that self-trade prevention requirements will result in more accurate indications of the level of market interest on both sides of the market and help ensure arms-length transactions that promote effective price discovery? Are there additional benefits to regulatory self-trade prevention requirements not articulated above?

    153. Are there any DCMs that neither internalize and apply self-trade prevention tools, nor provide self-trade prevention tools to their market participants? If so, please provide an estimate of the cost to such a DCM to comply with the requirement under § 40.23(a) to apply, or provide and require the use of, self-trade prevention tools.

    154. Would any DCMs that currently offer self-trade prevention tools need to update their tools to meet the requirements of § 40.23? If so, please provide an estimate of the cost to such a DCM to comply with the requirements of § 40.23.

    155. What percentage of market participants do not currently make use of exchange-provided self-trade prevention tools, when active on a DCM that provides, but does not require such tools? Please provide an estimate of the cost to such a market participant to initially calibrate and use exchange-provided self-trade prevention tools, in accordance with § 40.23. Please also comment on any other direct or indirect costs to a market participant that does not currently use self-trade prevention tools arising from the proposed requirement to implement such tools.

    156. The Commission estimates above that the number of market participants that will submit the approval requests described by § 40.23(c) is approximately equivalent to the number of AT Persons. Please comment on whether the estimate of the number of market participants submitting such approval requests should be higher or lower. For example, should the estimate be raised to account for proprietary algorithmic traders that will not be AT Persons, because they do not use Direct Electronic Access and therefore will not be required to register as floor traders?

    157. Proposed § 40.23 provides that DCMs may comply with the requirement to apply, or provide and require the use of, self-trade prevention tools by requiring market participants to identify to the DCM which accounts should be prohibited from trading with each other. With respect to this account identification process, the Commission's principal goal is to prevent unintentional self-trading; the Commission does not have a specific interest in regulating the manner by which market participants identify to DCMs the account that should be prohibited from trading from each other, so long as this goal is met. Should any other identification methods be permitted in § 40.23? For example, please comment on whether the opposite approach is preferable: Market participants would identify to DCMs the accounts that should be permitted to trade with each other (as opposed to those accounts that should be prevented from trading with each other). In particular, please comment on whether this approach or other identification methods would reduce costs for market participants or be easier for both market participants and DCMs to administer.

    158. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    Market-Maker and Trading Incentive Programs

    159. The Commission requests comment on the accuracy of its cost estimates.

    160. To what extent are the costs imposed on the DCMs by the proposed rule already incurred pursuant to existing rules?

    161. To what extent are the benefits of the proposed rule currently being realized?

    162. Do DCM Web sites currently provide adequate information regarding market-maker and trading incentive programs, and is such information easily located?

    163. To what extent do DCMs currently make payments for self-trades pursuant to market-maker and trading incentive programs?

    164. The Commission requests comment on its discussion of the effects of the proposed rules on the considerations in Section 15(a) of the CEA.

    List of Subjects Back to Top

    17 CFR Part 1

    17 CFR Part 38

    17 CFR Part 40

    17 CFR Part 170

    For the reasons stated in the preamble, the Commodity Futures Trading Commission proposes to amend 17 CFR chapter I as follows:

    begin regulatory text

    PART 1—GENERAL REGULATIONS UNDER THE COMMODITY EXCHANGE ACT Back to Top

    1.The authority citation for part 1 continues to read as follows:

    Authority:

    7 U.S.C. 1a, 2, 5, 6, 6a, 6b, 6c, 6d, 6e, 6f, 6g, 6h, 6i, 6k, 6l, 6m, 6n, 6o, 6p, 6r, 6s, 7, 7a-1, 7a-2, 7b, 7b-3, 8, 9, 10a, 12, 12a, 12c, 13a, 13a-1, 16, 16a, 19, 21, 23, and 24 (2012).

    end regulatory text
    begin regulatory text

    2.In § 1.3, add paragraphs (x)(3), (tttt), (uuuu), (vvvv), (wwww), (xxxx), (yyyy), and (zzzz) to read as follows:

    § 1.3 Definitions.

    * * * * *

    (x) * * *

    (3)(i) Who, in or surrounding any other place provided by a contract market for the meeting of persons similarly engaged purchases or sells solely for such person's own account—

    (A) Any commodity for future delivery, security futures product, or swap; or

    (B) Any commodity option authorized under section 4c of the Act; and

    (ii) Who uses Direct Electronic Access as defined in paragraph (yyyy) of this section, in whole or in part, to access such other place for Algorithmic Trading; and

    (iii) Who is not registered with the Commission as a futures commission merchant, floor broker, swap dealer, major swap participant, commodity pool operator, commodity trading advisor, or introducing broker.

    * * * * *

    (tttt) Algorithmic Trading Compliance Issue. This term means an event at an AT Person that has caused any Algorithmic Trading of such entity to operate in a manner that does not comply with the Commodity Exchange Act or the rules and regulations thereunder, the rules of any designated contract market to which such AT Person submits orders through Algorithmic Trading, the rules of any registered futures association of which such AT Person is a member, the AT Person's own internal requirements, or the requirements of the AT Person's clearing member, in each case as applicable.

    (uuuu) Algorithmic Trading Disruption. This term means an event originating with an AT Person that disrupts, or materially degrades—

    (1) The Algorithmic Trading of such AT Person,

    (2) The operation of the designated contract market on which such AT Person is trading, or

    (3) The ability of other market participants to trade on the designated contract market on which such AT Person is trading.

    (vvvv) Algorithmic Trading Event. This term means an event at an AT Person that constitutes—

    (1) An Algorithmic Trading Compliance Issue; or

    (2) An Algorithmic Trading Disruption.

    (wwww) AT Order Message. This term means each new order or quote submitted through Algorithmic Trading to a designated contract market by an AT Person and each change or deletion submitted through Algorithmic Trading by an AT Person with respect to such an order or quote.

    (xxxx) AT Person. This term means any person registered or required to be registered as a—

    (1) Futures commission merchant, floor broker, swap dealer, major swap participant, commodity pool operator, commodity trading advisor, or introducing broker that engages in Algorithmic Trading on or subject to the rules of a designated contract market; or

    (2) Floor trader as defined in paragraph (x)(3) of this section.

    (yyyy) Direct Electronic Access. This term means an arrangement where a person electronically transmits an order to a designated contract market, without the order first being routed through a separate person who is a member of a derivatives clearing organization to which the designated contract market submits transactions for clearing.

    (zzzz) Algorithmic Trading. This term means trading in any commodity interest as defined in paragraph (yy) of this section on or subject to the rules of a designated contract market, where:

    (1) One or more computer algorithms or systems determines whether to initiate, modify, or cancel an order, or otherwise makes determinations with respect to an order, including but not limited to: The product to be traded; the venue where the order will be placed; the type of order to be placed; the timing of the order; whether to place the order; the sequencing of the order in relation to other orders; the price of the order; the quantity of the order; the partition of the order into smaller components for submission; the number of orders to be placed; or how to manage the order after submission; and

    (2) Such order, modification or order cancellation is electronically submitted for processing on or subject to the rules of a designated contract market; provided, however, that Algorithmic Trading does not include an order, modification, or order cancellation whose every parameter or attribute is manually entered into a front-end system by a natural person, with no further discretion by any computer system or algorithm, prior to its electronic submission for processing on or subject to the rules of a designated contract market.

    3.Add subpart A to read as follows:

    end regulatory text

    Subpart A—Requirements for Algorithmic Trading Back to Top

    § 1.80 Pre-trade risk controls for AT Persons.

    For all AT Order Messages, an AT Person shall implement pre-trade risk controls and other measures reasonably designed to prevent an Algorithmic Trading Event, including but not limited to:

    (a) Pre-Trade Risk Controls. (1) The pre-trade risk controls shall include, at a minimum, the following:

    (i) Maximum AT Order Message frequency per unit time and maximum execution frequency per unit time; and

    (ii) Order price parameters and maximum order size limits.

    (2) Pre-trade risk controls shall be set at the level of each AT Person, or such other more granular level as the AT Person may determine, including but not limited to, by product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message.

    (3) Natural person monitors at the AT Person shall be promptly alerted when pre-trade risk control parameters established pursuant to this section are breached.

    (b) Order Cancellation Systems. (1) Systems that have the ability to:

    (i) Immediately disengage Algorithmic Trading;

    (ii) Cancel selected or up to all resting orders when system or market conditions require it; and

    (iii) Prevent submission of new AT Order Messages.

    (2) Prior to an AT Person's initial use of Algorithmic Trading to submit a message or order to a designated contract market's trading platform, such AT Person must notify the designated contract market on which it conducts Algorithmic Trading whether all of its resting orders should be cancelled or suspended in the event that the AT Person's Algorithmic Trading system disconnects with the trading platform.

    (c) System Connectivity. AT Persons with Direct Electronic Access as defined in § 1.3(yyyy) shall implement systems to indicate on an ongoing basis whether they have proper connectivity with the trading platform and any systems used by a designated contract market to provide the AT Person with market data.

    (d) Notification of Algorithmic Trading. Prior to an AT Person's initial use of Algorithmic Trading to submit a message or order to a designated contract market's trading platform, such AT Person shall notify its clearing member and the designated contract market on which it will be trading that it will engage in Algorithmic Trading.

    (e) Self-Trade Prevention Tools. To the extent that implementation of a designated contract market's self-trade prevention tools requires calibration or other action by an AT Person, such AT Person shall calibrate or take such other action as is necessary to apply such tools.

    (f) Periodic Review for Sufficiency and Effectiveness. Each AT Person shall periodically review its compliance with this section to determine whether it has effectively implemented sufficient measures reasonably designed to prevent an Algorithmic Trading Event. Each AT Person shall take prompt action to remedy any deficiencies it identifies.

    § 1.81 Standards for the development, monitoring, and compliance of Algorithmic Trading systems.

    (a) Development and testing of Algorithmic Trading Systems. (1) Each AT Person shall implement written policies and procedures for the development and testing of its Algorithmic Trading systems. Such policies and procedures shall at a minimum include the following:

    (i) Maintaining a development environment that is adequately isolated from the production trading environment. The development environment may include computers, networks, and databases, and should be used by software engineers while developing, modifying, and testing source code.

    (ii) Testing of all Algorithmic Trading code and related systems and any changes to such code and systems prior to their implementation, including testing to identify circumstances that may contribute to future Algorithmic Trading Events. Such testing must be conducted both internally within the AT Person and on each designated contract market on which Algorithmic Trading will occur.

    (iii) Regular back-testing of Algorithmic Trading using historical transaction, order, and message data to identify circumstances that may contribute to future Algorithmic Trading Events.

    (iv) Regular stress tests of Algorithmic Trading systems to verify their ability to operate in the manner intended under a variety of market conditions.

    (v) Procedures for documenting the strategy and design of proprietary Algorithmic Trading software used by an AT Person, as well as any changes to such software if such changes are implemented in a production environment.

    (vi) Maintaining a source code repository to manage source code access, persistence, copies of all code used in the production environment, and changes to such code. Such source code repository must include an audit trail of material changes to source code that would allow the AT Person to determine, for each such material change: who made it; when they made it; and the coding purpose of the change. Each AT Person shall keep such source code repository, and make it available for inspection, in accordance with § 1.31.

    (2) Each AT Person shall periodically review the effectiveness of the policies and procedures required by this paragraph (a), and take prompt action to document and remedy deficiencies in such policies and procedures.

    (b) Monitoring of Algorithmic Trading Systems. (1) Each AT Person shall implement written policies and procedures reasonably designed to ensure that each of its Algorithmic Trading systems is subject to continuous real-time monitoring by knowledgeable and qualified staff while such Algorithmic Trading system is engaged in trading. Such policies and procedures shall at a minimum include the following:

    (i) Continuous real-time monitoring of Algorithmic Trading to identify potential Algorithmic Trading Events.

    (ii) Automated alerts when an Algorithmic Trading system's AT Order Message behavior breaches design parameters, upon loss of network connectivity or data feeds, or when market conditions approach the boundaries within which the Algorithmic Trading system is intended to operate, to the extent applicable.

    (iii) Monitoring staff of the AT Person shall have the ability and authority to disengage an Algorithmic Trading system and to cancel resting orders when system or market conditions require it, including the ability to contact staff of the applicable designated contract market and clearing firm, as applicable, to seek information and cancel orders. Such monitoring staff must also have dashboards and control panels to monitor and interact with the Algorithmic Trading systems for which they are responsible.

    (iv) Procedures that will enable AT Persons to track which monitoring staff is responsible for an Algorithmic Trading system during trading hours.

    (2) Each AT Person shall periodically review the effectiveness of the policies and procedures required by this paragraph (b), and take prompt action to document and remedy deficiencies in such policies and procedures.

    (c) Compliance of Algorithmic Trading Systems. (1) Each AT Person shall implement written policies and procedures reasonably designed to ensure that each of its Algorithmic Trading systems operates in a manner that complies with the Commodity Exchange Act and the rules and regulations thereunder.

    (2) Each AT Person shall implement written policies and procedures requiring:

    (i) Staff of the AT Person to review Algorithmic Trading systems in order to detect potential Algorithmic Trading Compliance Issues. Procedures shall indicate that such staff shall include staff of the AT Person familiar with the Commodity Exchange Act and the rules and regulations thereunder, the rules of any designated contract market to which such AT Person submits AT Order Messages, the rules of any registered futures association of which such AT Person is a member, the AT Person's own internal requirements, and the requirements of the AT Person's clearing member, in each case as applicable.

    (ii) A plan of internal coordination and communication between compliance staff of the AT Person and staff of the AT Person responsible for Algorithmic Trading regarding Algorithmic Trading design, changes, testing, and controls, which plan should be designed to detect and prevent Algorithmic Trading Compliance Issues.

    (3) Each AT Person shall periodically review the effectiveness of the policies and procedures required by this paragraph (c), and take prompt action to document and remedy deficiencies in such policies and procedures.

    (d) Designation and training of Algorithmic Trading staff. (1) Each AT Person shall implement written policies and procedures to designate and train its staff responsible for Algorithmic Trading. Such policies and procedures shall at a minimum include the following:

    (i) Procedures for designating and training all staff involved in designing, testing and monitoring Algorithmic Trading, and documenting training events. Training must, at a minimum, cover design and testing standards, Algorithmic Trading Event communication procedures, and requirements for notifying staff of the applicable designated contract market when Algorithmic Trading Events occur.

    (ii) Training policies reasonably designed to ensure that natural person monitors are adequately trained for each Algorithmic Trading system or strategy (or material change to such system or strategy) for which such monitors are responsible. Training must include, at a minimum, the trading strategy for the Algorithmic Trading as well as the automated and non-automated risk controls that are applicable to the Algorithmic Trading.

    (iii) Escalation procedures to inform senior staff of the AT Person as soon as Algorithmic Trading Events are identified.

    (2) Each AT Person shall periodically review the effectiveness of the policies and procedures required by this paragraph (d), and take prompt action to document and remedy deficiencies in such policies and procedures.

    § 1.82 Clearing member futures commission merchant risk management.

    (a) For all AT Order Messages originating with an AT Person, the futures commission merchant that is the clearing member for such AT Person shall comply with the following requirements:

    (1) Make use of pre-trade risk controls reasonably designed to prevent or mitigate an Algorithmic Trading Disruption, including at a minimum, those pre-trade risk controls described in § 1.80(a)(1).

    (2) Pre-trade risk controls must be set at the level of each AT Person, or such other more granular level as the clearing futures commission merchant may determine, including but not limited to, by product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message.

    (3) The futures commission merchant shall have policies and procedures reasonably designed to ensure that natural person monitors at the clearing futures commission merchant are promptly alerted when pre-trade risk control parameters established pursuant to this section are breached.

    (4) Make use of the order cancellation systems described in § 1.80(b)(1).

    (b) Direct Electronic Access orders. For all AT Order Messages originating with an AT Person submitted to a trading platform through Direct Electronic Access as defined in § 1.3(yyyy), the futures commission merchant that is the clearing member for the AT Person shall comply with the requirements of paragraphs (a)(1), (2), and (4) of this section by implementing the pre-trade risk controls and order cancellation systems provided by designated contract markets pursuant to § 38.255(b) and (c) of this chapter.

    (c) Non-Direct Electronic Access orders. For all AT Order Messages originating with an AT Person that are not submitted to a trading platform through Direct Electronic Access as defined in § 1.3(yyyy), the futures commission merchant that is the clearing member for the AT Person shall comply with the requirements of paragraphs (a)(1), (2), and (4) of this section by itself establishing and maintaining the pre-trade risk controls and order cancellation systems described therein.

    § 1.83 AT Person and clearing member futures commission merchant reports and recordkeeping.

    (a) AT Person Reports. Each AT Person shall annually prepare a report and submit such report by June 30 to each designated contract market on which such AT Person engaged in Algorithmic Trading. Together with the annual report, each AT Person shall submit copies of the written policies and procedures developed to comply with § 1.81(a) and (c). Such report shall cover the time period from May 1 of the previous year to April 30 of the year such report is submitted. The report shall include the following:

    (1) A description of the pre-trade risk controls required by § 1.80(a), including a description of each item enumerated in § 1.80(a) and a description of all parameters and the specific quantitative settings used by the AT Person for such pre-trade risk controls; and

    (2) A certification by the chief executive officer or chief compliance officer of the AT Person that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete.

    (b) Clearing member futures commission merchant reports. Each futures commission merchant that is a clearing member for one or more AT Person(s) shall annually prepare and submit a report by June 30 to each designated contract market on which such AT Person(s) engaged in Algorithmic Trading. Such report shall cover the time period from May 1 of the previous year to April 30 of the year such report is submitted. The report shall include the following:

    (1) A description of the clearing member futures commission merchant's program for establishing and maintaining the pre-trade risk controls required by § 1.82(a)(1) for its AT Persons at the designated contract market; and

    (2) A certification by the chief executive officer or chief compliance officer of the futures commission merchant that, to the best of his or her knowledge and reasonable belief, the information contained in the report is accurate and complete.

    (c) AT Person recordkeeping. Each AT Person shall keep, and provide upon request to each designated contract market on which such AT Person engages in Algorithmic Trading, books and records regarding such AT Person's compliance with all requirements pursuant to §§ 1.80 and 1.81.

    (d) Clearing member futures commission merchant recordkeeping. Each futures commission merchant that is a clearing member for an AT Person shall keep, and provide upon request to each designated contract market on which such AT Person engages in Algorithmic Trading, books and records regarding such clearing member futures commission merchant's compliance with all requirements pursuant to § 1.82.

    begin regulatory text

    PART 38—DESIGNATED CONTRACT MARKETS Back to Top

    4.The authority citation for part 38 continues to read as follows:

    Authority:

    7 U.S.C. 1a, 2, 6, 6a, 6c, 6d, 6e, 6f, 6g, 6i, 6j, 6k, 6l, 6m, 6n, 7, 7a-2, 7b, 7b-1, 7b-3, 8, 9, 15, and 21, as amended by the Dodd-Frank Wall Street Reform and Consumer Protection Act, Pub. L. 111-203, 124 Stat. 1376.

    5.Revise § 38.255 to read as follows:

    § 38.255 Risk controls for trading.

    (a) The designated contract market must establish and maintain risk control mechanisms to prevent and reduce the potential risk of price distortions and market disruptions, including, but not limited to, market restrictions that pause or halt trading in market conditions prescribed by the designated contract market.

    (b) For all AT Order Messages originating with an AT Person that are submitted to a designated contract market through Direct Electronic Access as defined in § 1.3(yyyy) of this chapter, the designated contract market shall make available to the clearing member futures commission merchant for such AT Person effective systems and controls, reasonably designed to facilitate the items enumerated below:

    (1) The clearing member futures commission merchant's management of the risks, pursuant to § 1.82(a)(1) and (2) of this chapter, that may arise from such AT Person's Algorithmic Trading using Direct Electronic Access.

    (i) Such systems and controls shall include, at a minimum, the pre-trade risk controls described in § 1.80(a)(1) of this chapter.

    (ii) Such systems shall, at a minimum, enable the clearing member futures commission merchant to set the pre-trade risk controls at the level of each such AT Person, product, account number or designation, and one or more identifiers of natural persons associated with an AT Order Message. Designated contract market rules should permit clearing member futures commission merchants to choose the level at which they place control, so long as clearing member futures commission merchants use at least one of the levels.

    (2) The clearing member future commission merchant's ability, pursuant to § 1.82(a)(4) of this chapter, to make use of the order cancellation systems described in § 1.80(b)(1) of this chapter. The designated contract market shall enable the clearing member future commission merchant to apply such order cancellation systems to orders from each such AT Person, product, account number or designation, or one or more identifiers of natural persons associated with an AT Order Message.

    (c) A designated contract market that permits Direct Electronic Access as defined in § 1.3(yyyy) of this chapter shall also require clearing member futures commission merchants to use the systems and controls described in paragraph (b) of this section with respect to all AT Order Messages originating with an AT Person that are submitted through Direct Electronic Access.

    6.Amend § 38.401 as follows:

    a. Revise paragraph (a)(1)(iii);

    b. Add paragraph (a)(1)(iv);

    c. Revise paragraph (a)(2); and

    d. Add paragraph (c)(3).

    The revisions and additions read as follows:

    § 38.401 General requirements.

    (a) * * * (1) * * *

    (iii) Rules and specifications pertaining to the operation of the electronic matching platform or trade execution facility, including but not limited to those pertaining to the operation of its electronic matching platform that materially affect the time, priority, price, or quantity of execution, or the ability to cancel, modify, or limit display of market participant orders.

    (iv) Any known attributes of the electronic matching platform, other than those already disclosed in rules or specifications under paragraph (a)(1)(iii) of this section, that materially affect the time, priority, price, or quantity of execution of market participant orders, the ability to cancel, modify, or limit display of market participant orders, or the dissemination of real-time market data to market participants, including but not limited to latencies or other variability in the electronic matching platform and the transmission of message acknowledgements, order confirmations, or trade confirmations, or dissemination of market data.

    (2) Through the procedures, arrangements and resources required in paragraph (a) of this section, the designated contract market must ensure public dissemination of information pertaining to new product listings, new rules, rule amendments, rules pertaining to the operation of the electronic matching platform or trade execution facility, known attributes of its electronic trading platform under paragraph (a)(1)(iv) of this section, or other changes to previously-disclosed information, in accordance with the timeline provided in paragraph (c) of this section.

    * * * * *

    (c) * * *

    (3) A designated contract market, in making available on its Web site information pursuant to paragraphs (a)(1)(iii) and (iv) of this section, shall place such information and submissions on its Web site within a reasonable time, but no later than 10 business days, following the identification of or changes to such attributes. Such information shall be disclosed prominently and clearly in plain English.

    * * * * *

    7.In Appendix B to part 38, in the paragraph with the subject heading Core Principle 4 of section 5(d) of the Act: PREVENTION OF MARKET DISRUPTION, revise paragraph (b)(5) to read as follows:

    Appendix B to Part 38—Guidance on, and Acceptable Practices in, Compliance With Core Principles Back to Top

    * * * * *

    Core Principle 4 of section 5(d) of the Act: PREVENTION OF MARKET DISRUPTION

    * * * * *

    (b) * * *

    (5) Risk controls for trading. An acceptable program for preventing market disruptions must demonstrate appropriate trade risk controls, in addition to pauses and halts. Such controls must be adapted to the unique characteristics of the markets to which they apply and must be designed to avoid market disruptions without unduly interfering with that market's price discovery function. The designated contract market must employ the pre-trade risk controls specified in the Commission's regulations (including applicable regulations contained in part 40 of this chapter), and may employ additional controls that the designated contract market believes are appropriate to its market. Within the specific array of controls that are selected, the designated contract market also must set the parameters for those controls, so long as the types of controls and their specific parameters are reasonably likely to serve the purpose of preventing market disruptions and price distortions, or as they are otherwise required to be designed pursuant to Commission regulation. If a contract is linked to, or is a substitute for, other contracts, either listed on its market or on other trading venues, the designated contract market must, to the extent practicable, coordinate its risk controls with any similar controls placed on those other contracts. If a contract is based on the price of an equity security or the level of an equity index, such risk controls must, to the extent practicable, be coordinated with any similar controls placed on national security exchanges.

    * * * * *

    PART 40—PROVISIONS COMMON TO REGISTERED ENTITIES Back to Top

    8.The authority citation for part 40 continues to read as follows:

    Authority:

    7 U.S.C. 1a, 2, 5, 6, 7, 7a, 8 and 12, as amended by Titles VII and VIII of the Dodd-Frank Wall Street Reform and Consumer Protection Act, Pub. L. 111-203, 124 Stat. 1376 (2010).

    9.Revise § 40.1(i) to read as follows:

    § 40.1 Definitions.

    * * * * *

    (i) Rule means any constitutional provision, article of incorporation, bylaw, rule, regulation, resolution, interpretation, stated policy, advisory, terms and conditions, market maker or trading incentive program, trading protocol (including but not limited to any operation of an electronic matching platform that materially affects the time, priority, price, or quantity of execution of market participant orders, the ability to cancel, modify, or limit display of market participant orders, or the dissemination of real-time market data to market participants), agreement or instrument corresponding thereto, including those that authorize a response or establish standards for responding to a specific emergency, and any amendment or addition thereto or repeal thereof, made or issued by a registered entity or by the governing board thereof or any committee thereof, in whatever form adopted.

    * * * * *

    §§ 40.13 through 40.19 [Reserved]

    10.Add reserved §§ 40.13 through 40.19.

    11.Add §§ 40.20 through 40.23 to read as follows:

    § 40.20 Risk controls for trading.

    A designated contract market shall implement pre-trade and other risk controls reasonably designed to prevent an Algorithmic Trading Disruption (or, pursuant to paragraph (d) of this section, similar disruption resulting from orders that originate from manual order entry or other non-Algorithmic Trading) or an Algorithmic Trading Compliance Issue, including at a minimum all of the following:

    (a) Pre-trade risk controls. Pre-trade risk controls reasonably designed to address the risks from Algorithmic Trading on a designated contract market.

    (1) The pre-trade risk controls to be established and used by a designated contract market shall include, at a minimum, those described in § 1.80(a)(1) of this chapter.

    (2) At a minimum, the pre-trade risk controls established and used pursuant to this section shall be set at the level of each AT Person. Designated contract markets must also evaluate whether to establish pre-trade risk controls at a more granular level, including at a minimum, by product or one or more identifiers of natural persons associated with an AT Order Message. Where deemed appropriate by the designated contract market, pre-trade risk controls should be set at such more granular levels.

    (3) A designated contract market shall have policies and procedures reasonably designed to ensure that natural person monitors at such designated contract market are promptly alerted when pre-trade risk control parameters established pursuant to this section are breached.

    (b) Order cancellation systems. (1) Order cancellation systems that have the ability to:

    (i) Perform the actions described in § 1.80(b)(1) of this chapter with respect to orders from AT Persons; and

    (ii) Cancel or suspend all resting orders from AT Persons in the event of disconnect with the trading platform.

    (2) [Reserved]

    (c) System connectivity. (1) Systems that enable the systems of an AT Person with Direct Electronic Access as defined in § 1.3(yyyy) of this chapter to indicate to the AT Person on an ongoing basis whether the AT Person has proper connectivity with—

    (i) The designated contract market's trading platform, and

    (ii) Any systems used by the designated contract market to provide the AT Person with market data.

    (2) [Reserved]

    (d) Risk control mechanisms for manual order entry and other non-Algorithmic Trading. (1) A designated contract market shall implement the risk control mechanisms described in paragraphs (a) and (b)(1)(i) of this section for orders that do not originate from Algorithmic Trading, after making any adjustments to the mechanisms that the designated contract market determines are appropriate for such orders.

    (2) [Reserved]

    § 40.21 DCM test environments.

    (a) A designated contract market shall provide a test environment that will enable AT Persons to simulate production trading. Such test environment shall provide access to historical transaction, order and message data and shall also enable AT Persons to conduct conformance testing of their Algorithmic Trading systems to verify compliance with the requirements of §§ 1.80(a) through (c) and 1.81(a)(1)(ii) through (iv) and (c)(1) of this chapter.

    (b) [Reserved]

    § 40.22 DCM review of compliance reports; maintenance of books and records.

    A designated contract market shall comply with the following:

    (a) Review of reports. Implement rules that require each AT Person that trades on the designated contract market, and each futures commission merchant that is a clearing member of a derivatives clearing organization for such AT Person, to submit the reports described in § 1.83(a) and (b), respectively, of this chapter;

    (b) Submission date. Require the submission of such reports by June 30th of each year;

    (c) Review program. Establish a program for effective periodic review and evaluation of reports described in paragraph (a) of this section, and of the measures described therein. An effective program shall include measures by the designated contract market reasonably designed to identify and remediate any insufficient mechanisms, policies and procedures described in such reports, including identification and remediation of any inadequate quantitative settings or calibrations of pre-trade risk controls required of AT Persons pursuant to § 1.80(a) of this chapter;

    (d) Maintenance of books and records. Implement rules that require each AT Person to keep and provide to the designated contract market books and records regarding such AT Person's compliance with all requirements pursuant to §§ 1.80 and 1.81 of this chapter, and require each clearing member futures commission merchant to keep and provide to the designated contract market books and records regarding such clearing member futures commission merchant's compliance with all requirements pursuant to § 1.82 of this chapter; and

    (e) Review and evaluate, as necessary, books and records required to be kept pursuant to paragraph (d) of this section, and the measures described therein. An appropriate review shall include measures by the designated contract market reasonably designed to identify and remediate any insufficient mechanisms, policies, and procedures described in such books and records.

    § 40.23 Self-trade prevention tools.

    (a) A designated contract market shall implement rules reasonably designed to prevent self-trading by market participants, except as specified in paragraph (b) of this section. “Self-trading” is defined for purposes of this section as the matching of orders for accounts that have common beneficial ownership or are under common control. A designated contract market shall either apply, or provide and require the use of, self-trade prevention tools that are reasonably designed to prevent self-trading and are applicable to all orders on its electronic trade matching platform. For purposes of complying with this requirement, a designated contract market may either determine for itself which accounts should be prohibited from trading with each other, or require market participants to identify to the designated contract market which accounts should be prohibited from trading with each other.

    (b) Notwithstanding the foregoing, a designated contract market may, in its discretion, implement rules that permit self-trading described in paragraphs (b)(1) or (b)(2) of this section to occur, in each case subject to the requirements of paragraph (c) of this section:

    (1) A self-trade resulting from the matching of orders for accounts with common beneficial ownership where such orders are initiated by independent decision makers. A designated contract market may through its rules further define for its market participants “independent decision makers.”

    (2) A self-trade resulting from the matching of orders for accounts under common control where such orders comply with the designated contract market's cross-trade, minimum exposure requirements or similar rules, and are for accounts that are not under common beneficial ownership.

    (c) A designated contract market may permit self-trading described in paragraph (b) of this section only if the designated contract market:

    (1) Requires market participants to request approval from the designated contract market that self-trade prevention tools not be applied with respect to specific accounts under common beneficial ownership or control, on the basis that they meet the criteria of paragraph (b) of this section. The designated contract market must require that such approval request be provided to it by a compliance officer or senior officer of the market participant; and

    (2) Requires market participants to withdraw or amend an approval request if any change occurs that would cause the information provided in such approval request to be no longer accurate or complete.

    (d) For each product and expiration month traded on a designated contract market in the previous quarter, the designated contract market must prominently display on its Web site the following information:

    (1) The percentage of trades in such product including all expiration months that represent self-trading approved (pursuant to paragraph (c) of this section) by the designated contract market, expressed as a percentage of all trades in such product and expiration month;

    (2) The percentage of volume of trading in such product including all expiration months that represents self-trading approved (pursuant to paragraph (c) of this section) by the designated contract market, expressed as a percentage of all volume in such product and expiration month; and

    (3) The ratio of orders in such product and expiration month whose matching was prevented by the self-trade prevention tools described in paragraph (a) of this section, expressed as a ratio of all trades in such product and expiration month.

    § 40.24 [Reserved]

    12.Add reserved § 40.24.

    13.Add §§ 40.25 through 40.28 to read as follows:

    § 40.25 Additional public information required for market maker and trading incentive programs.

    (a) When submitting a Rule regarding a market maker or trading incentive program pursuant to § 40.5 or § 40.6, a designated contract market shall, in addition to information required by such sections, include the following information in its public Rule filing:

    (1) The name of the market maker program or trading incentive program, the date on which it is scheduled to begin, and the date on which it is scheduled to terminate (if applicable);

    (2) An explanation of the specific purpose for the market maker or trading incentive program;

    (3) A list of all products or services to which the market maker or trading incentive program applies;

    (4) A description of any eligibility criteria or categories of market participants defining who may participate in the market maker or trading incentive program;

    (5) For any market maker or trading incentive program that is not open to all market participants, an explanation of why such program is limited to the chosen eligibility criteria or categories of market participants, and an explanation of how such limitation complies with the impartial access and comparable fee structure requirements of § 38.151(b) of this chapter for designated contract markets;

    (6) An explanation of how persons eligible for the market maker or trading incentive program may apply to participate, and how eligibility will be evaluated by the designated contract market;

    (7) A description of any payments, incentives, discounts, considerations, inducements or other benefits that market maker or trading incentive program participants may receive, including any non-financial incentives; and

    (8) A description of the obligations, benchmarks, or other measures that a participant in a market maker or trading incentive program must meet to receive the benefits described in paragraph (a)(7) of this section.

    (9) A description of any legal affiliation between the designated contract market and any entity acting as a market maker or participating in a market maker program.

    (b) In addition to any public notice required pursuant to this part (including without limitation the requirements of §§ 40.5(a)(6) and 40.6(a)(2)) of this chapter a designated contract market shall ensure that the information required by paragraphs (a)(1) through (a)(8) of this section is easily located on its public Web site from the time that such designated contract market begins accepting participants in the market maker or trading incentive program through the time that it ceases operation of the market maker or trading incentive program.

    (c) A designated contract market shall notify the Commission upon the termination of a market maker or trading incentive program prior to the termination date previously notified to the Commission; any extension or renewal of a market maker or trading incentive program beyond its original termination date shall require a new Rule filing pursuant to this part.

    § 40.26 Information requests from the Commission or the Director of the Division of Market Oversight.

    (a) Upon request by the Commission or the Director of the Division of Market Oversight, a designated contract market shall provide such information and data as may be requested regarding participation in market maker or trading incentive programs offered by the designated contract market, including but not limited to, individual program agreements, names of program participants, benchmarks achieved by program participants, and payments or other benefits conferred upon program participants.

    (b) [Reserved]

    § 40.27 Payment for trades with no change in ownership prohibited.

    (a) A designated contract market shall implement policies and procedures reasonably designed to prevent the payment of market maker or trading incentive program benefits, including but not limited to payments, discounts, or other considerations, for trades between accounts that are:

    (1) Identified to such designated contract market as under common beneficial ownership pursuant to the approval process described in § 40.23(c); or

    (2) Otherwise known to the designated contract market as under common ownership.

    (b) [Reserved]

    § 40.28 Surveillance of market maker and trading incentive programs.

    (a) A designated contract market, consistent with its obligations pursuant to subpart C of part 38 of this chapter, shall review all benefits accorded to participants in market maker and trading incentive programs, including but not limited to payments, discounts, or other considerations, to ensure that such benefits are not earned through abusive practices.

    (b) [Reserved]

    PART 170—REGISTERED FUTURES ASSOCIATIONS Back to Top

    14.The authority citation for part 170 continues to read as follows:

    Authority:

    7 U.S.C. 6d, 6m, 6p, 6s, 12a, and 21.

    15.Add § 170.18 to subpart C to read as follows:

    § 170.18 AT Persons.

    Each registrant, as defined in § 1.3(oooo) of this chapter, that is an AT Person, as defined in § 1.3(xxxx) of this chapter, that is not otherwise required to be a member of a futures association that is registered under Section 17 of the Act pursuant to §§ 170.15, 170.16, or 170.17 of this chapter must become and remain a member of at least one futures association that is registered under Section 17 of the Act and that provides for the membership therein of such registrant, unless no such futures association is so registered.

    16.Add subpart D, consisting of § 170.19, to read as follows:

    end regulatory text

    Subpart D—Standards for Automated Trading and Algorithmic Trading Systems Back to Top

    § 170.19 RFA Standards for Automated Trading and Algorithmic Trading Systems.

    (a) A registered futures association must establish and maintain a program for the prevention of fraudulent and manipulative acts and practices, the protection of the public interest, and perfecting the mechanisms of trading on designated contract markets by adopting rules for each category of member, as deemed appropriate by the registered futures association, requiring:

    (1) Pre-trade risk controls and other measures for algorithmic trading systems;

    (2) Standards for the development, testing, monitoring, and compliance of algorithmic trading systems;

    (3) Designation and training of algorithmic trading staff; and

    (4) Operational risk management standards for clearing member futures commission merchants with respect to customer orders originating with algorithmic trading systems.

    (b) [Reserved]

    Issued in Washington, DC, on November 27, 2015, by the Commission.

    Christopher J. Kirkpatrick,

    Secretary of the Commission.

    Note:

    The following appendices will not appear in the Code of Federal Regulations.

    begin regulatory text

    Appendices to Regulation Automated Trading—Commission Voting Summary, Chairman's Statement, and Commissioners' Statements Back to Top

    Appendix 1—Commission Voting Summary Back to Top

    On this matter, Chairman Massad and Commissioners Bowen and Giancarlo voted in the affirmative. No Commissioner voted in the negative.

    Appendix 2—Statement of Chairman Timothy G. Massad Back to Top

    Today, the Commission has approved a proposal that addresses the increased use of automated trading in our markets. I strongly support this important action. In the futures markets, today almost all trading is electronic in some form. And over the last few years, more than 70 percent of all trading has become automated.

    Automated trading has brought many benefits to market participants. These include more efficient execution, lower spreads and greater transparency. But its extensive use also raises important policy and supervisory questions and concerns.

    The Commission has already taken a number of steps to respond to the development of automated trading in our markets. Following the 2010 “Flash Crash,” the CFTC worked with the SEC to establish certain controls to minimize the risk of market disruptions. The Commission has also required clearing members to implement policies and procedures governing the use of automated trading programs. We have also required automatic screening of orders for compliance with risk limits if they are automatically executed.

    But as markets continue to evolve, it is important to continue looking at this issue. Therefore, in September 2013, the Commission issued a Concept Release that requested public comment on the necessity and operation of a variety of risk controls and measures. The Commission received many written comments and also held a meeting of its Technological Advisory to discuss the issues raised. It served as a very useful way to understand existing industry practices and discuss what further actions might make sense.

    The proposal approved today addresses several areas discussed in the Concept Release, and incorporates much of that public input. It focuses on minimizing the potential for disruptions and other operational problems that may arise from the automation of order origination, transmission or execution. They may come about due to malfunctioning algorithms, inadequate testing of algorithms, errors and similar problems.

    No set of rules can prevent all such problems. But that doesn't discharge us from our duty to take reasonable measures to minimize these risks. It is our responsibility as regulators to create a framework that promotes the integrity of these markets. And I believe this proposed rule helps do that.

    Our futures market infrastructure is already very strong. Our regulatory framework—and the controls and measures that exist at the exchange and clearing member level in particular—have helped create the best futures markets in the world. Our proposal seeks to maintain that strength as our markets evolve further.

    We have proposed a number of measures that largely reflect what are industry best practices to minimize the risk of disruptions and similar problems. We have tried to be principles-based. We have set forth requirements for certain controls, but we have avoided prescribing the parameters or levels at which they should be set. The proposed risk controls will apply regardless of whether the automated trading is high- or low-frequency. The proposal does not define high frequency trading.

    A key principal of this proposed rule is to have risk controls at three levels—the exchange level, clearing member level and trading firm level. Market participants generally supported this multi-level approach in response to the Concept Release, and I believe it is important to achieving a sound framework. But in doing so, we must seek efficiency, and avoid conflicting or unnecessary requirements at multiple levels.

    In order to make the multi-level approach effective, we are proposing to require the registration of proprietary traders who engage in algorithmic trading on our regulated exchanges via “direct electronic access.” Today, our staff estimates that roughly 35 percent of the futures trading in our markets is done by traders who use direct electronic access and are not registered with us. A registration requirement will ensure that all those with direct electronic access to our markets are complying with pre-trade risk controls, testing and other requirements. And it would enhance the Commission's ability to carry out its oversight responsibilities.

    While we believe a registration requirement is appropriate, we have also invited market participants to comment on whether there are alternatives that can achieve the proposal's underlying objectives. We have also asked whether the registration requirement should be limited to trading firms meeting certain volume, order or message levels—or be based on other characteristics. Further, we are seeking comment on whether all firms trading through direct electronic access should be required to register, even if they are not using algorithmic trading.

    We believe that many of the requirements we are proposing for trading firms represent the best practices already followed by many larger firms. However, we know that a faulty algorithm at a single firm, regardless of size, can potentially cause a significant problem. As a result, we have proposed standards that are applicable regardless of the size or similar attributes of a trading firm. We also are cognizant of the importance of establishing effective standards without creating barriers to entry for small firms. So we welcome comment on whether these requirements should vary in any way depending on the size or activity level of the trading firm.

    We have also proposed certain risk controls for clearing member futures commission merchants (FCMs) with respect to their customers engaged in algorithmic trading. FCMs play a critical role in overall risk management. As I noted earlier, they have implemented measures already to require order limits and screening of orders. We believe the requirements we are proposing today help achieve an effective multi-layered approach.

    We have asked for public comment on whether there are any aspects of the required controls that may pose an undue burden on clearing member FCMs or that are unnecessary for reducing the risks associated with algorithmic trading. We've also asked about what technological development would be required by clearing members to comply with some requirements of this proposal.

    I've said frequently that it's very important that we have a robust clearing member industry and that all customers—particularly smaller ones—are able to access the markets effectively and efficiently. We want to make sure this proposal is consistent with achieving that objective.

    We have also included measures on some additional topics not covered in the Concept Release. These include provisions to increase transparency for exchanges' electronic trade matching platforms, as well as for market maker and trading incentive programs, which have become more significant as automated trading has increased.

    There are concerns that have been raised with respect to automated trading that also go beyond the scope of this proposal. These include whether our markets are best served by this speed, and what are its impacts on volatility and liquidity? These are important topics for market participants and the Commission to continue to study and discuss.

    This proposal provides some common-sense risk controls that I believe embrace the benefits that automated trading has brought to our markets, while also protecting against the increased possibility of breakdowns and disruptions that come with it. We encourage—and welcome—public comment, which will carefully be taken into account before we take any final action.

    Appendix 3—Concurring Statement of Commissioner Sharon Y. Bowen Back to Top

    I want to thank the Commission staff for the time they have devoted to the proposed rule on automated trading. It is a timely topic.

    As I have previously said, our markets have seen immense technological change over the last fifteen years.1 Futures trading used to involve “throngs of traders with jackets and badges using hand-gestures” to purchase futures and options.2 That trading structure has largely disappeared, with even CME closing the vast majority of its futures pits this summer. Meanwhile, algorithmic trading has substantially increased. Algo trading comprised less than 10% of futures volume at the turn of the millennium.3 Yet, “per CFTC staff's estimates, for the most liquid U.S. futures contracts which account for over 75% of total trading volume, more than 90 percent of all trades make use of algorithms or some other form of automation.” 4 Of course, these estimates are just that, estimates. We still do not have comprehensive, precise data on the percentage of trades created or entered by algorithms in many product classes. Clearly, further research and work remain for all stakeholders, from regulators, to industry participants, to academics and advocates of financial reform.

    Yet, I do not believe this lack of information requires that regulators passively wait for this information to emerge. Simply waiting for that kind of data to materialize could allow problems to emerge in the interim that harm investors and the broader financial system. Given the current state of our economy and a global financial system still recovering from the 2008 financial crisis, that is a risk that I believe we must not take. Recent events have raised important questions about the impact and role of algorithmic trading in our markets. As I said earlier, this fall, “Even though the amount of algorithmic trading and definitions of these various terms are not crystal clear, what is clear is trades involving algorithms make up a substantial portion of our markets, and algorithms can and do malfunction at times, with negative effects on the markets. As a result, I believe we are obligated to consider if it is prudent to establish some regulations on algorithmic trading in our markets.” 5

    Today, we begin the process of potentially establishing those regulations. From what I have seen, I believe we now owe it to market participants, investors, and ordinary consumers to ensure that a reasonable level of regulation exists over this new trading technology. I have said such regulation should include requirements that entities utilizing algorithms to trade must use risk management strategies, be required to disclose information to regulators, and have people who understand the Commodity Exchange Act and our regulations involved in the creation and maintenance of their algorithms. I think this proposed regulation meets that standard and does so in a way that allows for innovation and continued development of this nascent technology.

    Having said what I think lies at the core of this regulation, let me also be clear about what this regulation is not. The rule before us today should not substantially change how many firms utilize algorithms. If, as I hope, a firm already uses risk management strategies, has various protections against malfunctions in place, and retains the services of talented attorneys, this new regulation will not create significant new burdens for that firm. In effect, this rulemaking