NOTICE OF NATIONAL INSTRUMENT 23-103 ELECTRONIC TRADING I. INTRODUCTION The Canadian Securities Administrators (CSA or we) have made National Instrument 23-103 Electronic Trading (Instrument) and Companion Policy 23-103 (Companion Policy). The Instrument and Companion Policy set out a regulatory framework to help ensure that marketplace participants and marketplaces manage the risks associated with electronic trading.
The Instrument has been adopted or is expected to be adopted by each member of the CSA. The final text of the Instrument and Companion Policy is being published concurrently with this Notice and can also be obtained on the websites of various CSA members.
Jurisdictions that are a party to Multilateral Instrument 11-102 Passport System (currently all jurisdictions except Ontario) are also publishing amendments to that instrument that permit the use of the passport system for aspects of the Instrument. The amendments were published for comment on August 19, 2011. No comments were received. These related amendments are contained in Appendix B to this Notice.
Subject to all ministerial approval requirements, the Instrument will come into force on March 1, 2013 in all CSA jurisdictions. The Companion Policy will come into force at the same time. Additional information regarding the implementation or adoption of the Instrument in each province or territory is included at Appendix A to this Notice.
CSA staff have worked closely with staff of the Investment Industry Regulatory Organization of Canada (IIROC) on the development of the Instrument and Companion Policy. IIROC staff have shared their knowledge and expertise regarding many of the issues raised by electronic trading and we thank them for their valuable contribution. IIROC is publishing today proposed amendments to the Universal Market Integrity Rules that reflect and support various provisions of the Instrument for comment. Further information may be found at www.iiroc.ca.
II. BACKGROUND On April 8, 2011, the CSA published proposed National Instrument 23-103 and its related companion policy (2011 Proposal). The CSA invited public comment on all aspects of the 2011 Proposal. Twenty nine comment letters were received. We have considered the comments received and thank all commenters for their submissions. A list of those who submitted comments, as well as a summary of comments and our responses to them are attached at Appendix C to this Notice. Copies of the comment letters are posted at www.osc.gov.on.ca.
The Instrument was developed to address certain risks of electronic trading and builds on the obligations outlined in National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103). Section 11.1 of NI 31-103 requires a registered firm to manage the risks associated with its business in accordance with prudent business practices.
The Instrument addresses the risks of electronic trading by providing specific requirements for controls, policies and procedures relating to electronic trading. Electronic trading risks arise from greater speed and automation in the Canadian market. This increases the potential impact of a trading error or a rapid series of errors, caused by a computer or human fault. The Instrument and Companion Policy provide a regulatory framework that will help ensure that marketplace participants and marketplaces are appropriately managing the risks associated with widespread electronic trading.
The Instrument is designed to address a number of risks related to electronic trading including credit risk, market integrity risk, technology or systems risk and regulatory arbitrage risk. For a detailed discussion of these risks, please see the notice that accompanied the 2011 Proposal.
Requirements Pertaining to Direct Electronic Access The 2011 Proposal included requirements regarding the provision of direct electronic access (DEA), however the Instrument does not include these requirements. In considering the DEA provisions, we determined that similar forms of marketplace access, such as an order execution service account or dealer-to-dealer routing raise risks similar to those of DEA and therefore should be subject to similar requirements. As a result, the CSA and IIROC are developing a package of proposed rules that would help ensure that similar forms of marketplace access are treated similarly. We expect to publish this revised proposal for comment in the coming months.
III. PURPOSE AND SUBSTANCE OF INSTRUMENT AND COMPANION POLICY A. Key Aspects of the Instrument The Instrument sets out requirements that apply to: 1. marketplace participants, 2. the use of automated order systems, and 3. marketplaces.
The Instrument applies to the trading of all securities on alternative trading systems and recognized exchanges (together, “marketplaces”). We note that the definition of a “security” varies among the CSA jurisdictions. In some jurisdictions, such as Ontario, the Instrument does not apply to commodity futures contracts, but in others, such as Québec, the Instrument would apply to standardized derivatives.
1. Requirements Applicable to Marketplace Participants The Instrument imposes requirements on marketplace participants that electronically send orders to marketplaces. The purpose of these requirements is to ensure that marketplace participants have policies, procedures and controls reasonably designed to manage the risks associated with electronic trading. We are of the view that these controls are essential in maintaining the integrity of marketplace participants, marketplaces and the Canadian capital market as a whole.
(i) Marketplace Participant Controls, Policies and Procedures In our view, the risks associated with electronic trading arise when the marketplace participant enters orders electronically for its own trading, acts as an agent handling orders for its clients or when it authorizes clients to access a marketplace using its marketplace participant identifier. Therefore, the Instrument requires that each marketplace participant establish, maintain and ensure compliance with risk management and supervisory controls that are reasonably designed to manage the financial, regulatory and other risks associated with marketplace access. 1 To assist in early detection of erroneous or non-compliant trades, these risk management and supervisory controls, policies and procedures must be reasonably designed to ensure all orders are monitored and include both automated pre-trade controls and regular post-trade monitoring 2 that systematically limit financial exposure and ensure compliance with applicable marketplace and regulatory requirements. 3 In addition, the Instrument requires a marketplace participant to have specific controls that are reasonably designed to:
• limit the entry of orders to securities that the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, is authorized to trade, • restrict access to trading to persons authorized to do so, • ensure that compliance staff of the marketplace participant receive immediate order and trade information, • enable the marketplace participant to immediately stop or cancel any orders entered by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, • enable the marketplace participant to immediately suspend or terminate any access to a marketplace, and • ensure that the entry of orders does not interfere with fair and orderly markets. 4 These are minimum requirements. A marketplace participant may want to implement risk management and supervisory controls, policies and procedures that surpass those specifically described in the Instrument, depending on its business model and risk tolerance.
While the above controls are required under the Instrument, we have not mandated specified parameters for these controls. As indicated, the details of the risk management and supervisory controls, policies and procedures may vary from marketplace participant to marketplace participant depending on its business model. For example, a marketplace participant that only handles order flow from retail clients will likely need to develop different risk
1 Paragraph 3(1)(a) of NI 23-103. 2 Subsection 3(2) of NI 23-103. 3 Subsection 3(3) of NI 23-103. 4 Subsection 3(3) of NI 23-103. 2
management controls and supervisory procedures and parameters for those controls than a marketplace participant that mostly receives order flow from sophisticated high frequency traders.
The Instrument also requires that compliance staff of the marketplace participant receive all order and trade information sent by the marketplace participant, and if applicable its clients with marketplace access provided by the marketplace participant, to a marketplace. 5 This will help ensure that the marketplace participant is able to appropriately monitor for any erroneous or non-compliant trading. We expect that participant dealers will establish appropriate safeguards to keep their client trading information confidential and available only to appropriate personnel for regulatory compliance purposes when complying with this provision.
To meet these requirements, both marketplace participants and regulators need clarity about what types of controls, policies and procedures are to be in effect and maintained by the marketplace participant. To achieve this, the Instrument requires that the mandated policies and procedures be in written form and that a marketplace participant maintain a written description of its risk management and supervisory controls. 6 (ii) Control over Setting and Adjustment of Risk Management and Supervisory Controls Since the immediate risks arising from all orders, including regulatory compliance obligations, fall on the marketplace participant, we think that it is inappropriate for the marketplace participant to rely on a client or other third party to set and adjust its risk control parameters. Our view is that the risks presented by electronic trading to the marketplace participant and the market as a whole are significant enough that the marketplace participant must set and adjust these critical risk management and supervisory controls to help ensure that it can manage these risks as needed in an effective manner. The Instrument therefore requires that marketplace participants directly and exclusively set and adjust their risk management and supervisory controls, policies and procedures subject to certain limited exceptions. 7 (iii) Independence of Third Party Providing Risk Management and Supervisory Controls While marketplace participants may develop their own risk management technology and software, they also have the option to use technology and software developed by third parties, including marketplaces. However, we are of the view that third party risk management and supervisory controls, policies and procedures should only be used if the third party is independent from a marketplace participant’s clients or the clients’ affiliates. Such independence would assist the marketplace participant in tailoring the controls to meet its specific needs and in ensuring the sufficiency of these controls.
Therefore the Instrument requires that a third party that provides risk management and supervisory controls, policies or procedures to a marketplace participant must be independent from each client of that marketplace participant. 8 The independent third party could be another marketplace participant, an exchange or alternative trading system, a service vendor, or other entity that is not an affiliate, and is otherwise independent, of the client. One exception provided for in the Instrument is that an entity affiliated with a marketplace participant that is also a client of the marketplace participant may provide supervisory and risk management controls to the marketplace participant. However, the marketplace participant is still required to directly and exclusively set and adjust the parameters of the supervisory and risk management controls, policies and procedures.
(iv) Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures We recognize that there are circumstances, such as introducing and carrying arrangements or jitney arrangements that involve multiple dealers, where there may be certain controls that are better administered by the introducing dealer. This is because the introducing dealer has first hand knowledge of the client and is responsible for suitability and other “know your client” obligations. 9 Therefore, while the Instrument requires marketplace participants to directly and exclusively set and adjust its risk management controls, policies and procedures, the Instrument permits a participant dealer to authorize another investment dealer that is directing trading to the participant dealer to set or adjust a control, policy or procedure on the participant dealer’s behalf. 10 However, the participant dealer must still have controls in place to manage the order flow it receives from the investment dealer.
5 Subparagraph 3(3)(b)(iv) of NI 23-103. 6 Paragraph 3(1)(b) of NI 23-103. 7 Subsection 3(5) of NI 23-103. 8 Subsection 3(4) of NI 23-103. 9 Section 4 of 23-103CP. 10 Section 4 of NI 23-103. 3
2. Requirements Applicable to Use of Automated Order Systems An automated order system is defined in the Instrument as “a system used to automatically generate or electronically transmit orders on a pre-determined basis”. 11 This definition is intended to capture both the hardware and software used to generate or transmit orders on a pre-determined basis and includes smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed by clients or service vendors.
Such systems can be used to transmit many orders in a very short period of time and if something goes wrong, the market can be negatively impacted very quickly. Due to these risks and because a marketplace participant is responsible for the use of an automated order system that sends orders using its marketplace participant identifier, regardless of its origins, the Instrument requires marketplace participants to take all reasonable steps to ensure that the use of these automated order systems, by itself or any client, does not interfere with fair and orderly markets. 12 As part of a marketplace participant taking all reasonable steps to ensure that the use of automated order systems does not interfere with fair and orderly markets, the Instrument requires a marketplace participant to have a general understanding of any automated order system used by itself or any client, and to ensure that each automated order system is tested before its initial use and at least annually thereafter. 13 We understand that much of the detailed information about a client's automated order systems may be considered confidential and proprietary. However, this requirement is designed to ensure that the marketplace participant has a sufficient level of knowledge and understanding to identify and manage its risks. 14 We expect these provisions will help to support the fair and orderly functioning of our markets upon the deployment of a smart order router, trading algorithm or any other aspect of an automated order system.
Despite the above requirements, we recognize that it may still be possible for an automated order system to function improperly. In order to address such situations, the Instrument requires a marketplace participant to have controls in place, such as a “kill switch”, to disable the automated order system and to be able to immediately prevent orders generated from such a system from reaching a marketplace. 15 We think this provision is essential in mitigating the risk that automated order systems pose to the functioning of our markets.
3. Requirements Applicable to Marketplaces While the Instrument places obligations on marketplace participants, we think that marketplaces also have an important role to play in managing the risks associated with electronic trading. We note that the marketplace requirements imposed by the Instrument are supplementary to the ones already placed on marketplaces by National Instrument 21-101 Marketplace Operation.
The Instrument imposes requirements on marketplaces for: (i) availability of order and trade information, (ii) marketplace controls relating to electronic trading, (iii) marketplace thresholds, and (iv) erroneous trades.
(i) Availability of Order and Trade Information The Instrument obliges a marketplace to provide its participants with access to their order and trade information, including execution reports, on an immediate basis and on reasonable terms. We expect this information to be an important tool to help marketplace participants implement and monitor the effectiveness of their risk management and supervisory controls. Consequently it is important that no marketplace rule, fee or practice creates an unreasonable barrier to accessing this information. Regarding providing order and trade information on an immediate basis, we would consider the provision of drop copies, which is very close to providing immediate order and trade information, to be acceptable. 16 (ii) Marketplace Controls Relating to Electronic Trading
11 Section 1 of NI 23-103. 12 Subsection 5(1) of NI 23-103. 13 Subsection 5(3) of NI 23-103. 14 Part 3 of 23-103CP. 15 Paragraph 5(3)(c) of NI 23-103. 16 Subsection 6(2) of 23-103CP. 4
Requirements related to marketplace controls were included to help ensure marketplaces have the necessary risk management and supervisory controls, policies and procedures to address the risks that arise from the electronic trading that occurs on their platforms.
The Instrument requires marketplaces to: • have the ability and authority to terminate all or a portion of a marketplace participant’s access, • regularly assess and document whether it requires any risk management and supervisory controls, policies and procedures relating to electronic trading, • ensure timely implementation of those risk management and supervisory controls, policies and procedures, • regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures, and • document and promptly remedy any deficiencies in the adequacy or effectiveness of the controls, policies and procedures implemented. 17 These are minimum requirements and we note that a marketplace may implement additional controls, policies and procedures that it considers necessary to appropriately address the electronic trading risks that arise on its market.
(iii) Marketplace Thresholds This requirement is part of the follow-up to the events of the May 6, 2010 “flash crash”. Under this provision, marketplaces are required to prevent the execution of orders beyond certain thresholds. These thresholds may be determined by a regulation services provider or by a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) of NI 23-101. 18 There are a variety of methods that may be used to prevent the execution of these orders and IIROC is currently conducting public consultations as to how to best implement this requirement and work with applicable marketplaces, where necessary, in determining the mandated thresholds.
We view these thresholds as important tools in maintaining a fair and orderly market as they could mitigate the type of volatility experienced during the May 6, 2010 “flash crash”. This requirement is intended to complement both IIROC’s Single Stock Circuit Breaker policy and its proposal for Market-wide Circuit Breakers and we are of the view that a regulation services provider, where applicable, is in the best position to set these types of thresholds.
(iv) Clearly Erroneous Trades While the controls required by the Instrument should prevent many erroneous trades from occurring, the Instrument also imposes obligations on marketplaces to have the capacity to cancel, vary or correct any trade that is deemed to be erroneous. 19 The Instrument sets out the following circumstances under which a marketplace, when it has retained a regulation services provider, may cancel, vary or correct a trade:
• when instructed to do so by its regulation services provider, • if the cancellation, correction or variation is requested by a party to the trade, consent is provided by both parties to the trade and the regulation services provider is notified, or • if the cancellation, correction or variation is necessary to correct a systems issue or error caused by an individual acting on behalf of the marketplace in executing the trade, and permission to cancel, vary or correct the trade has been obtained from the regulation services provider. 20 The Instrument also requires publicly transparent marketplace policies and procedures for the cancellation, variation or correction of trades. 21 We anticipate that this will help the market as a whole to understand when trades executed on a marketplace may be cancelled or changed by that marketplace.
17 Section 7 of NI 23-103. 18 Subsection 8(1) of NI 23-103. 19 Subsection 9(1) of NI 23-103. 20 Subsection 9(2) of NI 23-103. 21 Subsection 9(3) of NI 23-103. 5
B. Summary of Changes to 2011 Proposal After considering the comments received, we have made some non-material revisions to the documents that were published for comment. These revisions are reflected in the final Instrument and Companion Policy we are publishing concurrently with this Notice.
(i) Scope of Rule Some commenters asked for clarity as to the applicability of the 2011 Proposal, specifically whether the 2011 Proposal applies only to equities or to other asset classes as well. We have clarified that the Instrument applies to the trading of all securities on marketplaces. 22 We note however, that the definition of “security” varies among CSA jurisdictions. For example, a standardized derivative is defined to be a “security” in Québec, while in many other CSA jurisdictions it is not.
(ii) Role of Clearing Brokers Some commenters suggested that the focus of the 2011 Proposal on the executing broker should be changed to include the clearing broker who ultimately bears the credit risk of a trade.
In response to this comment, we have added further guidance to the Companion Policy regarding the role of the clearing broker and the risks of electronic trading. 23 Specifically, we note that a key focus of the Instrument is the gatekeeping function of the executing broker and the risks associated with entering orders onto a marketplace. We agree that a clearing broker also bears financial and regulatory risks associated with providing clearing services and point out that under NI 31-103 a dealer is required to manage the risks associated with its business in accordance with prudent business practices. As part of this NI 31-103 obligation, we expect a clearing broker to have effective systems and controls to properly manage its risks.
(iii) Definition of Automated Order System One commenter requested clarification if smart order routers are included under the definition of “automated order system”. We have clarified in the Companion Policy that automated order systems include both hardware and software used to generate or electronically transmit orders on a pre-determined basis and would include technology such as smart order routers. 24 (iv) Automated Pre-trade Controls Automated pre-trade controls prevent an order or series of orders from interfering with the fair and orderly functioning of the market. We have provided further guidance in the Companion Policy that automated pre-trade controls include an examination of the order before entry on a marketplace and the monitoring of entered orders, whether executed or not. 25 (v) Pre-determined Credit and Capital Thresholds Some commenters requested clarification regarding what is meant by pre-set credit and capital thresholds. We have therefore clarified in the Companion Policy that a marketplace participant can establish pre-set credit thresholds through the setting of lending limits to a client and establish pre-set capital thresholds by setting limits on the financial exposure that can be created by orders entered on a marketplace under its marketplace participant identifier. 26 (vi) Design of Controls, Policies and Procedures A few commenters expressed the view that the standard for risk management and supervisory controls, policies and procedures in subsection 3(3) of the Instrument was unreasonably high since it required a marketplace participant to “ensure” that certain actions will or will not occur. In response, we have adopted a standard to require that the risk
22 Subsection 1.1(2) of 23-103CP. 23 Subsection 1.1(1) of 23-103CP. 24 Section 1 of NI 23-103; Subsection 1.2(1) of 23-103CP. 25 Subsection 3(4) of 23-103CP. 26 Subsection 3(5) of 23-103CP. 6
management and supervisory controls, policies and procedures be reasonably designed to meet the various requirements instead of maintaining the stricter “ensure” standard. 27 (vii) Real-Time Monitoring of Orders Real-time monitoring of orders can assist in identifying, preventing or cancelling an order or a series of orders that may interfere with the fair and orderly functioning of a marketplace.
We have clarified in the Companion Policy that, while the Instrument does not mandate compliance monitoring in real-time, there are instances when automated, real-time monitoring should be considered, such as when an automated order system is used to generate orders. We have also clarified that is it up to the marketplace participant to determine, based on the risk of its order flow, the appropriate timing for compliance monitoring. 28 (viii) Direct and Exclusive Control of Risk Management Controls Some commenters requested further clarification as to what constitutes the direct and exclusive control of risk management and supervisory controls. We have therefore amended the requirement in the Instrument 29 and clarified in the Companion Policy 30 that it is the setting and adjusting of the risk management and supervisory controls, policies and procedures that must be directly and exclusively controlled by the marketplace participant.
Other commenters indicated that the 2011 Proposal was more restrictive than the SEC’s Rule 15c3-5 because the SEC’s requirements would allow for an affiliated broker-dealer of a direct access client to provide risk management controls to a broker-dealer with market access. We agree that this provision would not dilute the effectiveness of only allowing entities independent from clients to provide marketplace participants with risk management and supervisory controls. We have revised the Instrument to state that an entity directly affiliated with a participant dealer that is also a client of the participant dealer may provide supervisory and risk management controls to the participant dealer. 31 We note, however, that the participant dealer must still directly and exclusively set and adjust the supervisory and risk management controls regardless of the source of the controls. The prohibition of any person or company to set or adjust the parameters of the controls, policies and procedures, other than the marketplace participant, would also apply in this instance.
(ix) Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures One of the provisions a participant dealer would need to fulfill before authorizing an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure is that the participant dealer must provide the investment dealer with the immediate order and trade information of a client. We use the term “ultimate client” to better capture the fact that the investment dealer must receive order and trade information of the client for which it is has been authorized to set or adjust a specific control, policy or procedure on behalf of the participant dealer. 32 (x) Use of Automated Order Systems The 2011 Proposal proposed an obligation on marketplace participants and any client of the marketplace participant to ensure that their use of automated order systems did not interfere with fair and orderly markets. To address comments indicating that this was too strict a standard, the Instrument now requires a marketplace participant to take all reasonable steps to ensure that the use of automated order systems by itself or any client does not interfere with fair and orderly markets. 33 We made a similar change to the obligation on the client. The Instrument requires a client of a marketplace participant to take all reasonable steps to ensure its use of automated order systems does not interfere with fair and orderly markets. 34 The 2011 Proposal also provided guidance in the Companion Policy that it is expected that an automated order system would be tested before its initial use and after any significant change is made. The Instrument now states that automated order systems must be tested in accordance with prudent business practices both before their initial use
27 Subsection 3(3) of NI 23-103. 28 Subsection 3(7) of 23-103CP. 29 Subsection 3(5) of NI 23-103. 30 Subsection 3(8) of 23-103CP. 31 Subsection 3(4) of NI 23-103. 32 Subsection 4(e) of NI 23-103. 33 Subsection 5(1) of NI 23-103. 34 Subsection 5(2) of NI 23-103. 7
and at least annually thereafter to further ensure that the risks of using automated order systems are appropriately addressed. 35 (xi) Termination of Marketplace Access The 2011 Proposal proposed to require that a marketplace have the ability and authority to terminate all or a portion of the access provided to a marketplace participant or its clients. We have clarified that a marketplace need only have the ability and authority to terminate all or a portion of the access provided to a marketplace participant since this general requirement would also cover access granted by the marketplace participant to its clients. 36 (xii) Clearly Erroneous Trades The Instrument sets out circumstances under which a marketplace may cancel, vary or correct a trade executed on its platform. 37 One such circumstance is where the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace’s systems or equipment in executing the trade and permission to cancel, vary or correct the error has been obtained from its regulation services provider, if applicable. We have also included that an error caused by an individual acting on behalf of the marketplace may also be cancelled, varied or corrected by the marketplace after permission has been obtained by its regulation services provider, if applicable.
C. Implementation of Instrument From speaking to certain marketplace participants, we note that in some cases the Instrument may be substantially satisfied through existing risk management controls and supervisory procedures that have already been implemented. We also understand that other marketplace participants will need more time in order to be ready to comply with the Instrument.
We have determined to delay implementation of the Instrument until March 1, 2013. We expect that this will provide marketplace participants and marketplaces enough time to comply with the requirements of the Instrument.
During this period, if a marketplace participant or marketplace has a question, we encourage them to contact any of the staff listed below. We will gather the questions posed, and if needed, will create a Frequently Asked Questions document.
VI. QUESTIONS The Instrument and the Companion Policy are available on certain websites of CSA members, including: www.lautorite.qc.ca www.albertasecurities.ca www.bcsc.ca www.osc.gov.on.ca
35 Paragraph 5(3)(b) of NI 23-103. 36 Subsection 7(1) of NI 23-103. 37 Section 9 of NI 23-103. 8
Please refer your questions to any of the following: Sonali GuptaBhaya Ontario Securities Commission 416-593-2331 sguptabhaya@osc.gov.on.ca Tracey Stern Ontario Securities Commission 416-593-8167 tstern@osc.gov.on.ca Serge Boisvert Autorité des marchés financiers 514-395-0337 ext. 4358 serge.boisvert@lautorite.qc.ca Meg Tassie British Columbia Securities Commission 604-899-6819 mtassie@bcsc.bc.ca Roy Dias Alberta Securities Commission 413-297-4221 roy.dias@asc.ca
June 28, 2012.
9
Barbara Fydell Ontario Securities Commission 416-593-8253 bfydell@osc.gov.on.ca Paul Romain Ontario Securities Commission 416-204-8991 promain@osc.gov.on.ca Élaine Lanouette Autorité des marchés financiers 514-395-0337 ext. 4356 elaine.lanouette@lautorite.qc.ca Shane Altbaum Alberta Securities Commission 403-355-4475 shane.altbaum@asc.ca
APPENDIX A IMPLEMENTATION OR ADOPTION OF THE INSTRUMENT The Instrument will be implemented as: ● a rule in each of Alberta, British Columbia, Manitoba, Newfoundland and Labrador, Nova Scotia, New Brunswick, Ontario, the Northwest Territories, the Yukon Territory, Nunavut and Prince Edward Island; ● a regulation in Québec; and ● a commission regulation in Saskatchewan. The Companion Policy will be adopted as a policy in each of the jurisdictions represented by the CSA. In Ontario, the Instrument and other required materials were delivered to the Minister of Finance on June 28, 2012. The Minister may approve or reject the Instrument or return it for further consideration. If the Minister approves the Instrument (or does not take any further action), the Instrument will come into force on March 1, 2013.
In Québec, the Instrument is a regulation made under section 331.1 of The Securities Act (Québec) and must be approved, with or without amendment, by the Minister of Finance. The Instrument will come into force on the date of its publication in the Gazette officielle du Québec or on any later date specified in the regulation. It is also published in the Bulletin of the Autorité des marchés financiers.
In British Columbia, the implementation of the Instrument is subject to ministerial approval. Provided all necessary approvals are obtained, British Columbia expects the Instrument to come into force on March 1, 2013.
10
APPENDIX B PASSPORT SYSTEM AMENDMENTS THE MANITOBA SECURITIES COMMISSION MSC Rule No. 2012-15 (Section 149.1, The Securities Act)
AMENDING INSTRUMENT FOR MULTILATERAL INSTRUMENT 11-102 PASSPORT SYSTEM
1. Multilateral Instrument 11-102 Passport System is amended by this Instrument. 2. Appendix D is amended by adding the following row immediately below the row that contains “Use of client brokerage commissions” in the Provision column:
Electronic NI 23-103 trading (only sections 3(1), 3(2), 3(3)(a) to 3(3)(d), 3(4) to 3(7), 4, and 5(3)) 3. The provisions of this Instrument come into force on March 1, 2013. 4. This Instrument may be cited as MSC Rule 2012-15.
11
APPENDIX C COMMENT SUMMARY AND CSA RESPONSES ICE Futures Canada, Inc. TriAct IRESS CanDeal Flextrade Systems Inc. Ross McKee CIBC PMAC CNSX Markets Inc. TMX Group Akimbo Capital LP Optima Capital Canada ExpoWorld Ltd. Heaps Capital Ltd. EMDA Chi-X ATS Newedge Canada Inc. Mark DesLauriers TD Securities LiquidNet Canada Inc. GETCO Jitneytrade Inc. Softek SIFMA Simon Romano & Terrence Doherty Alpha ATS IIAC Penson Financial Services Canada Scotia Capital Please note that a summary of comments relating to proposed requirements relating to direct electronic access included in the 2011 Proposal will be published in the coming months with a revised proposal relating to direct electronic access and other similar forms of marketplace access.
Text of Proposed Provisions General Support for Proposed NI 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (Proposed Instrument)
Many commenters expressed general support for the proposal.
Scope of Proposed Rule A number of commenters asked for clarity as to The Instrument the scope of the Proposed Instrument. applies to the trading of securities on all One commenter wanted to know whether the marketplaces, which Proposed Instrument applies only to equities or would also include to other asset classes as well. Other the trading of fixed commenters asked specifically if the income securities. requirements of the Proposed Instrument With respect to the applied to: trading of • the trading of fixed income securities; commodities and the • the trading of commodities; futures market, we • the futures market. have clarified in the Companion Policy that the definition of “security” varies among the CSA jurisdictions including with regard to 12
CSA Response to Summary of Comments Comments and Additional CSA Commentary
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary derivatives. For example, the term “security” includes a standardized derivative in Québec and the Instrument would apply to the trading of that product in Quebec. 1. Definitions Definition of “automated order system” The Companion One commenter requested clarification if smart Policy clarifies that order routers are included under this definition. the definition of “automated order system” includes both hardware and software used to send orders on a pre- determined basis, which would include smart order routers. Definition of “Credit Risk” and “Capital Risk” The Companion One commenter requested a definition of credit Policy explains that and capital risk as used in 3(3)(a)(i). capital risk refers to the financial exposure created by orders entered and pre-set credit thresholds refer to lending limits.
Use of term “Electronic Trading” We are not aware of One commenter pointed out that some of the how the scope of the references to “electronic trading” may extend Instrument may be the scope of the Proposed Instrument beyond extended with the use what is intended since today all trading is of the term “electronic electronic to some degree. This commenter trading”. The was of the view that if the Proposed Instrument Instrument is intends to cover all trading, the extension of intended to cover any requirements to all “electronic trading” may trading that occurs as introduce additional and potentially conflicting a result of orders regulatory requirements. being electronically submitted to a marketplace by a marketplace participant or by a client to which a participant dealer provides marketplace access. Definition of “portfolio manager” Some commenters requested clarification as to Section 2 of the what is meant by “portfolio manager” and Instrument states that 13
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary specifically whether this definition is intended to a term defined in correspond with the existing registration National Instrument requirements as set out in NI 31-103. 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31- 103), such as “portfolio manager”, is to have the respective Other definitions meaning ascribed to it in NI 31-103. One commenter requested a definition of “eligible registrant”. We do not think that adding this definition would improve the Instrument. 3. Risk Management and Supervisory General Controls, Policies and Procedures
A couple of commenters suggested that pre- The CSA are of the trade risk management controls should be view that a placed at the marketplace level. It was also marketplace argued that a uniform adoption of pre-trade risk participant should controls across marketplaces would decrease bear primary costs to participant dealers. Other commenters responsibility for supported pre- and post-trade controls. ensuring that the risks of its business are reasonably and effectively controlled and monitored. However, we also think that marketplaces also have some responsibility to manage risks to the market and therefore the Instrument requires marketplaces to assess whether they need to implement any controls, policies and procedures to appropriately address the risks arising from Another commenter suggested that the type of electronic marketplaces should have the ability to provide trading that takes the supervisory and risk management controls, place on its platform. policies and procedures. We have clarified in the Companion Policy
14
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary that third parties, including marketplaces, can provide supervisory and risk management controls, policies and procedures as long as the marketplace participant directly and exclusively controls the setting and adjusting of these controls. In addition, no person or company, subject to A commenter noted, based on its U.S. limited exceptions, experience, that pre-trade risk management may set and adjust systems are expensive to acquire and maintain these controls other and the costs would be difficult for smaller than the marketplace participant dealers to absorb. Another participant. commenter advocated minimizing required pre- trade controls due to cost, complexity and We note that the latency without an equivalent risk reduction and Instrument provides asked the CSA to clarify which controls are flexibility, enabling required pre-trade. third party providers, including marketplaces, to offer pre-trade controls. One commenter, while in favour of the focus on We think that pre- controls, policies and procedures, was of the trade controls are view that these requirements would be more critical to addressing appropriately set out as guidance. the risks of electronic trading.
We are of the view that the requirements pertaining to controls, policies and procedures are the minimum that are expected for a marketplace Some commenters also suggested that the participant to properly focus of the Proposed Instrument on the manage its risks. We executing broker should be changed to include do not think that it is the monitoring of intraday credit calculations appropriate to set this and the clearing broker who ultimately bears the framework in credit risk. guidance. The Companion Policy clarifies that the Instrument is meant to address the risks associated with electronic trading on a marketplace and
15
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary that a key focus of the Instrument is on the gate keeping function of the executing broker. We note that a clearing broker also bears financial and regulatory risks associated with providing clearing services and that this broker must manage Another commenter suggested that some the risks associated clients will need to choose between registering with its business in as dealers or accepting additional filters on their accordance with flow which will increase latency to their trading prudent business and that if these clients register as dealers, they practices under NI 31-103. would only be held to the minimum standards of IIROC oversight and would no longer be backed We agree that it is up by the capital of large financial institutions which to each client to would increase the damage done to our determine if markets in the event of a system failure. registering as an investment dealer suits its business model better than maintaining its current status under the requirements of the Instrument. We note Another commenter wanted clarity as to that registration and whether the executing dealer or the clearing IIROC membership dealer would be responsible for pre-trade risk requirements would controls, post-trade monitoring and capital and attach to clients that credit limit assignment. become investment dealers.
“Ensure” standard Some commenters cited concern with the wording of several provisions of this section that require that a marketplace participant “ensure” certain actions will or will not occur and certain commenters (1) A marketplace participant must: appropriate that the proposed policies and (a) establish, maintain and ensure procedures be designed to “reasonably ensure” compliance with appropriate risk that regulatory requirements will be met. management and supervisory controls, policies and procedures that are reasonably designed to manage, in 3(1)(a) accordance with prudent business Further clarification was requested from certain practices, the financial, regulatory and commenters on the types of dealer trading other risks associated with marketplace checks and thresholds that is envisioned access or providing clients with direct including: electronic access; •
The Instrument contemplates that it is the executing dealer that is responsible for pre-trade risk controls and post-trade monitoring and capital and credit limit suggested that it is more assignment. We have revised the Instrument in certain instances to require a marketplace participant to have controls reasonably designed to ensure certain actions will or will not occur. the expectation on strategy-based 16
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary (b) record the policies and procedures capital adequacy; and required by paragraph (a) and maintain • whether a per-order check is the a description of its risk management minimum standard requested. Subsection 3(3) sets and supervisory controls in written form. out the minimum requirements for the risk management and supervisory controls, policies and procedures required in subsection 3(1). Several commenters advocated different Marketplace requirements for a marketplace participant and participants are for a client to which a participant dealer provided with provides access to a marketplace. flexibility in determining how to meet these minimum
As well, one commenter suggested that the requirements. CSA set a minimum standard for capital and We think that the capabilities. risks of electronic trading apply in both circumstances and therefore have imposed common requirements.
We are of the view that a one-size-fits-all approach with respect to standards for capital and capabilities would not best serve our markets. We think that principles based standards provide a marketplace
One commenter also recommended that any pre-trade credit and capital risk controls be applied to the specific client relationship and not be aggregated across business lines, asset classes and executing dealers as this would be impractical and cost prohibitive. Another commenter states that it is not feasible or effective to apply real-time capital or credit limits to all market access at a participant dealer and that such cross-trading system controls would be expensive. Another commenter asked for guidance about the calculation of credit and capital limits across asset classes.
17
participant with greater flexibility in setting limits that are appropriate to its business model and risk tolerance. This approach is also in line with current global standards. We note that a participant dealer should be aware of its total exposure that is created by trading, particularly when a client’s trading includes accessing a marketplace directly. Therefore, it is necessary for the pre-
Text of Proposed Provisions (2) The risk management and supervisory controls, policies and procedures required in subsection (1) must be designed to ensure all orders are monitored and include One commenter pointed out that trades arising from delivery against payment or receipt- against-payment are reviewed post trade and do not lend themselves to pre-trade credit reviews. This commenter also noted that the systems in place now at many marketplace (a) automated pre-trade controls; and participants for credit risk management of retail order flow are not in place for institutional DAP/RAP flow and this has caused the Securities and Exchange Commission (SEC) to delay implementation of this requirement in the United States.
3(2)(a) participants to meet the requirements of One commenter wanted further clarification as the Instrument is to what is meant by “automated” and adequate. We questioned whether it is meant that each order continue to be of the is checked before it reaches the marketplace. view that pre-trade checks for all (b) regular post-trade monitoring. marketplace participants are important tools in addressing the risks of electronic trading.
3(2)(b) One commenter wanted further clarification as to what is meant by “regular” post-trade monitoring and questioned whether it is an end (3) The risk management and supervisory controls, policies and procedures required in of day or next day check to ensure the client is subsection (1) must within the set credit limit. (a) systematically limit the financial exposure of the marketplace participant, including:
(i) preventing the entry of one or 18
CSA Response to Summary of Comments Comments and Additional CSA Commentary trade credit and capital risk controls to systematically limit a marketplace participant’s financial exposure, for example across business lines and asset classes. We note that this is also required by the SEC’s Rule 15c3-5 Risk Management Controls for Brokers or Dealers with Market Access and that guidance regarding the setting of credit and capital limits is provided in the Companion Policy. We expect that the implementation period provided for marketplace
“Automated” means that the function is not conducted manually. Due to the high speed and volume at which orders are entered, it is expected that pre-trade controls must be automated if these checks are to be done effectively and efficiently.
Text of Proposed Provisions more orders that would result in exceeding appropriate pre- determined credit or capital thresholds for the marketplace participant and, if applicable, its DEA client; (ii) preventing the entry of one or more orders that exceed appropriate price or size parameters; (b) ensure compliance with applicable marketplace and regulatory requirements, including: (i) preventing the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre- order entry basis;
(ii) limiting the entry of orders to securities that a marketplace participant or, if applicable, its DEA client, is authorized to trade;
(iii) restricting access to trading on a marketplace to persons authorized by the marketplace 3(3)(b)(i) participant; One commenter expressed concern regarding the requirement to comply with all marketplace (iv) ensuring that the compliance requirements that must be satisfied on a pre- staff of the marketplace order basis and wanted to know what safety participant receives immediate checks will be in place to ensure pre-order entry order and trade information, requirements imposed by marketplaces will be including, without limitation, execution reports, resulting reasonable. from orders sent by the marketplace participant or, if applicable, its DEA client, to a marketplace;
(c) enable the marketplace participant to All marketplace immediately stop or cancel one or more requirements and orders entered by the marketplace amendments thereto participant or, if applicable, its DEA are submitted to the client; marketplace’s securities regulators (d) enable the marketplace participant to for review. immediately suspend or terminate any 3(3)(b)(iv) direct electronic access granted to a Two commenters suggested that the proposed DEA client; and obligation to ensure that compliance staff of the marketplace participant receive immediate order (e) ensure that the entry of orders does not and trade information is unduly burdensome interfere with fair and orderly markets.
19
CSA Response to Summary of Comments Comments and Additional CSA Commentary It is expected that the regularity of post trade monitoring will be conducted commensurate with the marketplace participant’s determination of the risks posed to its operations by the order flow it is handling. At a minimum, an end of day check would be expected.
Text of Proposed Provisions and that the CSA should consider requiring that such compliance staff as needed or upon request. (4) The risk management and supervisory controls, policies and procedures established pursuant to this section, including those provided by a third party, must be under the direct and exclusive control of the marketplace participant, subject to section 4 below. (5) A third party that provides risk management and supervisory controls, policies and procedures to a marketplace participant must be independent from each DEA client of that marketplace participant.
3(4) supervisory controls. Some commenters asked for further clarification about the requirement for “control”, including whether it refers only to control over filter parameters or to physical location or ownership.
3(5) Some commenters pointed out that this section is similar to a limitation under the SEC’s Rule 15c3-5 but that under U.S. securities laws, broker-dealers are not included in the definition of “customer” whereas under IIROC’s rules, orders Therefore, unlike Rule 15c3-5 adopted by the SEC, the Proposed Instrument could be read to prohibit a marketplace participant that provides direct marketplace access to an affiliated (6) A marketplace participant must: broker-dealer from using the risk management controls, policies or procedures developed by (a) regularly assess and document the the marketplace participant or an affiliate which adequacy and effectiveness of its risk these commenters believe is unnecessarily management and supervisory controls, restrictive. policies and procedures; and (b) document and promptly remedy any
CSA Response to Summary of Comments Comments and Additional CSA Commentary information be made available to We are of the understanding that the provision of drop copies, which are near real-time, is not unduly burdensome to send or receive. Immediate order and trade information can be a useful tool in enabling a marketplace participant to implement and monitor the effectiveness of its risk management and
We have amended the requirement in the Instrument and clarified in the Companion Policy that we are referring from dealers are “client orders”. to the setting and adjustment of risk management and supervisory controls, policies and procedures. We have revised the Instrument to allow affiliates of the participant dealer that are also clients of the 20
Text of Proposed Provisions deficiencies. (7) Where a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must: Other commenters requested further guidance on requirements for the “independence” of a third party from a client of a marketplace participant that accesses a marketplace directly through access provided by the marketplace participant. Also, commenters asked what degree of assistance a vendor can provide to its client regarding “direct and exclusive control”.
(a) regularly assess and document the adequacy and effectiveness of the third party’s relevant risk management and supervisory controls, policies and procedures; and (b) document any deficiencies and ensure that the deficiencies are promptly remedied. Concern was expressed with respect to the inability of clients to use their own superior systems and technology and a commenter indicated that it was unreasonable to allow third party software and technology to be used to the exclusion of a client’s or its affiliate’s own better systems.
3(7)(a) One commenter wanted further details as to how the CSA would expect a dealer to
21
CSA Response to Summary of Comments Comments and Additional CSA Commentary participant dealer with marketplace access provided by the participant dealer to provide risk management controls, policies or procedures to the participant dealer. However, we note that the participant dealer must directly and exclusively control the setting and adjustment of these controls, policies or procedures. In addition, no person or company, other than the marketplace participant may set or adjust its controls, policies and procedures.
An independent third party is an entity that is not an affiliate, and is otherwise independent of a client. We have revised the Instrument to clarify that only the marketplace participant may set or adjust the controls, policies or procedures, including those provided by third parties.
We are of the view that technology developed independently from
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary reasonably assess the effectiveness of another clients would assist dealer’s systems and processes beyond the participant dealer allocation by contract. in tailoring the controls to its specific needs and ensuring the sufficiency of these controls. As well, there may be a reduction in the effectiveness of these controls if the entities that will be monitored by these controls also develop them.
4. Allocation of Control over Risk A number of commenters supported these Management and Supervisory proposed requirements. Controls, Policies and Procedures A participant dealer may reasonably allocate control over specific risk management and supervisory controls, policies and procedures required under subsection 3(1) to an investment dealer if: (a) the participant dealer has a reasonable basis for determining that such investment One commenter was of the view that these dealer, based on its relationship with the requirements should be drafted on a principles ultimate client, has better access to basis since these requirements are significantly information relating to the ultimate client burdensome, especially in light of the fact that than the participant dealer such that the both parties would be regulated and the investment dealer can more effectively implement the controls, policies and executing party regularly undergoes trading procedures; desk reviews by the Investment Industry Regulatory Organization of Canada (IIROC). (b) a description of the allocation of control over specific risk management and supervisory controls, policies and procedures is set out in a written agreement between the participant dealer and investment dealer; (c) the participant dealer assesses and documents the adequacy and Another commenter espoused the view that the
Among other possibilities, a marketplace participant can use a third party to determine the effectiveness of another dealer’s systems or monitor the performance of the system during regular use. We agree with the commenters that expressed the view that these requirements will provide a reasonable approach to the allocation of risk management and supervisory controls. We are of the view that in order to adequately address the risks of electronic trading, these specific minimum standards must be met. If these requirements were instead placed in guidance, we note that Canada would have a lower standard than in the U.S. with respect to electronic trading thus possibly causing 22
Text of Proposed Provisions effectiveness of the investment dealer’s proposed rule did not go far enough in risk management and supervisory permitting the allocation of risk management by controls, policies and procedures prior only limiting allocation to investment dealers. The CSA note that to allocating control; This commenter suggested that the proposed rule should recognize that any two regulated (d) the participant dealer broker dealers, whether regulated by the SEC (i) regularly assesses the or IIROC should be permitted to allocate risk adequacy and effectiveness of management tools between one another. the risk management and supervisory controls, policies and procedures over which One commenter requested clarification as to the control has been allocated to difference between “participant dealer” and the investment dealer; “investment dealer”. (ii) documents any deficiencies and ensures that the deficiencies are promptly remedied; and (e) the participant dealer provides the investment dealer with the immediate order and trade information of the DEA client that the participant dealer receives pursuant to subparagraph Another 3(3)(b)(iv). management and supervisory controls, policies and procedures may be allocated in a jitney arrangement.
5. Use of Automated Order Systems (1) The use of automated order systems by a 5(1) marketplace participant or any client, One commenter was of the view that the CSA including a DEA client, must not interfere should impose a “reasonableness” standard with fair and orderly markets. instead of the stricter standard of requiring automated order systems to not interfere with fair and orderly markets.
23
CSA Response to Summary of Comments Comments and Additional CSA Commentary regulatory arbitrage. the performance of risk management by an SEC regulated broker dealer would be outside of our jurisdiction and we would not be able to enforce this Instrument in that circumstance. A participant dealer is defined in the Instrument as a marketplace participant that is an investment dealer. An investment dealer is not necessarily commenter asked whether risk always a marketplace participant. Yes, the Companion Policy clarifies that in jitney, and other trading arrangements that involve multiple dealers, there may be certain controls that are better directed by the originating dealer because of its superior knowledge of the ultimate client.
We have revised the Instrument to require that a marketplace participant and any client take all reasonable steps to ensure that the use of automated order systems does not interfere with fair and
Text of Proposed Provisions (2) As part of the risk management and supervisory controls, policies and 5(2) procedures required under subsection 3(1), One commenter was of the view that more a marketplace participant must: specific requirements were needed to address the difference between the use of an off-the- (a) have the necessary knowledge and understanding of any automated order shelf product and an algorithm that uses code system used by the marketplace created by a client with marketplace access participant or any client, including a provided by the marketplace participant. DEA client, in order to identify and manage its risks associated with the use of the automated order system; (b) ensure that each automated order system is regularly, and at least annually, tested in accordance with prudent business practices; and (c) have controls in place to immediately and at any time disable the automated order system to prevent orders generated by the automated order system from reaching a marketplace. One commenter indicated that it is not appropriate for participant dealers to test the automated order systems of their clients and instead proposed that an independent third party solution be used or that a client be allowed to certify that their automated systems have been tested in accordance with a standard acceptable to IIROC and the CSA. Another commenter commented that it should be left up to dealers to determine whether it needs to be knowledgeable about a client’s automated order system. One other commenter thought that dealers should be able to rely on certifications from their clients because of the competitive sensitivity information.
We acknowledge that Another commenter noted that certain clients certain clients may may become marketplace participants if they become marketplace are unwilling to share details about their participants in order systems’ features and programming due to to avoid sharing confidentiality concerns. details of their automated order systems. Our view is that it is important for a marketplace participant to obtain sufficient information
24
CSA Response to Summary of Comments Comments and Additional CSA Commentary orderly markets. The Instrument requires that an automated order system be tested according to prudent business practices. Prudent business practices may require an algorithm developed by a person or company that does not have an extensive background in creating such products to undergo more detailed testing than an algorithm developed for commercial use by experts. Guidance in the Companion Policy states that a participant dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately of automated order system tested in accordance with prudent business practices.
Text of Proposed Provisions A final comment was that the CSA should be prepared to provide detailed guidance to participant dealers with respect to the minimum standards that will be expected of them. 12. Availability of Order and Trade Some commenters noted that it appears that Information these requirements reinforce current practices. requirement, Others remarked that these requirements, A marketplace must provide a marketplace especially if they are meant to go beyond participant with reasonable access to its order current practices, would be unduly burdensome. and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required in section 3.
14. Marketplace Controls Relating to Electronic Trading
14(1) (1) A marketplace must have the ability and While authority to terminate all or a portion of the marketplaces should have the ability and access provided to a marketplace participant or a DEA client. authority to terminate access provided to a marketplace participant or a client of a marketplace participant, one commenter was of the view that marketplaces lack the necessary analytics to assess whether termination is appropriate and that IIROC is in a better (2) A marketplace must: position to undertake this capability. (a) regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to One commenter suggested that the Proposed electronic trading, in addition to those Instrument may be too lenient on marketplaces controls that a marketplace participant and that is required to have pursuant to obligation to prevent the entry of erroneous subsection 3(1), and ensure that such orders in terms of specific size or price controls, policies and procedures are parameters with respect to its own marketplace. implemented in a timely manner; (b) regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented pursuant to paragraph (a); and
CSA Response to Summary of Comments Comments and Additional CSA Commentary in order to properly identify and manage its own risks. We have provided guidance in the Companion Policy and if considered necessary, will also provide a document outlining frequently asked questions regarding the Instrument. Under this a marketplace is to provide immediate or near real-time information, such as a drop copy.
most commenters agreed that We would expect marketplaces to act when they identify trading behaviour that is interfering with the fair and orderly functioning of their markets. We have clarified this in the Companion Policy. The Instrument requires marketplaces to marketplaces should have an assess if they require any additional controls, policies and procedures in addition to those instituted by their members or subscribers. As well, the Instrument requires marketplaces to 25
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary (c) document and promptly remedy any institute thresholds deficiencies identified in the controls, that assist in policies and procedures implemented mitigating volatility pursuant to paragraph (a). such as that witnessed during the One commenter suggested that we include an May 6, 2010 “flash additional requirement for marketplaces to crash”. provide cancel-on-disconnect functionality whereby when a participant’s filters are We are of the view triggered, it is able to disconnect and the that marketplaces marketplace will cancel all of its remaining may institute cancel-orders. This commenter noted that this on-disconnect functionality provides critical protection where functionality as they the participant’s system loses connectivity and it see fit under cannot immediately act to reduce its exposure. subsection 7(2) of the Instrument. We note that many marketplaces have already instituted this feature on their platforms and we are Companion Policy – Section 14 supportive of this One commenter was of the view that the CP action. guidance stating that a marketplace should be aware of the risk management and supervisory controls, policies and procedures of its The guidance states marketplace participants and assess if it needs that the marketplace to implement additional controls, policies and should be generally procedures to eliminate any risk management aware of the risk gaps and ensure the integrity of trading on its management and market is inappropriate as it requires the supervisory controls, marketplace to force each of its participants to policies and disclose the participant’s proprietary and procedures of its possibly confidential risk management and marketplace supervisory controls. This commenter further participants. This is stated that this burden is entirely unnecessary so marketplaces can given that IIROC and the CSA are best then better determine positioned to ensure that participating dealers if they need to are in compliance with risk management rules. implement additional controls, policies and procedures. It is not expected that marketplaces will have in-depth knowledge of such controls, policies and procedures. 15. Marketplace Thresholds The support for standardized marketplace We provided IIROC thresholds was mixed. While some with flexibility in (1) A marketplace must prevent the execution commenters agreed with using standardized determining the of orders for exchange-traded securities marketplace thresholds others did not believe in implementation of the exceeding price and volume thresholds set a one-size-fits-all approach and believed that marketplace by: 26
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary the thresholds should be left to the discretion of thresholds. (a) its regulation services provider; the marketplace. (b) the marketplace, if it is a recognized A commenter that did not agree with this exchange that directly monitors the proposed requirement indicated that limits on conduct of its members and enforces requirements set pursuant to volumes should be done at the dealer level subsection 7.1(1) of NI 23-101; or using order management systems given that it would be difficult to establish a common volume (c) the marketplace, if it is a recognized threshold for all types of clients and all types of quotation and trade reporting system securities. that directly monitors the conduct of its users and enforces requirements set One supporter of harmonized marketplace pursuant to subsection 7.3(1) of NI 23- thresholds indicated that the calculation 101. methodology and reference price used by the regulation services provider should be clear and that marketplaces should be allowed to maintain flexibility over the means of technical implementation of these thresholds.
Another distinguish between price band parameters (a percentage change in prices that causes restrictions on order entry or trading to allow a marketplace to review what is happening) and circuit breakers.
This commenter also indicated that it would support requirements for marketplaces to make their price band parameters transparent for users to better understand the differences between the various marketplaces. Another commenter indicated that industry participants will need to review a detailed (2) A recognized exchange, recognized thresholds proposal before being able to quotation and trade reporting system or regulation services provider setting a price properly assess the implications related to this threshold for an exchange-traded security requirement. under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and 15(2) regulation services providers setting a price One commenter noted that the price of an threshold under subsection (1) for that underlying security is only one of the factors exchange-traded security or a security that determine the price of a derivatives contract underlying that exchange-traded security. and that, as a result, a strict relationship between the price threshold for an underlying security and the derivative on that underlying security would not be practicable. One commenter urged the CSA to review the “coordination” language in this section to ensure that a derivative exchange has the flexibility to set appropriate thresholds.
commenter urged the CSA to
We agree and IIROC has published a proposal for the marketplace thresholds for public comment. We note the comment. We have reviewed the language and are satisfied that it provides a derivative exchange with the flexibility to set 27
Text of Proposed Provisions 16. Clearly Erroneous Trades Support for provision (1) A marketplace must have the capability to Most commenters supported these proposed cancel, vary or correct a trade. requirements while one commenter was of the view that this provision was inconsistent with the CSA’s proposed obligation on marketplaces to ensure a fair and orderly market and did not follow the approach taken in other jurisdictions. One commenter suggested that the CSA should consider whether it would be better to use a uniform approach regardless of whether a marketplace had retained a regulation services provider.
(2) If a marketplace has retained a regulation services providers services provider, the marketplace must not and recognized cancel, vary or correct a trade executed on exchanges and the marketplace unless: recognized quotation and trade reporting
(a) instructed to do so by its regulation services provider; (b) the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to its regulation services provider; or
(c) the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment in executing the trade, and permission to cancel, vary or correct has been obtained from its regulation services provider.
(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the 16(3) processes and parameters associated with One commenter suggested that the policies and a cancellation, variation or correction and procedures should be publicized and made must make such policies and procedures readily available by the applicable marketplace. publicly available.
28
CSA Response to Summary of Comments Comments and Additional CSA Commentary appropriate thresholds for its marketplace. Recognized exchanges and recognized quotation and trade reporting systems may conduct their own market regulation and determine the best method to maintain a fair and orderly marketplace. However, we would encourage regulation
systems to coordinate their approaches in dealing with erroneous trades.
We agree. The Instrument requires that a marketplace’s erroneous trade policies and procedures be made publicly available.
CSA Response to Text of Proposed Provisions Summary of Comments Comments and Additional CSA Commentary Effective Date/Implementation A number of commenters encouraged the CSA We have discussed to consult with industry when setting an implementation timing implementation date. with various market participants before Other commenters encouraged the CSA to setting the provide for a large implementation window to implementation date. take into account certain factors such as time The implementation for marketplaces to amend their subscriber or window is in line with participant agreements. Another commenter what we have been suggested a staged roll-out for the Proposed told would be the Instrument. length of time necessary for marketplace participants, participant dealers and marketplaces to prepare for compliance with the Instrument.
29
THE MANITOBA SECURITIES COMMISSION MSC Rule No. 2012-14 (Section 149.1, The Securities Act)
NATIONAL INSTRUMENT 23-103 ELECTRONIC TRADING TABLE OF CONTENTS PART TITLE PAGE PART 1 DEFINITIONS AND INTERPRETATION 1 PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE 1 PARTICIPANTS
PART 3 REQUIREMENTS APPLICABLE TO USE OF AUTOMATED ORDER 4 SYSTEMS
PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES 4 PART 5 EXEMPTION 6
THE MANITOBA SECURITIES COMMISSION MSC Rule No. 2012-14 (Section 149.1, The Securities Act)
PART 1 – DEFINITIONS AND INTERPRETATION Definitions 1. In this Instrument, "automated order system" means a system used to automatically generate or electronically transmit orders on a pre-determined basis;
"marketplace and regulatory requirements" means (a) the rules, policies, requirements or other similar instruments set by a marketplace respecting the method of trading by marketplace participants, including those related to order entry, the use of automated order systems, order types and features and the execution of trades;
(b) the applicable requirements in securities legislation; and (c) the applicable requirements set by a recognized exchange, a recognized quotation and trade reporting system or a regulation services provider under section 7.1, 7.3 or 8.2 of NI 23-101;
and "participant dealer" means a marketplace participant that is an investment dealer. Interpretation 2. A term that is defined or interpreted in National Instrument 21-101 Marketplace Operation, or National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations has, if used in this Instrument, the meaning ascribed to it in National Instrument 21-101 or National Instrument 31-103.
PART 2 – REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS Risk management and supervisory controls, policies and procedures 3(1) A marketplace participant must (a) establish, maintain and ensure compliance with risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access or providing clients with access to a marketplace; and
(b) record the policies and procedures required under paragraph (a) and maintain a description of the marketplace participant’s risk management and supervisory controls in written form.
- 2 - 3(2) The risk management and supervisory controls, policies and procedures required under subsection 3(1) must be reasonably designed to ensure that all orders are monitored and for greater certainty, include
(a) automated pre-trade controls, and (b) regular post-trade monitoring. 3(3) The risk management and supervisory controls, policies and procedures required in subsection 3(1) must be reasonably designed to
(a) systematically limit the financial exposure of the marketplace participant, including, for greater certainty, preventing
(i) the entry of one or more orders that would result in exceeding pre-determined credit or capital thresholds for the marketplace participant and, if applicable, its client with marketplace access provided by the marketplace participant,
(ii) the entry of one or more orders that exceed pre-determined price or size parameters; (b) ensure compliance with marketplace and regulatory requirements, including, for greater certainty, (i) preventing the entry of orders that do not comply with marketplace and regulatory requirements that must be satisfied on a pre-order entry basis;
(ii) limiting the entry of orders to those securities that a marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, is authorized to trade;
(iii) restricting access to trading on a marketplace to persons authorized by the marketplace participant; and
(iv) ensuring that the compliance staff of the marketplace participant receives immediate order and trade information, including, for greater certainty, execution reports, resulting from orders sent by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;
(c) enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;
(d) enable the marketplace participant to immediately suspend or terminate any access to a marketplace granted to a client with marketplace access provided by the marketplace participant; and
(e) ensure that the entry of orders does not interfere with fair and orderly markets. 3(4) A third party that provides risk management and supervisory controls, policies or procedures to a marketplace participant must be independent from each client with marketplace access provided by the marketplace participant, except if the client is an affiliate of the marketplace participant.
3(5) A marketplace participant must directly and exclusively set and adjust the risk management and supervisory controls, policies and procedures required under this section, including those provided by third parties.
- 3 - 3(6) A marketplace participant must (a) regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures; and
(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and promptly remedy the deficiency.
3(7) If a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must
(a) regularly assess and document the adequacy and effectiveness of the third party’s relevant risk management and supervisory controls, policies and procedures; and
(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and ensure the deficiency is promptly remedied.
Authorization to set or adjust risk management and supervisory controls, policies and procedures 4. Despite subsection 3(5), a participant dealer may, on a reasonable basis, authorize an investment dealer to perform, on the participant dealer’s behalf, the setting or adjusting of a specific risk management or supervisory control, policy or procedure required under subsection 3(1) if
(a) the participant dealer has a reasonable basis for determining that the investment dealer, based on the investment dealer’s relationship with the ultimate client, has better access to information relating to the ultimate client than the participant dealer such that the investment dealer can more effectively set or adjust the control, policy or procedure;
(b) a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the specific risk management or supervisory control, policy or procedure are set out in a written agreement between the participant dealer and investment dealer;
(c) before authorizing the investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure, the participant dealer assesses and documents the adequacy and effectiveness of the investment dealer’s setting or adjusting of the risk management or supervisory control, policy or procedure;
(d) the participant dealer (i) regularly assesses the adequacy and effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure by the investment dealer, and
(ii) documents any deficiencies in the adequacy or effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure and ensures that the deficiencies are promptly remedied, and
(e) the participant dealer provides the investment dealer with the immediate order and trade information of the ultimate client that the participant dealer receives under subparagraph 3(3)(b)(iv).
- 4 - PART 3 – REQUIREMENTS APPLICABLE TO USE OF AUTOMATED ORDER SYSTEMS Use of automated order systems 5(1) A marketplace participant must take all reasonable steps to ensure that its use of an automated order system or the use of an automated order system by any client, does not interfere with fair and orderly markets.
5(2) A client of a marketplace participant must take all reasonable steps to ensure that its use of an automated order system does not interfere with fair and orderly markets.
5(3) For the purpose of the risk management and supervisory controls, policies and procedures required under subsection 3(1), a marketplace participant must
(a) have a level of knowledge and understanding of any automated order system used by the marketplace participant or any client that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system,
(b) ensure that every automated order system used by the marketplace participant or any client is tested in accordance with prudent business practices initially before use and at least annually thereafter, and
(c) have controls in place to immediately (i) disable an automated order system used by the marketplace participant, and (ii) prevent orders generated by an automated order system used by the marketplace participant or any client from reaching a marketplace.
PART 4 – REQUIREMENTS APPLICABLE TO MARKETPLACES Availability of order and trade information 6(1) A marketplace must provide a marketplace participant with access to its order and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required under section 3.
6(2) A marketplace must provide a marketplace participant access to its order and trade information referenced in subsection (1) on reasonable terms.
Marketplace controls relating to electronic trading 7(1) A marketplace must not provide access to a marketplace participant unless it has the ability and authority to terminate all or a portion of the access provided to the marketplace participant.
7(2) A marketplace must (a) regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to those controls that a marketplace participant is required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner;
- 5 - (b) regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented under paragraph (a);and
(c) document and promptly remedy any deficiencies in the adequacy or effectiveness of the controls, policies and procedures implemented under paragraph (a).
Marketplace thresholds 8(1) A marketplace must not permit the execution of orders for exchange-traded securities to exceed the price and volume thresholds set by
(a) its regulation services provider; (b) the marketplace, if it is a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or
(c) the marketplace, if it is a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces the requirements set under subsection 7.3(1) of NI 23-101.
8(2) A recognized exchange, recognized quotation and trade reporting system or regulation services provider setting a price threshold for an exchange-traded security under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and regulation services providers setting a price threshold under subsection (1) for the exchange-traded security or a security underlying the exchange-traded security.
Clearly erroneous trades 9(1) A marketplace must not provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by the marketplace participant.
9(2) If a marketplace has retained a regulation services provider, the marketplace must not cancel, vary or correct a trade executed on the marketplace unless
(a) instructed to do so by its regulation services provider; (b) the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to the marketplace’s regulation services provider; or
(c) the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment, or caused by an individual acting on behalf of the marketplace, and the consent to cancel, vary or correct has been obtained from the marketplace’s regulation services provider.
9(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the processes and parameters associated with a cancellation, variation or correction and must make such policies and procedures publicly available.
- 6 - PART 5 – EXEMPTION AND EFFECTIVE DATE Exemption 10(1) The regulator or the securities regulatory authority may grant an exemption from this Instrument, in whole or in part, subject to such conditions or restrictions as may be imposed in the exemption.
10(2) Despite subsection (1), in Ontario, only the regulator may grant such an exemption. 10(3) Except in Ontario, an exemption referred to in subsection (1) is granted under the statute referred to in Appendix B of National Instrument 14-101 Definitions opposite the name of the local jurisdiction.
Effective date 11. This Instrument comes into force on March 1, 2013. Citation 12. This Instrument may be cited as MSC Rule 2012-14.
COMPANION POLICY 23-103CP ELECTRONIC TRADING
Table of Contents PART TITLE PART 1 GENERAL COMMENTS PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS PART 3 REQUIREMENTS APPLICABLE TO USE OF AUTOMATED ORDER SYSTEMS PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES
PART 1 GENERAL COMMENTS 1.1 Introduction (1) Purpose of National Instrument 23-103 The purpose of National Instrument 23-103 Electronic Trading (NI 23-103) is to address areas of concern and risks brought about by electronic trading. The increased speed and automation of trading on marketplaces give rise to various risks, including credit risk and market integrity risk. To protect marketplace participants from harm and to ensure continuing market integrity, these risks need to be reasonably and effectively controlled and monitored.
In the view of the Canadian Securities Administrators (CSA or we), marketplace participants should bear primary responsibility for ensuring that these risks are reasonably and effectively controlled and monitored. This responsibility applies to orders that are entered electronically by the marketplace participant itself, as well as orders from clients using the participant dealer’s marketplace participant identifier.
This responsibility includes both financial and regulatory obligations. This view is premised on the fact that it is the marketplace participant that makes the decision to engage in trading or provide marketplace access to a client. However, the marketplaces also have some responsibilities to manage risks to the market.
NI 23-103 is meant to address risks associated with electronic trading on a marketplace with a key focus on the gatekeeping function of the executing broker. However, a clearing broker also bears financial and regulatory risks associated with providing clearing services. Under National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103) a dealer must manage the risks associated with its business in accordance with prudent business practices. As part of that obligation, we expect a clearing dealer to have in place effective systems and controls to properly manage its risks.
(2) Scope of NI 23-103 NI 23-103 applies to the electronic trading of securities on marketplaces. In Alberta and British Columbia, the term “security” when used in NI 23-103 includes an option that is an exchange contract but does not include a futures contract. In Ontario, the term “security” when used in NI 23-103, does not include a commodity futures contract or a commodity futures option that is not traded on a commodity futures exchange registered with or recognized by the Commission under the Commodity Futures Act or the form of which is not accepted by the Director under the Commodity Futures Act. In Québec, the term “security” when used in NI 23-103, includes a standardized derivative as this notion is defined in the Derivatives Act.
(3) Purpose of Companion Policy This Companion Policy sets out how the CSA interpret or apply the provisions of NI 23-103 and related securities legislation. Except for Part 1, the numbering of Parts and sections in this Companion Policy correspond to the numbering in NI 23-103. Any general guidance for a Part appears immediately after the Part name. Any specific guidance on sections in NI 23-103 follows any general guidance. If there is no guidance for a Part or section, the numbering in this Companion Policy will skip to the next provision that does have guidance.
All references in this Companion Policy to Parts and sections are to NI 23-103, unless otherwise noted. 1.2 Definitions Unless defined in NI 23-103, terms used in NI 23-103 and in this Companion Policy have the meaning given to them in the securities legislation of each jurisdiction, in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation (NI 21-101), or NI 31-103.
1
(1) Automated order systems Automated order systems encompass both hardware and software used to generate or electronically transmit orders on a predetermined basis and would include smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed or used by clients.
PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS 3. Risk management and supervisory controls, policies and procedures (1) National Instrument 31-103 requirements For marketplace participants that are registered firms, section 11.1 of NI 31-103 requires the registered firm to establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to: (a) provide reasonable assurance that the registered firm and each individual acting on its behalf complies with securities legislation; and (b) manage the risks associated with its business in accordance with prudent business practices. Section 3 of NI 23-103 builds on the obligations outlined in section 11.1 of NI 31-103. The CSA have included requirements in NI 23-103 for all marketplace participants that conduct trading on a marketplace to have risk management and supervisory controls, policies and procedures that are reasonably designed to manage their risks in accordance with prudent business practices. What would be considered to be “reasonably designed” in this context is tied to the risks associated with electronic trading that the marketplace participant is willing to bear and what is necessary to manage that risk in accordance with prudent business practices.
These requirements provide greater specificity with respect to the expectations surrounding controls, policies and procedures relating to electronic trading. The requirements apply to all marketplace participants, not just those that are registered firms.
(2) Documentation of risk management and supervisory controls, policies and procedures Paragraph 3(1)(b) requires a marketplace participant to record its policies and procedures and maintain a copy of its risk management and supervisory controls in written form. This includes a narrative description of any electronic controls implemented by the marketplace participant as well as their functions.
We note that the risk management and supervisory controls, policies and procedures related to the trading of unlisted, government and corporate debt may not be the same as those related to the trading of equity securities due to the differences in the nature of trading of these types of securities. Different marketplace models such as a request for quote, negotiation system, or continuous auction market may require different risk management and supervisory controls, policies and procedures in order to appropriately address the varying levels of diverse risks these different marketplace models can pose to our markets.
A registered firm’s obligation to maintain its risk management and supervisory controls in written form under paragraph 3(1)(b) includes retaining these documents and builds on a registered firm’s obligation in NI 31-103 to retain its books and records. We expect a non-registered marketplace participant to retain these documents as part of its obligation under paragraph 3(1)(b) to maintain a description of its risk management and supervisory controls in written form.
(3) Clients that also maintain risk management controls We are aware that a client that is not a registered dealer may maintain its own risk management controls. However, part of the intent of NI 23-103’s risk management and supervisory controls, policies and procedures is to require a participant dealer to manage its risks associated with electronic trading and to protect the participant dealer under whose marketplace participant identifier an order is being entered. Consequently, a participant dealer must maintain reasonably designed risk management and supervisory controls, policies and procedures regardless of whether its clients maintain their own controls. It is not appropriate for a participant dealer to rely on a client’s risk management controls, as the participant dealer would not be able to ensure the sufficiency of the client’s controls, nor would the controls be tailored to the particular needs of the participant dealer.
(4) Minimum risk management and supervisory controls, policies and procedures Subsection 3(2) sets out the minimum elements of the risk management and supervisory controls, policies and procedures that must be addressed and documented by each marketplace participant. Automated pre-trade controls include an examination of the order before it is entered on a marketplace and the monitoring of entered orders whether executed or not. The marketplace participant should assess, document and implement any additional risk management and supervisory controls, policies and procedures that it determines are necessary to manage the marketplace participant’s financial exposure and to ensure compliance with applicable marketplace and regulatory requirements.
With respect to regular post-trade monitoring, it is expected that the regularity of this monitoring will be conducted commensurate with the marketplace participant’s determination of the order flow it is handling. At a minimum, an end of day check is expected.
(5) Pre-determined credit or capital thresholds
2
A marketplace participant can establish pre-determined credit thresholds by setting lending limits for a client and establish predetermined capital thresholds by setting limits on the financial exposure that can be created by orders entered or executed on a marketplace under its marketplace participant identifier. The pre-determined credit or capital thresholds referenced in paragraph 3(3)(a) may be set based on different criteria, such as per order, trade account or other criteria, including overall trading strategy, or using a combination of these factors as required in the circumstances.
For example, a participant dealer that sets a credit limit for a client with marketplace access provided by the participant dealer could impose that credit limit by setting sub-limits applied at each marketplace to which the participant dealer provides access that together equal the total credit limit. A participant dealer may also consider whether to establish credit or capital thresholds based on sector, security or other relevant factors. In order to address the financial exposure that might result from rapid order entry, a participant dealer may also consider measuring compliance with set credit or capital thresholds on the basis of orders entered rather than executions obtained.
We note that different thresholds may be set for the marketplace participant’s own order flow (including both proprietary and client order flow) and that of a client with marketplace access provided by the marketplace participant, if appropriate.
(6) Compliance with applicable marketplace and regulatory requirements The CSA expect marketplace participants to prevent the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-trade basis where possible. Specifically, marketplace and regulatory requirements that must be satisfied on a pre-order entry basis are those requirements that can effectively be complied with only before an order is entered on a marketplace, including: (i) conditions that must be satisfied under National Instrument 23-101 Trading Rules (NI 23-101) before an order can be marked a “directed-action order”, (ii) marketplace requirements applicable to particular order types and (iii) compliance with trading halts. This requirement does not impose new substantive regulatory requirements on the marketplace participant. Rather it establishes that marketplace participants must have appropriate mechanisms in place that are reasonably designed to effectively comply with their existing regulatory obligations on a pre-trade basis in an automated, high-speed trading environment.
(7) Order and trade information Subparagraph 3(3)(b)(iv) requires the risk management and supervisory controls, policies and procedures to be reasonably designed to ensure that the compliance staff of the marketplace participant receives immediate order and trade information. This will require the marketplace participant to ensure that it has the capability to view trading information in real-time or to receive immediate order and trade information from the marketplace, such as through a drop copy.
This requirement will help the marketplace participant fulfill its obligations under subsection 3(1) with respect to establishing and implementing reasonably designed risk management and supervisory controls, policies and procedures that manage its risks associated with access to marketplaces.
This provision does not prescribe that a marketplace participant carry out compliance monitoring in real-time. There are instances however, when automated, real-time monitoring should be considered, such as when an automated order system is used to generate orders. It is up to the marketplace participant to determine, based on the risk that the order flow poses to the marketplace participant, the appropriate timing for compliance monitoring. However, our view is that it is important that a marketplace participant have the necessary tools in place to facilitate order and trade monitoring as part of the marketplace participant’s risk management and supervisory controls, policies and procedures.
(8) Direct and exclusive control over setting and adjusting of risk management and supervisory controls, policies and procedures
Subsection 3(5) specifies that a marketplace participant must directly and exclusively set and adjust its risk management and supervisory controls, policies and procedures. With respect to exclusive control, we expect that no person or company, other than the marketplace participant, will be able to set and adjust the controls, policies and procedures. With respect to direct control, a marketplace participant must not rely on a third party in order to perform the actual setting and adjusting of its controls, policies and procedures.
A marketplace participant can use technology of third parties, including that of marketplaces, as long as the marketplace participant, whether a registered dealer or institutional investor, is able to directly and exclusively set and adjust its supervisory and risk management controls, policies and procedures.
Section 4 provides a limited exception to the requirement in subsection 3(5) in that a participant dealer may , on a reasonable basis, and subject to other requirements, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on behalf of the participant dealer.
3
(9) Risk management and supervisory controls, policies and procedures provided by an independent third party Under subsection 3(4), a third party providing risk management and supervisory controls, policies or procedures to a marketplace participant must be independent of any client of the marketplace participant. However, an entity affiliated with a participant dealer that is also a client of the participant dealer may provide supervisory and risk management controls to the participant dealer. In all instances, the participant dealer must directly and exclusively set and adjust its supervisory and risk management controls.
Paragraph 3(7)(a) requires that a marketplace participant must regularly assess and document whether the risk management and supervisory controls, policies and procedures of the third party are effective and otherwise consistent with the provisions of NI 23-103 before engaging such services. Reliance on representations of a third party provider is insufficient to meet this assessment requirement. The CSA expect registered firms to be responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements, Exemptions and Ongoing Registrant Obligations.
(10) Regular assessment of risk management controls and supervisory policies and procedures Subsection 3(6) requires a marketplace participant to regularly assess and document the adequacy and effectiveness of the controls, policies and procedures it is required to establish under subsection 3(1). Under subsection 3(7), the same assessment requirement also applies if a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures. A “regular” assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies and procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.
A marketplace participant that is a registered firm is expected to retain the documentation of each such assessment as part of its obligation to maintain books and records in NI 31-103.
4. Authorization to set or adjust risk management and supervisory controls, policies and procedures Section 4 is intended to address introducing (originating) and carrying (executing) arrangements or jitney arrangements that involve multiple dealers. In such arrangements, there may be certain controls that are better directed by the originating dealer, since it is the originating dealer that has knowledge of its client and is responsible for suitability and other “know your client” obligations. However, the executing dealer must also have reasonable controls in place to manage the risks it incurs by executing orders for other dealers.
Therefore, section 4 provides that a participant dealer may, on a reasonable basis, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on the participant dealer’s behalf by written contract and after a thorough assessment. Our view is that where the originating investment dealer with the direct relationship with the ultimate client has better access than the participant dealer to information relating to the ultimate client, the originating investment dealer may more effectively assess the ultimate client’s financial resources and investment objectives.
We also expect that the participant dealer will maintain a written contract with the investment dealer that sets out a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the control, policy or procedure as part of its books and records obligations set out in NI 31-103.
Paragraph 4(d) requires a participant dealer to regularly assess the adequacy and effectiveness of the investment dealer’s setting or adjusting of the risk management and supervisory controls, policies and procedures that it performs on the participant dealer’s behalf. We expect that this will include an assessment of the performance of the investment dealer under the written agreement prescribed in paragraph 4(b). A “regular” assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies or procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.
Under paragraph 4(e), the participant dealer must provide the compliance staff of the originating investment dealer with immediate order and trade information of the ultimate client. This is to allow the originating investment dealer to monitor trading more effectively and efficiently.
Authorizing an investment dealer to set or adjust a risk management or supervisory control, policy or procedure does not relieve the participant dealer of its obligations under section 3, including the overall responsibility to establish, document, maintain and ensure compliance with risk management and supervisory controls, policies and procedures reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access.
4
PART 3 REQUIREMENTS APPLICABLE TO THE USE OF AUTOMATED ORDER SYSTEMS 5. Use of automated order systems Section 5 stipulates that a marketplace participant or any client must take all reasonable steps to ensure that its use of automated order systems does not interfere with fair and orderly markets. A marketplace participant must also take all reasonable steps to ensure that the use of an automated order system by a client does not interfere with fair and orderly markets. This includes both the fair and orderly trading on a marketplace or the market as a whole and the proper functioning of a marketplace. For example, the sending of a continuous stream of orders that negatively impacts the price of a security or that overloads the systems of a marketplace may be considered as interfering with fair and orderly markets.
Paragraph 5(3)(a) requires a marketplace participant to have a level of knowledge and understanding of any automated order systems used by either the marketplace participant or the marketplace participant’s clients that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system. We understand that detailed information of automated order systems may be treated as proprietary information by some clients or third party service providers; however, the CSA expect that the marketplace participant will be able to obtain sufficient information in order to properly identify and manage its own risks.
Paragraph 5(3)(b) requires that each automated order system is tested in accordance with prudent business practices. A participating dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately tested. Testing an automated order system in accordance with prudent business practices includes testing it before its initial use and at least annually thereafter. We would also expect that testing would also occur after any significant change to the automated order system is made.
PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES 6. Availability of order and trade information (1) Reasonable access Subsection 6(1) is designed to ensure that a marketplace participant has immediate access to the marketplace participant’s order and trade information when needed. Subsection 6(2) will help ensure that the marketplace does not have any rules, polices, procedures, fees or practices that would unreasonably create barriers to the marketplace participant in accessing this information.
This obligation is distinct from the requirement for marketplaces to disseminate order and trade information through an information processor under Parts 7 and 8 of NI 21-101. The information to be provided pursuant to section 6 would need to include the private information included on each order and trade in addition to the public information disseminated through an information processor.
(2) Immediate order and trade information For the purposes of providing access to order and trade information on an immediate basis, we consider a marketplace’s provision of this information by a drop copy to be acceptable.
7. Marketplace controls relating to electronic trading (1) Termination of marketplace access Subsection 7(1) requires a marketplace to have the ability and authority to terminate all or a portion of the access provided to a marketplace participant before providing access to that marketplace participant. This requirement also includes the authority of a marketplace to terminate access provided to a client that is using a participant dealer’s marketplace participant identifier to access the marketplace. We expect a marketplace to act when it identifies trading behaviour that interferes with the fair and orderly functioning of its market.
(2) Assessments to be conducted Paragraph 7(2)(a) requires a marketplace to regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to the risk management and supervisory controls, policies and procedures that marketplace participants are required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner. As well, a marketplace must regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures put in place under paragraph 7(2)(a). A marketplace is expected to document any conclusions reached as a result of its assessment and any deficiencies noted. It must also promptly remedy any identified deficiencies.
It is important that a marketplace take steps to ensure it does not engage in activity that interferes with fair and orderly markets. Part 12 of NI 21-101 requires marketplaces to establish systems-related risk management controls. It is therefore expected that
5
a marketplace will be generally aware of the risk management and supervisory controls, policies and procedures of its marketplace participants and assess whether it needs to implement additional controls, policies and procedures to eliminate any risk management gaps and ensure the integrity of trading on its market.
(3) Timing of assessments A “regular” assessment would constitute, at a minimum, an assessment conducted annually and whenever a substantive change is made to a marketplace’s operations, rules, controls, policies or procedures that relate to methods of electronic trading. A marketplace should determine whether more frequent assessments are required depending on the particular circumstances of the marketplace, for example when the number of orders or trades is increasing very rapidly or when new types of clients or trading activities are identified. A marketplace should document and preserve a copy of each such assessment as part of its books and records obligation in NI 21-101.
(4) Implementing controls, policies and procedures in a timely manner A “timely manner” will depend on the particular circumstances, including the degree of potential risk of financial harm to marketplace participants and their clients or harm to the integrity of the marketplace and to the market as a whole. The marketplace must ensure the timely implementation of any necessary risk management and supervisory controls, policies and procedures.
8. Marketplace thresholds Section 8 requires that each marketplace must not permit the execution of orders of exchange-traded securities exceeding price and volume thresholds set by its regulation services provider, or by the marketplace if it is a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces certain requirements set under NI 23-101.
These price and volume thresholds are expected to reduce erroneous orders and price volatility by preventing the execution of orders that could interfere with a fair and orderly market.
There are a variety of methods that may be used to prevent the execution of these orders. However, the setting of the price threshold is to be coordinated among all regulation services providers, recognized exchanges and recognized quotation and trade reporting systems that set the threshold under subsection 8(1).
The coordination requirement also applies when setting a price threshold for securities that have underlying interests in an exchange-traded security. We note that there may be differences in the actual price thresholds set for an exchange-traded security and a security that has underlying interests in that exchange-traded security.
9. Clearly erroneous trades (1) Application of section 9 Section 9 provides that a marketplace cannot provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by that marketplace participant. This requirement would apply in the instance where the marketplace decides to cancel, vary or correct a trade or is instructed to do so by a regulation services provider.
Before cancelling, varying or correcting a trade, paragraph 9 (2)(a) requires that a marketplace receive instructions from its regulation services provider, if it has retained one. We note that this would not apply in the case of a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101.
(2) Cancellation, variation or correction where necessary to correct a system or technological malfunction or error made by the marketplace systems or equipment
Under paragraph 9(2)(c) a marketplace may cancel, vary or correct a trade where necessary to correct an error caused by a system or technological malfunction of the marketplace’s systems or equipment or an individual acting on behalf of the marketplace. If a marketplace has retained a regulation services provider, it must not cancel, vary or correct a trade unless it has obtained permission from its regulation services provider to do so.
Examples of errors caused by a system or technological malfunction include where the system executes a trade on terms that are inconsistent with the explicit conditions placed on the order by the marketplace participant, or allocates fills for orders at the same price level in a manner or sequence that is inconsistent with the stated manner or sequence in which such fills are to occur on the marketplace. Another example includes where the trade price was calculated by a marketplace’s systems or equipment based on some stated reference price, but it was calculated incorrectly.
6
(3) Policies and procedures For policies and procedures established by the marketplace in accordance with the requirements of subsection 9(3) to be “reasonable”, they should be clear and understandable to all marketplace participants.
The policies and procedures should also provide for consistent application. For example, if a marketplace decides that it will consider requests for cancellation, variation or correction of trades in accordance with paragraph 9(2)(b), it should consider all requests received regardless of the identity of the counterparty. If a marketplace chooses to establish parameters only within which it might be willing to consider such requests, it should apply these parameters consistently to each request, and should not exercise its discretion to refuse a cancellation or amendment when the request falls within the stated parameters and the consent of the affected parties has been provided.
When establishing any policies and procedures in accordance with subsection 9(3), a marketplace should also consider what additional policies and procedures might be appropriate to address any conflicts of interest that might arise.
7