An US based global investment bank and brokerage was in the process of building a proprietary order management / execution system (OMS) to support its US cash equities trading business. The OMS will support all common trade flows (agency, principal, riskless principal, crossing, facilitation etc.) for US cash equities trading. The client engaged RegEdge to review and test pre-trade, trade and post-trade Compliance and Regulatory controls within the OMS, to ensure controls are designed and working to meet requirements.
Controls and Documentation Assessment:
RegEdge developed a comprehensive inventory of pre trade, trade and post trade regulatory controls. This included the key controls listed below:
Reg NMS rules for market data access, order protection and sub-penny rule
Reg SHO rules for order marking requirements, circuit breakers, locate and close out requirements
Securities restrictions related to control room restrictions, micro-cap securities, trading venue restrictions or ad-hoc restrictions
Restrictions to limit market volatility such as LULD, trading halts, circuit breakers etc.
SEC 15c3-5 market access and capital controls
Insider trading & manipulative trading controls such as front running, wash trades etc.
Regulatory reporting (e.g., ACT, TRF, CAT, etc.)
We mapped the identified controls to the trade flows for each business line to ensure each was accounted for as part of the OMS’s regulatory control inventory. For each of the applicable controls, we worked with the client to ensure business requirements documentation (BRD), and detailed functional requirements document (FSD) existed, and enhanced as required. We ensured the testing scripts being used by the Client provided all necessary risk coverage for each of the requirements per regulatory expectations.
We reviewed each of the BRD, FSD, test scenarios and the actual test results to identify gaps in controls. For each of the gaps identified, we collaboratively worked with the relevant teams within the Client's organization to set the expectations of the controls and the requirements, and iteratively reviewed the results as changes were being made until each of the gaps were addressed.
Once all gaps were addressed, we undertook an independent testing of their key regulatory controls and downstream reporting processes to confirm they were functioning as intended. We utilized a two-pronged approach:
1. Front-End Testing: This involved execution of test scenarios to test the efficacy of the controls. For each control, we validated and documented the results, identified issues, and bug fixes. Once resolved, scenarios were re-tested, culminating in a comprehensive report outlining the testing process and findings.
2. Data Validation: Beyond the initial execution, we delved deeper into the generated data (trade events) to verify its accuracy and alignment with regulations. Key validations covered aspects like trade markings, locates, order parameters, and regulatory reporting event triggers. Additionally, the team focused on Consolidated Audit Trail (CAT) reporting testing and provided a detailed report of scenarios that required corrections. Documentation and issue tracking remained crucial, ensuring all discrepancies were addressed and performed re-testing to confirm resolution. Finally, a clear and concise report summarized the data validation process and its outcomes.
The Results and Benefits
Our team provided comprehensive recommendations based on the assessment. This involved aiding the client in updating their documentation to align with rules and regulations, reviewing Quality Assurance (QA) and User Acceptance Testing (UAT) results to ensure controls are in place per regulatory expectations and are working as recommended. The partnership with RegEdge not only provided actionable insights but also empowered our client to navigate the regulatory landscape with confidence.