LegalizeCommission Delegated Regulation (EU) 2017/584 of 14 July 2016 supplementing Directive 2014/65/EU of the European Parliament and of the Council with regard to regulatory technical standards specifying organisational requirements of trading venues (Text with EEA relevance. )
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (1), and in particular points (a), (c) and (g) of Article 48(12) thereof,
Whereas:
(1) It is important to ensure that trading venues that enable algorithmic trading have sufficient systems and controls.
(2) The provisions of this Regulation should apply not only to regulated markets but also to multilateral trading facilities and organised trading facilities as determined by Article 18(5) of Directive 2014/65/EU.
(3) The impact of technological development and in particular algorithmic trading is one of the main drivers to determine the capacity and arrangements to manage trading venues. The risks arising from algorithmic trading can be present in any type of trading system that is supported by electronic means. Therefore, specific organisational requirements should be laid down in respect of regulated markets, multilateral trading facilities and organised trading facilities allowing for or enabling algorithmic trading through their systems. Such trading systems are those where algorithmic trading may take place as opposed to trading systems in which algorithmic trading is not permitted, including trading systems where transactions are arranged through voice negotiation.
(4) Governance arrangements, the role of the compliance function, staffing and outsourcing should be regulated as part of the organisational requirements to ensure the resilience of electronic trading systems.
(5) Requirements should be laid down with respect to the systems of trading venues allowing or enabling algorithmic trading. However, their specific application should take place in conjunction with a self-assessment to be conducted by each trading venue since not all trading models present the same risks. Therefore, some organisational requirements may not be appropriate for certain trading models although their trading systems could be supported to a certain extent by electronic means. In particular, the specific requirements to be set in relation to request-for-quote systems or hybrid systems should be considered according to the nature, scale and complexity of the algorithmic trading activity undertaken. Equally, more stringent requirements should be established by the trading venues where appropriate.
(6) Risks arising from algorithmic trading should be carefully taken into account, paying particular attention to those that may affect the core elements of a trading system, including the hardware, software and associated communication lines used by trading venues and members, participants or clients of trading venues (‘members’) to perform their activity and any type of execution systems or order management systems operated by trading venues, including matching algorithms.
(7) The specific organisational requirements for trading venues have to be determined by means of a robust self-assessment where a number of parameters have to be assessed. That self-assessment should include any other circumstances not expressly set out that may have an impact on their organisation.
(8) The minimum period for keeping records of the self-assessment and the due diligence of members for the purpose of this Regulation should be the same as the general record-keeping obligations established in Directive 2014/65/EU.
(9) Where trading venues are required to perform monitoring in real-time, it is necessary for the generation of alerts following that monitoring to be done as close to instantaneously as technically possible and therefore within no more than five seconds in order to be effective. For the same reason, any actions following that monitoring should be undertaken as soon as possible assuming a reasonable level of efficiency and of expenditure on systems on the part of the persons concerned.
(10) Testing facilities offered by trading venues should not pose risks to orderly trading. To that end, trading venues should be required to establish an adequate fair usage policy, ensure a strict separation between the testing environment and the production environment or permit testing only out of trading hours.
(11) Conformance testing should ensure that the most basic elements of the system or the algorithms used by members operate correctly and according to the venue's requirements, including the ability to interact as expected with the trading venue's matching logic and the adequate processing of data flows to and from the trading venue. Testing against disorderly trading conditions should be designed with a view to specifically addressing the reaction of the algorithm or strategy to conditions that may create a disorderly market.
(12) Where trading venues offer arrangements to test algorithms by offering testing symbols, their obligation to provide facilities to test against disorderly trading conditions should be deemed to be fulfilled. In order to enable members to effectively use such testing symbols, trading venues should publish the specifications and characteristics of the testing symbols to the same level of detail made publicly available for real life production contracts.
(13) Trading venues should be subject to an obligation to provide means to facilitate testing against disorderly trading conditions. However, their members should not be required to use those means. It should be considered as a sufficient guarantee if trading venues receive a declaration from their members confirming that such testing has taken place and stating the means used for that testing, but the trading venues should not be obliged to validate the adequacy of those means or the outcome of that testing.
(14) Trading venues and their members should be required to be adequately equipped to cancel unexecuted orders as an emergency measure if unexpected circumstances arise.
(15) The provision of direct electronic access (DEA) service to an indeterminate number of persons may pose a risk to the provider of that service and also to the resilience and capacity of the trading venue where the orders are sent. To address such risks, where trading venues allow sub-delegation, the DEA provider should be able to identify the different order flows from the beneficiaries of sub-delegation.
(16) Where sponsored access is permitted by a trading venue, prospective sponsored access clients should be subjected to a process of authorisation by the trading venue. Trading venues should also be allowed to decide that the provision of direct market access services by their members is subject to authorisation.
(17) Trading venues should specify the requirements to be met by their members in order for them to be allowed to provide DEA and determine the minimum standards to be met by prospective DEA clients in the due diligence process. Those requirements and standards should be adapted to the risks posed by the nature, scale and complexity of their expected trading, and the service being provided. In particular, they should include an assessment of the level of expected trading, the order volume and the type of connection offered.
(18) For reasons of consistency and in order to ensure the smooth functioning of the financial markets, it is necessary that the provisions laid down in this Regulation and the related national provisions transposing Directive 2014/65/EU apply from the same date.
(19) This Regulation is based on the draft regulatory technical standards submitted by the European Securities and Markets Authority to the Commission.
(20) The European Securities and Markets Authority has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the opinion of the Securities and Markets Stakeholder Group established by Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council (2),
HAS ADOPTED THIS REGULATION:
CHAPTER I
GENERAL ORGANISATIONAL REQUIREMENTS FOR TRADING VENUES ENABLING OR ALLOWING ALGORITHMIC TRADING THROUGH THEIR SYSTEMS
Article 1
Subject matter and scope
(Article 48 of Directive 2014/65/EU)
This Regulation lays down detailed rules for the organisational requirements of the systems of the trading venues allowing or enabling algorithmic trading, in relation to their resilience and capacity, requirements on trading venues to ensure appropriate testing of algorithms and requirements in relation to the controls concerning DEA pursuant to Article 48(12)(a),(b) and (g) of Directive 2014/65/EU.
For the purposes of this Regulation, it is considered that a trading venue allows or enables algorithmic trading where order submission and order matching is facilitated by electronic means.
For the purposes of this Regulation, any arrangements or systems that allow or enable algorithmic trading shall be considered ‘algorithmic trading systems’.
Article 2
Self-assessments of compliance with Article 48 of Directive 2014/65/EU
(Article 48 of Directive 2014/65/EU)
Before the deployment of a trading system and at least once a year, trading venues shall carry out a self-assessment of their compliance with Article 48 of Directive 2014/65/EU, taking into account the nature, scale and complexity of their business. The self-assessment shall include an analysis of all parameters set out in the Annex to this Regulation.
Trading venues shall keep a record of their self-assessment for at least five years.
Article 3
Governance of trading venues
(Article 48(1) of Directive 2014/65/EU)
As part of their overall governance and decision making framework, trading venues shall establish and monitor their trading systems through a clear and formalised governance arrangement setting out:
(a) their analysis of technical, risk and compliance issues when taking critical decisions.
(b) clear lines of accountability, including procedures to approve the development, deployment and subsequent updates of trading systems and to resolve problems identified when monitoring the trading systems;
(c) effective procedures for the communication of information such that instructions can be sought and implemented in an efficient and timely manner;
(d) separation of tasks and responsibilities, to ensure effective supervision of compliance by the trading venues.
The management body or the senior management of trading venues shall approve:
(a) the self-assessment of compliance in accordance with Article 2;
(b) measures to expand the capacity of the trading venue where necessary in order to comply with Article 11;
(c) actions to remedy any material shortcomings detected in the course of their monitoring in accordance with Articles 12 and 13 and after the periodic review of the performance and capacity of the trading systems in accordance with Article 14.
Article 4
Compliance function within the governance arrangements
(Article 48(1) of Directive 2014/65/EU)
Trading venues shall ensure that their compliance function is responsible for:
(a) providing clarity to all staff involved in algorithmic trading about the trading venues' legal obligations with respect to such trading;
(b) developing and maintaining the policies and procedures to ensure that the algorithmic trading systems comply with those obligations.
Trading venues shall ensure that their compliance staff has at least a general understanding of the way in which algorithmic trading systems and algorithms operate.
The compliance staff shall be in continuous contact with persons within the trading venue who have detailed technical knowledge of the venue's algorithmic trading systems or algorithms.
Trading venues shall also ensure that compliance staff have, at all times, direct contact with persons who have access to the functionality referred to in Article 18(2)(c) (‘kill functionality’) or access to that kill functionality and to those who are responsible for the algorithmic trading system.
Where the compliance function, or elements thereof, is outsourced to a third party, trading venues shall provide the third party with the same access to information as they would to their own compliance staff. Trading venues shall enter into an agreement with such compliance consultants, ensuring that:
(a) data privacy is guaranteed;
(b) auditing of the compliance function by internal and external auditors or by the competent authority is not hindered.
Article 5
Staffing
(Article 48(1) of Directive 2014/65/EU)
Trading venues shall employ a sufficient number of staff with the necessary skills to manage their algorithmic trading systems and trading algorithms and with sufficient knowledge of:
(a) the relevant trading systems and algorithms;
(b) the monitoring and testing of such systems and algorithms;
(c) the types of trading undertaken by the members, participants or clients of the trading venue (‘members’);
(d) the trading venue's legal obligations.
Trading venues shall define the necessary skills referred to in paragraph 1. The staff referred to in paragraph 1 shall have those necessary skills at the time of recruitment or shall acquire them through training after recruitment. The trading venues shall ensure that those staff's skills remain up-to-date and shall evaluate their skills on a regular basis.
The staff training referred to in paragraph 2 shall be tailored to the experience and responsibilities of the staff, taking into account the nature, scale and complexity of their activities.
The staff referred to in in paragraph 1 shall include staff with sufficient seniority to perform their functions effectively within the trading venue.
Article 6
Outsourcing and procurement
(Article 48(1) of Directive 2014/65/EU)
Trading venues outsourcing all or part of their operational functions in relation to the systems allowing or enabling algorithmic trading shall ensure that:
(a) the outsourcing agreement exclusively relates to operational functions and does not alter the responsibilities of the senior management and the management body;
(b) the relationship and obligations of the trading venue towards its members, competent authorities, or any third parties, such as clients of data feed services are not altered;
(c) they meet the requirements that they must comply with in order to be authorised in accordance with Title III of Directive 2014/65/EU.
For the purposes of this article, operational functions shall include all direct activities related to the performance and surveillance of the trading systems supporting the following elements:
(a) upstream connectivity, order submission capacity, throttling capacities and ability to balance customer order entrance through different gateways;
(b) trading engine to match orders;
(c) downstream connectivity, order and transaction edit and any other type of market data feed;
(d) infrastructure to monitor the performance of the elements referred to in points (a), (b) and (c).
Trading venues shall document the process of selecting the service provider to whom the operational functions are to be outsourced (‘the service provider’). They shall take the necessary steps to ensure, before concluding the outsourcing agreement and throughout its duration, that the following conditions are satisfied:
(a) the service provider has the ability to perform the outsourced functions reliably and professionally and is the holder of any authorisations required by law for those purposes;
(b) the service provider properly supervises the carrying out of the outsourced functions and adequately manages risks associated with the outsourcing agreement;
(c) the outsourced services are provided in accordance with the specifications of the outsourcing agreement, which are based on pre-determined methods for assessing the standard of performance of the service provider, including metrics to measure the service provided and specifications of the requirements that shall be met;
(d) the trading venue has the necessary expertise to supervise the outsourced functions effectively and manage risks associated with the outsourcing agreement;
(e) the trading venue has the ability to take swift action if the service provider does not carry out the functions effectively and in compliance with applicable laws and regulatory requirements;
(f) the service provider discloses to the trading venue any fact that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with its legal obligations;
(g) the trading venue is able to terminate the outsourcing agreement where necessary without detriment to the continuity and quality of its services to clients;
(h) the service provider cooperates with the competent authorities of the trading venue in connection with the outsourced activities;
(i) the trading venue has effective access to data related to the outsourced activities and to the business premises of the service provider, and auditors of the trading venue and competent authorities have effective access to data related to the outsourced activities;
(j) the trading venue sets out requirements to be met by the service providers to protect confidential information relating to the trading venue and its members, and to the venue's proprietary information and software;
(k) the service provider meets the requirements referred to in point (j);
(l) the trading venue and the service provider establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities, where that is necessary having regard to the operational function that has been outsourced;
Reading this document does not replace reading the official text published in the Official Journal of the European Union. We assume no responsibility for any inaccuracies arising from the conversion of the original to this format.