In a
Reuters article (SEC tightens leash on exchanges post "flash crash" - January 13, 2012) the SEC finally acknowledges some real problems exposed by the Flash
Crash. However, they go on to propose a solution that is, in a word, absurd.
From the article:
The regulators had to seek the data from the exchanges, delaying
a much-anticipated report on the crash by nearly five months.
The idea that the regulator of the largest capital markets in the world cannot easily
reconstruct trading when there has been a problem, or when there is a suspicion of
manipulation or misconduct, is not acceptable to me," said SEC Chairman Mary Schapiro
in an interview.
The market absorbs hundreds of thousands of quotes every second in a frenzy that can
befuddle investors and traders alike. While perhaps good for exchanges and high-frequency
traders, the value of this explosive growth has been questioned.
..the SEC's focus has shifted to issues such as data feeds and whether certain market
players may get an information advantage, as well as adequate investments by exchanges
into technology and infrastructure.
When the flash crash occurred on May 6, 2010, it left the SEC shocked at how hard it was to understand what happened. To overcome this breach, the agency proposed building a "consolidated audit trail" that would, for the first time, track all orders, messages and trades in real time.
There are questions over who will pay the SEC's estimated $4 billion price tag for
the audit trail and whether to build it from scratch.
Really,
$4 Billion? That is absolutely ridiculous. A subscription to a feed
like NxCore,
a private "regulators
only" database that matches existing exchange sequence numbers
to trader IDs, and people to
run it would cost a tiny fraction of that. And would have minimal impact on
existing infrastructure.
There is no need to track orders, messages or trades in real time. If all participants
know that the SEC can, at any time in the future, go back to any trading day and pluck
out some misdeed -- that will be more valuable and significantly less expensive
than attempting the impossible feat of real time
monitoring.
Here's why the goal of real time monitoring is not only foolhardy
and pie-in-the-sky impossible, but a tremendous waste of resources.
Wall street hires the best software wizards money can buy. They write clever algorithms.
These algorithms will only get more clever as time goes on and they will
always be changing.
It is 100 times more difficult writing algo detection software than writing the algos
in the first place, which in the software world means at least 100 times more expensive.
Which means hiring people that do not exist, since Wall Street already snapped up
the best, and you need the best times 100. You can't make it up in quantity and just
get 100 times as many wizards, because many have poor social skills, and you need
these people to communicate.
But, let's say the SEC or whoever runs the consolidated audit trail does in fact manage
to hire wizards 100 times smarter than the best on Wall Street. Are they going to be able
to instantly write, debug, test and deploy new code to match new algorithms that
can appear at any time?
How about after a day? A week? Without a doubt it will take much more time to write new detection code than it took Wall Street to write the new
algo code. And let's not forget, Wall Street doesn't want its algos being
detected.
But, let's say by some incredible stretch of the imagination (software sales guys, you
have to love them!) that it is possible to roll out new detection code instantly
without a hitch. Now what? The monitor goes beep, beep, beep, red lights blaring.
What now? You can't have a human in that loop, because by the time their brain processes
the alarm, the damage is already done. Even at the speed of the flash crash
(which was glacial compared to today), it would have been over before any phone call
could have been made.
But, let's say the machine could automatically "take action" on alerts. Really? Let's
go back to the day of the flash crash. What time would the alarm have gone off? You sure?
Really sure? What about false alarms? Managing the signal to noise ratio is incredibly difficult when processing financial data streams.
But, let's say the SEC has the best of the best of the best who never fail and the
real time monitoring software correctly detects the problem at exactly the right time
and never misfires.
Let's pretend the alarm went off at 14:42:44, which in hindsight,
after
thousands of hours of analyzing billions and billions
and billions of records,
is the time we are pretty sure that day went from bad to
abnormally bad.
It's 14:42:44 on May 6th and the alarm goes off. What now?
We have the world's most perfect software detecting a once-in-a-decade
freak event about to happen. What is it going to do now? Stop the market right then? How? Which
market? What about those outside the SEC/CFTC jurisdiction? Just the futures market? Or
equities too? Options? Index calculations? Derivatives?
How will this software physically do "the something" to prevent the crash? It
would have to transmit some sort of signal to every entity involved. There are millions
of subscribers to real
time data in the U.S. alone. How will it prevent everyone who is
watching the market halt on CNBC from panicking or doing stupid things in areas not related
to trading? Like clearing grocery store shelves, grabbing the kids, the shotgun and
the wife and heading for the hills.
But, let's say (last stop in fairytale land, I promise) that the world's most phenomenal
software detects a once in a decade event at the precise time of intervention and
manages to do the right thing that stops an impending crash and nobody panics. How will these networks be protected from exploitation? How will it be kept secure?
Do you see the folly of trying to regulate the markets in real time? Real time raises the cost exponentially
times a million. To a level that all the kings in the world couldn't afford. It would
be one thing to track in real time, things that had known behavior. Like your checking
account being overdrawn. Maybe credit card fraud in the making (which, by-the-way is a much simpler problem and hasn't been perfected despite lots of money and time).
In summary, all the SEC has to do is demonstrate that they can, at anytime in the
future,
go back to a day in question
and find the bad guy. To achieve this takes only a few simple steps.
- Get an existing data feed and archive the information so it can be processed anytime
in the future.
- Have each exchange create a new database where every exchange message has two keys: the existing public exchange sequence
number and a new private trader id.
- Hire competent people to write software that can detect anomalies anytime
in the past and have them provide exchange sequence numbers of any messages involved.
- Match up exchange sequence numbers to trader id's and find the bad guy.
- Enforce existing regulations fairly and with conviction.
|
We welcome comments or questions at: pr@nanex.net
Publication Date: 01/13/2012, Updated 03/20/2012
http://www.nanex.net
| This report and all material shown on this
website is published by Nanex, LLC and may not be reproduced, disseminated, or
distributed, in part or in whole, by any means, outside of the recipient's
organization without express written authorization from Nanex. It is a
violation of federal copyright law to reproduce all or part of this publication
or its contents by any means. This material does not constitute a solicitation
for the purchase or sale of any securities or investments. The opinions
expressed herein are based on publicly available information and are considered
reliable. However, Nanex makes NO WARRANTIES OR REPRESENTATIONS OF ANY SORT
with respect to this report. Any person using this material does so solely at
their own risk and Nanex and/or its employees shall be under no liability
whatsoever in any respect thereof.
|
|
|
