Proposed National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces

Proposed National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces

Request for Comment National Instrument

 

 

 

 

 

 

NOTICE OF PROPOSED NATIONAL INSTRUMENT 23-103
ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

 

 

 

 

 

 

 

 

I. INTRODUCTION

 

 

The Canadian Securities Administrators (CSA or we) are publishing a proposed rule, National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (Proposed Rule) and its related companion policy, 23-103 CP for comment. The Proposed Rule introduces provisions governing electronic trading by marketplace participants and their clients. It also introduces specific obligations for direct electronic access (DEA).{1} DEA does not include retail trading whereby clients access accounts through the internet.

The Proposed Rule would also provide a regulatory regime for DEA.

CSA staff have been working closely with staff of the Investment Industry Regulatory Organization of Canada (IIROC) on the development of the Proposed Rule. IIROC staff have shared their knowledge and expertise regarding many of the issues being raised by electronic trading and we thank them for their valuable contribution.

II. DISCUSSION

1. Evolution of the Canadian Market

The Canadian equity market has changed dramatically in recent years. It has moved from a single marketplace environment to multiple marketplaces with exchanges and alternative trading systems (ATSs) trading the same securities. As the markets have evolved, technology has also evolved, increasing the speed, capacity and complexity of how investors trade.

In Canada, electronic trading has been used for many years. The Toronto Stock Exchange was one of the first fully electronic exchanges in the world. Over the past few years, the use of technology has proliferated and the introduction of new marketplaces has driven the need by marketplaces to continuously improve technology by making it faster and more efficient and effective to execute trading strategies. Participants are also using strategies and algorithms that are increasingly complex and demand greater investments in technology and capacity by the participant as well as regulators, vendors and marketplaces.

In addition, technology has enabled marketplace participants to facilitate access by their clients to marketplaces. For example, DEA has enabled clients to use their own systems or algorithms to directly send orders to the marketplaces of their choice. In certain instances this trading goes through the systems of a dealer where pre-trade controls are used while in others, orders do not pass through a dealer's systems and no controls are in place. These DEA clients are usually large, institutional investors with regulatory obligations of their own. However, they may be retail clients that have particular sophistication and resources to be able to manage DEA in accordance with the standards set by a participant dealer.{2}

Market events, such as the May 6, 2010 "flash crash" have illustrated that the speed and complexity of trading require a greater focus on controls designed to mitigate the risks of these technological changes. Globally, regulators are looking at the risks associated with electronic trading, including DEA, and are introducing frameworks to address them (see section III.4 below).

2. Risks of Electronic Trading

As stated, the Canadian market has undergone a very rapid evolution in structure. With the proliferation of the use of complicated technology and strategies, including high frequency trading strategies, comes increased risks to the market. These risks are described below.

(i) Liability Risk

Liability risk relates to the risk to the market where there is uncertainty as to which party will bear the ultimate responsibility of any financial liabilities, regulatory transgressions or market disruptions incurred through electronic trading. Marketplace participants have indicated that there exists uncertainty in some instances regarding ultimate responsibility in relation to trades occurring pursuant to DEA.

As electronic trading gets faster, there is a greater risk of issues occurring that result in liability. For example, systems failures or the execution of erroneous trades may cause losses or situations where parties are manipulating the market using DEA. There is a need to have clarity as to who will be held responsible for ensuring that these risks are appropriately and effectively controlled and monitored.

(ii) Credit Risk

Credit risk is the risk that a marketplace participant, specifically a dealer, will be held financially responsible for trades that are beyond its financial capability, as well as the broader systemic risk that may result if the dealer is unable to cover its financial liabilities.

The speed at which orders are entered into the market by marketplace participants or DEA clients increases the risk that without controls, trades may exceed credit or financial limits. This may occur because marketplace participants or clients cannot keep track of the orders being entered or because erroneous trades are entered and executed because no controls or a lack of proper controls exist to stop them. Systemic risk may arise if a dealer's failure spreads to the market as a whole.

(iii) Market Integrity Risk

Market integrity risk refers to the risk that the integrity of the market and confidence in the market may be diminished if there is a lack of compliance with marketplace and regulatory requirements.

Without the appropriate electronic controls in place, there is a risk of greater violations of regulatory requirements in an environment where trading cannot be monitored manually. This would impact the willingness of investors to participate in the Canadian market.

(iv) Sub-delegation Risk

Sub-delegation risk relates to the risk associated with the practice of a DEA client passing on the use of the marketplace participant identifier of the dealer to another entity (sub-delegatee). The main risks with this practice relate to the ability of a marketplace participant to manage the risks it faces in offering DEA to a particular client. This risk may be triggered by the lack of control in identifying the original sender of an order, the inability to ascertain the suitability of the sub-delegatee to be a DEA user or the inability to have recourse against a client in a jurisdiction that does not share information. Insufficient risk control regarding a sub-delegatee could impair a participant dealer or have an adverse effect on market integrity.

(v) Technology or System Risks

Technology or system risks relate to the possibility for failure of systems or technology and the impact of that failure. The risk arises due to the high degree of connectivity and rapid speed of communication among marketplaces, marketplace participants and DEA client systems required for electronic trading. These inter-connections and the speed at which trading takes place raises concern about the potentially wide-reaching unintended consequences of trading in this type of environment. The potential problems may be due to the impact of systems failures by marketplaces, vendors or clients, lack of capacity, programming errors in algorithms, or erroneous trades. In addition, technology or systems failures that impact the ability of investors to trade or the prices that they receive for execution, introduce the risk of cancellations or variations of trades which would impact investor confidence in the market. This may lead investors, and particularly DEA clients, to trade in other countries.

(vi) Risk of Regulatory Arbitrage

The risk of regulatory arbitrage arises if rules relating to electronic trading and DEA across Canada are not addressed in a manner consistent with global standards and in particular with U.S. Securities and Exchange Commission (SEC) rules in this area (either more restrictive or permissive). If Canadian rules are too stringent, then order flow may migrate to jurisdictions with less restrictive requirements. However, if the Canadian rules are too accommodating, then those that want to avoid rules in other jurisdictions may trade in Canada, increasing the risk to the Canadian market.

3. Current Regulatory Requirements

Currently, there are no rules that apply specifically to electronic trading. There are requirements on marketplaces regarding systems requirements{3} and there are general requirements at the IIROC level for business continuity plans for dealers, as well as the requirements under National Instrument 31-103 Registration Requirements and Exemptions for a dealer to manage the risks to its business.{4} The only rules in place relating to client trading access are DEA specific rules or policies that are in place at the marketplace level. The main focus of the marketplace DEA rules is to prescribe certain clients that are eligible for DEA (referred to as the "eligible client list"), to require a written agreement between the dealer and the DEA client, to prescribe certain provisions to be included in the written agreement and set out certain system requirements relating to DEA. These rules vary between marketplaces and there is no consistent standard.

III. DESCRIPTION OF THE PROPOSED RULE

Because of the increased risks to the Canadian market described above, the CSA have determined that a regulatory framework is necessary to ensure that marketplace participants and marketplaces are managing the risks associated with widespread electronic trading including high frequency trading.{5} The result is the development of the Proposed Rule, which includes requirements relating to DEA and is discussed in detail below.

Issues associated with DEA have been previously identified by the CSA. In April 2007, the CSA published for comment amendments to National Instrument 23-101 Trading Rules (NI 23-101) that in part related to addressing issues associated with direct market access (2007 Proposed Amendments). Among other things, the 2007 Proposed Amendments clarified the obligations of marketplaces, dealers and dealer-sponsored participants when in a DEA relationship, and introduced requirements such as training for dealer-sponsored participants. These amendments were not taken forward but comments received were reviewed and have been summarized in Appendix A of this Notice. We thank all commenters who took the time to respond to our request for comments.

We are proposing the creation of a new national instrument that would expand the scope of the 2007 Proposed Amendments to regulate electronic trading generally in addition to the specific topic of DEA. We are of the view that the expanded scope of the Proposed Rule will more effectively aid in addressing areas of concern brought about by electronic trading discussed below.

In addition to reviewing the comments received, as part of the process to develop the Proposed Rule, CSA staff met with numerous marketplaces, marketplace participants and service vendors to better understand the current DEA landscape and the issues related to electronic trading. Staff enquired about a range of topics including the vetting of clients, the types of trade monitoring employed, the use of automated order systems, and whether sub-delegation was permitted or used. The information gathered has helped shape our perspective as to how to address the risks associated with electronic trading and DEA in particular. We would like to thank all of the participants who met with us and provided their views.

1. Requirements Applicable to Marketplace Participants

The Proposed Rule would impose requirements on marketplace participants{6} that electronically access marketplaces (exchanges and ATSs). The purpose of these requirements is to ensure that marketplace participants have the appropriate policies, procedures and controls in place that ensure that the risks described above are prevented or managed. The requirements apply to all electronic trading whether performed by the marketplace participant or by a client that has been granted DEA and who enters orders using a marketplace participant identifier.

(i) Marketplace Participant Controls, Policies and Procedures

The Proposed Rule would require a marketplace participant to establish, maintain and ensure compliance with appropriate risk management and supervisory controls, policies and procedures designed to manage the financial, regulatory and other risks associated with marketplace access or providing DEA to clients.{7}

In establishing the risk management and supervisory controls, policies and procedures, a marketplace participant must:

• ensure all order flow is monitored, including automated pre-trade controls and regular post-trade monitoring that are designed to systematically limit financial exposure and ensure compliance with marketplace and regulatory requirements{8};

• have direct and exclusive control over the controls, policies and procedures{9}; and

• regularly assess and document the adequacy and effectiveness of the controls, policies and procedures.{10}

The policies and procedures must be in written form and the controls, which we expect to be electronic, will have to be described in a narrative form that is documented by the marketplace participant.{11}

These requirements would apply to all electronic trading, including but not limited to DEA and would ensure that all orders for which the marketplace participant is responsible are subject to policies, procedures and controls. We have proposed these requirements because in our view, the risks associated with electronic trading through DEA equally arise when the marketplace participant is entering orders electronically. This will limit the financial, regulatory and other risks associated with electronic trading by clients as well as dealers.

The Proposed Rule sets out a number of specific controls that the marketplace participant must have. It specifically would require controls or requirements that:

• prevent the entry of orders that exceed appropriate pre-determined credit or capital thresholds,

• prevent the entry of erroneous orders in terms of size or price parameters,

• ensure compliance with applicable marketplace and regulatory requirements on a pre- and post-trade basis,

• limit the entry of orders to securities for which the particular marketplace participant or DEA client is authorized to trade,

• restrict access to trading only to persons authorized by the marketplace participant,

• ensure compliance staff of the marketplace participant receive immediate order and trade information,

• enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or DEA client,

• enable the marketplace participant to immediately suspend or terminate any DEA granted to a DEA client, and

• ensure that the entry of orders does not interfere with fair and orderly markets.{12}

We note that under the Proposed Rule, a marketplace participant would be able use the technology of a third party when implementing its risk management or supervisory controls, policies and procedures as long as the third party providing such services is independent of any DEA client of the marketplace participant and the marketplace participant is able to directly and exclusively manage the controls, policies and procedures including the setting and adjustment of filter limits.

(ii) Allocation of Control over Controls, Policies and Procedures

The Proposed Rule would require that a marketplace participant maintain direct and exclusive control over its risk management controls, policies and procedures.{13} However, in certain limited situations, we propose to permit a participant dealer to reasonably allocate control over specific risk management and supervisory controls, policies and procedures to another investment dealer that is directing trading to the marketplace participant.{14} This is designed to address situations where the investment dealer may be in a better position to manage the risks associated with its trading because of its proximity to and knowledge of its clients. In addition, it can better manage certain responsibilities such as suitability and "know your client" obligations. The allocation of control is subject to a written contract and thorough and ongoing assessment by the participant dealer with respect to the effectiveness of the controls, policies and procedures of the investment dealer. However, allocating control would not excuse the participant dealer from its general obligations under the Proposed Rule.

(iii) Use of Automated Order Systems

The Proposed Rule would impose requirements related to the use of automated order systems.{15} An automated order system is defined as "any system used by a marketplace participant or a client of a marketplace participant to automatically generate orders on a pre-determined basis."{16} Specifically, the Proposed Rule would require that, as part of its risk management and supervisory controls, policies and procedures, a marketplace participant must ensure it has the necessary knowledge and understanding with respect to the automated order systems used by itself or any client. We recognize that much of the detailed information about a client's automated order systems may be considered confidential and proprietary. However this proposed requirement is designed to ensure that the marketplace participant has sufficient information to identify and manage its risks. In addition, automated order systems used by the marketplace participant or its DEA client would need to be appropriately tested before use and regularly tested in accordance with prudent business practices.

As well, the Proposed Rule would require controls that allow the marketplace participant to immediately prevent orders from such systems from reaching a marketplace.{17} This requirement is important so that marketplace participants are able to disable an algorithm or any automated order system that is sending erroneous orders or orders that may interfere with fair and orderly markets.

2. Requirements Specific to DEA

The Proposed Rule would impose a framework around the provision of DEA. The CSA are of the view that it is important to institute a consistent framework across marketplaces and marketplace participants for the offering and use of DEA to ensure that risks are appropriately managed. In addition, having a consistent framework reduces the risk of arbitrage among participant dealers providing DEA and also among marketplaces that have different standards or requirements.

The approach we have taken supports the principle that marketplace participants, including participant dealers, are responsible for all orders entered onto a marketplace using their marketplace participant identifier. If a participant dealer chooses to provide its number to a client, it is the participant dealer's responsibility to ensure that the risks associated with providing that number are adequately managed. To do that, a participant dealer must assess its own risk tolerance and develop policies, procedures and controls that will mitigate the risks that it faces. In addition, the participant dealer should be setting the appropriate minimum standards, assessing the appropriate training and ensuring that due diligence is conducted on each prospective DEA client.

(i) The Provision of DEA

Part of addressing the risks associated with DEA requires participant dealers to conduct due diligence with respect to clients who are to be granted this type of access. This due diligence performed by the participant dealer providing DEA is a critical defence in managing many of the DEA risks outlined earlier and necessitates a thorough vetting of potential clients accessing marketplaces under their marketplace participant identifier. The Proposed Rule establishes that only a participant dealer, defined as a marketplace participant that is an investment dealer, may provide DEA.{18} This is because we consider the provision of DEA to be a trigger for the registration requirements under securities legislation.

The Proposed Rule states that DEA can only be provided to a registrant that is a participant dealer (a marketplace participant that is a registered investment dealer and IIROC member) or a portfolio manager. We propose to preclude exempt market dealers from being able to act as DEA clients because in our view, a dealer that wants DEA should not be able to "opt-out" of the application of the Universal Market Integrity Rules (UMIR) and should be an IIROC member. In other words, this exclusion would prevent regulatory arbitrage. This exclusion would not prevent dealers that are not participant dealers from sending orders to executing dealers; it would only preclude them from using DEA. We ask for specific feedback on this issue.

We have not specifically proposed to exclude individuals from obtaining DEA access. It is our view that retail investors should not be using DEA and should be routing orders through order-execution accounts that are offered by discount brokers and subject to specific supervision requirements under IIROC dealer member rules.{19} However, there are some circumstances in which individuals are sophisticated and have access to the necessary technology to use DEA (for example, former registered traders or floor brokers). In these circumstances, we would expect that the participant dealer offering DEA would set standards high enough to ensure that the participant dealer is not exposed to undue risk. It may be appropriate for these standards to be higher than those set for institutional investors. All requirements relating to risk management and supervisory controls, policies and procedures would apply. We would like specific feedback on whether individuals should be permitted DEA or whether DEA should be limited to institutional investors{20} and a limited number of other persons such as former registered traders or floor brokers.

(ii) Requirements Applicable to Participant Dealers Providing DEA

Minimum Standards

The Proposed Rule would require participant dealers to set appropriate standards that their clients must meet before providing them with DEA.{21} These standards must include that:

• the client has appropriate financial resources,

• the client has knowledge of and proficiency in the use of the order entry system,

• the client has knowledge of and ability to comply with all applicable marketplace and regulatory requirements, and

• the client has adequate arrangements in place to monitor the entry of orders through DEA.{22}

We have not included an "eligible client list" in the Proposed Rule and are of the view that setting minimum standards is more appropriate. This view is consistent with other jurisdictions globally.

Written Agreement

The Proposed Rule would also require that participant dealers enter into a written agreement with each DEA client.{23} The agreement must provide that:

• the DEA client will comply with marketplace and regulatory requirements,

• the DEA client will comply with product limits or credit or other financial limits specified by the participant dealer,

• the DEA client will maintain all technology security and prevent unauthorized access,

• the DEA client will cooperate with regulatory authorities,

• the participant dealer can reject, vary, correct or cancel orders or can discontinue accepting orders,

• the DEA client will notify the participant dealer if it fails to, or expects to fail to, meet the minimum standards set by the participant dealer,

• when the DEA client is trading for the accounts of its clients, the client orders will flow through the systems of the DEA client, and

• when trading for accounts of its clients, the DEA client will ensure that the client meets the standards set by the participant dealer and that there is a written agreement in place between the DEA client and its client.

These requirements set the minimum that the CSA view as necessary to establish a framework within which DEA should be provided. It has been left open to participant dealers to impose additional terms that they deem necessary to manage the risks associated with DEA.

Training for a DEA Client

Prior to providing DEA to a client, the participant dealer would also need to satisfy itself that the prospective DEA client has adequate knowledge with respect to marketplace and regulatory requirements.{24} In assessing the knowledge level of the client, the participant dealer must determine what, if any, training is required to ensure the management of risks to the participant dealer and the market in general, from providing the client with DEA.

Unlike in the 2007 Proposed Amendments, we are not dictating a specific course or courses that a prospective DEA client must take. We are of the view that the participant dealer, in managing its risks, should turn its mind to what level of knowledge is appropriate for a client in order to be granted DEA in the Canadian trading environment. This is consistent with the philosophy that each dealer must assess its own risk tolerance in developing its standards and policies and procedures relating to DEA.

Client Identifiers

In order to identify the specific client behind each trade, the Proposed Rule would also require that each DEA client be assigned a unique identifier that must be associated with every order and would be kept as part of the audit trail.{25} We expect that the participant dealer would work with the various marketplaces to obtain these identifiers, and that each order entered on a marketplace by a DEA client using DEA contains this identifier. Currently, a number of marketplaces track DEA client trading by using unique client identifiers. This requirement imposes the usage of the identifier on all participant dealers.

In addition, the Proposed Rule would require that the participant dealer provide the unique client identifier to all regulation services providers monitoring trading (currently, IIROC).{26} This facilitates IIROC's ability to monitor trading by DEA clients across multiple participants and multiple marketplaces.

Trading by DEA Clients

Under the Proposed Rule, we have limited the ability of a DEA client to trade using DEA. Generally, a DEA client may only trade for its own account when using DEA provided by a participant dealer.{27} However, certain DEA clients are permitted to trade using DEA for the accounts of their clients. Specifically, these clients are participant dealers, portfolio managers and any entity that is analogous to these categories which is authorized in a foreign jurisdiction that is a signatory to the IOSCO Multilateral Memorandum of Understanding.{28} Finally, we have proposed that a DEA client cannot pass on its DEA to another person or company.{29}

By proposing that certain DEA clients may trade for the accounts of their clients, we have facilitated certain arrangements currently in place. For example, global dealers often use "hubs" that aggregate orders from various subsidiaries before sending those orders through an affiliate participant dealer. The Proposed Rule would enable foreign affiliates to act as DEA clients, but would require the orders aggregated from other affiliates to pass through their systems before being sent to the participant dealer for execution. What we have prohibited is those foreign affiliates that are not DEA clients from sending orders directly to the participant dealer, with whom they have no contract and no relationship.

We have proposed these limitations because we are of the view that it is inappropriate for DEA clients to sub-delegate their DEA, or allow their clients to trade using DEA and send orders directly to a participant dealer or a marketplace. Doing this exacerbates the risks to the Canadian market and widens the breadth of market access to participants who do not have any incentive or obligation to comply with the regulatory requirements or financial, credit or position limits imposed upon them.

3. Requirements Applicable to Marketplaces

As part of the Proposed Rule, we have proposed requirements on marketplaces relating to electronic trading. Marketplaces, under NI 21-101, are already subject to systems requirements.{30} However, the Proposed Rule would impose additional requirements that:

• require marketplaces to provide a marketplace participant with reasonable access to its order and trade information on an immediate basis,

• ensure that marketplace systems can support the use of DEA client identifiers,

• ensure that marketplaces have the ability and authority to terminate all or a portion of the access provided to a marketplace participant or DEA client,

• ensure that marketplaces regularly assess and document whether they require any risk management and supervisory controls, polices and procedures to ensure fair and orderly trading,

• ensure that marketplaces regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures they implement,

• require that marketplaces prevent the execution of orders outside of thresholds set by the regulation services provider or by a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 Trading Rules, and

• confirm the process for the cancellation, variation or correction of clearly erroneous trades.

These proposed requirements, along with those in NI 21-101, will serve as another level of protection against the risks of electronic trading including DEA, and will serve to supplement the risk management and supervisory controls, policies and procedures required by the marketplace participant.

(i) Order and Trade Information

The Proposed Rule sets out an obligation on marketplaces to provide their participants with reasonable access to their own order and trade information on an immediate basis.{31} We believe this is necessary to enable the marketplace participant to fulfill its obligations with respect to establishing and implementing the risk management and supervisory controls, policies and procedures previously outlined. Specifically, it ensures that the compliance personnel at the participant dealers obtain information regarding DEA client orders and trades so that they can appropriately monitor trading.

(ii) DEA Client Identifiers

As mentioned above, some marketplaces currently require orders from DEA clients to be accompanied by a unique client identifier. This requirement would standardize this practice by requiring all marketplaces, whether an exchange or ATS, to be able to support the use of these identifiers.

(iii) Marketplace Controls Relating to Electronic Trading

The Proposed Rule would require marketplaces to have the ability and the authority to immediately terminate access granted to a marketplace participant or DEA client.{32} This provision is not intended to provide marketplaces with full discretion to terminate without cause. An example of when this would be used is if it is discovered that an algorithm is sending orders in a "loop". This risks the integrity of the participant dealer as well as fair and orderly trading on that marketplace. The existence of this provision is important to ensure that the marketplace can, if necessary, terminate access so that there is no further damage to the quality of the trading on that marketplace or contagion to the rest of the market.

The Proposed Rule would also require that marketplaces assess what risk management and supervisory controls, policies and procedures are required at the marketplace level in addition to those required by their marketplace participants. This is to ensure that marketplaces do not interfere with fair and orderly markets.{33} These controls, policies and procedures should be assessed on a regular basis (at least annually) to ensure they are adequate and effective.{34} The purpose of this requirement is to ensure that the marketplace is aware of the risk management and supervisory controls required by its participants and assesses whether there are any gaps. Those gaps must be filled by the marketplace by either introducing requirements for its participants or by introducing the controls on its own.

(iv) Marketplace Thresholds

The Proposed Rule would also establish the requirement for marketplaces to prevent the execution of orders beyond certain thresholds determined by a regulation services provider or by a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101.{35} These marketplace thresholds would be designed to limit the risks associated with erroneous or "fat finger" orders impacting the price of a particular security at the marketplace level, and resulting in a market which is not fair or orderly. This requirement is being proposed as part of the follow-up to the events of May 6, 2010. We are of the view that standardized thresholds across all marketplaces are necessary and that a regulation services provider, where applicable, is in the best position to set those thresholds. We believe that these marketplace thresholds will complement both the IIROC Single Stock Circuit Breaker proposal published in November 2010, and IIROC's existing ability to issue regulatory halts.

(v) Clearly Erroneous Trades

We are of the view that the combination of controls required by the Proposed Rule should prevent many erroneous trades from occurring. However, we have included an additional requirement whereby a marketplace must have the capability to cancel, vary or correct a trade on its own, or where instructed to do so by its regulation services provider.{36} The Proposed Rule would also establish the circumstances under which a marketplace may cancel, vary or correct a trade, if that marketplace has retained a regulation services provider. Specifically, the marketplace may cancel, vary or correct a trade when:

• instructed to do so by its regulation services provider,

• the cancellation, correction or variation is requested by a party to the trade, consent is provided by both parties to the trade and the regulation services provider is notified, or

• the cancellation, correction or variation is necessary to correct a systems issue in executing the trade, and permission to cancel, vary or correct the trade has been obtained from the regulation services provider.

Additionally, the marketplace must have reasonable policies and procedures that clearly outline the processes by which that marketplace will cancel, correct or vary a trade, and these policies and procedures must be publicly available. {37}

4. Other Jurisdictions

In developing the Proposed Rule, we have closely reviewed a number of international initiatives such as Rule 15c3-5, Risk Management Controls for Brokers or Dealers with Market Access, adopted by the SEC in November 2010{38}, the final report prepared by the International Organization of Securities Commissions' (IOSCO) Standing Committee, Principles for Direct Electronic Access to Markets published in August 2010{39} (IOSCO DEA Report), the Australian Securities and Investments Commission (ASIC) Consultation Paper 145: Australian Equity Market Structure: Proposals{40}, and the European Commission Review of the Markets in Financial Instruments Directive (MiFID) published in December of 2010.{41}

The IOSCO DEA Report sets out principles intended to be used as guidance for jurisdictions that allow or are considering allowing the use of DEA. They include minimum financial standards for DEA clients, the establishment of a legally binding agreement between the marketplace participant providing market access and the DEA client, and the existence of effective controls to manage the risks associated with electronic trading at both the marketplace and marketplace participant level. The requirements in the Proposed Rule are in line with the principles established by IOSCO.

In the U.S., Rule 15c3-5 requires brokers or dealers with access to trading on a marketplace including those providing DEA, to implement risk management controls and supervisory procedures reasonably designed to manage the financial, regulatory and other risks of this business activity. This rule effectively prohibits broker-dealers from providing unfiltered access to any marketplace.

In Australia, the ASIC Consultation Paper 145 is similar to the Proposed Rule in that it would require a market participant providing DEA to ensure that clients meet minimum standards with respect to financial resources, and proficiency with regulatory requirements and the use of systems. Additionally, there are similarities surrounding the use of automated order systems, in that they both establish requirements for participants and participant dealers to ensure that the use of such systems do not interfere with fair and orderly trading, and that all automated order systems used by the participant or a client of the participant are appropriately tested and that the nature of the systems are appropriately understood.

The European Commission's review of MiFID proposes requirements for automated trading, defined as "trading involving the use of computer algorithms to determine any or all aspects of the execution of the trade such as the timing, quantity and price".{42} The review suggests the introduction of requirements for firms involved in automated trading to have robust risk controls to mitigate potential trading system errors, and that regulators be notified of what computer algorithms are employed, including explanations of their purpose and how they function. With respect to DEA, the review recommends that firms which provide "sponsored access" to automated traders would also have in place robust risk controls and filters "to detect errors or attempts to misuse facilities".

IV. COST-BENEFIT ANALYSIS

For the Ontario Securities Commission's cost-benefit analysis of the Proposed Rule, please see Appendix B - Cost-Benefit Analysis - Proposed National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces.

V. AUTHORITY FOR THE PROPOSED RULE

In those jurisdictions in which the Proposed Rule is to be adopted, the securities legislation provides the securities regulatory authority with rule-making or regulation-making authority in respect of the subject matter of the Proposed Rule.

In Ontario, the Proposed Rule is being made under the following provisions of the Securities Act (Ontario) (Act):

• Paragraph 143(1)7 authorizes the Commission to make rules prescribing requirements in respect of the disclosure or furnishing of information to the public to the Commission by registrants.

• Paragraph 143(1)10 authorizes the Commission to make rules prescribing requirements in respect of the books, records and other documents required by subsection 19(1) of the Act to be kept by market participants (as defined in the Act), including the form in which and the period for which the books, records and other documents are to be kept.

• Paragraph 143(1)11 authorizes the Commission to make rules regulating the listing or trading of publicly traded securities including requiring reporting of trades and quotations.

• Paragraph 143(1)12 authorizes the Commission to make rules regulating recognized stock exchanges, recognized self-regulatory organizations, recognized quotation and trade reporting systems, and ATSs, including prescribing requirements in respect of the review or approval by the Commission of any by-law, rule, regulation, policy, procedure, interpretation or practice.

• Paragraph 143(1)13 authorizes the Commission to make rules regulating trading or advising in securities to prevent trading or advising that it is fraudulent, manipulative, deceptive or unfairly detrimental to investors.

• Paragraph 143(1)39 authorizes the Commission to make rules requiring or respecting the media, format, preparation, form, content, execution, certification, dissemination, and other use, filing and review of all documents required under or governed by the Act, the regulations or the rules and all documents, determined by the regulations or the rules to be ancillary to the documents.

VI. COMMENTS AND QUESTIONS

We invite all interested parties to make written submissions with respect to the proposed National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces.

Please address your comments to all of the CSA member commissions on or before July 8, 2011, as indicated below:

Alberta Securities Commission
Autorité des marchés financiers
British Columbia Securities Commission
Manitoba Securities Commission
New Brunswick Securities Commission
Nova Scotia Securities Commission
Superintendent of Securities, Department of Justice, Government of Northwest Territories
Superintendent of Securities, Yukon
Superintendent of Securities, Nunavut
Superintendent of Securities, Consumer, Corporate and Insurance Services, Office of the Attorney General, Prince Edward Island
Saskatchewan Financial Services Commission
Superintendent of Securities, Government Services of Newfoundland and Labrador
 
Ontario Securities Commission
c/o John Stevenson, Secretary
Ontario Securities Commission
20 Queen Street West
Suite 1900, Box 55
Toronto, Ontario M5H 3S8
 
and
 
Me Anne-Marie Beaudoin
Corporate Secretary
Autorité des marchés financiers
800, square Victoria, 22e étage
C.P. 246, tour de la Bourse
Montréal, Québec H4Z 1G3

We cannot keep submissions confidential because securities legislation in certain provinces requires that a summary of the written comments received during the comment period be published.

Questions may be referred to any of:

Sonali GuptaBhaya
Barbara Fydell
Ontario Securities Commission
Ontario Securities Commission
416-593-2331
416-593-8253
 
Tracey Stern
Kent Bailey
Ontario Securities Commission
Ontario Securities Commission
416-593-8167
416-595-8945
 
Serge Boisvert
Élaine Lanouette
Autorité des marchés financiers
Autorité des marchés financiers
514-395-0337 ext. 4358
514-395-0337 ext. 4356
 
Meg Tassie
Lorenz Berner
British Columbia Securities Commission
Alberta Securities Commission
604-899-6819
403-355-3889

April 8, 2011

 

APPENDIX A

SUMMARY OF PUBLIC COMMENTS ON PROPOSED AMENDMENTS

TO NATIONAL INSTRUMENT 21-101 MARKETPLACE OPERATION

AND NATIONAL INSTRUMENT 23-101 TRADING RULES REGARDING DIRECT MARKET ACCESS

AND CANADIAN SECURITIES ADMINISTRATORS RESPONSES

Comments
CSA Responses
 
Definition of Dealer-Sponsored Access
 
 
One commenter pointed out that the use of the terms "electronic connection" and "access its order routing system" in the definition of "dealer sponsored access" can be broadly interpreted to include almost any order that is electronically transmitted to a dealer and if taken literally, could include orders where there may be no trader intervention but is clearly not a case of direct access to a marketplace i.e. algorithmic trades, program trades and list based trades. This commenter believes that it is important to clarify that any direct market access (DMA) requirements would only be intended to cover sponsored trading access by non-participating organizations where there was no possible intervention by the sponsoring participating organization.
The Proposed Rule is designed to expand the scope of the 2007 Proposed Amendments to regulate electronic trading generally in addition to specifically addressing DEA. We believe many of the risks can be applied to both.
 
Question 24: Should DMA clients be subject to the same requirements as subscribers before being permitted access on a marketplace?
 
Comments
CSA Responses
 
The majority of commenters do not believe that DMA clients should be subject to the same requirements as subscribers. Many feel that ultimate responsibility for DMA clients should remain with subscribers.
The Proposed Rule represents a change in approach to the 2007 Proposed Amendments. The Proposed Rule would hold marketplace participants responsible for managing the risks associated with electronic trading, whether these orders are their own or those of a DEA client.
 
Reasons cited for this position include that:
 
 
(i) it is the subscribers who are best suited to contractually impose standards on their DMA clients and monitor and oversee the trading activity of their DMA clients;
We propose that a participant dealer providing DEA must establish appropriate standards, and assess whether each client meets these standards prior to granting DEA.
 
(ii) imposing additional requirements on the end client would result in unnecessary duplication of cost and effort and would create confusion over who is ultimately responsible for ensuring compliance with various rules; and
The Proposed Rule would allow the participant dealer to reasonably allocate specific risk management and supervisory controls to a DEA client who is an investment dealer. This allocation would be set out in a written agreement, so there should be no confusion as to who is ultimately responsible.
 
(iii) the proposed requirement would reduce DMA activity on Canadian markets and motivate DMA clients to trade inter-listed securities in foreign marketplaces which in turn would harm Canadian markets.
 
 
 
Two commenters noted that the U.S. does not have similar regulations for DMA clients regarding access to marketplaces.
We do not believe the Proposed Rule is significantly more restrictive than other jurisdictions, such that trading would shift to foreign marketplaces.
 
 
The U.S. Rule 15c3-5 establishes a framework similar to the Proposed Rule.
 
One commenter suggested that through each DMA client obtaining a unique trader ID, RS would be able to monitor DMA client account activity across participants and marketplaces and that this should address regulatory concerns regarding DMA trading. As well, this commenter also believes that the ability of the marketplace to revoke a DMA client's access trading privileges is sufficient to obtain compliance with RS investigations from DMA clients and that contracts between RS and DMA clients are not necessary.
The CSA are of the view that through the proposed participant dealer requirement to assign each DEA client a DEA client identifier and ensure that this identifier appears on each DEA order, the regulation services provider will be able to effectively monitor DEA activity.
 
 
One commenter cited that they strongly opposed requiring DMA clients to enter into an agreement with the regulation services provider or subjecting DMA clients to other regulations beyond general market integrity rules on the following: just and equitable principles, prohibition of manipulative or deceptive trading methods and improper orders and trades. To follow a similar approach in the U.S., this commenter suggested that the onus of ensuring compliance with applicable market integrity rules and providing user training should be placed on the sponsor, which can be clarified contractually through user agreements between the sponsor and the user as appropriate.
The Proposed Rule would not require contracts between the regulation services provider and the DEA client. The participant dealer must provide each DEA client identifier and associated client name to the regulation services provider.
 
A couple of commenters mentioned that a DMA client may not be in a position to ensure that their orders are ultimately routed and marked correctly since these orders must first pass through the participating organization's systems and they cannot be responsible for any technical rule violations caused by systems issues at the sponsoring firm.
 
 
A few commenters were supportive of DMA clients having the same requirements as all other participants.
 
 
One commenter was of the view that only properly registered participants and approved ATS subscribers should have direct access to the marketplace in order to ensure efficient and orderly markets.
The Proposed Rule sets out that participant dealers may not provide DEA to a registrant other than a participant dealer or portfolio manager.
 
Training
 
 
Some commenters mentioned that the training requirement for DMA clients should be relevant and that the current Canadian Securities Institute's Trader Training Course is not appropriate as it is often out of date and covers more material than is relevant for DMA clients. Two commenters suggested that the current TSX and TSX Venture DMA rules that require the dealer to provide training and updates is an appropriate way to ensure clients are trained. One commenter suggested that the regulators could set a higher standard and provide clearer expectations of the material to be covered by required training programs and provide assistance with issuing notices and regulatory updates designed for DMA clients.
The Proposed Rule does not establish specific requirements or minimum levels of education required for DEA clients. It would place an obligation on the participant dealer to satisfy itself that a client has adequate knowledge of applicable marketplace and regulatory requirements and the standards established by the participant dealer.
 
One commenter not in support of having DMA clients take a standardized trader training course contended that this requirement would serve as an impediment, especially if each jurisdiction imposed a specific trader training course requirement for access to local marketplaces in that jurisdiction. This commenter suggested that if a training course requirement is imposed there should be an exemption for foreign DMA clients. Another commenter indicated that training to attain such high a level of trading proficiency is not justified for the amount of trading that they presently engage in.
 
 
Question 25: Should the requirements regarding dealer-sponsored participants apply when the products traded are fixed income securities? Derivatives? Why or why not?
 
Comments
CSA Responses
 
The majority of commenters that responded to this question believe that the requirements regarding dealer-sponsored participants should not apply to over-the-counter products such as fixed income and derivative products. Some reasons cited for this view include: that there is no central order book with price transparency; the structure of non-exchange listed fixed income and derivative products is fundamentally different than equities; and the perceived regulatory burden could potentially discourage usage by dealer-sponsored participants at a time when transparency and the use of electronic means of trading in the OTC markets is still developing in Canada. One commenter also stated that this proposed requirement could stifle innovation in these marketplaces and put Canadian markets at a competitive disadvantage compared to the U.S. as there are no similar regulatory requirements in that marketplace.
The Proposed Rule applies to all securities traded on a marketplace as defined in National Instrument 21-101 Marketplace Operation (NI 21-101). Consideration will be given in the future as to whether it should apply to electronic trading in other products.
 
One commenter believes that all assets and all markets should be subject to the same requirements.
 
 
Question 26: Would your view about the jurisdiction of a regulation services provider (such as RS for ATS subscribers or an exchange for DMA clients) depend on whether it was limited to certain circumstances? For example, if for violations relating to manipulation and fraud, would the securities commissions be the applicable regulatory authorities for enforcement purposes?
 
Comments
CSA Responses
 
Many commenters do not feel that it is appropriate for RS to have jurisdiction over DMA clients. Some commenters cited concerns that treating U.S. broker-dealers who are DMA clients as Access Persons may cause these clients to stop trading on Canadian marketplaces which could reduce liquidity and result in wider spreads on Canadian marketplaces.
The CSA do not propose to extend the jurisdiction of the regulation services provider to all DEA clients at this time.
 
One commenter submitted that introducing an expansive new regime in Canada that gives a Canadian regulator jurisdiction over U.S. clients of Canadian dealers would send a message that is contrary to the goal of free trade in securities and may impact the SEC's possible proposal on mutual recognition with Canada.
 
 
One commenter stated that the contractual relationship between a DMA client and RS effectively creates a new requirement for clients to be registered with RS and that it should be recognized that in certain circumstances clients may not be permitted to sign a contract with an SRO. This commenter also noted that the process and administration relating to these contracts must be clearly defined as many times a DMA client will have multiple brokers and the employees may have access to some marketplaces with one dealer and potentially different access with another dealer.
 
 
One commenter suggested that RS should have jurisdiction over DMA clients for the purposes of UMIR 2.2 and that RS should contact the sponsoring registered Participant for all other matters relating to DMA clients.
 
 
Two commenters asserted that the provincial securities regulator is the appropriate body to regulate DMA clients and other non-Investment Dealer Association or non-exchange members.
 
 
One commenter, while hesitant to impose a regulation services agreement to be signed by each DMA customer, stated such agreements should be limited to a brief statement of general principles and not be open to negotiation as to its content in order to avoid applying different standards of regulation to different market participants.
 
 
A few commenters believe that all participants should be subject to the same regulations by the same regulators to ensure consistency. One commenter contended that the current regulatory jurisdiction is too fragmented and called for RS to be the primary regulatory authority for all levels of market trading infractions and over any party with access to marketplaces.
 
 
Question 27: Could the proposed amendments lead dealer-sponsored participants to choose alternative ways to access the market such as using more traditional access (for example, by telephone), using foreign markets (for inter-listed securities) or creating multiple levels of DMA (for example, a DMA client providing access to other persons)?
 
Comments
CSA Responses
 
A large majority of commenters that responded to this question believe that the proposed amendments could lead DMA clients to circumvent dealers and find alternative ways to access Canadian markets. A few commenters noted that foreign dealers in particular may choose not to trade in Canada if they are required to be subject to another local regulatory regime.
The Proposed Rule would place the responsibility for DEA client orders on the participant dealer. The CSA do not believe that the Proposed Rule would lead DEA clients to find alternative methods to access the Canadian market. Additionally, we note that the Proposed Rule would not establish DEA requirements which are significantly different from those in other jurisdictions, and do not believe foreign dealers will choose not to trade in Canada as a result.
 
One commenter noted while the proposed amendments do not contemplate disclosure of information relating to trading strategies or working of orders, that requirements of this nature would have the effect of directing order flow away from Canadian markets. One commenter submitted that foreign clients must use a registered participant in Canada.
The Proposed Rule sets out requirements for the use of automated order systems, such that any marketplace participant must ensure it has the necessary knowledge and understanding of any automated order system employed in order to identify and manage risks associated with the use of the system. The CSA recognize that some of the information regarding client automated order systems would be considered proprietary, however we would expect in these cases that a participant dealer would obtain sufficient knowledge to manage its own risks.
 
Question 28: Should there be an exemption for foreign clients who are dealer-sponsored participants from the requirements to enter into an agreement with the exchange or regulations services provider? If so, why and under what circumstances?
Comments
CSA Responses
 
The majority of commenters that responded to this question are not supportive of an exemption for foreign clients who are dealer-sponsored participants from the requirements to enter into an agreement with the exchange or regulations services provider.
The Proposed Rule would not require foreign clients to enter into an agreement with the exchange or regulation services provider.
 
Many commenters re-iterated their position that a direct agreement between DMA clients and RS is not warranted and that this would pose a significant barrier for foreign dealers and clients to access our markets. One commenter contended that foreign DMA clients will stop trading in Canada if they are required to execute an agreement with a foreign regulator.
 
 
One commenter suggested that foreign and domestic DMA clients should not be subject to other regulations beyond the following trading rules: just and equitable principles, prohibition of manipulative or deceptive trading methods and improper orders and trades. This commenter stated that the DMA sponsor or ATS should be responsible for all other regulatory and compliance requirements.
 
 
A number of commenters believe that all market participants should be treated equally and there should not be any advantage to any participant.
 
 
Question 29: Please provide the advantages and disadvantages of a new category of member of an exchange that would have direct access to exchanges without the involvement of a dealer (assuming clearing and settlement could continue to be through a participant of the clearing agency).
 
Comments
CSA Responses
 
The overwhelming majority of commenters that responded to this question are not supportive of a new category of a member of an exchange. A few commenters are concerned that a member of an exchange that is not subject to the gatekeeper oversight that dealers currently provide could compromise overall market integrity unless subject to the same level of oversight by RS as a traditional dealer.
The Proposed Rule does not propose a new category of registration.
 
One commenter is supportive of exchanges determining member eligibility criteria in their sole discretion and creating classes within their membership in the event that they want to provide different types of services to different types of members as long as a requisite level of access and functionality is provided to all members.
 

Please note: public comments to Questions 1 to 14 and 19 to 23 and the corresponding CSA responses were published on October 17, 2008 in the Ontario Securities Commission Bulletin at (2008) 31 OSCB 10045. Comments to Questions 15 to 18 and the corresponding CSA responses were published on June 20, 2008 in the Ontario Securities Commission Bulletin at (2008) 31 OSCB 6306.

 
Commenters
 
1.
Canadian Security Traders Association Inc.
2.
Investment Industry Association of Canada
3.
Raymond James Ltd.
4.
RBC Asset Management Inc.
5.
RBC Dominion Securities Inc.
6.
TD Asset Management
7.
TMX Group
8.
Perimeter Markets Inc.
9.
Scotia Capital
10.
Highstreet Asset Management
11.
CPP Investment Board
12.
Merrill Lynch
 
13.
TD Newcrest
14.
Bloomberg Tradebook Canada

 

APPENDIX B

COST-BENEFIT ANALYSIS

PROPOSED NATIONAL INSTRUMENT 23-103

ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

I. Overview

Trading on Canadian marketplaces has occurred through electronic means, however the Canadian market has evolved substantially in recent years. Technological advancements have increased the complexity of the market and the methods by which market participants can trade or access multiple marketplaces. Trading strategies and speeds have become correspondingly complex. Electronic access to the marketplaces has also been broadly extended with marketplace participants providing direct electronic access (DEA). DEA refers to the process whereby access to a marketplace is provided to clients and these clients transmit orders to the marketplace execution system using the marketplace participant's identifier without additional management by the participant dealer.

Such rapid and complex technological change has resulted in many new risks to the Canadian market. In our view, the regulatory framework for electronic trading must reflect these changes and address these risks. Proposed National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (Proposed Rule) is designed to align regulatory requirements with the current trading environment to ensure effective regulation and mitigation of these risks.

II. Costs and Benefits

Benefits

The Proposed Rule should benefit all market participants including investors, as well as the market as a whole. It is aimed at reducing the risks of electronic trading and enhancing investor confidence in the market by requiring risk management and supervisory controls, policies and procedures designed to manage the risks of both electronic trading and DEA. These controls, policies and procedures would provide for risk checks and filters of orders before they are entered onto marketplaces by marketplace participants or DEA clients.

Requiring marketplace participants to put in place risk management and supervisory controls, policies and procedures, including filters, should reduce both the systemic risk and the risks to individual dealers. In the absence of a robust system of controls, policies and procedures, the entry of one or more erroneous orders in a rapid manner could leave a dealer with substantial financial liabilities in a very short period of time. This credit risk can translate into broader systemic risk if the dealer is unable to cover these liabilities.

From a regulatory view, in the absence of effective controls, a risk exists that the dealer may also be unaware of the nature of the trading activity taking place using its marketplace participant identifier in a timely manner. The Proposed Rule would thus aid dealers to monitor their own trading as well as that of their clients, and require that the appropriate tools be available to aid in ensuring that activity is in compliance with all regulatory requirements.

Additionally, a lack of controls at the marketplace participant level could expose the entire market to rapid erroneous order flow which could affect the trading activities of a much broader group of participants, and could potentially require the cancellation of trades. Establishing controls, policies and procedures surrounding electronic trading would serve to increase confidence that the market is operating in a fair and orderly manner, by reducing the risks of errant order flow having a significant impact on the trading activities and risks of multiple participants.

The Proposed Rule would put requirements in Canada on a similar level to those in the United States, and would serve to prevent regulatory arbitrage and a migration of risks if Canada is seen as a jurisdiction with significantly less requirements and thus lower costs with respect to mitigation of the risks associated with electronic trading.

The Proposed Rule should also promote fairness by establishing a standard set of rules applicable to all market participants providing DEA, regardless of the marketplace accessed. Some dealers may already have risk systems operational, and by placing this obligation on all participant dealers there will be no competitive or economic advantage to be gained by offering access with no such filters and supervisory controls in place. Additionally, given that no consistent rule framework is currently applied specifically to electronic trading, establishing this set of rules will improve both the integrity and confidence in the market by levelling the playing field and standardizing the obligations so that there are minimum requirements in place applicable for all, no matter where orders are entered.

Costs

(i) Technology and maintenance costs

We recognize that for some participants, the Proposed Rule would likely introduce costs associated with the development and implementation of risk management and supervisory controls, policies and procedures. These costs will vary depending on the level of existing controls in place, the nature of their business and trading strategies, as well as the business models and strategies of any DEA clients. The costs may involve initial outlays as well as ongoing expenses. They will also vary depending on whether a participant chooses to use an in-house system or those provided by a third party.

There may also be costs to the market in the form of minimal additional latency on some order flow. These additional latency costs will again be dependent on the type of trading strategies in use and whether existing controls and risk management filters already exist. This additional latency may not have a major impact on the business of most participants, except for those relying on ultra low latency connections for particular strategies.

Although we acknowledge these costs, we believe that they are proportionate to the benefits provided to the market as a whole as discussed above. The protection of the integrity of the market, the reduction in both dealer and systemic risks, and the increase in the confidence of individual investors make these costs justifiable.

(ii) Compliance Costs

Under the Proposed Rule, marketplace participants would be required to ensure ongoing compliance with the responsibilities imposed. Although some new costs are likely, we expect that many of the compliance requirements would already be in place. As an example we note that currently, all registrants are required under National Instrument 31-103 - Registration Requirements and Exemptions (NI 31-103) to manage the risks to their business{43}, and we would expect that they would have established policies and procedures related to marketplace access. Any additional costs of compliance would vary depending on the nature of the business or services provided by the individual marketplace participant.

With respect to DEA, we acknowledge there may be increased costs associated with establishing, maintaining and applying appropriate standards before providing DEA to a client. We believe these costs are justifiable given the protections afforded to the market as a whole through the implementation of the Proposed Rule. Participant dealers who choose to provide DEA to clients should be appropriately vetting potential clients and ensuring standards are met on a continuing basis not only to mitigate financial risk to themselves, but also the systemic risks associated with the activities of their clients.

(iii) Costs to Marketplaces

The Proposed Rule would among other things, impose upon marketplaces the obligation to prevent the execution of orders from exceeding price and volume thresholds. These thresholds would be set by a regulation services provider monitoring the activities of the marketplace and the trading of securities, or by the marketplace itself if it directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) of National Instrument 23-101 Trading Rules.{44}

Some marketplaces in Canada already have such systems in place, while others do not. Additional costs will therefore vary depending on the marketplace in question and whether thresholds already exist.

We believe that price protection thresholds are an important layer of protection for the integrity of our market and for investor protection, and thus the costs associated with implementation are justified. Some marketplaces have already taken steps to ensure they have such protections in place, and we believe the requirements in the Proposed Rule will ensure a level playing field exists amongst marketplaces and ensure there is no competitive advantage to be gained by not offering these controls.

Conclusion

We acknowledge the increase in costs for some market participants associated with the Proposed Rule. In our opinion, the benefits associated with the Proposed Rule are proportionate to these costs. Recent market events have illustrated the risks involved with electronic trading, and appropriate rules or controls to mitigate risks will address these concerns. Further, in establishing requirements related to electronic trading and DEA, the responsibility to ensure the efficiency and protection of our markets will be shared by all participants and there will be no advantages provided to those with less stringent controls and policies in place.

 

NATIONAL INSTRUMENT 23-103

ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

PART 1

DEFINITIONS AND INTERPRETATION

1. Definitions

In this Instrument

"automated order system" means any system used by a marketplace participant or a client of a marketplace participant to automatically generate orders on a pre-determined basis;

"direct electronic access" means the access to a marketplace provided to a client of a participant dealer through which the client transmits orders, directly or indirectly, to the marketplace's execution systems under a participant dealer's marketplace participant identifier without re-entry or additional order management by the participant dealer;

"DEA client" means a client who is granted direct electronic access by a participant dealer;

"DEA client identifier" means a unique client identifier assigned to a DEA client by a participant dealer;

"marketplace participant identifier" means the unique identifier assigned to a marketplace participant to access a marketplace;

"marketplace and regulatory requirements" means

(a) the rules, policies or other similar instruments or requirements set by a marketplace respecting the method of trading by marketplace participants, including order entry requirements, the use of algorithms, order types and features and any other requirements governing the execution of trades on the system;

(b) any applicable requirements in Canadian securities legislation; and

(c) any applicable requirements set by a recognized exchange, a recognized quotation and trade reporting system or a regulation services provider pursuant to section 7.1, 7.3 or 8.2 of NI 23-101 respectively;

"NI 23-101" means National Instrument 23-101 Trading Rules;

"NI 31-103" means National Instrument 31-103 Registration Requirements and Exemptions;

"participant dealer" means a marketplace participant that is an investment dealer.

2. Interpretation

A term defined or interpreted in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation, or NI 31-103 and used in this Instrument has the respective meaning ascribed to it in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation or NI 31-103.

PART 2

REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

3. Risk Management and Supervisory Controls, Policies and Procedures

(1) A marketplace participant must:

(a) establish, maintain and ensure compliance with appropriate risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access or providing clients with direct electronic access;

(b) record the policies and procedures required by paragraph (a) and maintain a description of its risk management and supervisory controls in written form.

(2) The risk management and supervisory controls, policies and procedures required in subsection (1) must be designed to ensure all orders are monitored and include

(a) automated pre-trade controls; and

(b) regular post-trade monitoring.

(3) The risk management and supervisory controls, policies and procedures required in subsection (1) must

(a) systematically limit the financial exposure of the marketplace participant, including:

(i) preventing the entry of one or more orders that would result in exceeding appropriate pre-determined credit or capital thresholds for the marketplace participant and, if applicable, its DEA client;

(ii) preventing the entry of one or more orders that exceed appropriate price or size parameters;

(b) ensure compliance with applicable marketplace and regulatory requirements, including:

(i) preventing the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-order entry basis;

(ii) limiting the entry of orders to securities that a marketplace participant or, if applicable, its DEA client, is authorized to trade;

(iii) restricting access to trading on a marketplace to persons authorized by the marketplace participant;

(iv) ensuring that the compliance staff of the marketplace participant receives immediate order and trade information, including, without limitation, execution reports, resulting from orders sent by the marketplace participant or, if applicable, its DEA client, to a marketplace;

(c) enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or, if applicable, its DEA client;

(d) enable the marketplace participant to immediately suspend or terminate any direct electronic access granted to a DEA client; and

(e) ensure that the entry of orders does not interfere with fair and orderly markets.

(4) The risk management and supervisory controls, policies and procedures established pursuant to this section, including those provided by a third party, must be under the direct and exclusive control of the marketplace participant, subject to section 4 below.

(5) A third party that provides risk management and supervisory controls, policies and procedures to a marketplace participant must be independent from each DEA client of that marketplace participant.

(6) A marketplace participant must:

(a) regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures; and

(b) document and promptly remedy any deficiencies.

(7) Where a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must:

(a) regularly assess and document the adequacy and effectiveness of the third party's relevant risk management and supervisory controls, policies and procedures; and

(b) document any deficiencies and ensure that the deficiencies are promptly remedied.

4. Allocation of Control over Risk Management and Supervisory Controls, Policies and Procedures

A participant dealer may reasonably allocate control over specific risk management and supervisory controls, policies and procedures required under subsection 3(1) to an investment dealer if:

(a) the participant dealer has a reasonable basis for determining that such investment dealer, based on its relationship with the ultimate client, has better access to information relating to the ultimate client than the participant dealer such that the investment dealer can more effectively implement the controls, policies and procedures;

(b) a description of the allocation of control over specific risk management and supervisory controls, policies and procedures is set out in a written agreement between the participant dealer and investment dealer;

(c) the participant dealer assesses and documents the adequacy and effectiveness of the investment dealer's risk management and supervisory controls, policies and procedures prior to allocating control;

(d) the participant dealer

(i) regularly assesses the adequacy and effectiveness of the risk management and supervisory controls, policies and procedures over which control has been allocated to the investment dealer;

(ii) documents any deficiencies and ensures that the deficiencies are promptly remedied; and

(e) the participant dealer provides the investment dealer with the immediate order and trade information of the DEA client that the participant dealer receives pursuant to subparagraph 3(3)(b)(iv).

5. Use of Automated Order Systems

(1) The use of automated order systems by a marketplace participant or any client, including a DEA client, must not interfere with fair and orderly markets.

(2) As part of the risk management and supervisory controls, policies and procedures required under subsection 3(1), a marketplace participant must:

(a) have the necessary knowledge and understanding of any automated order system used by the marketplace participant or any client, including a DEA client, in order to identify and manage its risks associated with the use of the automated order system;

(b) ensure that each automated order system is regularly, and at least annually, tested in accordance with prudent business practices; and

(c) have controls in place to immediately and at any time disable the automated order system to prevent orders generated by the automated order system from reaching a marketplace.

PART 3

REQUIREMENTS APPLICABLE TO PARTICIPANT DEALERS PROVIDING DIRECT ELECTRONIC ACCESS

6. Provision of Direct Electronic Access

(1) Only a participant dealer may provide direct electronic access.

(2) A participant dealer may not provide direct electronic access to a registrant, unless the registrant is:

(a) a participant dealer; or

(b) a portfolio manager.

7. Standards for DEA Clients

(1) Before granting direct electronic access to a client, a participant dealer must:

(a) establish, maintain and apply appropriate standards for direct electronic access; and

(b) assess and document whether each client meets the standards established by the participant dealer for direct electronic access.

(2) The standards established by the participant dealer pursuant to subsection (1) must include that:

(a) the client has appropriate resources to meet any financial obligations that may result from the use of direct electronic access by that client;

(b) the client has appropriate arrangements in place to ensure that all personnel using direct electronic access on behalf of the client have knowledge of and proficiency in the use of the order entry system that the client will use;

(c) the client has knowledge of and has the ability to comply with all applicable marketplace and regulatory requirements; and

(d) the client has in place adequate arrangements to monitor the entry of orders through direct electronic access.

(3) A participant dealer must confirm with the DEA client, at least annually, that the DEA client continues to meet the standards established by the participant dealer, including those set out in subsection (2).

8. Written Agreement

Prior to granting direct electronic access to a client, a participant dealer must enter into a written agreement with the client that provides that as a DEA client:

(a) the DEA client's trading activity will comply with marketplace and regulatory requirements;

(b) the DEA client's trading activity will comply with the product limits or credit or other financial limits specified by the participant dealer;

(c) the DEA client will maintain all technology facilitating direct electronic access in an electronically and physically secure manner and will prohibit personnel, other than those authorized by the participant dealer, to use the direct electronic access granted;

(d) the DEA client will fully cooperate with the participant dealer in connection with any investigation or proceeding by any marketplace, regulation services provider, securities regulatory authority or law enforcement agency with respect to trading conducted pursuant to the direct electronic access granted, including, upon request by the participant dealer, providing access to such information to the marketplace, regulation services provider, securities regulatory authority or law enforcement agency that is necessary for the purposes of any such investigation or proceeding;

(e) the DEA client acknowledges that the participant dealer may

(i) reject an order;

(ii) vary, correct or cancel an order entered on a marketplace; and

(iii) discontinue accepting orders from the DEA client;

(f) the DEA client will immediately inform the participant dealer if it fails or reasonably expects not to meet the standards set by the participant dealer;

(g) when trading for the accounts of its clients, pursuant to subsection 11(2), the DEA client will ensure that the orders of its clients will flow through the systems of the DEA client and will be subject to appropriate risk management and supervisory controls, policies and procedures;

(h) the DEA client will not trade for the accounts of its clients, pursuant to subsection 11(2), unless

(i) such clients meet the standards established by the participant dealer pursuant to section 7; and

(ii) a written agreement is in place between the DEA client and its clients that sets out the terms of the access provided.

9. Training of DEA Clients

(1) Prior to granting direct electronic access to a client, and as necessary after direct electronic access is granted, a participant dealer must satisfy itself that the client has adequate knowledge of applicable marketplace and regulatory requirements and the standards established pursuant to section 7.

(2) If a participant dealer concludes that a client does not have adequate knowledge with respect to applicable marketplace and regulatory requirements, or standards established pursuant to section 7, the participant dealer must ensure the necessary training is provided to the client prior to granting direct electronic access to the client.

(3) A participant dealer must ensure that the DEA client receives any relevant changes and updates to applicable marketplace and regulatory requirements or standards established pursuant to section 7.

10. DEA Client Identifier

(1) Upon granting direct electronic access to a client, a participant dealer must assign to the client a DEA client identifier.

(2) A participant dealer that assigns a DEA client identifier pursuant to subsection (1) must immediately provide the DEA client identifier and the associated client name to:

(a) all regulation services providers monitoring trading;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 and to which the DEA client has access; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 and to which the DEA client has access.

(3) A participant dealer must ensure that each order entered by a DEA client using direct electronic access provided by that participant dealer includes the appropriate DEA client identifier.

(4) If a client ceases to be a DEA client, the participant dealer must promptly inform:

(a) all regulation services providers monitoring trading;

(b) any recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to section 7.1(1) or 7.3(1) respectively of NI 23-101 and to which the DEA client had access; and

(c) any exchange or quotation and trade reporting system that is recognized for the purposes of this Instrument and that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 and to which the DEA client had access.

11. Trading by DEA Clients

(1) Except as provided in subsection (2), a participant dealer must only provide direct electronic access to a client that is trading for its own account.

(2) When using direct electronic access, the following DEA clients may trade for their own account or for the accounts of their clients:

(a) a participant dealer;

(b) a portfolio manager; and

(c) an entity that is authorized in a category analogous to the entities referred to in paragraphs (a) and (b) in a foreign jurisdiction that is a signatory to the International Organization of Securities Commissions' Multilateral Memorandum of Understanding.

(3) Where a DEA client is using direct electronic access to trade for the accounts of its clients, pursuant to subsection (2), the clients' orders must flow through the systems of the DEA client before being entered on a marketplace directly or indirectly through a participant dealer.

(4) A participant dealer must ensure that where a DEA client is trading for the accounts of its clients, the DEA client has established and maintains appropriate risk management and supervisory controls, policies and procedures.

(5) A DEA client must not provide access to or pass on its direct electronic access to another person or company.

PART 4

REQUIREMENTS APPLICABLE TO MARKETPLACES

12. Availability of Order and Trade Information

A marketplace must provide a marketplace participant with reasonable access to its order and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required in section 3.

13. DEA Client Identifiers

A marketplace must not permit a marketplace participant to provide direct electronic access unless the marketplace's systems support the use of DEA client identifiers.

14. Marketplace Controls Relating to Electronic Trading

(1) A marketplace must have the ability and authority to terminate all or a portion of the access provided to a marketplace participant or a DEA client.

(2) A marketplace must:

(a) regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to those controls that a marketplace participant is required to have pursuant to subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner;

(b) regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented pursuant to paragraph (a); and

(c) document and promptly remedy any deficiencies identified in the controls, policies and procedures implemented pursuant to paragraph (a).

15. Marketplace Thresholds

(1) A marketplace must prevent the execution of orders for exchange-traded securities exceeding price and volume thresholds set by:

(a) its regulation services provider;

(b) the marketplace, if it is a recognized exchange that directly monitors the conduct of its members and enforces requirements set pursuant to subsection 7.1(1) of NI 23-101; or

(c) the marketplace, if it is a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set pursuant to subsection 7.3(1) of NI 23-101.

(2) A recognized exchange, recognized quotation and trade reporting system or regulation services provider setting a price threshold for an exchange-traded security under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and regulation services providers setting a price threshold under subsection (1) for that exchange-traded security or a security underlying that exchange-traded security.

16. Clearly Erroneous Trades

(1) A marketplace must have the capability to cancel, vary or correct a trade.

(2) If a marketplace has retained a regulation services provider, the marketplace must not cancel, vary or correct a trade executed on the marketplace unless:

(a) instructed to do so by its regulation services provider;

(b) the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to its regulation services provider; or

(c) the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment in executing the trade, and permission to cancel, vary or correct has been obtained from its regulation services provider.

(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the processes and parameters associated with a cancellation, variation or correction and must make such policies and procedures publicly available.

PART 5

EXEMPTION

17. Exemption

(1) The regulator or the securities regulatory authority may grant an exemption from this Instrument, in whole or in part, subject to such conditions or restrictions as may be imposed in the exemption.

(2) Despite subsection (1), in Ontario, only the regulator may grant such an exemption.

PART 6

EFFECTIVE DATE

18. Effective Date

This Instrument comes into force on .

 

COMPANION POLICY 23-103CP

ELECTRONIC TRADING AND DIRECT ELECTRONIC ACCESS TO MARKETPLACES

PART 1 GENERAL COMMENTS

1.1 Introduction

Purpose of National Instrument 23-103

The purpose of National Instrument 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (NI 23-103) is to address areas of concern and risks brought about by electronic trading. The increased speed and automation of trading on marketplaces and the continuing growth of direct electronic access (DEA) give rise to various risks, including credit risk and market integrity risk. Some of the risks arise from electronic trading more generally, while other risks are specific to DEA trading. To protect marketplace participants from harm and to ensure continuing market integrity, these risks need to be appropriately and effectively controlled and monitored.

In the view of the Canadian Securities Administrators (CSA or we), marketplace participants should bear primary responsibility for ensuring that these risks are appropriately and effectively controlled and monitored. This responsibility applies to orders that are entered electronically by the marketplace participant itself, as well as DEA orders from clients using the participant dealer's marketplace participant identifier and includes both financial and regulatory obligations. This view is premised on the fact that it is the marketplace participant that makes the decision to trade or, in the case of a participant dealer, to provide DEA access to its client. However, the marketplaces also have some responsibilities to manage risks to the market.

Purpose of Companion Policy

This Companion Policy sets out how the CSA interpret or apply the provisions of NI 23-103 and related securities legislation.

Except for Part 1, the numbering of Parts and sections in this Companion Policy correspond to the numbering in NI 23-103. Any general guidance for a Part appears immediately after the Part name. Any specific guidance on sections in NI 23-103 follows any general guidance. If there is no guidance for a Part or section, the numbering in this Companion Policy will skip to the next provision that does have guidance.

All references in this Companion Policy to Parts and sections are to NI 23-103, unless otherwise noted.

1.2 Definitions

Unless defined in NI 23-103, terms used in NI 23-103 and in this Companion Policy have the meaning given to them in the securities legislation of each jurisdiction, in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation (NI 21-101), or National Instrument 31-103 Registration Requirements and Exemptions (NI 31-103).

Automated order systems

Automated order systems encompass both hardware and software used to generate orders on a pre-determined basis and would include trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or are developed or used by clients.

Direct electronic access

Section 1 defines "direct electronic access" as the access to a marketplace provided to a client of a participant dealer through which the client transmits orders, directly or indirectly, to the marketplace's execution systems under a participant dealer's marketplace participant identifier without re-entry or additional order management. There are several methods by which a client's order may be transmitted electronically by the client to a marketplace, including:

(i) directly to the marketplace through the client's own system;

(ii) through the participant dealer's system; or

(iii) through a third party vendor system.

NI 23-103 requires automatic risk management filters for all orders entered electronically, including DEA orders. DEA orders are orders that are not re-routed to a trading desk of the participant dealer for manual order management by a trader or for re-entry by the participant dealer.

This definition would not capture order-execution services as defined and provided under the rules of the Investment Industry Regulatory Organization of Canada (IIROC) or other electronic access arrangements whereby a client uses the website of a dealer to enter orders as these services and arrangements would permit the management of orders by a participant dealer.

DEA client identifier

NI 23-103 requires each DEA client to have a unique identifier in order to track orders originating from that DEA client. A participant dealer is responsible for assigning the DEA client identifier under subsection 10(1) and for ensuring that every order entered by a DEA client using DEA includes the appropriate DEA client identifier under subsection 10(3). Generally, the participant dealer would obtain the DEA client identifiers from a marketplace.

Marketplace participant identifier

A marketplace participant identifier is the unique identifier assigned to the marketplace participant for trading purposes. The assignment of this identifier is co-ordinated with a regulation services provider of the marketplace, where applicable. The marketplace participant is to use its marketplace participant identifier across all marketplaces that it accesses.

PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

3. Risk management and supervisory controls, policies and procedures

National Instrument 31-103 requirements

For marketplace participants that are registered firms, section 11.1 of NI 31-103 requires the registered firm to establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to: (a) provide reasonable assurance that the registered firm and each individual acting on its behalf complies with securities legislation; and (b) manage the risks associated with its business in accordance with prudent business practices. Section 3 of NI 23-103 builds on the obligations outlined in section 11.1 of NI 31-103. The CSA have included requirements in NI 23-103 that all marketplace participants that conduct trading on a marketplace have appropriate controls, policies and procedures in place and that they manage them in accordance with prudent business practices. These requirements provide greater specificity with respect to the expectations surrounding controls, policies and procedures relating to electronic trading. The requirements apply to all marketplace participants, not just those that are registered firms.

Documentation of risk management and supervisory controls, policies and procedures

Subsection 3(1) requires a marketplace participant to record its policies and procedures and maintain a copy of its risk management and supervisory controls in written form. This includes a narrative description of any electronic controls and their functions implemented by the marketplace participant.

We note that the risk management and supervisory controls, policies and procedures related to the trading of unlisted, government and corporate debt may not be the same as those related to the trading of equity securities due to the differences in the nature of trading of these types of securities.

It is expected that these documents will be retained as part of the marketplace participant's obligation to maintain its books and records in NI 31-103.

DEA clients that also maintain risk management controls

We are aware that a DEA client that is not a registered dealer may maintain its own risk management controls. However, part of the intent of NI 23-103's risk management and supervisory controls, policies and procedures is to require a participant dealer to manage its risks associated with electronic trading and to protect the participant dealer under whose marketplace participant identifier the order is being entered. Consequently, a participant dealer must maintain risk management and supervisory controls, policies and procedures regardless of whether its DEA clients also maintain their own controls. It is not appropriate for a participant dealer to rely on a DEA client's risk management controls, as the participant dealer would not be able to ensure the sufficiency of the DEA client's controls, nor would the controls be tailored to the particular needs of the participant dealer.

Minimum risk management and supervisory controls, policies and procedures

Subsection 3(2) sets out the minimum elements of the risk management and supervisory controls, policies and procedures that we expect to be addressed and documented by each marketplace participant. The marketplace participant should assess, document and implement any additional risk management and supervisory controls, policies and procedures that it determines are necessary to manage the marketplace participant's financial exposure and to ensure compliance with applicable marketplace and regulatory requirements.

Risk management and supervisory controls, policies and procedures with respect to DEA

A participant dealer that provides DEA to its clients must ensure it has the appropriate risk management and supervisory controls, policies and procedures necessary to manage the risks associated with offering DEA. A participant dealer must ensure that it can adequately manage its DEA business, for example by ensuring that it has the necessary staffing, technology and other required resources, and that it has the financial ability to withstand the increased risks of providing DEA. A participant dealer must understand its risks in providing DEA and address those risks when establishing its minimum standards for DEA. The participant dealer should also tailor the risk management and supervisory controls, policies and procedures to each specific DEA client as may be necessary and appropriate in the circumstances.

Pre-set credit or capital thresholds

The pre-set credit or capital thresholds referenced in paragraph 3(3)(a) may be set on a per order, trade or account basis, or using a combination of these factors as required in the circumstances.

For example, a participant dealer that sets a credit limit for each DEA client could impose that credit limit by setting sub-limits applied at each marketplace to which the participant dealer provides access which together equal the total credit limit. A participant dealer may also consider whether to establish credit or capital thresholds based on sector, security or other relevant factors. In order to address the financial exposure that might result from rapid order entry, a participant dealer should also consider measuring compliance with set credit or capital thresholds on the basis of orders entered rather than executions obtained.

We note that different thresholds may be set for the marketplace participant's order flow (including both proprietary and client order flow) and that of a DEA client, if appropriate.

Compliance with applicable marketplace and regulatory requirements

The CSA expect marketplace participants to prevent the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-order basis where possible. Specifically, marketplace and regulatory requirements that must be satisfied on a pre-order basis are those requirements that can effectively be complied with only before an order is entered on a marketplace including: (i) conditions that must be satisfied under National Instrument 23-101 Trading Rules (NI 23-101) before an order can be marked a "directed-action order", (ii) marketplace requirements applicable to particular order types and (iii) compliance with trading halts. This requirement does not impose new substantive regulatory requirements on the marketplace participant but rather establishes a clear requirement that marketplace participants have appropriate mechanisms in place that are reasonably designed to effectively comply with their existing regulatory obligations on a pre-order basis in an automated, high-speed trading environment.

Order and trade information

Subparagraph 3(3)(b)(iv) requires the risk management and supervisory controls, policies and procedures to be reasonably designed to ensure that the compliance staff of the marketplace participant receives immediate order and trade information. This will require the marketplace participant to ensure that it has the capability to view trading information in real-time or to receive immediate order and trade information, such as through a drop copy, from the marketplace.

This requirement will assist the marketplace participant in fulfilling its obligations prescribed in subsection 3(1) with respect to establishing and implementing risk management and supervisory controls, policies and procedures reasonably designed to manage risks associated with access to marketplaces and providing DEA.

This provision however, does not prescribe that a marketplace participant must carry out compliance monitoring in real-time. It is up to the marketplace participant to determine the appropriate timing for compliance monitoring, but we are of the view that it is important that the marketplace participant have the necessary tools in place to facilitate order and trade monitoring as part of the marketplace participant's risk management and supervisory controls, policies and procedures.

Marketplace participant to retain direct and exclusive control of risk management and supervisory controls, policies and procedures

Subsection 3(4) specifies that the risk management and supervisory controls, policies and procedures must be under the direct and exclusive control of the marketplace participant.

A marketplace participant can use technology of third parties as long as the marketplace participant is able to directly and exclusively manage the supervisory and risk management controls, including the setting and adjusting of filter limits. A third party providing such services must be independent of any DEA client of the marketplace participant. An entity affiliated with the marketplace participant but independent from a DEA client may be considered to be an independent third party.

In all circumstances, under paragraph 3(7)(a), the marketplace participant must assess and document whether the risk management and supervisory controls, policies and procedures of the third party are effective and otherwise consistent with the provisions of NI 23-103 before engaging such services. Reliance on representations of a third party provider is insufficient to meet this assessment requirement. The CSA expect registered firms to be responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements and Exemptions.

Section 4 of NI 23-103 provides a limited exception to the requirement that a marketplace participant must have direct and exclusive control over its risk management and supervisory controls, policies and procedures in that a participant dealer may reasonably allocate, subject to certain conditions, control over specific risk management and supervisory controls, policies and procedures to an investment dealer.

Regular assessment of risk management controls and supervisory policies and procedures

Subsection 3(6) requires a marketplace participant to regularly assess and document the adequacy and effectiveness of the controls, policies and procedures it is required to establish under subsection 3(1). The same assessment requirement also applies where a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures. A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies and procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

A marketplace participant is expected to retain the documentation of each such assessment as part of its obligation to maintain books and records in NI 31-103.

4. Allocation of control over risk management and supervisory controls, policies and procedures

Section 4 of NI 23-103 is intended to address introducing (originating) and carrying (executing) arrangements or jitney arrangements that involve multiple dealers. In such arrangements, there may be certain controls that are better directed by the originating dealer, as it is the originating dealer that has knowledge of its client and is responsible for suitability and other "know your client" obligations. However, the executing dealer must also have appropriate controls in place to manage the risks it incurs by executing orders for other dealers.

Therefore, section 4 of NI 23-103 provides that a participant dealer may reasonably allocate, by written contract and after a thorough assessment, control over specific risk management and supervisory controls, policies and procedures to another registered investment dealer. We are of the view that where the originating investment dealer with the direct relationship with the ultimate client has better access than the participant dealer to information relating to the ultimate client, the originating investment dealer may more effectively assess the ultimate client's financial resources and investment objectives.

We also expect that the participant dealer will maintain a written contract with the investment dealer that sets out a description of the allocation of controls as part of its books and records obligations set out in NI 31-103.

Paragraph 4(d) requires a participant dealer to regularly assess the adequacy and effectiveness of the investment dealer's risk management and supervisory controls, policies and procedures over which control has been allocated. We expect that this will include an assessment of the performance of the investment dealer under the written agreement prescribed in paragraph 4(b) of NI 23-103. A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies or procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

Paragraph 4(e) requires the participant dealer to immediately provide the compliance staff of the originating investment dealer with immediate order and trade information. This is to allow for the originating investment dealer to monitor trading more effectively and efficiently.

Any allocation of control does not relieve the participant dealer from its obligations under section 3 of NI 23-103, including the overall responsibility to establish, document, maintain and ensure compliance with appropriate risk management and supervisory controls, policies and procedures reasonably designed, in accordance with prudent business practices, to manage the financial, regulatory and other risks associated with marketplace access or providing DEA.

5. Use of automated order systems

Subsection 5(1) of NI 23-103 stipulates that the use of automated order systems must not interfere with fair and orderly markets. This includes both the fair and orderly trading on a marketplace or the market as a whole and the proper functioning of a marketplace. For example, the sending of a continuous stream of orders that negatively impacts the price of a security or that overloads the systems of a marketplace may be considered as interfering with fair and orderly markets.

Paragraph 5(2)(a) of NI 23-103 requires a marketplace participant to have the necessary knowledge and understanding of any automated order systems used by either the marketplace participant or the marketplace participant's clients, including DEA clients. We understand that detailed information of automated order systems may be treated as proprietary information by some clients or third party service providers; however, the CSA expect that the marketplace participant will be able to obtain sufficient information to have knowledge of and understand any automated order systems used by a client or itself in order to properly identify and manage its own risks.

Paragraph 5(2)(b) requires that each automated order system is appropriately tested. A participating dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately tested. It is expected that this testing is done in accordance with prudent business practices which would include testing of the automated order system before its initial use and after any significant change is made.

PART 3 REQUIREMENTS APPLICABLE TO PARTICIPANT DEALERS PROVIDING DIRECT ELECTRONIC ACCESS

6. Provision of DEA

Registration Requirement

Only marketplace participants that meet the definition of "participant dealer" are permitted to provide DEA to clients. A participant dealer is defined as a marketplace participant that is an investment dealer. This is due to the fact that the provision of DEA to a client would trigger the registration requirements under applicable Canadian securities legislation.

Persons or Companies not eligible for DEA

Section 6 does not allow DEA to be provided to a registrant other than a participant dealer or a portfolio manager. Certain registered dealers, such as exempt market dealers, are not eligible for DEA, because the CSA do not want to facilitate regulatory arbitrage with respect to trading. In our view, if a registered dealer wishes to have direct access to marketplaces, then the registered dealer should be an IIROC member and therefore be directly subject to IIROC rules including the Universal Market Integrity Rules (UMIR) if accessing equity marketplaces.

With respect to registrants, subsection 6(2) limits the use of DEA to participant dealers, rather than to investment dealers in general, in order to ensure that this DEA client is subject to UMIR. We are of the view that UMIR obligations on the DEA client in this instance assist in minimizing the regulatory risks associated with DEA.

Order-execution services

DEA does not include order-execution services provided pursuant to IIROC rules. Order-execution services refers to the execution of orders from clients for trades that the marketplace participant has not recommended and for which suitability requirements do not apply. The provision of order-execution services is governed by the rules of IIROC and is not considered to be the same as DEA. Order-execution services are available to retail clients and as such, the CSA expect such orders to be subject to more requirements than DEA orders (for example, supervision).

It is our view that, in general, retail investors should not be using DEA and should be routing orders using order-execution services as defined and provided under IIROC rules. However, there are some circumstances in which individuals are sophisticated and have access to the necessary technology to use DEA (for example, former registered traders or floor brokers). In these circumstances, we would expect that the participant dealer offering DEA would set standards high enough to ensure that the participant dealer is not exposed to undue risk. It may be appropriate for these standards to be higher than those set for institutional investors. All requirements relating to risk management and supervisory controls, policies and procedures would apply when granting DEA to an individual.

7. Standards for DEA clients

Minimum standards

A participant dealer's due diligence with respect to its clients is a key method of managing risks associated with granting DEA. As a result, section 7 requires the participant dealer to establish, maintain and apply appropriate standards for DEA and to assess whether each prospective DEA client meets these standards prior to granting DEA to a client. A participant dealer's establishment, maintenance and application of appropriate standards for DEA would include evaluating its risks in providing DEA to a specific client. The participant dealer must establish, maintain and apply these standards with respect to all DEA clients. Subsection 7(2) sets out the minimum standards that the CSA believe are necessary to ensure that a DEA client has the appropriate financial resources and requisite knowledge of both the order entry system and applicable marketplace and regulatory requirements.

Each participant dealer has a different risk profile and as a result, we have provided flexibility in determining the specific levels of the minimum standards. However, these standards are the minimum required in the CSA's view for the participant dealer to properly manage its risks. The participant dealer should assess and determine what additional standards are appropriate given the particular circumstances of the participant dealer and each prospective DEA client. For example, certain standards a participant dealer may apply to an institutional client may need to be modified when determining whether an individual is suitable for receiving DEA.

Some additional factors a participant dealer could consider when setting such standards include, prior sanctions for improper trading activity, evidence of a proven track record of responsible trading, supervisory oversight, and the proposed trading strategy and associated volumes of trading of the DEA client.

Monitoring the entry of orders

The requirement in paragraph 7(2)(d) to monitor the entry of orders though DEA is expected to help ensure orders comply with marketplace and regulatory requirements, meet minimum standards set for managing risk and do not interfere with fair and orderly markets.

Annual confirmation

Subsection 7(3) requires a participant dealer to confirm, at least annually, that each DEA client continues to meet the minimum standards established by the participant dealer. It is up to the participant dealer to choose the method of confirmation. Obtaining a written annual certification by the DEA client is one way to meet this requirement. If the participant dealer does not require a written annual certification, the participant dealer should record that it has performed the annual confirmation in order to be able to demonstrate compliance with this requirement.

8. Written agreement

Section 8 sets out the provisions that must be included in a written agreement between a participant dealer and its DEA client. However, the participant dealer may include additional provisions in the agreement.

Subsection 8(d) specifies that when a participant dealer requests information from its DEA client in connection with an investigation or proceeding by any marketplace, regulation services provider, securities regulatory authority or law enforcement agency with respect to trading conducted pursuant to the DEA granted, the information is only required to be provided directly to the marketplace, regulation services provider, securities regulatory authority or law enforcement agency conducting the investigation or proceeding to protect the confidentiality of the information.

9. Training of DEA clients

Pursuant to subsection 9(1), prior to providing DEA to a client, and as necessary after DEA is granted, a participant dealer must satisfy itself that the client has adequate knowledge with respect to applicable marketplace and regulatory requirements. What constitutes "adequate" will depend on the particular knowledge of each specific client. The participant dealer must assess the knowledge of the client and determine what training is required in the particular circumstances. The training must at a minimum enable the client to understand the applicable marketplace and regulatory requirements and how trading on the marketplace system occurs. It may be appropriate for the participant dealer to require the client to have the same training required of marketplace participants.

10. DEA client identifier

Assignment of DEA client identifier

The purpose of requiring a unique identifier for each DEA client is to identify orders of clients entered onto a marketplace by way of DEA. NI 23-103 places the responsibility of assigning the DEA client identifier on the participant dealer, however, following industry practice, the participant dealer will collaborate with the marketplace with respect to generating the necessary identifiers.

Inclusion of DEA client identifier on each order entered onto a marketplace

Subsection 10(3) requires that the marketplace participant ensure that every DEA order entered onto a marketplace contain the appropriate DEA client identifier. It is not intended that the DEA client identifier be public information. Rather, it can be included in a private field that may only be viewed by: (1) the participant dealer under whose marketplace participant identifier the order was entered, (2) a regulation services provider, (3) a recognized exchange or recognized quotation and trade reporting system if it directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 and (4) an exchange or quotation and trade reporting system that is recognized for the purposes of NI 23-103 and that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101 and to which the DEA client has access.

11. Trading by DEA clients

Client orders passing through the systems of the DEA client

The CSA are of the view that DEA clients should not provide their DEA access to their clients. Subsection 11(3) requires that where a DEA client is using direct electronic access and trading for the accounts of its clients, the client orders must flow through the systems of the DEA client before being entered on a marketplace, directly or indirectly through a participant dealer.

This is meant to allow those arrangements that the CSA are comfortable with, such as a DEA client acting as a "hub" and aggregating the orders of its affiliates before sending the orders to the participant dealer. Requiring orders to flow through the systems of the DEA client allows the DEA client to impose any controls it deems necessary or is required to impose pursuant to any requirements to manage its risks. Although the participant dealer is also required to have controls, including automatic pre-trade filters, to manage its risks, it is the DEA client that has the knowledge of the ultimate client and therefore the DEA client is likely in a better position to determine those controls that are specific to each particular client. It is the responsibility of the participant dealer to ensure that the DEA client has adequate controls in place to monitor the orders entering its systems.

PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES

12. Availability of order and trade information

Reasonable access

Section 12 is designed to ensure that the marketplace participant has access to the information necessary to meet its obligations under NI 23-103 and that the marketplace does not have any rules, polices, procedures, fees or practices that would unreasonably create barriers to accessing this information.

This obligation is distinct from the requirement for marketplaces to disseminate order and trade information through an information processor under Part 7 of NI 21-101. The information to be provided pursuant to section 12 of NI 23-103 would need to include the private information included on each order and trade in addition to the public information disseminated through an information processor.

Immediate order and trade information

For the purposes of providing reasonable access to order and trade information on an immediate basis, the provision of drop copies would be considered acceptable.

14. Marketplace controls relating to electronic trading

Paragraph 14(2)(a) requires a marketplace to regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to the risk management and supervisory controls, policies and procedures the marketplace participants are required to have pursuant to subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner. As well, a marketplace must regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures put in place pursuant to paragraph 14(2)(a). A marketplace is expected to document any conclusions reached as a result of its assessment, any deficiencies noted and actions taken.

It is important that a marketplace take steps to ensure it does not engage in activity that interferes with fair and orderly markets. Part 12 of NI 21-101 requires marketplaces to establish systems-related risk management controls. It is therefore expected that a marketplace will be aware of the risk management and supervisory controls, policies and procedures of its marketplace participants and assess if it needs to implement additional controls, policies and procedures to eliminate any risk management gaps and ensure the integrity of trading on its market.

Regular assessments

A "regular" assessment would constitute, at a minimum, an assessment conducted annually and whenever a substantive change is made to a marketplace's operations, rules, controls, policies or procedures that relate to methods of electronic trading. A marketplace should determine whether more frequent assessments are required depending on the particular circumstances of the marketplace. A marketplace should document and preserve a copy of each such assessment as part of its books and records obligation in NI 21-101.

Implementing controls, policies and procedures in a timely manner

A "timely manner" will depend on the particular circumstances, including the degree of potential risk of financial harm to marketplace participants and their clients or harm to the integrity of the marketplace and to the market as a whole. The marketplace must use best efforts to ensure the timely implementation of any necessary risk management and supervisory controls, policies and procedures.

15. Marketplace thresholds

Section 15 requires that each marketplace prevent the execution of orders of exchange-traded securities exceeding price and volume thresholds set by its regulation services provider, or by the marketplace if it is a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces certain requirements set pursuant to NI 23-101.

The setting of the price threshold is to be coordinated among all regulation services providers, recognized exchanges, recognized quotation and trade reporting systems, exchanges and quotation and trade reporting systems recognized for the purposes of NI 23-103 that set the threshold under subsection 15(1).

These price and volume thresholds are expected to prevent the execution of orders that could interfere with a fair and orderly market by reducing erroneous orders and price volatility.

There are a variety of methods that may be used to prevent the execution of these orders. However, standardized thresholds are important tools in maintaining a fair and orderly market.

The coordination requirement also applies when setting a price threshold for securities that have underlying interests in an exchange-traded security.

We expect that the same price threshold for a specific exchange-traded security will be applied across all marketplaces. However, there may be differences in the actual price thresholds set for an exchange-traded security and a security that has underlying interests in that exchange-traded security.

16. Clearly erroneous trades

Application of section 16

Section 16 requires a marketplace to have the capability to cancel, vary or correct a trade. This requirement would apply in the instance where the marketplace decides to cancel, vary or correct a trade or is instructed to do so by a regulation services provider.

Where section 16 requires that a marketplace receive instructions from its regulation services provider before cancelling, varying or correcting a trade, we note that this would not apply to the case where a recognized exchange or recognized quotation and trade reporting system directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101.

Cancellation, variation or correction where necessary to correct a system or technological malfunction or error made by the marketplace systems or equipment

Under paragraph 16(2)(c) a marketplace may cancel, vary or correct a trade where necessary to correct an error caused by a system or technological malfunction of the marketplace's systems or equipment in executing the trade. If a marketplace has retained a regulation services provider, permission to cancel, vary or correct is to be obtained from the regulation services provider prior to cancellation, variation or correction.

Examples of errors caused by a system or technological malfunction include where the system executes a trade on terms that are inconsistent with the explicit conditions placed on the order by the marketplace participant, or allocates fills for orders at the same price level in a manner or sequence that is inconsistent with the stated manner or sequence in which such fills are to occur on the marketplace. Another example includes where the trade price was to have been calculated by a marketplace's systems or equipment based on some stated reference price, but was calculated incorrectly.

Policies and procedures

For policies and procedures established by the marketplace in accordance with the requirements of subsection 16(3) to be "reasonable", they should be clear and understandable to all marketplace participants.

They should also provide for consistent application. For example, if a marketplace decides that it will consider requests for cancellation, variation or correction of trades in accordance with paragraph 16(2)(b), it should consider all requests received regardless of the identity of the counterparty. If a marketplace chooses to establish parameters within which it might only be willing to consider such requests, it should apply these parameters consistently to each request, and should not exercise its discretion to refuse a cancellation or amendment when the request falls within the stated parameters and the consent of the affected parties has been provided.

When establishing any policies and procedures in accordance with subsection 16(3), a marketplace should also consider what additional policies and procedures might be appropriate to address any conflicts of interest that might arise.

{1} Section 1 of the Proposed Rule defines "direct electronic access" as "the access to a marketplace provided to a client of a participant dealer through which the client transmits orders, directly or indirectly, to the marketplace's execution systems under a marketplace participant identifier without re-entry or additional order management, by the participant dealer".

{2} Section 1 of the Proposed Rule defines "participant dealer" as "a marketplace participant that is an investment dealer".

{3} Part 12 of National Instrument 21-101 Marketplace Operation (NI 21-101) requires marketplaces, for each of their systems that supports order entry, order routing, execution, trade reporting and trade comparison, to monitor and test systems capacity, review the vulnerability of the systems to threats, establish business continuity plans, perform an annual independent systems review and promptly notify us of any material systems failures.

{4} Subsection 11.1 (b) of NI 31-103 requires registered firms to establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to manage the risks associated with its business in accordance with prudent business practices.

{5} The Proposed Rule addresses some of the risks of high frequency trading. Other issues, such as the impact of high frequency trading strategies on the market are being examined by some CSA jurisdictions.

{6} Section 1.1 of NI 21-101 defines "marketplace participant" as "a member of an exchange, a user of a quotation and trade reporting system, or a subscriber of an ATS".

{7} Proposed paragraph 3(1)(a).

{8} Proposed subsections 3(2) and 3(3).

{9} Proposed subsection 3(4).

{10} Proposed subsection 3(6).

{11} Proposed paragraph 3(1)(b).

{12} Proposed subsection 3(3).

{13} Proposed subsection 3(4).

{14} Proposed section 4.

{15} Proposed section 5.

{16} Proposed section 1.

{17} Proposed paragraph 5(2)(c).

{18} Proposed subsection 6(1).

{19} IIROC Dealer Member Rule 3200.

{20} An institutional investor may include an "institutional customer" as defined under IIROC dealer member rules or an "accredited investor" as defined under Canadian securities legislation.

{21} Proposed subsection 7(1).

{22} Proposed subsection 7(2).

{23} Proposed section 8.

{24} Proposed section 9.

{25} Proposed section 10.

{26} Proposed paragraph 10(2)(a).

{27} Proposed subsection 11(1).

{28} Proposed paragraph 11(2)(c).

{29} Proposed subsection 11(5).

{30} NI 21-101, Part 12.

{31} Proposed section 12.

{32} Proposed subsection 14(1).

{33} Section 14 of proposed Companion Policy 23-103CP.

{34} Proposed subsection 14(2).

{35} Proposed section 15.

{36} Proposed section 16.

{37} Proposed subsection 16(3).

{38} Published at: http://www.sec.gov/rules/final/2010/34-63241.pdf

{39} Published at: http://www.iosco.org/library/pubdocs/pdf/IOSCOPD332.pdf

{40} Published at: http://www.asic.gov.au/asic/pdflib.nsf/LookupByFileName/cp-145.pdf/$file/cp-145.pdf

{41} Published at: http://ec.europa.eu/internal_market/consultations/docs/2010/mifid/consultation_paper_en.pdf

{42} Published at: http://ec.europa.eu/internal_market/consultations/docs/2010/mifid/consultation_paper_en.pdf at page 15.

{43} NI 31-103 paragraph 11.1(b) states that "A registered firm must establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to manage the risks associated with its business in accordance with prudent business practices."

{44} Sections 7.1 and 7.3 of National Instrument 23-101 Trading Rules state that a recognized exchange or a recognized quotation and trade reporting system may monitor the conduct of its members and enforce the requirements governing its members either directly or indirectly through a regulation services provider.