Exegy Enlists ISE, ATSs for Managed Reg SCI Compliance Service

Reg SCI is a set of rules introduced by the SEC in November 2014 to "monitor the security and capabilities of US securities markets' technological infrastructure" by reducing system errors, improving resiliency and enhancing the SEC's oversight of technology infrastructure.

The rules came into effect in November 2015, and applies to self-regulatory organizations (SROs) such as stock and options exchanges, registered clearing agencies, FINRA and the Municipal Securities Rulemaking Board, alternative trading systems (ATSs), whose markets exceed certain volume thresholds, distributors of consolidated market data, and some clearing agencies.

Over the last year, Exegy has been building a managed service to help firms ensure their market data distribution infrastructure complies with Reg SCI. The service includes new documentation of a firm's operational policies and procedures, more robust incident management and escalation procedures, more rigorous service-level agreements, greater transparency into the vendor's products and services, as well as geographically distributed disaster recovery sites.

Exegy partnered with the International Securities Exchange and two unnamed US ATSs to develop the service. ISE has used Exegy's ticker plant for five years to ingest real-time market data, but as part of its preparation for Reg SCI, built a new geographically distant site and purchased new Exegy systems to handle its market data workload at that location.

"We chose Exegy over five years ago for their ability to deliver the performance, efficiency, security and continuous support that we require for mission critical market data. They have served as a strategic partner through... our efforts to build the necessary capabilities to achieve robust Reg SCI compliance with our feed handling infrastructure," says ISE chief technology officer Thomas Reina in a statement.

In addition to backup infrastructure, Exegy has developed documentation to show that its Exegy hardware meets standard best practices for design, testing and implementation of market infrastructure. The vendor has also improved its incident monitoring and root cause analysis, and is providing customers with documentation of policies and operational changes as proof that the customers followed those policies when incidents occur.

"We worked on our end to make sure that documentation is available so that customers can respond to audits and meet standard best practices on resiliency," says Exegy chief technology officer David Taylor. "A lot of our customers also required enhancements to deploy dedicated infrastructure and hardware appliances for their ATSs and exchanges separate from other primary sites."

Although the deadline for Reg SCI compliance passed in November, Taylor says there are still potential new customers for the service in the form of ATSs, whose trading volumes have yet to exceed the thresholds that will make them eligible for the regulation.

"The interesting part of Reg SCI is when it kicks in for ATSs: They become subject to it when they exceed certain daily volumes... so there are other ATS operators not yet subject to the regulation that will benefit from our experience when it comes to market data. We are very much looking at this as us being a strategic partner and increasing value to customers," Taylor adds.