Before we get going, if you want to read a bit of an odd story, we had one for you this past week. From Rebecca Natale: “On February 11, DelphX Capital Markets issued an announcement that its founder, Larry Fondren, had resigned from the company’s board of directors and had been terminated for cause from all of DelphX’s subsidiaries, including DelphX Services Corp. The news may have come as a shock to those who knew Fondren, a 50-year veteran of the insurance and fixed-income industries, but perhaps no one was more befuddled than Fondren, himself.”

As we learn more on this weird one, we’ll update the story, but for now, executives at DelphX are not talking. So let’s get to some of the other stories we published from the last week.

Illogical connections? A look at the Cat & extreme weather events

In February, Texas experienced a catastrophic failure of its energy grid, which is run by the Electric Reliability Council of Texas (Ercot). Without getting into the complexities of its setup, the Lonestar State is the lone state in America that essentially runs its own power grid(s)—other states operate on grids that are overseen by the federal government and, as such, are subject to federal guidelines.  

So it was that in 2011, unseasonably cold temperatures forced rolling blackouts throughout Texas. Following a review, federal energy officials recommended a series of improvements that could help Ercot’s infrastructure handle extreme cold fronts in the future. As the Houston Chronicle reported, those recommendations went unheeded, with an Ercot official telling reporters that the company followed best practices for winterization, but the severity of the weather went “well beyond the design parameters of an extreme Texas winter.”

Now, you might be saying to yourself, “What the hell does Texas’ energy grid have to do with financial technology?” So glad you asked.

Of all the crazy things that happened in the capital markets during the pandemic, the most surprising occurrence, for me, was the fact that the Consolidated Audit Trail—aka the Cat—finally went live after years and years and years of delays and confusion.

Now that the system is up and running, broker-dealers are worried that the sensitive data of their customers could end up in the hands of hackers. In a recent webinar, an advisor to Securities and Exchange Commission acting chair, Allison Herren Lee, told the audience that it’s absolutely necessary to collect personally identifiable information (PII) to track equity and options trading activity.

The platform requires broker-dealers to submit biographical information, such as customers’ birth dates (some of whom are known as “authorized traders” in the regulation that governs the Cat), identified with a unique code known as the Cat Customer ID (CCID). The advisor, Hugh Beck, said requiring biographical information is important in catching linkages between unscrupulous traders or a rogue trader setting off a flash crash.

Today, the Cat receives billions of messages daily, according to Ellen Green, managing director of industry body Sifma. In addition to reporting, two of four phases of the Cat’s transaction database are complete. So progress is being made.

The big concern—and it’s been a big concern for a long time—is that the Cat’s Customer and Account Information System (CAIS) database, which is maintained by the 24 securities exchanges and securities associations (otherwise known as self-regulatory organizations), is a pirate’s chest of valuable investor information to hackers.

I’m going to spare you the details of the back and forth between the SEC, SROs, Sifma, and others over liability should a hack occur—this article by Jo Wright explains it quite well—but the big issues that sources have expressed to me about the Cat is that there’s no guarantee it will track and prevent illicit trading activities, that it’s costly and time consuming, and that it’s a security nightmare waiting to happen.

The customer and account reporting phase of the Cat project is slated to begin in July 2022, which explains why pleas for a reprieve are coming through now in earnest. There’s a piece at the end of Jo’s story that reminded me of what unfolded in Texas last month.

Michael Simon, chair of the Cat operating committee, was asked why the committee has opposed attempts by the SEC to improve Cat security. From the story:

In August 2020, the SEC proposed amendments to the Cat that, if they are adopted, will, among other measures, require that the SROs use analytical environments called Secure Analytical Workspaces (Saws) to review Cat data (a recommendation that Sifma endorses).

Simon responded by saying that these proposed amendments will make the Cat far more expensive to run without clarifying how they even will improve data security. (Emphasis my own.)

“Security is a tough issue, and we all agree that it’s paramount—but not at any cost for the incremental benefit you may achieve,” he said.

Simon said the SEC’s cost-benefit analyses in its Cat proposals have underestimated how much it will take to build the Saws that the SROs would have to use to look at Cat data.

The committee’s comment letter opposing the amendments states the labor costs alone to build the proposed Saws would be about $26.4 million, which is 60-times greater than the commission’s estimate of $441,600. Similarly, the cost of operating it would be about $34.4 million, over 40-times greater than the commission’s estimate of $860,200.

“So there is a cost, and what benefit are you going to get out of that? Obviously, Sifma doesn’t think that it’s of sufficient benefit since you want to have a pause on the entire Cat system,” Simon said.

Here’s what I think (not that you should care): If we agree that the Cat is absolutely necessary to help regulators properly oversee the equities and options markets (I have my doubts, but let’s just say), and if we agree that a hack of this system would be catastrophic (it absolutely would be), there needs to be a more serious conversation around security, liability, and cost before July 2022 hits.

Maybe I’m WAY off base here, but it feels to me that after a decade of getting this damn thing off the ground and running, there’s no turning back. If the various entities involved in building the Cat strip out this PII data, does it not become a glorified version of the Cat’s predecessor, the Order Audit Trail System (Oats)? That would mean a lot of people would lose face, and there would be a lot more sighs of “I told you so!” to go around.

These security concerns are very real, and yes, it’s likely going to be expensive to prevent data loss. Similar to how Texas chose (and fought) to run its own energy grid, industry overseers said the Cat was necessary. To ignore concerns of the broker-dealers is, to me, akin to Ercot ignoring federal officials because the cost didn’t justify the likelihood of an extreme event.

Think I’m overreacting? Think I’m underreacting? Think my analogy is tortured? Let me know: anthony.malakian@infopro-digital.com.

What goes down, must come up

Another major development that unfolded during the summer of Covid was CME Group’s announcement that it would wind down several of its regulatory reporting services, following a review that found the offerings no longer aligned with the exchange operator’s business direction.

Since that announcement, our Josephine Gallagher has been breaking news left and right in the regulatory reporting space. First, she learned that Deutsche Börse was following the CME’s lead and leaving the space. She then explained why this was all happening now. And then she did a deep dive into the vendors looking to fill the void left by CME and DB, with one of those companies being SteelEye, which has been poaching former CME talent.

This past week, Jo learned that Bloomberg is raising the price of its Regulatory Reporting Hub (RHub) services by introducing a new flat fee and price range for a higher reporting threshold. If you want to know all about Bloomberg’s strategy and how it’s a sign of cost pressures across the industry, click that link. But, to sum it up, the new annual flat fee for using RHub solutions will range from $25,000 to $50,000. Bloomberg is also offering a Premium package, which includes enhanced reporting analytics, workflow visibility, and access to three-way reconciliation.

As Jo has been tirelessly following, the regulatory reporting space has become—for many—too costly as various vendors kept on dropping the price of their service for something that doesn’t provide alpha for the end user. Eventually, a bottom is hit and the market needs to readjust. That’s what appears to be happening here.

“When you look at the level of change, you look at the cost of the ambiguity of the regulatory text [and] you look at the variability of the quality of the data that’s being delivered by clients—these factors have contributed to a high cost of delivering the service,” Bloomberg’s Brian Lynch told WatersTechnology. “That’s why some other firms have shut down or sold their services, because firms have struggled to see a path to profitability.”

Sometimes Bloomberg receives criticism over the cost of its services. Being very simplistic about it, Wall Street banks essentially banded together to create Symphony to lessen their reliance on the ubiquitous Bloomberg Terminal. The thing is, though, it’s not easy to take on a beast like Bloomberg. And now as some major players have exited the regulatory reporting space, the execs at Bloomberg feel that now is the time for a market adjustment. I suspect that others are likely to follow suit. At the very least, they’re going to be more discerning on which companies they decide to take on.

As Matt Smith, CEO of SteelEye, told Jo, the vendor has had to straight up walk away from several deals because former CME clients tried to negotiate low and unrealistic rates.

“We looked at the competing offers and, in a few instances, we could see that the pricing being offered was unsustainable, and as a result, we walked away from the deals saying, ‘We need to price in a way that is sustainable,’ as we don’t want to increase prices on our clients later on,” Smith said.

At the same time, though, some vendors will probably try and fill those low prices, but you can only survive for so long running a business that can be onerous and in which you’re not adding alpha-driving capabilities like with, say, an order management system. Yes, trading firms will always look for the lowest price, but at some point, stability becomes more important because the disruption caused from a system switchover like this every few years is not worth the money saved—so if it isn’t providing alpha, maybe paying a little bit more for something more stable is worth the long-term cost analysis.

Then again, I’ve never managed an IT budget, nor have I ever switched out a regulatory reporting platform. So I’d rather hear your stories about who is winning, and who is losing, and whose costs are outrageous (either too high, or too low): anthony.malakian@infopro-digital.com.

The image at the top of the page is “The Cat and the Eagle” by Arthur Rackham, courtesy of the Cleveland Museum of Art’s open access program.