'Trust But Verify’ Key to Contracts Post-Bloomberg Spying Scandal
Recent reports that Bloomberg monitored client communications and usage data signal yet another flashpoint in the ongoing debate between vendors and financial institutions over what is suitable in terms of access to—and surveillance of—information.
As more of those services become cloud-based, expectations around demonstrable verification and auditing practices have heightened, but discussing where data usage for product development ends, and more nefarious activity begins, is not such a bad thing. In fact Brian Nadzan, chief development officer at buy-side combined execution and order management systems provider TradingScreen, says clarity is the best way to avoid these kinds of events to begin with.
"We have to prove to clients that we have good safeguards in place, particularly around change management and data access—e.g., ensuring changes go through the right environment as they are given to production," he says. "Similarly, the recent problems in the industry certainly haven't surprised us in terms of being capable of demonstrating how we handle internal data access entitlements. Our clients haven't been asking any more often, necessarily, because clients are always asking that of us as a cloud-based solution. We constantly have to prove the data is in front of the eyes that are supposed to have it."
As Nadzan says, the industry has long ago solved for role-based tools and entitlements by intermediating development and production with applications that permission some and not others. The difference lies in creating a robust verification layer behind that, which can essentially mirror back what's going on in which application, who is doing it, and allow end-users to adjust and monitor entitlement policies directly as necessary.
"Obviously, for intra-day trading positions, it's important because clients don't want to feel they don't have control of the data, so we give them access to policies through a kind of self-service portal, to maintain pieces of information and who has access to it, whether infrastructure support teams or otherwise, so they can fully understand the chain of access," he says.
‘Three Buckets'
The catchword, once again, among the industry is “distrust,” but the smarter focus is for each individual firm to really hone in on its own requirements, and make sure they are spelled out contractually. That, Nadzan suggests, should augur more documentation requirements in the future, perhaps a bit more flexibility on things like periodic visits to vendors' physical sites, and new competition in the chat space, such as a new service in the works from Markit —but not necessarily more blanket rules.
"If you're getting a collection of services from a major provider, pulling out of chat communications and fleeing to a separate vendor doesn't necessarily solve the problem, and the Financial Industry Regulatory Authority (Finra) or the Securities and Exchange Commission (SEC) won't and shouldn't dictate what the correct policies are for each buy-side firm or broker-dealer," he says. "Perhaps you could see a best-practices document, and then apply what you feel is practical, but it's down to specific obligation to your own clients, and whether managing private wealth money, hedge funds, or pension funds, those will each be quite different."
On the vendor side, the best advice, somewhat counterintuitively, may be to take advantage of greater requirements, regulatory or client-driven, as service offerings grow out. "It's a combination of internal policies and training, active understanding of the existing regulation around data access, and reacting to changes in terms of what clients need, always coming back to the idea of ‘trust but verify.’ You can't ignore any of those three buckets and still be successful,” the CDO says. "For example, TradingScreen is building out new electronic exchange venues, which require much higher regulatory compliance around data usage than being an EMS or OMS provider, alone. Those standards are now applied across our entire organization, not just a single business line."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Trading Tech
For MarketAxess, portfolio trading buoys flat revenue in Q3
The vendor is betting on new platforms like X-Pro and Adaptive Auto-X, which helped forge a record quarter for platform usage.
Quants look to language models to predict market impact
Oxford-Man Institute says LLM-type engine that ‘reads’ order-book messages could help improve execution
JP Morgan pulls plug on deep learning model for FX algos
The bank has turned to less complex models that are easier to explain to clients.
Nasdaq says SaaS business now makes up 37% of revenues
The exchange operator’s Q3 earnings bring the Adenza and Verafin acquisitions center stage.
Harnessing generative AI to address security settlement challenges
A new paper from IBM researchers explores settlement challenges and looks at how generative AI can, among other things, identify the underlying cause of an issue and rectify the errors.
The causal AI wave could be the next to hit
As LLMs and generative AI grab headlines, another AI subset is gaining ground—and it might solve what generative AI can’t.
Waters Wrap: Operational efficiency and managed services—a stronger connection
As cloud, AI, open-source, APIs and other technologies evolve, Anthony says the choice to buy or build is rapidly evolving for chief operating officers, too.
BlackRock forecasts return to fixed income amid efforts to electronify market
The world's largest asset manager expects bond markets to make headway once rates settle.