Exchanges' Technical Glitches Reveal Growing Operational Risk--And Could Trigger Downgrades
|Publication date: 19-Sep-2013 13:06:11 EST|
We believe that a spate of technical snafus at exchanges around the world in the past 18 months reveal exchanges' vulnerability to high operational risk (see table 1). In the U.S., some of the recent infamous technical glitches include NASDAQ OMX Group's Facebook IPO fiasco, BATS Global Markets' IPO failure on its own exchange, and NASDAQ's connectivity problem with its data system that halted trading for over three hours in all NASDAQ-listed stocks. Exchanges in other parts of the world have also experienced operational problems, including a glitch at the London Stock Exchange that delayed the release of many company announcements by 1.5 hours, an outage at the Singapore Exchange in April that delayed dealing in derivatives contracts for almost three hours, and a typo at the Tel Aviv Stock Exchange in August that sent Israel Corp. stock plummeting 99.9% and brought all trading to a halt. (Watch the related CreditMatters TV segment titled, "How Rising Operational Risks Could Affect Standard & Poor’s Ratings On Global Exchanges," dated Sept. 20, 2013.)
- A rash of technical glitches at exchanges worldwide highlight vulnerability of these entities to high operational risk.
- We account for some operational risk in our ratings already, but as technical problems occur more frequently, operational risk is becoming a more important component in our analysis and could result in downward pressure on ratings over the next few years.
- We view new competitive dynamics, changes in market structure, and advances in trading technology as the main causes for increased operational risk during the past five to seven years.
- Increasing frequency of operational glitches has drawn regulatory attention that is likely to result in tougher regulatory standards and oversight. In our view, increased regulation is only part of the solution to address increased operational risk.
Our ratings on exchanges, clearinghouses, and central securities depositories have always incorporated our view of their high operational risk, given their heavy dependence on processing technologies and telecommunications and the massive daily transaction volumes they process. But as technological glitches grow more frequent, operational risk is becoming a more important component in our rating analysis.
Basel II defines operational risk as "the risk of direct or indirect loss resulting from inadequate or failed internal processes, people, and systems, or from external events." When we assign ratings to financial markets infrastructure companies, we review, but do not audit or certify, their operations to determine their relative exposure to unmitigated operational risk--risk that has a potential impact on the company's financial performance. As part of our assessment of operational risk, we review disaster-recovery and business-continuity plans, computing systems' capacity and redundancies, and the security of both the database and physical facilities and the company's investment plans in these areas.
In our view, the recent preponderance of technical glitches at exchanges underscore a gradual rise in operational risk for this industry over the past five to seven years. We believe there are three main causes for the increase:
- New competitive dynamics
- Changes in the market's structure
- Advances in trading technology
Although these factors are in play at all exchanges, the recent series of technical problems suggests that stock exchanges--as opposed to futures or derivative exchanges--have become more prone to operational risk. They have also drawn regulatory attention that is likely to result in tougher regulatory standards and oversight. While increased regulation may reduce operational risk, we do not believe it will completely eliminate it. It will also likely lead to higher compliance and investment costs for companies. Furthermore, the poor track record of outages and other operational problems at some specific exchanges could damage their reputation and their competitiveness in the marketplace, and the recent glitches could weigh on our assessments of both individual exchange ratings and the overall industry risk profile. We believe the combination of these factors could put downward pressure on ratings over the next few years.
Three Causes For Rising Operational Risk: Increased Competition, Growing Complexity, And Advances In Technology
We believe that the increasing frequency of technical glitches at exchanges has been mainly caused by new competitive dynamics, changes in the market structure, and advances in trading technology.
In our opinion, the implementation of the Regulation National Market System (Reg NMS) in the U.S. in 2007 and the Markets in Financial Instruments Directive (MiFID) in Europe in 2007 significantly changed competitive dynamics, which indirectly contributed to rising operational risks. Stock exchanges, in particular, face increased competition from new execution and listing venues, including alternative trading systems (ATSs), multilateral trading facilities (MTFs), and dark pools. As a result, the market share of the registered stock exchanges has generally been falling (see table 2). A significant number of trades bypass the registered exchanges and go to dark pools and internalizers. Dark pools are trading platforms where buyers and sellers of stocks remain anonymous and their orders are hidden until they are processed. Internalizers are brokers that match orders within their own firms, allowing them to avoid exchange fees. The amount of trades executed on nondisplayed venues soared to almost 40% of U.S. trading volume in 2012 from approximately 9% in 2008, according to data from Rosenblatt Securities.
As a result of increased competition, the market structure has become more complex. Reg NMS and MiFID promoted greater competition among stock exchanges, but the unintended consequence was greater market fragmentation. In the U.S. today there are 16 SEC-registered securities exchanges and more than 50 ATSs, for example, whereas before 2005 the New York Stock Exchange (NYSE) and the NASDAQ Stock Market dominated the equities market. This fragmentation has led investors to rely on the interconnectivity among a myriad of fragmented pools of liquidity. This interconnectivity means problems at one exchange could jeopardize functionality at others. When the NASDAQ Stock Market halted trading on Aug. 22, for example, other stock exchanges, including NYSE, BATS, and Direct Edge, also had to stop trading in NASDAQ-listed securities.
In our view, advances in trading technology have also contributed to increased operational risk. Exchanges rely on the resilience, capacity, and speed of their trading platforms to efficiently process millions of transactions daily. Over the past five years, exchanges made significant investments in speed and functionality. To stay competitive, exchanges need to continuously develop and enhance electronic trading platforms and add new functionalities and order types. The rise of high-frequency traders, which contribute more than 50% of total trading volume in the U.S., and the exchanges' heavy reliance on these order flows to generate revenues have led them to spend millions of dollars to reduce trade latency and build colocation services to attract high-frequency traders to their marketplace. As a result, trade latency is now measured in microseconds compared with seconds a few years ago. While technology is becoming more sophisticated and trade execution more efficient, this also increases the complexity of exchange operations. In our opinion, faster trade speed and greater interconnectivity are amplifying the impact of operational glitches when they occur.
Exchanges' members have also become more prone to operational risk. For example, in August 2012, a computer glitch at Knight Capital led its computers to rapidly buy and sell millions of shares in more than 100 stocks for about 45 minutes, resulting in a $440 million trading loss. In August 2013, a Goldman Sachs technical error caused the company to accidently send trade orders to the U.S. options exchanges. In this case, the exchanges cancelled the trades, causing no trading loss to Goldman Sachs, but irritating other members who had stood to profit from them.
Operational Risk Doesn't Affect All Exchanges Equally
We view stock exchanges' higher vulnerability to operational risk (compared with derivative and futures exchanges), primarily as a function of the numerous point-to-point connections between stock exchanges and the variety of order types they process. Derivatives and futures exchanges, like IntercontinentalExchange and CME Group, tend to have "vertical silo" business models, in which the listings, trading, and clearing of contracts are done under one roof. This means they are less connected to other exchanges and clearinghouses.
The greater fragmentation in the equities markets (especially in the U.S.) creates more interconnectivity between exchanges, which leaves them more vulnerable to operational failures. There are 16 SEC-registered securities exchanges and more than 50 alternative trading platforms in the U.S., each of which is linked with others though a vast web of connections, including those that provide connectivity, routing services, and market data. And additional regulatory and disclosure requirements for stock exchanges, such as the consolidated tape--which provides real time data on prices and trading volumes--increase the complexity of the systems and exposure to operational problems.
Numerous order types also add to the complexity of the equities markets and amplify operational risk. To make the matter even more complicated, there have been discrepancies around how some exchanges execute their order types compared with their own rule books. For example, in January 2013, BATS announced that upon a National Best Bid and Offer (NBBO) update on BATS' BYX Exchange, BZX Exchange, and BATS Options, it had discovered a problem with its matching engine that caused the execution of a short sale order at a price that was equal to or less than the NBBO. The problem started in 2008, but it took the company more than four years to identify it.
Increased Regulation Is Only Part Of The Solution
Growing frequency of operational glitches has drawn more regulatory attention that is likely to result in tougher regulatory standards and oversight. We believe more regulations won't completely eliminate operational risk. In our view, the U.S. exchange industry, with its very low latency and fragmentation, needs a coordinated solution between different venues to bolster operational resilience comprehensively. In other markets that today are not fragmented but where trade volumes and traders' demands are rising, we consider that exchange operators, such as Hong Kong Exchanges and Clearing, are prudent to proceed cautiously, prizing the reliable provision of an orderly market over speed.
Following the succession of several high-profile market malfunctions, the SEC intensified its scrutiny of exchanges and their members, launched a broad review into technology and infrastructure issues, and started an investigation of ties between exchanges and high-frequency trading firms. In 2012, several exchanges, including BATS, Direct Edge, and NYSE, became the focus of an SEC regulatory probe. SEC officials were looking into whether some exchanges provide high-speed firms special advantages that give the firms a leg up on less-sophisticated investors. The SEC investigation expanded from just looking into specific order types to a broader examination of how exchanges develop new products, share information, provide incentives to trade, and communicate with clients.
One proposal the SEC and exchanges have been discussing involves implementing "kill switches" between brokers and exchanges that exchanges could use to shut down trading before software glitches get out of control and wreak havoc on markets. Kill switches are common in futures trading, but not in the U.S. stock market. Some stock exchanges support the idea of kill switches, but they are not yet an industrywide requirement.
The SEC also proposed a new rule, Regulation Systems Compliance and Integrity (Reg SCI), in March 2013. The new regulation covers a wide range of SCI entities, including certain self-regulatory organizations, ATSs, plan processors that provide market data to investors, and exempt clearing agencies. Reg SCI would require SCI entities to establish comprehensive policies and procedures governing the function and integrity of their systems, to file notices and reports about the occurrence of certain adverse system events or material changes to systems, and would require self-regulatory organization members to participate in routine and industrywide testing of their systems. The rule would cover all systems that would be likely to affect SCI entity operations or could disrupt the markets. The proposed regulation would replace the current Automation Review Policy, a voluntary information technology review program the SEC created in the response to the 1987 market break and related Rule 301(b)(6) of Regulation ATS.
The 60-day comment period for Reg SCI is finished, and the rule is currently in a revision period with no set implementation date. Although most industry participants have opposed the new regulation, it's likely that the SEC will implement it given the number of recent operational problems. Because the SEC's request for comment asked more than 200 questions on the details and scope of the proposed regulation, the final version might change from the initial proposal.
Most recently, on Sept. 13, 2013, the SEC had a meeting with top executives from major U.S. exchanges, the Financial Industry Regulatory Authority, the Depository Trust & Clearing Corp., and the Options Clearing Corp., to discuss recent NASDAQ OMX operational issues. Topics they covered included management and oversight of key data feeds, testing standards, kill switches, and ways to improve the integrity of market systems. According to an SEC statement, exchanges should provide action plans to the SEC that address the standards for highly resilient and robust systems for the securities information processors, identify and provide assessments of other critical infrastructure systems, and provide rule amendments to implement kill switches. This SEC meeting followed the Commodity Futures Trading Commission's issuance of a "Concept Release on Risk Controls and System Safeguards for Automated Trading Environments" on Sept. 9, 2013, which focuses on tightening rules for high-frequency trading firms.
In our opinion, increased regulations may reduce operational risk somewhat, but they could also create a false sense of security. Although strict policies and procedures, strong internal controls, robust corporate governance, and experienced, competent, and well-trained staff can help exchanges mitigate operational risk to some degree, there is no realistic way to completely eliminate it. We believe that technology outages are inevitable because no system can be completely immune to failures, even with thorough backups, redundancies, and extensive testing. As NASDAQ's CEO Bob Greifeld said in his recent CNBC interview, "There will always be issues in the ecosystem."
The Consequences Of Increased Risk Are Difficult To Quantify
The fallout from outages and other failures at exchanges and their potential financial impact are difficult to quantify, especially for "black swans"--extremely low probability but high-impact events. Although the direct monetary impact of such events has been relatively limited thus far, their indirect effects could be more significant.
Most exchanges have insurance coverage or contractual provisions that limit their liability for operational failures. The NASDAQ Stock Market's rules limit its liability to just $500,000 per operational incident ($3 million per month), but it made a $62 million voluntary payment to reimburse its members for losses they incurred as a result of the exchange's mishandling of the Facebook IPO. The bigger issue, however, is significant reputational risk, which could impair exchanges' competitiveness in the marketplace and hurt their business and financial conditions. NASDAQ's operational glitches, for example, could damage its franchise. In fact, the NASDAQ Stock Market is no longer the undisputed leader in tech IPOs and listings. According to a recently published S&P Capital IQ article, the NYSE completed 21 tech IPOs over the past 15 months, compared with 15 for NASDAQ (see "The NASDAQ's Recent Shutdown May Affect Futures Business," published Aug. 23, 2013).
Frequent operational issues could also cause an exchange to lose market share to the increasing number of other global competitors or smaller opaque trading venues, such as ATSs, MTFs, and dark pools. We believe if traditional exchanges continue losing market share, market quality could suffer in terms of distorted prices and less transparency.
As Operational Risk Increases, Our Ratings Could Fall
We believe that rising operational risk is becoming a more important factor in our ratings, with the potential to affect both our assessment of the overall exchange industry's risk profile and the creditworthiness of individual companies. While we expect exchanges to continue playing a significant role in the financial markets, more high-profile snafus could lessen their competitive advantage and reduce their market share, resulting in higher industry risk.
Although our credit analysis of exchange companies focuses more on cash flow generation than positive tangible equity, we expect regulated operating subsidiaries to maintain sufficient liquid capital to cover unexpected losses that could arise from operational issues. While losses have been manageable so far, increasing risk points to the need for exchanges to maintain stronger financial profiles.
We haven't lowered any ratings as a result of these issues so far, but exchanges whose operational risk exceeds industry averages could see rating actions down the road. With competition heating up, the ability to ensure seamless operations could go a long way toward determining which exchanges will come out on top.
|Operational Issues At Global Exchanges Over The Past 18 Months|
|March 2012||BATS Global Markets||A system malfunction due to a software bug caused BATS to stop its own IPO.|
|May 2012||NASDAQ OMX||A technical malfunction in software and infrastructure delayed the Facebook IPO opening. The glitch resulted in more than $500 million in trading losses across major trading firms.|
|May 2012||Deutsche Boerse||Failure in the Xetra system caused a 1.5-hour trading outage affecting stocks and exchange-traded funds.|
|August 2012||Bolsas y Mercados Españoles||A communication server failure caused a four-hour outage. The shutdown affected two multilateral trading platforms that NYSE Euronext operates.|
|August 2012||NASDAQ OMX||The PHLX opening was delayed due to issues with floor-based systems.|
|August 2012||Tokyo Stock Exchange||An outage halted derivatives trading for 1.5 hours. An error occurred on the exchange’s Tdex+ system used for trading of options and futures.|
|August 2012||Indonesia Stock Exchange||Trading was delayed after almost a third of the members failed to connect to the exchange’s system.|
|October 2012||All major U.S. stock and option exchanges||Hurricane Sandy shut trading on all major exchanges for two days.|
|November 2012||NYSE Euronext||Matching engine outages halted trading in 216 symbols.|
|January 2013||NYSE Euronext||A trade and quote publishing outage caused duplicate trade reports.|
|January 2013||London Stock Exchange||Technical issues delayed the release of many company announcements by 90 minutes.|
|March 2013||NYSE Euronext||An outage caused routing issue for NASDAQ-listed symbols.|
|March 2013||NYSE Euronext||There were display device issues.|
|March 2013||NYSE Euronext||There were engine queuing issues.|
|March 2013||Osaka Securities Exchange||There was an Osaka Securities Exchange outage on NASDAQ OMX Group technology platform.|
|April 2013||Chicago Board Options Exchange||A software malfunction shut down trading for 3.5 hours.|
|April 2013||Singapore Exchange||A technical outage delayed dealing in derivatives contracts for up to three hours.|
|June 2013||NYSE Euronext||Trading started an hour late in Paris, Amsterdam, Brussels, and Lisbon due to technical problems.|
|July 2013||New Zealand Exchange||Trading was halted for two hours due to an unspecified connectivity issue.|
|August 2013||BATS Global Markets||An internal network issue caused a 50-minute outage on BZX.|
|August 2013||Deutsche Boerse||Eurex Exchange halted trading in derivatives for one hour due to an incorrect time sync with the system clock.|
|August 2013||Direct Edge||Trading and processing shut down for symbols SPYV and TNC, leading to trade cancellations.|
|August 2013||NASDAQ OMX||Due to a connectivity issue between an exchange participant and the UTP securities information processors (SIP), trading and quote data dissemination was suspended via the SIP and all trading in all NASDAQ-listed securities was halted marketwide.|
|August 2013||Tel Aviv Stock Exchange||A typo sent Israel Corp. stock plummeting 99.9% and caused a halt in trading.|
|Historical Market Share Of Major U.S. Exchanges|
|(NYSE Floor, Arca, MKT)||(Nasdaq, PSX, BX)||(BZX, BYX)||(EDGX, EDGA)|
|*As of July 2013. N/A--Not applicable. Source: Raymond James.|
Related Criteria And Research
- The Risk Profiles At Exchanges And Clearinghouses Are Rising, June 10, 2011
- Standard & Poor's Updated Methodology For Rating Exchanges And Clearinghouses, July 10, 2006
|Primary Credit Analyst:||Olga Roman, CFA, New York (1) 212-438-5803;|
|Secondary Contacts:||Charles D Rauch, New York (1) 212-438-7401;|
|Giles Edwards, London (44) 20-7176-7014;|
No content (including ratings, credit-related analyses and data, model, software or other application or output therefrom) or any part thereof (Content) may be modified, reverse engineered, reproduced or distributed in any form by any means, or stored in a database or retrieval system, without the prior written permission of S&P. The Content shall not be used for any unlawful or unauthorized purposes. S&P, its affiliates, and any third-party providers, as well as their directors, officers, shareholders, employees or agents (collectively S&P Parties) do not guarantee the accuracy, completeness, timeliness or availability of the Content. S&P Parties are not responsible for any errors or omissions, regardless of the cause, for the results obtained from the use of the Content, or for the security or maintenance of any data input by the user. The Content is provided on an “as is” basis. S&P PARTIES DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE, FREEDOM FROM BUGS, SOFTWARE ERRORS OR DEFECTS, THAT THE CONTENT’S FUNCTIONING WILL BE UNINTERRUPTED OR THAT THE CONTENT WILL OPERATE WITH ANY SOFTWARE OR HARDWARE CONFIGURATION. In no event shall S&P Parties be liable to any party for any direct, indirect, incidental, exemplary, compensatory, punitive, special or consequential damages, costs, expenses, legal fees, or losses (including, without limitation, lost income or lost profits and opportunity costs) in connection with any use of the Content even if advised of the possibility of such damages.
Credit-related analyses, including ratings, and statements in the Content are statements of opinion as of the date they are expressed and not statements of fact or recommendations to purchase, hold, or sell any securities or to make any investment decisions. S&P assumes no obligation to update the Content following publication in any form or format. The Content should not be relied on and is not a substitute for the skill, judgment and experience of the user, its management, employees, advisors and/or clients when making investment and other business decisions. S&P’s opinions and analyses do not address the suitability of any security. S&P does not act as a fiduciary or an investment advisor. While S&P has obtained information from sources it believes to be reliable, S&P does not perform an audit and undertakes no duty of due diligence or independent verification of any information it receives.
S&P keeps certain activities of its business units separate from each other in order to preserve the independence and objectivity of their respective activities. As a result, certain business units of S&P may have information that is not available to other S&P business units. S&P has established policies and procedures to maintain the confidentiality of certain non-public information received in connection with each analytical process.
S&P may receive compensation for its ratings and certain credit-related analyses, normally from issuers or underwriters of securities or from obligors. S&P reserves the right to disseminate its opinions and analyses. S&P's public ratings and analyses are made available on its Web sites, www.standardandpoors.com (free of charge), and www.ratingsdirect.com and www.globalcreditportal.com (subscription), and may be distributed through other means, including via S&P publications and third-party redistributors. Additional information about our ratings fees is available at www.standardandpoors.com/usratingsfees.
Any Passwords/user IDs issued by S&P to users are single user-dedicated and may ONLY be used by the individual to whom they have been assigned. No sharing of passwords/user IDs and no simultaneous access via the same password/user ID is permitted. To reprint, translate, or use the data or information other than as provided herein, contact Client Services, 55 Water Street, New York, NY 10041; (1) 212-438-7280 or by e-mail to: firstname.lastname@example.org.