Securities Law & Instruments

PDF Version

PDF Version



NOTICE OF NATIONAL INSTRUMENT 23-103 ELECTRONIC TRADING



I. INTRODUCTION

The Canadian Securities Administrators (CSA or we) have made National Instrument 23-103 Electronic Trading (Instrument) and Companion Policy 23-103 (Companion Policy). The Instrument and Companion Policy set out a regulatory framework to help ensure that marketplace participants and marketplaces manage the risks associated with electronic trading.

The Instrument has been adopted or is expected to be adopted by each member of the CSA. The final text of the Instrument and Companion Policy is being published concurrently with this Notice and can also be obtained on the websites of various CSA members.

Jurisdictions that are a party to Multilateral Instrument 11-102 Passport System (currently all jurisdictions except Ontario) are also publishing amendments to that instrument that permit the use of the passport system for aspects of the Instrument. The amendments were published for comment on August 19, 2011. No comments were received. These related amendments are contained in Appendix B to this Notice.

Subject to all ministerial approval requirements, the Instrument will come into force on March 1, 2013 in all CSA jurisdictions. The Companion Policy will come into force at the same time. Additional information regarding the implementation or adoption of the Instrument in each province or territory is included at Appendix A to this Notice.

CSA staff have worked closely with staff of the Investment Industry Regulatory Organization of Canada (IIROC) on the development of the Instrument and Companion Policy. IIROC staff have shared their knowledge and expertise regarding many of the issues raised by electronic trading and we thank them for their valuable contribution. IIROC is publishing today proposed amendments to the Universal Market Integrity Rules that reflect and support various provisions of the Instrument for comment. Further information may be found at www.iiroc.ca.

II. BACKGROUND

On April 8, 2011, the CSA published proposed National Instrument 23-103 and its related companion policy (2011 Proposal). The CSA invited public comment on all aspects of the 2011 Proposal. Twenty nine comment letters were received. We have considered the comments received and thank all commenters for their submissions. A list of those who submitted comments, as well as a summary of comments and our responses to them are attached at Appendix C to this Notice. Copies of the comment letters are posted at www.osc.gov.on.ca.

The Instrument was developed to address certain risks of electronic trading and builds on the obligations outlined in National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103). Section 11.1 of NI 31-103 requires a registered firm to manage the risks associated with its business in accordance with prudent business practices.

The Instrument addresses the risks of electronic trading by providing specific requirements for controls, policies and procedures relating to electronic trading. Electronic trading risks arise from greater speed and automation in the Canadian market. This increases the potential impact of a trading error or a rapid series of errors, caused by a computer or human fault. The Instrument and Companion Policy provide a regulatory framework that will help ensure that marketplace participants and marketplaces are appropriately managing the risks associated with widespread electronic trading.

The Instrument is designed to address a number of risks related to electronic trading including credit risk, market integrity risk, technology or systems risk and regulatory arbitrage risk. For a detailed discussion of these risks, please see the notice that accompanied the 2011 Proposal.

Requirements Pertaining to Direct Electronic Access

The 2011 Proposal included requirements regarding the provision of direct electronic access (DEA), however the Instrument does not include these requirements. In considering the DEA provisions, we determined that similar forms of marketplace access, such as an order execution service account or dealer-to-dealer routing raise risks similar to those of DEA and therefore should be subject to similar requirements. As a result, the CSA and IIROC are developing a package of proposed rules that would help ensure that similar forms of marketplace access are treated similarly. We expect to publish this revised proposal for comment in the coming months.

III. PURPOSE AND SUBSTANCE OF INSTRUMENT AND COMPANION POLICY

A. Key Aspects of the Instrument

The Instrument sets out requirements that apply to:

1. marketplace participants,

2. the use of automated order systems, and

3. marketplaces.

The Instrument applies to the trading of all securities on alternative trading systems and recognized exchanges (together, "marketplaces"). We note that the definition of a "security" varies among the CSA jurisdictions. In some jurisdictions, such as Ontario, the Instrument does not apply to commodity futures contracts, but in others, such as Québec, the Instrument would apply to standardized derivatives.

1. Requirements Applicable to Marketplace Participants

The Instrument imposes requirements on marketplace participants that electronically send orders to marketplaces. The purpose of these requirements is to ensure that marketplace participants have policies, procedures and controls reasonably designed to manage the risks associated with electronic trading. We are of the view that these controls are essential in maintaining the integrity of marketplace participants, marketplaces and the Canadian capital market as a whole.

(i) Marketplace Participant Controls, Policies and Procedures

In our view, the risks associated with electronic trading arise when the marketplace participant enters orders electronically for its own trading, acts as an agent handling orders for its clients or when it authorizes clients to access a marketplace using its marketplace participant identifier. Therefore, the Instrument requires that each marketplace participant establish, maintain and ensure compliance with risk management and supervisory controls that are reasonably designed to manage the financial, regulatory and other risks associated with marketplace access.{1}

To assist in early detection of erroneous or non-compliant trades, these risk management and supervisory controls, policies and procedures must be reasonably designed to ensure all orders are monitored and include both automated pre-trade controls and regular post-trade monitoring{2} that systematically limit financial exposure and ensure compliance with applicable marketplace and regulatory requirements.{3}

In addition, the Instrument requires a marketplace participant to have specific controls that are reasonably designed to:

• limit the entry of orders to securities that the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, is authorized to trade,

• restrict access to trading to persons authorized to do so,

• ensure that compliance staff of the marketplace participant receive immediate order and trade information,

• enable the marketplace participant to immediately stop or cancel any orders entered by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant,

• enable the marketplace participant to immediately suspend or terminate any access to a marketplace,and

• ensure that the entry of orders does not interfere with fair and orderly markets.{4}

These are minimum requirements. A marketplace participant may want to implement risk management and supervisory controls, policies and procedures that surpass those specifically described in the Instrument, depending on its business model and risk tolerance.

While the above controls are required under the Instrument, we have not mandated specified parameters for these controls. As indicated, the details of the risk management and supervisory controls, policies and procedures may vary from marketplace participant to marketplace participant depending on its business model. For example, a marketplace participant that only handles order flow from retail clients will likely need to develop different risk management controls and supervisory procedures and parameters for those controls than a marketplace participant that mostly receives order flow from sophisticated high frequency traders.

The Instrument also requires that compliance staff of the marketplace participant receive all order and trade information sent by the marketplace participant, and if applicable its clients with marketplace access provided by the marketplace participant, to a marketplace.{5} This will help ensure that the marketplace participant is able to appropriately monitor for any erroneous or non-compliant trading. We expect that participant dealers will establish appropriate safeguards to keep their client trading information confidential and available only to appropriate personnel for regulatory compliance purposes when complying with this provision.

To meet these requirements, both marketplace participants and regulators need clarity about what types of controls, policies and procedures are to be in effect and maintained by the marketplace participant. To achieve this, the Instrument requires that the mandated policies and procedures be in written form and that a marketplace participant maintain a written description of its risk management and supervisory controls.{6}

(ii) Control over Setting and Adjustment of Risk Management and Supervisory Controls

Since the immediate risks arising from all orders, including regulatory compliance obligations, fall on the marketplace participant, we think that it is inappropriate for the marketplace participant to rely on a client or other third party to set and adjust its risk control parameters. Our view is that the risks presented by electronic trading to the marketplace participant and the market as a whole are significant enough that the marketplace participant must set and adjust these critical risk management and supervisory controls to help ensure that it can manage these risks as needed in an effective manner. The Instrument therefore requires that marketplace participants directly and exclusively set and adjust their risk management and supervisory controls, policies and procedures subject to certain limited exceptions.{7}

(iii) Independence of Third Party Providing Risk Management and Supervisory Controls

While marketplace participants may develop their own risk management technology and software, they also have the option to use technology and software developed by third parties, including marketplaces. However, we are of the view that third party risk management and supervisory controls, policies and procedures should only be used if the third party is independent from a marketplace participant's clients or the clients' affiliates. Such independence would assist the marketplace participant in tailoring the controls to meet its specific needs and in ensuring the sufficiency of these controls.

Therefore the Instrument requires that a third party that provides risk management and supervisory controls, policies or procedures to a marketplace participant must be independent from each client of that marketplace participant.{8} The independent third party could be another marketplace participant, an exchange or alternative trading system, a service vendor, or other entity that is not an affiliate, and is otherwise independent, of the client. One exception provided for in the Instrument is that an entity affiliated with a marketplace participant that is also a client of the marketplace participant may provide supervisory and risk management controls to the marketplace participant. However, the marketplace participant is still required to directly and exclusively set and adjust the parameters of the supervisory and risk management controls, policies and procedures.

(iv) Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures

We recognize that there are circumstances, such as introducing and carrying arrangements or jitney arrangements that involve multiple dealers, where there may be certain controls that are better administered by the introducing dealer. This is because the introducing dealer has first hand knowledge of the client and is responsible for suitability and other "know your client" obligations.{9} Therefore, while the Instrument requires marketplace participants to directly and exclusively set and adjust its risk management controls, policies and procedures, the Instrument permits a participant dealer to authorize another investment dealer that is directing trading to the participant dealer to set or adjust a control, policy or procedure on the participant dealer's behalf.{10} However, the participant dealer must still have controls in place to manage the order flow it receives from the investment dealer.

2. Requirements Applicable to Use of Automated Order Systems

An automated order system is defined in the Instrument as "a system used to automatically generate or electronically transmit orders on a pre-determined basis".{11} This definition is intended to capture both the hardware and software used to generate or transmit orders on a pre-determined basis and includes smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed by clients or service vendors.

Such systems can be used to transmit many orders in a very short period of time and if something goes wrong, the market can be negatively impacted very quickly. Due to these risks and because a marketplace participant is responsible for the use of an automated order system that sends orders using its marketplace participant identifier, regardless of its origins, the Instrument requires marketplace participants to take all reasonable steps to ensure that the use of these automated order systems, by itself or any client, does not interfere with fair and orderly markets.{12}

As part of a marketplace participant taking all reasonable steps to ensure that the use of automated order systems does not interfere with fair and orderly markets, the Instrument requires a marketplace participant to have a general understanding of any automated order system used by itself or any client, and to ensure that each automated order system is tested before its initial use and at least annually thereafter.{13} We understand that much of the detailed information about a client's automated order systems may be considered confidential and proprietary. However, this requirement is designed to ensure that the marketplace participant has a sufficient level of knowledge and understanding to identify and manage its risks.{14} We expect these provisions will help to support the fair and orderly functioning of our markets upon the deployment of a smart order router, trading algorithm or any other aspect of an automated order system.

Despite the above requirements, we recognize that it may still be possible for an automated order system to function improperly. In order to address such situations, the Instrument requires a marketplace participant to have controls in place, such as a "kill switch", to disable the automated order system and to be able to immediately prevent orders generated from such a system from reaching a marketplace.{15} We think this provision is essential in mitigating the risk that automated order systems pose to the functioning of our markets.

3. Requirements Applicable to Marketplaces

While the Instrument places obligations on marketplace participants, we think that marketplaces also have an important role to play in managing the risks associated with electronic trading. We note that the marketplace requirements imposed by the Instrument are supplementary to the ones already placed on marketplaces by National Instrument 21-101 Marketplace Operation.

The Instrument imposes requirements on marketplaces for: (i) availability of order and trade information, (ii) marketplace controls relating to electronic trading, (iii) marketplace thresholds, and (iv) erroneous trades.

(i) Availability of Order and Trade Information

The Instrument obliges a marketplace to provide its participants with access to their order and trade information, including execution reports, on an immediate basis and on reasonable terms. We expect this information to be an important tool to help marketplace participants implement and monitor the effectiveness of their risk management and supervisory controls. Consequently it is important that no marketplace rule, fee or practice creates an unreasonable barrier to accessing this information. Regarding providing order and trade information on an immediate basis, we would consider the provision of drop copies, which is very close to providing immediate order and trade information, to be acceptable.{16}

(ii) Marketplace Controls Relating to Electronic Trading

Requirements related to marketplace controls were included to help ensure marketplaces have the necessary risk management and supervisory controls, policies and procedures to address the risks that arise from the electronic trading that occurs on their platforms.

The Instrument requires marketplaces to:

• have the ability and authority to terminate all or a portion of a marketplace participant's access,

• regularly assess and document whether it requires any risk management and supervisory controls, policies and procedures relating to electronic trading,

• ensure timely implementation of those risk management and supervisory controls, policies and procedures,

• regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures, and

• document and promptly remedy any deficiencies in the adequacy or effectiveness of the controls, policies and procedures implemented.{17}

These are minimum requirements and we note that a marketplace may implement additional controls, policies and procedures that it considers necessary to appropriately address the electronic trading risks that arise on its market.

(iii) Marketplace Thresholds

This requirement is part of the follow-up to the events of the May 6, 2010 "flash crash". Under this provision, marketplaces are required to prevent the execution of orders beyond certain thresholds. These thresholds may be determined by a regulation services provider or by a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) of NI 23-101.{18} There are a variety of methods that may be used to prevent the execution of these orders and IIROC is currently conducting public consultations as to how to best implement this requirement and work with applicable marketplaces, where necessary, in determining the mandated thresholds.

We view these thresholds as important tools in maintaining a fair and orderly market as they could mitigate the type of volatility experienced during the May 6, 2010 "flash crash". This requirement is intended to complement both IIROC's Single Stock Circuit Breaker policy and its proposal for Market-wide Circuit Breakers and we are of the view that a regulation services provider, where applicable, is in the best position to set these types of thresholds.

(iv) Clearly Erroneous Trades

While the controls required by the Instrument should prevent many erroneous trades from occurring, the Instrument also imposes obligations on marketplaces to have the capacity to cancel, vary or correct any trade that is deemed to be erroneous.{19} The Instrument sets out the following circumstances under which a marketplace, when it has retained a regulation services provider, may cancel, vary or correct a trade:

• when instructed to do so by its regulation services provider,

• if the cancellation, correction or variation is requested by a party to the trade, consent is provided by both parties to the trade and the regulation services provider is notified, or

• if the cancellation, correction or variation is necessary to correct a systems issue or error caused by an individual acting on behalf of the marketplace in executing the trade, and permission to cancel, vary or correct the trade has been obtained from the regulation services provider.{20}

The Instrument also requires publicly transparent marketplace policies and procedures for the cancellation, variation or correction of trades.{21} We anticipate that this will help the market as a whole to understand when trades executed on a marketplace may be cancelled or changed by that marketplace.

B. Summary of Changes to 2011 Proposal

After considering the comments received, we have made some non-material revisions to the documents that were published for comment. These revisions are reflected in the final Instrument and Companion Policy we are publishing concurrently with this Notice.

(i) Scope of Rule

Some commenters asked for clarity as to the applicability of the 2011 Proposal, specifically whether the 2011 Proposal applies only to equities or to other asset classes as well. We have clarified that the Instrument applies to the trading of all securities on marketplaces.{22} We note however, that the definition of "security" varies among CSA jurisdictions. For example, a standardized derivative is defined to be a "security" in Québec, while in many other CSA jurisdictions it is not.

(ii) Role of Clearing Brokers

Some commenters suggested that the focus of the 2011 Proposal on the executing broker should be changed to include the clearing broker who ultimately bears the credit risk of a trade.

In response to this comment, we have added further guidance to the Companion Policy regarding the role of the clearing broker and the risks of electronic trading.{23} Specifically, we note that a key focus of the Instrument is the gatekeeping function of the executing broker and the risks associated with entering orders onto a marketplace. We agree that a clearing broker also bears financial and regulatory risks associated with providing clearing services and point out that under NI 31-103 a dealer is required to manage the risks associated with its business in accordance with prudent business practices. As part of this NI 31-103 obligation, we expect a clearing broker to have effective systems and controls to properly manage its risks.

(iii) Definition of Automated Order System

One commenter requested clarification if smart order routers are included under the definition of "automated order system". We have clarified in the Companion Policy that automated order systems include both hardware and software used to generate or electronically transmit orders on a pre-determined basis and would include technology such as smart order routers.{24}

(iv) Automated Pre-trade Controls

Automated pre-trade controls prevent an order or series of orders from interfering with the fair and orderly functioning of the market. We have provided further guidance in the Companion Policy that automated pre-trade controls include an examination of the order before entry on a marketplace and the monitoring of entered orders, whether executed or not.{25}

(v) Pre-determined Credit and Capital Thresholds

Some commenters requested clarification regarding what is meant by pre-set credit and capital thresholds. We have therefore clarified in the Companion Policy that a marketplace participant can establish pre-set credit thresholds through the setting of lending limits to a client and establish pre-set capital thresholds by setting limits on the financial exposure that can be created by orders entered on a marketplace under its marketplace participant identifier.{26}

(vi) Design of Controls, Policies and Procedures

A few commenters expressed the view that the standard for risk management and supervisory controls, policies and procedures in subsection 3(3) of the Instrument was unreasonably high since it required a marketplace participant to "ensure" that certain actions will or will not occur. In response, we have adopted a standard to require that the risk management and supervisory controls, policies and procedures be reasonably designed to meet the various requirements instead of maintaining the stricter "ensure" standard.{27}

(vii) Real-Time Monitoring of Orders

Real-time monitoring of orders can assist in identifying, preventing or cancelling an order or a series of orders that may interfere with the fair and orderly functioning of a marketplace.

We have clarified in the Companion Policy that, while the Instrument does not mandate compliance monitoring in real-time, there are instances when automated, real-time monitoring should be considered, such as when an automated order system is used to generate orders. We have also clarified that is it up to the marketplace participant to determine, based on the risk of its order flow, the appropriate timing for compliance monitoring.{28}

(viii) Direct and Exclusive Control of Risk Management Controls

Some commenters requested further clarification as to what constitutes the direct and exclusive control of risk management and supervisory controls. We have therefore amended the requirement in the Instrument{29} and clarified in the Companion Policy{30} that it is the setting and adjusting of the risk management and supervisory controls, policies and procedures that must be directly and exclusively controlled by the marketplace participant.

Other commenters indicated that the 2011 Proposal was more restrictive than the SEC's Rule 15c3-5 because the SEC's requirements would allow for an affiliated broker-dealer of a direct access client to provide risk management controls to a broker-dealer with market access. We agree that this provision would not dilute the effectiveness of only allowing entities independent from clients to provide marketplace participants with risk management and supervisory controls. We have revised the Instrument to state that an entity directly affiliated with a participant dealer that is also a client of the participant dealer may provide supervisory and risk management controls to the participant dealer.{31} We note, however, that the participant dealer must still directly and exclusively set and adjust the supervisory and risk management controls regardless of the source of the controls. The prohibition of any person or company to set or adjust the parameters of the controls, policies and procedures, other than the marketplace participant, would also apply in this instance.

(ix) Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures

One of the provisions a participant dealer would need to fulfill before authorizing an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure is that the participant dealer must provide the investment dealer with the immediate order and trade information of a client. We use the term "ultimate client" to better capture the fact that the investment dealer must receive order and trade information of the client for which it is has been authorized to set or adjust a specific control, policy or procedure on behalf of the participant dealer.{32}

(x) Use of Automated Order Systems

The 2011 Proposal proposed an obligation on marketplace participants and any client of the marketplace participant to ensure that their use of automated order systems did not interfere with fair and orderly markets. To address comments indicating that this was too strict a standard, the Instrument now requires a marketplace participant to take all reasonable steps to ensure that the use of automated order systems by itself or any client does not interfere with fair and orderly markets.{33} We made a similar change to the obligation on the client. The Instrument requires a client of a marketplace participant to take all reasonable steps to ensure its use of automated order systems does not interfere with fair and orderly markets.{34}

The 2011 Proposal also provided guidance in the Companion Policy that it is expected that an automated order system would be tested before its initial use and after any significant change is made. The Instrument now states that automated order systems must be tested in accordance with prudent business practices both before their initial use and at least annually thereafter to further ensure that the risks of using automated order systems are appropriately addressed.{35}

(xi) Termination of Marketplace Access

The 2011 Proposal proposed to require that a marketplace have the ability and authority to terminate all or a portion of the access provided to a marketplace participant or its clients. We have clarified that a marketplace need only have the ability and authority to terminate all or a portion of the access provided to a marketplace participant since this general requirement would also cover access granted by the marketplace participant to its clients.{36}

(xii) Clearly Erroneous Trades

The Instrument sets out circumstances under which a marketplace may cancel, vary or correct a trade executed on its platform.{37} One such circumstance is where the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace's systems or equipment in executing the trade and permission to cancel, vary or correct the error has been obtained from its regulation services provider, if applicable. We have also included that an error caused by an individual acting on behalf of the marketplace may also be cancelled, varied or corrected by the marketplace after permission has been obtained by its regulation services provider, if applicable.

C. Implementation of Instrument

From speaking to certain marketplace participants, we note that in some cases the Instrument may be substantially satisfied through existing risk management controls and supervisory procedures that have already been implemented. We also understand that other marketplace participants will need more time in order to be ready to comply with the Instrument.

We have determined to delay implementation of the Instrument until March 1, 2013. We expect that this will provide marketplace participants and marketplaces enough time to comply with the requirements of the Instrument.

During this period, if a marketplace participant or marketplace has a question, we encourage them to contact any of the staff listed below. We will gather the questions posed, and if needed, will create a Frequently Asked Questions document.

VI. QUESTIONS

The Instrument and the Companion Policy are available on certain websites of CSA members, including:

www.lautorite.qc.ca
www.albertasecurities.ca
www.bcsc.ca
www.osc.gov.on.ca

Please refer your questions to any of the following:

Sonali GuptaBhaya
Barbara Fydell
Ontario Securities Commission
Ontario Securities Commission
416-593-2331
416-593-8253
sguptabhaya@osc.gov.on.ca
bfydell@osc.gov.on.ca
 
Tracey Stern
Paul Romain
Ontario Securities Commission
Ontario Securities Commission
416-593-8167
416-204-8991
tstern@osc.gov.on.ca
promain@osc.gov.on.ca
 
Serge Boisvert
élaine Lanouette
Autorité des marchés financiers
Autorité des marchés financiers
514-395-0337 ext. 4358
514-395-0337 ext. 4356
serge.boisvert@lautorite.qc.ca
elaine.lanouette@lautorite.qc.ca
 
Meg Tassie
Shane Altbaum
British Columbia Securities Commission
Alberta Securities Commission
604-899-6819
403-355-4475
mtassie@bcsc.bc.ca
shane.altbaum@asc.ca
 
Roy Dias
Alberta Securities Commission
413-297-4221
roy.dias@asc.ca

June 28, 2012.

{1} Paragraph 3(1)(a) of NI 23-103.

{2} Subsection 3(2) of NI 23-103.

{3} Subsection 3(3) of NI 23-103.

{4} Subsection 3(3) of NI 23-103.

{5} Subparagraph 3(3)(b)(iv) of NI 23-103.

{6} Paragraph 3(1)(b) of NI 23-103.

{7} Subsection 3(5) of NI 23-103.

{8} Subsection 3(4) of NI 23-103.

{9} Section 4 of 23-103CP.

{10} Section 4 of NI 23-103.

{11} Section 1 of NI 23-103.

{12} Subsection 5(1) of NI 23-103.

{13} Subsection 5(3) of NI 23-103.

{14} Part 3 of 23-103CP.

{15} Paragraph 5(3)(c) of NI 23-103.

{16} Subsection 6(2) of 23-103CP.

{17} Section 7 of NI 23-103.

{18} Subsection 8(1) of NI 23-103.

{19} Subsection 9(1) of NI 23-103.

{20} Subsection 9(2) of NI 23-103.

{21} Subsection 9(3) of NI 23-103.

{22} Subsection 1.1(2) of 23-103CP.

{23} Subsection 1.1(1) of 23-103CP.

{24} Section 1 of NI 23-103; Subsection 1.2(1) of 23-103CP.

{25} Subsection 3(4) of 23-103CP.

{26} Subsection 3(5) of 23-103CP.

{27} Subsection 3(3) of NI 23-103.

{28} Subsection 3(7) of 23-103CP.

{29} Subsection 3(5) of NI 23-103.

{30} Subsection 3(8) of 23-103CP.

{31} Subsection 3(4) of NI 23-103.

{32} Subsection 4(e) of NI 23-103.

{33} Subsection 5(1) of NI 23-103.

{34} Subsection 5(2) of NI 23-103.

{35} Paragraph 5(3)(b) of NI 23-103.

{36} Subsection 7(1) of NI 23-103.

{37} Section 9 of NI 23-103.

 

APPENDIX A

IMPLEMENTATION OR ADOPTION OF THE INSTRUMENT

The Instrument will be implemented as:

• a rule in each of Alberta, British Columbia, Manitoba, Newfoundland and Labrador, Nova Scotia, New Brunswick, Ontario, the Northwest Territories, the Yukon Territory, Nunavut and Prince Edward Island;

• a regulation in Québec; and

• a commission regulation in Saskatchewan.

The Companion Policy will be adopted as a policy in each of the jurisdictions represented by the CSA.

In Ontario, the Instrument and other required materials were delivered to the Minister of Finance on June 28, 2012. The Minister may approve or reject the Instrument or return it for further consideration. If the Minister approves the Instrument (or does not take any further action), the Instrument will come into force on March 1, 2013.

In Québec, the Instrument is a regulation made under section 331.1 of The Securities Act (Québec) and must be approved, with or without amendment, by the Minister of Finance. The Instrument will come into force on the date of its publication in the Gazette officielle du Québec or on any later date specified in the regulation. It is also published in the Bulletin of the Autorité des marchés financiers.

In British Columbia, the implementation of the Instrument is subject to ministerial approval. Provided all necessary approvals are obtained, British Columbia expects the Instrument to come into force on March 1, 2013.

 

APPENDIX B

PASSPORT SYSTEM AMENDMENTS

Amending Instrument for

Multilateral Instrument 11-102 Passport System

1. Multilateral Instrument 11-102 Passport System is amended by this Instrument.

2. Appendix D is amended by adding the following row immediately below the row that contains"Use of client brokerage commissions" in the Provision column:

Electronic trading

NI 23-103

 

(only sections 3(1), 3(2), 3(3)(a) to 3(3)(d), 3(4) to 3(7), 4, and 5(3))

3. The provisions of this Instrument come into force on March 1, 2013.

 

APPENDIX C

COMMENT SUMMARY AND CSA RESPONSES

ICE Futures Canada, Inc.

TriAct

IRESS

CanDeal

Flextrade Systems Inc.

Ross McKee

CIBC

PMAC

CNSX Markets Inc.

TMX Group

Akimbo Capital LP

Optima Capital Canada

ExpoWorld Ltd.

Heaps Capital Ltd.

EMDA

Chi-X ATS

Newedge Canada Inc.

Mark DesLauriers

TD Securities

LiquidNet Canada Inc.

GETCO

Jitneytrade Inc.

Softek

SIFMA

Simon Romano & Terrence Doherty

Alpha ATS

IIAC

Penson Financial Services Canada

Scotia Capital

 

Please note that a summary of comments relating to proposed requirements relating to direct electronic access included in the 2011 Proposal will be published in the coming months with a revised proposal relating to direct electronic access and other similar forms of marketplace access.

Text of Proposed Provisions

Summary of Comments

CSA Response to Comments and Additional CSA Commentary

 

General

Support for Proposed NI 23-103 Electronic Trading and Direct Electronic Access to Marketplaces (Proposed Instrument)

 

 

 

Many commenters expressed general support for the proposal.

 

 

 

Scope of Proposed Rule

 

 

 

A number of commenters asked for clarity as to the scope of the Proposed Instrument.

The Instrument applies to the trading of securities on all marketplaces, which would also include the trading of fixed income securities. With respect to the trading of commodities and the futures market, we have clarified in the Companion Policy that the definition of "security" varies among the CSA jurisdictions including with regard to derivatives. For example, the term "security" includes a standardized derivative in Québec and the Instrument would apply to the trading of that product in Quebec.

 

 

One commenter wanted to know whether the Proposed Instrument applies only to equities or to other asset classes as well. Other commenters asked specifically if the requirements of the Proposed Instrument applied to:

 

 

 

 

the trading of fixed income securities;

 

 

 

 

the trading of commodities;

 

 

 

 

the futures market.

 

 

1. Definitions

Definition of "automated order system"

 

 

 

One commenter requested clarification if smart order routers are included under this definition.

The Companion Policy clarifies that the definition of "automated order system" includes both hardware and software used to send orders on a pre-determined basis, which would include smart order routers.

 

 

Definition of "Credit Risk" and "Capital Risk"

 

 

 

One commenter requested a definition of credit and capital risk as used in 3(3)(a)(i).

The Companion Policy explains that capital risk refers to the financial exposure created by orders entered and pre-set credit thresholds refer to lending limits.

 

 

Use of term "Electronic Trading"

 

 

 

One commenter pointed out that some of the references to "electronic trading" may extend the scope of the Proposed Instrument beyond what is intended since today all trading is electronic to some degree. This commenter was of the view that if the Proposed Instrument intends to cover all trading, the extension of requirements to all "electronic trading" may introduce additional and potentially conflicting regulatory requirements.

We are not aware of how the scope of the Instrument may be extended with the use of the term "electronic trading". The Instrument is intended to cover any trading that occurs as a result of orders being electronically submitted to a marketplace by a marketplace participant or by a client to which a participant dealer provides marketplace access.

 

 

Definition of "portfolio manager"

 

 

 

Some commenters requested clarification as to what is meant by "portfolio manager" and specifically whether this definition is intended to correspond with the existing registration requirements as set out in NI 31-103.

Section 2 of the Instrument states that a term defined in National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103), such as "portfolio manager", is to have the respective meaning ascribed to it in NI 31-103.

 

 

Other definitions

 

 

 

One commenter requested a definition of "eligible registrant".

We do not think that adding this definition would improve the Instrument.

 

3. Risk Management and Supervisory Controls, Policies and Procedures

General

 

 

 

A couple of commenters suggested that pre-trade risk management controls should be placed at the marketplace level. It was also argued that a uniform adoption of pre-trade risk controls across marketplaces would decrease costs to participant dealers. Other commenters supported pre- and post-trade controls.

The CSA are of the view that a marketplace participant should bear primary responsibility for ensuring that the risks of its business are reasonably and effectively controlled and monitored. However, we also think that marketplaces also have some responsibility to manage risks to the market and therefore the Instrument requires marketplaces to assess whether they need to implement any controls, policies and procedures to appropriately address the risks arising from the type of electronic trading that takes place on its platform.

 

 

Another commenter suggested that marketplaces should have the ability to provide the supervisory and risk management controls, policies and procedures.

We have clarified in the Companion Policy that third parties, including marketplaces, can provide supervisory and risk management controls, policies and procedures as long as the marketplace participant directly and exclusively controls the setting and adjusting of these controls. In addition, no person or company, subject to limited exceptions, may set and adjust these controls other than the marketplace participant.

 

 

A commenter noted, based on its U.S. experience, that pre-trade risk management systems are expensive to acquire and maintain and the costs would be difficult for smaller participant dealers to absorb. Another commenter advocated minimizing required pre-trade controls due to cost, complexity and latency without an equivalent risk reduction and asked the CSA to clarify which controls are required pre-trade.

We note that the Instrument provides flexibility, enabling third party providers, including marketplaces, to offer pre-trade controls. We think that pre-trade controls are critical to addressing the risks of electronic trading.

 

 

One commenter, while in favour of the focus on controls, policies and procedures, was of the view that these requirements would be more appropriately set out as guidance.

We are of the view that the requirements pertaining to controls, policies and procedures are the minimum that are expected for a marketplace participant to properly manage its risks. We do not think that it is appropriate to set this framework in guidance.

 

 

Some commenters also suggested that the focus of the Proposed Instrument on the executing broker should be changed to include the monitoring of intraday credit calculations and the clearing broker who ultimately bears the credit risk.

The Companion Policy clarifies that the Instrument is meant to address the risks associated with electronic trading on a marketplace and that a key focus of the Instrument is on the gate keeping function of the executing broker. We note that a clearing broker also bears financial and regulatory risks associated with providing clearing services and that this broker must manage the risks associated with its business in accordance with prudent business practices under NI 31-103.

 

 

Another commenter suggested that some clients will need to choose between registering as dealers or accepting additional filters on their flow which will increase latency to their trading and that if these clients register as dealers, they would only be held to the minimum standards of IIROC oversight and would no longer be backed by the capital of large financial institutions which would increase the damage done to our markets in the event of a system failure.

We agree that it is up to each client to determine if registering as an investment dealer suits its business model better than maintaining its current status under the requirements of the Instrument. We note that registration and IIROC membership requirements would attach to clients that become investment dealers.

 

 

Another commenter wanted clarity as to whether the executing dealer or the clearing dealer would be responsible for pre-trade risk controls, post-trade monitoring and capital and credit limit assignment.

The Instrument contemplates that it is the executing dealer that is responsible for pre-trade risk controls and post-trade monitoring and capital and credit limit assignment.

 

 

"Ensure" standard

We have revised the Instrument in certain instances to require a marketplace participant to have controls reasonably designed to ensure certain actions will or will not occur.

 

 

Some commenters cited concern with the wording of several provisions of this section that require that a marketplace participant "ensure" certain actions will or will not occur and certain commenters suggested that it is more appropriate that the proposed policies and procedures be designed to "reasonably ensure" that regulatory requirements will be met.

 

 

(1) A marketplace participant must:

 

 

 

 

(a)

establish, maintain and ensure compliance with appropriate risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access or providing clients with direct electronic access;

3(1)(a)

 

 

 

Further clarification was requested from certain commenters on the types of dealer trading checks and thresholds that is envisioned including:

Subsection 3(3) sets out the minimum requirements for the risk management and supervisory controls, policies and procedures required in subsection 3(1). Marketplace participants are provided with flexibility in determining how to meet these minimum requirements.

 

 

 

the expectation on strategy-based capital adequacy; and

 

 

 

 

whether a per-order check is the minimum standard requested.

 

 

 

(b)

record the policies and procedures required by paragraph (a) and maintain a description of its risk management and supervisory controls in written form.

Several commenters advocated different requirements for a marketplace participant and for a client to which a participant dealer provides access to a marketplace.

We think that the risks of electronic trading apply in both circumstances and therefore have imposed common requirements.

 

 

As well, one commenter suggested that the CSA set a minimum standard for capital and capabilities.

We are of the view that a one-size-fits-all approach with respect to standards for capital and capabilities would not best serve our markets. We think that principles based standards provide a marketplace participant with greater flexibility in setting limits that are appropriate to its business model and risk tolerance. This approach is also in line with current global standards.

 

 

One commenter also recommended that any pre-trade credit and capital risk controls be applied to the specific client relationship and not be aggregated across business lines, asset classes and executing dealers as this would be impractical and cost prohibitive. Another commenter states that it is not feasible or effective to apply real-time capital or credit limits to all market access at a participant dealer and that such cross-trading system controls would be expensive. Another commenter asked for guidance about the calculation of credit and capital limits across asset classes.

We note that a participant dealer should be aware of its total exposure that is created by trading, particularly when a client's trading includes accessing a marketplace directly. Therefore, it is necessary for the pre-trade credit and capital risk controls to systematically limit a marketplace participant's financial exposure, for example across business lines and asset classes. We note that this is also required by the SEC's Rule 15c3-5 Risk Management Controls for Brokers or Dealers with Market Access and that guidance regarding the setting of credit and capital limits is provided in the Companion Policy.

 

(2) The risk management and supervisory controls, policies and procedures required in subsection (1) must be designed to ensure all orders are monitored and include

One commenter pointed out that trades arising from delivery against payment or receipt-against-payment are reviewed post trade and do not lend themselves to pre-trade credit reviews. This commenter also noted that the systems in place now at many marketplace participants for credit risk management of retail order flow are not in place for institutional DAP/RAP flow and this has caused the Securities and Exchange Commission (SEC) to delay implementation of this requirement in the United States.

We expect that the implementation period provided for marketplace participants to meet the requirements of the Instrument is adequate. We continue to be of the view that pre-trade checks for all marketplace participants are important tools in addressing the risks of electronic trading.

 

 

(a)

automated pre-trade controls; and

3(2)(a)

 

 

 

One commenter wanted further clarification as to what is meant by "automated" and questioned whether it is meant that each order is checked before it reaches the marketplace.

"Automated" means that the function is not conducted manually. Due to the high speed and volume at which orders are entered, it is expected that pre-trade controls must be automated if these checks are to be done effectively and efficiently.

 

 

(b)

regular post-trade monitoring.

3(2)(b)

 

 

 

One commenter wanted further clarification as to what is meant by "regular" post-trade monitoring and questioned whether it is an end of day or next day check to ensure the client is within the set credit limit.

It is expected that the regularity of post trade monitoring will be conducted commensurate with the marketplace participant's determination of the risks posed to its operations by the order flow it is handling.

 

(3) The risk management and supervisory controls, policies and procedures required in subsection (1) must

 

At a minimum, an end of day check would be expected.

 

 

(a)

systematically limit the financial exposure of the marketplace participant, including:

 

 

 

 

 

(i)

preventing the entry of one or more orders that would result in exceeding appropriate pre-determined credit or capital thresholds for the marketplace participant and, if applicable, its DEA client;

 

 

 

 

 

(ii)

preventing the entry of one or more orders that exceed appropriate price or size parameters;

 

 

 

 

(b)

ensure compliance with applicable marketplace and regulatory requirements, including:

 

 

 

 

 

(i)

preventing the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-order entry basis;

3(3)(b)(i)

 

 

 

One commenter expressed concern regarding the requirement to comply with all marketplace requirements that must be satisfied on a pre-order basis and wanted to know what safety checks will be in place to ensure pre-order entry requirements imposed by marketplaces will be reasonable.

All marketplace requirements and amendments thereto are submitted to the marketplace's securities regulators for review.

 

 

 

(ii)

limiting the entry of orders to securities that a marketplace participant or, if applicable, its DEA client, is authorized to trade;

 

 

 

 

 

(iii)

restricting access to trading on a marketplace to persons authorized by the marketplace participant;

 

 

 

 

 

(iv)

ensuring that the compliance staff of the marketplace participant receives immediate order and trade information, including, without limitation, execution reports, resulting from orders sent by the marketplace participant or, if applicable, its DEA client, to a marketplace;

3(3)(b)(iv)

 

 

 

Two commenters suggested that the proposed obligation to ensure that compliance staff of the marketplace participant receive immediate order and trade information is unduly burdensome and that the CSA should consider requiring that such information be made available to compliance staff as needed or upon request.

We are of the understanding that the provision of drop copies, which are near real-time, is not unduly burdensome to send or receive. Immediate order and trade information can be a useful tool in enabling a marketplace participant to implement and monitor the effectiveness of its risk management and supervisory controls.

 

 

(c)

enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or, if applicable, its DEA client;

 

 

 

 

(d)

enable the marketplace participant to immediately suspend or terminate any direct electronic access granted to a DEA client; and

 

 

 

 

(e)

ensure that the entry of orders does not interfere with fair and orderly markets.

 

 

 

(4) The risk management and supervisory controls, policies and procedures established pursuant to this section, including those provided by a third party, must be under the direct and exclusive control of the marketplace participant, subject to section 4 below.

3(4)

 

 

 

Some commenters asked for further clarification about the requirement for "control", including whether it refers only to control over filter parameters or to physical location or ownership.

We have amended the requirement in the Instrument and clarified in the Companion Policy that we are referring to the setting and adjustment of risk management and supervisory controls, policies and procedures.

 

(5) A third party that provides risk management and supervisory controls, policies and procedures to a marketplace participant must be independent from each DEA client of that marketplace participant.

3(5)

 

 

 

Some commenters pointed out that this section is similar to a limitation under the SEC's Rule 15c3-5 but that under U.S. securities laws, broker-dealers are not included in the definition of "customer" whereas under IIROC's rules, orders from dealers are "client orders". Therefore, unlike Rule 15c3-5 adopted by the SEC, the Proposed Instrument could be read to prohibit a marketplace participant that provides direct marketplace access to an affiliated broker-dealer from using the risk management controls, policies or procedures developed by the marketplace participant or an affiliate which these commenters believe is unnecessarily restrictive.

We have revised the Instrument to allow affiliates of the participant dealer that are also clients of the participant dealer with marketplace access provided by the participant dealer to provide risk management controls, policies or procedures to the participant dealer. However, we note that the participant dealer must directly and exclusively control the setting and adjustment of these controls, policies or procedures. In addition, no person or company, other than the marketplace participant may set or adjust its controls, policies and procedures.

 

(6) A marketplace participant must:

Other commenters requested further guidance on requirements for the "independence" of a third party from a client of a marketplace participant that accesses a marketplace directly through access provided by the marketplace participant. Also, commenters asked what degree of assistance a vendor can provide to its client regarding "direct and exclusive control".

An independent third party is an entity that is not an affiliate, and is otherwise independent o\ f a client. We have revised the Instrument to clarify that only the marketplace participant may set or adjust the co\ ntrols, policies or procedures, including those provided by third parties.

 

 

(a)

regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures; and

 

 

 

 

(b)

document and promptly remedy any deficiencies.

 

 

 

(7) Where a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must:

Concern was expressed with respect to the inability of clients to use their own superior systems and technology and a commenter indicated that it was unreasonable to allow third party software and technology to be used to the exclusion of a client's or its affiliate's own better systems.

We are of the view that technology developed independently from clients would assist the partici\ pant dealer in tailoring the controls to its specific needs and ensuring the sufficiency of these controls. As well,\ there may be a reduction in the effectiveness of these controls if the entities that will be monitored by these con\ trols also develop them.

 

 

(a)

regularly assess and document the adequacy and effectiveness of the third party's relevant risk management and supervisory controls, policies and procedures; and

3(7)(a)

 

 

 

One commenter wanted further details as to how the CSA would expect a dealer to reasonably assess the effectiveness of another dealer's systems and processes beyond allocation by contract.

Among other possibilities, a marketplace participant can use a third party to determine the effe\ ctiveness of another dealer's systems or monitor the performance of the system during regular use.

 

 

(b)

document any deficiencies and ensure that the deficiencies are promptly remedied.

 

 

 

4. Allocation of Control over Risk Management and Supervisory Controls, Policies and Procedures

A number of commenters supported these proposed requirements.

We agree with the commenters that expressed the view that these requirements will provide a reasonable approach to the allocation of risk management and supervisory controls.

 

A participant dealer may reasonably allocate control over specific risk management and supervisory controls, policies and procedures required under subsection 3(1) to an investment dealer if:

 

 

 

 

(a)

the participant dealer has a reasonable basis for determining that such investment dealer, based on its relationship with the ultimate client, has better access to information relating to the ultimate client than the participant dealer such that the investment dealer can more effectively implement the controls, policies and procedures;

One commenter was of the view that these requirements should be drafted on a principles basis since these requirements are significantly burdensome, especially in light of the fact that both parties would be regulated and the executing party regularly undergoes trading desk reviews by the Investment Industry Regulatory Organization of Canada (IIROC).

We are of the view that in order to adequately address the risks of electronic trading, these specific minimum standards must be met. If these requirements were instead placed in guidance, we note that Canada would have a lower standard than in the U.S. with respect to electronic trading thus possibly causing regulatory arbitrage.

 

 

(b)

a description of the allocation of control over specific risk management and supervisory controls, policies and procedures is set out in a written agreement between the participant dealer and investment dealer;

 

 

 

 

(c)

the participant dealer assesses and documents the adequacy and effectiveness of the investment dealer's risk management and supervisory controls, policies and procedures prior to allocating control;

Another commenter espoused the view that the proposed rule did not go far enough in permitting the allocation of risk management by only limiting allocation to investment dealers. This commenter suggested that the proposed rule should recognize that any two regulated broker dealers, whether regulated by the SEC or IIROC should be permitted to allocate risk management tools between one another.

The CSA note that the performance of risk management by an SEC regulated broker dealer would be outside of our jurisdiction and we would not be able to enforce this Instrument in that circumstance.

 

 

(d)

the participant dealer

One commenter requested clarification as to the difference between "participant dealer" and "investment dealer".

A participant dealer is defined in the Instrument as a marketplace participant that is an investment dealer. An investment dealer is not necessarily always a marketplace participant.

 

 

 

(i)

regularly assesses the adequacy and effectiveness of the risk management and supervisory controls, policies and procedures over which control has been allocated to the investment dealer;

 

 

 

 

 

(ii)

documents any deficiencies and ensures that the deficiencies are promptly remedied; and

 

 

 

 

(e)

the participant dealer provides the investment dealer with the immediate order and trade information of the DEA client that the participant dealer receives pursuant to subparagraph 3(3)(b)(iv).

Another commenter asked whether risk management and supervisory controls, policies and procedures may be allocated in a jitney arrangement.

Yes, the Companion Policy clarifies that in jitney, and other trading arrangements that involve multiple dealers, there may be certain controls that are better directed by the originating dealer because of its superior knowledge of the ultimate client.

 

 

5. Use of Automated Order Systems

 

 

 

(1) The use of automated order systems by a marketplace participant or any client, including a DEA client, must not interfere with fair and orderly markets.

5(1)

 

 

 

One commenter was of the view that the CSA should impose a "reasonableness" standard instead of the stricter standard of requiring automated order systems to not interfere with fair and orderly markets.

We have revised the Instrument to require that a marketplace participant and any client take all reasonable steps to ensure that the use of automated order systems does not interfere with fair and orderly markets.

 

(2) As part of the risk management and supervisory controls, policies and procedures required under subsection 3(1), a marketplace participant must:

5(2)

 

 

 

One commenter was of the view that more specific requirements were needed to address the difference between the use of an off-the-shelf product and an algorithm that uses code created by a client with marketplace access provided by the marketplace participant.

The Instrument requires that an automated order system be tested according to prudent business practices. Prudent business practices may require an algorithm developed by a person or company that does not have an extensive background in creating such products to undergo more detailed testing than an algorithm developed for commercial use by experts.

 

 

(a)

have the necessary knowledge and understanding of any automated order system used by the marketplace participant or any client, including a DEA client, in order to identify and manage its risks associated with the use of the automated order system;

 

 

 

 

(b)

ensure that each automated order system is regularly, and at least annually, tested in accordance with prudent business practices; and

 

 

 

 

(c)

have controls in place to immediately and at any time disable the automated order system to prevent orders generated by the automated order system from reaching a marketplace.

One commenter indicated that it is not appropriate for participant dealers to test the automated order systems of their clients and instead proposed that an independent third party solution be used or that a client be allowed to certify that their automated systems have been tested in accordance with a standard acceptable to IIROC and the CSA. Another commenter that it should be left up to dealers to determine whether it needs to be knowledgeable about a client's automated order system. One other commenter thought that dealers should be able to rely on certifications from their clients because of the competitive sensitivity of automated order system information.

Guidance in the Companion Policy states that a participant dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately tested in accordance with prudent business practices.

 

 

Another commenter noted that certain clients may become marketplace participants if they are unwilling to share details about their systems' features and programming due to confidentiality concerns.

We acknowledge that certain clients may become marketplace participants in order to avoid sharing details of their automated order systems. Our view is that it is important for a marketplace participant to obtain sufficient information in order to properly identify and manage its own risks.

 

 

A final comment was that the CSA should be prepared to provide detailed guidance to participant dealers with respect to the minimum standards that will be expected of them.

We have provided guidance in the Companion Policy and if considered necessary, will also provide a document outlining frequently asked questions regarding the Instrument.

 

12. Availability of Order and Trade Information

 

 

 

A marketplace must provide a marketplace participant with reasonable access to its order and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required in section 3.

Some commenters noted that it appears that these requirements reinforce current practices. Others remarked that these requirements, especially if they are meant to go beyond current practices, would be unduly burdensome.

Under this requirement, a marketplace is to provide immediate or near real-time information, such as a drop copy.

 

14. Marketplace Controls Relating to Electronic Trading

 

 

 

(1) A marketplace must have the ability and authority to terminate all or a portion of the access provided to a marketplace participant or a DEA client.

14(1)

 

 

 

While most commenters agreed that marketplaces should have the ability and authority to terminate access provided to a marketplace participant or a client of a marketplace participant, one commenter was of the view that marketplaces lack the necessary analytics to assess whether termination is appropriate and that IIROC is in a better position to undertake this capability.

We would expect marketplaces to act when they identify trading behaviour that is interfering with the fair and orderly functioning of their markets. We have clarified this in the Companion Policy.

 

(2) A marketplace must:

One commenter suggested that the Proposed Instrument may be too lenient on marketplaces and that marketplaces should have an obligation to prevent the entry of erroneous orders in terms of specific size or price parameters with respect to its own marketplace.

The Instrument requires marketplaces to assess if they require any additional controls, policies and procedures in addition to those instituted by their members or subscribers. As well, the Instrument requires marketplaces to institute thresholds that assist in mitigating volatility such as that witnessed during the May 6, 2010 "flash crash".

 

 

(a)

regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to those controls that a marketplace participant is required to have pursuant to subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner;

 

 

 

 

(b)

regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented pursuant to paragraph (a); and

 

 

 

 

(c)

document and promptly remedy any deficiencies identified in the controls, policies and procedures implemented pursuant to paragraph (a).

One commenter suggested that we include an additional requirement for marketplaces to provide cancel-on-disconnect functionality whereby when a participant's filters are triggered, it is able to disconnect and the marketplace will cancel all of its remaining orders. This commenter noted that this functionality provides critical protection where the participant's system loses connectivity and it cannot immediately act to reduce its exposure.

We are of the view that marketplaces may institute cancel-on-disconnect functionality as they see fit under subsection 7(2) of the Instrument. We note that many marketplaces have already instituted this feature on their platforms and we are supportive of this action.

 

 

Companion Policy -- Section 14

 

 

 

One commenter was of the view that the CP guidance stating that a marketplace should be aware of the risk management and supervisory controls, policies and procedures of its marketplace participants and assess if it needs to implement additional controls, policies and procedures to eliminate any risk management gaps and ensure the integrity of trading on its market is inappropriate as it requires the marketplace to force each of its participants to disclose the participant's proprietary and possibly confidential risk management and supervisory controls. This commenter further stated that this burden is entirely unnecessary given that IIROC and the CSA are best positioned to ensure that participating dealers are in compliance with risk management rules.

The guidance states that the marketplace should be generally aware of the risk management and supervisory controls, policies and procedures of its marketplace participants. This is so marketplaces can then better determine if they need to implement additional controls, policies and procedures. It is not expected that marketplaces will have in-depth knowledge of such controls, policies and procedures.

 

15. Marketplace Thresholds

The support for standardized marketplace thresholds was mixed. While some commenters agreed with using standardized marketplace thresholds others did not believe in a one-size-fits-all approach and believed that the thresholds should be left to the discretion of the marketplace.

We provided IIROC with flexibility in determining the implementation of the marketplace thresholds.

 

(1) A marketplace must prevent the execution of orders for exchange-traded securities exceeding price and volume thresholds set by:

 

 

 

 

(a)

its regulation services provider;

A commenter that did not agree with this proposed requirement indicated that limits on volumes should be done at the dealer level using order management systems given that it would be difficult to establish a common volume threshold for all types of clients and all types of securities.

 

 

 

(b)

the marketplace, if it is a recognized exchange that directly monitors the conduct of its members and enforces requirements set pursuant to subsection 7.1(1) of NI 23-101; or

One supporter of harmonized marketplace thresholds indicated that the calculation methodology and reference price used by the regulation services provider should be clear and that marketplaces should be allowed to maintain flexibility over the means of technical implementation of these thresholds.

 

 

 

(c)

the marketplace, if it is a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces requirements set pursuant to subsection 7.3(1) of NI 23-101.

Another commenter urged the CSA to distinguish between price band parameters (a percentage change in prices that causes restrictions on order entry or trading to allow a marketplace to review what is happening) and circuit breakers.

 

 

 

This commenter also indicated that it would support requirements for marketplaces to make their price band parameters transparent for users to better understand the differences between the various marketplaces.

 

 

 

Another commenter indicated that industry participants will need to review a detailed thresholds proposal before being able to properly assess the implications related to this requirement.

We agree and IIROC has published a proposal for the marketplace thresholds for public comment.

 

(2) A recognized exchange, recognized quotation and trade reporting system or regulation services provider setting a price threshold for an exchange-traded security under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and regulation services providers setting a price threshold under subsection (1) for that exchange-traded security or a security underlying that exchange-traded security.

15(2)

 

 

 

One commenter noted that the price of an underlying security is only one of the factors that determine the price of a derivatives contract and that, as a result, a strict relationship between the price threshold for an underlying security and the derivative on that underlying security would not be practicable.

We note the comment.

 

 

One commenter urged the CSA to review the "coordination" language in this section to ensure that a derivative exchange has the flexibility to set appropriate thresholds.

We have reviewed the language and are satisfied that it provides a derivative exchange with the flexibility to set appropriate thresholds for its marketplace.

 

16. Clearly Erroneous Trades

Support for provision

 

 

(1) A marketplace must have the capability to cancel, vary or correct a trade.

Most commenters supported these proposed requirements while one commenter was of the view that this provision was inconsistent with the CSA's proposed obligation on marketplaces to ensure a fair and orderly market and did not follow the approach taken in other jurisdictions.

Recognized exchanges and recognized quotation and trade reporting systems may conduct their own market regulation and determine the best method to maintain a fair and orderly marketplace. However, we would encourage regulation services providers and recognized exchanges and recognized quotation and trade reporting systems to co-ordinate their approaches in dealing with erroneous trades.

 

(2) If a marketplace has retained a regulation services provider, the marketplace must not cancel, vary or correct a trade executed on the marketplace unless:

One commenter suggested that the CSA should consider whether it would be better to use a uniform approach regardless of whether a marketplace had retained a regulation services provider.

 

 

 

(a)

instructed to do so by its regulation services provider;

 

 

 

 

(b)

the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to its regulation services provider; or

 

 

 

 

(c)

the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment in executing the trade, and permission to cancel, vary or correct has been obtained from its regulation services provider.

 

 

 

(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the processes and parameters associated with a cancellation, variation or correction and must make such policies and procedures publicly available.

16(3)

 

 

 

One commenter suggested that the policies and procedures should be publicized and made readily available by the applicable marketplace.

We agree. The Instrument requires that a marketplace's erroneous trade policies and procedures be made publicly available.

 

Effective Date/Implementation

A number of commenters encouraged the CSA to consult with industry when setting an implementation date.

We have discussed implementation timing with various market participants before setting the implementation date. The implementation window is in line with what we have been told would be the length of time necessary for marketplace participants, participant dealers and marketplaces to prepare for compliance with the Instrument.

 

 

Other commenters encouraged the CSA to provide for a large implementation window to take into account certain factors such as time for marketplaces to amend their subscriber or participant agreements. Another commenter suggested a staged roll-out for the Proposed Instrument.

 

 

NATIONAL INSTRUMENT 23-103

ELECTRONIC TRADING

PART 1

DEFINITIONS AND INTERPRETATION

Definitions

1. In this Instrument,

"automated order system" means a system used to automatically generate or electronically transmit orders on a pre-determined basis;

"marketplace and regulatory requirements" means

(a) the rules, policies, requirements or other similar instruments set by a marketplace respecting the method of trading by marketplace participants, including those related to order entry, the use of automated order systems, order types and features and the execution of trades;

(b) the applicable requirements in securities legislation; and

(c) the applicable requirements set by a recognized exchange, a recognized quotation and trade reporting system or a regulation services provider under section 7.1, 7.3 or 8.2 of NI 23-101;

and

"participant dealer" means a marketplace participant that is an investment dealer.

Interpretation

2. A term that is defined or interpreted in National Instrument 21-101 Marketplace Operation, or National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations has, if used in this Instrument, the meaning ascribed to it in National Instrument 21-101 or National Instrument 31-103.

PART 2

REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

Risk Management and Supervisory Controls, Policies and Procedures

3.

(1) A marketplace participant must

(a) establish, maintain and ensure compliance with risk management and supervisory controls, policies and procedures that are reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access or providing clients with access to a marketplace; and

(b) record the policies and procedures required under paragraph (a) and maintain a description of the marketplace participant's risk management and supervisory controls in written form.

(2) The risk management and supervisory controls, policies and procedures required under subsection (1) must be reasonably designed to ensure that all orders are monitored and for greater certainty, include

(a) automated pre-trade controls, and

(b) regular post-trade monitoring.

(3) The risk management and supervisory controls, policies and procedures required in subsection (1) must be reasonably designed to

(a) systematically limit the financial exposure of the marketplace participant, including, for greater certainty, preventing

(i) the entry of one or more orders that would result in exceeding pre-determined credit or capital thresholds for the marketplace participant and, if applicable, its client with marketplace access provided by the marketplace participant,

(ii) the entry of one or more orders that exceed pre-determined price or size parameters;

(b) ensure compliance with marketplace and regulatory requirements, including, for greater certainty,

(i) preventing the entry of orders that do not comply with marketplace and regulatory requirements that must be satisfied on a pre-order entry basis;

(ii) limiting the entry of orders to those securities that a marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant, is authorized to trade;

(iii) restricting access to trading on a marketplace to persons authorized by the marketplace participant; and

(iv) ensuring that the compliance staff of the marketplace participant receives immediate order and trade information, including, for greater certainty, execution reports, resulting from orders sent by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;

(c) enable the marketplace participant to immediately stop or cancel one or more orders entered by the marketplace participant or, if applicable, its client with marketplace access provided by the marketplace participant;

(d) enable the marketplace participant to immediately suspend or terminate any access to a marketplace granted to a client with marketplace access provided by the marketplace participant; and

(e) ensure that the entry of orders does not interfere with fair and orderly markets.

(4) A third party that provides risk management and supervisory controls, policies or procedures to a marketplace participant must be independent from each client with marketplace access provided by the marketplace participant, except if the client is an affiliate of the marketplace participant.

(5) A marketplace participant must directly and exclusively set and adjust the risk management and supervisory controls, policies and procedures required under this section, including those provided by third parties.

(6) A marketplace participant must

(a) regularly assess and document the adequacy and effectiveness of its risk management and supervisory controls, policies and procedures; and

(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and promptly remedy the deficiency.

(7) If a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures, the marketplace participant must

(a) regularly assess and document the adequacy and effectiveness of the third party's relevant risk management and supervisory controls, policies and procedures; and

(b) document any deficiencies in the adequacy or effectiveness of a risk management or supervisory control, policy or procedure and ensure the deficiency is promptly remedied.

Authorization to Set or Adjust Risk Management and Supervisory Controls, Policies and Procedures

4. Despite subsection 3(5), a participant dealer may, on a reasonable basis, authorize an investment dealer to perform, on the participant dealer's behalf, the setting or adjusting of a specific risk management or supervisory control, policy or procedure required under subsection 3(1) if

(a) the participant dealer has a reasonable basis for determining that the investment dealer, based on the investment dealer's relationship with the ultimate client, has better access to information relating to the ultimate client than the participant dealer such that the investment dealer can more effectively set or adjust the control, policy or procedure;

(b) a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the specific risk management or supervisory control, policy or procedure are set out in a written agreement between the participant dealer and investment dealer;

(c) before authorizing the investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure, the participant dealer assesses and documents the adequacy and effectiveness of the investment dealer's setting or adjusting of the risk management or supervisory control, policy or procedure;

(d) the participant dealer

(i) regularly assesses the adequacy and effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure by the investment dealer, and

(ii) documents any deficiencies in the adequacy or effectiveness of the setting or adjusting of the risk management or supervisory control, policy or procedure and ensures that the deficiencies are promptly remedied, and

(e) the participant dealer provides the investment dealer with the immediate order and trade information of the ultimate client that the participant dealer receives under subparagraph 3(3)(b)(iv).

PART 3

REQUIREMENTS APPLICABLE TO USE OF AUTOMATED ORDER SYSTEMS

Use of Automated Order Systems

5.

(1) A marketplace participant must take all reasonable steps to ensure that its use of an automated order system or the use of an automated order system by any client, does not interfere with fair and orderly markets.

(2) A client of a marketplace participant must take all reasonable steps to ensure that its use of an automated order system does not interfere with fair and orderly markets.

(3) For the purpose of the risk management and supervisory controls, policies and procedures required under subsection 3(1), a marketplace participant must

(a) have a level of knowledge and understanding of any automated order system used by the marketplace participant or any client that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system,

(b) ensure that every automated order system used by the marketplace participant or any client is tested in accordance with prudent business practices initially before use and at least annually thereafter, and

(c) have controls in place to immediately

(i) disable an automated order system used by the marketplace participant, and

(ii) prevent orders generated by an automated order system used by the marketplace participant or any client from reaching a marketplace.

PART 4

REQUIREMENTS APPLICABLE TO MARKETPLACES

Availability of Order and Trade Information

6.

(1) A marketplace must provide a marketplace participant with access to its order and trade information, including execution reports, on an immediate basis to enable the marketplace participant to effectively implement the risk management and supervisory controls, policies and procedures required under section 3.

(2) A marketplace must provide a marketplace participant access to its order and trade information referenced in subsection (1) on reasonable terms.

Marketplace Controls Relating to Electronic Trading

7.

(1) A marketplace must not provide access to a marketplace participant unless it has the ability and authority to terminate all or a portion of the access provided to the marketplace participant.

(2) A marketplace must

(a) regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to those controls that a marketplace participant is required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner;

(b) regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures implemented under paragraph (a);and

(c) document and promptly remedy any deficiencies in the adequacy or effectiveness of the controls, policies and procedures implemented under paragraph (a).

Marketplace Thresholds

8.

(1) A marketplace must not permit the execution of orders for exchange-traded securities to exceed the price and volume thresholds set by

(a) its regulation services provider;

(b) the marketplace, if it is a recognized exchange that directly monitors the conduct of its members and enforces requirements set under subsection 7.1(1) of NI 23-101; or

(c) the marketplace, if it is a recognized quotation and trade reporting system that directly monitors the conduct of its users and enforces the requirements set under subsection 7.3(1) of NI 23-101.

(2) A recognized exchange, recognized quotation and trade reporting system or regulation services provider setting a price threshold for an exchange-traded security under subsection (1) must coordinate its price threshold with all other exchanges, quotation and trade reporting systems and regulation services providers setting a price threshold under subsection (1) for the exchange-traded security or a security underlying the exchange-traded security.

Clearly Erroneous Trades

9.

(1) A marketplace must not provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by the marketplace participant.

(2) If a marketplace has retained a regulation services provider, the marketplace must not cancel, vary or correct a trade executed on the marketplace unless

(a) instructed to do so by its regulation services provider;

(b) the cancellation, variation or correction is requested by a party to the trade, consent is provided by both parties to the trade and notification is provided to the marketplace's regulation services provider; or

(c) the cancellation, variation or correction is necessary to correct an error caused by a system or technological malfunction of the marketplace systems or equipment, or caused by an individual acting on behalf of the marketplace, and the consent to cancel, vary or correct has been obtained from the marketplace's regulation services provider.

(3) A marketplace must establish, maintain and ensure compliance with reasonable policies and procedures that clearly outline the processes and parameters associated with a cancellation, variation or correction and must make such policies and procedures publicly available.

PART 5

EXEMPTION AND EFFECTIVE DATE

Exemption

10.

(1) The regulator or the securities regulatory authority may grant an exemption from this Instrument, in whole or in part, subject to such conditions or restrictions as may be imposed in the exemption.

(2) Despite subsection (1), in Ontario, only the regulator may grant such an exemption.

(3) Except in Ontario, an exemption referred to in subsection (1) is granted under the statute referred to in Appendix B of National Instrument 14-101 Definitions opposite the name of the local jurisdiction.

Effective Date

11. This Instrument comes into force on March 1, 2013.

 

COMPANION POLICY 23-103CP

ELECTRONIC TRADING

PART 1 GENERAL COMMENTS

1.1 Introduction

(1) Purpose of National Instrument 23-103

The purpose of National Instrument 23-103 Electronic Trading (NI 23-103) is to address areas of concern and risks brought about by electronic trading. The increased speed and automation of trading on marketplaces give rise to various risks, including credit risk and market integrity risk. To protect marketplace participants from harm and to ensure continuing market integrity, these risks need to be reasonably and effectively controlled and monitored.

In the view of the Canadian Securities Administrators (CSA or we), marketplace participants should bear primary responsibility for ensuring that these risks are reasonably and effectively controlled and monitored. This responsibility applies to orders that are entered electronically by the marketplace participant itself, as well as orders from clients using the participant dealer's marketplace participant identifier.

This responsibility includes both financial and regulatory obligations. This view is premised on the fact that it is the marketplace participant that makes the decision to engage in trading or provide marketplace access to a client. However, the marketplaces also have some responsibilities to manage risks to the market.

NI 23-103 is meant to address risks associated with electronic trading on a marketplace with a key focus on the gatekeeping function of the executing broker. However, a clearing broker also bears financial and regulatory risks associated with providing clearing services. Under National Instrument 31-103 Registration Requirements, Exemptions and Ongoing Registrant Obligations (NI 31-103) a dealer must manage the risks associated with its business in accordance with prudent business practices. As part of that obligation, we expect a clearing dealer to have in place effective systems and controls to properly manage its risks.

(2) Scope of NI 23-103

NI 23-103 applies to the electronic trading of securities on marketplaces. In Alberta and British Columbia, the term "security" when used in NI 23-103 includes an option that is an exchange contract but does not include a futures contract. In Ontario, the term "security" when used in NI 23-103, does not include a commodity futures contract or a commodity futures option that is not traded on a commodity futures exchange registered with or recognized by the Commission under the Commodity Futures Act or the form of which is not accepted by the Director under the Commodity Futures Act. In Québec, the term "security" when used in NI 23-103, includes a standardized derivative as this notion is defined in the Derivatives Act.

(3) Purpose of Companion Policy

This Companion Policy sets out how the CSA interpret or apply the provisions of NI 23-103 and related securities legislation.

Except for Part 1, the numbering of Parts and sections in this Companion Policy correspond to the numbering in NI 23-103. Any general guidance for a Part appears immediately after the Part name. Any specific guidance on sections in NI 23-103 follows any general guidance. If there is no guidance for a Part or section, the numbering in this Companion Policy will skip to the next provision that does have guidance.

All references in this Companion Policy to Parts and sections are to NI 23-103, unless otherwise noted.

1.2 Definitions

Unless defined in NI 23-103, terms used in NI 23-103 and in this Companion Policy have the meaning given to them in the securities legislation of each jurisdiction, in National Instrument 14-101 Definitions, National Instrument 21-101 Marketplace Operation (NI 21-101), or NI 31-103.

(1) Automated order systems

Automated order systems encompass both hardware and software used to generate or electronically transmit orders on a pre-determined basis and would include smart order routers and trading algorithms that are used by marketplace participants, offered by marketplace participants to clients or developed or used by clients.

PART 2 REQUIREMENTS APPLICABLE TO MARKETPLACE PARTICIPANTS

3. Risk management and supervisory controls, policies and procedures

(1) National Instrument 31-103 requirements

For marketplace participants that are registered firms, section 11.1 of NI 31-103 requires the registered firm to establish, maintain and apply policies and procedures that establish a system of controls and supervision sufficient to: (a) provide reasonable assurance that the registered firm and each individual acting on its behalf complies with securities legislation; and (b) manage the risks associated with its business in accordance with prudent business practices. Section 3 of NI 23-103 builds on the obligations outlined in section 11.1 of NI 31-103. The CSA have included requirements in NI 23-103 for all marketplace participants that conduct trading on a marketplace to have risk management and supervisory controls, policies and procedures that are reasonably designed to manage their risks in accordance with prudent business practices. What would be considered to be "reasonably designed" in this context is tied to the risks associated with electronic trading that the marketplace participant is willing to bear and what is necessary to manage that risk in accordance with prudent business practices.

These requirements provide greater specificity with respect to the expectations surrounding controls, policies and procedures relating to electronic trading. The requirements apply to all marketplace participants, not just those that are registered firms.

(2) Documentation of risk management and supervisory controls, policies and procedures

Paragraph 3(1)(b) requires a marketplace participant to record its policies and procedures and maintain a copy of its risk management and supervisory controls in written form. This includes a narrative description of any electronic controls implemented by the marketplace participant as well as their functions.

We note that the risk management and supervisory controls, policies and procedures related to the trading of unlisted, government and corporate debt may not be the same as those related to the trading of equity securities due to the differences in the nature of trading of these types of securities. Different marketplace models such as a request for quote, negotiation system, or continuous auction market may require different risk management and supervisory controls, policies and procedures in order to appropriately address the varying levels of diverse risks these different marketplace models can pose to our markets.

A registered firm's obligation to maintain its risk management and supervisory controls in written form under paragraph 3(1)(b) includes retaining these documents and builds on a registered firm's obligation in NI 31-103 to retain its books and records. We expect a non-registered marketplace participant to retain these documents as part of its obligation under paragraph 3(1)(b) to maintain a description of its risk management and supervisory controls in written form.

(3) Clients that also maintain risk management controls

We are aware that a client that is not a registered dealer may maintain its own risk management controls. However, part of the intent of NI 23-103's risk management and supervisory controls, policies and procedures is to require a participant dealer to manage its risks associated with electronic trading and to protect the participant dealer under whose marketplace participant identifier an order is being entered. Consequently, a participant dealer must maintain reasonably designed risk management and supervisory controls, policies and procedures regardless of whether its clients maintain their own controls. It is not appropriate for a participant dealer to rely on a client's risk management controls, as the participant dealer would not be able to ensure the sufficiency of the client's controls, nor would the controls be tailored to the particular needs of the participant dealer.

(4) Minimum risk management and supervisory controls, policies and procedures

Subsection 3(2) sets out the minimum elements of the risk management and supervisory controls, policies and procedures that must be addressed and documented by each marketplace participant. Automated pre-trade controls include an examination of the order before it is entered on a marketplace and the monitoring of entered orders whether executed or not. The marketplace participant should assess, document and implement any additional risk management and supervisory controls, policies and procedures that it determines are necessary to manage the marketplace participant's financial exposure and to ensure compliance with applicable marketplace and regulatory requirements.

With respect to regular post-trade monitoring, it is expected that the regularity of this monitoring will be conducted commensurate with the marketplace participant's determination of the order flow it is handling. At a minimum, an end of day check is expected.

(5) Pre-determined credit or capital thresholds

A marketplace participant can establish pre-determined credit thresholds by setting lending limits for a client and establish pre-determined capital thresholds by setting limits on the financial exposure that can be created by orders entered or executed on a marketplace under its marketplace participant identifier. The pre-determined credit or capital thresholds referenced in paragraph 3(3)(a) may be set based on different criteria, such as per order, trade account or other criteria, including overall trading strategy, or using a combination of these factors as required in the circumstances.

For example, a participant dealer that sets a credit limit for a client with marketplace access provided by the participant dealer could impose that credit limit by setting sub-limits applied at each marketplace to which the participant dealer provides access that together equal the total credit limit. A participant dealer may also consider whether to establish credit or capital thresholds based on sector, security or other relevant factors. In order to address the financial exposure that might result from rapid order entry, a participant dealer may also consider measuring compliance with set credit or capital thresholds on the basis of orders entered rather than executions obtained.

We note that different thresholds may be set for the marketplace participant's own order flow (including both proprietary and client order flow) and that of a client with marketplace access provided by the marketplace participant, if appropriate.

(6) Compliance with applicable marketplace and regulatory requirements

The CSA expect marketplace participants to prevent the entry of orders that do not comply with all applicable marketplace and regulatory requirements that must be satisfied on a pre-trade basis where possible. Specifically, marketplace and regulatory requirements that must be satisfied on a pre-order entry basis are those requirements that can effectively be complied with only before an order is entered on a marketplace, including: (i) conditions that must be satisfied under National Instrument 23-101 Trading Rules (NI 23-101) before an order can be marked a "directed-action order", (ii) marketplace requirements applicable to particular order types and (iii) compliance with trading halts. This requirement does not impose new substantive regulatory requirements on the marketplace participant. Rather it establishes that marketplace participants must have appropriate mechanisms in place that are reasonably designed to effectively comply with their existing regulatory obligations on a pre-trade basis in an automated, high-speed trading environment.

(7) Order and trade information

Subparagraph 3(3)(b)(iv) requires the risk management and supervisory controls, policies and procedures to be reasonably designed to ensure that the compliance staff of the marketplace participant receives immediate order and trade information. This will require the marketplace participant to ensure that it has the capability to view trading information in real-time or to receive immediate order and trade information from the marketplace, such as through a drop copy.

This requirement will help the marketplace participant fulfill its obligations under subsection 3(1) with respect to establishing and implementing reasonably designed risk management and supervisory controls, policies and procedures that manage its risks associated with access to marketplaces.

This provision does not prescribe that a marketplace participant carry out compliance monitoring in real-time. There are instances however, when automated, real-time monitoring should be considered, such as when an automated order system is used to generate orders. It is up to the marketplace participant to determine, based on the risk that the order flow poses to the marketplace participant, the appropriate timing for compliance monitoring. However, our view is that it is important that a marketplace participant have the necessary tools in place to facilitate order and trade monitoring as part of the marketplace participant's risk management and supervisory controls, policies and procedures.

(8) Direct and exclusive control over setting and adjusting of risk management and supervisory controls, policies and procedures

Subsection 3(5) specifies that a marketplace participant must directly and exclusively set and adjust its risk management and supervisory controls, policies and procedures. With respect to exclusive control, we expect that no person or company, other than the marketplace participant, will be able to set and adjust the controls, policies and procedures. With respect to direct control, a marketplace participant must not rely on a third party in order to perform the actual setting and adjusting of its controls, policies and procedures.

A marketplace participant can use technology of third parties, including that of marketplaces, as long as the marketplace participant, whether a registered dealer or institutional investor, is able to directly and exclusively set and adjust its supervisory and risk management controls, policies and procedures.

Section 4 provides a limited exception to the requirement in subsection 3(5) in that a participant dealer may , on a reasonable basis, and subject to other requirements, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on behalf of the participant dealer.

(9) Risk management and supervisory controls, policies and procedures provided by an independent third party

Under subsection 3(4), a third party providing risk management and supervisory controls, policies or procedures to a marketplace participant must be independent of any client of the marketplace participant. However, an entity affiliated with a participant dealer that is also a client of the participant dealer may provide supervisory and risk management controls to the participant dealer. In all instances, the participant dealer must directly and exclusively set and adjust its supervisory and risk management controls.

Paragraph 3(7)(a) requires that a marketplace participant must regularly assess and document whether the risk management and supervisory controls, policies and procedures of the third party are effective and otherwise consistent with the provisions of NI 23-103 before engaging such services. Reliance on representations of a third party provider is insufficient to meet this assessment requirement. The CSA expect registered firms to be responsible and accountable for all functions that they outsource to a service provider as set out in Part 11 of Companion Policy 31-103CP Registration Requirements, Exemptions and Ongoing Registrant Obligations.

(10) Regular assessment of risk management controls and supervisory policies and procedures

Subsection 3(6) requires a marketplace participant to regularly assess and document the adequacy and effectiveness of the controls, policies and procedures it is required to establish under subsection 3(1). Under subsection 3(7), the same assessment requirement also applies if a marketplace participant uses the services of a third party to provide risk management or supervisory controls, policies and procedures. A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies and procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

A marketplace participant that is a registered firm is expected to retain the documentation of each such assessment as part of its obligation to maintain books and records in NI 31-103.

4. Authorization to set or adjust risk management and supervisory controls, policies and procedures

Section 4 is intended to address introducing (originating) and carrying (executing) arrangements or jitney arrangements that involve multiple dealers. In such arrangements, there may be certain controls that are better directed by the originating dealer, since it is the originating dealer that has knowledge of its client and is responsible for suitability and other "know your client" obligations. However, the executing dealer must also have reasonable controls in place to manage the risks it incurs by executing orders for other dealers.

Therefore, section 4 provides that a participant dealer may, on a reasonable basis, authorize an investment dealer to set or adjust a specific risk management or supervisory control, policy or procedure on the participant dealer's behalf by written contract and after a thorough assessment. Our view is that where the originating investment dealer with the direct relationship with the ultimate client has better access than the participant dealer to information relating to the ultimate client, the originating investment dealer may more effectively assess the ultimate client's financial resources and investment objectives.

We also expect that the participant dealer will maintain a written contract with the investment dealer that sets out a description of the specific risk management or supervisory control, policy or procedure and the conditions under which the investment dealer is authorized to set or adjust the control, policy or procedure as part of its books and records obligations set out in NI 31-103.

Paragraph 4(d) requires a participant dealer to regularly assess the adequacy and effectiveness of the investment dealer's setting or adjusting of the risk management and supervisory controls, policies and procedures that it performs on the participant dealer's behalf. We expect that this will include an assessment of the performance of the investment dealer under the written agreement prescribed in paragraph 4(b). A "regular" assessment would constitute, at a minimum, an assessment conducted annually of the controls, policies and procedures and whenever a substantive change is made to the controls, policies or procedures. A marketplace participant should determine whether more frequent assessments are required, depending on the particular circumstances.

Under paragraph 4(e), the participant dealer must provide the compliance staff of the originating investment dealer with immediate order and trade information of the ultimate client. This is to allow the originating investment dealer to monitor trading more effectively and efficiently.

Authorizing an investment dealer to set or adjust a risk management or supervisory control, policy or procedure does not relieve the participant dealer of its obligations under section 3, including the overall responsibility to establish, document, maintain and ensure compliance with risk management and supervisory controls, policies and procedures reasonably designed to manage, in accordance with prudent business practices, the financial, regulatory and other risks associated with marketplace access.

PART 3 REQUIREMENTS APPLICABLE TO THE USE OF AUTOMATED ORDER SYSTEMS

5. Use of automated order systems

Section 5 stipulates that a marketplace participant or any client must take all reasonable steps to ensure that its use of automated order systems does not interfere with fair and orderly markets. A marketplace participant must also take all reasonable steps to ensure that the use of an automated order system by a client does not interfere with fair and orderly markets. This includes both the fair and orderly trading on a marketplace or the market as a whole and the proper functioning of a marketplace. For example, the sending of a continuous stream of orders that negatively impacts the price of a security or that overloads the systems of a marketplace may be considered as interfering with fair and orderly markets.

Paragraph 5(3)(a) requires a marketplace participant to have a level of knowledge and understanding of any automated order systems used by either the marketplace participant or the marketplace participant's clients that is sufficient to allow the marketplace participant to identify and manage the risks associated with the use of the automated order system. We understand that detailed information of automated order systems may be treated as proprietary information by some clients or third party service providers; however, the CSA expect that the marketplace participant will be able to obtain sufficient information in order to properly identify and manage its own risks.

Paragraph 5(3)(b) requires that each automated order system is tested in accordance with prudent business practices. A participating dealer does not necessarily have to conduct tests on each automated order system used by its clients but must satisfy itself that these automated order systems have been appropriately tested. Testing an automated order system in accordance with prudent business practices includes testing it before its initial use and at least annually thereafter. We would also expect that testing would also occur after any significant change to the automated order system is made.

PART 4 REQUIREMENTS APPLICABLE TO MARKETPLACES

6. Availability of order and trade information

(1) Reasonable access

Subsection 6(1) is designed to ensure that a marketplace participant has immediate access to the marketplace participant's order and trade information when needed. Subsection 6(2) will help ensure that the marketplace does not have any rules, polices, procedures, fees or practices that would unreasonably create barriers to the marketplace participant in accessing this information.

This obligation is distinct from the requirement for marketplaces to disseminate order and trade information through an information processor under Parts 7 and 8 of NI 21-101. The information to be provided pursuant to section 6 would need to include the private information included on each order and trade in addition to the public information disseminated through an information processor.

(2) Immediate order and trade information

For the purposes of providing access to order and trade information on an immediate basis, we consider a marketplace's provision of this information by a drop copy to be acceptable.

7. Marketplace controls relating to electronic trading

(1) Termination of marketplace access

Subsection 7(1) requires a marketplace to have the ability and authority to terminate all or a portion of the access provided to a marketplace participant before providing access to that marketplace participant. This requirement also includes the authority of a marketplace to terminate access provided to a client that is using a participant dealer's marketplace participant identifier to access the marketplace. We expect a marketplace to act when it identifies trading behaviour that interferes with the fair and orderly functioning of its market.

(2) Assessments to be conducted

Paragraph 7(2)(a) requires a marketplace to regularly assess and document whether the marketplace requires any risk management and supervisory controls, policies and procedures relating to electronic trading, in addition to the risk management and supervisory controls, policies and procedures that marketplace participants are required to have under subsection 3(1), and ensure that such controls, policies and procedures are implemented in a timely manner. As well, a marketplace must regularly assess and document the adequacy and effectiveness of any risk management and supervisory controls, policies and procedures put in place under paragraph 7(2)(a). A marketplace is expected to document any conclusions reached as a result of its assessment and any deficiencies noted. It must also promptly remedy any identified deficiencies.

It is important that a marketplace take steps to ensure it does not engage in activity that interferes with fair and orderly markets. Part 12 of NI 21-101 requires marketplaces to establish systems-related risk management controls. It is therefore expected that a marketplace will be generally aware of the risk management and supervisory controls, policies and procedures of its marketplace participants and assess whether it needs to implement additional controls, policies and procedures to eliminate any risk management gaps and ensure the integrity of trading on its market.

(3) Timing of assessments

A "regular" assessment would constitute, at a minimum, an assessment conducted annually and whenever a substantive change is made to a marketplace's operations, rules, controls, policies or procedures that relate to methods of electronic trading. A marketplace should determine whether more frequent assessments are required depending on the particular circumstances of the marketplace, for example when the number of orders or trades is increasing very rapidly or when new types of clients or trading activities are identified. A marketplace should document and preserve a copy of each such assessment as part of its books and records obligation in NI 21-101.

(4) Implementing controls, policies and procedures in a timely manner

A "timely manner" will depend on the particular circumstances, including the degree of potential risk of financial harm to marketplace participants and their clients or harm to the integrity of the marketplace and to the market as a whole. The marketplace must ensure the timely implementation of any necessary risk management and supervisory controls, policies and procedures.

8. Marketplace thresholds

Section 8 requires that each marketplace must not permit the execution of orders of exchange-traded securities exceeding price and volume thresholds set by its regulation services provider, or by the marketplace if it is a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces certain requirements set under NI 23-101.

These price and volume thresholds are expected to reduce erroneous orders and price volatility by preventing the execution of orders that could interfere with a fair and orderly market.

There are a variety of methods that may be used to prevent the execution of these orders. However, the setting of the price threshold is to be coordinated among all regulation services providers, recognized exchanges and recognized quotation and trade reporting systems that set the threshold under subsection 8(1).

The coordination requirement also applies when setting a price threshold for securities that have underlying interests in an exchange-traded security. We note that there may be differences in the actual price thresholds set for an exchange-traded security and a security that has underlying interests in that exchange-traded security.

9. Clearly erroneous trades

(1) Application of section 9

Section 9 provides that a marketplace cannot provide access to a marketplace participant unless it has the ability to cancel, vary or correct a trade executed by that marketplace participant. This requirement would apply in the instance where the marketplace decides to cancel, vary or correct a trade or is instructed to do so by a regulation services provider.

Before cancelling, varying or correcting a trade, paragraph 9 (2)(a) requires that a marketplace receive instructions from its regulation services provider, if it has retained one. We note that this would not apply in the case of a recognized exchange or recognized quotation and trade reporting system that directly monitors the conduct of its members or users and enforces requirements set pursuant to subsection 7.1(1) or 7.3(1) respectively of NI 23-101.

(2) Cancellation, variation or correction where necessary to correct a system or technological malfunction or error made by the marketplace systems or equipment

Under paragraph 9(2)(c) a marketplace may cancel, vary or correct a trade where necessary to correct an error caused by a system or technological malfunction of the marketplace's systems or equipment or an individual acting on behalf of the marketplace. If a marketplace has retained a regulation services provider, it must not cancel, vary or correct a trade unless it has obtained permission from its regulation services provider to do so.

Examples of errors caused by a system or technological malfunction include where the system executes a trade on terms that are inconsistent with the explicit conditions placed on the order by the marketplace participant, or allocates fills for orders at the same price level in a manner or sequence that is inconsistent with the stated manner or sequence in which such fills are to occur on the marketplace. Another example includes where the trade price was calculated by a marketplace's systems or equipment based on some stated reference price, but it was calculated incorrectly.

(3) Policies and procedures

For policies and procedures established by the marketplace in accordance with the requirements of subsection 9(3) to be "reasonable", they should be clear and understandable to all marketplace participants.

The policies and procedures should also provide for consistent application. For example, if a marketplace decides that it will consider requests for cancellation, variation or correction of trades in accordance with paragraph 9(2)(b), it should consider all requests received regardless of the identity of the counterparty. If a marketplace chooses to establish parameters only within which it might be willing to consider such requests, it should apply these parameters consistently to each request, and should not exercise its discretion to refuse a cancellation or amendment when the request falls within the stated parameters and the consent of the affected parties has been provided.

When establishing any policies and procedures in accordance with subsection 9(3), a marketplace should also consider what additional policies and procedures might be appropriate to address any conflicts of interest that might arise.