High-profile trading glitches over the past year have put the issue of software testing in the crosshairs of industry regulators and market participants.

“We’ve experienced a significant uptake in demand for our software testing practice given the failures we’ve seen recently,” Larry Ryan, chief technology officer at BJSS, an IT services company, told Markets Media. “Testing is mandatory not only at the firm level but at the market level. Systems need to be resilient while processing 100,000 transactions per second.”

Software engineers need to accept the fact that it’s impossible to remove all bugs, and that system recovery in the event of a failure is an important dynamic.

“We can test all we want, but we will never identify all bugs nor have the resources to remove them,” added Ryan in a recent TabbForum article. “In fact, if you have no known bugs you probably are not testing enough or properly. More worrying, the number of defects will not decrease over time, but rather increase.”

Recent multi-million dollar losses in capital markets caused by technology glitches and “runaway” algorithms, as well as erroneous trades and errant trader behavior have heightened demand for tools to control risk during the electronic trading process.

InfoReach, a provider of trading platforms, has embedded risk limits within its InfoReach Trade Management and HiFREQ multi-broker trading systems, covering orders originated manually, algorithmically, via API or via FIX. The controls are also available as an independent software module for firms using other execution and order management systems.

Pre-defined risk checks trigger alerts, allowing users to adjust trades or block the release of non-compliant orders, the company says. Risk limits can be established for such variables as users, categories, instrument, position, unit and destination (broker desk, algo and direct market access).

By employing the risk controls, trading firms can prevent fat-finger mistakes, avoid adverse market impact, check for duplicate, stale or runaway orders, and lag orders that exceed a broker’s own internal risk thresholds or those of a buy-side client.

“These automated risk controls make it possible for our buy-side and sell-side clients to quickly and seamlessly apply a hierarchy of safeguards and oversight to all their electronic trading across asset classes,” said Allen Zaydlin, chief executive of InfoReach, in a statement. “We’re empowering them to identify risk as well as arrest or control it on a real-time basis.”

While the InfoReach risk controls can prevent adverse order execution, they do not fix any software bugs themselves.

Increased investment in quality assurance can improve system resiliency, but, ultimately, there needs to be testing at market level to ensure that component defects are controlled and limited, said Ryan in the TabbForum article.

“Many years ago, trading systems were simpler and we regularly conducted industry-wide tests; this would be very difficult to accomplish today,” he said. “We should build to keep the market up, expect failures, but be ready to handle failures quickly and effectively. Achieving this goal requires a market-level quality assurance process and matching investment to support this process.”

BJSS builds bespoke IT systems for capital markets firms, employing an ‘agile’ software development approach.

“Twenty years ago when BJSS started, capital market firms and financial institutions held their operations close to their chest and consumers and regulators didn’t question those operations,” said Mark Hipperson, president of BJSS. “Today, financial services businesses know all too well that we are in an era where increased regulations and complexity hit the bottom line.”

Read full article>>