Tue, Jun 7, 2016
In the intervening period since the announcement of the Code, incidents which have a material impact on the market continue to take place. Notably, the regulator can hold to account any market participant be it bank or broker, hedge fund or asset manager, for a market impact incident. Any subsequent discovery of non-compliance with the Code would just add fuel to the fire.
Registered SFC entities engaged in electronic trading are mandated in the Code, if they have not already done so, to conduct regular reviews of their electronic trading controls to ensure compliance with their own policies and regulatory developments. Moreover, they are required to remedy any deficiencies identified.
It is clear that both electronic trading and cybersecurity are receiving much regulatory attention and are viewed by the regulator and industry alike as high risk and priority areas.
Duff & Phelps has conducted a number of reviews on behalf of clients to assess their arrangements for adherence to the Code. Through these reviews we have examined and tested a variety of circuit breakers and identified common failings in areas where firms do not meet the requirements of the Code. We can offer practical insight into the measures and controls that are expected to maintain an orderly market and protect against reputational risk.
The below are the key areas from the Code where we have noted common failings and can add value through identifying areas of concern that may require further action in terms of evidence, testing and/or remediation:
In addition to the above, Duff & Phelps has a proven risk-based methodology in assisting clients in meeting regulatory expectations with respect to their cybersecurity arrangements. We can conduct a full cybersecurity review delivering a report that includes a risk assessment, implementation oversight of risk mitigation actions, information security and compliance policies, and a cybersecurity response and recovery plan.
End-to-end governance, advisory and monitorship solutions to detect, mitigate, drive efficiencies and remediate operational, legal, compliance and regulatory risk.