Search
× Search
Monday, December 23, 2024

Archived Discussions

Recent member discussions

The Algorithmic Traders' Association prides itself on providing a forum for the publication and dissemination of its members' white papers, research, reflections, works in progress, and other contributions. Please Note that archive searches and some of our members' publications are reserved for members only, so please log in or sign up to gain the most from our members' contributions.

US regulators propose powers to scrutinise algo traders’ source code

photo

 David B. Weiss, Senior Analyst at Aite Group

 Thursday, December 3, 2015

Futures trading is dominated by computers, and nothing is more valuable than the “source code” of these high-powered machines. Trading groups zealously safeguard this ever-evolving code — which they call their “secret sauce” — in online...


Print

14 comments on article "US regulators propose powers to scrutinise algo traders’ source code"

photo

 Jon Grah, Trading Systems Automation Expert @ AwarenessForex.com

 Saturday, December 12, 2015



Apparently ft does not allow access to articles without a fee. http://webcache.googleusercontent.com/search?q=cache:bfIFlOWUfJMJ:www.ft.com/cms/s/0/137f81bc-944f-11e5-b190-291e94b77c8f.html+&cd=1&hl=en&ct=clnk&gl=th&client=ms-android-samsung#axzz3u6O9WS1r

But who in their right mind would just hand over their source code of a proprietary algo only for casual inspection?


photo

 Guy R. Fleury, Independent Computer Software Professional

 Saturday, December 12, 2015



@Jon, thanks. You are right. However, there remains the need to catch the crooks...

It is not in what they propose. The response to the CFTC's new rule would be defeated by as simple a trick as the Volkswagen gambit: provide the non-malicious source code, the archived version that does not include the cheating. Let them waste their time for months and years to decipher what will turn out to be absolutely nothing worth looking at; meanwhile they will continue with their “secret sauce” which will translate to “continue cheating” until the cease order if any.

We both know it is not fair. That regulators are sleeping at the wheel. But they have the perfect excuse: they are understaffed, underfunded, and underequipped to tackle a problem of this magnitude. So they look at the easy way out.

It took 5 years for regulators to partially understand what happened during the “flash crash” of May 2010! And I still haven't seen sufficient rules to stop it from ever happening again.


photo

 David B. Weiss, Senior Analyst at Aite Group

 Saturday, December 12, 2015



If the regulators simply required all s/w be put into escrow, would that still be a problem from the algo dev./firm's POV? In fact, don't these already exist in the form of each firm's version control. all of which is backed up? Currently that's all available to regulators via subpeona. How easily do you think any firm could wipe all versions of their s/w from all the archives, replicas, backups, etc., as if it never existed? IMO this is all academic b/c the regulators are unlikely to have the expertise on staff to analyze let alone run the s/w... and we all (should) know this... so (again IMO) any heated arguments from either side is a little silly.


photo

 Michael Agne, Long/Short Relative Value Arbitrage

 Saturday, December 12, 2015



Yea that will go over well, give the govt access so it can sell your code to the highest bidder


photo

 Guy R. Fleury, Independent Computer Software Professional

 Saturday, December 12, 2015



@David, they do not need to delete anything. They simply provide a selected (wrong) version of the program from their numerous archived versions and backups. I'm small, but I do have hundreds of trading strategies on my machines. Some with years of iterative versions. Like anybody else, I'm always trying to improve on the programs I like best. You would be hard pressed to find which are more valuable than others. Even I have to backtest to make comparisons, and I have the advantage of knowing the content of my programs which are written in a now dead programming language.

The debate is not silly. On the contrary, it is important. Otherwise, it is like letting the “crooks” have free reins since there would be no one to really stop them. From the understanding of the whole problem will come a way to effectively stop the crooks before they do anything wrong or catch them after they do. Either way, I find it an acceptable solution.


photo

 David B. Weiss, Senior Analyst at Aite Group

 Saturday, December 12, 2015



Guy, you've just made my point stronger... will the regulators have the additional expertise to not only figure out how a single version of code works but as well which version was in production at any given time... and then put it up in a QA environment... really? It's enough to have a principal-based regulation that all source code will be retained on WORM storage for 7y along w/the trading records and comms already there.


photo

 Guy R. Fleury, Independent Computer Software Professional

 Saturday, December 12, 2015



@David, yes, but still, storage is not enough.

As long as there are no enforceable rules viewed as laws and regulations on paper to condemn what should be considered criminal by all, “crooks” are free to do as they please with no hindrance from the law, not even dissuasion.

Why should some big market players need to cheat to make a buck?

In the end, it is society as a whole who is paying for all those types of fraud. We tend to put bank robbers behind bars should they be caught, but we seem ready to applaud the software that can do the same.

Something has to be done. It's the job of regulators to figure out what. I'm ready to give them more time, even if they appear to be behind the curve for more than just a few years.


photo

 Graeme Smith, Investment Manager at The Tourists Portfolio

 Monday, December 14, 2015



Guy I'm not sure if this would work. Firstly the code could possibly be back tested and compared to actual trades. Also presenting the wrong code would probably be a criminal offense, and unless every person involved was 100% sure they wouldn't be caught they might well take advantage of whistle-blower laws.


photo

 Guy R. Fleury, Independent Computer Software Professional

 Monday, December 14, 2015



@Graeme, agreed. A backtest could be a way of verifying if it was the actual program used. But, even that restriction could easily be bypassed.

The process of program version validation is already cumbersome, it is an iterative process which culminates in production.

Would you have confidence enough in the supervisory authorities in protecting your code when they have been so careless in that regard on so many issues in the past?

In my case, it could open up another can of worms. I am not a US resident or citizen!

Furthermore, my current preferred program plays its entries and exits at random. Even when I do a backtest, I get different answers. There would be no way of proving that the program version supplied was indeed the program used. None of the answers would match even using the same price data.

Regulators have to find a better way! Otherwise, perpetrators will start feeding developers to the authorities saying: it's this rogue developer's code, not us.


photo

 private private,

 Monday, December 14, 2015



What would the regulators look for in the source code? Evidence of unfair practices? I can always maintain 2 copies of the code- one with back doors and cheats and one witout- automated build tools make it easy to do something like that if I wanted to.


photo

 Rick M., Trader / Developer

 Monday, December 14, 2015



Back testing code would have no value. It would never match. Especially in a HFT environment.


photo

 private private,

 Monday, December 14, 2015



Code simply does what a human tells it to do. Code can not break the law, only people can break the law. Can anyone give an example where code can be written to break the law? Even if you could do that, only people have intent and they are the only one that can demonstrate intent.


photo

 private private,

 Monday, December 14, 2015



good luck to the govt agencies who bought into the boondoggle


photo

 Oscar Cartaya, Private Investor

 Thursday, December 17, 2015



The current government is very much into regulatory control. It really does not matter what the code is, having code in file gives them the power of finding fault, I really do not believe they intend to sell the code anywhere. There is just too much code out there to scrutinize it all, so the scrutiny and fault finding procedures will in all likelihood be reserved to select cases that have attracted attention somewhere in the government, or applied in a random basis. I would think the audit programs run by the IRS may be considered as a model for this algo code review program. The real issue is that the IRS currently does not have enough investigators to run their audit program properly, and most likely neither will the regulatory body in charge of reviewing code. Code review can not be done by just anybody, and finding trading implications of code malfeasance is really hard to do. It will be interesting to find out what it is they find objectionable once the reviews begin.

Please login or register to post comments.

TRADING FUTURES AND OPTIONS INVOLVES SUBSTANTIAL RISK OF LOSS AND IS NOT SUITABLE FOR ALL INVESTORS
Terms Of UsePrivacy StatementCopyright 2018 Algorithmic Traders Association