Tom Groenfeldt, reporting for bobsguide
The annual SIFMA Technology Leaders Forum & Expo on 19-21 June at the Hilton in New York City gathered speakers from BATS, NYSE Euronext, CME Group, Deutsche Bank, Credit Suisse, Goldmans, BofA Merrill and various politicians and, crucially, regulators to discuss the changing nature of the financial markets. The impact of Legal Entity Identifiers (LEIs), cyber-crime, big data and the cloud on trading were all discussed.
Wall Street supports measures that restore faith and confidence in our financial system, such as establishing a systemic risk regulator and the designation of bank and non-bank firms as systemically important, said Tim Ryan, president and chief executive of The Securities Industry and Financial Markets Association (SIFMA) at the organisation’s annual technology conference in New York City last week.
“We believe a global Legal Entity Identifier (LEI) system will be an important new tool for risk management here in the US and globally. But we cannot support measures which disrupt market functions or increase systemic risk, however, ultimately failing to achieve what Congress and the US Administration sought to accomplish with this legislation.”
His brief opening statement was a little short on specifics, although he did say: “Over 90% of the Troubled Asset Relief Program (TARP) capital funds that went into US banks have been repaid, with interest, dividend and warrant sales, giving a profit of $19 billion to taxpayers to date.”
Ryan apparently saw no need to get into specifics such as the massive taxpayer bailout of AIG which then repaid investment banks 100% on derivatives contracts rather than demand haircuts. (If you want to understand how the industry approaches Washington, and the behind the scenes lobbying that leads to such actions, I’d suggest reading some of the coverage by Matt Taibbi in Rolling Stone for an interesting perspective).
The annual SIFMA Technology Leaders Forum & Expo (commonly known as SIFMA Tech) is not, however, the venue for deep discussions about Wall Street, finance and the real economy. Technological advancements driven by the markets or the regulators, with new stipulations such as Dodd-Frank and post-crash transparency rules coming in, tend to dominate the discussions here.
The general sessions at SIFMA Tech 2012 were attended by 200-300 people at most and many of the breakout programs had only 20 or 30 people attending. IBM and SAP were exhibiting, but big players including Oracle, Microsoft and SunGard left some time ago, suggesting a dilution of the show from previous glories.
That’s partly because outside players are now running their own events. The TABB Group had a conference that attracted about 400 people just a week or two ahead of SIFMA. Flagg Management packs financial tech people in for its conferences like High Performance Computing on Wall Street at the Roosevelt. More than a few attendees and exhibitors last week were asking each other if they would bother with SIFMA next year, yet enough still turned up to have some worthwhile discussions.
Legal Entity Identifier
The LEI initiative appeared to be going down two or more tracks at SIFMA Tech. The Commodity Futures Trading Commission (CFTC) will require counterparties to register their LEIs for swaps reporting by September this year, said speaker and CFTC Commissioner, Scott O’Melia.
“LEIs let the CFTC understand the relationships and monitor trading across markets and identify systemic risk,” he said. “It is clear that an LEI is feasible and the sooner we implement it the better. The Commission is moving forward and we hope to have the LEI in place by September.”
This doesn’t sound much different from SIFMA last year when the US was actively pushing a centrally controlled LEI, eventually with ISO, SWIFT and the Depository Trust & Clearing Corporation (DTCC) to run the operations. Europeans turned out to be less enthusiastic.
The G20 asked the Financial Stability Board (FSB) to study LEIs and make recommendations, which it did on 8 June 2012. Contrary to the highly centralised plan proposed around the DTCC and SWIFT, the FSB called for a federated implementation.
“Since the LEI system is by nature a public good, there is a need to make sure that the gains for the broader public are captured and that provision of the LEI is not exploited in ways that do not benefit the public.” It called for flexible identifiers that take into account “jurisdictions with different regulatory, legal systems and local language character sets."
At the SIFMA panel on LEIs, Robin Doyle, JP Morgan Chase senior vice president (SVP) and chief financial officer (CFO) for corporate risk, gave a somewhat guarded endorsement of the FSB recommendation. Her concerns centred around the quality of the data that local operating units in countries would provide, and maintain.
“It is critically important that they adhere to strong global standards and some centralisation remains to ensure the overall quality is maintained.” Federation raises concerns and needs to be watched closely, she added. Doyle, who has served as co-chair of the LEI Trade Association Group, added that she was impressed by the speed the G20 and the FSB were moving to get LEIs implemented. “It’s pretty good in government terms.”
The DTCC, which hopes to be designated as the LEI provider by the CFTC, isn’t sitting around waiting. It already has 20,000 LEIs in its system and updates the files, which will be publicly available at no charge, daily, according to Mark Davies, vice president for business development at the clearing house.
JPMC is already asking clients to register for LEIs as part of the on-boarding process, said Doyle.
At a separate lunch panel, Lucille Mayer, a managing director at Pershing, said she wished the regulators would converge and get behind one LEI standard. “If the regulators keep going at their own pace, I don’t know how we are going to make this work. Everyone wants their own identifiers and the premise of LEI is one identifier that works across all different types of businesses.”
FBI and cyber-crime
As financial services firms become more secure, cyber criminals are going after their law firm, which tend to be less secure but are at the centre of every financial deal in the country, said Mary Galligan, special agent in charge of the New York Office of the Special Operations/Cyber Division.
The FBI keeps busy in New York. As the largest financial centre in the US, it is the number one target for cyber intruders. In addition, the United Nations is both a target for cyber intruders and a source of cyber threats.
Galligan said the FBI divides threats into five areas. Hactivists like Anonymous can cause problems in reputations for firms. “They will find vulnerabilities and post them.” Essentially though, cyber criminals are looking for money: one gang recently stole $9 million from ATMs in one day but these ‘retail banking’ attacks can be less worrisome than those targeted at investment banks and exchanges.
Espionage can be more damaging, especially if it is aimed at large nationally important corporations, exchanges and institutions and national security assets. State-sponsored espionage is the FBI’s top concern. China is widely believed to be the primary sponsor of corporate espionage. RSA, the security company now owned by EMC, had its system hacked last year and its one-time password (OTP) token information stolen via a common trick – a phony email which led one employee to click on an Excel spreadsheet and cause the huge data leak.
“China was in, and they owned the system,” explained Galligan. The Chinese used the tokens to break into Lockheed Martin, however, not to focus on using bank customers’ OTPs to withdraw money fraudulently. Lockheed Martin said the attack was detected before vital information was stolen, but defence publications say the entire F-35 fighter program was heavily compromised and data breaches are one reason it is behind deadlines and over budget.
The Global Payments data breach, revealed at the start of this year, when the personal details of cardholders at Visa, MasterCard and other card issuers was compromised after a security breach at the payments processor is also another concerning incidence of lax security.
Speaking at SIFMA Tech 2012 Galligan said that Verizon Business Services has estimated that 97% of intrusions could be prevented. Security, she added, starts with the individual and the company’s policies around things like plug-ins and should build out from there. These rules apply to brokers, traders and investment houses and exchanges as much as anyone else.
“At the FBI, you can’t plug in. You have to sign out a thumb drive with a security officer. You can’t bring an iPad or an iPhone into the building either, only an encrypted BlackBerry,” added Galligan. She asked the Expo attendees in New York City if they take their regular devices with them when they travel to Hong Kong or China, or do they take clean devices? Something to think about.
Firms should also have technology topography maps, she added. Those that have grown their technology really fast, need maps to know, and to show investigators, where their systems are.
In addition, she urged firms to maintain physical access logs. “Keep your logs as long as you can. The average computer intruder has been there for six to seven months before you know it, and logs are simple and cheap. And look at who monitors your systems. The best firms bring in a third party, or two third parties, to review the systems and the access of the chief technology officer (CTO) and the chief information officer (CIO).”
Tom Deutsch, program director for big data technologies at IBM, said “mass intimacy” will be a competitive advantage, especially for Tier 1 banks which are making the IT investments it requires. He reached outside finance for an example by asking the last time anyone had been as satisfied with their financial institution interaction as they are with Netflix? The feedback feature in Netflix provides customers with a role, which makes them happier, he said. “Does that look like the interactions financial institutions have with their customers?"
The big banks are leading the way to catch up with innovative online retailers and suppliers like Netflix. While Tier 2 and Tier 3 banks have often competed by knowing their customers better, the Tier 1 leaders are now building out mass intimacy, using big data and analytics to understand their customers better than a local bank does. That’s a real threat to the next tiers, he said.
Peter Sondergaard, SVP and global head of research at Gartner, noted the huge expansion of technology in recent years – 800 million smartphones, 1.5 billion PCs active at any one time, 2 billion people on the Internet, 5 billion devices connected to the Internet, 87 billion Google searches per month, and we have just scratched the surface.
Technology is the enabler for managing growth, costs and risk, he added, laying out four key trends:
• First is the importance of information, which might be called big data, and the ability to interrogate it effectively. Information has become more important than oil, said Sondergaard.
• The second major trend is cloud computing, which he said is about the industrialisation of information technology. It will revolutionise the way we use IT over the next 10 years.
• Third is mobile and context aware computing. “IT is in the hands of every walkable person and in every physical object we have on the face of the earth.”
• Fourth is social media which Sondergaard said is changing the way IT is used within the organisation.
“Big data is not really about big data but about big context,” he added. “The context in which the data appears becomes important because it provides an ability to see patterns and deviation in patterns.”
IT will have to change, starting with process and then moving to application and finally to data. Leading organisations are collecting all the information available, then building the process and then designing the IT application.
“This puts in question every enterprise resource planning (ERP) system in the world. It will take time, however. God created the world in seven days but he had no installed base. By 2014 the architectures you have in place now will be obsolete.”
The cloud, social media and analytics
Financial firms that want to use social media sentiment and news for trading should leave the massive amounts of data in the cloud, said market experts at the SIFMA Tech 2012 Leaders Forum and Expo in New York last week.
Speaking at the afternoon session from 1.30-3pm on Wednesday 20 June, Amazon Web Services’ Peter Sirota, the general manager of Amazon Elastic Map Reduce, said his firm offers users the opportunity to apply algorithms to determine sentiment. Twitter feeds can show up problems at a company ahead of any formal announcement. As general manager of the Map device, he said that this interactive, crowd sourced data development is still in its early stages. Companies don’t have the data scientists to make sense of the data yet, and since there aren’t enough to go around they have to grow their own talent. The implications of studying crowd sourced data and crowd behavior have long been understood by the financial markets where ‘herd-like’ behavior can often be spotted.
“We also have a void in tools to write algorithms, although there are start-ups building tools to make this easier,” added Sirota. “Return on investment (ROI) isn’t [definitively] proven yet and vendors are not proven. That is where we see a lot of testing and trials.”
Experimenting in the cloud, which doesn’t require large capital outlays, makes sense. Speaking at the same session entitled ‘Using the CWS Cloud for Financial Data Processing and Storage’, Ed Dabagian-Paul, vice president for technology infrastructure services at Credit Suisse, said that if companies are working with public data it also makes sense to keep that outside.
Amazon’s Sirota suggested that the cloud could serve as a data hub and firms could build services on top.
Dan Joldzic, vice president of financial products at Alexandria, said that finding a reliable lead on Twitter or from news could provide a day’s lead on a stock price movement, which would produce an outstanding return. Accuracy rates for statistical models that capture content can be in excess of 90%. Sentiment persists, he added, and can be used to enhance return in longer-term financial models and algos, in addition to models created for high frequency trading.
If you want to understand the future of financial markets look within seemed to be the message, as the answer lies within people and their interactions, opinions and actions. While this is certainly true for the crowd sourcing theory, it is also true for the regulators who are seeking to create a new regulated environment for financial markets.
• For more information on the SIFMA Technology Leaders Forum & Expo 2012 in New York City please click here.