At the outset, let me give the requisite reminder that the views I express today are my own and do not necessarily represent the views of the Commission or its staff.
Today I thought I would speak about our path-breaking enforcement work in the past few years in connection with equity market structure. Ten years ago, there was very little enforcement focus on market structure issues. Equity trading was highly centralized at a small number of trading venues and much of the trading was conducted manually, by people, on the floor of an exchange. Time was measured in seconds, not milliseconds, and the Commission brought cases when the people handling the trading, such as specialists, abused their positions. Alternative trading systems (ATSs), including dark pools, were not the household name they are today, and many of the rules we now have in place had not been adopted. The issues that are prominent in the equity markets today simply did not exist and would have been difficult to conceptualize just ten years ago.
In recent history, we have seen major, rapid innovations in the areas of trading and equity market structure. With the passage of Regulation NMS in 2007, the increase in the number of exchanges and other trading venues, the automation of nearly all equity trading, and the emergence of high frequency and algorithmic trading, market structure issues—especially technology-related issues—have taken on increased prominence. Time is now measured in milliseconds or even microseconds, and machines now do much of the work. The result is not only an enhanced policy debate on the future of our equity markets but also a growing role for enforcement activity in this highly complex, and vitally important, part of the financial world.
As a result, we have brought a growing number of market structure enforcement cases in recent years. One key lesson from these cases is that though increased speed and automation comes with benefits, it also presents new and complex threats to investors and the markets. There currently is an ongoing debate at the policy level on these developing issues. We in Enforcement are focused on threats that are potential violations of the securities laws. These include:
- First, fairness in trading venues, including exchanges that do not operate in conformance with rules approved by the Commission, and ATSs that are not operating as represented to subscribers;
- Second, misuse of confidential customer order information;
- Third, failures to adopt policies and procedures that guard against the risks of direct market access, including the risk of out-of-control automation through errors introduced by seemingly minor changes in computer code; and
- Fourth, high-volume manipulative trading, often coming from overseas traders who challenge the reach of our jurisdiction.
The Commission has brought impactful cases addressing each of these varying threats in recent years. These cases send the message that we will act when misconduct disrupts our markets or calls into question the fair operation or integrity of our markets, whether it be fraudulent misconduct or unreasonable failures—which often can be as harmful as fraudulent conduct. I thought that today I would first frame the issue with a discussion of the tremendous changes that have taken place in our markets in recent years. Then, I will discuss the different types of threats I just mentioned in more detail, focusing on the cases we have brought to address each one and the upshot of those cases. Finally, I will look ahead a bit to what is likely to come down the pike in the future.
- THE CHANGING EQUITY MARKETS
As you all are aware, the equity markets have experienced a sweeping transformation in less than a decade. Before Regulation NMS was implemented in 2007, the New York Stock Exchange handled almost 80% of the volume for stocks listed on the exchange. Now the New York Stock Exchange has less than 15% of that volume. Even combined with NYSE Arca, they constitute less than 25% of the market. Today we have 11 different equity exchanges that compete for market share. But that is just part of the story, because the exchanges only have about two-thirds of total market share for trading in Regulation NMS stocks. The other third is in ATSs—mostly dark pools—and broker-dealers that internalize or cross order flow.
We also have experienced increased automation and the growth of high-speed electronic markets. In 2005, NYSE’s average speed of execution was 10 seconds. Today, more than half of the orders priced inside the spread that are executed are done in 500 milliseconds or less. This increase in speed brings with it substantially increased trading volumes. At the same time, the average size of trades has decreased drastically. In the few short years after Regulation NMS, the average trade size for NYSE-listed securities fell from more than 700 shares per trade, to below 300 shares per trade.
And these changes have manifested themselves in more complex equity markets. In addition to the 11 exchanges, we also have more than 40 dark pool ATSs, some of which trade hundreds of millions of shares each week. Competition for order flow among these trading venues is intense. Venues strive to show that they offer low-costs, liquidity, price improvement, and speed of execution. Much of that order flow now comes from high frequency trading firms. Typical estimates are that high frequency trading represents 50% or more of total market volume.
In the face of these significant changes, our role in Enforcement is to ensure that all trading venues and traders comply with the federal securities laws as they exist today. Increased competition, and the race for ever-increasing speed, can generate an incentive to cut corners. We must be there to attach significant costs and consequences to violations so as to deter them.
- FAIR TRADING VENUES
The first threat I mentioned was fairness in trading venues. An overriding goal of our enforcement cases has been to ensure that trading venues operate fairly and in conformance with the rules that govern them.
Let me focus first on the national stock exchanges. In the entire history of the Commission prior to fiscal year 2012, the SEC had never imposed a single civil penalty on a national stock exchange. Since fiscal year 2012, the Commission has brought 7 proceedings involving 9 different exchanges and has imposed more than $39 million in civil penalties.
One of the main issues we have addressed in these cases is fundamental fairness in the exchanges’ approach to executing, reporting, and regulating trading. For example:
- In 2012, the Commission penalized the New York Stock Exchange for releasing trade data to its proprietary customers before releasing the data to the general market through the securities information processor.
- In 2013, the Commission sanctioned the CBOE for failing in its responsibility to regulate trading by its member firms.
- In 2014, the Commission penalized the three NYSE exchanges for failing to conduct their operations in accordance with SRO rules approved by the SEC.
The Commission also has brought cases involving operational issues at the stock exchanges. For example, our 2011 case against Direct Edge was for serious internal controls weaknesses that resulted in a systems outage. In 2013, the Commission charged Nasdaq because of its poor decision-making that violated its own rules when it experienced operational problems during the historic Facebook IPO. The Commission imposed a $10 million penalty on Nasdaq for its failures.
Most recently, just earlier this year, the Commission charged two Direct Edge exchanges. The Commission imposed a $14 million penalty in that case, which, to date, is the largest penalty the SEC has ever imposed against an exchange. The case involved an issue that has received a lot of attention in the industry—complex order types. I am sure that everyone here knows that stock exchanges offer a variety of order types, some of which are quite complicated. The Exchange Act requires that the stock exchanges file their rules, including rules governing order types, as well as any material changes to them, with the Commission for public comment and then ultimately Commission approval. That way, the Commission can help ensure that the rules are consistent with the principles outlined in the Exchange Act and any market participant can look at an exchange’s rules and understand how the exchange operates.
The Direct Edge case involved price-sliding orders—an order type that can affect execution priority and which often are used by high frequency trading firms. Not only did these order types not follow the rules that the Commission had approved for Direct Edge, but Direct Edge separately disclosed information about how the order types worked to only some of its members, including certain high frequency trading firms. The problem here is obvious—the Commission and the investing public need to know how stock exchanges operate, they need to be able to rely on the rules that the exchanges have on file, and the exchanges cannot selectively disclose important information to only some of their members. Those kinds of actions threaten the basic integrity of the market and our cases are designed to ensure fairness for all traders on exchanges.
As I mentioned, exchanges are only part of the story when it comes to fair trading in venues. Off-exchange venues have grown in recent years, especially dark pools and other ATSs. Although ATSs are not subject to the same rules as the exchanges, issues involving disparate order type disclosure and the operation of order types can be just as relevant for a dark pool as they are for exchanges. Our case earlier this year against UBS is a good example. UBS had an order type that it pitched almost exclusively to market makers and high frequency trading firms. The order type allowed some subscribers to place orders with price increments of less than a penny. These orders violated Regulation NMS, which prohibits trading venues like UBS’s dark pool from accepting and ranking sub-penny orders. These orders jumped ahead of other orders that were priced at legal, whole-penny prices. For its violations, UBS paid over $14 million in disgorgement and civil penalties.
The takeaway from these cases is that the Commission will enforce its rules vigorously to ensure that trading venues operate fairly and that customers receive the accurate information they need to make trading decisions.
- PROTECTING CUSTOMER ORDER INFORMATION
This brings me to the second threat I mentioned—the risk that trading venues are not adequately protecting sensitive customer order information.
Regulation ATS requires ATSs to have safeguards in place to protect subscribers’ confidential order and trading information. The reason for this rule should be clear—how can investors trust they are getting the benefit of routing their orders to dark pools if these venues do not protect sensitive and potentially valuable order and execution information?
The Commission recently has brought several cases to enforce this rule. Last year, for example, the Commission brought a case against the dark pool operator, Liquidnet, Inc., which allowed its employees to improperly use confidential information about its dark pool subscribers during marketing presentations and in sales tools. Also last year, the Commission sanctioned a Citigroup business unit that operated an ATS, the LavaFlow ECN. LavaFlow improperly allowed its smart order router to access and use confidential information about ECN orders, thereby allowing other customers to benefit from the order information collected by its ATS.
But the case I would like to discuss in more detail is the one we brought, just three months ago, against ITG, which operates the POSIT dark pool. Despite telling the public that it was an “agency-only” broker whose interest did not conflict with its customers, ITG actually ran an undisclosed proprietary trading desk known as “Project Omega” for more than a year. During an eight-month period, this proprietary desk accessed live feeds of order and execution information from ITG’s subscribers and used that information to implement its own proprietary trading strategies, including one in which the desk traded against broker-dealer subscribers in one of ITG’s dark pools. To capture the full bid-ask spread, the proprietary desk needed ITG’s dark pool subscribers to be configured to trade aggressively and the desk took steps to ensure that the sell-side subscribers did just that.
This is the type of conduct that, I suspect, particularly worries dark pool subscribers, i.e., that dark pool operators are misusing sensitive customer information for their own benefit. Here, ITG unequivocally abused the trust of its customers. While the total proprietary revenues generated by Project Omega were just north of $2 million, ITG agreed to pay an $18 million penalty for its misconduct. ITG also disgorged the $2 million in trading profits and admitted to wrongdoing in the SEC’s order. We will act whenever we see this sort of abuse of customer trust.
- OUT-OF-CONTROL AUTOMATION—THE MARKET ACCESS RULE
The third risk that I mentioned is one that has captured the attention of the industry, investors and the press—out-of-control automation. Five years ago, the Commission adopted a critical rule in this area: the market access rule or Rule 15c3-5. The rule was implemented in 2011 and it requires brokers and dealers who access the markets to have, document, and maintain a system of risk management controls and procedures that are reasonably designed to manage the risk of its market access. The rule outlines two important types of risk: first, financial risk, such as that posed by erroneous orders or orders that exceed capital and credit limits; and second, regulatory risk, such as the risk that pre-trade regulatory requirements will not be satisfied. The rule is designed to guard against some of the risks that arise from increased automated trading and to ensure that firms have mechanisms in place to minimize the impact of errors and systems failures, as well as misconduct by others who use direct access trading.
Enforcing the market access rule has been a particularly active area for us, and the Commission has now brought five cases under it in a little more than two years. The first case was against Knight Capital, which arose out of the market disruption that it caused in August 2012. As you likely remember, Knight’s order router sent more than four million orders into the market when attempting to fill just 212 customer orders. In just forty-five minutes, Knight traded almost 400 million shares, acquired several billion dollars in positions inadvertently, eventually suffered a loss of more than $460 million, and then had to enter into a corporate transaction to save the company.
This event is a classic case of the potential consequences of not having proper safeguards around automated trading systems. For years, Knight’s order router contained a dormant and unused function. Then, when deploying a new software code in 2012, a mistake in the rollout accidentally brought this dormant code back to functionality. The code was unable to recognize that orders had been filled and, because Knight did not have adequate safeguards in place to guard against this sort of inadvertent trading, the result was millions of orders that roiled the markets and jeopardized the viability of the firm. The Commission imposed a $12 million civil penalty on Knight Capital for its violations of the market access rule.
Since then, the Commission has brought other cases that involved similarly poor market access safeguards. For example, this past summer the Commission charged Goldman Sachs in connection with its August 2013 disruption of the options markets. Following an error in code deployment for an internal order matching system, Goldman sent approximately 16,000 mispriced options orders to various options exchanges in less than an hour. Goldman’s procedures for preventing the entry of these sorts of erroneous orders were inadequate because its price collars for pre-market option trading were set so wide that they could stop almost no erroneous orders. In addition, our investigation uncovered that Goldman also had deficient controls for preventing orders that would exceed the firm’s pre-set capital threshold. Goldman paid a $7 million civil penalty for its violations.
The Knight Capital and Goldman cases largely involved erroneous orders. A different problem, which was the focus of our case against Morgan Stanley, is application of the pre-set credit limits for broker-dealer customers. In the Morgan Stanley case, a customer firm had a rogue trader who engaged in fraudulent trading of Apple stock. The trader sent a series of orders to Morgan Stanley for a total of more than half a billion dollars’ worth of Apple stock. The orders grossly exceeded Morgan Stanley’s credit limit for the customer firm, which was $200 million. After receiving the orders, Morgan Stanley increased the firm’s limit to $500 million and then, when that still was not high enough, it increased the limit again to $750 million. Morgan Stanley, however, did not do adequate due diligence to make sure these increases were reasonable. The lesson of this case is that having controls in place simply are not enough—firms must also have procedures in place to make sure limits are honored and that any changes are in fact reasonable, and also guide their personnel about whether to modify controls when an order exceeds a pre-set limit.
I mentioned that the market access rule also requires controls that are reasonably designed to ensure compliance with regulatory requirements, including pre-trade requirements. The Commission’s case against Latour Trading, a high frequency trading firm, illustrates this. Latour frequently used intermarket sweep orders, or “ISOs,” which is an order type that is an exception to the order protection rule and permits exchanges to execute orders without checking for better priced protected quotes at other trading centers. Over several years, Latour sent millions of ISOs that did not comply with the requirements of Regulation NMS. Many of the problematic ISOs resulted from a change to computer code in Latour’s trading infrastructure.
Latour violated a core requirement of the market access rule—that broker-dealers have “direct and exclusive control” over their market access risk controls. Latour instead shared its electronic trading software with its parent company, Tower Research, and a Tower Research employee made changes to the computer code without understanding that it would impact Latour’s systems for complying with regulatory requirements for sending ISOs. To settle the case, Latour disgorged more than $2.7 million in trading profits and rebates that it received from exchanges from these trades, and it also paid a $5 million civil penalty.
The case against Latour, and the others I mentioned, deliver important messages. First, firms with market access must have controls over their automated trading systems and, when designing those controls, have safeguards in place that anticipate mistakes and limit the harm they can cause. Second, non-fraud market structure violations can have severe consequence. ISO violations, for example, can cause other market participants who followed the law to lose executions that they otherwise might have received. And the Knight case had significant market impact beyond the effect on Knight itself.
- HIGH VOLUME MANIPULATION
This brings me to the last of the four threats that I mentioned: high volume manipulation. Detecting, investigating, and bringing cases against those responsible for market manipulation or abusive trading schemes is a core responsibility and priority of the SEC.
The Commission has brought several cases in this category. One involved a manipulation scheme by a high frequency trading firm, Athena Capital Research. Athena placed a large number of aggressive, rapid-fire trades in the final two seconds of almost every trading day during a six-month period to manipulate the closing prices of thousands of NASDAQ-listed stocks. Athena used an algorithm that was code-named Gravy to engage in this practice—known as “marking the close”—in which stocks are bought or sold near the close of trading to affect the closing price.
The massive volumes of Athena’s last-second trades allowed Athena to overwhelm the market’s available liquidity and artificially push the market price, and therefore the closing price, in Athena’s favor. There was no question that Athena was aware of the price impact that its algorithmic trading had, calling it “owning the game” in internal chatter.
The Commission also has brought a series of cases involving manipulation techniques known as “layering” or “spoofing.” In these schemes, the trader sends non-bona fide orders that he or she intends to cancel before they are executed in order to induce others to buy or sell securities at prices that do not represent actual supply and demand. Most recently, the Commission charged a New York-based proprietary trading firm, Briargate Trading, and its co-founder with engaging in spoofing. The firm and the co-founder settled to fraud charges, disgorged gains and paid a civil penalty. Prior similar cases include charges against a Canadian man and a New Jersey Man, with the latter also owning an unregistered broker-dealer.
Layering and spoofing distort our markets by introducing false information about trading interest. These investigations can be challenging because they involve tremendous amounts of data, but we have been successful in identifying this conduct through our use of innovative data analytics.
An additional complexity is that this type of trading often originates overseas, from traders who access the U.S. markets through broker-dealers that act as market access providers. For example, the recent case against the Canadian man involved traders mostly based in China and Korea, and our case several years ago against Biremis Corporation and its co-owners involved four-to-five thousand traders in over thirty different countries. This is an area where the market access rule can be helpful and prevent potential wrongdoing because it imposes obligations on broker-dealers who give market access to overseas traders.
The Commission’s proceeding against Wedbush Securities and two of its officials for market access and other rule violations is a good case in point. Wedbush served as a gateway to dozens of trading firms and thousands of their traders, including overseas traders but, among other problems, Wedbush did not have the required pre-trade controls, and it also did not restrict access to preapproved and authorized traders. This sort of conduct exposes our markets to wrongdoers, and firms that provide that sort of direct market access must be vigilant to pre-approve traders appropriately.
- LOOKING AHEAD
Let me conclude today by looking ahead. We will, of course, continue to focus on the threats that I have discussed today. First, we will remain diligent in looking at various trading venues, including dark pools. Dark pools currently do not have the same disclosure obligations as exchanges. Therefore, it is particularly important that when dark pool operators speak to subscribers about their operations, they speak truthfully and completely. We have and will look at what broker-dealers tell their customers about the way their dark pools operate, whether these statements are incomplete or misleading, and whether the firms are in fact running their dark pools the way they say they would.
We will continue to focus on market access violations, including weaknesses at broker-dealers that lead to highly disruptive trading events. We will be particularly interested in whether broker-dealers are fulfilling their obligations both for pre-trade regulatory requirements and also post-trade surveillance. It is one thing to go after the individual traders, often overseas, who originate the manipulative trades, but arguably more important, and more effective and lasting enforcement, is to focus on the regulated broker-dealers that serve as the gateways and gatekeepers to our markets.
We will also continue to focus on layering and spoofing, as well as other modern manipulation and abusive trading schemes, including trading that cuts across different markets, such as the stock and options markets.
Finally, I have no doubt that all of these areas will involve cutting edge technology issues that we will continue to hone in on. I began by talking about how technology and speed have transformed our markets. Indeed, our market structure investigations are increasingly dominated by our need to understand the technology that forms the backbone of our markets. This includes the computer codes that direct those systems; and more and more, studying computer codes, and the data logs that show how the codes operate, are essential steps in our investigations. It is often the case that we simply cannot do a meaningful market structure investigation without analyzing extremely large sets of orders and trades. We have the expertise and resources to do it. Making sure that our enforcement efforts keep pace with the swift changes to our markets will help investors maintain their confidence in the strength, reliability and integrity of U.S. markets.
I should end by saying that you also play a vital role in ensuring the integrity of our markets. I hope you all continue to hold yourselves to high standards in your conduct. Errors in implementing policies and procedures can directly affect the market as a whole and cause significant harm. We must all remain vigilant to ensure that our markets thrive and operate effectively in the face of increased sophistication and complexity.
 The Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or statement by any of its employees. The views expressed herein are those of the author and do not necessarily reflect the views of the Commission or of the author’s colleagues on the staff of the Commission.
 See Concept Release on Equity Market Structure, 75 Fed. Reg. 3594 (January 21, 2010), available at http://www.sec.gov/rules/concept/2010/34-61358fr.pdf (“Market Structure Concept Release”).
 See BATS U.S. Stock Exchanges, Market Volume Summary, available at http://www.batstrading.com/market_summary/ (“Market Volume Summary”).
 (1) NYSE, (2) Arca, (3) NYSE MKT, (4) Nasdaq, (5) Nasdaq BX, (6) Nasdaq PSX, (7) BATS BZX, (8) BATS BYX, (9) EDGX, (10) EDGA, and (11) CHX.
 See Market Volume Summary, supra note 3.
 See Market Structure Concept Release, supra note 2.
 See Staff of the Division of Trading and Markets, “Equity Market Speed Relative to Order Placement Book” (March 19, 2014) (“54.57% of all full trades occur in 500 milliseconds or less when the order is originally placed inside the prevailing spread”), available at http://www.sec.gov/marketstructure/research/highlight-2014-02.html.
 Current statistics show about 4 billion average daily NYSE volume. See Market Volume Summary, supra note 3.
 See Market Structure Concept Release, supra note 2.
 See Financial Industry Regulatory Authority ATS Transparency Data, available at https://ats.finra.org/.
 See Staff of the Division of Trading and Markets, “Equity Market Structure Literature Review, Part II: High Frequency Trading” (March 18, 2014), available at https://www.sec.gov/marketstructure/research/hft_lit_review_march_2014.pdf.
 Proceedings against exchanges: In the Matter of EDGA Exchange, Inc. and EDGX Exchange, Inc., Exchange Act Release No. 74032 (Jan. 12, 2015) ($14 million penalty; two Direct Edge exchanges); In the Matter of New York Stock Exchange LLC, NYSE Arca, Inc., NYSE MKT LLC f/k/a NYSE Amex LLC, and Archipelago Securities, L.L.C., Exchange Act Release No. 72065 (May 1, 2014) ($4.5 million penalty); In the Matter of The Nasdaq Stock Market, LLC and NASDAQ Execution Services, LLC, Exchange Act Release No. 69655 (May 29, 2013) ($10 million penalty); In the Matter of Chicago Board Options Exchange, Incorporated and C2 Options Exchange, Incorporated, Exchange Act Release No. 69726 (June 11, 2013) ($6 million penalty); In the Matter of Chicago Stock Exchange, Inc., Exchange Act Release No. 70214 (Aug. 15, 2013) ($300,000 penalty); In the Matter of New York Stock Exchange LLC and NYSE Euronext, Exchange Act Release No. 67857 (Sep. 14, 2012) ($5 million penalty); In the Matter of EDGX Exchange, Inc., EDGA Exchange, Inc. and Direct Edge ECN LLC, Exchange Act Release No. 65556 (Oct. 13, 2011) (no penalty).
 See Section 19(b) of the Exchange Act and Rule 19b-4 thereunder.
 In the Matter of UBS Securities LLC, Exchange Act Release No. 74060 (Jan. 15, 2015).
 See Rule 301(b)(10) of Regulation ATS.
 In the Matter of Liquidnet, Inc., Exchange Act Release No. 72339 (June 6, 2014).
 In the Matter of LavaFlow, Inc., Exchange Act Release No. 72673 (July 25, 2014).
 In the Matter of ITG Inc. and Alternet Securities, Inc., Exchange Act Release No. 75672 (Aug. 12, 2015)
 See Rule 15c3-5 under the Exchange Act.
 In the Matter of Knight Capital Americas LLC, Exchange Act Release No. 70694 (Oct. 16, 2013).
 In the Matter of Goldman, Sachs & Co., Exchange Act Release No. 75331 (June 30, 2015).
 In the Matter of Morgan Stanley & Co. LLC, Exchange Act Release No. 73801 (Dec. 10, 2014).
 In the Matter of Latour Trading LLC, Exchange Act Release No. 76029 (Sep. 30, 2015).
 See Rule 611 of Regulation NMS.
 In the Matter of Athena Capital Research, LLC, Exchange Act Release No. 73369 (Oct. 16, 2014).
 In the Matter of Briargate Trading, LLC and Eric Oscher, Exchange Act Release No. 76104 (Oct. 8, 2015).
 SEC v. Milrud, No. 15-CV-00237-KM-SCM (D.N.J. Jan. 13, 2015).
 In the Matter of Visionary Trading LLC, Lightspeed Trading LLC, Andrew Actman, Joseph Dondero, Eugene Giaquinto, Lee Heiss and Jason Medvin, Exchange Act Release No. 71871 (Apr. 4, 2014).
 In the Matter of Biremis Corporation, Peter Beck and Charles Kim, Exchange Act Release No. 68456 (Dec. 18, 2012).
 In the Matter of Wedbush Securities Inc., Jeffrey Bell and Christina Fillhart, Exchange Act Release Nos. 73652, 73653 (Nov. 20, 2014).
The preceding post is based on remarks made by Andrew Ceresney, Director of the SEC’s Division of Enforcement, which were delivered at the SIFMA Compliance & Legal Society New York Regional Seminar in New York, New York on Nov. 2, 2015. These remarks, entitled “Market Structure Enforcement: Looking Back and Forward”, are available here.