Can You Regulate Good Software?

If two new initiatives come out of this morning’s US Securities and Exchange Commission (SEC) roundtable on promoting stability in the financial markets, likely they will be real-time no-cost exchange drop copies for broker-dealers and a new set of industry-wide test symbols that every market center will use.

Every other suggestion brought up during the two-hour conversation from employing third-party quality assurance teams to implementing industry-wide peer review, should have been sung to “Kumbaya.”

Nancy Leveson, professor of Aeronautics and Astronautics and Engineering Systems at the Massachusetts Institute of Technology (MIT) noted in her brief introductory presentation that perfect computer code doesn’t exist and even with the highly regulated industries like aviation and nuclear power generation, stuff happens.

The difference, however, is how those respective industries deal with technology. They are far more conservative in what gets deployed. It’s enough to do the required job and nothing more. They also think using a systems perspective and not focusing on each component.

According to Leveson, NASA spent $100 million annually to protect the 2 million lines of code that operated space shuttle fleet when it was in service.

Can the financial services deploy the same risk-adverse software design used by other industries? I’ll tell you after I return from my trip to Costco to pick up more candles and can goods.

NYSE Euronext’s Lou Pastina made a great observation stating that only 20 percent of broker-dealers come in to test their new software with the exchange. But that minority is responsible for about 80 percent of the volume. They have an economic reason to make sure the market remains stable.

It’s the smaller firms with less skin in the game that should worry regulators and the other industry members. Their risk/reward calculus is quite different from the largest brokerages and it only takes once error to cascade into a market-wide crisis.

Prior to the start of the discussion, SEC Chairman Schapiro notified firms that they, and not their clients, will be responsible for any debt incurred for IT fiascos like Knight Capital’s rouge trading algorithm that ran up an about $400 million bill for the broker. Brokers should not expect a bail out nor regulators and exchanges to break their trades.

Simply put: From now on if you come to market with crappy technology and it breaks, you will be the one footing the bill.