“The four most beautiful words in our common language: I told you so.” (Gore Vidal)
Glitch Driven Trading
The software glitch that pushed Knight Capital to the brink of extinction has simply reaffirmed two truths we’ve known for a long time (see: Rise of the Machines). Firstly, the rise of machine driven trading is exposing markets to risks that aren’t manageable. Secondly, the people regulating the markets don't understand, or don't want to acknowledge, what those risks actually are.
Behind this lies a fundamental issue: you can regulate to punish people retrospectively for their failures or you can limit innovation to reduce the probability of the issues happening in the first place. It’s time to focus on the latter rather than the former because, if "this could happen to anyone" it could happen to you.
Each time some software problem causes markets to shudder we see a knee-jerk reaction by commentators and regulators. Each time we see shock and horror expressed by people who don't seem to have any idea what software development really involves. It’s like an attempt to explain the Higgs boson by a fine arts student; or a journalist, which usually amounts to the same thing.
The first thing that these technical neophytes need to get fixed in their heads is that software is never perfect, never without risk and will always, eventually, go wrong. This isn’t negotiable, no software can be made 100% reliable and programs used in securities markets will tend to be less reliable than that in other situations because of a combination of the competitive pressures and the adaptive nature of the markets themselves. This IEEE paper gives a summary of the things that can go wrong:
“If there's a theme that runs through the tortured history of bad software, it's a failure to confront reality.”
Take, for example, some of the most reliable software around, that used in fly-by-wire aircraft systems. Typically these systems have in-built triple redundancy – basically you have three computers, running software from different sources, each of which is cross-checking the other computers in order to make a decision. And even this sometimes goes wrong.
Usually when systems of this type fail it’s because they’ve been exposed to external conditions that the designers didn’t take into account. Given that aircraft have to fly about in all sorts of weather conditions and that the weather isn’t entirely predictable (see: Whither Forecasting? The Butterfly Stirs) it’s not surprising that occasionally a glitch occurs. This is why we have pilots as well as autopilots. And sometimes this too goes wrong because of the way that the pilots interact with the software.
Computer on Computer
However, securities markets are if anything more unpredictable than global weather systems. Firstly you have the problem that any system is going to be relentlessly probed by competitor systems looking for an edge. It’s hard to get an accurate estimate but there’s fair evidence that a high proportion of trades these days may be between computers, possibly as high (or even higher) than 50%. Leaving aside what the purpose of such trades is, it’s easy to imagine two independently designed systems will expose different weaknesses in each other’s programming. Now imagine that multiplied many times as dozens, if not hundreds, of these systems compete, and wonder not that we have glitches but that we have so few.
Secondly, the behavior of automated systems changes the market conditions – and may do so in such a way that the systems themselves are opened up to behaviors that they don’t expect. Changing market conditions may change the behavior of human participants as well, so the whole system is continually in flux.
Yet trading companies don’t have the luxury of aircraft designers, who are usually designing and testing their systems over periods of years, before declaring them stable. Once tested and deployed aircraft software doesn’t change very much, yet still has the odd bug in it. Trading software, on the other hand, will be being produced rapidly and usually under time pressure. What chance perfection?
Part of the problem with software systems is that the people managing the developers often don’t understand the nature of coding. They mistake the fact that it’s easy to change a line of code – after all, it’s just typing – for the fact that it’s hard to change a line of code and get it right. Even the best designed software will contain unexpected coupling where changing a bit in one place can cause problems somewhere else: this is why testing is such a crucial part of the software development process.
Unfortunately testing trading software in isolation from the market can still only take you so far. Sometimes the only true test is when systems are deployed into the market. Unfortunately, as Knight Capital has discovered, this can uncover problems that testing doesn't reveal.
If this was an isolated and an isolatable problem then we could leave this to the retrospective actions of regulators and, no doubt, lawyers. Unfortunately neither of these conditions applies. It’s not an isolated problem – we’ve seen the 2010 flash crash (see: Fall of the Machines), and the Facebook IPO issues (see: Unfriend Those IPOs), including UBS’s spectacular losses therein, and there are no doubt lots of less obvious issues. And it’s also not an isolatable problem, because these issues introduce systemic risk to the complex and globally integrated Heath Robinson contraption we call financial markets.
If coding cock-ups impact only the organization directly implicated then so be it. Knight Capital has lost $440 million when, as an intermediary, they weren’t even supposed to have significant exposure to markets. The firm's shareholders are paying the price for their company's failings. This is how markets are supposed to work, and if companies can’t manage their own risks then they will ultimately suffer the consequences. The problem really occurs when this has systemic implications beyond the companies directly involved.
Investors, of course, have several lessons to learn from this. The first one might be to avoid all companies that trade in software risk because the exposure to negative Black Swans is all too obvious. Better buy something that doesn't require you to trust the ability of caffeine addicted coders to get complex stuff right under tight deadlines. The second is that institutional investors should be demanding detailed explanations of how such companies are managing their software risks; and taking the appropriate actions if they don’t like what they see.
Regulators need to take a different approach, too. The systemic risk of organizations failing to manage their software demands a proactive rather than a retrospective process for overseeing this. Insisting on the equivalent of a pilot, and ensuring that the pilot can actually take control of the plane when required, would be a small first step. Introducing a software audit process, which could be handled by existing standards bodies, to ensure that firms are meeting the development and testing processes required to allow what is mission critical software to be deployed into live markets is another.
A Greater Purpose
Of course, this still leaves open one question. Is it right that automated trading systems should be allowed at all, because if these trades are purely to generate profits for securities firms but do so by exposing us all to greater risks then would we all benefit by outlawing them? After all, none of this seems to contribute to the total sum of human happiness, or at least to the main purpose of securities markets which is to provide mechanisms for firms to raise capital and for investors to take partial and equitable ownership of companies. Of course, the argument is that this type of speculation has happened since the dawn of trading; but never before has it threatened the integrity of global markets. New times require new thinking.
Still, as we saw in When Muddled Modellers Muddle Models, there are all sorts of model risks. Recognizing that software models are always going to fail and operating on the assumption that there’s a problem just around the corner is the only safe way to proceed. Hopefully managements and regulators will catch up soon, but there’s no need for investors to wait for them.