Are we compliant? Are we not? That is always the big question. How do we even know, as we pour over exchange policies trying to find answers on what we should and shouldn’t be doing; if we even have the time and resources for that. Then comes the dreaded audit. Do we say we really didn’t know? We couldn’t keep up? Or that we just simply did not have the bandwidth to focus on compliance? Does this sound familiar?
Firstly, it is always better to clean house up front and show exchanges and data providers that you are making your best effort. How? Rules and Regulations vary from exchange to exchange, but the bottom line is their intention to prevent unauthorized use of their data. Otherwise it’s simple, you pay for what you have access to; irrespective of what you are using. Exchanges audit where permissioning takes place; therefore think about the permissioning systems and the controls you have in place; is your inventory system capturing what it needs to and are you asking the right questions internally to application developers and owners?
What are audits? What are exchanges and vendors looking at when auditing?
Initially, the concept of an audit is simple, one compares what is permissioned to what is reported for the audit period. Simple right? Subtract the reported and supposedly here is the under-reported amount which would be multiplied by the fee charged by the exchange and voila! The end user firm writes a check to the exchange and moves onto business as usual. Not likely! This is of course where it gets interesting, interpreting policies, looking at exceptions and waivers, analyzing technical set ups, interviewing application owners and most importantly trying to find out where all of this data is going.
In the end, the impact on the exchanges and the firms is they have the burden of coming together at the end of an audit, to come to an agreement as to what is a fair assessment, based on the auditor’s recommendations and how they will rectify some of their compliance errors going forward.
One of TRG Screen’s areas of expertise is to guide end user firms through the audit process, help ensure no (more) large penalties and tighten up business processes with best practice recommendations. In this perspective we lately have received many requests from end-user firms to assist them with managing these compliance audits and in becoming compliant with the agreements of the providers of market data:
- Reviewing client’s market data desktop usage and data access declarations
- Reviewing client’s internal display applications that source data from exchanges and/or vendors
- Reviewing the Terms & Conditions of the agreement(s) with the source covering the audit period
- Creating an analysis for the client of the audit period; the exposure and the risks
- Reviewing the preliminary audit report as issued by the market data source or their auditors
- Developing client’s response to audit findings from the preliminary audit report
- Clarifying client’s position on unit of count and other criteria defined by the market data source
- Providing details on the internal display and non-display applications in question
- Calculating client’s financial reporting and declaration position for the audit period
- Assisting client in personal meetings with staff from the market data sources and/or their auditors
Audits are the rule rather than the exception and vendors and exchanges invent new pricing models each and every day. The administrative workload of market data managers has grown exponentially. And it hasn’t come to an end yet.
Free case study & whitepaper
To learn more on how to get in compliance with the Terms & Conditions of stock exchanges, market data vendors and third party data providers, please download our free case study Market & Reference Data Compliance
To learn why audits are being conducted, and the current situation around market data compliance and how it affects user firms, please download our free whitepaper Audits are a Tricky and Contentious Topic
Please do not hesitate to contact us, if you wish to discuss any concerns you may have with respect to compliance issues.