Tackling Audit Trail Compliance – Tips for Managing Complex Back Office Reporting Functions

Pop quiz: When it comes to functions performed in a trading or clearing operations, audit trail compliance:

  1. A) Makes little or no contribution to a business’s revenue line
  2. B) Is mandated by regulators like the CFTC
  3. C) Appears simple on the surface but is actually naggingly complex
  4. D) All of the above

Unfortunately, the answer is D.

However, the good news is that audit trail compliance, a component of CrossCheckTM from BornTec, can make this unpleasant task easy and, in the process, deliver both regulatory cover, greater operational efficiency and enhanced business insights. 

Challenges with Audit Trail Compliance (ATC)

The unification of trade flow data is a persistent and often difficult component of managing compliance responsibilities. Tracking and reporting on all trading activity is a seemingly simple exercise but it winds up being very complex in a real world setting. In the derivatives world, compliance is mandated by the CFTC but enforced by the individual exchanges, e.g. CME Group or ICE. 

Some of the challenges with ATC are:

  • Lack of uniformity in both information provided and reporting required by and among exchanges
  • Multiple ISV sources, e.g. TT, Fidessa, or CQG, that deliver what amounts to unstructured data due to a lack of consistent formatting 
  • Unique and non-standardized direct market access (DMA) feeds
  • Changes to source files and formats that lead to incorrect or incomplete data capture 
  • Difficulty in tracking and accounting for missing or incorrect files in real time
  • Requests for audit trail information may come a year or more after the fact: the CFTC requires that records be retained for 5 years
  • Fines from exchanges for non-compliance with rules and regulations

Given the complex and diverse data challenges involved, it pays to fully understand the issues to be faced. In order to fully manage audit trail requirements, a number of steps must be incorporated:

  1. Data retrieval: There are a large number of data sources so it makes sense to utilize automated data retrieval via SFTP or other standardized format wherever possible.
  2. File validation: Begin with a check to ensure that the file received is valid and proceed to confirm that the correct structure of rows and fields is in place.
  3. Data normalization: the format of data varies between sources so it needs to be parsed and recorded so that it fits within required data parameters in a common schema.
  4. Completeness checks: Data must contain all required information but is often deficient. Consuming and comparing to drop copy data is a check to fulfill this requirement.
  5. Query and export: data must be accessible in order to have value so a final step is to build out functionality that allows for easy querying and export of audit trail records. This information can then be combined with other trade data to deliver unique insights into market activity.

Audit Trail Compliance in CrossCheckTM from BornTec

ATC may be an unpleasant but necessary task in trade processing but it can be efficiently handled with the right tools. The ATC solution in CrossCheckTM has a number of winning attributes.

  • Completeness verification: Missing files, empty files or incomplete data are common problems that are routinely flagged and managed.
  • Full data validation: Vendor code changes can be common and lead to data corruption or inconsistency with respect to exchange requirements. Our ATC module allows you to stay on top of these changes.
  • Rapid Data Retrieval: Data that is stored on a file server is inaccessible to most personnel; searches take days-weeks. Our solution puts data and reports right at your fingertips. 
  • Format Auto Detections: Vendors often change the format of their files, making data searches and audit trail reconstructions difficult. We can readily flag discrepancies and our team stays on top of issues that are common to the industry. 

On its surface, ATC is one of those “no win” functions in a clearing operation that has nothing but downside: it is a non-revenue producing task but can lead to regulatory fines if it is handled incorrectly. In reality, a complete audit trail picture can be combined with other data to enhance risk management and trading analytics, increasing insight for the enterprise. ATC from BornTec delivers on all counts.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.


Challenges Ahead for a Healthy Derivatives Industry

FIA IDX in London is one of the bellwether events for the international trading community, and the 2023 edition shone a spotlight on an industry that is experiencing strong growth while simultaneously dealing with the challenges brought along by rising volatility and outside threats like cybercrime. The record 1,100+ attendees attest to the health of the industry while the topics discussed highlighted the many challenges that must be faced in order to maintain that strength. In particular, panels on the future of markets, operational efficiencies, and operations resilience highlighted key areas that are attracting the attention and resources of participants.

Top Challenges for the Derivatives Trading Industry

The derivatives industry is seeing robust growth but that growth presents challenges that must be met. Three panels, in particular, brought these challenges into focus:

  • The future of markets: After years of low-interest rates and relatively quiet market volatility, risk is back. As a result, there is a heightened interest in improving real-time risk management in order to gain an understanding of a true risk management profile. To achieve the best results and drive innovation, collaboration is needed across the technology and operations stack. 
  • Operational efficiencies: Operations is the backbone that drives risk discipline and it requires good data in order to map the risk landscape. There are automation gaps in derivatives markets that must be addressed and new technology approaches, including low code / no code automations, are assisting in these efforts. More standardization of data from exchanges and CCPs is needed because high-quality, reliable data is a necessity to be able to grow safely at scale.
  • Operations resilience: The ION Post Trade Processing ransomware incident makes it plain that it’s not a matter of “if” but “when” a cyber event will affect an enterprise’s operations. A top-down understanding of infosec is required, with constant training around a response plan required. Collaboration, internally and with partners and competitors alike, is key and the industry is making great strides in these areas.

Building on Trust in International Markets

Trending topics get the headlines but it’s the nuts and bolts issues that most accurately reflect where the hard work in the derivatives trading industry is being done. Crypto was the buzz topic in recent years, and that focus has now shifted to AI, but the lessons learned from the systemic stresses encountered during the Covid 19 pandemic and, more recently, with the ION Trading ransomware event indicate where the difficult challenges are being met. 

In his opening remarks at IDX, FIA President and CEO Walt Lukken emphasized trust as a key to industry success. Pointing out that trust is “gained over a long time but lost in a moment”, Lukken noted that “in global derivatives markets, we need each other more than ever to overcome challenges, understand our differences, and find collective solutions that benefit our markets – and the global economy as a whole.” Trust is the essential foundation on which success is built. In that regard, the international derivatives industry is in very good shape.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.


Data is a Key Component for Enterprise Resilience

It’s no secret: cyberattacks are a perpetual pandemic. Incidents rose by 38% in 2022 according to Check Point Research, with a new attack occurring every 40 seconds or less. And, as the trading industry learned from the ransomware attack on ION Trading in January 2023, a company doesn’t have to be a direct target of an attack to feel the negative effects. 

With an endless rise in cybercrime, it is more important than ever to take steps to be prepared to maintain resilience for your company when an attack occurs. Good internal hygiene and practices are a must but it is equally important to be prepared for an event over which you have no control. It is difficult to cover all possible threats. Therefore, in addition to following best practices, it is essential that strong contingency plans be created so that risk can be minimized if a cyberattack affects the operation of your business. 

Data and operational resilience

It should come as no surprise that operational data is an essential ingredient to a robust resilience program. In a data-driven economy, it’s data that powers the risk engines, business analytics, and financial reporting that are the fundamental building blocks to a healthy enterprise. Unfortunately, a cyberattack will likely disrupt the normal flow of data, resulting in a severe disruption to normal business operations.

This is exactly what happened with the ION Trading incident. ION is an integral part of the transaction chain for financial markets, particularly listed derivatives, providing key software for the middle and back office processing of transactions. When they were taken offline in a ransomware attack these critical programs and processes were brought to a halt. It was a classic “spanner in the works” scenario: the problems at one company caused critical breakdowns that affected all companies.

The (ION Trading) incident showed how even banks and other financial companies with polished disaster plans and mature cybersecurity must assess how ready their business partners are.“It is a stark reminder of vulnerabilities in supply chains and third-party resilience. You are as good as your weakest link.” – Sumeet Chabria, CEO, ThoughtLinks Group. Wall Street Journal, February 10, 2023

Keys to Increasing Data Resilience

Fortunately, it is possible to take steps to build data resilience in order to lessen the impact of a disruption to normal operating conditions caused by a cyber incident. Some of the key facets to such an effort include:

  • Map and document data sources: With multiple exchanges, each having their own unique formats, a complex web of give-ups and give-ins with a wide variety of counterparties, and key vendors providing input and analysis, the data map for a firm is complex. Take the time to untangle the web and document how data is both created and flows throughout the process.
  • Recognize dependencies: It is especially important to understand how data and analytics are dependent upon each other. At times, a single source of truth may exist, creating a possible bottleneck. These areas deserve special attention and care.
  • Construct a parallel data repository: Once the data landscape is understood a next step is to construct mechanisms that will be a parallel data repository that functions in as close to real time as possible. This data repository will be a necessary ingredient to keep systems operating in the event of a disruption.
  • Create a disaster plan and keep it up to date: Too often, a disaster plan is a “one and done”; completed and then put on the shelf. In practice, a disaster plan needs to be a living document, with regular review and dry runs to make sure that all bases are covered.

Data Resilience and BornTec

The ION Trading ransomware event was a wake-up call for the trading industry. As usual, the exchanges, clearing firms, vendors and clearinghouses that make up the ecosystem were at their best in a crisis, pulling together in cooperation to keep markets up and running. The FIA, industry regulators and others are hard at work to learn from the incident and build best practices for the industry to follow. In the meantime, it is a good idea for all participants to reconsider their own contingency plans, particularly when it comes to data resilience.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.


BornTec Divests Managed Hosting and Colocation Business in Deal With TNS

Acquisition ensures seamless integration with uninterrupted colocation services and enhanced mission-critical connectivity

RESTON, Va.–(BUSINESS WIRE)–Transaction Network Services (TNS) and BornTec today announced TNS’ acquisition of BornTec’s managed hosting and colocation business. This acquisition continues TNS’ expansion of its global connectivity footprint and builds on previous acquisitions.

For BornTec, the move was strategic. “This divestiture allows us to sharpen our focus on our industry-leading CrossCheck trading data analytics platform, bringing us to the forefront of at-trade and post-trade operational resilience, data intelligence and automation,” said Derek Haworth, CEO of BornTec.

“We’re extending our reach and connectivity with the same white-glove service and single-source support that BornTec’s customers expect”

For TNS, the acquisition expands mission-critical connectivity for TNS’ diverse customer portfolio of exchanges and trading venues, buy- and sell-side institutions, market data vendors, software developers and cloud service providers around the world.

“We’re extending our reach and connectivity with the same white-glove service and single-source support that BornTec’s customers expect,” said Tom Lazenga, General Manager, Financial Markets, TNS. “BornTec is a capital markets visionary, and this acquisition fits seamlessly into TNS’ managed hosting strategy that we embarked on five years ago.”

In 2019, TNS augmented its financial services footprint with the first globally deployed Layer 1 ultra-low latency trading infrastructure. Today, TNS is committed to continuing to scale its capabilities and global presence as evidenced by this acquisition.

“We vetted several acquirer candidates, and, with TNS, we found a partner that shares our customer-centric values,” added Haworth. “We’re confident that our managed hosting customers will be well served within TNS’ global colocation infrastructure.”

BornTec’s managed hosting customers will receive uninterrupted service, and they will also have the opportunity to upgrade to TNS’ Layer 1 connectivity with ultralow 5-85 nanosecond latency for unparalleled trading access within the TNS global exchange community. The transaction closed on March 21, 2023.

TNS brings together over 2,800 financial community endpoints, supported by a global, 125-strong point-of-presence footprint. Specifically designed and engineered to address the needs of financial market participants worldwide, TNS offers a range of connectivity, colocation, cloud, market data and VPN solutions within its IaaS portfolio. Its solutions are monitored 24x7x365 by TNS’ Network Operations Centers in the US, UK, Australia, and Malaysia. For further information visit tnsfinancial.com.



BornTec’s 2022 Year End Recap

BornTec had an incredibly successful year in which we achieved significant growth and development. The company was able to attract a large number of new clients, which helped to increase revenue significantly. This growth was due to the company’s commitment to providing excellent service and developing innovative solutions to meet the needs of their clients. The company’s dedication to customer service was evident in their continued success in attracting new business.

In addition to our success in attracting new clients, BornTec also made significant progress in furthering the development of Surveillance Compliance and Regulatory Reporting. These are two critical areas for the financial services industry, and BornTec’s commitment to improving our solutions in these areas has helped them to become a leader in the industry. The company’s focus on innovation and technology has allowed us to develop solutions that are both effective and efficient, which has helped gain a competitive advantage over competitors. Overall, BornTec’s successful year can be attributed to the focus on customer service and innovation, which has allowed them to grow and develop in a challenging market.


The World of Data Automation

Automation is a powerful tool in any industry, as it can save time, reduce errors and allow  employees to focus on more relevant tasks. The use of data automation can streamline and aggregate multiple types of data, allowing for meaningful outputs.

Automating the collection, processing and reporting of data is known as Data Automation. It is used to generate reports and alter or analyze data – in some instances automating decision making processes. Data automation goes hand in hand with business intelligence (BI) which helps organizations make better decisions by providing them with accurate and insightful information at the right time.

Data automation can help you reduce time spent on repetitive tasks, decrease errors, and increase productivity.

  • Improved resource allocation. Reducing the time employees spend on repetitive tasks, such as entering data from a spreadsheet into an ERP system.
  • Mitigating risk through error reduction. Data is often entered incorrectly when manual processes are involved in the collection of information. The more complex a process is, the more likely it is that errors will occur. Automation helps eliminate these errors as it reduces human error by simplifying processes and eliminating any room for mistakes in their execution. Automation also enables organizations to use fewer resources while achieving greater results.
  • Improved reporting capabilities. Automated generation of consistent, complex reports alleviates the reliance on human capital to produce reports.
  • Increase the quality of results. Automated software is able to analyze patterns and trends in much greater depth than humans can do alone (while being more cost-effective).

Investing in data automation tools for your business through BornTec

CrossCheck by BornTec is a powerful tool that allows firms to manage transactional data efficiently, enabling easy data acquisition, event monitoring, and data analytics. 

Our SaaS platform enables easy distribution across risk, compliance, front and back office, and the C suite; giving your entire organization visibility into the same data in the format they need. 

Through data normalization, enrichment, and automation we can seamlessly transform data for easy visibility, automate reporting, and provide insightful analytics.

Relevance in today’s market.

The value of automating business processes is stronger than ever in today’s market. Staff turnover creates risk of knowledge gaps related to manual processes, breaks in workflow, and reduced outputs. Process automation helps mitigate these risks and alleviates resource constraints. By automating these processes, there is an alleviation of these resource constraints. Combined with better accuracy, increased operational efficiency, and real time visibility of data, automation makes more sense than ever for most firms.