Lessons from the Pandemic: Remote Work is Working

The COVID-19 pandemic had profound impacts on the world, with everything from rapid advancements in new vaccine technologies to the exposure of bitter political differences, and many aspects of daily life were impacted, particularly the acceptance of remote work. According to research conducted by LinkedIn, fewer than 5% of job postings offered the option of remote work before the pandemic but that number jumped more than fourfold to over 20% by April 2022. Now, more than 22% of the workforce – nearly 33 million Americans – works remotely and 1 in 6 companies is fully remote.

BornTec is one of those companies. When the pandemic emerged we elected to go fully remote and we haven’t looked back. The switch brought a number of benefits as well as challenges and the results have been very clear: going fully remote has been a great decision for us.

How Going Remote Worked for BornTec

Being a growing, entrepreneurial enterprise, BornTec has always been open to exploring new approaches that help us to work both better and smarter. That approach served us well as the pandemic hit because we were early adopters of technologies like Slack, Google Docs, and Zoom and were already ~50% remote in the Spring of 2020. When in-person business was suddenly halted – and with an office lease expiring in July of that year – we were able to quickly and relatively effortlessly transition to being fully remote. 

A number of factors were particularly important in making the transition to fully remote advantageous for us:

  • Talent: Being remote allows us to attract top talent regardless of their location. Not being limited by geography means that we can assemble teams with an optimal blend of skills and abilities. This is especially important for a dynamic, growing company like BornTec.
  • Work/life balance: The importance of work/life balance has grown dramatically over the past few years, particularly for younger workers. Being remote can save hours of commuting each day, making it possible to simultaneously spend more time on personal matters AND more time on work.
  • Collaboration: While traditionalists express concerns that a lack of physical proximity will impact team interaction, our experience has generally been the opposite. Collaboration is higher than before the pandemic because it is easier to pull people into a quick Zoom meeting than it was to do in person. What’s more, in an in-person environment people might not be at their desk the moment when you went to see them. Online, people can be found quickly.
  • Better than a conference call: BornTec, like many large companies, has a global footprint. In our old configuration, that meant that we often had conference calls when working with clients and prospects. Turning those phone calls into Zoom meetings has dramatically boosted communication and productivity.
  • Efficiency: BornTec is a nimble, entrepreneurial firm so we welcome the ability to connect quickly so that issues can be resolved rapidly and ideas developed faster. Despite concerns that there will be less opportunity for chance discussions in the break room or end-of-meeting conversations, we have found that these types of interactions can – and do – occur while working remotely. In short, our team is more engaged and more productive now.

Most importantly, a key consideration was how being fully-remote aligns with our company culture. Our roots are as a family-run business and we take the time to get to know our team. With us, it’s not “work/life” it’s “life/life.” As entrepreneurs, we want people to not just care about their job but also the rest of the team and the company in general. We foster a “no blame / best decision at the time” ethos that looks forward, not back, and we strive to always look for ways to do something better or more simply. Being fully remote supports all of these principles. 

Challenges With being Remote – and How to Address Them

Shifting from the hybrid arrangements that we had prior to the pandemic to being fully remote was not without its challenges. Here are some of the key issues that we faced and how we dealt with them.

  • Time Zones: It can be difficult to coordinate company meetings across the many time zones that our team resides in. This requires a give-and-take: we try to minimize disruptive calls and our team responds by making a best effort to be available when it is necessary.
  • Making connections: Humans are social animals and meeting on a screen instead of in-person can be somewhat cold and sterile. For these reasons we make a point of fostering personal interactions across the team and don’t confine our calls to business matters only. 
  • Training: Onboarding and training of new hires is more difficult to accomplish without in-person time and attention. To address this, special care must be taken to communicate more with new hires, including rigorously designed onboarding procedures. Paying extra attention upfront leads to a smoother transition, higher employee satisfaction, and improved results.
  • Staying connected: When working in-person, it’s easy to see when someone is at their desk, off to get a cup of coffee, or heading out to lunch. The same isn’t true when working remote. For that reason, we encourage our team to use Slack and other communication tools to actively share simple “I’m stepping away for a few minutes,” etc. messages throughout the work day.
  • Meeting hygiene: Everyone has experienced it – a Zoom call where everyone or most everyone has the camera turned off. In addition to being cold and distant, it’s not possible to know if the other folks on the line are even engaged. For that reason, we highly encourage that cameras be turned on during a Zoom call. It greatly improves our level of communication.
  • Remote work isn’t for everyone: It’s important to recognize that some people do well in a remote work environment and others do not. We explicitly discuss this with our team and it plays a big part in our conversations with new hires. We do everything that we can to best address the needs of every member of our team.

Working Remotely Works for BornTec

When it comes to “going remote,” BornTec has plenty of good company. The project management software giant Atlassian was founded as a remote work company and others such as Dropbox and AirBnB employ a “remote first” approach to running their businesses. In our case, we find that being fully remote aligns perfectly with both our company mission and culture. In addition, it delivers major benefits when it comes to recruiting, efficiency, and flexibility. That being said, we are open to change and will adapt as business needs require so that we can best serve our clients needs. In any case, there is no doubt that remote working is unlikely to return to pre-pandemic levels and that works just fine for us.

Chris Haworth is President and COO of BornTec, a technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us to learn more.

More

Three Takeaways from FIA Boca 2024 – The Challenges of Growth and Need for Resilience are Top Concerns

Twelve hundred attendees, twenty countries represented, and three days of meetings: that sums up FIA Boca by the numbers. But what were the big topics of discussion and emerging trends that are shaping the industry? The BornTec team has a few ideas to share from conversations we had with customers and prospects at the futures trading industry’s biggest event of the year.

Growing Volume and Regulations, Shrinking Resources

From 10,000 feet, the futures industry has it very good but from ground level, there are a number of challenges to deal with. Volumes are strong, driven both by a surge in shorter-term options and micro-sized contracts as well as rising interest rates and general economic uncertainty. At the same time, regulatory mandates from governments and exchanges alike paired with constrained budgets and two recent technical disruptions – one a year ago and the other in January of this year –  mean that firms must be creative as they strive for flexibility and resilience.

Cloud Has the Numbers but Operational Resilience Has Everyone’s Attention

FIA Boca witnessed unprecedented levels of sponsorship and participation from the big, cloud hyperscalers with AWS, Google Cloud and Microsoft Azure all showing up in force. However, the number one topic of conversation with colleagues, customers and prospects was the need for improved operational resilience. Recent events have made clear that system outages can arise for any reason, not just the increased threats from ransomware and other cyber challenges. In all, this elevates the importance of resilience planning and vendor management. 

Everyone is Talking About AI but Few are Asking for It

AI was the topic of discussion on several panels but down in the trenches (or, in this case, the Palm Court) managers and their teams are not asking for AI to address their challenges, they only want pragmatic solutions that unite their disparate data and systems. AI shows great promise and will most likely become more embedded in processes but, for right now, the emphasis is on making the most of what they have in the least disruptive ways possible.

The View from BornTec

FIA Boca is a fantastic opportunity to meet with the most important players in the futures and derivatives trading industries and the blend of business and ideas is both enlightening and productive. Overall, the industry is dynamic and growing but there are a number of challenges that must be met. By virtue of our deep industry experience and focus on maximizing data to increase data transparency, improve operational resilience, enhance risk management and improve speed to insight, BornTec is excited to build on top of success as we partner with our clients to deliver outstanding outcomes. Contact us to learn more.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.

More

One Year On: Lessons from the ION Ransomware Event

One year ago, the futures industry was well on the way to re-establishing normal operating procedures after a major ransomware event that targeted the critically important and deeply embedded services offered by ION Markets. In the aftermath, the Futures Industry Association (FIA) has taken a proactive path to address the issue of market resilience but on the ground, some very valuable lessons are already being implemented where operational resilience is concerned. As we talk to customers and prospects we have found three key themes that should be addressed before the next market disruption hits: data, agility, and communication.

What To Do NOW to Prepare for Market Disruption

In the past, cybersecurity was approached primarily with a “deep moat / high wall” mentality but the evolution of markets has made such an approach outmoded at best and dangerous at worst. At the same time, in an environment where shrinking budgets and cost compression are a given, it is not possible to install duplicate systems at 2.0x or even 1.5x the existing cost. New approaches are called for.

In this environment, the complex interconnectedness between customers, firms, exchanges, vendors and others calls for an approach that pivots from defense to one that focuses on operational resilience. And while regulators and industry groups have yet to publish definitive rules and regulations regarding resilience requirements, savvy companies are already making changes both because they will almost certainly be required soon and, perhaps most importantly, because they can have a positive impact on performance almost immediately.

Following last year’s ransomware event, several items stand out from our own experience as well as our conversations with both customers and prospects:

  • Know your data: A ransomware event or other technology-based disruption boils down to one thing: a disruption in the normal flow of data. Losing a key source of data or data management can throw a wrench into normal processes. In order to be prepared it is imperative to know where data is coming from, what systems play which roles, how they are interconnected internally or with other parties, and where the business rules reside. With preparation, it is possible to access most, if not all, data even if a key link in the chain of operations is impacted. 
  • Emphasize flexibility:  Behind the shift from defense to resilience is a key tenet: “keep the lights on” as much as possible.  In the future, regulators will be evaluating how well firms were able to maintain core, foundational operations and restore functionality in line with their resilience plan. When last year’s ransomware event occurred, our team at BornTec was able to work quickly with our clients to craft some novel solutions and one lesson that emerged was that having one-click access to data enabled teams to craft the solutions/create the outcomes that were needed.
  • Keep communication flowing: One problem with cyber disruptions is that the next one is rarely like the last one, making it impossible to know with complete certainty how operations will be impacted. With that in mind, it makes sense to take the time to examine your operation and identify the key interdependencies and handoffs that exist and then make certain that those areas have all of the relevant information and contacts that they’ll need when an event happens. It’s a good idea to make this a living document with regular updates and even practice drills. 

It’s Still a Matter of “When, not “If”

Prior to the ION Markets ransomware event last year, industry experts had long said that it was only a matter of time before a major cyber event hit financial markets. While that event proved the experts correct, those same voices are still singing the same refrain: it can, and likely will, happen again.

If that’s the case, then it stands to reason that the issues that were revealed in the 2023 ransomware incident are as relevant now as they were then. Markets are continually increasing in complexity and interdependencies are ever expanding. The reality is that resilience is the key to handling whatever comes next, and BornTec can help with improving operational resilience.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.

More

2024: Looking Back / Looking Forward

By nearly any measure, 2023 was a momentous year for the derivatives and trading industries. While higher interest rates led to a realignment of trading strategies and stimulated what is certain to be a record year for trading volumes, other events had tremendous impacts on the industry as well. Turning the page on the calendar is always a good time to reflect on the year that just passed and to take a look ahead to see what might lie ahead in the New Year. Here are three items that caught our attention last year along with some thoughts on what they might mean for 2024 and beyond.

From Ransomware to Resilience

The trading industry got a wake-up call last year when third-party solutions provider ION Markets was hit with a ransomware attack in late February. Some firms were reduced to manual workarounds, slowing processing and raising risk, while others halted activity with select counterparties as the mess was sorted. While such an occurrence had long been discussed the actual event revealed many gaps in processes and other vulnerabilities that needed to be addressed. The Futures Industry Association (FIA) acted quickly to pull industry resources together to produce a comprehensive plan for future action and much more work needs to be done by all parties to increase resilience in their operations. With the EU’s Digital Operational Resilience Act (DORA) slated to be fully implemented by this time in 2025, firms can ill afford to let up in their efforts to automate, digitize, and rationalize their operations. 

BornTec’s take: read our blog post “What’s the ‘Equation’ for Operational Resilience?” to learn more.

Regulation HEATS up

If ransomware weren’t enough, the industry is also facing a seemingly unending rise in the tide of regulation. While exchanges like ICE and the CME are increasing their oversight, in some cases issuing penalties that can rise well into six-figures, the most explicit and direct instance of increasing regulation came from the CFTC. In October, the agency announced a new regulatory stance that closely hewed to the “Heightened Enforcement Accountability and Transparency (HEAT) Test that was first promulgated by Commissioner Christy Goldsmith. The CFTC promised to be more selective in their “neither admit nor deny” approach by seeking more admissions of guilt while simultaneously examining whether or not enforcement penalties were high enough, particularly in cases where firms or individuals committed similar or exact acts in the past. Taken together, resilience and regulation point to a need for firms to tighten up their processes or else pay the price.

BornTec’s take: we took a look at the stricter regulatory line taken by the CFTC in our LinkedIn article, “Bringing the HEAT”.

AI – Always and Everywhere?

You would have to be living under a rock to not recognize how generative artificial intelligence (AI, for short) became the most talked about topic ever since the introduction of ChatGPT in late 2022. It can almost seem that AI stands for “All In” as firms search for ways that they can take advantage of this hot, new trend. There’s a danger in this type of approach, however, as the technology takes precedence over business needs in a proverbial “hammer looking for a nail” scenario. While generative AI will undoubtedly transform nearly every aspect of business operations over time, application should be considered carefully at these early stages. It often makes more sense to focus on the fundamentals of normalizing and codifying data for achieving both short term gains and setting the stage for better results as AI and other technologies are deployed. 

Gartner has tracked “generative AI on its Hype Cycle™…..since 2020…..and the technology has moved from the Innovation Trigger phase to the Peak of Inflated Expectations.”

Looking back / looking forward with BornTec

For BornTec, 2023 was a banner year as we added new features, expanded our product offering and more than doubled our customer base. The new year promises more innovation and expansion as we continue our focus of delivering exceptional efficiencies for the back office and compliance operations for active trading entities across multiple asset classes. We look forward to being a trusted partner as our clients face an increasingly complex and daunting trading and regulatory landscape. Contact us to learn more.

More

BornTec In Action: Exchange Compliance – Proactively Manage a Persistent Problem

Life for those responsible for compliance functions at futures brokerage firms is never easy. Doing more than less is imperative as headcount is reduced while, at the same time, trading volumes increase and new products are added. In addition, exchanges and regulators have stringent requirements for reporting and recordkeeping, requirements that have become more strict of late with initiatives such as the recent CFTC enforcement initiative, sometimes referred to as HEAT, and increasing fines and penalties from exchanges.

Fortunately, BornTec has the experience and insight necessary to create processes and reports that comply with requirements and provide support staff with time-saving tools that make the most of scarce resources by providing an enterprise solution to meet their needs. A good case in point is exchange compliance. 

What is Exchange Compliance?

In the course of day-to-day business, order routing compliance is required by exchanges to process, record, and report on a number of different types of information, and significant monetary penalties are often doled out if these tasks are not handled correctly. Important categories include FIX tags for trader/operator ID and location, block trades, and algo trading. Some of the specifics include:

  • CME Operator ID (Tag 50)
    • Operator IDs, also known as Tag 50 IDs, are FIX tags that identify trading participants that access and submit messages to or from CME Globex and are used to identify authorized individuals (individuals, terminal / algorithm operators – Automated Trading System (ATS) teams (head trader, ATS team members). Tag 50s are audited by exchanges and misuse or mislabeling of Tag 50 IDs often results in fines.
  • Block Trades
    • The rules and requirements pertaining to block trades are very complicated. Block trades are only permitted in specified products and are subject to minimum transaction size minimums, which vary according to the product, the type of transaction (e.g. outright, spread, or option) and the time of execution. At a major exchange like CME Group the number of combinations for these parameters runs into the thousands. Many exchange compliance fines arise from mishandling or misreporting of block trade transactions within a specified time period and these fines can run into the tens of thousands of dollars.
  • Manual Order Indicator (Tag 1028)
    • Both CME Group and ICE Futures U.S. require that FIX Tag 1028 be validly populated for all orders. Tag 1028 differentiates between manual and automated order entry with a manual order being one that is submitted by an individual “button pusher” (e.g., mouse, keyboard, touchscreen), whose terms are not modified by an algorithm after submission, and are submitted to the exchange without delay. Clearing firms are required as well to ensure that their client’s orders are correctly labeled and are responsible if they are not.
  • CME Tag 142
    • CME Group requires each order be tagged with the originating location in tag 142. This sender location ID is populated with the ISO code for the physical location of the individual or team head trader identified by the Operator ID in the message.
  • MiFID II Short Codes and Algo Codes
    • MiFID II, a European regulatory regime, requires that specific short codes be used as well as codes for algo (non-”button pusher”) orders. Short codes of the natural persons who are primarily responsible for both the execution and investment decision (if applicable) must be available for submission in the MiFID fields and registered with the trading venues.

BornTec Exchange Compliance In Action

With a multitude of requirements and very real monetary consequences for non-compliance, exchange compliance can be a daunting task. Fortunately, the professional team at BornTec has decades of experience in the trading industry and are experts in data, automation, and finding creative solutions to hard problems. In most cases, enabling any exchange compliance function is automated to the point of simplicity by BornTec, making it possible to perform the needed actions by simply checking a box. 

BornTec automates the handling of exchange compliance, fulfilling the required duties without the need for any intervention or maintenance on the part of compliance staff. The BornTec process for handling exchange compliance is a four step, recurring cycle:

  1. 1) Alert configuration: Determine the specific requirements that your business must adhere to and configure the relevant monitors.
  2. 2) Data discovery: Identify the precise information to be monitored and enable automated data discovery, imports and/or manual configuration from disparate sources and systems. 
  3. 3) Event alerting: With real-time monitoring, alerts are created with context for detailed insights and delivered in an intuitive and easy to configure dashboard.
  4. 4) Resolution: To speed processing and reduce noise, alerts are designed to provide pinpoint accuracy to rapidly identify issues and enable the ability to quickly correct configurations.

As rules and requirements change and evolve, so too are the parameters adjusted using the same four-step process. 

Managing Exchange Compliance with BornTec

At a time when enforcement activity by the regulators is on the increase and exchanges are increasingly strict in the application of their rules, it pays to choose a partner that understands your business and can proactively help you manage your responsibilities. With preparation, there is no need to scramble or put additional hands to work when an exchange query is received because all of the information that you need will have already been collected and available in one place. BornTec can help manage your requirements, bringing both peace of mind and a lower likelihood of fines from regulators or exchange.

To find out how BornTec can help manage your exchange compliance obligations, as well as other critical middle and back office tasks, contact us today for a call or demo. 

Further Information

  1. CME Group Market Regulation Home Page
  2. CME Group User Help System: Registering and Managing Operator IDs (Tag 50)
  3. CME Group Client Systems Wiki: Point of Order Origination (including Tags 142 and 1028)
  4. CME Group Block Trades
  5. ICE Futures U.S. Regulation Home Page
  6. ICE Futures Europe Regulation Home Page
  7. ICE Futures U.S. Tag 1028 FAQ 
  8. ICE Futures U.S. Block Trade FAQ
  9. Eurex Rules & Regulations
  10. Eurex MiFID II/MiFIR order flagging requirements: Short code solution enhancement

 Read our take on CFTC HEAT on the BornTec LinkedIn page.

More

What’s the “Equation” for Operational Resilience?

The ION ransomware event that began at the end of January 2023 was an unprecedented occurrence for the global derivatives industry. While there were no cataclysmic outcomes like bankruptcies or market crashes, the industry and its customers faced weeks of disruption and uncertainty as manual processes were required to keep the lights on and the wheels turning. It would be impossible to overstate how significant the event was when, in many instances, statements and margin calculations were days (or more) behind, leading customers and firms to fly blind and resulting in some firms refusing to do business with others, effectively black balling them. In short, it was both a “close call” and a “wake-up call” for the global financial industry.

In response, the Futures Industry Association (FIA) assembled a task force in March 2023 to examine the ransomware event. Composed of “subject matter experts and business leaders of the exchange-traded and cleared derivatives industry, including members from exchanges, clearinghouses, clearing firms, vendors, and end users”, the task force worked diligently to dissect the ION affair and issued a report within six months, on September 28, 2023. 

At first blush, the “FIA Task Force on Cyber Risk – After Action Report and Findings” appears short on details and long on recommendations for further study, new committees, better coordination, and the like. A closer reading, however, reveals that the FIA report is a solid indicator of both the present state and future climate when it comes to cyber risk and operational resilience.

The FIA report presents a six-part “equation” that focuses on communication, integration, coordination, information, standardization, and preparation:

  • Communication: One immediate lesson from the ION ransomware event was the importance of defined communication channels throughout the many tiers of responsibility and interest. Regulators, exchanges, clearing firms as well as third parties, including major cloud providers and other non-traditional vendors, need to have the ability to communicate in the event of any type of disruption. 
  • Integration: The connection and functioning of the trading and clearing function is pretty well established but work is needed to broaden that reach to include other interested parties, including “sector-wide groups that specialize in cybersecurity and operational resilience across the financial services sector.”
  • Coordination: Solid communication and integration plans are essential first steps but efforts need to go beyond initial crisis management to include the critical “what happens next” steps that will get operations back online following a disruption. It is critically important to quickly “right the ship” in a crisis but just as important to get back underway as soon as possible. In the case of the ION event, it took up to three weeks for some firms to fully come back online.
  • Information: A disruption like the ION affair quickly reveals where there are gaps and breakdowns in the transmission and sharing of information. As discussed in our blog post, “Data is a Key Component for Enterprise Resilience”, strong data policies are at the heart of operational resilience as the firm level and the same holds true for the industry as a whole. 
  • Standardization: One way to improve resilience in a future episode is to learn from the most recent event and improve questionnaires and other procedures that are used to assess states of resilience readiness. These standards should be continually evaluated and improved over time.
  • Preparation: Introspection and assessment are all fine and well but they won’t lead to improved results if the lessons learned aren’t applied in an active manner through thorough and continued preparedness testing. The industry is now fully aware of how important this is and should adopt an attitude of continual improvement when it comes to testing.

The Most Important Lesson from the ION Ransomware Event

For several years now, industry experts have sounded the cry that it was only a matter of time before a major cyber event affected financial markets and the ION affair brought those warnings to life. The financial industry is ever more complicated and interconnected and, at the same time, the bad actors of cybercrime are continually increasing both their activities and their sophistication. Every player in the financial services ecosystem must be aware of both current and future requirements for due diligence. At the end of the day, the FIA Task Force report is only the beginning, not the ending, of this episode and its after effects.

BornTec is a Chicago-based technology solutions firm that provides tools to support surveillance, risk, compliance, and regulatory reporting functions in financial markets. Contact us for a demo of our data resilience solutions.

More