Exhibit 10.1

UNITED STATES OF AMERICA

Before the

SECURITIES AND EXCHANGE COMMISSION

SECURITIES EXCHANGE ACT OF 1934

Release No. 70694 / October 16, 2013

ADMINISTRATIVE PROCEEDING

File No. 3-15570

 

 

In the Matter of

 

Knight Capital Americas LLC

 

Respondent.

 

      ORDER INSTITUTING ADMINISTRATIVE AND CEASE-AND-DESIST PROCEEDINGS,
PURSUANT TO SECTIONS 15(b) AND 21C OF THE SECURITIES EXCHANGE ACT OF 1934,
MAKING FINDINGS, AND IMPOSING REMEDIAL SANCTIONS AND A CEASE-AND-DESIST ORDER

I.

The Securities and Exchange Commission (the “Commission”) deems it appropriate
and in the public interest that public administrative and cease-and-desist
proceedings be, and hereby are, instituted pursuant to Sections 15(b) and 21C of
the Securities Exchange Act of 1934 (the “Exchange Act”) against Knight Capital
Americas LLC (“Knight” or “Respondent”).

II.

In anticipation of the institution of these proceedings, Respondent has
submitted an Offer of Settlement (the “Offer”), which the Commission has
determined to accept. Solely for the purpose of these proceedings and any other
proceedings by or on behalf of the Commission, or to which the Commission is a
party, and without admitting or denying the findings herein, except as to the
Commission’s jurisdiction over it and the subject matter of these proceedings,
which are admitted, Respondent consents to the entry of this Order Instituting
Administrative and Cease-and-Desist Proceedings, Pursuant to Sections 15(b) and
21C of the Securities Exchange Act of 1934, Making Findings, and Imposing
Remedial Sanctions and a Cease-and-Desist Order (“Order”), as set forth below:



--------------------------------------------------------------------------------

III.

On the basis of this Order and Respondent’s Offer, the Commission finds that:

INTRODUCTION

1.        On August 1, 2012, Knight Capital Americas LLC (“Knight”) experienced
a significant error in the operation of its automated routing system for equity
orders, known as SMARS. While processing 212 small retail orders that Knight had
received from its customers, SMARS routed millions of orders into the market
over a 45-minute period, and obtained over 4 million executions in 154 stocks
for more than 397 million shares. By the time that Knight stopped sending the
orders, Knight had assumed a net long position in 80 stocks of approximately
$3.5 billion and a net short position in 74 stocks of approximately $3.15
billion. Ultimately, Knight lost over $460 million from these unwanted
positions. The subject of these proceedings is Knight’s violation of a
Commission rule that requires brokers or dealers to have controls and procedures
in place reasonably designed to limit the risks associated with their access to
the markets, including the risks associated with automated systems and the
possibility of these types of errors.

2.        Automated trading is an increasingly important component of the
national market system. Automated trading typically occurs through or by brokers
or dealers that have direct access to the national securities exchanges and
other trading centers. Retail and institutional investors alike rely on these
brokers, and their technology and systems, to access the markets.

3.        Although automated technology brings benefits to investors, including
increased execution speed and some decreased costs, automated trading also
amplifies certain risks. As market participants increasingly rely on computers
to make order routing and execution decisions, it is essential that compliance
and risk management functions at brokers or dealers keep pace. In the absence of
appropriate controls, the speed with which automated trading systems enter
orders into the marketplace can turn an otherwise manageable error into an
extreme event with potentially wide-spread impact.

4.        Prudent technology risk management has, at its core, quality
assurance, continuous improvement, controlled testing and user acceptance,
process measuring, management and control, regular and rigorous review for
compliance with applicable rules and regulations and a strong and independent
audit process. To ensure these basic features are present and incorporated into
day-to-day operations, brokers or dealers must invest appropriate resources in
their technology, compliance, and supervisory infrastructures. Recent events and
Commission enforcement actions1 have demonstrated that this investment must be
supported by an equally strong commitment to prioritize technology governance
with a view toward preventing, wherever possible, software malfunctions, system
errors and failures, outages or other contingencies and,

 

 

1   See, e.g., In the Matter of the NASDAQ Stock Market LLC, et al., Sec. Exch.
Rel. No. 69655 (May 29, 2013) (available at
http://www.sec.gov/litigation/admin/2013/34-69655.pdf) (violations occurred as a
result of system design limitations and weaknesses in processes and procedures);
In the Matter of New York Stock Exchange LLC, et al., Sec. Exch. Rel. No. 67857
(Sept. 14, 2012) (available at
http://www.sec.gov/litigation/admin/2012/34-67857.pdf) (violations occurred
after compliance department played no role in design, implementation, or
operation of market data systems); In the Matter of EDGX Exchange, Inc., et al.,
Sec. Exch. Rel. No. 65556 (Oct. 13, 2011) (available at
http://www.sec.gov/litigation/admin/2011/34-65556.pdf) (violations occurred
against backdrop of weaknesses in systems, processes, and controls).

 

2



--------------------------------------------------------------------------------

when such issues arise, ensuring a prompt, effective, and risk-mitigating
response. The failure by, or unwillingness of, a firm to do so can have
potentially catastrophic consequences for the firm, its customers, their
counterparties, investors and the marketplace.

5.        The Commission adopted Exchange Act Rule 15c3-52 in November 2010 to
require that brokers or dealers, as gatekeepers to the financial markets,
“appropriately control the risks associated with market access, so as not to
jeopardize their own financial condition, that of other market participants, the
integrity of trading on the securities markets, and the stability of the
financial system.”3

6.        Subsection (b) of Rule 15c3-5 requires brokers or dealers with market
access to “establish, document, and maintain a system of risk management
controls and supervisory procedures reasonably designed to manage the financial,
regulatory, and other risks” of having market access. The rule addresses a range
of market access arrangements, including customers directing their own trading
while using a broker’s market participant identifications, brokers trading for
their customers as agents, and a broker-dealer’s trading activities that place
its own capital at risk. Subsection (b) also requires a broker or dealer to
preserve a copy of its supervisory procedures and a written description of its
risk management controls as part of its books and records.

7.        Subsection (c) of Rule 15c3-5 identifies specific required elements of
a broker or dealer’s risk management controls and supervisory procedures. A
broker or dealer must have systematic financial risk management controls and
supervisory procedures that are reasonably designed to prevent the entry of
erroneous orders and orders that exceed pre-set credit and capital thresholds in
the aggregate for each customer and the broker or dealer. In addition, a broker
or dealer must have regulatory risk management controls and supervisory
procedures that are reasonably designed to ensure compliance with all regulatory
requirements.

8.        Subsection (e) of Rule 15c3-5 requires brokers or dealers with market
access to establish, document, and maintain a system for regularly reviewing the
effectiveness of their risk management controls and supervisory procedures. This
sub-section also requires that the Chief Executive Officer (“CEO”) review and
certify that the controls and procedures comply with subsections (b) and (c) of
the rule. These requirements are intended to assure compliance on an ongoing
basis, in part by charging senior management with responsibility to regularly
review and certify the effectiveness of the controls.4

9.        Beginning no later than July 14, 2011, and continuing through at least
August 1, 2012, Knight’s system of risk management controls and supervisory
procedures was not reasonably designed to manage the risk of its market access.
In addition, Knight’s internal

 

 

2   17 C.F.R. § 240.15c3-5. The initial compliance date for Rule 15c3-5 was
July 14, 2011. On June 30, 2011, the Commission extended the compliance date for
certain requirements of Rule 15c3-5 until November 30, 2011.

3   Risk Management Controls for Brokers or Dealers with Market Access, 75 Fed.
Reg. 69792, 69792 (Nov. 15, 2010) (final rule release).

4   Id. at 69811.

 

3



--------------------------------------------------------------------------------

reviews were inadequate, its annual CEO certification for 2012 was defective,
and its written description of its risk management controls was insufficient.
Accordingly, Knight violated Rule 15c3-5. In particular:

 

  A. Knight did not have controls reasonably designed to prevent the entry of
erroneous orders at a point immediately prior to the submission of orders to the
market by one of Knight’s equity order routers, as required under Rule
15c3-5(c)(1)(ii);

 

  B. Knight did not have controls reasonably designed to prevent it from
entering orders for equity securities that exceeded pre-set capital thresholds
for the firm, in the aggregate, as required under Rule 15c3-5(c)(1)(i). In
particular, Knight failed to link accounts to firm-wide capital thresholds, and
Knight relied on financial risk controls that were not capable of preventing the
entry of orders;

 

  C. Knight did not have an adequate written description of its risk management
controls as part of its books and records in a manner consistent with Rule
17a-4(e)(7) of the Exchange Act, as required by Rule 15c3-5(b);

 

  D. Knight also violated the requirements of Rule 15c3-5(b) because Knight did
not have technology governance controls and supervisory procedures sufficient to
ensure the orderly deployment of new code or to prevent the activation of code
no longer intended for use in Knight’s current operations but left on its
servers that were accessing the market; and Knight did not have controls and
supervisory procedures reasonably designed to guide employees’ responses to
significant technological and compliance incidents;

 

  E. Knight did not adequately review its business activity in connection with
its market access to assure the overall effectiveness of its risk management
controls and supervisory procedures, as required by Rule 15c3-5(e)(1); and

 

  F. Knight’s 2012 annual CEO certification was defective because it did not
certify that Knight’s risk management controls and supervisory procedures
complied with paragraphs (b) and (c) of Rule 15c3-5, as required by Rule
15c3-5(e)(2).

10.        As a result of these failures, Knight did not have a system of risk
management controls and supervisory procedures reasonably designed to manage the
financial, regulatory, and other risks of market access on August 1, 2012, when
it experienced a significant operational failure that affected SMARS, one of the
primary systems Knight uses to send orders to the market. While Knight’s
technology staff worked to identify and resolve the issue, Knight remained
connected to the markets and continued to send orders in certain listed
securities. Knight’s failures resulted in it accumulating an unintended
multi-billion dollar portfolio of securities in approximately forty-five minutes
on August 1 and, ultimately, Knight lost more than $460 million, experienced net
capital problems, and violated Rules 200(g) and 203(b) of Regulation SHO.

 

4



--------------------------------------------------------------------------------

FACTS

 

A. Respondent

11. Knight Capital Americas LLC (“Knight”) is a U.S.-based broker-dealer and a
wholly-owned subsidiary of KCG Holdings, Inc. Knight was owned by Knight Capital
Group, Inc. until July 1, 2013, when that entity and GETCO Holding Company, LLC
combined to form KCG Holdings, Inc. Knight is registered with the Commission
pursuant to Section 15 of the Exchange Act and is a Financial Industry
Regulatory Authority (“FINRA”) member. Knight has its principal business
operations in Jersey City, New Jersey. Throughout 2011 and 2012, Knight’s
aggregate trading (both for itself and for its customers) generally represented
approximately ten percent of all trading in listed U.S. equity securities. SMARS
generally represented approximately one percent or more of all trading in listed
U.S. equity securities.

 

B. August 1, 2012 and Related Events

Preparation for NYSE Retail Liquidity Program

12.        To enable its customers’ participation in the Retail Liquidity
Program (“RLP”) at the New York Stock Exchange,5 which was scheduled to commence
on August 1, 2012, Knight made a number of changes to its systems and software
code related to its order handling processes. These changes included developing
and deploying new software code in SMARS. SMARS is an automated, high speed,
algorithmic router that sends orders into the market for execution. A core
function of SMARS is to receive orders passed from other components of Knight’s
trading platform (“parent” orders) and then, as needed based on the available
liquidity, send one or more representative (or “child”) orders to external
venues for execution.

13.        Upon deployment, the new RLP code in SMARS was intended to replace
unused code in the relevant portion of the order router. This unused code
previously had been used for functionality called “Power Peg,” which Knight had
discontinued using many years earlier. Despite the lack of use, the Power Peg
functionality remained present and callable at the time of the RLP deployment.
The new RLP code also repurposed a flag that was formerly used to activate the
Power Peg code. Knight intended to delete the Power Peg code so that when this
flag was set to “yes,” the new RLP functionality—rather than Power Peg—would be
engaged.

14.        When Knight used the Power Peg code previously, as child orders were
executed, a cumulative quantity function counted the number of shares of the
parent order that had been executed. This feature instructed the code to stop
routing child orders after the parent order had been filled completely. In 2003,
Knight ceased using the Power Peg functionality. In 2005, Knight moved the
tracking of cumulative shares function in the Power Peg code to an earlier point
in the SMARS code sequence. Knight did not retest the Power Peg code after
moving the cumulative quantity function to determine whether Power Peg would
still function correctly if called.

 

 

5   See Release No. 34-67347 (July 3, 2012) (order granting approval to NYSE
proposed rule changes to establish a retail liquidity program for NYSE-listed
securities and NYSE Amex equities on a 12-month pilot basis and granting
exemptions from Rule 612(c) of Regulation NMS).

 

5



--------------------------------------------------------------------------------

15.        Beginning on July 27, 2012, Knight deployed the new RLP code in SMARS
in stages by placing it on a limited number of servers in SMARS on successive
days. During the deployment of the new code, however, one of Knight’s
technicians did not copy the new code to one of the eight SMARS computer
servers. Knight did not have a second technician review this deployment and no
one at Knight realized that the Power Peg code had not been removed from the
eighth server, nor the new RLP code added. Knight had no written procedures that
required such a review.

Events of August 1, 2012

16.        On August 1, Knight received orders from broker-dealers whose
customers were eligible to participate in the RLP. The seven servers that
received the new code processed these orders correctly. However, orders sent
with the repurposed flag to the eighth server triggered the defective Power Peg
code still present on that server. As a result, this server began sending child
orders to certain trading centers for execution. Because the cumulative quantity
function had been moved, this server continuously sent child orders, in rapid
sequence, for each incoming parent order without regard to the number of share
executions Knight had already received from trading centers. Although one part
of Knight’s order handling system recognized that the parent orders had been
filled, this information was not communicated to SMARS.

17.        The consequences of the failures were substantial. For the 212
incoming parent orders that were processed by the defective Power Peg code,
SMARS sent millions of child orders, resulting in 4 million executions in 154
stocks for more than 397 million shares in approximately 45 minutes. Knight
inadvertently assumed an approximately $3.5 billion net long position in 80
stocks and an approximately $3.15 billion net short position in 74 stocks.
Ultimately, Knight realized a $460 million loss on these positions.

18.        The millions of erroneous executions influenced share prices during
the 45 minute period. For example, for 75 of the stocks, Knight’s executions
comprised more than 20 percent of the trading volume and contributed to price
moves of greater than five percent. As to 37 of those stocks, the price moved by
greater than ten percent, and Knight’s executions constituted more than 50
percent of the trading volume. These share price movements affected other market
participants, with some participants receiving less favorable prices than they
would have in the absence of these executions and others receiving more
favorable prices.

BNET Reject E-mail Messages

19.        On August 1, Knight also received orders eligible for the RLP but
that were designated for pre-market trading.6 SMARS processed these orders and,
beginning at approximately 8:01 a.m. ET, an internal system at Knight generated
automated e-mail messages (called “BNET rejects”) that referenced SMARS and
identified an error described as “Power Peg disabled.” Knight’s system sent 97
of these e-mail messages to a group of Knight personnel before the 9:30 a.m.
market open. Knight did not design these types of messages to be system alerts,
and Knight personnel generally did not review them when they were received.
However,

 

 

6   These orders were distinct from the 212 incoming parent orders that led to
the executions described above.

 

6



--------------------------------------------------------------------------------

these messages were sent in real time, were caused by the code deployment
failure, and provided Knight with a potential opportunity to identify and fix
the coding issue prior to the market open. These notifications were not acted
upon before the market opened and were not used to diagnose the problem after
the open.

 

C. Controls and Supervisory Procedures

SMARS

20.        Knight had a number of controls in place prior to the point that
orders reached SMARS. In particular, Knight’s customer interface, internal order
management system, and system for internally executing customer orders all
contained controls concerning the prevention of the entry of erroneous orders.

21.        However, Knight did not have adequate controls in SMARS to prevent
the entry of erroneous orders. For example, Knight did not have sufficient
controls to monitor the output from SMARS, such as a control to compare orders
leaving SMARS with those that entered it. Knight also did not have procedures in
place to halt SMARS’s operations in response to its own aberrant activity.
Knight had a control that capped the limit price on a parent order, and
therefore related child orders, at 9.5 percent below the National Best Bid (for
sell orders) or above the National Best Offer (for buy orders) for the stock at
the time that SMARS had received the parent order. However, this control would
not prevent the entry of erroneous orders in circumstances in which the National
Best Bid or Offer moved by less than 9.5 percent. Further, it did not apply to
orders—such as the 212 orders described above—that Knight received before the
market open and intended to send to participate in the opening auction at the
primary listing exchange for the stock.

Capital Thresholds

22.        Although Knight had position limits for some of its trading groups,
these limits did not account for the firm’s exposure from outstanding orders.
Knight also did not have pre-set capital thresholds in the aggregate for the
firm that were linked to automated controls that would prevent the entry of
orders if the thresholds were exceeded.

23.        For example, Knight had an account—designated the 33 Account—that
temporarily held multiple types of positions, including positions resulting from
executions that Knight received back from the markets that its systems could not
match to the unfilled quantity of a parent order. Knight assigned a $2 million
gross position limit to the 33 Account, but it did not link this account to any
automated controls concerning Knight’s overall financial exposure.

24.        On the morning of August 1, the 33 Account began accumulating an
unusually large position resulting from the millions of executions of the child
orders that SMARS was sending to the market. Because Knight did not link the 33
Account to pre-set, firm-wide capital thresholds that would prevent the entry of
orders, on an automated basis, that exceeded those thresholds, SMARS continued
to send millions of child orders to the market despite the fact that the parent
orders already had been completely filled.7 Moreover, because the 33 Account
held positions from multiple sources, Knight personnel could not quickly
determine the nature or source of the positions accumulating in the 33 Account
on the morning of August 1.

 

 

7   Knight does have automatic shutdown of its trading with respect to certain
strategies of one of its trading groups when their P&L limits are exceeded.

 

7



--------------------------------------------------------------------------------

25.        Knight’s primary risk monitoring tool, known as “PMON,” is a
post-execution position monitoring system. At the opening of the market, senior
Knight personnel observed a large volume of positions accruing in the 33
Account. However, Knight did not link this tool to its entry of orders so that
the entry of orders in the market would automatically stop when Knight exceeded
pre-set capital thresholds or its gross position limits. PMON relied entirely on
human monitoring and did not generate automated alerts regarding the firm’s
financial exposure. PMON also did not display the limits for the accounts or
trading groups; the person viewing PMON had to know the applicable limits to
recognize that a limit had been exceeded. PMON experienced delays during high
volume events, such as the one experienced on August 1, resulting in reports
that were inaccurate.

Code Development and Deployment

26.        Knight did not have written code development and deployment
procedures for SMARS (although other groups at Knight had written procedures),
and Knight did not require a second technician to review code deployment in
SMARS. Knight also did not have a written protocol concerning the accessing of
unused code on its production servers, such as a protocol requiring the testing
of any such code after it had been accessed to ensure that the code still
functioned properly.

Incident Response

27.        On August 1, Knight did not have supervisory procedures concerning
incident response. More specifically, Knight did not have supervisory procedures
to guide its relevant personnel when significant issues developed. On August 1,
Knight relied primarily on its technology team to attempt to identify and
address the SMARS problem in a live trading environment. Knight’s system
continued to send millions of child orders while its personnel attempted to
identify the source of the problem. In one of its attempts to address the
problem, Knight uninstalled the new RLP code from the seven servers where it had
been deployed correctly. This action worsened the problem, causing additional
incoming parent orders to activate the Power Peg code that was present on those
servers, similar to what had already occurred on the eighth server.

 

D. Compliance Reviews and Written Description of Controls

Initial Assessment of Compliance

28.        Knight’s assessment of its controls and procedures began prior to the
July 14, 2011 compliance date. Knight’s compliance department initiated the
assessment, which involved discussions among staff of that department, as well
as the pertinent business and technology units. The participants concluded that
Knight’s system of controls satisfied Rule 15c3-5. The assessment largely
focused on compiling an inventory of Knight’s existing controls and confirming
that they functioned as intended. The assessment did not consider possible
problems within SMARS or the consequences of potential malfunctions in SMARS.
This assessment also did not consider PMON’s inability to prevent the entry of
orders that would exceed a capital threshold. Further, Knight did not document
sufficiently the evaluation done of the controls so that subsequent reviewers
could identify these gaps in the assessment.

 

8



--------------------------------------------------------------------------------

Written Description

29.        During the initial assessment, the compliance department prepared a
document that listed Knight’s systems and some of the controls. This document
was incomplete and therefore did not satisfy the documentation requirements of
Rule 15c3-5(b). In September 2011, nearly two months after the compliance date
of Rule 15c3-5’s provision requiring the written description of the risk
management controls, the compliance department drafted a narrative intended to
describe Knight’s market access systems and controls. This document also was
incomplete, and was inaccurate in some respects. For example, the narrative
omitted Knight’s proprietary Electronic Trading Group (“ETG”), which was a
significant source of Knight’s trading and order volumes. The compliance
department and supervisory control group (“SCG”), working together with
pertinent business and technology units, began to address the missing elements
of the document in November 2011, which resulted in a revised draft in January
2012, nearly six months after the compliance date of Rule 15c3-5(b). Although
this draft included aspects of ETG, it lacked the Lead Market Making (“LMM”)
desk and other important systems. As of the CEO certification in March 2012,
discussed below, Knight still was adding key systems and controls to the
document. Prior to certification, the CEO was informed about the pending
revisions. It was not until July 2012, nearly a year after the compliance date,
that Knight added the LMM desk, which had experienced erroneous trade events
over the previous months.

Written Supervisory Procedures

30.        In August 2011, subsequent to the compliance date of Rule 15c3-5’s
provision requiring written supervisory procedures, Knight adopted written
supervisory procedures (“WSPs”) to guide regular reviews of its compliance with
Rule 15c3-5. Knight’s compliance department drafted the WSPs, which assigned
various tasks to be performed by SCG staff in consultation with the pertinent
business and technology units. Taken together, the WSPs had the goal of
evaluating the reasonableness of Knight’s market access controls and Knight’s
compliance with Rule 15c3-5 on an ongoing basis. Each WSP required a senior
member of the pertinent business unit to approve the work of the SCG staff.
Further, a separate compliance department procedure required a compliance
analyst twice a year to review the work done under the WSPs.

31.        Some of the WSPs were incomplete as written, and Knight personnel had
conflicting views regarding what some of the WSPs required. For example,
relevant Knight personnel differed on whether some WSPs required an evaluation
of the controls or merely an identification that controls and procedures
existed. In addition, the WSP that was supposed to require an evaluation of the
reasonableness of Knight’s controls only required a review of certain types of
controls and did not require an evaluation of controls to reject orders that
exceed pre-set capital thresholds in the aggregate for the firm or that indicate
duplicative orders.

 

9



--------------------------------------------------------------------------------

Post-Compliance Date Reviews

32.        Knight conducted periodic reviews pursuant to the WSPs. As explained
above, the WSPs assigned various tasks to be performed by SCG staff in
consultation with the pertinent business and technology units, with a senior
member of the pertinent business unit reviewing and approving that work. These
reviews did not consider whether Knight needed controls to limit the risk that
SMARS could malfunction, nor did these reviews consider whether Knight needed
controls concerning code deployment or unused code residing on servers. Before
undertaking any evaluation of Knight’s controls, SCG, along with business and
technology staff, had to spend significant time and effort identifying the
missing content and correcting the inaccuracies in the written description.

33.        Several previous events presented an opportunity for Knight to review
the adequacy of its controls in their entirety. For example, in October 2011,
Knight used test data to perform a weekend disaster recovery test. After the
test concluded, Knight’s LMM desk mistakenly continued to use the test data to
generate automated quotes when trading began that Monday morning. Knight
experienced a nearly $7.5 million loss as a result of this event. Knight
responded to the event by limiting the operation of the system to market hours,
changing the control so that this system would stop providing quotes after
receiving an execution, and adding an item to a disaster recovery checklist that
required a check of the test data. Knight did not broadly consider whether it
had sufficient controls to prevent the entry of erroneous orders, regardless of
the specific system that sent the orders or the particular reason for that
system’s error. Knight also did not have a mechanism to test whether their
systems were relying on stale data.

 

E. CEO Certification

34.        In March 2012, Knight’s CEO signed a certification concerning Rule
15c3-5. The certification did not state that Knight’s controls and procedures
complied with the rule. Instead, the certification stated that Knight had in
place “processes” to comply with the rule. This drafting error was not
intentional, the CEO did not notice the error, and the CEO believed at the time
that he was certifying that Knight’s controls and procedures complied with the
rule.8

 

F. Collateral Consequences

35.        There were collateral consequences as a result of the August 1 event,
including significant net capital problems. In addition, many of the millions of
orders that SMARS sent on August 1 were short sale orders. Knight did not mark
these orders as short sales, as required by Rule 200(g) of Regulation SHO.9
Similarly, Rule 203(b) of Regulation SHO prohibits a broker or dealer from
accepting a short sale order in an equity security from another person, or
effecting a short sale in an equity security for its own account, unless it has
borrowed the security, entered into a bona-fide arrangement to borrow the
security, or has reasonable grounds to believe that the security can be borrowed
so that it can be delivered on the date delivery is due (known as the “locate”
requirement), and has documented compliance with this requirement.10 Knight did
not obtain a “locate” in connection with Knight’s unintended orders and did not
document compliance with the requirement with respect to Knight’s unintended
orders.

 

 

8   Before signing the certification, the CEO received a report concerning
reviews that Knight personnel had performed pursuant to the WSPs. The report
contained sub-certifications from eight senior Knight employees. Although the
report contained a similar drafting error as the certification, all of the
employees who signed the report to the CEO believed that Knight was in
compliance with Rule 15c3-5.

9   17 C.F.R. § 242.200(g).

10   17 C.F.R. § 242.203(b).

 

10



--------------------------------------------------------------------------------

VIOLATIONS

 

A. Market Access Rule: Section 15(c)(3) of the Exchange Act and Rule 15c3-5

36.        Section 15(c)(3) of the Exchange Act, among other things, prohibits a
broker or dealer from effecting any securities transaction in contravention of
the rules and regulations the Commission prescribes as necessary or appropriate
in the public interest, or for the protection of investors, to provide
safeguards with respect to the financial responsibility and related practices of
brokers or dealers. Knight violated this Section through its violations,
described below, of a rule promulgated by the Commission thereunder.

37.        Subsection (c)(1)(i) of Rule 15c3-5 requires that a broker or
dealer’s risk management controls and supervisory procedures shall be reasonably
designed to prevent systematically the entry of orders that exceed appropriate
pre-set credit or capital thresholds in the aggregate for each customer and the
broker or dealer. Knight violated this requirement by failing to link pre-set
capital thresholds to Knight’s entry of orders so that Knight would stop sending
orders when it breached such thresholds. Instead, Knight relied on tools,
including PMON, that were not capable of preventing the entry of orders whose
execution would exceed a capital threshold and did not link the 33 Account to
pre-set capital thresholds. These inadequacies contributed to Knight’s failure
to detect promptly the severity of, and to resolve quickly, the problems on
August 1 or to mitigate the effects prior to the resolution of the software
issue.

38.        Subsection (c)(1)(ii) of Rule 15c3-5 requires that a broker or
dealer’s risk management controls and supervisory procedures be reasonably
designed to prevent systematically the entry of erroneous orders that exceed
appropriate price or size parameters on an order-by-order basis or over a short
period of time, or that indicate duplicative orders. Knight violated this
requirement by failing to have controls reasonably designed to prevent the entry
of erroneous orders at a point immediately prior to the submission of orders to
the market by SMARS, which had the core function of dividing parent orders into
child orders and sending them to the market. The controls that Knight had in
place were not reasonably designed to limit Knight’s financial exposure arising
from errors within SMARS, such as problems in the operation of the software that
sent child orders to fill parent orders. As evidenced by the events of August 1,
the absence of adequate controls at the point immediately prior to Knight’s
submission of orders to the market left Knight vulnerable to the financial and
regulatory risks of Knight’s erroneous entry of orders and had substantial
consequences to both Knight and the market.

39.        Subsection (b) of Rule 15c3-5 requires, among other things, that a
broker or dealer preserve a copy of its supervisory procedures and a written
description of its risk management controls as part of its books and records in
a manner consistent with Rule 17a-4(e)(7). As highlighted in the Adopting
Release, this document serves the purpose of assisting Commission and
Self-Regulatory Organization staff during an examination of the broker or dealer
for compliance with the rule.11 It also assists the broker or dealer in
conducting the reviews and

 

 

11   75 Fed. Reg. at 69812.

 

11



--------------------------------------------------------------------------------

performing the certification required by the rule. Knight violated this
requirement by failing to have an adequate written description of its risk
management controls. Knight did attempt to create a narrative of its risk
management controls after the compliance date of Rule 15c3-5, but this document
remained incomplete and, in some instances, inaccurate through the summer of
2012. The insufficiencies in this document adversely affected the quality of the
reviews Knight conducted of its risk controls after the compliance date of Rule
15c3-5. As described above, Knight’s staff had to spend considerable time and
effort identifying the missing content and correcting the inaccuracies in this
document before they could evaluate Knight’s controls.

40.         Knight also violated the overarching requirement of subsection
(b) of Rule 15c3-5 that brokers or dealers “shall establish, document, and
maintain a system of risk management controls and supervisory procedures
reasonably designed to manage the financial, regulatory, and other risks of” its
market access. As explained above, Knight lacked adequate controls for its order
router and failed to have an automated control to prevent the entry of orders
that exceeded firm-wide pre-set capital thresholds. Knight also lacked
reasonably designed controls and supervisory procedures to detect and prevent
software malfunctions that can result from code development and deployment.

41.         For example, a written procedure requiring a simple double-check of
the deployment of the RLP code could have identified that a server had been
missed and averted the events of August 1. Having a procedure that integrated
the BNET Reject messages into Knight’s monitoring of its systems likewise could
have prevented the events of August 1. Further, in 2003, Knight elected to leave
the Power Peg code on SMARS’s production servers, and, in 2005, accessed this
code to use the cumulative quantity functionality in another application without
taking measures to safeguard against malfunctions or inadvertent activation. A
written protocol requiring the retesting of the Power Peg code in 2005 could
have identified that Knight had inadvertently disabled the cumulative quantity
functionality in the Power Peg code. These shortcomings were made more
consequential by the fact that Knight did not have controls in SMARS that were
sufficient to address the risk posed by possible problems in the operation of
the software as it sent child orders to fill a parent order.

42.         Further, Knight did not have adequate controls and supervisory
procedures to guide employees’ response to incidents such as what occurred on
August 1. In light of Knight’s market access, Knight needed clear guidance for
its technology personnel as to when to disconnect a malfunctioning system from
the market.

43.         Subsection (e) of Rule 15c3-5 requires that a broker or dealer
establish, document, and maintain a system for regularly reviewing the
effectiveness of the risk management controls and supervisory procedures
required by Rule 15c3-5(b) and (c). Subsection (e)(1) of Rule 15c3-5 requires,
among other things, that a broker or dealer review, no less frequently than
annually, the business activity of the broker or dealer in connection with
market access to assure the overall effectiveness of such risk management
controls and supervisory procedures. Reasonably designed WSPs are an important
component of the system required by the rule, because they help ensure that the
broker or dealer fulfills its obligations to conduct a review of the overall
effectiveness of its risk management controls and supervisory procedures.

 

12



--------------------------------------------------------------------------------

44.         Knight violated subsection (e) of Rule 15c3-5 because its system for
regularly reviewing the effectiveness of its risk management controls was
inadequate. For example, Knight’s WSPs were incomplete as written and did not
provide clear guidance as to what they required. Further, Knight’s initial
assessment of its market access controls did not sufficiently consider whether
the controls were reasonably designed to manage Knight’s market access risks or
whether Knight needed additional controls. This review, and the post-compliance
date reviews, failed to consider adequately the risks posed by possible
malfunctions in SMARS, one of Knight’s primary systems for accessing the
markets, and failed to consider Knight’s inability to prevent the entry of
orders whose execution would exceed pre-set capital thresholds. These reviews
also failed to assess adequately the consequences of Knight’s reliance on PMON
as a primary risk monitoring tool, such as the risks posed by the lack of
automated alerts and PMON’s inability to prevent the entry of orders that would
exceed a capital threshold or position limit. Further, Knight’s reviews did not
adequately consider the root causes of previous incidents involving the entry of
erroneous orders and the reasons why Knight’s controls failed to limit the harm
from those incidents. Knight reacted to the events narrowly, limiting its
responses to changes designed to prevent the exact problem at hand from
recurring.

45.         Subsection (e)(2) of Rule 15c3-5 requires that a broker or dealer’s
CEO (or equivalent officer) certify on an annual basis that the firm’s risk
management controls and supervisory procedures comply with paragraphs (b) and
(c) of Rule 15c3-5. The certification signed by Knight’s CEO did not state that
Knight’s controls and supervisory procedures complied with those provisions of
the rule. Rather, it stated that Knight had in place “processes” to comply with
the rule. Certifying to the existence of processes is not equivalent to
certifying that controls and procedures are reasonably designed and comply with
the rule. Accordingly, Knight violated subsection (e)(2) of Rule 15c3-5.

 

B. Regulation SHO: Rules 200(g) and 203(b)

46.         Rule 200(g) of Regulation SHO requires each broker or dealer to mark
all sell orders of any equity security as “long,” “short” or “short exempt.”

47.         Rule 203(b) of Regulation SHO states that a broker or dealer “may
not accept a short sale order in an equity security from another person, or
effect a short sale in an equity security for its own account, unless the broker
or dealer has: (i) [b]orrowed the security, or entered into a bona-fide
arrangement to borrow the security; or (ii) [r]easonable grounds to believe that
the security can be borrowed so that it can be delivered on the date delivery is
due; and (iii) [d]ocumented compliance with” these requirements.

48.         Knight violated Rules 200(g) and 203(b) of Regulation SHO on
August 1, 2012, by mismarking short sale orders as “long” and by failing to
borrow, enter into a bona-fide arrangement to borrow, or have reasonable grounds
to believe that the securities could be borrowed, so that they could be
delivered on the date delivery was due, and failing to document compliance with
this requirement, before effecting short sales.

 

13



--------------------------------------------------------------------------------

49.         Based on the foregoing, the Commission finds that Knight willfully12
violated Section 15(c)(3) of the Exchange Act and Rule 15c3-5 thereunder, and
Rules 200(g) and 203(b) of Regulation SHO.

REMEDIAL EFFORTS

50.         In determining to accept the Offer, the Commission considered
remedial acts that Knight undertook and the cooperation that Knight afforded to
the Commission staff following the August 1 event.

UNDERTAKINGS

51.         Respondent has undertaken to do the following:

 

  A. Retain at its own expense one or more qualified independent consultants
(the “Consultant”) not unacceptable to the Commission staff to conduct a
comprehensive review of Respondent’s compliance with Exchange Act Rule 15c3-5,
including but not limited to:

 

  i. Respondent’s software development lifecycle processes for all of Knight’s
business critical systems and applications, including trading systems, finance,
risk, and compliance; and

 

  ii. Respondent’s risk management controls and supervisory procedures,
including those pertaining to Respondent’s: (a) deployment of new software and
code; (b) order routers; (c) firm-wide capital thresholds and the linkage, on an
automated, pre-trade basis, of such thresholds to the entry of orders; and
(d) incident response protocols.

Such Consultant shall prepare a written report (the “Report”) that:

 

  iii. evaluates the adequacy of Respondent’s software development lifecycle
processes and its risk management controls and supervisory procedures to manage
Respondent’s financial, regulatory, and other risks of market access; and

 

  iv. as may be needed, makes recommendations about how Respondent should modify
or supplement its processes, controls, and procedures to manage its financial,
regulatory, and other risks of market access.

Respondent shall provide a copy of the engagement letter within fourteen
(14) days of the date of this Order detailing the Consultant’s responsibilities
to Commission staff.

 

 

 

12   A willful violation of the securities laws means merely “‘that the person
charged with the duty knows what he is doing.’” Wonsover v. SEC, 205 F.3d 408,
414 (D.C. Cir. 2000) (quoting Hughes v. SEC, 174 F.2d 969, 977 (D.C. Cir.
1949)). There is no requirement that the actor “‘also be aware that he is
violating one of the Rules or Acts.’” Id. (quoting Gearhart & Otis, Inc. v. SEC,
348 F.2d 798, 803 (D.C. Cir. 1965)).

 

14



--------------------------------------------------------------------------------

  B. Cooperate fully with the Consultant, including providing the Consultant
with access to Respondent’s files, books, records, and personnel (and
Respondent’s affiliated entities’ files, books, records, and personnel, in each
case to the extent they relate to Respondent), as reasonably requested for the
above-mentioned reviews, and obtaining the cooperation of respective employees
or other persons under Respondent’s control. Respondent shall require the
Consultant to report to Commission staff on its activities as the staff may
request.

 

  C. Permit the Consultant to engage such assistance, clerical, legal, or
expert, as necessary and at a reasonable cost, to carry out its activities, and
the cost, if any, of such assistance shall be borne exclusively by Respondent.

 

  D. Require the Consultant within thirty (30) days of being retained, unless
otherwise extended by Commission staff for good cause, to provide Respondent and
Commission staff with an estimate of the time needed to complete the review and
prepare the Report and provide a proposed deadline for the Report, subject to
the approval of Commission staff.

 

  E. Require the Consultant to issue the Report by the approved deadline and
provide the Report simultaneously to both Commission staff and Respondent.

 

  F. Submit to Commission staff and the Consultant, within thirty (30) days of
the Consultant’s issuance of the Report, the date by which Respondent will adopt
and implement any recommendations in the Report, subject to Sections
F(1)-(3) below and subject to the approval of Commission staff.

 

  (1)

As to any recommendation that Respondent considers to be, in whole or in part,
unduly burdensome or impractical, Respondent may submit in writing to the
Consultant and Commission staff a proposed alternative reasonably designed to
accomplish the same objectives, within sixty (60) days of receiving the Report.
Respondent shall then attempt in good faith to reach an agreement with the
Consultant relating to each disputed recommendation and request that the
Consultant reasonably evaluate any alternative proposed by Respondent. If, upon
evaluating Respondent’s proposal, the Consultant determines that the suggested
alternative is reasonably designed to accomplish the same objectives as the
recommendations in question, then the Consultant shall approve the suggested
alternative and make the recommendations. If the Consultant determines that the
suggested alternative is not reasonably designed to accomplish the same
objectives, the Consultant shall reject Respondent’s proposal. The Consultant
shall inform Respondent of the Consultant’s final determination

 

15



--------------------------------------------------------------------------------

  concerning any recommendation that Respondent considers to be unduly
burdensome or impractical within fourteen (14) days after the conclusion of the
discussion and evaluation by Respondent and the Consultant.

 

  (2) In the event that Respondent and the Consultant are unable to agree on an
alternative proposal, Respondent shall accept the Consultant’s recommendations.

 

  (3) Within thirty (30) days after final agreement is reached on any disputed
recommendation, Respondent shall submit to the Consultant and Commission staff
the date by which Respondent will adopt and implement the agreed-upon
recommendation, subject to the approval of Commission staff.

 

  G. Adopt and implement, on the timetable set forth by Respondent in accordance
with Item F, the recommendations in the Report. Respondent shall notify the
Consultant and Commission staff when the recommendations have been implemented.

 

  H. Require the Consultant to certify, in writing, to Respondent and Commission
staff, that Respondent has implemented the agreed-upon recommendations for which
the Consultant was responsible and that Knight’s risk management controls and
supervisory procedures are reasonably designed to manage the financial,
regulatory, and other risks of market access. The Consultant’s certification
shall be received within sixty (60) days after Respondent has notified the
Consultant that the recommendations have been implemented.

 

  I. Within one hundred and eighty (180) days from the date of the applicable
certification described in paragraph H above, require the Consultant to have
completed a review of Knight’s revised product development processes and risk
management controls and supervisory procedures and submit a final written report
(“Final Report”) to Respondent and Commission staff. The Final Report shall
describe the review made of Knight’s revised processes, controls, and
procedures, and describe how Knight is implementing, enforcing, and auditing the
enforcement and implementation of those processes, controls, and procedures. The
Final Report shall include an opinion of the Consultant as to whether the
revised processes, controls, and procedures and their implementation and
enforcement by Respondent and Respondent’s auditing of the implementation and
enforcement of those processes, controls, and procedures are reasonably designed
to manage the financial, regulatory, and other risks of market access.

 

  J. To ensure the independence of the Consultant, Respondent shall not have the
authority to terminate the Consultant without prior written approval of
Commission staff and shall compensate the Consultant and persons engaged to
assist the Consultant for services rendered pursuant to this Order at their
reasonable and customary rates.

 

16



--------------------------------------------------------------------------------

  K. Require the Consultant to enter into an agreement that provides for the
period of engagement and for a period of two years from the completion of the
engagement, that the Consultant shall not enter into any employment, consultant,
attorney-client, auditing, or other professional relationship with Respondent,
or any of its present or former affiliates, directors, officers, employees, or
agents acting in their capacity. The agreement will also provide that the
Consultant will require that any firm with which he/she/it is affiliated or of
which he/she/it is a member, and any person engaged to assist the Consultant in
performance of his/her/its duties under this Order shall not, without prior
written consent of Commission staff, enter into any employment, consultant,
attorney-client, auditing or other professional relationship with Respondent, or
any of its present or former affiliates, directors, officers, employees, or
agents acting in their capacity as such for the period of the engagement and for
a period of two years after the engagement.

 

  L. Respondent may apply to Commission staff for an extension of the deadlines
described above before their expiration and, upon a showing of good cause by
Respondent, Commission staff may, in its sole discretion, grant such extensions
for whatever time period it deems appropriate.

 

  M. Certification of Compliance by Respondent: Respondent shall certify, in
writing, compliance with the undertakings set forth above. The certification
shall identify the undertakings, provide written evidence of compliance in the
form of a narrative, and be supported by exhibits sufficient to demonstrate
compliance. The Commission staff may make reasonable requests for further
evidence of compliance, and Respondent agrees to provide such evidence. The
certification and supporting material shall be submitted to Robert A. Cohen,
Assistant Director, Market Abuse Unit, Division of Enforcement, with a copy to
the Office of Chief Counsel of the Enforcement Division, no later than sixty
(60) days from the date of the completion of the undertakings.

IV.

In view of the foregoing, the Commission deems it necessary and appropriate in
the public interest, and for the protection of investors, to impose the
sanctions agreed to in Respondent’s Offer.

Accordingly, pursuant to Sections 15(b) and 21C of the Exchange Act, it is
hereby ORDERED that:

A.         Respondent Knight cease and desist from committing or causing any
violations and any future violations of Section 15(c)(3) of the Exchange Act and
Rule 15c3-5 thereunder, and Rules 200(g) and 203(b) of Regulation SHO.

 

17



--------------------------------------------------------------------------------

B.         Respondent Knight is censured.

C.         Pursuant to Section 21B(a)(1) and (2) of the Exchange Act, Respondent
Knight shall, within ten (10) days of the entry of this Order, pay a civil money
penalty in the amount of $12,000,000 ($12 million) to the United States
Treasury. If timely payment is not made, additional interest shall accrue
pursuant to 31 U.S.C. § 3717. Such payment must be made in one of the following
ways: (1) Respondent Knight may transmit payment electronically to the
Commission, which will provide detailed ACH transfer/Fedwire instructions upon
request; (2) Respondent may make direct payment from a bank account via Pay.gov
through the SEC website at http://www.sec.gov/about/offices/ofm.htm; or
(3) Respondent Knight may pay by certified check, bank cashier’s check, or
United States postal money order made payable to the Securities and Exchange
Commission and hand-delivered or mailed to:

Enterprise Services Center

Accounts Receivable Branch

HQ Bldg., Room 181, AMZ-341

6500 South MacArthur Boulevard

Oklahoma City, OK 73169

Payments by check or money order must be accompanied by a cover letter
identifying Knight as a Respondent in these proceedings and the file number of
these proceedings; a copy of the cover letter and check or money order must be
sent to Daniel M. Hawke, Chief, Market Abuse Unit, Division of Enforcement,
Securities and Exchange Commission, The Mellon Independence Center, 701 Market
Street, Philadelphia, PA 19106-1532.

D.         Respondent Knight shall comply with the Undertakings enumerated
above.

 

By the Commission.

 

Elizabeth M. Murphy Secretary

 

18