The report identifies three forms of direct access:
- Automated order routing through an intermediary's infrastructure, where the direct access customer's order is passed on automatically to a market for booking or execution using the intermediary's member identifier;
- Sponsored access, where the customer can send orders directly to a marketplace without using the intermediary's infrastructure but using the intermediary's member identifier; and
- Direct access, where a customer enters orders on a marketplace directly using its own (or the market's) infrastructure using an identifier for that customer. These market participants must enter into a clearing agreement with a member of the market's clearing agency.
The report notes that direct access arrangements pose potentially substantial risk to clearing firms and the market. It states that many markets are concerned that they do not have enforcement jurisdiction over their members' clients, but the report points out that the statutory regulator will have jurisdictions over all participants in its capital markets.
Intermediaries tend to mitigate their direct access risk in three ways:
- Knowing their customer (e.g. examining regulatory history, creditworthiness);
- Pre-execution risk controls (identifying problems or anomalies before an order hits the market's trading system or before it is executed); and
- Post-execution controls.
Pre-execution controls are not as effective or non-existent for sponsored access clients.
The report sets out 8 principles applicable to direct access trading arrangements, grouped in three main categories: pre-conditions for direct access, information flow and adequate systems and controls. These principles are:
- Minimum Customer Standards: establishing the customer's creditworthiness, knowledge of applicable market rules and ability to comply and ability to correctly use the order entry system.
- Agreement: The intermediary should have a binding agreement with each customer, tailored to the services to be performed. Marketplaces should consider whether they should have agreements with direct access customers.
- Rules should clearly spell out that the intermediary is responsible for trades by its direct access customers.
- Intermediaries should identify direct access customers to markets to assist in surveillance.
- Markets should provide intermediaries with adequate real time information to enable the intermediaries to institutes effective monitoring and risk assessment controls.
- Markets should have systems and controls designed to minimize market integrity concerns (e.g. disorderly trading) arising from direct access customers' activities.
- Intermediaries should have appropriate controls, particularly on a pre-trade bases, to prevent direct access customers from exceeding position or credit limits.
- Intermediaries and clearing firms should have operations and technical capabilities to manage risks arising from direct access.