Article 21 Specifications for the systems of DEA providers(Article 17(5) of Directive 2014/65/EU)
- (1)
A DEA provider shall ensure that its trading systems enable it to:
- (a)
monitor orders submitted by a DEA client using the trading code of the DEA provider;
- (b)
automatically block or cancel orders from individuals which operate trading systems that submit orders related to algorithmic trading and which lack authorisation to send orders through DEA,;
- (c)
automatically block or cancel orders from a DEA client for financial instruments which that client is not authorised to trade, using an internal flagging system to identify and block single DEA clients or a group of DEA clients;
- (d)
automatically block or cancel orders from a DEA client that breach the risk management thresholds of the DEA provider, applying controls to exposures of individual DEA clients, financial instruments or groups of DEA clients;
- (e)
stop order flows transmitted by its DEA clients;
- (f)
suspend or withdraw DEA services to any DEA client where the DEA provider is not satisfied that continued access would be consistent with its rules and procedures for fair and orderly trading and market integrity;
- (g)
carry out, whenever necessary, a review of the internal risk control systems of DEA clients.
- (a)
- (2)
A DEA provider shall have procedures to evaluate, manage and mitigate market disruption and firm-specific risks. The DEA provider shall be able to identify the persons to be notified in the event of an error resulting in violations of the risk profile or in potential violations of the trading venue's rules.
- (3)
A DEA provider shall at all times be able to identify its different DEA clients and the trading desks and traders of those DEA clients, who submit orders through the DEA provider's systems, by assigning a unique identification code to them.
- (4)
A DEA provider allowing a DEA client to provide its DEA access to its own clients ("sub-delegation") shall be able to identify the different order flows from the beneficiaries of such sub-delegation without being required to know the identity of the beneficiaries of such arrangement.
- (5)
A DEA provider shall record data relating to the orders submitted by its DEA clients, including modifications and cancellations, the alerts generated by its monitoring systems and the modifications made to its filtering process.