The Rise of Dark Pools, Transaction Cost Analytics  and Algorithms was driven by the simple fact that Institutions needed to avoid market impact  by protecting themselves from information leakage.  Information leakage leads to adverse selection and that directly impacts performance; we have always known this to be true.  While Institutions have taken sometimes draconian measures to protect knowledge of their “Marketable orders”, a complex market structure coupled with the need to find liquidity may be exposing their orders, and more specifically their data to venues or uses which they are not aware.

A term Institutions need to become familiar with is Metadata.  Metadata is simply :Data about data, and it essentially is the key that allows anyone to unlock the information around an order, access and use.  Metadata is information unknowingly attached to order information, and while for the most part it is benign, it can be accessed easily and used by anyone who can access order information.

Speaking from a very high level there are three main  main types of Meta data, Structural, Descriptive,and Administrative.  Structural is more focused on relationships between objects, usually focused on tags and pre-existing indexes whereas Descriptive is exactly what it sounds like, built to identity via characteristics for lack of a better term, or unique identifiers.  Some refer to Descriptive as “Guide”. Administrative the ability to manage objects and generally access to those objects.

Institutions should be aware of the fact  that contracts with brokers and vendors may allow the technology provider to lay claim to the data entered into their system.  We all know about the regulatory requirements for keeping order data, yet while there is a lot of data is captured and stored through blotter scrapes or for TCA analysis,  some of it is not always required for regulatory purposes.  There are good reasons for a vendor to keep non-required data, such as it allows providers to have access to information should any “technology” issues arise, or for the  benefit of back testing or doing a postmortem, yet what is the limit on the use of that data, and does it really belong to the vendor?

I wonder how many Institutions understand exactly what information is maintained, who is keeping it, how long they are keeping it, what it is being used for and who has access to it.   Further while institutions make the need for anonymity surrounding marketable orders paramount, it may be that  information about “parent orders” and “un-executed orders” which may pose an even greater risk to an institutions performance.  The information is provided  through blotter integration and Trade cost analytics.

Institutions may be unknowingly relinquishing their data to these vendors and in doing so may be creating unintended risk.  In the age of increasing concerns about privacy and “gaming”  firms need to  question why their information needs to be maintained far beyond the requirements of the SEC and FINRA.

Where is your order information? Well it can be everywhere.  Prior to the age of electronic trading, the only information that was required to be kept by a broker was actual “order specifics”, and that hasn’t changed.   It simply was any correspondence, instructions and ticket information, that was it.  With the dawn of more sophisticated trading, simple order information has grown exponentially, and the data around each order has grown as well.  While we like to call electronic trading “Low Touch trading”, it really isn’t.   An order today is touched far more than it was 20 years ago.  Here’s an example where information about an order may reside:

1994	2014
Portfolio System	Portfolio System
OMS	OMS
Sell Side Trader	Pre-Trade Model
NYSE	EMS
Multiple Blotter Scrapes
40+ Dark Pools
Predictive Models
Multiple Algorithms
Multiple Smart Order Routers
Multiple Conditional Orders
IOIs
Order Advertising
File Sharing
Regulatory Files (13F etc)
Multiple Exchanges
Post trade Analysis Files
Clearing Files
Custodial Files

A bit over simplified, but the point is, data about orders is potentially being maintained at dozens of venues, and it’s not hard to comprehend that much of the order information is seen by at least one set of eyes at every stop along the way, and Metadata around those orders resides there as well.  Now of course this is not a situation where all vendors are maintaining user data and using it their advantage, nor is there any evidence that any one vendor has inadequate controls to protect it from being hacked into ala Target or Ebay, yet in the age of Big data and hacking, the risk is there and growing.   Everyone assumes, and correctly so that many, if not all  have security built in to protect user data; yet while the data is “protected” the question every buy side firm should be asking is, why are you keeping my data anyway? Institutions, just like you and I should not allow data to be maintained for any period longer than required by regulators, nor should it be used for any purpose beyond allowing vendors to provide optimal service to their users.

Institutions should insist that data ownership remains proprietary to them.    If a vendor has retained rights to an Institutions data, then that Institution should be better informed about what the data can be used for and specifically consented to it.

Jay Biancamano is CEO of Hoyvin Inc.