The Agile development methodology and Continuous Delivery has delivered on many promises. We have all seen
- Faster development cycles
- Faster IT reaction times
- Better prioritization of business objectives
- Easier balancing of technical and business objectives
New regulations, for example the Regulation Algorithmic Trading by the CFTC, have begun looking at accountability. And it isn’t a strictly American issue. Reuters
reported that the FCA wants to see greater accountability too.
This accountability isn’t limited to who is executing the trades anymore. The CCO, IT managers, and other people, especially registered individuals will be held accountable.
Under Regulation AT the CFTC wants to be able to see the code which is running. At some point in time they are going to ask some of the following questions:
- Who designed this algorithm?
- Who approved the algorithm?
- Who wrote this code?
- Who tested this code?
- What was tested?
- Who approved its use in production?
- Who approved the pre-trade limits?
So why discuss this in conjunction with Agile?
In a recent conversation with a friend running an algo desk at a broker dealer he lamented the loss of a proper audit trail. A conversation in a daily Scrum, or in a Sprint Planning is often not documented. Without documentation you cannot answer the above
The Agile Manifesto states:
We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan
That is, while there is value in the items on the right, we value the items on the left more.
In practice, some have forgotten the last sentence. “...while there is value in the items on the right…” We as industry professionals must not abandon the “value on the right” just to accept the manifesto.
Regulations are Changing to Meet a Digital Age
There remains value on the right when it comes to algos. Regulations are changing to meet the new ever changing digital age. The regulators are now acting like IT auditors. They are going to be looking at the process as much as the results.
Therefore we must be proactive. Our use of Agile and Continuous Delivery needs to not ignore the traditional process controls. Therefore we need to be able to explain the process. This can be done within the Agile process. However we have to put some emphasis
on “the things on the right.”
- Our process needs to be documented. Especially the designers, testers, and approvers.
- Our documentation does not need to be comprehensive, but it needs to be more than just jira story points.
- Our response to change needs to have documented approvals.
What About Continuous Delivery?
Martin Fowler, a long term software development specialist and technical evangelist, describes Continuous Delivery as “a software development discipline where you build software in such a way
that the software can be released to production at any time.”
Many trading firms are moving to a Continuous Delivery model because it does allow for rapid change in response to changing trading conditions.
The regulators however are asking for greater accountability. They will want answers to those control and process questions.
Does this mean that Continuous Delivery isn’t possible with algo trading? Absolutely not. We must however make sure that the people involved in the development and change of the algo have auditable approvals along the way.