Walk onto any trading floor, and the first thing you notice are the screens. You’d think that traders staring at three, six or even nine displays might not be tempted to pull out a smartphone or tablet, but you’d be wrong. And this worries risk officers and the technologists who have to support the trading desks.
Three years ago, the IT world was abuzz with BYOD, or Bring Your Own Device, the idea that companies should accommodate personal smartphones and tablets in the office. As phones from Apple and Samsung leapfrogged ahead of the once-ubiquitous BlackBerry, and as the Apple iPad and tablets from Samsung and Google proved to be business-ready, firms have had to deal with employees who want to access work e-mail, view client data and use office applications on their handhelds. Cue the IT and compliance headaches.
Some investment firms established policies that were far from subtle. In 2005, Goldman Sachs globally banned cellphones on the trading floor. Since then, firms have been rushing to maintain compliance and satisfy trader demands by adopting security and surveillance technology — and using a variety of strategies to get employees on board with what is potentially an intrusion on their privacy. The trend is still evolving as investment firms develop and adjust their mobile device management (MDM) policies.
The attention given to private devices comes as communications overall are more closely monitored and restricted than ever. The risks are real. The recent LIBOR and FX rigging scandals were allegedly hatched in personal texts and chats both internally and across financial firms. More than a year ago, Goldman and several other banks, including Citi, Deutsche Bank and JPMorgan, banned employees from engaging in chats with bankers from competing firms. Goldman also banned Bloomberg, AOL, Yahoo and Pivot instant messaging in its securities division over concerns that private discussions on security pricing were being leaked.
Meanwhile, some of the same firms began rolling out their BYOD programs. JPMorgan and UBS reportedly started their programs in 2010, and Goldman Sachs, after reportedly beta-testing its own for more than a year, began a BYOD program in 2013. (Goldman Sachs did not accept requests to comment on this article.)
MDM On the Floor
MDM policies run the gamut from simply segregating work e-mail from personal accounts to adding restrictions on use and outright surveillance. In some cases, firms have the ability to remotely wipe the device clean if it is lost or stolen. Some investment firms get around the issue and seemingly provide a benefit by inviting employees to choose from smartphones and tablets they provide. This is termed “CYOD,” as in “choose your own device.” These devices are installed with security software and have company-controlled settings for the device’s administrator, firewall and network. One source at a security software firm told us that rather than allow BYOD, some multinational firms are signing large deals with global providers to furnish devices to employees. In the U.S., this is generally an Android or iPhone; in Europe, it is more likely to be Microsoft’s Nokia Lumia.
A more minimal approach seeks to secure business info held on a phone or tablet. Good Technology claims to be a pioneer of what experts call “containerization.” IT installs an application such as Good onto employee devices; the app creates a secure barrier between business and personal, and user identity is authenticated each time the business side is accessed. If a trader using his phone for sensitive work e-mails leaves it at the bar or on the train, he can call IT and the business data can be remotely wiped clean, leaving the personal info intact. To allow BYOD, many corporations use some form of containerization software.
When it comes to doing more than checking and responding to e-mail before or after work hours, things get more complex. Eze Software Group provides mobile and web-based versions of its OMS, EMS and PMS products, but acknowledges that most of the activity it sees is oriented toward “viewing” rather than “doing.” “We are getting more and more requests for portability and access to desktop information, in the office and once folks are untethered. People need access to P&L, to risk, to positions,” said Robert Agne, software group director and head of product management for Eze Software.
But when it comes to executing trades on an iPad, Agne admitted that adoption has been limited. “Traders like being at the desk. They may check positions and other data on their phones or iPads,” he told Traders. “The institutional shops, in terms of risk control, do not want traders out and about. They are by design anchored to the workplace. More mobile people are often the portfolio managers, the chief risk officers, the compliance officers. Alternative shops might have traders out and about with a portable device, but larger institutions just do not allow it.”
The big worry is security, according to Agne. “When we were first pitching mobile to our clients, they said, ‘What are you doing to make sure that this is secure?’ We had to make sure we had comprehensive packages, application-level security and secure communication,” he said. Speaking generally about the industry, he added, “Now everything is remote and mobile and cloud-based; people’s entire order book has the potential to be in the cloud. Any firm doing anything in Web and mobile has done its homework regarding security.”
PrIvacy Vs.Productivity
Outside the realm of providing functionality — essentially, just accessing data — lurks the dual threat to security of talk and text. This is the arena that worries firms the most when it comes to their BYOD programs. Dodd-Frank’s requirement that the entire trade process must be reconstructable has in some cases caused firms to severely restrict use of personal devices for traders on the floor. It has also sparked the development of advanced surveillance technology.
Mark Miller is the North American general manager for T-Ware Connect, a subsidiary of TeleWare; its software records, archives and scans voice and text. He said that when a bank adopts BYOD, there is a tendency by IT and compliance to overdo their security in regard to what is and isn’t accessible, essentially “locking down” the device for the sake of security. “The promise of the freedom of one’s own personal device is shattered,” he pointed out. That said, traders are resourceful and will often find ways to work around device lockdowns. “Ultimately, banks need to focus more on actively monitoring non-compliant or harmful device activity rather than simply locking down the device,” Miller said.
Miller recalled the archetypal scene that depicted trades shouting across the floor or into a traditional telephone. “Obviously, electronic trading has taken over most aspects of the traditional process; however, phone calls are still used for pre-trade development and in the negotiation process,” he said. “Most traders will tell you their smartphone is vital to the way they conduct business, and that they use it on and off the trading floor.”
In some cases, firms limit the surveillance to swaps and derivatives conversations, and in others all interactions are recorded and archived. As technologies advance, they will be used to spot wrongdoing through scanning for keywords and sentiment analysis. Some traders might blanch at the thought that management is reviewing their conversations — and in some cases, no doubt, they probably should. In a video memo leaked last year, Colin Fan, head of markets and co-head of corporate securities at Deutsche Bank, sternly warned its traders that he had lost patience with those whose language did not reflect well on the company’s reputation. “Being boastful, vulgar or indiscreet is not OK,” he warned in the video.
Still Not Ready For Trading
But are users running algos, ordering and executing trades, calculating NAV and hedging currency risk on tablets and smartphones?
Not a chance, said Alex Tabb of TABB Group, who added that the reasons for this are more nuanced than security and even compliance. In short, the devices aren’t powerful enough for the overwhelming flood of data a modern trader uses on his or her desktop workstation. “The pre-trade analytics and risk control don’t easily merge with BYOD,” he said. “These devices are better for content delivery and e-mail. Wealth managers use them for displaying information for clients. We have seen no evidence that anyone is writing or using an institutional algo or app to trade a 10,000 share block on their iPhone or iPad.”
Despite the freedom and convenience of using smartphones and handheld devices, challenges remain. Compliance, which was once an overlay onto everyday activity, is becoming integrated into the IT/communications framework. As this evolution continues and big banks develop their own bespoke MDM solutions, banks may be able to mine those mountains of archived information and improve trading strategies.
One irony is that where regulation demands transparency, we are drawn to the supposed privacy of a personal device – two forces directly at odds. Also, the screens of handheld devices – even the larger iPhones and Samsung Galaxies – are still too small to view dense fields of trading data. And then there are those of us with large thumbs.
As trading firms embrace super-fast networks, complex trading algorithms and artificial intelligence, they still need time to figure out how to securely manage the same device that every 10-year-old wants on his or her birthday.