The Markets in Financial Instruments Directive (MiFID), in its second iteration, kicks in January 3, 2018, across the European Union, but the effects will be felt worldwide. In the United States, the Security and Exchange Commission will begin to implement its Consolidated Audit Trail (CAT), which will make similar demands on the precision of timekeeping. The hope for both pieces of regulation is that major market-shaking events—or any market event of note—which may only last fractions of a second but may involve thousands or millions of transactions and hundreds of millions or billions in market value will be reconstructable with a high level of confidence and precision to see exactly what caused what.
For financiers, technologists, and any in the intersection of those two groups, this is no major plot twist. Anyone with eyes would have seen MiFID II and CAT coming for the almost completely digital world of finance. But MiFID II (specifically RTS 25) and CAT represent the first major, global steps in a new type of digital algorithmic oversight that already has ramifications for business, security, and technology worldwide.
These two new regimes are harbingers of the new reality of time. For much of human history, our perception of seconds or tenths of seconds has been sufficient to keep track of the world and what is going on in it. But as we undergo our global digital transformation, which we’ve been privileged to go through at a bit of an advanced schedule in finance, the resolution with which we must see the world, and the reality of how we understand time, are undergoing a fundamental change. Now, we must see the world in nanoseconds—or see nothing at all.
Regulation and compliance are predicated on a few simple questions made very complicated: what happened first, and what caused what? Straightforward in essence, but when millions of events are happening in a second—messages sent, received, acted upon, responded to across thousands of entities—they become much more complicated to answer. Needless to say, chronology must be established to draw any conclusions about causation. If we cannot tell which transaction happened first, we are severely handicapped in identifying underlying problems. Perhaps the first warning bell was the 2010 Flash Crash, which took five months of sifting to unravel and five years to prosecute.
MiFID II and CAT are asking, ostensibly, for compliance and recordkeeping in a regulatory sense. But it is easy to see that such detailed transaction data, agnostic by nature, is the ultimate tool for evaluating and improving digital performance as well as reconstructing cyber-attacks and, hopefully, preventing them in the future.
In this new reality of time we see that regulation, security, and performance are quickly converging. MiFID II and CAT are asking, ostensibly, for compliance and recordkeeping in a regulatory sense. But it is easy to see that such detailed transaction data, agnostic by nature, is the ultimate tool for evaluating and improving digital performance as well as reconstructing cyber-attacks and, hopefully, preventing them in the future. Make no mistake: Attackers are going algorithmic, as complex code and processing power becomes more and more of a commodity. The next round of regulations may very well be focused in this area, which is an existential threat to the stability and confidence of markets.
MiFID II and CAT make a good alphabet soup on their own, but there are two more letters that describe what seems to be an inevitable near-future: AI. The future looks like AI, and AI will run the future very fast. Speculating on the eventual applications of powerful AI brains is pure creative fun; an exercise in sci-fi-flavored excitement. AI will certainly revolutionize large swaths of the human world in industry, in commerce, and in our homes and personal lives.
But there is an important logistical consideration that is usually glossed over. When machines run everything, milliseconds—even nanoseconds—matter. Any AI out there acting of its own accord to perform some task wouldn’t be so different from the countless algorithms floating around today. And that means that, in a similar way, we’ll want and need to know exactly what they are doing and why they are doing it. Eventually, we’ll probably want to figure out why they did something strange or unexpected, and that will mean being able to reliably reconstruct a sequence of events that happen far beyond the limits of human cognition.
We don’t see enough of time right now, and we definitely don’t understand it. MiFID II and CAT are pushing us to think in the right direction, but they are only the first reminder that we need to update how we think about networks, security, AI, data, and time itself. The waves of their impact will be felt far beyond Europe and far beyond the financial markets, and the bar they set in terms of precision time visibility will only rise.
We, in finance, should be glad we get to see something like MiFID II first (at least the time and transparency aspects of it). We should embrace it, because it will be a watershed regime in the future of technology. The concerns raised and addressed by MiFID II (and CAT) will, sooner than later, be prescient for every industry and even more, for every nation, city, or global organization.
David Murray is the Chief Business Development Officer at Corvil.