SS5/18 – Algorithmic trading

Export guidance as




This supervisory statement (SS) sets out the PRA’s expectations of a firm’s risk management and governance of algorithmic trading and should be read alongside: Commission Delegated Regulation (EU) 2017/565 on organisational requirements and operating conditions for investment firms1 (if applicable); the General Organisational Requirements Part and Risk Control Part of the PRA Rulebook; European Securities and Markets Authority (ESMA) Guidelines on systems and controls in automated trading environment trading platforms;2 Joint ESMA and European Banking Authority (EBA) Guidelines on the assessment of suitability of members of the management body and key function holders;3 and EBA Guidelines on internal governance.4



This SS applies to firms that engage in algorithmic trading5 and are subject to the rules in the Algorithmic Trading Part of the PRA Rulebook and Commission Delegated Regulation (EU) 2017/589.6 It also applies to all algorithmic trading activities of a firm including in respect of unregulated financial instruments such as spot foreign exchange (FX).


  • 5. As defined in the Algorithmic Trading Part of the PRA Rulebook.
  • 6. Commission Delegated Regulation (EU) 2017/589 of 19 July 2016 supplementing Directive 2014/65/EU of the European Parliament and of the Council with regard to regulatory technical standards specifying the organisational requirements of investment firms engaged in algorithmic trading.


In setting these expectations, the PRA considers that a firm’s risk controls are critical to ensuring appropriate governance arrangements are in place when engaging in algorithmic trading. Such controls express the risk appetite of a firm’s governing body and include, for example, restrictions as to the types of security that can be traded and eligibility of counterparties.


The PRA sets expectations in respect of a firm’s algorithmic trading activities in a number of areas:

  • Governance;
  • Algorithm approval process (by the firm);
  • Testing and deployment;
  • Inventories and documentation; and
  • Risk Management and Other Systems and Controls functions.

Export chapter as




A firm that engages in algorithmic trading should ensure that this activity adheres to its strategic objectives, risk strategy, and governance as set by its governing body.


The PRA expects the firm’s governing body or, where applicable, its risk committee to approve the governance framework for the oversight of the firm’s algorithmic trading.

The governance framework


The PRA expects the governance framework to define lines of responsibility, including for:
(a) overseeing the execution of the algorithmic trading policy and monitoring adherence to that policy;
(b) reviewing and approving algorithms in line with the algorithm approval process;
(c) assigning ownership for the inventory of algorithms and risk controls;
(d) ensuring the inventories of algorithms and risk controls are accurate;
(e) assigning ownership for the kill-switch controls; and
(f) setting out and overseeing a process that reviews algorithmic trading incidents, where an incident occurs if an algorithm or a risk control does not operate as intended.

The management body


The PRA expects the firm’s management body to have, and to maintain, an understanding of the firm’s algorithmic trading and the risk controls viewed as most important to mitigate and contain the risks from algorithmic trading.


The management body should identify the relevant Senior Management Function(s) (SMF(s)) with responsibility for algorithmic trading and ensure that this is included in the SMF’s Statement of Responsibility.


The firm’s management body should ensure, at a minimum, that:
(a) traders, prior to trading electronically, understand the characteristics of algorithms, trading venues and market liquidity;
(b) traders’ access to algorithms aligns to their remit and the firm’s risk management framework and appetite; and
(c) there is oversight of traders’ use of algorithms.

Algorithmic trading policy


The PRA expects a firm to have an algorithmic trading policy which at a minimum should:
(a) identify the firm’s algorithmic trading activity, including where it is undertaken within the firm;
(b) define the term ‘algorithm’ as used by the firm in the context of algorithmic trading;
(c) prescribe the process for the approval and decommissioning of an algorithm;
(d) outline the testing and validation process for algorithmic trading, including who has responsibility for these activities. The PRA expects the testing and validation process to have a clear scope and purpose and to express the prioritisation and frequency with which testing and validation should be undertaken;
(e) set out minimum requirements for the monitoring and risk management of algorithmic trading, including escalation procedures relating to limit breaches;
(f) set out minimum risk controls that should be in place;
(g) set out the minimum standards for calibration of risk controls. The PRA expects a firm in the calibration of its risk controls to have accounted for a range of market conditions (both historical and hypothetical), including stressed market conditions;
(h) set out the roles and responsibilities of the algorithm owners and the risk control owners;
(i) set out minimum requirements for the structure and content of inventories of algorithms and risk controls;
(j) set minimum requirements for documentation in relation to algorithmic trading; and
(k) make reference to other policies and procedures, as necessary.

Export chapter as


Algorithm approval process


The PRA expects a firm to embed an algorithm approval process as part of its systems and controls, which captures:
(a) new algorithms; and
(b) customisation of, or amendment to, existing algorithms.


A firm may choose to have different approval requirements depending on the algorithm’s use, and where relevant the customisation or amendment being made. The PRA expects the:
(a) approval process to be commensurate with the risks the firm could be exposed to via the algorithm;
(b) firm to set out its approval requirements, clearly indicating the conditions under which different approval requirements apply, if appropriate; and
(c) firm to ensure that the approval process does not incentivise approvals to be made in a manner that could result in a lower rigour of review. For example, the PRA would not expect a significant change to an algorithm to be broken into a number of smaller changes, each of which would be subject to testing less rigorous than would be applied to the significant change itself.

Conditions to be met prior to granting approval


Prior to approval, the PRA expects, at a minimum:
(a) each algorithm to have assigned owners, who are accountable for the algorithm’s use and performance. Such accountability includes ensuring that the algorithm is appropriately developed, implemented, used as intended and has undergone appropriate testing and deployment;
(b) testing to be successfully completed; and
(c) all relevant functions (eg Front Office, Risk Management,7 Other Systems and Controls functions) to have considered and to have signed-off on the risks relevant to that function that the algorithm could expose the firm to. This should be assessed under both normal, and severe but plausible conditions.


  • 7. Which are independent from the Front Office.


The PRA expects the firm’s approval process to include the risk controls that must be in place prior to granting approval to use an algorithm. The PRA expects the risk controls to align with the firm’s risk appetite. At a minimum, the PRA expects there to be risk controls that limit exposure to a counterparty, order attribution, message rate, frequency of orders, stale data, and order and position size (including in relation to market liquidity).


The PRA expects a firm to have manual and automated controls that stop trading or prevent user access, and with manual intervention required to restart trading (referred to as ‘kill-switch’ controls). A firm, at a minimum, is expected to:
(a) have a governance process around the use of kill-switch controls;
(b) detail the action to be taken in respect of outstanding and placed orders when kill-switch controls are activated; and
(c) periodically assess kill-switch controls to ensure that they operate as intended. This includes an assessment of the speed at which the procedure can be affected.

Export chapter as


Testing and deployment


The PRA expects all algorithms (including those provided by external vendors) and risk controls to be tested prior to deployment. Testing should assess their design and implementation.


The PRA expects a firm periodically to re-validate algorithms and risk controls. The reviews should be carried out at a frequency and with a level of rigour commensurate with the risks the firm could be exposed to if algorithms or risk controls are not operating as intended.


The PRA expects all relevant functions (including Front Office, Risk Management and Other Systems and Controls) to ensure that automated risk controls relevant to that function operate as intended. This involves authorising the design of tests and signing off the results of such tests to ensure the automated risk controls operate as intended.


Any variation of an algorithm (for example, regional variation) should be classified as a new algorithm and therefore subject to separate testing and approval. Minimum testing requirements should be clearly documented for all cases (new and variation of algorithms).


The PRA expects testing to be undertaken:
(a) by a competent team that was not involved in the development (including implementation) of the code; and
(b) with material differences between the test environment and the production environment being included in the testing documentation.


Prior to deployment, the PRA expects, at a minimum, a firm to assess:
(a) the latency8 of the algorithmic trading system. The algorithmic trading system is the infrastructure used for algorithmic trading, including infrastructure used to oversee and manage algorithmic trading, for example the firm’s risk management systems;
(b) the latency between different parts of the algorithmic trading system where there are dependencies. The firm should ensure that the latency does not adversely impact operations, including the intended operation of the risk controls; and
(c) system capacity, including the number of orders that can be processed per second, both under normal and severe but plausible market conditions. The firm should detail the contingency plan to be followed if system capacity appears likely to be exhausted under normal and severe but plausible market conditions.9


  • 8. Latency is the speed at which an action occurs following the issuing of an instruction. That is, the time it takes for an instruction to be sent from point A and received at point B and for B to then to start to act on the instruction.
  • 9. The head-room capacity, which is the capacity that is not utilised under normal market conditions, should be known to those involved in operating and overseeing algorithmic trading.


The PRA expects a firm, where it is connected to a trading venue, to assess the operational arrangements at the trading venue and determine whether actions should be taken to ensure that the algorithmic trading system operates as intended and, if necessary, what these actions should be.


The PRA expects a firm, where it is using infrastructure provided by an external vendor, to assess whether actions should be taken to ensure that the algorithmic trading system operates as intended and, if necessary, what these actions should be.


When deficiencies or errors are identified during the testing process, the firm should take remedial action. In particular, the use of the algorithm could be prohibited or limited via controls. The firm should have a process for managing identified issues that includes the tracking and documenting of outstanding issues to an auditable standard.

Export chapter as


Inventories and documentation


The PRA expects a firm to have the following inventories and documentation:
(a) a single and comprehensive inventory of algorithms;
(b) a single and comprehensive inventory of risk controls;
(c) documents that set out each algorithm’s strategy and risk mitigants;
(d) documents that set out the algorithmic trading system architecture; and
(e) documentation of kill-switch controls procedures.


The inventories and documentation referred to above in paragraph 5.1 should be:
(a) reviewed by staff independent of the development of the algorithms;
(b) reviewed at least annually and updated if necessary;
(c) accessible by all the firm’s personnel who have responsibility for the oversight of algorithmic trading; and
(d) available to the PRA on request.

Inventory of algorithms


The inventory of algorithms should include, in respect of each algorithm:
(a) provide a brief overview;
(b) detail the status of the algorithm (eg implemented for use, under development, and/or recently retired);
(c) state the date(s) the algorithm was approved and, if appropriate, retired;
(d) detail the scope of approval of the algorithm, in terms of region, asset class, instrument, desk, portfolio;
(e) detail any restrictions placed on the algorithm when approved;
(f) identify the algorithm owner(s);
(g) provide a link to the algorithm’s documentation; and
(h) provide a unique identifier.

Inventory of risk controls


The inventory of risk controls, at a minimum, should in respect of each control:
(a) provide a brief overview, including the risk being mitigated by the control;
(b) indicate whether the control is classed as a limit or trigger;
(c) detail whether the control is for notification/alerting only, or if it results in changing the operation of the relevant algorithmic trading (for example, a control may prevent further orders being entered by a client);
(d) detail if there are any automated alerts associated with the control and who they are sent to and when;
(e) state the date the control was implemented and, if appropriate, retired;
(f) identify its location in the algorithmic trading system architecture;
(g) identify, if relevant, where its operation is dependent on other controls;
(h) detail the current setting of the control and, if appropriate, the different values that the control can be set to without requiring authorisation;
(i) detail who has authority to change the setting of the control;
(j) identify the control owner;
(k) provide a link to the controls documentation; and
(l) provide a unique identifier.


The PRA expects the inventory to include any risk controls the firm sets externally (for example, risk controls set by the firm at a trading venue).

Documentation of strategies and risk controls


The PRA expects a firm to document the strategies associated with each algorithm and the associated risk controls. This documentation should be comprehensible to those who have oversight responsibilities for algorithmic trading.

Documentation of algorithmic trading system architecture


The PRA expects a firm to document the algorithmic trading system architecture. This document should clearly identify each system within the architecture and clearly indicate where the algorithmic trading architecture and risk management systems intersect.

Kill-switch procedure


The kill-switch procedure should describe clearly the process of cessation and restarting of algorithmic trading, including clearly identifying those who have authority to re-start algorithmic trading.


The kill-switch procedure should set out points that have a bearing on the decision to stop and restart trading.


The kill-switch procedure should include details on the testing procedure to periodically assess that the kill-switch controls operate as intended.

Export chapter as


Risk Management and Other Systems and Controls functions


The functions responsible for Risk Management and Other Systems and Controls are expected to:
(a) understand algorithmic trading being undertaken at the firm, the risks that such trading exposes the firm to, and how it affects their oversight responsibilities; and
(b) have authority to challenge and ultimately restrict or impose additional controls or limits on algorithmic trading.


In addition to these general expectations, the PRA has the following specific expectations in relation to these units and/or functions.

Risk Management


The PRA expects the firm’s Risk Management function to ensure that algorithmic trading is consistent with the firm’s risk appetite and governance framework, as approved by the governing body.


The Risk Management function is responsible for ensuring that all risk controls that it owns, including those located in Front Office infrastructure, are updated in line with its expectations.


Where risk controls are located in the Front Office infrastructure but the Risk Management function does not have direct access to that infrastructure, the PRA expects there to be a policy in place that:
(a) sets out how changes are made to the risk controls; and
(b) details on who has authority following instruction from the Risk Management function for altering the risk controls.


The PRA expects the Risk Management function to manage potential concentration of risk arising from counterparties using similar algorithmic trading strategies.


For direct electronic access counterparties, the PRA expects the Risk Management function to incorporate in its frameworks the oversight and management of these counterparties. Specifically, the Credit Risk Management function should assess the suitability of counterparties with direct electronic access and, if necessary, deny access.


The Risk Management function should identify, assess and report the risks that arise from algorithmic trading if the system architecture:
(a) (including algorithms) operates as intended; and
(b) does not operate as intended.


If the system architecture operates as intended, the Risk Management function is expected to assess intra-day exposure stemming from algorithmic trading, and to design and implement, if necessary, measures to ensure that risk exposure at all times is within the firm’s risk appetite.


In addition, the PRA expects a firm’s Risk Management function to identify, assess, and report the risks that would arise were parts of the system architecture do not to operate as intended (for example, if an algorithm or its associated controls were to malfunction, causing trading to stop or to continue but in an uncontrolled way). Such risks could include:
(a) risk exposures rising beyond their limits and the firm’s risk appetite; and/or
(b) the firm failing to meet contractual or other obligations.


In respect of each of these risks, the Risk Management function should formulate and execute mitigation plans.


The PRA expects that algorithmic trading and its associated risks should be included in the design of a firm’s stress tests, and in the design of market resilience testing. Where appropriate, a firm should undertake standalone algorithmic trading stress tests.

Other Systems and Controls functions


Algorithmic trading can result in a high volume of trades over a short period of time. The PRA expects those responsible for operations and settlements to be aware of the algorithmic trading system capacity and ensure that this aligns with post-trade processing capacity. Where post-trade controls are required, such as throttling controls to handle high capacity utilisation incidents, these should be clearly documented and relevant functions, including Front Office, should be aware of them.


A firm’s Compliance Function should ensure that its algorithmic trading activities comply with the PRA Rulebook and meet the expectations set out in this SS.


A firm’s Internal Audit function should ensure that reviews of algorithmic trading activities are included in its audit plans.

Export chapter as