NEW YORK (Reuters) - Some brokerages still do not have proper buffers in place to protect against technology errors or rogue algorithms which could rile markets, although many have improved their compliance with new rules, U.S. regulators said on Tuesday.
So-called market access rules, introduced after the May 2010 "flash crash" wiped 700 points from the Dow Jones industrial average in minutes, require brokers to put in place risk controls to prevent the execution of erroneous trades or orders that exceed pre-set credit or capital thresholds.
"The market access rules are generally being complied with," said Rick Ketchum, the chief executive of the Financial Industry Regulatory Authority, the industry-funded Wall Street watchdog.
"There is still a lot to be done in building the right type of belt and suspenders around market access controls."
The market access rule went into effect in 2011. But regulators at FINRA and the Securities and Exchange Commission stepped up their scrutiny of firms' compliance last year after a software error at Knight Capital caused 4 million orders to flood the market over a 45-minute period.
The mistake led to $440 million in losses and eventually forced Jersey City, New Jersey-based Knight to seek investors to help it stay afloat.
The firm was later bought by Chicago-based Getco Holding Co for $1.4 billion in a deal that closed in July.
Earlier this year, Knight, which is now part of KCG Holdings Inc, settled civil charges levied by the SEC and paid $12 million over alleged violations of the market access rule.
Susan Axelrod, the executive vice president of regulatory operations at FINRA, said FINRA has seen firms taking more "cautionary actions" in the wake of the Knight incident.
But for those who still face compliance problems, Axelrod outlined a list of the most common problems documented by examiners.
Among the most frequent findings, she said, were a lack of proper supervision, having inadequate pre-trade capital or credit thresholds and allocating certain risk management controls to their customers without proper documentation.
"While these things may seem to be procedural or not significant, not having the right controls in place in this space can really result in some significant, serious activity," she said.
Reporting by Sarah N. Lynch; Editing by Krista Hughes