Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

When super-weapons backfire: finding a balance between innovation and risk in financial markets

Close this video

By David TromanDavid Coolegem and Richard Watson, financial services experts

In just ten days, the world’s financial markets saw four highly damaging disruptions. On 16 August, the Shanghai equity market’s composite index jumped 5.6% in a matter of seconds. A few days later, Goldman Sachs lost a reported $100 million in 17 minutes through erroneous derivative orders. Just two days after that, NASDAQ experienced a three-hour blackout that saw trade suspended in stocks including Apple, Google and Facebook. And as markets settled in the US, the European derivatives exchange, Eurex, was forced to halt trading for an hour.

At the heart of all these issues lay a simple cause: software ‘gone wrong’. Shanghai’s flash rally was blamed on Everbright’s trading algorithm. The problem at Goldman Sachs was created by the internal computer system. The disruption at NASDAQ appears to have been a connection problem with another exchange. And the issue at Eurex was down to corrupted data caused by a system malfunction. For market participants, the rush to benefit from technical innovation – including the new ‘super-weapons’ of automated trading – has opened them up to regulator fines, drops in share price, heavy losses caused by erroneous trades and, often inflicting greater long term damage, a loss in trust. As recent events show, there is a fine balance between technical innovation and financial risk.

To take control and profit from financial super-weapons, you need to take the time to avoid self-destruction. In practice, this means focusing your attention on three areas: rigorous testing, IT empowerment and IT assurance.

Making time for rigorous testing

If you have developed new code that has the promise of generating sizable returns, you naturally want to put it into production as soon as possible. But choosing speed-to-market over care and attention can seriously backfire.  For this reason, you should take the time to test and assure your code as thoroughly as possible. With proper planning and expertise, the delay can be minimised. In any case, a short delay is better than a catastrophic loss.

Giving IT the power to say no

As with the desire to cut corners on testing, firms often give their IT departments aggressive timetables to create new technology. It becomes more important to beat the competition than to develop watertight software.  As a result, the risk of technical errors increases. To counteract this, firms must ensure they have a robust deployment policy in place. This needs to be overseen by an IT department empowered to ‘speak up’ and challenge operational management where necessary. 

Flushing out potential issues

The longer a technical failure lasts, the greater the damage, which is devastating in a world where every second means millions of dollars. Running an appropriate IT assurance programme at a regular frequency, and with the right level of thoroughness, helps you flush out potential issues. This provides management and stakeholder assurance that the systems will perform as intended and expected.

Taking these steps helps both regulator and market participant minimise the likelihood and impact of IT glitches. 

At PA, we bring together teams with experience across a variety of fields to work with exchanges, sell-side and buy-side firms to ensure appropriate risk mitigation is in place. This includes gauging systems readiness and undertaking future proofing. 

To find out more, contact us now.


Contact the financial services team

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.