Large Global Bank Uses Data Controls for Electronic Trading Analytics


100%

increase in data science productivity by helping segregate access to sensitive data.


$2.25M

in annual on-prem costs saved by accelerating a secure cloud migration.

Default alt text

About the bank

This universal bank provides personal and corporate banking services to millions of customers worldwide. Its broker-dealer (BD) business line offers execution services to institutional clients, requiring routine handling of sensitive and confidential data from multiple sources. With tens of billions in annual revenue and dozens of high-profile clients, implementing comprehensive data privacy and security measures is paramount in delivering the top-notch service customers have come to expect.

Challenge

The bank’s BD is legally responsible for ensuring controls are in place to manage conflicts of interest and prevent traders from misusing confidential client information for personal or corporate gain. Regulators require that information barriers exist between different trading desks or business units, but many institutional clients demand additional safeguards to ensure orders and trades remain confidential. BDs must ensure sufficient controls are in place to comply with these contractual provisions.

However, since they rely on a combination of human and machine execution channels while each execution varies based on market conditions, client requirements and cost, it was difficult for BDs to apply controls that would reliably and adequately protect sensitive data, particularly at scale.

The bank’s electronic trading teams used a common data science platform to develop tools allowing it to act both for the bank’s own benefit as a principal and on behalf of its clients in an agency capacity. In doing so, they had to manage the inherent conflicts of interest, which further complicated the data access control application and privacy assurance.

Solution

To help data engineers efficiently manage conflicts of interest, minimize risk at scale, prevent the misuse of client information and adhere to strict contractual and licensing agreements, the bank needed an all-in-one solution–not a patchwork collection of disparate tools.

To meet these strict regulatory and contractual requirements, the bank enlisted Immuta to help with the following:

  • To ensure that analytical processes for principal and agency activities never cross paths, the bank relied on Projects, Immuta’s controlled workspaces, for collaboration. With Projects, data engineers could segregate, manage, and audit analytical activities, allowing a data science team to work across both principal and agency projects without raising conflicts of interest.
  • Traders are prohibited from seeing pending client orders, but in order to continuously monitor and refine electronic trading model algorithms, the electronic trading desks need anonymized client transaction data. Immuta’s combination of attribute- and purpose-based access control dynamically applied anonymization techniques and time-based controls of client execution data, enabling ongoing risk management and model optimization.
  • Immuta’s dynamic access controls were also used to shield clients’ identities to ensure information was shared only on a need-to-know basis and to avoid conflicts of interest through order execution.
  • For clients who opted out of allowing their transaction data to be included in published aggregate trading volumes or in data sets used to refine electronic trading models, data engineers implemented Immuta’s row-level redaction functionality.
  • The bank’s electronic trading groups continuously receive and store market data, which is subject to licensing arrangements dictating its use and distribution. Using Immuta’s unified audit logs and automated reports to monitor and show who accessed what data, when, and for what purpose was key to proving compliance both from a regulatory and a contractual standpoint.

Results

Before implementing Immuta, this bank relied on two separate data science teams to mitigate conflicts of interest between its agency and principal activities. With Immuta, data engineers could segregate data sets and apply dynamic protections, allowing the bank to combine the data science teams and increase data science productivity by 100%. Meanwhile, by accelerating its cloud migration, the bank saved an estimated $2.25M in annual on-prem costs.

Using Immuta’s fine-grained access control, the bank could guarantee that clients’ confidential trading data would not be misused. This provided a competitive advantage in winning additional institutional trading mandates.

The bank was able to ensure and verify that exchange and market data was used in accordance with contractual terms. With Immuta’s audit logs and automated reports, scheduled and ad hoc data licensing audits that used to take weeks can now be accomplished in hours.