CTO’s Blog: Yesterday’s Evi­dence mod­els were all self-​​attested.

Its worth not­ing that yesterday’s computer-​​information evi­dence mod­els were all self attested.

They were some­one tes­ti­fy­ing about some report which means “that some events hap­pened”. This evolved to a form where ulti­mately peo­ple would just jump to the con­clu­sion and if it looked cor­rect assume each sub­stage of a work­flow was oper­at­ing prop­erly… how lit­tle we under­stood fraud and decep­tion in those days from a dig­i­tal standpoint.

A prime exam­ple: Front-​​running in secu­ri­ties trading

Lets look at a real inter­est­ing phe­nom­e­non today called front-​​running in trad­ing. There has been a lot of tur­moil in the indus­try about this prac­tice where the Trad­ing Agent’s com­put­ers are pro­grammed to trade the Trad­ing Firms own shares prior to mak­ing large pur­chases on behalf of its clients. This allows the Agents to buy and sell stock they are absolutely pos­i­tive will be influ­enced by trans­ac­tions they them­selves are about to ini­ti­ate on some­one else’s behalf mean­ing that they are exposed to Insider Information.

This cre­ates a two fold prob­lem, that is that the Trader is oper­at­ing in their own self-​​interests against that of their client’s and in exer­cis­ing insider infor­ma­tion about finan­cial mat­ters the Client entity is ‘doing’ such that front run­ning is more than sim­ply uneth­i­cal, it’s also likely much more than that.

So how could you catch a firm run­ning a front run­ning process? Sim­ple, secure time stamp­ing of every­thing at every stage. For each chain link in the chain of cus­tody there must be time­stamped records and at any instant from the point that a trade order is com­mu­ni­cated and the trad­ing agent is then oper­at­ing on insider infor­maiton, they should be locked out of trad­ing that same or related stocks in the mar­ket as a peer of the client’s they represent.

Build­ing Cul­pa­bil­ity in the Dig­i­tal Domain

No longer is the out­put alone of some process enough to show “it” (the process) hap­pened prop­erly it must be capa­ble of hav­ing each key step retraced through the infra­struc­ture which processed that request and for each stage entry and exit time­stamps are necessary.

The answer to all of this is third-​​party attes­ta­tions for time-​​stamping and time man­age­ment. The Secu­ri­ties firm oper­ates under their own IT secu­rity model with the addi­tion of a third-​​party man­aged time ser­vice at the perime­ter or their net­works and inte­grated as a peer­ing attest­ing voice for each key server under time-​​service management.

For more infor­ma­tion on secur­ing cor­po­rate records and meet­ing FINRA OATS 7430 in a man­ner which can doc­u­ment no front-​​running was pos­si­ble, con­tact Cer­tichron at 800−511−2301 or email us at Sales@​Certichron.​COM.