SFC Algorithmic Trading Regulation: Risk Control Requirements for High-Frequency Trading

In January 2025, the Securities and Futures Commission (SFC) published its thematic review findings on algorithmic and high-frequency trading (HFT) activities in Hong Kong’s equity and derivatives markets. The report identified material gaps in pre-trade risk controls across 12 licensed corporations (LCs) subject to on-site inspections, with 8 of those firms requiring remedial action within 60 days. This regulatory focus comes as the SFC estimates algorithm-driven trades now account for over 55% of total turnover on the Stock Exchange of Hong Kong (SEHK), up from approximately 40% in 2021. For any firm deploying, modifying, or relying on automated order generation, the 2025 review signals a clear shift from principle-based guidance to prescriptive, auditable standards. The SFC now expects boards and senior management to treat algorithmic trading risk controls as a core governance function, not a back-office IT concern. Failure to comply invites enforcement under the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (the Code of Conduct) and potential suspension of trading access.

The Regulatory Framework for Algorithmic Trading in Hong Kong

The SFC regulates algorithmic and high-frequency trading through a layered structure of statutory powers and codes. The primary instrument is the Code of Conduct, specifically Paragraphs 5.6 to 5.9, which impose obligations on licensed corporations to maintain effective systems and controls for electronic and algorithmic trading. These provisions apply to any firm that uses an algorithm to generate, route, or execute orders, whether for proprietary trading, market making, or client execution.

Scope of Application: Who Is Caught by the Rules

The SFC’s definition of algorithmic trading under the Code of Conduct is broad. It covers any trading system where an algorithm determines one or more of the following: order timing, price, quantity, or routing instructions. This includes high-frequency trading strategies, smart order routers, and automated market-making systems. The 2025 thematic review confirmed that the SFC applies this definition to both direct market access (DMA) and sponsored access arrangements.

Firms must note that the obligations extend to third-party algorithms. If an LC provides clients with an algorithmic trading platform — even if the client designs the strategy — the LC remains responsible for all pre-trade and post-trade risk controls. The SFC made this clear in its 2023 circular on electronic trading, which stated that “the ultimate responsibility for compliance rests with the licensed corporation, not the client or the algorithm developer.”

Key Regulatory Instruments and Their Interaction

Three regulatory instruments form the compliance baseline. First, the Code of Conduct sets out general principles and specific requirements. Second, the SFC’s 2019 “Guidelines on Electronic Trading” provide detailed expectations for system resilience, kill-switch functionality, and real-time monitoring. Third, the HKEX’s “Rules of the Exchange” impose additional requirements for order-to-trade ratios, message throttling, and price banding.

The interaction between these instruments creates a compliance hierarchy. The Code of Conduct establishes the minimum standard. The Guidelines on Electronic Trading interpret that standard for operational contexts. HKEX rules impose exchange-specific obligations that can exceed the SFC baseline. In practice, firms must comply with the most stringent requirement across all three sources. The 2025 thematic review cited instances where LCs met the Code of Conduct’s general provisions but failed HKEX’s specific message-throttling limits — a gap the SFC treated as a compliance failure.

Pre-Trade Risk Controls: The SFC’s 2025 Expectations

The 2025 thematic review identified pre-trade risk controls as the single weakest area across inspected LCs. The SFC found that 7 of the 12 firms lacked automated price collars, 5 had no order-size limits, and 4 did not perform real-time credit checks before order submission. These findings have direct consequences for any firm seeking to maintain or obtain an SFC license for algorithmic trading activities.

Mandatory Price Collars and Order-Size Limits

The SFC now expects all algorithmic trading systems to implement automated price collars that reject orders outside a pre-defined percentage range from the last traded price or the prevailing bid-ask spread. The 2025 review specified that these collars must be calibrated by instrument type, market volatility, and trading session. A fixed 10% collar applied uniformly across all stocks is no longer acceptable.

Order-size limits must operate at two levels. First, a hard cap on the maximum order quantity per single submission, expressed in both number of shares and notional value. Second, a cumulative limit on total open orders from the same algorithm across all instruments. The SFC’s 2024 consultation paper on electronic trading proposed that these limits be set at the board level and reviewed quarterly, with any relaxation requiring documented justification and senior management sign-off.

Real-Time Credit and Position Checks

For firms engaged in proprietary algorithmic trading, the SFC requires real-time integration between the trading system and the firm’s risk management system. This integration must prevent order submission if the algorithm’s intraday position would exceed the firm’s capital allocation or credit limits. The 2025 review noted that several LCs relied on end-of-day position reconciliation, which the SFC deemed “materially deficient” for HFT strategies.

The technical requirement is specific: the trading system must query the risk system before every order submission, with a latency threshold that does not materially impair the algorithm’s performance. For HFT firms operating in microseconds, this creates a genuine engineering challenge. The SFC has acknowledged this tension but maintains that latency cannot be a justification for bypassing risk controls. Firms must demonstrate, through documented testing, that their pre-trade checks operate within the algorithm’s latency budget.

System Resilience and Kill-Switch Requirements

The SFC’s 2025 review placed renewed emphasis on system resilience, particularly the design and testing of kill-switch mechanisms. The regulator found that 3 of the 12 inspected LCs had kill switches that could not be activated within 30 seconds of a system anomaly — a benchmark the SFC considers the maximum acceptable threshold for retail-facing algorithmic trading systems.

Kill-Switch Design and Activation Protocols

Every algorithmic trading system must have a physical or logical kill switch that can immediately cancel all outstanding orders and prevent new submissions. The kill switch must be accessible to at least two independent personnel, one of whom must be outside the trading team. The SFC’s 2023 circular on electronic trading explicitly stated that the kill switch “must not require the algorithm developer or the trader responsible for the strategy to be the sole person authorised to activate it.”

Activation protocols must be documented and tested quarterly. The 2025 review required LCs to demonstrate that kill-switch drills include scenarios where the primary data feed fails, the exchange gateway disconnects, or the algorithm produces erratic orders. Firms that outsource system hosting to third-party data centres must ensure that the kill switch remains functional during network segmentation or DDoS mitigation events.

Capacity Testing and Order-to-Trade Ratios

The SFC expects LCs to conduct capacity testing that simulates at least twice the peak order volume observed in the preceding 12 months. This requirement applies to both the firm’s internal systems and any external connectivity to HKEX. The 2025 review cited one LC that had not updated its capacity test in 18 months despite a 300% increase in order volume — a finding the SFC described as “a serious governance failure.”

HKEX’s order-to-trade ratio rules complement the SFC’s capacity testing requirements. The Exchange imposes a maximum ratio of 50:1 for most algorithmic trading participants, with stricter limits of 20:1 for market makers. Firms that exceed these ratios face automatic message throttling and potential suspension of DMA privileges. The SFC expects LCs to monitor their order-to-trade ratios in real time and implement automated alerts when the ratio approaches 80% of the HKEX limit.

Governance, Record-Keeping, and Senior Management Accountability

The 2025 thematic review marked a decisive shift in the SFC’s enforcement approach: senior management is now directly accountable for algorithmic trading controls. The SFC stated that it will hold responsible officers (ROs) personally liable for failures in system design, testing, or monitoring, even if those failures result from third-party vendor software.

Board-Level Oversight and Algorithm Approval Processes

The SFC expects each LC’s board of directors to approve a written algorithmic trading policy that covers strategy development, testing, deployment, and decommissioning. The policy must specify the governance structure for approving new algorithms or material modifications to existing ones. The 2025 review recommended that this approval process include a sign-off from the head of risk management, the head of compliance, and the relevant RO.

Material modifications include any change that alters the algorithm’s order generation logic, risk control parameters, or market connectivity. The SFC considers changes to latency optimisation, order routing preferences, or execution algorithms as material. Firms must maintain an audit trail for every algorithm version, including the date of approval, the approving committee, and the results of regression testing.

Record-Keeping Requirements Under the Code of Conduct

The Code of Conduct requires LCs to maintain records of all algorithmic trading activity for a minimum of seven years. The 2025 review clarified that this includes not only order and trade data but also system logs, algorithm source code (or equivalent specifications for proprietary strategies), and all testing results. The SFC expects records to be retrievable within 24 hours of a regulatory request.

For HFT firms, the record-keeping burden is substantial. The SFC requires tick-level data with nanosecond timestamps for all order submissions, modifications, and cancellations. Firms must store this data in a format that allows the SFC to reconstruct the algorithm’s behaviour for any given trading session. The 2025 review noted that several LCs stored data in proprietary formats that could not be read by the SFC’s examination tools — a deficiency the regulator treated as a breach of Paragraph 5.7 of the Code of Conduct.

Third-Party Vendor Due Diligence

The SFC expects LCs to conduct independent due diligence on any third-party vendor supplying algorithmic trading systems, risk control modules, or market connectivity. The 2025 review specified that this due diligence must include a review of the vendor’s system architecture, security protocols, and testing methodologies. LCs cannot rely on vendor certifications alone; they must conduct their own independent testing of the vendor’s systems.

The SFC also requires LCs to maintain contractual rights to audit the vendor’s systems and records. The 2023 circular on electronic trading stated that “a licensed corporation cannot outsource its regulatory obligations, and a vendor’s refusal to permit an audit will be treated as a compliance failure by the LC.” Firms using cloud-based algorithmic trading platforms must ensure that their cloud service agreement includes provisions for on-site inspections by the SFC.

Actionable Takeaways

• Review your algorithmic trading policy against the SFC’s 2025 thematic review findings, ensuring that pre-trade price collars and order-size limits are calibrated by instrument type and trading session, not applied uniformly.
• Implement real-time integration between your trading system and risk management system to prevent order submission when intraday positions exceed capital allocation or credit limits.
• Test your kill-switch mechanism quarterly with at least two independent activation personnel, and document all drills including scenarios for data feed failure, gateway disconnection, and erratic order generation.
• Maintain tick-level order data with nanosecond timestamps for seven years in a format readable by SFC examination tools, and ensure algorithm source code or equivalent specifications are retrievable within 24 hours.
• Conduct independent due diligence on all third-party algorithmic trading vendors, including contractual rights to audit their systems, and document your own testing of vendor-supplied risk controls.

本文不構成法律建議。涉及個人案件請諮詢持牌律師。