By Jason Quinn
While running surveillance analytics in real-time has the benefit of alerting on transactions as soon as possible, they also run the risk of generating alerts that subsequent updates (amendments, cancellations, balances or position information) may reveal to be false positives. Running analytics on an intraday/end-of-day basis provides the benefit of hindsight to prevent such potential false positives, but delays the detection, remediation and damage limitation of real trading violations.
This white paper discusses some performance and programming considerations in implementing real-time surveillance analytics to address this dilemma. The analysis focuses on investigating real-time alert logic being run on either a real-time basis (i.e. as soon as the transaction is received in the streaming feed), or those run on an intraday basis (i.e. transactions are held and bulk-investigated at fixed frequent intervals during the day) to allow for hindsight analysis or net calculations. It outlines an approach based on high-frequency intraday execution points that combines the benefits of both within acceptable compromise levels
To read the whitepaper and view the associated code please click on this link