CASE · 01
Regulated venue · EU
Outcome
Inventory consolidated in 40 days, evidence ready for external audit.
Service · Trading
Trading system management
We supervise the operational surface of trading platforms — limits, exposure, kill-switches — with an explicit controls inventory and an auditable trail per decision.
Why it matters
Trading platforms accumulate hundreds of controls over the years. A consolidated inventory rarely exists, and when the regulator asks for evidence the team reconstructs history by hand.
GuardTech keeps the inventory alive: every control has declared scope, trigger, and remediation, and every execution is recorded with enough context for external review.
What's included
- Consolidated inventory of risk and operational controls
- Limits per account, product, and desk with automated alerts
- Kill-switches with dual approval and an immutable trail
- Latency and throughput monitoring per venue
- Detection of atypical orders and cancellation behavior
- Versioned operational runbooks with explicit owners
- Scheduled regulatory reports with signing
- Evidence portal for external audits
Controls inventory
| Control | Scope | Trigger | Remediation |
|---|---|---|---|
| Desk exposure limit | All active desks | Exposure >90% of limit | L1 alert + new-order block |
| Product kill-switch | Regulated products | Manual or auto trip | Mass cancel with dual approval |
| Per-account order throttle | Retail and pro accounts | Orders/s above baseline | Progressive throttle + review |
| Wash-trading detection | Self-matching books | Match between related accounts | Quarantine + investigation |
| Pre-trade validation | Primary routes | Order outside price window | Rejection + notification |
| Per-venue latency monitor | Primary venues | P99 above SLA | Failover to secondary venue |
How we implement
Current-state audit
We inventory existing controls, owners, and evidence gaps.
Inventory consolidation
We publish the single inventory with scope, trigger, and remediation per control.
Operational onboarding
We train L1/L2 teams and activate versioned runbooks.
Evidence integration
We wire the evidence portal for internal and external reviews.
Continuous operation
We review limits, thresholds, and incidents monthly with the team.
Evidence package
Full controls inventory, execution samples, and mapping to ISO 27001, SOC 2, and local frameworks.
Questions
Frequently asked
What does a trading controls inventory include?
Every active control with declared scope, trigger, owner, remediation path, and last-tested date. Risk limits, kill-switches, pre-trade validations, throttles, and reconciliations all share the same evidence schema.Are kill-switches and dual approval really live, not paper controls?
Yes. Kill-switches require dual approval at trip time, and every trip leaves an immutable audit trail with operator identity, justification, and downstream cancellation receipts.Does this satisfy SOC 2 Type II and ISO 27001 control evidence?
Controls are mapped to SOC 2 (CC and processing-integrity), ISO 27001 (A.8 / A.12 / A.16), and applicable local trading frameworks. Evidence portal exports auditor-ready bundles for external review.
Related cases
CASE · 02
Multi-asset operator · LATAM
Outcome
63% reduction in regulatory reporting prep time.
Ready to review the evidence?
Send scope and jurisdictions and we'll return in 48 hours with the applicable package.