Knight Capital Americas was one of the largest market makers in U.S. equities. On the morning of August 1, 2012, a software deployment gone wrong turned that market access into a self-inflicted financial catastrophe. The SEC’s order instituting administrative and cease-and-desist proceedings (Release No. 34-70694, October 16, 2013) lays out the sequence in detail and remains the authoritative primary account of what happened.
According to the SEC order, Knight had repurposed a flag in its order router that had previously triggered old, defunct functionality known as “Power Peg.” When Knight deployed new code to its eight production SMARS servers to handle a new exchange program, the new code was copied to only seven of the eight servers. On the eighth server, the repurposed flag instead reactivated the dormant Power Peg logic. Power Peg had been designed years earlier to buy high and sell low to test other systems, and a counter that was supposed to stop it from sending child orders had been moved earlier and was no longer functioning on that path.
When the market opened, incoming parent orders routed to the eighth server triggered Power Peg, which sent a torrent of child orders without ever recognizing they had been filled. The SEC found that in roughly 45 minutes Knight sent millions of orders into the market, resulting in over 4 million executions in 154 stocks for more than 397 million shares. Knight took on a multi-billion-dollar unwanted position and ultimately lost over 460 million dollars.
The order also describes how the firm’s incident response made things worse. Engineers, seeing error messages, removed the new code from the seven correctly updated servers, which left the faulty Power Peg behavior running unchecked on the rest. Knight had no automated kill switch and no pre-deployment control that would have caught code being copied to only seven of eight servers.
The SEC charged Knight with violating Rule 15c3-5, the Market Access Rule, finding that the firm lacked adequate risk-management controls and supervisory procedures to manage the financial and regulatory risk of its market access. Knight agreed to pay a 12 million dollar penalty. The episode became a textbook case in deployment discipline, dead-code removal, and the danger of letting fast automated systems run without hard limits. It is studied alongside other lessons in root-cause-analysis and automated-trading-risk.