R2. Pricing & Execution Incident Response Runbook¶
Internal Use Only – Operational Reference
This material is for internal training, handover, and authorised operational reference. Reading this material does not grant permission to perform controlled actions.
This is not a legacy Bridge operating guide. It must not contain page names, menu paths, button names, internal URLs, screenshots, fixed configuration parameters or copyable technical steps from any current or previous execution system.
When system action is required, use system-neutral wording: the Dealer verifies approved status, preserves evidence, escalates exceptions, confirms the result, and completes handover. Actual system controls may be applied or removed only by authorised personnel through the current authorised system. Escalate if the system result differs from the approved instruction.
Operating Authority Boundary¶
- Dealer may identify, verify, preserve evidence, escalate, monitor, and complete handover.
- Only personnel explicitly authorised for the specific action may execute it.
- Dealer must not independently modify orders, adjust client risk status, apply event controls, restore accounts, inject or remove Credit, or communicate internal control logic to clients.
1. Purpose & Authority Boundary¶
R2 is an incident-response and coordination runbook for abnormal pricing, execution, order and client-dispute situations. It defines what must be identified, preserved, classified, escalated, approved, executed by authorised operators, validated and handed over.
R2 does not authorise a Dealer to delete, restore, amend or financially adjust orders. Order deletion, order recovery, order correction, balance repair, credit injection or withdrawal, and restoration of client trading access are Admin / Manager back-office actions that require approval and authorised execution.
2. Incident Classification¶
Classify the incident by observable impact before proposing any action:
| Incident type | Examples | Primary evidence |
|---|---|---|
| Pricing abnormality | Abnormal spike, stale quote, inconsistent quote across sources | Quote timestamps, chart screenshots, reference market, affected symbols |
| Execution abnormality | Delay, rejection, timeout, abnormal fill sequence | Order report, execution timestamps, system status, event context |
| Order dispute | Client questions trigger, fill, close-out or correction | Order ID, account, server time, order lifecycle, client statement |
| System impact | Multiple symbols, accounts, or platforms affected | System health evidence, scope list, incident timeline |
| Recovery action required | Order, balance, credit or trading-access adjustment may be needed | Approved decision record, impacted-order classification, pre/post-action records |
Classification is factual. It does not decide compensation, client communication or recovery method.
3. Role & Authority Matrix¶
| Role | Responsible for | Must not do |
|---|---|---|
| Dealer | Identify abnormal pricing, execution, order or dispute signals; preserve evidence; extract Order Report, Closed Trade Report or equivalent authorised reports; define affected account, time and symbol scope; classify orders; submit escalation; follow up approved execution results; complete handover and incident notes | Delete, restore or amend orders; repair balance; inject or withdraw credit; restore trading access; decide compensation or processing outcome; explain internal order-handling logic externally |
| Admin / Manager Operator | After clear approval, execute authorised back-office actions through the current valid Admin / Manager system; preserve before-and-after records; report result and exceptions to Shift Leader / Manager | Decide scope, compensation, client messaging or risk conclusion |
| Shift Leader / Manager | Confirm impact scope; determine priority; review evidence and order classification; confirm approval status; pause further action when needed; approve or reject high-impact handling; assign reviewer, handover owner and follow-up owner | Allow uncontrolled action without evidence, approval and record |
| IT | Investigate quote, data source, server, log, network, environment or execution-chain abnormalities; provide technical findings; assist recovery confirmation | Decide client order, compensation or risk-handling conclusion |
| Client Communication Owner | Handle client announcement, explanation, compensation communication or external wording using approved language | Disclose internal control logic, back-office method, system details or blame attribution |
4. Immediate Stabilisation Actions¶
- Stop speculative conclusions and preserve the current state.
- Confirm whether the issue is still active, recovering or already resolved.
- Identify affected symbols, accounts, time range, order types and platforms.
- Notify Shift Leader / Manager if client impact, financial impact, repeated order impact or system-wide impact is possible.
- If temporary execution control is approved, Dealer confirms the approved scope and responsible authorised operator; actual system control must be applied only by authorised personnel through the current authorised system.
- If the system result differs from the approved instruction, stop further action and escalate immediately.
5. Evidence Preservation¶
Preserve evidence before any recovery action:
- order report or closed-trade report;
- account, symbol, order ID, direction, volume, open time, close time and trigger condition;
- quote, chart and timestamp evidence;
- system status and execution-status evidence available from authorised tools;
- client complaint or internal observation record;
- event calendar and market context;
- approval record, handler, reviewer and handover owner.
Evidence must be sufficient for a later reviewer to reconstruct what happened without relying on memory.
6. Escalation and Approval Matrix¶
| Situation | Escalation required | Approval required before action |
|---|---|---|
| Single order requires factual review only | Shift Leader if uncertain | Not required for evidence collection |
| Multiple affected orders or accounts | Shift Leader / Manager | Required before any recovery action |
| Balance, credit or trading-access recovery | Manager | Required |
| Potential client compensation or external explanation | Manager and Client Communication Owner | Required |
| System result differs from approved instruction | Shift Leader / Manager and IT | Required before continuing |
| Scope expansion beyond original review | Manager | Required |
7. Affected Order Extraction and Classification¶
Dealer prepares the affected-order list using approved reports or equivalent authorised data.
At minimum, classify:
- mispriced opening order;
- mispriced closing order;
- mispriced stop-loss / take-profit trigger;
- mispriced stop-out;
- abnormal pending-order trigger;
- order involving both incorrect opening and incorrect closing;
- disputed order caused by pricing, execution or system abnormality.
Each row should include account, order ID, symbol, direction, volume, relevant timestamps, observed issue, evidence reference and proposed review category.
8. Authorised Admin / Manager Order Recovery Actions¶
Dealer does not perform order recovery actions independently.
Where order deletion, restoration, correction or other back-office handling is approved, it must be performed by an authorised Admin / Manager Operator through the current valid back-office system, according to the approved handling plan.
Before action:
- confirm approval record and exact scope;
- confirm affected orders and accounts match the approved list;
- save the pre-action report or state;
- confirm rollback or correction review owner where applicable.
After action:
- save the post-action record;
- compare result against the approved instruction;
- report exceptions immediately;
- update incident record and handover.
9. Balance, Credit and Trading Access Recovery Controls¶
Balance repair, credit injection or withdrawal, and restoration of client trading access are high-impact back-office controls.
They require:
- approved financial or access decision;
- affected account and amount or permission scope;
- before-and-after evidence;
- authorised operator record;
- reviewer confirmation;
- clear client-communication boundary.
No Dealer may independently decide or execute these actions without approval.
10. Client Communication Boundary¶
Do not disclose internal system logic, risk-control logic, recovery method, back-office operation, system abnormality detail or blame attribution to clients, sales teams or unauthorised personnel.
All client-facing explanation, compensation wording, announcement or dispute response must be handled by the Client Communication Owner using approved language.
11. Recovery Validation¶
Validation confirms that the approved outcome, not merely a system action, has been achieved.
Check:
- affected order list matches approved scope;
- post-action reports reflect the intended result;
- no unrelated account or order was changed;
- balance, credit and trading access states match approval;
- temporary controls have been removed, restored or retained according to instruction;
- exceptions are escalated and assigned.
12. Incident Report and Post-Incident Review¶
The incident report must include:
- incident summary and timeline;
- affected symbols, accounts, orders and time range;
- evidence collected;
- factual classification;
- approvals obtained;
- actions executed by authorised operators;
- validation result;
- client communication status;
- open items and improvement recommendations.
Post-incident review focuses on control quality: evidence completeness, approval discipline, action sequencing, validation and handover.
13. Handover Requirements¶
Handover must state:
- current incident status;
- affected scope and remaining uncertainty;
- completed actions and validation result;
- pending approvals or pending recovery actions;
- assigned owner for each open item;
- next review time or trigger;
- whether IT, Risk, Manager or Client Communication Owner follow-up is pending.
14. Completion Checklist¶
- Incident classified by factual evidence.
- Affected orders, accounts, symbols and time range extracted.
- Required evidence preserved before recovery action.
- Approval record attached for any high-impact action.
- Admin / Manager Operator execution result recorded where applicable.
- Recovery validation completed.
- Client communication boundary respected.
- Handover owner and follow-up owner assigned.