Having already suffered millions of dollars in losses from a trading glitch that caused chaos on Aug. 1 of last year, Knight Capital will now also have to cough up $12 million to the Securities and Exchange Commission.

The SEC this week announced that the firm would pay the fine to settle charges that it violated the agency's market access rule. This is the SEC's first enforcement action under that rule, which was adopted in 2010.

An SEC investigation found that Knight Capital “did not have adequate safeguards in place to limit the risks posed by its access to the markets,” and failed as a result to prevent the entry of millions of erroneous orders.  It also failed to conduct adequate reviews of the effectiveness of its controls, the Commission says.

According to the SEC, Knight Capital made “critical technology missteps” involving software that led to the trading incident. During the first 45 minutes after the market opened on Aug. 1, its router rapidly sent more than 4 million orders into the market when attempting to fill just 212 customer orders.The firm traded more than 397 million shares, acquired several billion dollars in unwanted positions, and eventually suffered a loss of more than $460 million.

The SEC also found that an internal Knight Capital system generated 97 automated emails that went to personnel and identified a related error before the markets opened on Aug. 1. These were not immediately responded to, however. Although the firm did not design these messages to be system alerts, they nevertheless provided an opportunity to identify and fix the problem before the markets opened.

The SEC's order charges Knight Capital with violating the market access rule in the following ways:

Failing to have adequate controls at a point immediately prior to its submission of orders to the market.

Relying on financial risk controls that were not capable of preventing the entry of orders that exceeded pre-set capital thresholds for the firm in the aggregate.

Not having sufficient controls and written procedures to guide employees' responses to significant technological and compliance incidents.

Failure to adequately review business activity in connection with its market access to assure the overall effectiveness of its risk management controls and supervisory procedures.

Its assessment largely focused on compiling an inventory of existing controls and ensuring they functioned as intended, instead of focusing on such risks as possible malfunctions in its automated order router. 

The SEC's order also charges Knight Capital with violations of Regulation SHO, which requires the proper marking of short sale orders and locating of shares to borrow for short sales.

In addition to its $12 million penalty, the firm agreed to retain an independent consultant to conduct a comprehensive review of the firm's controls and procedures to ensure compliance with the market access rule.  Without admitting or denying the findings, the firm consented to the SEC's order.