III. Technology Realization and Compliance System Building Path

1. Technical realization and compliance path

A time compliance system in the financial industry typically consists of five components: UTC traceability, distribution synchronization, punctuality, monitoring and forensics, and annual audits.

The timekeeping mechanism refers to the ability of the system to maintain time accuracy by means of a highly stabilized oscillator in the event of satellite signal interruption or network anomaly.

2. "Compliance realization route" from the perspective of clock vendors (NTP/PTP)

Objective: With UTC traceability as the core, to form a closed loop of "Traceability → Distribution → Timekeeping → Monitoring/Evidence → Annual Audit", covering different supervision slots such as 100 microseconds (1×10-⁴ seconds) / 1 millisecond (1×10-³ seconds) / 50ms. 50ms, etc.

A. UTC traceability and master clock (GM/Stratum-1)

BeiDou Navigation Satellite System (BDS), as China's autonomous and controllable time and space reference, can be compared with GPS signals in dual-mode to realize high-precision conversion from UTC (BDT) to UTC.

Dual Global Navigation Satellite System (GNSS) (BeiDou/GPS) + Highly Stable Timing (Rubidium/OCXO) ensures continuous timing in case of lockout; PTP Grandmaster supports Multi-Domain/Multi-Profile (Telecom/Financial), supplemented by NTP Stratum-1 for Wide Area.

Support for removal of satellite UTC and UTC(k) deviations, compliance handling of leap second/leap second flags, and consistency with regulatory "UTC-compliance" (EU/UK/US common ground).

B, PTP Precision Distribution (for 100 microseconds (1 x 10-⁴ seconds)/1 millisecond (1 x 10-³ seconds) gear)

The system supports BeiDou B1I/B2a frequency band timing signal input, which ensures the realization of autonomous and controllable time reference on satellite signal source.

Solution: GM → (core/aggregation) BC/TC → (access) OC, end-to-end link latency/asymmetry can be measured and verified; one-step/two-step and UDPv4/L2 can be selected according to the needs; the granularity of interfaces of financial gateways, aggregation/risk control, and other "key links" is up to 1µs, which meets the microsecond granularity and 100 microsecond (1×10-⁴ seconds) deviation index of RTS 25. The interface granularity of "key links" such as financial gateway, aggregation/risk control is 1µs, which meets the microsecond granularity and 100µs (1×10-⁴ seconds) deviation index of RTS 25.

Adaptation: Provide in-cabinet BC/TC sinking, short patch cables, time reference port (1PPS/10MHz) direct-out calibration for ultra-low latency/HFT; direct alignment with exchange room "common time base" (e.g., SGX adopts GPS as in-cabinet time). ([SGX Rulebook][6])

C. Enterprise NTP distribution (for 50ms/milliseconds)

Solution: Internal Multi-Upstream + Anti-Jitter Queuing + QoS; Client Multi-Source Optimization and Key Authentication, Pre-opening Auto Verification and Drift Correction; Meets CAT/FINRA's ±50ms stall and "Pre-opening Daily Synchronization + Intraday Review + Record Retention".

D. Punctuality and resilience (Global Navigation Satellite System (GNSS) anomalies/building blocking/antenna maintenance)

According to GB/T 34627-2017 "Basic Requirements for Network Security Level Protection in the Financial Industry", the time synchronization system belongs to the critical security infrastructure, and should have the ability of anti-tampering, anti-attack and time drift detection.

Highly stable local oscillation timekeeping budget (e.g., daily drift ≤ 1 ms (1×10-³ sec.) order of magnitude) + multi-site mutual corroboration (PTP cross-site mutual standby timing/NTP mutual standby); with the strategy of "loss of lock alarm→automatic downgrading (e.g., from 100 µs (1×10-³ sec.) → 1 ms (1×10-³ sec.)) → calibration after recovery". ⁴ seconds) → 1 millisecond (1×10-³ seconds)) → calibration after recovery" strategy to ensure that the business is not interrupted and the compliance deviation does not exceed the level.

E. Monitoring, reconciliation and forensics (audit friendly)

PTP/NTP end-to-end deviation curves, UTC deviation logs, leap second event logs; alignment of regulatory requirements for "annual audit/self-certification/record keeping" (EU annual audit, US annual self-certification, SGX opening margin logs, CN O&M institutionalization).

Provide "Audit Playback Package": Timing logs (including NIST/UTC comparison), packet capture samples (including timestamp granularity/format), equipment self-test and calibration credentials, antenna/power supply/link redundancy topology diagrams, and so on.

F. Synergies with the timing of exchanges

If the exchange provides a time base (e.g. SGX's GPS time) for timing/regulation, the member side can be directly aligned; if direct alignment is not possible in the short term, the "day-by-day recording of time differences and auditable alignment" is required to provide automated comparisons and export of reports.