Knight Capital Group: Knight Capital loses $440M in 45 minutes from incomplete software deployment
A manual software deployment to NYSE's Retail Liquidity Program (RLP) servers updated 7 of 8 production servers; the 8th still ran legacy code that reactivated a dormant test routine ("Power Peg") which placed millions of unintended orders.
2 of the 4 practices that failed in this incident are part of the Sentinel-10 — the engineering protocols Concordance flags as most degraded under AI-accelerated development.
This incident pre-dates today's AI-velocity surge. The thesis is that the same practices that failed here will fail faster under AI velocity if not actively governed. Read the Velocity Governance thesis →
Impact
Knight Capital Group lost $440M in 45 minutes — more than the company's entire previous-year profit. Forced sale of the firm to Getco within months. The canonical case study in deployment-process failure.
Root cause (from published RCA)
A new software release (RLPRE) was deployed to seven of eight production servers manually. The eighth server still contained code from years earlier that reactivated a dormant test function called Power Peg when a specific control flag was set. The new code repurposed that flag for a different purpose. When the release went live, the eighth server interpreted the new flag value as the trigger for Power Peg, which began placing unintended orders at maximum volume.
Concordance protocols that map to this root cause
Click any protocol to see every other indexed incident where it failed.
Primary sources
Related incidents
Other incidents that failed at least one of the same protocols.