In 2023, Openmarkets Australia was fined the largest ever penalty imposed by the?Australian Securities and Investments Commission (ASIC) of $4.5 million. Among other observations, the regulators noted that Openmarkets had not appropriately calibrated its post-trade surveillance system and that this resulted in an unmanageable volume of alerts, most of which were not reviewed.
“This outcome sends a clear message to market participants that breaches of market integrity rules will result in substantial penalties that should not be seen as a cost of doing business.”
Market Abuse and Trade Surveillance were the focus of a recent A-Team Group webinar that brought together representatives from the regulatory, market participant, and vendor communities.
The panel was moderated by Sarah Underwood, Editor at A-Team Group, and comprised Yasmin Lee, EMEA lead for Surveillance at Macquarie, focusing on trade e-comms, voice, and commodity markets; Jamie Bell, head of Secondary Market Oversight at the FCA; and Dermot Harris, Head of Regulatory Solutions at OneTick.
The webinar was conducted under Chatham House Rules; hence any quotes aren’t attributed to a specific panel member.
The Current State of Trade Surveillance
An opening audience Poll asked the question: “To what extent is your organization satisfied with its trade surveillance for market abuse?” The majority response (90%) was satisfied (53%) or somewhat satisfied (37%) with room for improvement in both cases.
Lack of regulatory clarity in other jurisdictions can make a case for investment difficult. For example, statements from regulators like the following do not help the business case; “Well, we’re not gonna obligate that you have surveillance, but, if we investigate you and we find some wrongdoing and you have gaps, then the fines will reflect that.”
Cyber risk and data security are also factors affecting trade surveillance. During the pandemic, smaller firms conducting business over the public internet were exposed to, and some suffered ransomware attacks. The message from the panel is clear; “Cyber risk is as dangerous as regulatory risk and financial risk.”
There is a trend towards hosted surveillance solutions. It is far easier to keep a hosted cloud-based surveillance system current. On-prem surveillance systems, whether third-party or homegrown, can quickly become out of date with performance falling and end-users losing confidence in the system.
The consensus from the panel is that resilience is improving. Enforcement actions by regulators are having an effect. The size of the penalties being imposed, in the tens – in some cases hundreds – of millions of dollars, is letting market participants know that “breaches of market integrity rules will result in substantial penalties.”
While firms have been making progress with upgrading their trade surveillance systems and processes there remains a lot to do, keeping systems updated and models recalibrated as regulations and front office activities change over time is a particularly challenging area.
Challenges and Solutions for Effective Trade Surveillance
A second audience Poll asked: “What are the ongoing and emerging challenges of achieving effective trade surveillance at your organization?”
By far the majority response (84%) was “Legacy systems and processes” followed by “Meeting requirements for real-time monitoring (44%).
Staying ahead of front-office innovations like algo trading, and emerging markets like crypto and carbon is a challenge for control functions. The Front Office has the budget and the incentive to innovate with the latest technologies (AI/ML) and create novel financial derivative structures. Firms can very quickly fall out of compliance as control functions struggle to adequately surveil these new AI-powered processes.
Legacy systems and processes can be hard to adapt to structural changes in market practices and meet transparency requirements.
Lack of risk model expertise outside the front office manifests itself as a lack of concern over surveillance model risk. One of two scenarios is typically encountered; in the first instance, the model is tuned to suppress alerts completely, and in the second case, the false positive rate is almost 100%.
The fear of recalibration and obsession with false positives by firms creates challenges for everyone, not least the firm itself!
When hundreds of thousands of alerts are generated per day, it is impossible for a manual system to triage everything, and true positives can go unnoticed. The ASIC case against Openmarkets cited at the top of this article highlights the risk of not recalibrating.
Firms have started to calibrate alerts, albeit reluctantly, following the FCA publication Market Watch 69. Previously, firms were demanding that vendors guarantee their default parameters meet the regulatory requirement. AI and machine learning have been an integral part of proprietary trading for many years. It is important that control functions also embrace and master these tools if they are to adequately meet their supervisory duties.
In response to an audience question about the benefits of surveillance beyond ‘mere’ compliance, panellists suggested that the broader benefits of effective trade surveillance include market confidence, a reduction in economic activity costs, and uncovering other organizational issues. The specific benefit, panellists agreed, is the firm’s ability to meet compliance requirements at a lower overall cost and improved efficiency through effective automation.
Action Item
So what should practitioners be doing?
The panel suggested that a comprehensive and up-to-date market abuse risk assessment (MARA) is the first step in establishing a comprehensive fit-for-purpose surveillance system, targeted to the identified risk profile of the firm. There is no “one size fits all” solution.
Investigations of Market Abuse cases typically lead to the discovery of one or more of the following best practices being incomplete or missing; a Surveillance system designed to meet the firm’s MARA, people, and processes capable of reacting rapidly to alerts, and an analysis of near misses (false positives). Firms that can tick all these boxes tend to fare better.
Strategies for ensuring that surveillance systems remain current and effective in detecting and preventing market abuse, include hosted solutions that leverage cloud technologies, and maintaining active engagement with vendors and regulators.
The UK FCA is leading the way in regulatory innovation and market support. The FCA Innovation Hub offers participants a Regulatory Sandbox to test product innovation in a virtual market with real customers, and Digital Sandbox offers a range of sanitized and synthetic data sets to test and develop new innovative products.
Firms should take advantage of the FCA publications including the Market Watch 69 publication on Market Abuse Regulation (MAR).
Pay attention to data and cyber security. The message from the panel is clear; “Cyber risk is as dangerous as regulatory risk and financial risk.”
Getting the skills to build and sustain a robust surveillance framework is critical. When firms are developing requirements, they must get past naive questions about how the model detects a false positive and ask about how true positives are detected, how false negatives are suppressed, and how weak cases (false positives) can be used to detect underlying trends. A False positive is a weak case that failed to meet the case for triage. These cases should not be discarded, and firms should be asking vendors to explain how their solutions make use of this data. Must-haves for a trade surveillance solution should include easy calibration, AI/ML-powered analysis of false positives, model risk management and operational security.
The panel was asked what’s coming next in Market Abuse and Trade Surveillance?
Evolving market conditions and an increasing pace of change are an acknowledged fact. The increases in complexity resulting from AI/ML enable cross-product and cross-market activity making it increasingly difficult for a human-powered parameter-driven surveillance model to keep pace.With this challenge in mind, vendors are looking at a more automated “black box” risk model that automatically adjusts alert parameters based on observed history. Vendors will have to meet transparency and explainability requirements for these models to become accepted by the mainstream and regulators.
The UK FCA has redefined the relationship between a regulator and the market it monitors, by genuinely fostering innovation through publications, development sandboxes, and access to extensive sanitized and synthetic market data. The extent to which regulators in other jurisdictions follow this example will be a factor in controlling market abuse globally.
Subscribe to our newsletter