About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Trade Practice Surveillance: ‘I’ll Know It When I See It’

Subscribe to our newsletter

By: Victor Naroditskiy, Head of Regulatory Solutions Engineering, EMEA, OneMarketData

Much of the Dodd-Frank Act, Market Abuse Regulation, MiFID II and trade surveillance regulations can be summarized as “Thou shalt not manipulate” or rather “Thou shalt not try to manipulate.” The Dodd-Frank Act, for example, defines spoofing in the following terms:

It shall be unlawful for any person to engage in any trading, practice, or conduct on or subject to the rules of a registered entity that… is, is of the character of, or is commonly known to the trade as, ‘spoofing’ (bidding or offering with the intent to cancel the bid or offer before execution).

The generality of regulation is not an oversight but the only practical way of describing behaviour that can be carried out in a variety of ways. Specific regulatory language would miss more creative ways of manipulation. Furthermore, language that sets specific thresholds may induce behaviour that is just within the threshold, which is not the intention. This natural lack of specificity of what constitutes a manipulative behaviour, precludes a one-size-fits-all approach to detecting violations. Firstly, there are many ways to approach trade surveillance, each with its own strengths and shortcomings. Secondly, any solution would have to be customizable as we discuss next.

Each customer’s order flow is unique and surveillance needs to be configured accordingly. Rules that trigger alerts for a manual trader are likely to result in many false positives for an HFT flow. Types of market participants and asset classes are additional dimensions that require special configuration. A spoofing detection algorithm that works for a broker’s flow may result in a deluge of false positives for a market maker. A user should be able to specify different parameter values not only for different types of flows but also for different types of tickers within a flow (e.g. for FX flow, G10 currencies may have higher thresholds).

Configuring a surveillance algorithm for a given order flow is an iterative process where the rules keep getting adjusted to filter out false positives. The number of tuneable parameters is likely to be large for more complicated alerts and tuning them takes time and effort. Machine learning techniques can help automate tuning in some cases. For regulatory reasons, all of the rule changes in a production environment should be recorded.

A complementary approach to rule-based surveillance makes heavier use of statistics and machine learning. Trader behaviour can be profiled (e.g. daily volume, positions, stocks traded can be calculated) and deviations from typical behaviour for the trader will trigger a closer examination for alerts (the insider trading alert is particularly amenable to this approach). Trader behaviour can be benchmarked not just against their own prior behaviour, but also against behaviour of other traders/accounts within the order flow and against the market. These two approaches can be used together to classify alerts into various levels of severity. A rule-based alert is assigned a higher severity level if it occurs together with an unusual behaviour of the trader. Similarly, machine learning can be applied to analyse patterns in rule-based alerts: an alert that keeps popping up gets escalated.

A surveillance platform that provides the features described above is likely to be useful beyond regulatory requirements. The same profiling, analytics and investigation tools can help analyse strengths and weaknesses of the business. In the end, it is the customer, not the vendor, who is responsible for successful manipulation detection and ensuring that surveillance is done correctly.

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: Managing Non-Financial Misconduct Under SMCR

9 October 2025 11:00am ET | 3:00pm London | 4:00pm CET Duration: 50 Minutes Non-financial misconduct—encompassing behaviours such as bullying, sexual harassment, and discrimination is a key focus of the Senior Managers and Certification Regime (SMCR). The Financial Conduct Authority (FCA) has underscored that such misconduct is not only unethical but also poses significant risks...

BLOG

How TS Imagine is Unlocking the Power of Data with AI and Snowflake

Exclusive Q&A with Thomas Bodenski, Chief Operating Officer, TS Imagine. From trading strategies to risk management and client interactions, financial institutions are continuously exploring how AI can enhance their businesses. Yet despite the hype and noise, many real-world use cases are still more promise than practice. Firms often face challenges in operationalising AI at scale,...

EVENT

RegTech Summit London

Now in its 9th year, the RegTech Summit in London will bring together the RegTech ecosystem to explore how the European capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

AI in Capital Markets: Practical Insight for a Transforming Industry – Free Handbook

AI is no longer on the horizon – it’s embedded in the infrastructure of modern capital markets. But separating real impact from inflated promises requires a grounded, practical understanding. The AI in Capital Markets Handbook 2025 provides exactly that. Designed for data-driven professionals across the trade life-cycle, compliance, infrastructure, and strategy, this handbook goes beyond...