Effective compliance with the Market Abuse Regime (MAR) is “a state of mind” that requires a series of complex situational judgements – and time pressures could cause potential problems, warned Julia Hoggett, Director of Market Oversight at the UK’s Financial Conduct Authority (FCA).
This raises a number of key concerns around compliance which demand urgent technology solutions – including around the identification of risk, the control of inside information and the importance of effective risk assessments to fight financial crime – while the upcoming Senior Managers and Certification Regime will place even more pressure on firms to upgrade their market conduct capabilities.
“The decisions you are required to make and questions you are required to answer, are often not easy, but they are critical to the integrity and health of our financial markets… Be they about what constitutes inside information; how it is it managed and released; how you ensure your traders are following the rules; or how you identify inappropriate trading behaviours within your firms,” she noted.
Speaking to the Association for Financial Markets in Europe (AFME) in London last week, Hoggett warned that a number of these judgements are extremely time sensitive, and that these pressures are only likely to increase over time.
“Let’s be clear – a regulatory system that relies on controls that work by detecting when an event has happened, will never be as effective as a system that also helps ensure that misconduct does not happen in the first place. To that end, a market relying on post hoc controls will never be as effective as a market with appropriate controls accompanied by heightened awareness – and a common understanding – of the risks and issues posed by market abuse,” she stressed.
Some of the specific issues concerning the FCA around the issue of MAR include market abuse risk identification, the differentiation between criminal and regulatory offenses, and inside information controls.
“Some risks appear blindingly obvious once they manifest, but do not occur to people beforehand. That is why developing the effective ‘conduct risk identification muscles’, is critical to protecting your businesses and ensuring our markets remain clean,” emphasised Hoggett.
She also warned of the consequences of any failure to properly assess risk, noting that not all market participants appear to be fully aware of these risks: which can cover “all forms of behaviour… from deliberate criminal wrong-doing, to regulatory wrong-doing, to errors of judgement that might not meet the definition of serious misconduct,” all of which will be investigated by the FCA as breaches of MAR where relevant.
Another worry is the control of information outside of the workplace. While a great deal of focus is currently placed on ensuring firms have information barriers to mitigate the risk of inappropriate flows of information from the private to public spheres, the FCA is concerned that firms are not displaying the same discipline when it comes to information being leaked outside the building (as opposed to being passed around within the building).
“Over time, we have come to realise that the focus firms place on information leaving the building tends to be on the controls around legitimate disclosure of information, such as through the soundings regime. Whilst we encourage firms’ efforts in this space, we need to see firms consider other ways that information could be leaked outside their building – and thereby ensure that their control framework is adequately mitigating market abuse risks holistically – be that through for example, a cyber-attack, or through their staff inappropriately sharing information outside the office,” requested Hoggett.
Inside information systems and controls are a vital element of MAR compliance and the FCA currently believes that access controls, surveillance capabilities and general mindset in this part of the business are not yet as evolved as they should be, and require more focus to resolve. “We encourage firms to think critically about the front-to-back information management that they need to have in place,” said Hoggett. “Do the systems and controls genuinely mitigate the risks of the misuse of… information?”
Firms should also remember that certain forms of market abuse are a financial crime, and they must think carefully about the inter-connectivity of surveillance tools, STORs and financial crime systems and controls. Since the FCA began engaging more actively on this topic last year, the agency has seen a decrease in the number of STORs filed – which it attributes to the offboarding of suspicious clients by certain firms. “This reflects the importance of firms undertaking effective risk assessments and considering for themselves the manner in which their systems and controls need to evolve as the risks within their businesses evolve,” urged Hoggett.
Another weakness is the surveillance capacity around market manipulation (as opposed to insider trading), and the FCA believes that there is a need to improve surveillance particularly within the non-equity space.
“The assumption that market abuse only happens in equities, still needs to be thoroughly broken,” said Hoggett. “Whilst we have seen some progress in relation to fixed income and commodity STORs, we think that the total number of STORs received in both of these areas remains low, suggesting that firms with significant business lines in these asset classes need to do more to detect and report suspicious activity. This is where we will continue to focus our supervisory attention and I would argue we still have quite a lot of work to do here.”
Overall in terms of MAR compliance, the FCA is concerned that firms are simply looking at the list of indicators of market abuse in MAR and treating that list as exhaustive, which is not the goal of the regulation. It is also worried that firms are not considering these typologies through the specific lens of the particular business that they undertake.
For example, firms using off-the-shelf calibration settings for their alert parameters are currently using ‘average peer alert volumes’ as a measure of the appropriateness of their calibration – essentially meaning that they are taking comfort from the fact that even if they are failing, they are not failing any ‘worse’ than their peers – a trap that can become an ominously self-referential cycle. Another issue is the use of inappropriate parameters when assessing fixed income alerts – it is vital that firms instead ensure that the design of their alerts is actually meaningful to the risks in the markets being surveilled.
“Firms need to undertake a proper assessment of the nature of their businesses, the market abuse risks that may arise as a consequence, and the systems and controls that are most suited to mitigate those risks,” urged Hoggett. “The FCA cares about systems and controls. However, we only care about systems and controls for one very simple reason – so that they work effectively.”
Finally, Hoggett warned that the upcoming implementation of the new Senior Managers and Certification Regime (SMCR) in December 2019 will place new pressure on firms to upgrade their market conduct compliance processes. Under the SMCR staff “must observe proper standards of market conduct” – which means that the standards of market conduct must be accurately defined. While MAR and MiFID II define what constitutes unacceptable conduct and practice, including behaviour that amounts to giving false or misleading impressions to the market, there are numerous shades of grey where the industry must implement its own controls to ensure compliance across multiple complex sectors and asset classes – and advance preparation is crucial.
As Brexit approaches, it is ever more critical that firms remain aware, up to date and accurate in their regulatory compliance approach. While the issue is complex, the FCA warns that “firms must not have gaps in their oversight” and “must remain confident that they can still see the big picture of the behaviours they are facilitating – even across multiple borders.” However, it recognises that the enormous and evolving arena of data management presents a genuine challenge around regulatory compliance – and Hoggett confirmed that this will be an area of increasing focus for the regulator going forward.
“Using… data to provide new insights into the performance of companies and markets is a valuable addition to the price formation process. However, as a result, there will no doubt be interesting regulatory questions we will have to ask ourselves in the future. We will be exploring how data is used in wholesale markets as we explore that question,” she noted. “Equally important for us now is how the technology that consumes this data evolves – and ensuring that it can do so in a safe manner.”
Implicit in this is that the quality of this data has to be continuously assessed to ensure accuracy – and the industry should expect greater enforcement of this going forward.
“Technology is only as good as the data that feeds it and the requirements and constraints to which it is put. I can see a world where seemingly ‘rational’ AI, unconstrained and exposed to certain markets and data, would deem it entirely rational to commit market manipulation. Now, the FCA cannot prosecute a computer, but we can seek to prosecute the people who provided the governance over that computer,” warned Hoggett.
“The application of new technology is of course future driven. We are currently standing on the brink of a new era – that of the Quantum Computer which brings game changing technology for processing extremely large amounts of data at extreme speeds to the financial world.
“Without the right state of mind, I continue to believe, we will not have effective compliance with the Market Abuse Regime.”