The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Trade Practice Surveillance: ‘I’ll Know It When I See It’

By: Victor Naroditskiy, Head of Regulatory Solutions Engineering, EMEA, OneMarketData

Much of the Dodd-Frank Act, Market Abuse Regulation, MiFID II and trade surveillance regulations can be summarized as “Thou shalt not manipulate” or rather “Thou shalt not try to manipulate.” The Dodd-Frank Act, for example, defines spoofing in the following terms:

It shall be unlawful for any person to engage in any trading, practice, or conduct on or subject to the rules of a registered entity that… is, is of the character of, or is commonly known to the trade as, ‘spoofing’ (bidding or offering with the intent to cancel the bid or offer before execution).

The generality of regulation is not an oversight but the only practical way of describing behaviour that can be carried out in a variety of ways. Specific regulatory language would miss more creative ways of manipulation. Furthermore, language that sets specific thresholds may induce behaviour that is just within the threshold, which is not the intention. This natural lack of specificity of what constitutes a manipulative behaviour, precludes a one-size-fits-all approach to detecting violations. Firstly, there are many ways to approach trade surveillance, each with its own strengths and shortcomings. Secondly, any solution would have to be customizable as we discuss next.

Each customer’s order flow is unique and surveillance needs to be configured accordingly. Rules that trigger alerts for a manual trader are likely to result in many false positives for an HFT flow. Types of market participants and asset classes are additional dimensions that require special configuration. A spoofing detection algorithm that works for a broker’s flow may result in a deluge of false positives for a market maker. A user should be able to specify different parameter values not only for different types of flows but also for different types of tickers within a flow (e.g. for FX flow, G10 currencies may have higher thresholds).

Configuring a surveillance algorithm for a given order flow is an iterative process where the rules keep getting adjusted to filter out false positives. The number of tuneable parameters is likely to be large for more complicated alerts and tuning them takes time and effort. Machine learning techniques can help automate tuning in some cases. For regulatory reasons, all of the rule changes in a production environment should be recorded.

A complementary approach to rule-based surveillance makes heavier use of statistics and machine learning. Trader behaviour can be profiled (e.g. daily volume, positions, stocks traded can be calculated) and deviations from typical behaviour for the trader will trigger a closer examination for alerts (the insider trading alert is particularly amenable to this approach). Trader behaviour can be benchmarked not just against their own prior behaviour, but also against behaviour of other traders/accounts within the order flow and against the market. These two approaches can be used together to classify alerts into various levels of severity. A rule-based alert is assigned a higher severity level if it occurs together with an unusual behaviour of the trader. Similarly, machine learning can be applied to analyse patterns in rule-based alerts: an alert that keeps popping up gets escalated.

A surveillance platform that provides the features described above is likely to be useful beyond regulatory requirements. The same profiling, analytics and investigation tools can help analyse strengths and weaknesses of the business. In the end, it is the customer, not the vendor, who is responsible for successful manipulation detection and ensuring that surveillance is done correctly.

Related content


Upcoming Webinar: Fighting fraud and financial crime with RegTech

Date: 24 June 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Financial fraud and crime continue to escalate causing significant damage to companies, countries and the global economy despite enormous efforts by firms and organisations in the financial services sector to identify and expel bad actors. As these bad actors...


Opsmatix Signs Partnership Deals with EEI, SHE as It Seeks to Automate Operational Workflows

Operations automation specialist Opsmatix has signed its third partnership agreement in two months, forging a relationship with Enterprising Engineering Inc. (EEI), a New York-based digital transformation consultancy. The deal follows partnership arrangements with Lysis for KYC off-grid workflow monitoring, and with New York sales accelerator Sand Hill East. Opsmatix’s SaaS platform uses AI to help...


LIVE Briefing: ESG Data Management – A Strategic Imperative

This breakfast briefing will explore challenges around assembling and evaluating ESG data for reporting and the impact of regulatory measures and industry collaboration on transparency and standardisation efforts. Expert speakers will address how the evolving market infrastructure is developing and the role of new technologies and alternative data in improving insight and filling data gaps.


Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...