If we think trade abuse and market manipulation is generally passé and that financial institutions (FIs) should no longer worry about rogue trading activities such as those
perpetrated in the past by the likes of Nick Leeson, Jérôme Kerviel, Toshihide Iguchi, John Rusnak and Yasuo Hamanaka, we need to think again! The reality is that still today rogue trading and other forms of market manipulations continue to flourish. Consider
the below news from recent times:
Tech-savvy rogue elements continue to collaborate unabated in perpetrating sophisticated forms of market abuse. For FIs, the challenge has only exacerbated, thanks to the increased complexities of global trading network, convergence of various forms of financial
crimes, plethora of communication channels being leveraged for trade related communications, and heightened regulatory expectations vis-à-vis market abuse prevention.
Unfortunately, FIs’ existing surveillance solution have been ineffective in preventing trade/market abuse. No wonder then, many FIs have been earnestly considering putting in place robust holistic surveillance capabilities that can effectively tackle
the myriad trade surveillance challenges.
Challenges that make holistic trade surveillance imperative
Increasing complexity: Recent years have seen the market complexity increase manifold – owing to massive rise in: electronic trading volume, number of automated high-frequency-trading (HFT); volume of cross-product and cross-market activity; and number
of trading venues, asset classes and instruments. In U.S., for 2018, FINRA reported a
daily average of 66.7 billion electronic records, which covers securities quotes, actual transactions and cancelled bids. This represents 87% increase from the previous year.
New digital communication methods (such as skype for business, WhatsApp, and myriad other social media apps) have further made it difficult for FIs to effectively ascertain the extent of trade manipulation. Rogue traders continue to device new sophisticated
ways to perpetrate manipulation. There is gradual convergence and interplay of AML, fraud, internal threat, tax violation, trade/market manipulation and other forms of financial crime. Alas, FIs’ traditional surveillance methods have been found wanting in
keeping pace with the increased market complexity.
Suboptimal strategy. Over the years, most FIs have been simply playing catch-up with the new trade surveillance related regulations. In their rush to comply with a new regulatory mandate, many FIs have taken a fragmented and tactical approach. They
have tacked together ill-fitting trade surveillance solutions or haphazardly enhanced the legacy systems.
For many FIs, effective enterprise-wide trade surveillance governance controls have not been implemented. Surveillance is executed in silos – separate unintegrated systems and processes exist for separate asset class and communication channels, with each
system raising its own disparate suspicious behavior alerts. Audio communication (telephone and mobile voice), electronic communication (IMs, chat, other apps), information security and firewall monitoring for insider threat, and trade-transactions / market-activity
are all tracked separately by separate surveillance teams. This operational silo results in highly fragmented surveillance system and limits the ability to spot sophisticated market manipulation activities that span cross-functional areas and lines of business.
Ineffective solution. In the absence of fully automated holistic surveillance solution that can cover all products, asset classes, and functions, FIs’ current systems are unable to cope with the volume and variety of data. Many FIs’ existing fragmented
trade surveillance solutions lack sophisticated capabilities. For example, instead of having the capability to monitor 100% of trade/market data and communications (voice, email, chat etc.) in real-time, firms usually have to resort to lexicon checks – through
which automatic notifications are sent for review when certain keywords are used in communications. The keywords include stock symbols, prohibited words, competitors’ names, products or any other word that can alert the firm to potential trade abuse. However,
such random sampling checks are not foolproof. Also, the sheer volume of communication alerts to be manually reviewed overwhelms most firms.
Many FIs depend heavily on rules-based techniques for monitoring and control. They monitor a limited scope of trade activities. Alerts for suspicious activity are raised based upon static set of predetermined rules. This results in huge volume of false positives.
Manually sifting through such huge volume of alerts to ascertain the genuine ones is very expensive, labor intensive and ineffective. The alert investigation process is also not optimally automated – for an alert, required messages from archive are collected
and loaded into investigation tool. Staff have to spend a lot of time conducting manual reviews, checking emails, listening to calls etc. This manual approach takes many days and consequently in many cases the alert investigation is dropped midway owing to
Most FIs front-office trade surveillance dashboard solutions are cumbersome and limited in scope. Disparate visualization and BI tools are used. For many FIs, mapping trade related data across the organization is very challenging due to lists and sub-lists
being scattered across departments. Sharing of data is often done manually and unsurprisingly lack efficiency.
Lack of robust communication surveillance. The current siloed approach of FIs view markets and communications separately. However, today, for effective trade surveillance, monitoring only the trade/market data is not enough. Firms need to also analyze
associated electronic and audio communications in order to determine the intent and context behind particular trading action. Unfortunately, with the increased communication channels and social media pervasiveness, correlating trade data with the corresponding
communications is not easy in the absence of robust communication surveillance tools.
In many FIs, communications surveillance is either non-existent or reactive and which rely on random sampling methods. Huge effort is spent in locating, reviewing, compiling and reporting on trade-related communications; and still it covers only a tiny fraction
of the billions of trades that happen each day. FIs have been slow in leveraging unified communication solution. Good number of FIs use their electronic communication monitoring system only as storage. The communications go into data storage and get looked
into and analyzed only when a specific trade incident occur. Electronic communications are not monitored in-flight for the trades.
Also, many FIs’ electronic communication monitoring solution lack maturity – they generally utilize simplistic lexicon checks and sub-optimal text mining capabilities. This results in surfeit of false alerts. FIs lack capability of intelligently linking
the various pieces of structured & unstructured data and creating a cross-asset class, cross-market, and cross-communication channel view of the trades/orders to portray trading behavior. FIs also especially face challenges in tracking and deciphering the
highly unstructured voice communication – alas, voice communication usually comprises significant information pertaining to trade/market abuse.
Heightened regulatory expectations. Over the past few years, many regulators across the globe – including FINRA, CFTC, FCA, SFC and ESMA – have begun expecting FIs to have holistic surveillance in place that leverages multiple data sources (including
order/trade data, voice and electronic communication, and behavioral data) for identifying potential trade abuse across markets, asset classes, trading venues and geographies. Today, regulators are asking FIs to have their trade data unified with voice/electronic
MAR, MiFID II, BMR, UK’s Senior Managers Regime, Singapore’s Market Misconduct Enforcement Regime and Hong Kong’s Securities and Futures Ordinance are just few of the regulations that have enhanced the trade/market surveillance obligations for FIs. For
e.g., under MAR, many smaller firms have been required, for the first time, to report suspicious trades or evidence of potentially abusive behavior. OTC transactions (e.g. swaps) are also in scope of monitoring under MAR – earlier, only trades executed in
regulated markets needed to be monitored for market abuse.
Many regulators are today asking FIs to move beyond their basic manual surveillance that is based on reactive random sampling. Instead, they require firms to detect and report illegal behavior in a timely manner and have preventative solutions in place.
Dodd-Frank Act trade reconstruction requirement for example is quite challenging – producing all documents/communications related to a trade/order chronologically within 72 hours of regulator’s request is quite difficult – given the current manual and labor-intensive
processes of many FIs.
In another article, I will share thoughts on key considerations for FIs to implement holistic trade surveillance.