Establishing An Effective Market Abuse-Surveillance Function

Due to the constant evolution of both market manipulation and the best practices for effective surveillance monitoring, the surveillance industry receives continuous guidance and supervision from regulatory authorities globally. The Financial Conduct Authority (FCA) is one such authority that provides their findings and insights to market participants via their series of Market Watch publications. In the recent Market Watch 79, the FCA discusses market abuse-surveillance failures, which are primarily around data and automated alert logic, and its recent peer review of front-running surveillance models.

The FCA’s Market Abuse Regulation (UK MAR) requires firms to have effective arrangements, systems, and procedures in place to detect and report suspicious activity. These systems, arrangements, and procedures – including how firms govern, implement, test, review, and rectify issues relating to the functioning of technical systems used to deliver market monitoring and surveillance arrangements – should be appropriate and proportionate to the scale, size, and nature of business’ activities. The determination as to appropriateness (risk and coverage assessment) is the firm’s responsibility and at its discretion.

Various factors affect the effective operation of a firm’s market abuse-surveillance function, including alerts not working as intended and/or as the firm assumed due to faulty implementation, incomplete ingestion of required data, or the inadvertent introduction of bugs during changes, leading to unsuccessful or partial surveillance.

Manifestations of these failures include alerts not working properly, such as instances where:

• An entire section of a firm’s activity is not being monitored.
• Alerts are generated but not for all instances – partially effective.
• Alerts are not being generated for a specific type of market abuse – completely ineffective.

Factors Contributing To Surveillance Malfunctions

Compounding whatever the malfunction happens to be is the time to its discovery/identification, which varies from a few weeks to several months, two years, or longer. The FCA has observed several types of failures over the past few years, including the following:

• Unconnected newsfeed: Firm A adopted a third-party system but did not undertake the necessary post-implementation testing. It was therefore unaware that a critical newsfeed had not been activated until alerted – three years later – by an FCA inquiry because a required suspicious transaction and order report (STOR) had not been submitted. During that time, the firm had missed key data points, including the release of price-sensitive information and significant price moves, as no insider-dealing alerts were being generated.
• Coding error: Firm B implemented an in-house surveillance model to detect insider dealing in corporate bonds, based on price movement at or above a certain threshold within a defined period after a trade. Due to inadequate testing, an error in coding the alert logic went undetected for several years. Another reason the defect went undetected is because the system was partially effective, generating alerts for more liquid, frequently traded instruments but not for bonds. The issue was revealed when compliance received a front-office escalation request.
• Data ingestion gap: Firm C offered direct market access (DMA) to some clients and connectivity (SDMA) to others using a private order feed (POF). It then implemented a third-party surveillance with the incorrect presumption that all POF was included in the feed. As non-POF trades and orders subject to surveillance were generating alerts, it took several years to identify the data gap.

Steps To Avoid Surveillance Failures

The FCA has also assessed how investment firms review their automated surveillance models and has a few recommendations as to how they can approach the efficacy of their models. These are the three key areas:

• Data governance: Guarantee that steps are taken to ensure that all relevant trade and order data is captured, accurate, and comprehensive, including regular (annual, etc.) data reviews to preemptively identify any issues.
• Model testing: Institute a program that addresses model scenarios (parameter calibration or a risk-based approach, logic, coding, data, or combination, etc.); the frequency and type of reviews (light touch vs. deep dive); and the monitoring of third-party or in-house built surveillance-system models, to ensure that they are operating as intended.
• Model implementation and ongoing maintenance: Formalize an efficient and robust process that facilitates the swift implementation, modification, recalibration, repair and amendment of all models, including regression testing to ensure that changes made by these, or other systems do not have an adverse effect on any others.

Striking The Balance Between Absent And Too Intricate Governance Arrangements

Market-abuse surveillance is challenging and complex. Not enough controls, criteria, or resources and something inevitably falls through the cracks. Too much tailoring of alert models and operational risk could increase; too many approval levels and practices become bogged down and inefficient. Both approaches can prevent the organization from being agile and proactive, exposing it to risks. 

Surveillance control is a key challenge, especially for large firms with an array of assets traded, individuals involved, trading methods, venues accessed, and operating under a complex and interconnected legal framework. However, firms are not without recourse.

So, what can firms do? Well, following the FCA’s guidance on instituting effective surveillance arrangements around data governance, model testing, implementation, and maintenance/amendments is a good start. Testing by the firm’s second line and audit function helps but may not identify all issues. Furthermore, a large volume of non-standardized data must be analyzed to identify abstract market abuse behaviors. And while AI is in the wings, it will also need governance to remain effective.