Jointly authored by financial crime and compliance specialists Nic Hull and Jason Merritt, our four-part series on market abuse explores why firms need to stay focused on compliance. This third piece explores the importance of data provision and automated market surveillance solutions in the light of the most recent – and high profile – regulatory fines.
December 2022’s FCA fine of three brokers (BGC Brokers LP, GFI Brokers Limited and GFI Securities Limited, collectively known as BGC/GFI) to the tune of £4,775,200 has once again highlighted the risks for firms who fail to provide full coverage in their automated surveillance systems.
Given the size of the business conducted by BGC/GFI (executing $100bn of trades over 18 months), comprehensive automated surveillance is a necessity. Equally essential is the fact that surveillance needs to be tailored to the firm’s business, asset classes and method of trading – for example, communication surveillance is vital for a voice broker. And yet:
“Between July 2016 and January 2018, BGC/GFI had manual, automatic and communications surveillance processes that were deficient, and therefore, inadequate in properly addressing the risk of market abuse. Additionally, BGC/GFI’s systems for monitoring market abuse did not have proper coverage of all asset classes which are subject to MAR.”
Sadly, BGC/CFI neither the first, nor likely to be the last, case to highlight disparate processes and inadequate monitoring. But what – and when – will firms learn? As the FCA themselves make clear, the lessons from this fine go far beyond the actual sums, or individual firms involved:
“It is of fundamental importance to the integrity of the market that brokers … have effective market abuse surveillance systems in place.”
Here are the key lessons that we believe firms can put into practice, right now.
- Data completeness
We have a simple mantra: right data in – effective results out. Taking the BGC/CFI use case as an example of disparate process and inadequate monitoring, puts the importance of data provision and automated market surveillance solutions straight at the top of the to do list.
“Data quality“, “data completeness“, “data wholeness“, or even the emotive “dirty data” are all terms that are frequently thrown around to define gaps in any source-to-target process where accuracy of input data ensures measurable outputs.
For an effective market surveillance solution, ‘data completeness’ can be achieved by initially performing a thorough MAR Risk Assessment to highlight data required related to your firms business lines and asset classes. This will help you determine where your key data resides, both internal source systems and market data providers.
But more often than not, firms often fail at this initial stage, which is why we recommend that, as a starting point, firms consider the inclusion of:
- RFQ data
- communication channels (voice, email, chats)
We regularly also find firms neglecting IOIs (Indication of Interest) and RFQs (Request for Quotes). While these have limited scope for market abuse, there are still behaviours which need to be considered, in particular where the trading of RFQs are public rather than private. Why worry? Well, for example, a firm could layer the CLOB (Central Limit Order Book) and use a RFQ to execute a genuine trade, or a firm could view a large incoming RFQ and front run it with the expectation the client will execute the RFQ either with the same or a different firm.
These were highlighted by the FCA as a key area of concern back in its Market Watch 68, which focused on where fixed income trading allows direct entry into the user interface/portal. These portals, however, only allow for the extraction of completed orders. For effective monitoring of market abuse, order data needs to contain the unexecuted orders, as well as the order history (amends and cancels), adding challenges for the compliance team, particularly when it comes to curtailing those portals which do not provide the data required by regulations.
Even then, providing orders to a surveillance solution can be problematic, especially in the over the counter (OTC) world, while mandatory under regulations firms have struggled to update their trading systems and processes in order to ensure orders are recorded with the correct time stamp: essential for the accurate monitoring of front running.
3. Market data
Whereas older platforms historically required firms to source and populate data themselves, more recent developments can now provide market data as a part of the solution. But a note of caution: firms must review vendors’ key coverage, and relate this back to your original MAR Risk Assessment.
Similarly, having the correct market aligned to where you trade is key, as vendors often struggle with some asset classes/instruments. For example, a vendor providing FX Pricing Data from an amalgamated or synthetic source is likely to cause a surge in false positives, if the firm exclusively trades on Refinitiv’s FXall or Deutsche Borse’s 360T platform. Although pricing differentials may be marginal, that could then provide an inaccurate view of the state of the order book. The same can also be said for swaps, including Organised Trading Facility (OTF) vs Swap Execution Facilities (SEF) vs Multilateral Trading Facilities (MTF) vs OTC, Fixed Income (Evaluated Pricing) and other OTC Products.
While these feeds can be beneficial for monitoring best execution and transaction cost analysis, they can – and do – lead to a headache for compliance officers responsible for monitoring market abuse. Investigations and identifying true risks are both extremely problematic, as is discerning whether or not the vendor is providing the full scope of data relating to, for example, depth of the book, trade data, fixing prices, fixing times, methodology or coverage.
4. Data Mapping
Vendor solutions have their own data dictionary. Some are more flexible than others but ultimately there are key requirements across the industry, namely:
- type (including new order, amend order, execution)
We advise all firms to have data quality validation and a feedback loop (aligned to your risk assessment) to ensure your data feed to your vendor solution is not only comprehensive but also, crucially, accurate.
The bottom line
The FCA investigating a possible market abuse violation and finding your data was rejected by the vendor solution for missing key data fields will be seriously detrimental to your firm and could result in significant fines and lasting reputational damage – and is entirely avoidable.
How can we help?
As experts in financial crime and compliance, and as part of Davies, we work with firms worldwide to help them turn the regulatory requirement to review risks annually into an opportunity to replace poor technology with newer systems, reduce costs and improve efficiency – as well as keeping the regulators on side. If you’d like to discuss any of the issues covered above, or find out more about our wider expertise, please contact us.
Read more in this series