On October 17, RIMES hosted a regulatory seminar in London. In the second session of the day, a panel of experts discussed surveillance requirements for the UK buy-side under the Market Abuse Regulation (MAR). The panel was moderated by Robert Dalling, Special Counsel at Jenner & Block LLP, and included Octavio Marenzi, CEO of Opimas; Sani Jackson, Partner at Optima Consulting, and; Rukshan Permal, Partner at PwC. The following article summarizes some of the topics discussed during the debate.
Building a surveillance strategy
It’s now quite clear from MAR, and from signals issued by the Financial Conduct Authority (FCA) in the UK, that buy-side firms are firmly in-scope. Many small and medium-sized firms that erroneously thought their size would exempt from market surveillance are having to catch up.
So how should firms address their surveillance obligations? One factor to consider is whether to build a surveillance system in-house, or buy one from a vendor or service provider. The majority of vendor systems involve setting thresholds and parameters, which if breached issue alerts. However, the market is beginning to move away from purely alerts-based systems towards more sophisticated measures such as risk-scoring, which enables alerts to be prioritized.
If firms choose the in-house route, they face a number of challenges around resourcing, cost and skills. The latter is particularly relevant when it comes to finding compliance experts that know the space well enough to set alerts effectively. Firms that go down this route risk spiralling costs and may fall behind their peers in terms of expertise and capability.
When looking to build a market surveillance strategy and system, the foundation must be the risk profile of each unique firm. No two companies will have the exact same activities, trading strategies and communications norms. Yet all play into the risk profile of the company. Above all, firms must consider where market manipulation or insider risks could occur in their unique circumstances – a process that provides a blueprint for where monitoring activities should be focused.
Trade surveillance vs. comms surveillance
The standard approach to market surveillance is to look at trade data first. If an alert flags suspicious activity, investigators can then analyze communications data to try and confirm or rebuff the suspicion. A more advanced approach is to look at trade and communications data in tandem, and create holistic alerts that factor in both sets of data. By automating what is a manual process in the current model, this approach aims to reduce levels of false positives and thereby make market surveillance more cost-effective.
An issue with this approach is that if one element of the trade/communications data pair is absent, the manipulation may be overlooked. For example, spoofing doesn’t require a communications element to work, and so may be missed by systems that would search for communications data to investigate a suspicious trade.
Other firms have sought to go further by analyzing a much larger ‘holistic’ dataset comprising things like key-card, expenses and travel data in addition to trade and communications information. However, firms are struggling to manage data holistically, and so no meaningful surveillance analysis has yet been possible.
Reducing false positives
The best way to reduce false positives in a surveillance system is to go back to first principles: design a system that’s closely mapped to your individual business and its risks. In addition, firms should configure their systems according to their trading strategy and asset classes. This can help ensure that spikes in trades that are a normal part of a strategy are not misinterpreted by the system. For this to work, compliance teams need to have a good grounding in front office operations.
Another cause of high false alerts is when a firm implements a vendor system and doesn’t calibrate the settings. Up-front configuration will reduce the number of avoidable false positives and allow companies to run with smaller investigative teams. Importantly, systems must be calibrated to meet the specific profile of the individual firm – calibrating according to industry averages may leave the company exposed.
The current approach where compliance teams listen in to only a small proportion of calls doesn’t seem adequate to the risk. Voice-to-text systems may help, but at present these vary in reliability according to the quality of the recording being transcribed, the accents of the people speaking, language limitations and the effectiveness of the transcription engine.
Another challenging area is around monitoring employee devices. Technological solutions are currently limited due to compatibility issues and a reliance on phone users opening an app to activate the recording. Some firms simply ban the use of personal devices for trade calls. The key with such bans is for firms to show they are proactively enforcing the controls they have in place, whether that’s through training sessions or having compliance officers police trading floors, for example.
The content provided in these articles is intended solely for general information purposes, and is provided with the understanding that the authors and publishers are not herein engaged in rendering regulatory or other professional advice or services. Consequently, any use of this information should be done only in consultation with qualified legal counsel. The information in these articles was posted with reasonable care and attention. However, it is possible that some information in these articles is incomplete, incorrect, or inapplicable to particular circumstances or conditions. We do not accept liability for direct or indirect losses resulting from using, relying or acting upon information in these articles.
- Making the Most of the Leveraged Loans Boom
- The Data Management Model is Broken. Here’s How to Fix it.
- RIMES Creates Lean Data Management Solution Transforming How Financial Institutions Approach Enterprise Data
- What’s the BUZZ? Get Under the Skin of an Exciting New ETF
- SFDR is Now in Force. Are You Ready for the Data Challenge?