Keeping Up with the FCA’s Guidance on Trade Surveillance

September 6, 2024  |   Chris Montagnino, Managing Director, Compliance & Regulatory Solutions

Beginning in 2015 and continuing through May 2024, the FCA has reminded firms of their observations and recommendations with respect to the identification and assessment of potential market abuse.  Their guidance is relevant to market surveillance globally, regardless of jurisdiction, and has been reiterated continuously over the past ten years.  We will examine the salient aspects of the FCA guidance and delve into solutions that firms can employ to ensure that their processes and controls are in alignment with the guidance.  Taking such action, of course, will not guarantee that issues won’t occur or prevent any regulatory scrutiny.  However, firms availing themselves of the tools and controls recommended will better position themselves and their program as reasonable and diligent should problems arise going forward.  That could serve to reduce any potential regulatory penalties or fines.

A central theme that was initially noted in the FCA’s Market Watch (“MW”) 48, again in MW 56 and thoroughly detailed in MWs 68 and 79 concerns the integrity and completeness of order/trade data made available to systems executing the surveillance routines.  Gaps in data coverage absolutely impact the quality of the surveillance output and can potentially allow suspicious and/or violative behavior to go undetected.  This in turn increases the regulatory risk to the firm and the overall supervisory control process.  The FCA particularly has noted challenges faced by firms trading in certain fixed income products that tend to be less liquid where the transactional data is not readily available.  This precludes surveillance staff from performing adequate monitoring of such products as the full breadth of activity is unavailable, thereby negatively impacting the output from the monitoring systems.

The FCA highlighted this issue further in MW 68 when discussing the increase in web-based platforms for the trading of fixed income and rates products.  Where the firm does not formally connect to the platform but rather interacts via a web-based UI, firms may not be recording the details for those orders not resulting in an execution.  Thus, critical information regarding unexecuted orders, cancels and replaces that would be relevant to such market abuse routines as spoofing, layering, momentum ignition, etc. will not be analyzed resulting in potentially missed alerts and regulatory risk for the firm.  In MW 79 issued earlier this year, the FCA reiterated the importance of data governance for firms to ensure all relevant data is captured, complete and accurate.  Equally important is having in place the appropriate controls or checks to regularly validate that the data remains complete and accurate as systems and connections frequently change.

Another theme that has persisted throughout the history of the FCA’s MW notices is the importance of risk assessments of firms’ surveillance programs.  In MW 48, the FCA implored firms to conduct a detailed assessment of the market abuse risks to which they are exposed when designing their surveillance controls.  This reportedly helped with the development of appropriate and proportionate monitoring as well as highlighting gaps that required remediation.  Additionally, an aspect of the assessment should also consider how surveillance routines have been calibrated with respect to their logic and parameters in order to identify the intended behavior.  Consistent testing and refinement of alerts was noted to be critical to maintain effective and proportionate monitoring.

In MW 56, the FCA went further on the calibration aspect by reminding firms that calibration is not a one-size-fits-all exercise. Firms must be careful to adjust their parameters and logic specific to the risks presented by their business and not simply applying settings that may be consistent with those of their peer firms.  The FCA also cautioned against utilizing the “out of the box” parameters that are offered by their vendor.  Firms must review such parameters and logic for the selected surveillance routines to ensure they are appropriate to address their particular trading risks.  Firms were further recommended to consider additional signals to those detailed in the MiFID2 level two legislation when developing their surveillances to detect market abuse.

With MW 79 that was issued in May 2024, the FCA included model testing as part of their steps to avoid surveillance failures.  This testing can be structured as part of a regular risk assessment to validate alert parameters and logic.  This should also include robust testing of third-party surveillance models so firms can adequately attest to the veracity of such models and their applicability and appropriateness to address the trading risks for their particular firm.  Such testing should be scheduled on a regular basis to identify changes that may have impacted alerting or to identify opportunities for enhancement as business and trading patterns evolve.

The silver lining with respect to all of these challenges and potential surveillance pit falls is that the solutions to these issues are not difficult to implement.  Firms can conduct assessments and testing of the data provided to their surveillance systems to identify any gaps or degradation in data integrity.  These reviews are standard side-by-side data comparisons and should be conducted on a regular basis.  In addition to identifying potential gaps such assessments can also be leveraged to conduct logic reviews and parameter calibrations to ensure that the alerts generated are effective and identifying the intended behavior.  This testing can be performed in a sandbox environment with test data or can also be conducted by analyzing output from the system as currently constructed.  Firms must be able to demonstrate that they are conversant with respect to how their surveillance routines work and why the parameters have been set where they have been.  Conducting these assessments regularly ensures that there are no surprises going forward.

When data issues are noted, firms can address them by contacting the market or platform for which the firm is not receiving data or engaging a vendor that aggregates and distributes such data.  The more progressive venues have dedicated data teams to focus on regulatory issues.   A best practice would be to fully vet the available data from a trading destination before engaging in any activity to avoid gaps in coverage.

In those instances where firms cannot obtain complete order lifecycle data from particular markets or platforms, the firm can make an informed decision considering the activity and risks from not having the data from such platform or could ultimately move trading away to another platform that provides the necessary data.    However, as noted above, it would be difficult to defend a decision to trade on a platform where complete data is not available as the absence of such data severely impacts the ability to perform critical monitoring for potential market abuse.  Testing of any trading activity where orders are employed to attempt to influence quotes is entirely off the table without order, modify and cancel records.

Given the breadth of guidance issued by the FCA and other global regulators concerning surveillance obligations, it is critical for firms to heed that guidance and take steps to evaluate the efficacy of the surveillance programs.  Taking the necessary steps to remediate any data deficiencies or to properly fine tune your surveillance parameters will absolutely save firms from future regulatory headaches and provide peace of mind for the compliance and supervisory staff on the risk management front line.  The upfront investment for comprehensive market data or for a thorough risk assessment will more than pay for itself when considering the potential regulatory fines that could be incurred for failing to take such steps.