The FCA Reminds Firms of the Importance of Data and Algorithmic Governance in Market Abuse Surveillance
In its Market Watch 79, the Financial Conduct Authority (FCA) issued a reminder to firms about the perils of data issues and poor algorithmic governance in tools used for market abuse surveillance. The observations highlighted should serve as a further focus area for any investment firms using automated market abuse testing, ensuring that compliance oversight of those systems is considerate of the quality and sensitivity of the data.
Market Abuse Regulation Responsibilities
Under the Market Abuse Regulation (MAR), firms are responsible for having effective controls in place to detect and report any suspicious trading activity. With an ever-increasing use of modern methods for compliance market abuse testing (i.e not manually checking every trade), compliance teams are now leveraging these tools across vast trade data sets on a real-time basis. However, as we well know, the testing is only as good as the data, controls, and tolerances that are built into it.
Part of the issues identified in the FCA’s Market Watch are underlining some of the core questions we raise with firms daily, such as whether the automated test was properly back-tested with real trading data when it was designed, and whether the tolerances are set to a sensible level (relevant to the trading frequency and strategies of the investment firm) that can then generate meaningful alerts. Market Watch 79 points to deficiencies such as missing alerts because a trading segment had been unaccountably omitted from the dataset, where market abuse testing reveals a flagged trade in one instance but not another, or where there is inadequate testing of a particular abusive behaviour because the set-up stage failed to properly include it.
Perhaps more telling is how long the FCA observed it takes firms to remediate testing issues, with timeframes ranging from weeks to months. Sometimes identifying the issues in market abuse surveillance testing is the challenge itself – but it takes competent compliance and operations personnel to challenge the quality of the data and the findings in order for this to lead to any meaningful remediation and a risk-based proportionate testing outcome.
When we meet with a client about market abuse testing, a common “flag” that testing is not up to snuff is when they tell us the firm has not reviewed the basis for tests even though the investment strategies, platforms, news, and prices feeds, have all changed over time. A firm may well have no problematic trades, however the compliance team cannot confidently determine that this is the case when the testing is simply not robust. Additionally, we often find that inbuilt flaws within the algorithm or testing process can result in a false sense of security by the compliance team, which in turn means that risks are not being properly monitored.
Consequently, in Market Watch 79, the FCA highlighted several instances where systems are not operating as intended due to similar issues, including:
- Faults in poor implementations (lack of rigor in the back-testing, followed by not challenging the data later on to discover missing inputs or feeds)
- Alerts not performing as expected due to data nuances that need correcting
- Applicability of alert types for various instruments not being refined enough to pick up differences in market news, or trade frequency
Our recommendation
The FCA emphasizes that firms should not approach the implementation of a surveillance program as a "one and done" approach, but rather as the start of a journey that should be re-evaluated at regular intervals. Firms should actively think of market abuse in the following areas:
Risk governance:
- Periodic review of your market abuse risk matrix in the context of the rapidly changing geo-political climate, financial crime trends, and the firm’s exposure to these risks
- Consideration of changes in investment processes
- New asset classes or trading teams should be built into the testing
- Market volatility can cause false positives, so tolerances should account for this
Data governance:
Compliance officers should maintain vigilance on data completeness and accuracy of data being sent into surveillance systems. Firms should ensure that all relevant trade and order data, for all products being traded, is captured, accurate, and regularly checked. This is fundamentally a simple ask, but we see countless firms lose sight of this the moment a new strategy is launched (and forgotten) in the surveillance.
Surveillance models need constant attention:
- Implement periodic testing of model parameter settings
- Ensure the test is applicable to your business
- Keep audit records of testing and any changes made to systems
- Regularly contact third-party solution providers to understand model enhancements, deployment methodologies, and back-testing. Knowing the most modern techniques can give a compliance team perspective (or assurance) that what they have in place is sufficient
How we help
ACA’s integrated surveillance solutions are designed to help you monitor firm-wide conduct and trade risks to meet global regulatory expectations and industry best practices. Our Market Abuse Surveillance solution enables you to detect and investigate trading for potential cases of insider trading, market manipulation, and preferential allocations. Our team of surveillance experts is available to help tailor our technology solution to your unique business needs and provide ongoing support helping you test the surveillance parameters and parse through alert findings.
For questions or to discuss how ACA can help your firm strengthen its surveillance program, increase efficiencies through technology, and ensure your regulatory obligations are met, reach out to your ACA consultant or contact us here.