Regulators Remind Financial Services Firms of the Importance of Technology in Detecting Financial Crime
In recent weeks, regulators across the globe including the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the UK Financial Conduct Authority (FCA) have issued communications regarding their ongoing commitment to detecting and punishing insider trading, market abuse, and other misconduct by investment management firms. Below is a summary of recent regulatory announcements and enforcement actions in this area.
SEC’s Division of Enforcement 2019 Annual Report notes use of technology in bringing enforcement cases
Last week the Enforcement Division (“Enforcement”) of the SEC issued its Annual Report covering FY 2019. Market manipulation comprised 6% (30) and insider trading comprised 6% (30) of the SEC’s 526 standalone cases in FY 2019. The SEC notes in the report that the trading-related cases is brought in FY 2019 “may not have been possible without our ability to analyze voluminous amounts of data, including trading data and communications metadata.”
Specifically, the report discusses the case of SEC v Ieremenko, which involved the prosecution of nine defendants who allegedly obtained nonpublic information for illegal trading by hacking into the SEC’s EDGAR system. SEC staff used proprietary technology systems to identify the suspicious trading activity. The SEC states in the report, “This is a type of case that might not have been possible to bring just a few years ago due to the geographical dispersal and technological sophistication of the perpetrators.”
SEC’s OCIE Risk Alert calls out code of ethics deficiencies in examinations of investment companies
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert on November 7, 2019, on the most often cited deficiencies and weaknesses observed in recent examinations of registered investment companies (“funds”). The Risk Alert notes the following deficiencies and weaknesses observed by COEI staff regarding the fund code of ethics rule:
- Failure to implement code of ethics. The staff observed funds that failed to implement procedures reasonably necessary to prevent violations of their codes of ethics. For example, certain funds’ codes of ethics lacked procedures adequate to prevent access persons from misusing material non-public information such as procedures designating a separate individual to review the CCO’s personal securities holdings and transactions reports, or procedures for determining and documenting that an access person was eligible for an exception. In addition, certain funds had implemented codes of ethics, but did not designate the proper individuals as access persons.
- Failure to follow or enforce code of ethics. The staff observed funds that failed to use reasonable diligence to prevent violations of their codes of ethics. For example, the staff observed funds that did not collect or review personal securities holdings and transactions reports of its access persons or did not enforce the pre-clearance and holdings period restrictions contained in its code of ethics.
- Code of ethics approval and reporting. The staff observed funds that failed to comply with their approval and reporting obligations with respect to their codes of ethics. For example, the staff observed codes of ethics that had not been initially approved by the fund’s board. In other examples, the staff observed that fund boards had not been provided the required annual report regarding code of ethics violations and sanctions or were provided reports that were inaccurate.
CFTC continues to crack down on spoofing, orders record $67.4 million penalty
The CFTC last week announced that it had issued an order filing and settling charges against a proprietary trading firm for engaging in a manipulative and deceptive scheme spanning nearly two years and involving thousands of occasions of spoofing in equity index futures products. The CFTC ordered the firm to pay a $67.4 million penalty, the largest ever ordered in a spoofing case.
This case was brought in connection with the CFTC Division of Enforcement’s Spoofing Task Force, which CFTC Director of Enforcement James McDonald has said is developing its own surveillance tools and data analysis capabilities. In a statement issued in January 2018 regarding several enforcement actions brought for spoofing and manipulation in the futures market, McDonald said, “In the cases announced today, we identified the alleged misconduct through our traditional surveillance and enforcement tools, and also through new ones we are developing. For example, we identified some of the alleged conduct using sophisticated data analysis, which we have worked to develop at the CFTC over the past year. Through analysis of market data, we can identify trading patterns that reveal unlawful conduct. I expect, going forward, we will use this type of data analysis across a range of trading.”
FCA reinforces commitment to technology innovation
In a recent speech delivered at the Chief Data Officer Exchange Financial Services conference in London, the FCA’s Director of Innovation, Nick Cook, spoke to the need for the regulator to embrace technology and innovation to keep pace with technological change in the markets it regulates.
This includes the formation of the Global Financial Innovation Network (“GFIN”) earlier this year, an international group of 50 financial regulators and related organizations, which the FCA chairs. It was recently announced that four U.S. regulators, including the Commodity Futures Trading Commission (CFTC), Federal Deposit Insurance Corporation (FDIC), Office of the Comptroller of the Currency (OCC), and Securities and Exchange Commission (SEC) have joined GFIN, which Cook in his speech said, “demonstrates this global direction of travel and reiterates the enormous potential for the collective to shape and transform the future.”
The FCA is also focused on technology innovation at a more local level, having last month opened Cohort 6 of their regulatory sandbox, which “allows businesses to test innovative propositions in the market with real consumers.” As part of Cohort 6, the FCA is looking for propositions in multiple areas, including the use of “technology to overcome regulatory challenges – by helping regulated firms comply with their obligations.”
ACA Guidance
The rapid technological changes occurring within the markets they regulate have prompted global regulators to invest in and adopt supervisory technology (“SupTech”) to enable their supervisory responsibilities and create more focused and proactive monitoring. In other words, regulators globally are better positioned than ever to identify market abuse and non-compliance thanks to advancing technological capabilities.
The global regulators’ embrace of technology and innovation, their continued prioritization and enforcement of market abuse and cyber-related crime, and their coordination via GFIN should serve as a reminder to firms that manual processes alone are no longer sufficient for detecting potential misconduct.
How We Help
We help financial services firms proactively and efficiently detect, prevent, and remediate potential insider trading and other misconduct within their own operations through a holistic approach that combines technology, compliance advisory services, and managed services. These include, among others:
- Code of ethics and employee personal trading technology and support - provides an integrated technology solution for managing your firm’s compliance activities related to employee personal trading surveillance, attestations, reporting on gifts and entertainment, outside activities, and more. In addition, we can provide ongoing implementation support for policies and procedures.
- Trade surveillance technology and analysis - applies proprietary algorithms (such as manipulation/spoofing) against trade and position data and historical market information to produce “Items of Interest” for further investigation.
- Compliance management technology - provides a governance, risk, and compliance technology platform for effectively and efficiently managing your firm’s compliance program activities and identifying potential issues through automated risk monitoring, compliance activity tracking, up-to-date reference compliance content, reporting, and visual analytics.
- Market Abuse Regulation (MAR) compliance solutions in Europe – helps firms mitigate the risk of insider dealing, improper disclosure, and market manipulation.