Detection, Prevention, Deterrence (oh my! )

It is gratifying to see the serious attention that regulators, traders, brokers and the buyside are paying to market surveillance today. It was not always the case. The credit crisis began a domino-effect market crash that rang alarm bells and woke them up; then the flash crash jolted them like a cup of three-shot espresso on an empty stomach.  But, despite the attention and the good-spirited attempts to put monitoring and surveillance into place globally, the changing face of regulations can create fragmented and inconsistent results.

Market surveillance today resembles a patchwork quilt, some programs monitor in real time and others look backward, said Miranda Mizen, Principal of TABB Group in a paper entitled Dynamic Surveillance: Detection, Prevention, and Deterrence.  Brokers' internal risk controls are differentiated from their clients' - for those that actually use pre-trade risk controls on their clients, not all do yet. Exchanges have varying surveillance programs and have operated in a siloed environment, with disparate procedures and processes causing a disconnect with their colleagues.

Mizen said that the drive to create more dynamic, comprehensive programs and techniques boils down to three core objectives: detection, prevention, and deterrence.

Detection of market abuse while, after, or even before it happens will help to bring back investor confidence.  Prevention of fat finger trades and rogue algorithms entering the market will go a long way to avoiding more flash crashes, or even splash crashes across asset classes. Prevention is rapidly becoming the domain of brokers, which sit squarely in the middle between order flow and trading venues.

Deterrence via real-time monitoring, fines and convictions should help to clamp down on market abuse. Although it will never be completely stamped out as long as it seems profitable, new policing techniques will up the ante so abusers will also have to up their game, said Mizen.

Consistent, viable market surveillance across the board has to include regulators, exchanges and ECNs, brokers and buyside firms in order to be effective. Sophisticated real-time surveillance is crucial for monitoring market patterns, for checking sponsored access clients' credit risk, for balancing position limits. It needs to be coupled with historical surveillance in order to compare market movements and flag possible abusive patterns.

The demand for sophisticated real-time surveillance adds to, rather than replaces, historical views, and the two increasingly overlap. Both are essential. For example, a client's credit risk needs constant monitoring (real-time) for sponsored access, but the global credit risk may not be verified until the overnight processes (historical) have run, said Mizen in her paper.

Real-time and historical pattern detection can also complement each other. If there is market activity several standard deviations from the norm within a two-minute window it could raise an intra-day red flag to the regulator, yet concluded to be non-abusive. If, however, this same activity surfaces at the broker along with correlated activity in another asset class during an overnight data crunch - it looks more suspicious. Real-time or historical, surveillance of flow and markets needs to be programmed tightly enough so that the patterns are not falsely alerting officials. 

Mizen said that of the three - detection, prevention and deterrence - prevention needs the most focus to protect markets and prevent disruptive, destructive order flow.  If using a combination of sophisticated real-time and historical surveillance tools can prevent another flash crash, stop market abuse in its tracks, and help to catch and punish wrongdoers it will go a long way to bringing back investor confidence.

-Dan

An Endless Game of Hide and Seek

Market surveillance needs permeate financial services firms from pre-trade to settlement, from trading via instant messenger services to exchanges and ECNs like never before in history. Every message, every trade, every conversation, every Tweet must be recorded, taped and downloaded into a database for on-the-spot or future scrutiny. Surveillance is necessary in order to provide full visibility to trading activity, whether via trade order flow, e-mails, Twitter, social media sites like Facebook or phone conversations. It’s invasive, there’s nowhere to hide.

U.S. hedge-fund managers are going so far as hiring security firms to comb their offices and homes for listening devices, according to new reports, reacting to the government’s insider-trading investigations. U.S. prosecutors used cell phone conversations as part of the evidence in the Galleon insider trading case. In the same vein, the UK's FSA has recently extended the recording of cell phones to hedge funds, and expanded taping rules for brokers to include all voice and electronic communications. If authorities are searching people’s homes for evidence against them, this illustrates the lengths to which they will now go to catch insider trading. And compliance officers need to be on top of this in every way they can.

Miranda Mizen, Principal at TABB Group and author of the paper entitled Dynamic Surveillance: Detection, Prevention and Deterrence noted that investor confidence took a beating after the May 6th flash crash, adding to the thumping it took during and after the credit crisis.

"Intentional and unintentional disruption and behavior rocks investor confidence and every crisis and regulatory change increases the demand for better supervisory and monitoring techniques," said Mizen in the report.

Intentional behavior such as spoofing and ramping the market on the close, or insider trading need to be spotted and acted upon in a hurry. Brokers, trading venues and regulators need to know who is trading, what does it mean and is it correlated to something somewhere else?

In theory in an electronic environment it seems more likely that market abusers would be caught since so much data is captured. This, of course, depends upon the data. As monitoring and detection become more sophisticated the abuse bar is raised, but it will forever be a game of cat and mouse. Insider trading, for example, may manifest itself only in the painstaking reconstitution of conversations across multiple media, said Mizen.

The number of different places that trading activity can take place is constantly increasing. What used to be done exclusively in a trading firm's office at the trader's desk can now happen via cell phone - maybe by using a trading application or simply by phoning it into someone in the office.  Or a trader can begin to work a deal at the office, go for lunch and finish it via instant messaging with his broker.

Compliance officers need to have full visibility in order to spot and prevent abusive trading activity - and that vision has to encompass trade order flow, e-mail conversations, Twitter, social media sites like Facebook, and phone conversations - even at home. In Europe, the Market Abuse Directive extends the notion of market manipulation to cover over-the-counter (OTC) instruments that can influence the price of listed instruments.

But even as the compliance side ramps up surveillance, there is a move toward making the front office more responsible. Trading desks will increasingly ensure that they don't do anything stupid, either with fat fingers or with an algorithm that goes rogue. Surveillance procedures can actually help them to trade more effectively, knowing that mistakes will be caught.

Changes in regulation paint a scary picture for brokers, with Dodd Frank, the flash crash, the market access rule and large trader reporting all crashing onto their plates. There is a need for constant monitoring and for the data to be analysed, scrutinized and stored and retrieved on demand.

The market access rule in the US will really change the game plan; brokers will have to apply pre-trade risk controls to every client using their market access, checking order size and credit limits in real-time. Although this is a relatively simple concept at a high level, the devil is in the very high speed details, and it can create a 'speed bump' to the order process, which could damage business. This creates another challenge; the broker needs control, a view across asset classes and client positions, with as little time lag as possible.

With increasing ownership of risk across the enterprise, the growth of social media and other off-trading-floor activity, the scope of surveillance becomes broader by the day. For further insight please go to Mizen's report - Dynamic Surveillance: Detection, Prevention and Deterrence - on the Progress website.

-Dan

Hurry up, Take Your Time

The Buck Stops At The Brokerage

In Key West there is a famous cat show on the waterfront at sunset where the trainer (yes, cats can be trained) gives his performers their signals and they rush to slowly do his bidding. He says to them, often: "Hurry up, take your time." Such is the nature of cats.

Regulating the financial markets seems rather like herding cats; trying to figure out the legal angles and ramifications to a raft of new regulations while trying to consult with market participants and coordinate between other financial regimes and placate well-meaning politicians is a recipe for confusion. 

After the May 6th, 2010 flash crash there was a three month period where the regulators learned just how much they didn't know, said Miranda Mizen, Principal at TABB Group at a Market Surveillance Seminar on February 22, co-sponsored by Progress Software. And this was after nearly two years of delving into financial market practices in order to reform regulations following the credit crisis. The result of all of these events has been a slew of new regulations, all of which require new or different surveillance programs in order to succeed.

During the intricate dance between market participants and regulators it becomes clear that there needs to be some common ground from which to start. That common ground lies with brokers, concluded Mizen, author of the paper entitled Dynamic Surveillance: Detection, Prevention and Deterrence.

She noted that brokers are sitting square in the middle between client order flow and trading venues. They are the major intermediaries, handling both order flow and information which allows them a top-down view of the markets. This view could help to fill some of the gaps that regulators need to fill. 

The Securities and Exchange Commission has intimated that the buck stops with senior executives at big brokerage houses and operational risk executives, who must prove that they have adequate procedures in place to prevent market abuse. This fate was pretty much sealed when the SEC agreed to propose the Market Access Rule last year, which would effectively prohibit broker-dealers from providing customers with naked access to an exchange or ECN.  

The Market Access Rule mandates real-time risk controls for brokerage clients, but it is only part of the struggles that brokers face. They have to deal with market structure changes such as the introduction of swap execution facilities, regulations in new asset classes and geographies, and regulators' demands for more detailed trade information. The rise of social networks, often used for trading discussions, adds another dimension to monitoring challenges. Plus, their efforts toward surveillance and market monitoring must be deemed "appropriate" by the authorities.

And the sellside will be happy to know that the buyside wants these types of control in place. Mizen's report pointed to recent interviews with asset managers in Europe, 85% of whom said that performance monitoring of their order flow is their top requirement when using algorithms and direct market access. This includes preventing fat finger trades, algos gone wild and market abuse.

No one wants to inadvertently kick the first domino that causes the whole line of dominoes to fall across the market, and most market participants are terrified of being the ones whose algorithm goes rogue. Technology is one - big - part of the solution. But procedures, processes and controls are also important elements of risk evaluation. Best execution and surveillance have to work together to be effective.

-Dan