Newsletter on market conduct and transaction reporting issues
About this edition
In this Market Watch, we discuss our observations and findings from our recent market abuse peer review into firms that offer Contracts for Difference ('CFDs') and spread bets (‘CFD providers’).
CFDs and spread bets are particularly vulnerable to being used for insider dealing due to the speculative and leveraged nature of the products. They are a major source of Suspicious Transaction and Order Reports (‘STORs’). We are also aware of a potential increase in a type of manipulative behaviour where spread bets and CFDs are being used to realise profits following manipulative practices in the underlying market via other firms. Given these risks, our review aimed to improve our understanding of CFD providers’ arrangements to identify and report potential market abuse and raise standards.
You should read this edition in conjunction with Market Watch 69. While this article draws specific observations from our CFD peer review, the themes of that edition are equally relevant. Firms should also read Market Watch 73 alongside our December 2022 portfolio letter: Our Contracts for Difference (CFD) Strategy.
CFD market abuse peer review
To select the firms for the review, we analysed firm data and selected 9 firms in total.
We asked them for information about their business models, market abuse risks and arrangements for detecting and reporting market abuse. We reviewed documentation including policies and procedures, risk assessments and relevant management information. We then undertook supervisory visits to 7 of the firms to look at their risks and controls more closely.
We set out our findings below. These are based on observations from the firms we visited but will be of interest to all CFD providers.
Our overall findings from the peer review were largely positive. All firms have surveillance in place to detect insider dealing, most of which we considered effective.
We did observe some weaknesses, such as the lack of consideration of market abuse risks in non-equity asset classes and market manipulation, leading to gaps in surveillance. Compliance with SYSC 6.1.1R is also a key component of this review.
We found significant improvement from firms in meeting this obligation; firms are generally acting appropriately in dealing with clients of concern, but many firms lack a formally documented framework.
While most of what we found was positive, this publication focuses on areas requiring improvement.
Market abuse risks
All firms recognised insider dealing in single stock equities as the predominant market abuse risk. However, not all firms could demonstrate they had considered all market abuse risks relevant to their business. Firms that could do so had a market abuse risk assessment which documented that they had considered different market abuse risks. Two firms had documented an assessment of the policies and procedures for market abuse, rather than an assessment of the market abuse risks applicable to the business.
All these firms offer CFDs and/or spread bets in non-equity asset classes, but there was little consideration of these in their market abuse risk assessments and limited detail about market manipulation in all asset classes. Two firms split out different types of manipulation in their risk assessments, considered how the risks differed depending on trading platforms and trading method and documented why specific risks were less relevant for their businesses.
To maintain effective arrangements, systems and procedures to detect and report suspicious orders and transactions, firms need to understand how they could facilitate market abuse. If done properly, undertaking a risk assessment is an effective and efficient way of achieving this. It enables a firm to document all the market abuse risks that apply to its business and consider what monitoring it needs to detect them, in a structured and comprehensive way. A general assessment of market abuse policies and procedures does not achieve this.
Although the risk of certain types of market manipulation may be lower for this sector, others may still be relevant. These include order-based manipulation where clients have direct market access (DMA), indirect manipulation through firms’ hedging activities where clients may or may not be aware their orders will be replicated in the underlying market, and clients using other firms to manipulate prices in the underlying market and profit using CFDs and spread bets. The risk of manipulation can also differ within asset classes as well as between asset classes. For example, whether client trading in less liquid stocks, such as AIM stocks, could offer a greater opportunity for manipulation.
Similarly, firms should consider how or if it is possible for market abuse to occur in other asset classes via CFDs.
Firms which had considered the entire business, all asset classes and different execution methods were more effective in identifying applicable risks.
Market abuse surveillance responsibilities
All firms had policies and procedures setting out roles and responsibilities for market abuse surveillance and for investigating and escalating alerts from their surveillance systems. In some firms, responsibility for surveillance rested with both the front office, as the first line of defence, and a Compliance function that independently reviewed surveillance alerts. In 1 firm, the middle office performed surveillance, while Compliance undertook half yearly quality assurance reviews. In some firms, responsibility for all surveillance, or aspects such as market manipulation, rested solely with the front office.
All firms had a procedure to escalate alerts where suspicion cannot be mitigated and the person responsible for Compliance Oversight (the SMF16) at all firms was the ultimate decision maker on whether to submit a STOR. Only 1 firm was undertaking quality assurance checks on reviewed surveillance alerts.
We often see responsibility for market abuse surveillance resting with an independent Compliance function. For smaller firms, it may be proportionate for responsibility to rest with teams or individuals outside of Compliance. Where this is the case, firms which had considered conflicts and mitigated them though independent oversight and quality assurance had more effective surveillance arrangements. Even where there are no conflicts, firms which undertook independent quality assurance on alert handling also had more effective arrangements.
All firms used an in-house solution for insider dealing surveillance, with 1 using it in combination with a third-party system. All used one or more of price movement, profit and news event in a variety of combinations, to trigger alerts. One firm had 3 independent alerts for each of those. All but 2 firms considered both realised and unrealised profits. Firms used a variety of lookback periods for their insider dealing surveillance, which ranged from 30 days down to as little as 24 hours. One firm had a process to review all client trading prior to an event, and not just the trades flagged by the surveillance system or internal referral.
One firm had compliance-based market manipulation surveillance. The remaining firms relied on their trading desks to detect market manipulation with little or no independent oversight from Compliance. Most firms did not have effective surveillance for non-equity asset classes.
Most firms could demonstrate their insider dealing alerts were largely effective, irrespective of methodology. One area of concern, however, is where firms do not monitor for unrealised profits, either specifically, or by capturing them via discrete alerts, such as news or price movement, which operate independently of profit. There are circumstances where clients may not necessarily close positions quickly. Where this happens, and firms do not consider unrealised profits, they will fail to identify potential market abuse. Firms that have not adequately considered how long inside information might exist for and use a ‘lookback period’ that is too short may also fail to identify instances of suspicious trading.
The firm which reviewed all trading activity prior to an event, rather than limit investigation to the alerted trading will be more effective at identifying potential market abuse which falls outside of the system parameters.
Firms should consider whether their surveillance coverage is adequate for market manipulation and in non-equity asset classes.
Surveillance – market manipulation – narrowing the spread
A focus of our review was ‘narrowing the spread’, a type of market manipulation that we believe may be increasing. This activity aims to influence the prices of spread bets or CFDs by narrowing the spread in the underlying market, typically in illiquid stocks. Orders are placed on the order book via a DMA broker (using either CFDs or cash equities) to buy (or sell) a security at prices higher (or lower) than the current best bid (or offer). This narrows the spread of the security and leads to a change in the execution price of the CFD or spread bet, which is based on the underlying instrument. The same (or connected) participant then trades in the opposite direction, in larger size, in a related derivative such as a CFD, often at another broker, benefiting from the improved price. The DMA order is typically cancelled before it trades.
Some firms were not aware of this activity, but most were, with some having submitted STORs. However, no firms had listed this behaviour in their risk assessments or had Compliance-based surveillance to detect it. Trading/hedging desks which monitor profit were sometimes directed to flag the activity to Compliance. One firm’s trading desk used reports to trigger alerts where clients were consistently making profits opening and closing positions in a short time frame.
This type of manipulative behaviour can involve multiple brokers and sometimes multiple clients. CFD providers are often at the centre of this activity and so are key to identifying and reporting it. Although relying on trading desks to detect this behaviour may have proved successful in some instances, firms could consider whether surveillance alerts would more effectively and consistently identify it. If a firm identifies narrowing the spread as a relevant market abuse risk, a complete and accurate risk assessment document would include this as a risk. Firms providing DMA access to clients should also be aware of potentially unusual activity where clients are improving the best bid or offer – particularly if using very small order sizes – and rarely executing those orders, as a potential indicator of narrowing the spread.
Surveillance alert investigations
When reviewing alerts for insider dealing, some firms placed significant weight on factors such as increased option volumes, financial blog articles and bulletin boards, analyst recommendations and stock sentiment. In some cases, they used one or more of them as the sole mitigation, without considering the client’s trading history. Other firms considered these factors and others, but always in conjunction with a review of the client’s trading history. For example, if the activity was in line with the client’s usual trading pattern, if they had traded the stock or sector before, the size of the trade and the nature of the execution.
Some firms routinely captured data on clients’ IP addresses and advertising IDs (unique user ID assigned to a device) and used this data to identify potential collusion or links with previously off-boarded clients when investigating suspicious transactions. Although firms were generally aware of the existence and purpose of IP addresses, not all firms knew of the existence of advertising IDs, or the benefits of capturing and using this data.
Factors such as increased option volumes, blog articles, analyst recommendations, and stock sentiment may be relevant when creating an overall picture of a client or event. However, a client’s trading history is also an important factor to consider to sufficiently assess reasonable suspicion of market abuse. For example, when firms look at the publication of a blog article, or increased options volumes, considering the probability of a client consistently trading only in those stocks where a blog article/increased options volume was followed by a significant news story and movement in price would be helpful in detecting market abuse. Firms need to also ensure they record the rationale for their mitigation.
Firms should use all relevant information available to them. Firms which used information such as IP addresses and advertising IDs were more effective in identifying suspicious clients and connections. This data can also be helpful at client onboarding, to identify undisclosed client relationships and support the firm’s SYSC 6.1.1R framework.
Formalising procedures, including those relating to the investigation of alerts, will assist in ensuring consistency. This is particularly important given the industry’s apparent state of flux, with firms trying to grow or diversify and the turnover of Compliance staff.
Front office and the tipping off risk
Compliance was generally reluctant to provide feedback to front office staff on surveillance matters due to concern about tipping off. For example, if trading activity was identified by a surveillance alert, which potentially should also have been identified and raised by front office but was not, firms told us they would not query or provide feedback to front office. Conversely, we observed one firm routinely involving front office in STOR submissions, without considering whether they ‘need to know’.
Front office staff were reluctant to refuse an order from a client or execute a trade, even if they believed the client was seeking to trade manipulatively or based on inside information. Again, this was out of concern for tipping off the client.
Firms need to strike the right balance when engaging with front office on surveillance matters. The submission of a STOR should only be shared on a need-to-know basis, but this should not prevent Compliance challenging and educating front office staff where the front office has not identified or escalated suspicions about a client. While a level of caution is understandable, firms have found it helpful to use real-world examples to improve staff understanding of obligations.
Where front office holds information which leads them to conclude that a client is seeking to trade either manipulatively or based on inside information, they should refuse to accept that order, where they are able to do so. Relevant Compliance policies should be clear and appropriate action taken if they are breached. Guidance on this is set out in the FCA’s Financial Crime Guide, 8.2.3. Front office should also escalate to Compliance to consider if a STOR for attempted market abuse is needed. Any STOR submission should not be disclosed to the client.
Next steps for CFD providers
CFD providers should consider the points we make in this Market Watch. Firms should take steps to ensure that their systems and procedures for detecting and reporting potential market abuse are appropriate and proportionate to the scale, size and nature of their business activities. Firms should also ensure they have effective policies and procedures to counter the risk they are used to further market abuse-related financial crime as per SYSC 6.1.1R. We will continue to visit CFD providers and other firms to assess their STOR arrangements and work to ensure they meet their regulatory obligations.