By Joe Schifano, Head of Global Regulatory Affairs, Eventus.

Regulators are changing tack. Significant enforcement actions demonstrate an increasing focus not just on whether market abuse occurs, but whether firms’ surveillance capabilities and internal processes are fit for purpose.

One notable case this year involved deficiencies in wash trading surveillance practices. Despite utilizing modules from its vendor, the firm struggled with excessive false positives and could not adequately justify why it selected certain surveillance modules while omitting others. The regulatory focus here was clear: firms must deploy appropriate and complete surveillance modules, tailored to detect market abuse patterns like wash trades. If certain modules are not used, firms must be able to demonstrate why these exclusions are appropriate.

Elsewhere, a large financial institution faced enforcement action for repeatedly failing to accurately report millions of swap transactions over a five-year period. These issues stemmed from data ingestion problems, where the firm’s systems failed to capture and report critical trade data. Despite being subject to a prior regulatory order for similar deficiencies, the firm had not implemented adequate controls to prevent future occurrences. This enforcement action highlights the regulatory expectation for sustained compliance efforts, especially following remediation agreements.

Similarly, a global financial firm missed surveillance of billions of orders across multiple global trading venues over a period of several years. The firm’s surveillance system failed to ingest direct-from-exchange data, leading to major gaps in trade monitoring.

Lastly, another global financial firm permitted continued placement of problematic orders near the close for months despite receiving multiple warnings from the regulator. In this case, the surveillance tool is cited for both erroneous programming and a lack of follow-up to repeated service requests from the firm.

Unpacking key enforcement trends

While all cases are unique, there are overarching trends that demonstrate where legacy surveillance systems are currently falling short.

Anecdotally, these enforcement actions collectively suggest that regulatory examiners appear increasingly focused on how firms manage internal controls and compliance procedures. This emphasizes the need for surveillance systems that can automate and enhance internal compliance reviews, helping firms stay ahead of regulatory requirements and avoid costly enforcement actions.

Yet one of the core issues across all of these enforcement cases is alert adjudication, with the process by which firms investigate and close alerts now under heightened scrutiny. Regulators are increasingly looking at whether firms can demonstrate a clear, documented process for handling surveillance alerts. The problem is that many firms are struggling with the volume of false positives, often caused by poorly configured thresholds or overly conservative alert settings.

This brings us to another area of concern: the calibration of surveillance tools. As seen in several enforcement actions, misconfiguration of surveillance tools can lead to an overwhelming number of false positives, which drain resources and hinder the ability to identify genuine market abuse.

Supervisory controls are also in the spotlight. Regulators have made it clear that firms must regularly review their surveillance processes to ensure they remain effective. In one case, a firm’s failure to capture billions of order messages over several years was traced to inadequate supervisory controls. In another, a hard-coded error in a surveillance procedure persisted for a long-time.

Empowering firms to proactively mitigate risk

As firms look to navigate heightened regulatory scrutiny in the U.S. and across other jurisdictions, firms must ensure that their surveillance systems are not only comprehensive but also flexible, auditable, and capable of handling complex trading behaviors.

This demands various capabilities across their surveillance programs to overcome ongoing challenges:

• Automation for efficiency: Automating routine alerts allows analysts to focus on exceptions and more complex cases. For example, automatically reviewing routine alerts based on bespoke compliance logic reduces the number of false positives and cuts down on manual work.
• Customization and flexibility: Programs must allow for flexible configuration and deep customization, enabling firms to fine-tune their surveillance thresholds according to their unique risk profiles, trading behaviors, and market conditions.
• Real-time data ingestion and accuracy: A key issue in several cases has been the failure to capture and report data in real-time. Systems must ensure that all relevant data is captured in real-time and that there are no gaps or delays in the ingestion process. Regular system audits and fail-safes should be built into surveillance programs to prevent such issues from occurring.
• Sustainability and audibility: The increasing regulatory focus on sustainable and auditable processes places the onus on firms to easily demonstrate their compliance efforts during regulatory audits. This requires clear audit trails, documented processes, and the ability to generate reports that show how alerts were handled from inception to closure.

As a trade surveillance vendor with an experienced team of former CCOs, we endeavor to anticipate emerging trends in surveillance requirements. We have worked closely with firms to ensure they are equipped with the tools they need to effectively mitigate risks highlighted in the risk assessments—while improving the overall efficiency and effectiveness of their surveillance programs.