Auditing the Trade Surveillance Ecosystem
Trade surveillance encapsulates the processes and procedures that help financial institutions detect and prevent trading rule violations. While various regulations push for increased scrutiny and security, MAR and MiFID II notably have far-reaching implications for trade behaviour, post-trade surveillance and pre-trade risk controls checks. Firms must demonstrate effective surveillance for many aspects of a trade in order to prevent market abuse.
Focusing on providing surveillance for one area of a trade but neglecting another is dangerous as they can negatively cross impact each other, which would eventually come at a cost. Catching trade issues on a post-trade basis only, with underperforming pre-trade checks, leads to larger issues down the road and unpleasant calls with the client. Firms need to be careful to comply with all regulations and ensure that trade surveillance is up to par for all potential requirements. MiFID II is a EU-centric regulation but its effects are felt across the globe. Most firms wisely use best practices derived from this regulation globally, even if the scope of the regulation is regional.
The end result is that firms have multiple systems that controls can control the trade. There is no single holistic solution that houses post-trade surveillance, voice and email surveillance systems and pre-trade risk controls and there may never be. Firms are forced instead to run multiple projects to audit the myriad trade surveillance and pre-trade controls they have in place.
Many firms have governance systems in place to organize and keep track of the audit efforts, however, they can be greatly improved by automatically auditing and reporting on the state of the trade surveillance and control systems.
Trade Surveillance Ecosystem Challenges
The challenges posed by MiFID II and MAR are far-reaching and each regulation comes with its own set of issues. For example: on a pre-trade basis, controls need to be regularly tested and audited, a task made more complicated by the fact that firms usually use several pre-trade control systems. This process in turns causes a need for multiple firm experts who are familiar with the pre-trade system and can perform the checks and audits. Very few firms have a unified pre-trade control system working across asset classes although some banks have started implementing such a system across some asset classes.
Myriad ‘voice’ challenges present another surveillance dilemma, especially for phrase determination. A list of which phrase or phrases that best indicated potential market abuse is recorded and surveillance is run to detect those phrases amid background noises, which can produce false positives. Languages and accents can also negatively influence the audit: most systems only work with spoken English and cannot detect potential for market abuse in Chinese or Portuguese. Even with spoken English, accents can induce recognition issues. As a result, false positives are a relatively frequent occurrence and can cause firms to spend a lot of time and resources performing customizations.
Challenges with trade data repositories can also arise as several data repositories are often created and maintained and the same information is often therefore duplicated. Data that has been produced to satisfy one regulation may not be in the correct format or may simply take too much time to retrieve when producing a report for another regulation.
Firms are far from a holistic trade surveillance approach because most tools currently focus on one area, such as post-trade surveillance, at the neglect of other areas such as behavioral surveillance with voice + email surveillance or pre-trade surveillance.
Creating a tool that can bridge multiple areas can be technologically very difficult due to the disparate systems used, the various applications in place and the multitude of formats the same data must use for reporting. This in turn, cause even more difficulties when it comes to auditing the trade surveillance ecosystem and ensuring it is adequately covering the firms vis-a-vis its multiple regulatory obligations.
What the Banks Are Using…For Now
Auditing the whole surveillance ecosystem is challenging but necessary. The MiFID II-mandated audit of pre-trade controls is often done manually, and across the banks, these practices are almost always manual, resource-intensive and error-prone. Typically, the audit is a standalone exercise followed by a remediation project that is usually not automated.
A few firms have attempted to automate the audit of the surveillance ecosystem. Usually, banks will set up an internal workflow based on the checks that they already perform manually. The workflow is nothing more than a sophisticated reminder prompting various participants at pre-defined times throughout the year to perform an audit on one or several areas of the trade surveillance ecosystem and report the results to a central repository.
Although a formidable step-up compared to the completely manual approach, the workflow approach still has large issues. The audit itself is not automated as an employee still has to perform the checks manually. The output of audit reports is still the large collection of Excel spreadsheets and PowerPoint documents that are filled manually and can be difficult to follow and unwieldy to organize and read. Finally, changes to the trade surveillance ecosystems are not audited immediately. It may be a few weeks or months between when a change is made and when the tool prompts for auditing the area that changed.
Holistic Trade Surveillance: automated audit
RegTech companies such as Oxial offer a few solutions but the initial challenge remains integrating the requisite tools within the financial firm’s infrastructure and trading architecture. Also, some tools do not cover aspects of trade surveillance, such as pre-trade risk controls. Finally, implementing such tools does require a considerable effort to break down the siloes between voice and email surveillance, pre-trade risk controls and post-trade surveillance.
Automated audit (and reporting) of the trade surveillance ecosystem should and can be pursued. Financial firms have made considerable progress towards ensuring compliance and should now focus on automating checks and audits and reporting on those surveillance systems and controls.
GreySpark recommends starting small and demonstrating the benefits in one area before starting in another area. Starting with the automation of pre-trade control checks has proven to be a great way to start the journey for a few of our clients.