MAD about MiFID – market abuse in the new market

The 3rd January 2018 is a date that looms over financial firms, like a dark and ominous cloud they have to face in the not-so-distant future. On this date firms and regulators alike will be required under MiFID II and MAD II to monitor more transactions and to store more detail for each trade than ever before. Kate Koval (Business Consultant, GFT), analyses exactly what is changing and just what role technology can play.

What is changing?

The Directive on Criminal Sanctions for insider dealing and market manipulation (CSMAD) and the Market Abuse Regulation (MAR), together known as MAD II, is a review that is happening in tandem with an all-encompassing market structure review under MiFID II. The UK and Denmark have opted out of the Directive part of MAD II, however, this by no means relieves their market participants from criminal liability. In the UK, insider dealing and market manipulation are criminal offences under the Criminal Justice Act 1993 and the Financial Services Act 2012. The MAD II regulation applies directly in all EU member states in an attempt to harmonise the approach across Europe and to avoid the possibility of regulatory arbitrage.

The new Market Abuse rules come into force on 3rd July 2016, some 18 months before MIFID II, giving firms almost a perfect ‘user acceptance testing’ (UAT) environment until MiFID II is in force, enabling them to iron out any issues, install new systems, adapt them to detecting new offences (and soon-to-be outlawed trading strategies), and be ready for monitoring the 100-fold expansion in financial instrument and new trading venues that will be ‘in scope’ come January 2018. As a result of the expanded scope of MAR, the UK’s Financial Conduct Authority (FCA) expects that the number of suspicious transactions reports (STRs) they receive may significantly increase from January 2018 onwards. Financial instruments that are in scope are expected to change continuously, with an indicative list available on ESMA’s (anticipated) online portal.

MiFID II proposes to monitor transactions in order to identify rule breaches, disorderly trading and potential market abuse, and requires all market participants to report such conduct to their competent authorities, as well as to assist competent authorities in investigating and prosecuting market abuse. Meanwhile, MAR defines inside information (art.7(1)), including a ‘reasonable investor test’, insider dealing (art.8(1)), extending it to ‘attempted offence’ and cancellation of orders, and market manipulation (art.12(1)), whilst listing out examples of prohibited behaviour.

The ‘whistleblowing’ provisions in the new rules are significant, albeit not new for the FCA who already published updated provisions in late 2015 and have already indicated that they will not be offering rewards for any ‘tips’ or ‘whispers’. This is in stark contrast to the USA, where in 2015 alone the SEC paid out $37 million in rewards for tips that lead to enforcement actions; however, from a total of 4,000 whistleblower tips investigations, fines of only $1 million were enforced.

Another new rule which comes into effect is establishing employee transaction surveillance, and includes a personal transaction threshold which, when reached by a ‘manager’, will require that the regulator is notified. In April this year in their consultation feedback, the FCA have confirmed that a manager’s transaction above an annual £5,000 threshold will have to be reported, thus choosing a lower threshold (from a maximum of €20,000)

A place for sophisticated technology?

When it comes to market abuse, technology tends to be a ‘double-edged’ sword – it is both a threat and an opportunity. The regulators are tightening up rules because technology advances are seen as a threat to the fair and stable functioning of the market. Meanwhile, both firms and the regulators are looking to technological advances to detect and prevent crime.

High-frequency and algorithmic trading (HFAT) has come under particular scrutiny, with more onerous requirements to identify both the client and the trader or algorithm ID that is responsible for the investment decision. It is well understood that HFAT has been responsible for periodic “flash crashes” and market manipulation at scale. Thus MAR identifies a number of HFAT strategies that will be considered as market manipulation – collusion, floor/ceiling price pattern, ping orders, phishing, abusive squeeze, inter-trading venue manipulation, cross-product manipulation, ‘painting the tape’, improper matched orders, concealing ownership, wash trades, trash and cash, quote stuffing, momentum ignition, layering and spoofing,  no intention of executing orders, excessive bid/offer spread, advancing the bid, smoking, and ‘pump and dump’ (MAR Art 12(2)(c)). Meanwhile, MiFID II requires that firms have in place systems and controls that monitor such behaviours and are able to prevent disorderly markets.

However, once again, the regulators seem to be one step behind the industry. A new phenomenon is appearing on the market – robo-advice (financial advice given by an algorithm). Its capacity to impact the market on a large or unpredictable scale is yet to be seen and not explicitly covered by the current definition of investment recommendation: ‘advice given by a person’.  However, the regulators are not far behind; a joint committee of the European agencies are already consulting to cover any loopholes.

As for the business opportunity, we once again resort to cutting edge technology, such as machine learning, algorithms, and Big Data. One of the primary challenges here is to avoid duplication of systems and infrastructure that firms will require to monitor and report transactions under EMIR, MIFID II and MAR, which are all functionally similar and in many ways an overlapping set of regulations.

This seems to call for a solution that is capable of querying heterogeneous data storage sources, whilst providing a homogenous feedback. It is worth noting that the FCA is itself subject to similar reporting liabilities, thereby facing similar reporting, data processing and storage challenges as the financial institutions themselves, but on an even larger scale. The FCA is likely to be seeking out sophisticated technologies to sort and interpret the expected high volumes of data.

Herein lies a strategic opportunity for cost saving, by joining up the reporting systems with the monitoring systems, using legal entity identifiers (LEIs) and unique trade identifiers (UTIs) in a more strategic way beyond minimum compliance, with the added benefit that such an approach may also confer a more holistic view of one’s own data and naturally a multitude of commercial opportunities.


Going beyond mere regulatory compliance, firms that are thinking strategically to get ahead of the competition will also be more likely to be those that are examining Big Data and artificial intelligence. Considering that the volume of data amassed by firms and the regulators is set to explode once the two regulations have come into force, identifying suspicious transactions amidst this behemoth of data is going to present the next major challenge. The unprecedented data volume increase makes the challenge much more pressing, compounded by the fact that the problem is now two-fold. Firstly, classification – what is suspicious or unusual? Secondly, identification – how can a suspicious trade or conduct be represented algorithmically so as to automate the process? Answers to both of these questions rely heavily on the bank’s own interpretation of the data.

Meanwhile the regulators will expect collaboration from the banks in case of any investigation, which means that the identification and retrieval of the correct data becomes the next big issue. As witnessed during the LIBOR investigations, the speed of response is a problem. In terms of the regulator’s expectations when it comes to the degree of collaboration, the picture is not clear; however, we can make some judgements based on the expectations expressed so far. The FCA, in its first consultation on MiFID II suggested that, in case of an investigation, it will expect a firm to respond to HFAT related inquiries (algorithm owner, testing, investment strategy) within 14 days of the request – a relatively quick turnaround for such a complex area. Simpler requests for potentially voluminous transaction data or characteristically unstructured client-related data will also be expected to be readily available.

Whilst market abuse regulations are just around the corner, finding an effective solution to store, retrieve and analyse data before the 3rd January 2018 deadline might just be feasible. Whether it is a matter of time or of specific solutions that are chosen is anyone’s guess; what is clear, however, is that appropriate solutions are out there – you just need to make sure that your lead architects are well informed and on top of the latest developments.

A version of this blog appeared on Finextra.


Hybrid and multicloud

Learn how cloud and multicloud drive transformation!

Download now