We are a short step away from July 3, 2016 and the implementation deadlines for the European Union's Market Abuse Regulation (MAR) and Directive on Criminal Sanctions for Market Abuse (CSMAD). Due to the layers of complexity with MAR, it is likely that the journey to compliance for these new regulations will reach past July and into 2017 for the majority of financial institutions.
MAR / CSMAD applies the term 'Market Abuse' as an umbrella that covers 'insider dealing', 'unlawful disclosure of inside information' and 'market manipulation'. Each of these areas is additionally defined by ESMA guidance, and therefore firms should have already translated these into a well-defined roadmap that addresses changes to systems and controls, policies and procedures, and finally training and surveillance.
However, for any regulatory roadmap to be effective, firms will need to work from a detailed risk assessment of their trading operations which will often span multiple regions, numerous asset classes, venues, and trading protocols. For large firms, it will feel like a herculean task to take the global trading view and run it through the lens of centralisation and at a level of standardisation that satisfies the MAR requirement to 'have in place a system which is capable of the analysis of every transaction and order, individually and comparatively, and which produces alerts for further analysis.'
As part of this risk assessment and standardisation, each element of 'market abuse,' must be considered in order to accurately scope the necessary requirements on firms: For 'Insider Dealing', firms will need to feed trade and order data into their automated surveillance system (assuming they have one). This will require collecting data from disparate systems whilst ensuring the format can be read intelligently by a system designed to use advanced detection techniques to analyse market events against trading and order activity which can then be used to make an assessment on whether there has been actual and/or attempted insider dealing.
Firms will also need to ensure they do not engage with insider dealing linked to inside information legitimately received into their firm. Then there is the job of detecting trades or orders based on inside information that may be flowing through unofficial channels -- for example, traders using chat to grab some juicy tidbits from the table.
A risk-based approach will help firms with monitoring this broad view, but firms will need to ask themselves if they have a fully matured understanding of where the risks are. Do they know their bad apples? Have they really analysed all lines of communication for what an old colleague of mine used to call 'inconvenient truths'?
To detect and monitor unlawful disclosure of inside information, firms will need to ensure they have mapped their inflows and outflows of inside information and are effectively monitoring all lines of communication. The first part includes a risk assessment benchmarked against the definition of inside information. It would be precarious for any firm to make high level assumptions that they don't handle inside information, as it can be dangerous to have lax controls in the event that the firm does have information ultimately classified as 'insider.' The second part of the process could well require new technology capable of sifting through massive data sets from the various communication channels in a firm including voice, email, chat and social media.
Conversely the ability to connect relevant communications to surveillance alerts will also speed up T+1 analysis and post trade investigations.
If a firm works with issuers, they will also have to maintain an insider list that tracks 'inside information relating, directly or indirectly, to the issuer'.
Considering the legal, regulatory, financial and reputational impact of either insider dealing or misuse of inside information a firm should also connect their insider lists to the analysis of trade and order data. After all, an external investigation making these connections will have the benefit of hindsight as ESMA say 'Insider lists are an important tool for competent authorities when investigating possible market abuse.'
The last element hidden under the umbrella is market manipulation. Any markets surveillance solution that addresses this should offer depth and scale to monitor large amounts of trade and order data to intelligently search for suspicious activity covering actual or attempted market manipulation. The list of manipulation 'indicators' described by MAR, and expanded on by ESMA, is considerable and will need intelligent analysis and tailoring if firms are to produce quality suspicious transaction and order reports (STORs) to their competent authority. Firms will also need to apply advanced analytics to connect disparate information from different venues as well as correlating and assessing related financial instruments.
Clearly, there is a lot of work to be done, and a lot of complex strategies that must be put in place over the coming months to address these issues. So as the cloud of MAR and CSMAD moves closer, we hope your own umbrella covers effective risk strategies and surveillance technologies that help you structure an assessment of this difficult environment.