Julia Hoggett, the Financial Conduct Authority's director of market oversight, recently outlined her organisation's attitude towards the European Union's Market Abuse Regulation. She was keen to dispel the widespread assumption that market abuse only happens in equities.

This follows on from a speech of hers in November 2017 in which she considered recent developments in the world of market abuse. It also follows on from the recent publication of three FCA Market Watch alerts to do with market conduct and transaction reporting issues, versions 56 (issued in September 2018), 57 (issued in November), and 58 (issued in December).  

Over the past five or so months, British financiers have received a succession of communications from the FCA about the importance of robust market abuse controls. It is evident that the regulator wants to improve standards in the area.

In her speech, Hoggett voiced her concerns about areas in which people were not considering the relevant risks properly. She reminded the market of the basic steps that firms had to take to set up and run comprehensive and effective market abuse systems and risk controls. She thought that a good "culture of compliance" helped firms and their employees spot manipulative behaviour. She went on to say that the FCA wanted market participants to ensure that abusive behaviour did not occur in the first place because, by her reckoning, a detective system could never be as effective as a preventative one. She made the following main points.

• The tone must be set from the top. Hoggett said that she believed in the importance of firms having a 'good' culture.
• Failure to observe proper standards of market conduct is bound to entail a breach of the conduct rules to be found in COCON and the Senior Managers and Certification Regime or SM&CR. Hoggett also said that the FCA 'recognised' certain codes of conduct in the financial services industry and thought that firms should be active in 'demonstrating' (presumably to visiting regulators) that they complied with such.
• The detection and prevention of financial crime, by establishing appropriate systems and controls and submitting suspicious transaction report and order reports, is important.
• Every firm is obliged to assess the likelihood that financial criminals might use it. As previously suggested, the starting point for this should be detailed and thoughtful risk assessments, underpinned by appropriate systems and controls. Hoggett stated that “firms need to undertake a proper assessment of the nature of their businesses, the market abuse risks that may arise as a consequence, and the systems and controls that are most suited to mitigate those risks.”
• Everyone ought to remember that "market abuse risks" can become apparent in a variety of circumstances, especially when a firm is going from private to public (i.e. when its shares become tradeable on the open market) and vice versa. Similarly, firms ought to control (and watch out for) information leakage externally, as well as within their own walls.
• Education and training are important. Every firm ought to make its all its employees, regardless of their seniority, understand the consequences of certain types of behaviour and know about market abuse.
• Firms ought to make appropriate and proportionate governance and organisational arrangements with regards to market soundings and inside information. They should minimise the inappropriate dissemination of information by their people.
• Firms often overlook (and fail to review) the risks that pertain to people's access to information. They should think critically about the front-to-back information management controls that they ought to have in place. The FCA has provided the following four questions for each firm to ask itself when making this assessment. (i) Do we think appropriately about the conduct risks that pertain to the holding of inside information? (ii) Do we have the right protocols in place to determine who the insiders should be and do those insiders understand their responsibilities to the full? (iii) Have we though carefully about who should have access to that information? (iv) Finally, do the systems and controls truly offset the risks that people might misuse that information?”
• It is important for firms to be proactive when they monitor the personal account dealing trades that employees undertake. In addition, firms should consider the risks and conflicts that may arise with personnel who ‘follow’ the trading behaviour of their clients. They should ask why those employees are imitating those patterns, what they might want to gain and whether the firm has a strong enough risk appetite to allow this practice to take place. This is an area where the FCA sees a significant risk to firms' and employees' ability to comply with its rules.
• Pre- and post-trade controls and surveillance are equally significant. Of course, such surveillance ought to be bespoke to the nature, strategy, and instruments traded by the firms in question.
• A reminder that market abuse surveillance should not be limited to equities and instead must consider all instruments that the firm in question trades. The FCA has stated on a number of occasions that the industry has not responded to this fully, although it does realise that it has taken some positive steps. Improvements have been made in the Fixed Income, Currencies, and Commodities (FICC) sector, although much more could be done to break the widespread assumption that market abuse only happens in equities.
• All systems and controls implemented by market participants must be effective. For instance, as explained in Market Watch 56, off-the-shelf calibration for alert parameters, or settings used by peer-firms, are not necessarily effective for all firms, due to the unique characteristics of each, as well as of the instruments traded and strategies involved.
• Given the large volumes of executions conducted by algorithms, firms utilising this trading method should review their algorithms in the context of market abuse and the related manipulating behaviours. The FCA cannot hold a computer to account, however can seek to prosecute the people who provided the governance over that computer.
• Of prime importance is technological evolution. The rapid manner in which markets are evolving should be forcing all relevant stakeholders to review their arrangements frequently, so as to keep up with the pace of change and market developments (i.e. the increasing use of technology, data and AI). Although evolution presents opportunities, it also poses risks. A firm’s risk assessment should consider these and the firm should then evolve adequate and up-to-date controls. The FCA promises to remain 'fully focused' on keeping pace with these developments, the better to spot new challenges to the markets and their integrity, and encourages firms to do the same.
• As her organisation said in Market Watch 57, Hoggett told the audience that market-facing employees should not do anything manipulative, such as disseminate misleading statements and impressions. She discussed the terms 'flying' and 'printing' in this regard. Flying, she said, “involves a firm communicating to its clients, or other market participants, via screen, instant message, voice or other method, that it has bids or offers when they are not supported by, or sometimes not even derived from, an order or a trader’s actual instruction.” Printing, on the other hand, “involves communicating, by one of the above methods, that a trade has been executed at a specified price and/or size, when no such trade has taken place”. The FCA expects firm’s risk assessments to take the possibility that staff may be misrepresenting the market to their clients into account.
• The topic of manufactured credit events was also discussed, as it was in Market Watch 58. Hoggett re-emphasised the fact that people had seen plenty of manipulative behaviour in the global Credit Default Swap (CDS) markets and that the FCA considered these activities to be "on the wrong side of the line."

The underlying message from Hogget’s speech is that prevention is better than detection and that this is a job for all market participants and not just the regulator. Firms ought to be alive to the risks that they run in the course of their business and the effect that the never-ending forward march of technology will have on their activities. They have made improvements, but there is still a long way to go.