On 12th October 2020, Julia Hoggett, the Director of Market Oversight for the FCA, gave a speech at the City Financial Global Event. For the most part, her remarks were not unexpected. Nobody was surprised to hear that the FCA encouraged continued vigilance and compliance with respect to monitoring and reporting market abuse. However, she suggested that how we surveil for non-compliance needs to change in response to how COVID has transformed our lives.
“Whilst the fundamentals of the market abuse offenses are constant, the ways in which the risk may manifest are not. The manner of surveilling for them must, therefore, also change,” said Hoggett. That statement invited commentary. So, we reached out to several financial experts to ask them to respond and share how they interpreted this conclusion by the FCA.
Some things never change
But first, let’s look at those aspects of financial operations that remain constant despite perturbations of various forms. One constant is that there have always been – and there always will be – people who try to game the markets to their advantage. Such people, with questionable morals and often a blatant disregard for the law, continue to develop increasingly clever ways to mask their financial fraud and to outpace the advances made by the industry’s watchdogs tasked with thwarting such efforts. “Market conditions have created a convenient environment for new ways of insider dealing and market manipulation,” said Magdalena Glowacka, business solutions consultant, FIS Global. Elaborating further, she added, “eComms monitoring poses challenges as working from home now allows for less controlled use of non-recorded and non-monitored devices. Therefore, intelligent communications monitoring platforms must be able to easily identify anomalies such as a drop-in conversation volume or a spike in the use of new words that were not previously part of the regular dialogue.”
Another constant: regulatory authorities will continue to mandate compliance. Any perceived inability of regulators to uphold “clean” standards for financial operations will send markets reeling and that perceived breach of trust will be an open invitation for nefarious activity. “An inability to safeguard the public trust through rigorous enforcement of compliance could lead to another financial crisis that ultimately would affect every one of us,” said Glowacka. Additionally, authorities will continue to amend and expand existing regulatory requirements to reflect the adjustments needed in response to market shifts. One could successfully argue that amended guidelines, and/or the initial development thereof, will likely continue to lag advances in financial technology.
Glowacka offered these additional insights in response to Hoggett’s speech, “The regulators have made it clear: the grace period for ‘half-way’ market abuse monitoring solutions is now over. Seven months to make the necessary arrangements to support remote monitoring seems like a long-enough time, but only if the technology is agile, flexible and scalable enough to support work-from-home. If not, it is time to act. Today, regulators require dynamic risk assessment technology that offers more than just ‘out of the box’ detection scenarios; it must be versatile as well as intuitive.”
Aviv Handler, managing director, ETR Advisory Ltd., echoed those sentiments, “Hoggett’s speech recognizes the challenges that firms have faced in terms of market abuse risks and monitoring due to the working practice changes precipitated by COVID-19. Risk has changed in form and so have the ways in which firms monitor for that abuse. One message is clear: enough time has elapsed since the onslaught of the pandemic began for firms to have adapted their policies, procedures and technology to meet the needs of the new working world.”
Other things need to change
The risk for market abuse, especially insider trading, has always been the elephant in the room. Of course, each financial firm goes to great lengths to instill ethical behaviors in its employees. Policies are drafted, rolled out, routinely refined, and redistributed. Employees are required to participate in dry but essential financial compliance certification programs.
On the flip side, employees (surprisingly, only a small handful given how vast the industry is, yet it only takes a few bad apples to spoil the lot) are seeking ways to beat the odds of getting caught. Loopholes in compliance guidelines, particularly around e-Communications (e-Comms) are ripe for exploitation. Case in point, Konstantin Vishnyak, a former trader employed at a Russian Bank, was found not guilty in September 2020 by the London Court. He had been accused of destroying evidence; more specifically, the London police offers who arrested him witnessed him deleting his WhatsApp account on his personal phone as he was being brought into custody, yet he could not be charged for doing so.
COVID has accelerated the change that has been needed in the financial industry for some time. Nearly all other industries have embraced digital transformation with data migration to the cloud. Banking, however, has lagged in this regard. It took a global pandemic to force the financial services industry into shifting from an archaic system of paper trails and digital archiving to reexamine its operations and consider the best practices established in other industries.
The coronavirus also shifted workers, formerly under the watchful eye of Compliance Officers who walked the floor and leveraged electronic and camera surveillance systems to monitor workers’ activities, out of the office and into their homes. Mid-March and April were fast and furious months for Compliance Officers who struggled to regain some modicum of control and distance monitoring that enabled the economy to move forward yet do so with some level of assurance for financial compliance.
For the first time in modern history, traders had unprecedented (indeed, a word now almost synonymous with COVID) access to insider information. Market volatility, coupled with increased access to critical details that could result in market manipulation if acted upon, compounded the temptation of non-compliance. Surely nobody would find out, right?
Indeed, in her speech, Hoggett echoed these concerns, highlighting three key themes informing risk assessment efforts: 1) the scale of primary market activity; 2) the heightened challenges of surveillance when markets are volatile; 3) “and the challenges of surveillance driven by our new ways of working and the importance of effective culture to manage those risks.”
Rob Fulcher, the head of sales, Americas, for CUBE, a RegTech focused on regulatory change and intelligence, made this statement, “It comes as no surprise, given recent headlines, that the FCA is turning their attention to market abuse in the time of coronavirus. Julia Hoggett’s speech presents little in terms of drastic change. Instead, Hoggett notes that the FCA is not necessarily expecting more from firms but is instead – at the very least – expecting firms to apply the same standards of conduct, culture and surveillance in the working-from-home (WFH) environment as they would in the office.”
Evgeny Likhoded, CEO and founder at ClauseMatch commented, “It’s not surprising that the FCA is finally formally addressing the risks of market abuse now that the entire financial services workforce is deployed outside of the office. This new reality poses increased risks of insider dealing and market abuse; both being difficult to address solely via technical controls. Mitigating such risks requires firms to keep up with the changes, to ensure that their policies are updated as well as adequately communicated to employees. Only through the combination of technology, policy and education can a culture of compliance and moral conduct be promoted and fostered.”
In practical terms, the FCA’s speech serves as a public pulse-check to ready firms for what comes next. The responsibility to be compliant and the intention of regulatory authorities to take corrective and, in some cases, punitive action towards those who are non-compliant has never waned. Hoggett’s speech nudges firms into a heightened awareness of how risk has changed in light of COVID and our “new normal” and that they should subsequently be shifting their approaches to risk management in response to those changes. Translated more bluntly, those firms who continue to use outdated, legacy approaches for monitoring and detection are at peril and will soon be exposed for their inability to meet regulatory requirements.