Trade compliance is only one thing we cover, supply chain risk for commodities is something different we do
In the post-COVID world, supply chain "resilience" is something that everyone is talking about. But supply chain resilience - shortening supply chain lines, increasing transport options, and diversifying suppliers comes with an increasing need to look at what DCM calls the "static/variable supply chain distinction". It is something we have developed after a number of years working with energy buyers, food products and feed suppliers, agricultural products traders, and even major manufacturing companies.
The static side of the equation is that portion of direct (and indirect) spend dollars that can be easily forecasted on a unit cost for one, two or even three years. This is things like staff labor costs per person - you won't be changing their pay during the budget year by an impactful amount outside budgeted numbers. Similarly, your some of your external supplier costs - cost of paper supplies or computers is not likely to drastically change. These products are very amenable to standard strategic sourcing and resilience normative models.
The other side, the variable side, is much more problematic. This would supplies of items like natural gas, diesel fuel, aluminum, interest rate products or corn or wheat. These product may fluctuate dramatically on a daily - even hourly - basis. The measure of that risk of fluctuation is the volatility of prices. Procurement departments that don't look forward to at least observe the markets' expectation of potential fluctuations can be caught in an noncompetitive position by a sudden increase in supply (or decrease in output) prices that were not managed.
So, when you begin to restructure or even reexamine your procurement function in the post-COVID world, first identify the static and variable components. Determine how much impact the potential movement that the market is expecting and gauge the EPS impact of a change that decreases your margin (supply cost up or output side down). If you want to get deeper into the issue, look at the correlation between the supply and output variations and see how likely a negative impact from both sides is to occur.
Redesigning your supply chain just to unknowingly increase the potential negative impacts of procurement of variable components of your supply chain can just install a new set of problems to replace those uncovered by COVID.
If you have questions about how to looks at these issues, feel free to send us an email or call us. The information is on our Contact page.We are happy to chat and see if we can help.
There is a difference between the US and Europe futures markets' disciplinary actions - you should take that into account
When DCM does trade compliance training for non-US firms trading US markets there is often that moment when the client realizes that thinking trading US futures has the same risk as trading EU futures may be very, very wrong. This doesn't have to do with the basic understanding that markets trade differently or that liquidity pools my differ but rather the understanding that the traders - and their supervisors - may have much more direct contact with and risk from US exchange and regulatory enforcement staff.
Let's just take one small example. Since June 1, 2020, ICE Futures Europe has issued 3 disciplinary circulars. All three dealt with brokers ("Members" in ICE Europe parlance) and failures of their procedures for handling customer business. CME, on the other hand, has issued 30 disciplinary or summary action notices in the same period. Of those, 13 were summary action notices - minor infractions by brokers that were even less impactful than the ICE Europe circulars. The other 17, however, only four were for brokers - for fines from $35K to $60K. Of the other 13, eight were actions against individuals four individuals with eight notices total). In three cases, they were individuals being disciplined for actions within their employment (either as brokers or traders) and the fines ranged from $15K to $200K with associated suspension from privileges to act on customers behalf or to trade the market ranging from 32 years to a permanent bar from ever entering a customer order to the exchange. The other individual trading their own account had a $20K fine and a 30 bar from the exchange.
This is a significant departure between operating environments. One has a more collaborative regulatory structure with a rule book oriented toward the Member (broker) being the entity with responsibility. The other environment is one where the individual logging into the trading screen had personal responsibility for trading activity and violations with the firm having strict liability for any action of their employee when trading the screen.
DCM suggests you take that into account when considering how different your oversight and training should be when trading global markets.
The US Department of Justice has issued guidance to prosecutors regarding compliance programs and their connection to the decision to file charges or recommendations for sentencing. Trade surveillance is one of the tools in the quiver but it isn't the only one. DCM published a whitepaper on the prior April 2019 compliance guidance (int eh May 2019 archive of the blog) that laid out the salient points of consideration. There has been a further update in June 2020 that stressed a couple points:
1. Compliance has to be an evolving practice - if reviews aren't undertaken or or no changes result from reviews, it is likely the program is no really effective;
2. Compliance is not considered effective if it is not adequately resourced - the resource needs are dependent on company scope of activities, level of activities, and size. An under resourced compliance program can be just as much a red flag of lack of corporate importance as having none;
3. If compliance activities (surveillance, training, disciplinary actions) has no impact on staff behavior, it probably isn't working effectively. And if compliance isn't tracking the impacts, the company's commitment to compliance is suspect.
This brings us back to trade surveillance. Let's ask the first question - why are you adopting it? Is it to have coverage for a future issue or is to truly understand and control behavior within a corporate compliance system. This leads to what DCM would recommend as the process for determining the trade surveillance need.
First, look at what the trading activity is - how many trades, what size, what markets, how many orders are entered per trade (right here is a big stumbling block for companies - they don't record order level activity), how many traders, how many products traded, how many offices, what hours of the day? This is a long list of questions but it boils down to one simple fact - do you know the size of the risk you are trying to control?
Second, once you have the question of where do your risks arise (and if you don't have a former trader or compliance officer to help, make sure the consultant you use does have that experience - a fresh MBA will read a list of risks and a checklist, that will give you an answer but will it give you the right one?), you need to determine what your compliance risk tolerance is. I have seen clients say "we never want any trade to be entered that could cause a concern for the regulator" - my answer to that is "do really want to stop all trading"? There are perfectly legitimate trading patterns and activities that can raise caution flags. The ability to answer the regulator's questions quickly, accurately, and effectively is a huge advantage and should be your goal. Therefore, the minimum bar for compliance, in DCM's opinion, is the ability to identify and resolve potentially suspect activity at a time when memory is still fresh reagrding the strategy, tactics, and actions. That is where trade surveillance comes in - managing that identification and resolution process.
So, the final step will be identifying what types of suspect activity will be observed, what machine learning or AI can be applied to automate some resolutions (but recognize - that automated resolution is going to be a focal point of a regulator if it turns out the automated resolution has been hiding issues, not resolving them), and what resources are needed to manage the more complex resolutions. Automated trade surveillance that is not properly calibrated can generate hundreds of alerts that need to be resolved - failing to resolve them indicates a lack of commitment, exacerbating rather than controlling the compliance issues.
Saying "we need a system" without this analysis can end up creating more costs while also creating greater exposure under the DoJ guidance. Trade surveillance is not a silver bullet - it is a serious solution that can be immensely helpful if deployed at appropriate scale and complexity, it can be a millstone around compliance operations if done ineffectively.
Trade surveillance of physical trading - first questions, what are you trading and where in the world are you trading it ?
Last week, the DCM blog as on considerations that could influence choosing an "in house" or vendor solution to trade surveillance needs. That discussion really focused on transparent markets (such as futures) much more than physical markets. The closing note was that this week's discussion would focus on physical markets.
The most important questions on choosing an "in house versus vendor data system for physical commodity market trade surveillance are:
1. What physical products do you trade; and
2. Where do you trade these products?
Fairly simple but crucially important questions that may need some further explanation. The starting point is to understand that all of the first trade surveillance systems were emerging from the securities markets - equities and such. In those markets, every product has its own singular product code. So, from a data analysis point of view, it is very simple to have all similar trades in the same analysis buckets - just put every trade with the same code in the same bucket. Voila, you have the filtering done. Shifting from equities to futures is just a matter of expanding your look up table to include a bunch of new product codes. And that was the basis for the first energy trade surveillance software (that market started to emerge in the late 2000's with CFTC settlements that required companies to install trade surveillance). And that is where the roll out hit a screeching halt.
I was SME on one of the very first roll outs. The data model was agile and flexible - the problem was it expected all trades to have a product code. The fun really hit doing global oil where the refined products desk traded US diesel and hitting oil in varying sulfur contents, Europe traded gasoil and, at that time, Singapore was trading products based on centistokes (viscosity). These were all different terminology for nearly the same product. The end result was the necessity to create concatenations of data fields to assemble a "product code". The negotiations necessary to get agreement across desks extended implementation times by orders of magnitude. There were a number of comments on last week's posting that alluded to exactly these questions from others who were also involved in some of these early projects - they have lived through these problems and seen the issues.
Now, fast forward to today. If you trade power and gas in Europe, you likely trade on a Multilateral Trading Facility ("MTF") which has specific requirements under EU regulation. An entity created for regulation of the European energy markets, the Agency for the Cooperation of Energy Regulators - "ACER", published a taxonomy for power and gas markets back in 2015 with the onset of REMIT (Regulation for Energy Market Integrity and Transparency). This led to development of a system for physical energy market product references very similar to futures markets product codes. Voila, the data problem is greatly reduced.
In the US and Asia, however, the natural gas, power, and oil markets have not had the same structure imposed. Therefore, most companies have an idiosyncratic data structure for naming and time bucketing of physical transaction data. Add to that the fact that outside of Europe most regulators do not have access to ongoing reporting of discrete transaction level data as well as any access to order level data for physical natural gas and oil markets (in the US, order level data is available from the Independent System Operators for certain products) and the efficacy of vendor solutions for the physical markets can be severely hampered.
That efficacy issue does not even address the fact that, unlike exchange markets with products codes, a US physical or power market deployment is likely to be a "build from nearly scratch" data problem that is based on your ETRM system data structure, your naming convention for products in your system, and the complexity of transaction structures you trade.
The metals and agricultural markets can have their own complexities. Think about lending precious metals and the start and end date intricacies of those trades. First, how do you create a consistent product code? Second, what regulator has jurisdiction over these trades and how would they have the data to look at them?
In agriculture, think of the variations in moisture, quality, even age of the grain - you may "simplify" those trades into a common grade and quality for risk control but are they really the same trade for trade surveillance? And, just like in metals, what regulator is looking at those specific trades? Wouldn't a more general in house system that looks at the book as a whole and potential physical/financial cross-market influences be a better fit? Is there a vendor system that thinks that way or is a more simplistic in house build more appropriate?
I still get calls today from trade surveillance software vendors in discussion with customers in US physical markets asking why the customer is being very skeptical regarding their claims to handle physical commodity trade surveillance in the US. I go through a very similar discussion as set forth above. The data issue of "building from scratch" the product codes has a real implication in the estimation of installation costs. As noted earlier, the product code issue can add an additional 4 to 6 to 8 month data reconciliation issue in front of any commencement of the implementation - adding significant hard and soft costs to the customer.
For those reasons, DCM believes that trade surveillance development in physical commodity markets - metals, agricultural products, or energies - needs careful consideration of whether a singular vendor solution for physical and financial products is appropriate or whether bifurcation based on underlying data between vendor and in house might be appropriate.
Having run multiple vendor selection "beauty pageants" for customers as well as designing business rules for major trade surveillance software vendors, the answer is not a simple "of course you do". Because there is a simple fact, trade surveillance software automates finding the needle in the haystack. So, the first question is - do you have a haystack that needs to be sorted?
That is not as "well, duh" a statement as it seems. DCM has consulted with clients where they look at our initial data request and say "what does this have to do with anything?"
For example, a primary question is "how many different products do you trade and how many trades do you execute a week or month - both on average and maximum activity"? Let's see why that is important.
Let's assume a buyer is hedging their supply pricing - all of their purchases are index related and they are buying futures to lock in prices. They execute no more than 100 trades per month which many buy side companies may think as a huge number - I have seen a dozen trades per year for some clients. Let's say they are trading Henry Hub natural gas and two power contract locations. That would mean they execute roughly 33 trades per month per contract. Over 20 business days, that is less than 2 executions per day. That level of activity can be handled in Excel spreadsheets. Even developing simple spoofing models could be done in VBA or Python or something simple. It only would require getting your order level data from your exchange activity (you get one free data feed for this). How much time, effort, and cost is this? Not a lot.
The rationale for a trade surveillance solution becomes much more compelling when you start talking about hundreds of trades per day and thousands of orders per day across twenty or thirty or forty products on three or four or five exchanges. Now, to continue the analogy, you have multiple haystacks in multiple fields and trade surveillance cuts down on the number of people you have to have sorting through the haystacks. If you have a backyard garden, you don't need a John Deere tractor and combine to grow your veggies - if you have 100,000 acres under cultivation, you better have a lot more.
Next week we will talk about the utility of trade surveillance software in physical energy markets (hint - the answer will depend on where you trade these products).
This week's example of "what not to do and how not to do it" comes courtesy of the ICE US Futures Market Regulation disciplinary notices. The story is set forth in ICE notices here (employee) and here (company). The facts are pretty simple:
1. Broker employee screws up customer trades (entered spread trades backwards) as orders and gets filled;
2. Employee panics and tries to reverse trades by doing them as block trades without customer permission or knowledge,
3. Employee does not file block trade documentation
Ok, it seems like a broken record that you have to do block trades according to the rules. It also seems obvious a broker's employees have to know the block trade rules. Well, doesn't seem so in this case. Anyone who has been through training on this would know that you can't get away with block trades without the exchange figuring it out - and, by the way, the employee allocated the trades to push the loss to the customer accounts. Pretty sordid all the way around.
The employee got hit with a $20K fine and a two week suspension form the market for violating Block Trade, improper handling of customer accounts, and "conduct detrimental" charges.
The company got hit with a $30K fine for all the same charges and the normal "failure to supervise" charge - and also paid over $11K in restitution to the customers.
Once again, the company pays more than the employee for the employee's mistake. But the company should have caught the failure to report a block trade and by " failing to properly instruct employees on applicable Exchange Rules."
It frequently comes down to training in these instances. DCM has provided multiple training sessions to firms located outside the US on nit just the content but the culture and reach of US oversight on futures. It is all to frequent when the staff being trained as things like "US exchanges can do that?". Just because you have a good knowledge of your local or regional exchange and regulatory rules and culture, do not assume the US markets are the same. They are not.
DCM doesn't presume to train people on EU rules, get US training from EU based sources has the same danger.
Friday CME disciplinary notices - 4 notices, $2.465 million in fines - some concerning points in several
.CME issued multiple disciplinary notices Friday - one for $2MM, two in the 100's of thousands, and one for $10,000. The last was for orders placed in the pre-market for spread trades that the CME felt the trader should have known would cross trade based on market size and pricing.
The $2MM dollar fine was for an agricultural firm that reads in a similar fashion to the Kraft case settled in 2019. In this case, the firm of Andersons Inc. registered certificates (i.e., rights to ship physical wheat under a futures contract) in excess of the limited number (600) allowed without "bona fide commercial purpose" and be granted an exemption under from the Market Regulation Department. The notice also points out that The Andersons held over 60% of the open short position in the applicable contract. Finally, the Andersons also sold the product under the contract to local wheat mills for the moth prior to their contracts to suppress demand.
The CME noted that The Andersons, by means of these actions, were able to buy back 1,330 of the 2,000 registered certificates at lower prices than they were originally registered.
Again, the basic format is similar to that described in Kraft - take a position in the futures market and then craft a strategy for disrupting the physical market for delivery of those contracts in a manner that allows the firm to capitalize on the market impacts of caused by their position in the physical market on the futures contract physical delivery mechanisms. So, even though the alleged scheme is not manipulating the trading of the futures contract, it is disrupting the capture of value in the resulting physical delivery mechanism.
For those reasons, the disciplinary comimittee found the actions to violate the following provisions of the "General Offences" Rule (Rule 432) - the notice is here:
"B. 2. to engage in conduct or proceedings inconsistent with just and equitable principles of trade;
Q. to commit an act which is detrimental to the interest or welfare of the Exchange or to engage in any conduct which tends to impair the dignity or good name of the Exchange;
T. to engage in dishonorable or uncommercial conduct."
The second large fine was for actions of Exante Limited - a Malta based fintech firm whose website indicates they are a "Next Generation Investment Company" providing a multi-asset trading platform. Unfortunately, the firm did not do some basic things properly according to the disciplinary committee. The list of problems was extensive:
1. Improper customer set up, resulting in improper account netting - impacting open interest reports from the exchange; and
2. Failure to assign unique Tag50s (a point DCM harps on frequently) to both employees and customers; and\
3. Performing wash trades to transfer positions between clearing firms - another common violation; and
4. Failure to "fully answer regulatory inquiries"
All of this added up to violations warranting a $350K fine for wash trade, Tag50, and failure to supervise violations. The notice is here
The final large fine was imposed on Algolab.com Inc. They operate a proprietary trading shop as well as licensing their software to customers for purposes of entering orders on their behalf. The software allowed orders to exit positions to be entered without regard to market liquidity. The orders "on two occasions" triggered unrelated stop orders, causing additional disruption. These disruptions had the impact of triggering a trading halt on the entire Swiss Franc futures and options trading product group.
More disturbingly, the committee also found, due to "technical reasons", the Algolab product would prioritize Algolab's proprietary trade orders before customer orders - both for entering and existing positions. Algolab also utilized the customer's Tag50 IDs, rather than its own, to enter trades. Algolab was fined $105K - the notice is here
Low energy prices, work from home, and mounting industry bankruptcies - compliance is being stressed
When I have been a Chief Risk Officer in the past, when the book got stressed and I knew traders were under pressure, I started get even more focused. When people are under pressure and fear about losing their job, they become even more likely to "self justify" riskier or more problematic behavior. As many of my clients can attest, I have rephrased the old "seven stages of grief" to the "seven stages of trader misconduct"
But that implies that the trader is going to feel pressured to do "something". And that something can, in some cases, be doing something the regulator says they shouldn't.
Yes, some compliance problems come because someone figured out a way around the edges to make money with less risk - because they cheated. But in many cases, the behavior comes because the trader feels they have nothing to lose - if they don't solve their problem they are going to be fired. And, at that time, the trader's personal risk tolerance to use company resources to bail themselves out becomes close to infinite.
Well, the trader's risk tolerance for a company regulatory risk has the same change. Frequently, the trader is not even thinking about the potential compliance risk - they are already focusing so hard on getting around risk controls. That means it is up to the compliance officer to take up that slack.
The best compliance programs have regular participation by compliance in the risk updates. When books or desks or even business divisions are having a rough stretch, compliance needs to be extra vigilant. When the entire company is at risk, the compliance function has the even tougher task of recognizing that management, in some cases, may encourage market behavior that carries even greater compliance risks.
We are headed for the rough water - it is time to check to make sure you have everything in top shape.
the concept of .A pair of interesting disciplinary actions were posted in the same inquiry yesterday by the CME. A firm was over the spot month limits in soybeans "at more than one clearing member firm. " The position was held over night for multiple days. The overage was in "two different reportable accounts controlled by the customer".
The broker, Goldman Sachs, was fined for "failed to liquidate its pro-rata share of the customer’s position in excess of limits or otherwise ensure that its customer was in compliance with the limits within a reasonable period of time." Goldman had been notified of the overage by the Market Regulation Department and failed to respond. Goldman was fined $15K and the notice is here
Separately but in a linked notice, the customer was found to be 15 contracts (0.19% of the total position) over the position limit in the associated accounts. The notice does not indicate when the customer received notice of the overage. The CME imposed at $25K fine and a $9,720 disgorgement of profits. The notice is here.
During compliance assessments by DCM, we always look to discuss the concept of position aggregation under US exchange rules. This helps to establish the needs for position limits surveillance. There is also a linked concept of allowed disaggregation - an option for establishing with the exchange a right to not have separated accounts linked for position limits. This requires analysis and a filing with the exchange but, as shown here, it can reduce potential compliance exposure as well as reducing position surveillance complexity. It is good practice to examine what accounts are owned by your company, affiliates, and subsidiaries and to consider aggregation requirements and disaggregation options.
One of the points that the consulting and legal communities have settled into agreement on is the likelihood that regulators are likely to do a quick lap around companies that have been trading commodities through the COVID pandemic to make sure nothing glaring is hiding. And one point that is easy for the regulators to look at is your training program. Here are some points to consider:
1. Many companies utilize industry conferences or training firms to provide training - much of it off site. With COVID, has the training been deferred? Any number of firms are doing Zoom or webinar training, that is a good replacement. And if people are doing remote training, how are you keeping company records of training attendance for the regulators - if there isn't a record, it never happened.
2. With the swings in liquidity, have you been trading different products or, more importantly, different exchanges? This is especially important for firms outside the US trading US commodity exchanges. DCM has taught both EU and US exchange regulation classes - it cannot be stressed too much that these are very different worlds. Approaching US regulators and exchanges as if they were EU or UK regulators can be a rude awakening when you realize the rules, enforcement tools, and regulatory philosophies are fundamentally different. In the US, a firm has strict liability for the actions of its employees and agents.
3. Which brings us to our final point about training - it is cheap protection for your company. The DCM blog over the last several years has repeatedly pointed out the CFTC and exchanges penchant for assessing "failure to adequately supervise" penalties. One recurring points in the disciplinary notice is the failure of the company's training to address the issue the employee created.
It would be appropriate to develop a training plan (as opposed to the frequent "once a year" training) that works through the period from 100% remote work through the transition to the "new normal". Best practice would be to engage and include senior management - possibly the board - on the plan and the training and role it out in a measured plan to keep the topics fresh and top of mind.