So, you've read our posts on wash trades and installed cross-blocker to help - no problems. Well, maybe
There have been increasing cases of "disruptive trading" that center on the use of cross blocker in a manner it was not intended for. Cross blocker, to refresh, is a piece of code that automatically cancels an existing outright order when a opposing order at the same price is entered in the same account. A cross can be thought of as a wash trade within the same account. Trading an outright trade against an outright trade in the same account is a cross and against exchange rules.
Well, clever traders have realized that exchanges look at cancelled and modified orders in their spoofing analysis. Therefore, how do you spoof without cancelling your order (light bulb goes on) - I just enter an order that the cross blocker will cancel. Easy peasy, except that the exchanges have figured this out.
The latest instance of this (CBOT disciplinary notice CBOT-18-1003-BC issued May 29) indicates it is common enough the CME has now applied a term under Rule 572 in relation to the use of cross blocker: "Flipping". As the definition is set forth in the latest notice:
"A18: Flipping is defined as the entry of orders or trades for the purpose of causing turns of the market and the creation of volatility and/or instability.(from Market Regulation Advisory Notices RA1516-5 (preceding) and RA1807-5 (superseding) Q&A)
Market Regulation recognizes there are many variables that can cause a market participant to change his perspective of the market. This Rule, therefore, does not prohibit a market participant from changing his bias from short (long) to long (short).
Flipping activity may, however, be disruptive to the marketplace. For example, repeated instances of a market participant entering flipping orders that are each large enough to turn the market (i.e., being of a sufficient quantity to sweep the entire quantity on the book at the particular price level and create a new best bid or best offer price with any remaining quantity from the aggressor flipping order) can be disruptive to the orderly conduct of trading or the fair execution of transactions."
And that is what happened here. The trader "entered large orders on one side of the market and then while those orders were resting, entered large aggressive orders on the other side of the market. A wash blocker caused the resting orders to be cancelled within the same millisecond or one millisecond of (their) entry of the aggressive orders, which at times turned the market (“flip order”) and traded immediately. (The trader's) use of the wash blocker to flip sides of the market created order book imbalances and prevented others from gaining order book priority."
Note, this was not necessarily pushing the price but it was resetting order book priority. This was a way of getting trades executed at the price and bid/offer desired. This is why spoofing has become less and less common as a term and the exchanges are leaning on disruptive trading.
Oh yes, the fine was $60K and 20 days suspension from access to the market. The notice is here
Risk Managers - have you asked your compliance shop to help find where risk is moving around on your book?
The latest air pockets in life (pandemic, May contract settle in oil, trying to hold Zoom meetings with a menagerie of dogs in the background) have left DCM behind in keeping up with the activities of regulators and exchanges in the compliance world. There have been 16 disciplinary or summary action notices from the CME in the last thirty days - over one every two days on average. And a number come back to a common area of focus for exchanges - wash trades.
Now, those of us of a certain age remember the massive investigations and fines associated with "wash" trades in US physical energy markets of the mid 90's. Trades where counterparties conspired to elevate market prices by a series of circular trades that had no risk positions but acted to provide "reported trades" at artificial prices. And most of us think of wash trades as that - trades designed to get a price printed without actually taking a position in the market.
But the disciplinary notices in the last month regarding wash trades reflect them being used for a different purpose - moving trades around between books within the same company or between affiliates. In one case, the notice reads:
"The purpose of the trades was to manage an affiliate’s risk by rolling positions held in three separate accounts owned by the affiliate’s subsidiaries. "
The notice regarded AXA Bank and the text is here.
This is not an uncommon occurrence in the disciplinary area - traders trying to move positions because they accidentally traded in the wrong account or to shift amounts or to stay within corporate limits without getting noticed. All of these reasons are normally something the risk manager would like to know about - for training or breach management or limit violation purposes.
And that is where your compliance function can help. They should be examining all futures trades where the execution ID shows up on both the buy side an the sell side on broker statements or exchange feeds. This is a common area of focus - looking at trades where affiliates, even if dis-aggregated, show up on both sides of the trade. The exchange is looking at these, you should be too.
And what this shows a risk officer is where someone is making executions that should be an intra-book transfer and, therefore, a transparent risk transfer but are possibly not showing up. In addition, there is an acceptable manner to effectuate these trades by "back office transfer" - the problem is that this is a much more visible method that the trader can't really obscure.
But you need to document these actions to assure controls are working. Even worse, what if those transfers are to change regulatory analysis of exposures at the end of a reporting period and now the regulator finds out staff are acting to manipulate reporting exposures? That is likely not a pleasant discussion for the risk officer.
So, risk officers, you might have a discussion with your compliance counterparts and understand the insights they may be able to provide you about areas under your purview. You could find they have a lot of help they can give you.
I appreciate to opportunity to present with CubeLogic for a CFTC position limits webinar - my slides are below
The shut downs and remote operations are, hopefully, beginning to ease. And, as we all hope, we can start to put this stress and complication behind us. But before we all move to put this in out rear view mirror, DCM would suggest some simple steps to make sure nothing gets left behind and starts to go bad:
1. Ask all staff to do a review of ANY personal devices that they used to perform company work in a manner unlike normal operations - look for any new files saved to personal drives that shouldn't be there. It may be appropriate for your IT department to come up with a checklist and set of available tools to do the house cleaning. Maybe have every staff member even attest that they have performed the checklist and used the tools.
2, During the house cleaning, provide an "amnesty" for reporting an oops found during Step 1. Having a staff member perform the house cleaning only to find out later you have an existing log file that shows a download of a document that shouldn't be outside the firewall.
3. Consider doing an in house or third party audit of types of actions that could cause trouble - now might be a good time to look at the 500 surveillance alerts your junior staff member cleared between 1 and 2 AM one morning two weeks ago. People have been working under stress and with all sorts of distractions - it might be good to do a spot check.
4. In the same vein, have you kept a log of the "emergency exceptions" or "waivers" of risk or compliance policies, procedures or controls that have been issued? Many companies have - do you perform an audit to make sure all changes have been covered with a waiver or exception? Maybe a staff review of procedures and controls is appropriate with, again, an amnesty of reporting instances that were not covered at the time and a process for confirming the incident, the cause no waiver was sought, and a documentation of the results.
All of these suggestions have the potential to do multiple things - you can assure no surprises are hiding out there; and you can rectify and issues that are found; and you can use any and all instances as training opportunities for any and all staff.
Let's not just run away from the stress of the current situation as fast as we can or go to analyse how we can do this better before you have the facts of how well this current situation was handled.
DCM can help you with audits or reviews, please reach out even if you would just like our feedback on your own internal plans.
It is something we find interesting at DCM - what do the trainers focus on when training staff about compliance oversight? Lawyers may tend to focus on eCommunications as much or more than on transaction oversight. Many consultants tend to focus more on the surveillance oversight piece. There is a reason for this. This can influence the importance companies place on one tool or the other. Let’s examine why they can serve complementary and important roles.
Look at how the regulators and exchanges get create the basis for an inquiry – how do they start? In today’s world, the most common starting point is by the regulator or exchange (or ISO for power or ACER for the EU) looking at transaction and order level data. This is what they have access to without ever asking your company for anything. Therefore, from the standpoint of preventing there ever being an inquiry, starting with the transaction surveillance can make a lot of sense.
However, in the past many of the inquiries (and even currently – look at OfGem’s latest fine in England) came from internal whistleblowers or, even more frequently, someone else in the market that was on the other side of whatever trading strategy or activity the inquiry covers. Remember, if someone at your desk is scalping the market in an inappropriate manner, someone is on the other side losing their scalp. And when those inquires arose (and arise), the regulators can come right in and ask you to keep everything – including your emails, phone tapes, and texts.
And, while transactions can show patterns, communications can show intent. Many of us in the industry remember pouring over the released documentation of all the Enron communications (come on, those of us in the industry at the time will admit we all searched for our own names in the files either out of curiosity or fear). And those communications did three things:
And that is where eCommunications come in – they are the smoking guns of what you were thinking and who you were working with. So, what does eCommunication surveillance do?
It can attack both the “bad actor” issue as well as the “conduct risk” issues. In the bad actor case, it can show whether the trader was intending to misbehave – the “I’m going to push this close” text”. But it is really in the collaboration phase.
From the bad actor phase, eCommunications can track when a trader is writing, as one vendor calls it, “stupid s*@t”. The compliance officer’s role is to determine if the trader was one time stupid, repetitively stupid or actually recording their state of mind as they violated the rules. If it is writing stupid stuff, I would recommend the simple practice a number of CCOs I know perform when they have someone who is, shall we say, “lax” in the self-monitoring of communications.
They take a random set of emails and texts into the trader’s head of desk’s office, sit them both down and start reading them. It takes very few repetitions of this before the trader self-monitors so they don’t have to go through that again or, in the hard cases, the head of desk informs the trader that they do not want to have to go through that again.
From the “conduct risk” point of view, eCommunications oversight can monitor for situations when the head of desk is pressuring for better performance. Even if the pressure is not to do bad acts, knowing a trader is under pressure is frequently a starting point for increased transaction oversight – scared traders can be reckless traders.
So, eComm can be:
While eCommunication may not be the best way to fend off the start of a regulatory inquiry before it happens, it can be a fundamental and valuable tool in the compliance officer’s kit. And this all tracks back to the concept of how the tools are uses and what training covers.
Next week – what does eCommunications surveillance really do and what can it cover?