The future of trade surveillance – Separating the Spoof from the Truth

Escalating regulatory obligations demand that financial market participants take a smarter, more proactive approach to spotting abusive trading patterns, with many looking to explore the use of machine learning and artificial intelligence to automate monitoring and anticipate threats. In this article, Mike O’Hara and Chris Hall of The Realization Group hear from Certeco’s Nick GordonWilliam Garner from Charles Russell Speechlys, Taras Chaban from Sybenetix, and Nasdaq’s Valerie Bannert-Thurner. While the application of machine learning and artificial intelligence to trade surveillance is in its infancy, the potential of digital technologies to efficiently tackle market abuse appears significant.


Compliance used to be an afterthought for most financial markets participants, but over the last decade it has become ‘front and centre’ for an increasing number of institutions and individuals. Few decisions are made or processes conducted without reference to the chief compliance officer (CCO) or a growing army of compliance officers.

Trade surveillance is a prime example of how regulatory requirements have multiplied and diversified, with more firms expected to monitor and report market abuse across more markets and jurisdictions, and at greater speeds, than ever before. With regulators effectively requiring market participants to act as their eyes and ears in the market – sanctioning any firms that fail to report misconduct uncovered at a later date in a market in which they were active – none can afford to treat trade surveillance as an afterthought. On the contrary, firms must be consistently conscious of risks; both alert to known techniques of market abuse and alive to new threats as they emerge. If compliance is to be achieved efficiently and cost-effectively, the future of trade surveillance will see market participants harnessing digital technology innovation – artificial intelligence (AI) and machine learning (ML) in particular – to make vigilance against market abuse integral to their trading activities.

“Surveillance should never be static; it has to be in a state of continuous improvement. Firms need to have a formal review process involving both compliance and business team leaders to ensure they have the right processes and protections in place,” says Nick Gordon, business development director at change management consultancy Certeco.


“Surveillance should never be static; it has to be in a state of continuous improvement”
Nick Gordon, business development director, Certeco


Taking responsibility

New approaches and new tools are needed because the expectations of regulators are much greater and the net is being cast much wider. In Europe, the Market Abuse Regulation (MAR) completed its roll-out in January 2017, marking a sea change in trade surveillance obligations.

Not only are many smaller firms required to report suspicious trades or evidence of potentially abusive behaviour for the first time, MAR has also extended the types of trades to be monitored from those conducted in regulated markets to OTC transactions such as swaps. And although T+1 reporting of abuse is acceptable for the moment, the direction of travel is clearly toward intra-day and eventually real-time monitoring. In addition to MAR, the UK’s Senior Managers Regime – effective for banks from March 2016 and for asset managers from 2018 – requires regulated firms to designate and demonstrate personal responsibility for trade surveillance, along with other key operational areas.

“As well as the increasing explicit trade surveillance requirements of regulators, there are also implicit expectations that firms fully understand their responsibilities in supporting the objectives of market abuse regulation, rather than simply implementing vendor solutions,” says Gordon.

Another defining aspect of the trade surveillance challenge, says Gordon, is complexity. Regulators expect firms to demonstrate understanding and oversight, where the risks are most severe. Multi-legged orders involving a variety of counterparties, exchanges or instruments require particular scrutiny, with risks assessed and monitored both at the individual transaction and holistically, at the parent order level. Nevertheless, alerts must be finely tuned as there are good reasons – from both a business and compliance perspective – to avoid false positives.

“Smaller firms now face a greater trade surveillance challenge, especially if they are involved in fairly complex trading strategies,” says William Garner, financial services partner at Charles Russell Speechlys. ”The more sophisticated your trading strategies, the higher the regulators’ expectations, not just in terms of your trade surveillance capabilities, but your understanding of those capabilities and how they prevent market abuse, within the framework of your overall policies and procedures.”


Turning to technology

Ever-increasing and evolving trade surveillance requirements demand close collaboration between trading and compliance staff within a robust and regularly reviewed governance structure. Global banks and brokers have long been in scope of market abuse regulations and are more advanced in this respect, but the bar is set high. “For larger firms, the regulator expects an understanding of risks on a holistic, enterprise-wide basis, as well as at desk level,” says Garner. “Below the top tier, too many firms still take a tactical rather than a strategic view of compliance.”

“The more sophisticated your trading strategies, the higher the regulators’ expectations”
William Garner, financial services partner, Charles Russell Speechlys


Across the board, firms are responding to their expanding market abuse obligations by turning to technology. Firms have long sought to automate non-differentiating compliance processes, but the need to continually identify new market abuse threats from across the vast and diverse global financial markets landscape has focused their attention on machines that are faster and more rigorous than humans, but which can learn and adapt like their flesh-and-blood masters.

In broad terms, systems and applications that deploy AI are able to make ‘smart’, logical decisions based on analysis of the structured and even unstructured data they consume, while ML systems (effectively a subset of AI), can adapt to circumstances, think for themselves, even inferring meaning from natural language. This means they can not only recognise patterns denoting potentially abusive behaviour, but can also identify new threats as they emerge, or explore evidence or contextual data once unusual behaviour is flagged for further investigation. Whilst the development of AI/ML-based tools is still costly and time-consuming, the scope they offer to improve the efficiency of existing trade surveillance capabilities and to evolve over time has resulted in significant investment.


Evidence-based surveillance

London-based Sybenetix uses AI/ML to support both its trade surveillance and performance measurement services. The firm has pioneered the development of behavioural analytics in the finance sector, combining data analytics with behaviour profile algorithms to identify behaviours that might contravene market abuse regulations for buy- and sell-side firms. It also uses similar tools and skill sets to monitor decision-making behaviour with the aim of improving performance, notably in investment management.

In both cases, the firm’s starting point is to define and model behaviours that contribute to efficient, successful performance of portfolio management (or indeed any other role or task), drawing on practical knowledge of how professionals execute core tasks. From this, it is then possible to use automated systems to track how an individual portfolio manager’s behaviour varies on a day to day basis, whether to monitor productivity and performance or to identify deviations (either from the optimal model and / or past behaviour of the portfolio manager in question) that might suggest abusive or illegal trading activity.

“If we can build models that encourage the right behaviour for performing the job, then use data to subsequently track trading activity, we believe we can provide a more coherent and effective approach to trade surveillance than trying to satisfy precisely the market abuse rules of different regulatory regimes, which will inevitably vary. As such, we evolve the monitoring and surveillance models to cater for changing of regulatory climates and changing behaviour,” explains CEO and co-founder Taras Chaban.

While a model will reflect the ideal scenario for how a task should be carried out, ie how market participants should interact rationally, once it is fed by data derived from the real world decisions, it learns and adapts accordingly. Chaban calls this an evidence-based approach to trade surveillance. Because the model is aware of the individual portfolio manager’s previous trading activity, it raises an alert when he or she executes a trade in a manner that deviates from past behaviour rather than, for example, automatically flagging a trade that represents more than 5% of the value of the portfolio, as a rules-based system might. In essence, the system centres on the monitoring of repeatable patterns in an ever-larger data set. “The richer the data set, the more able you are to create smaller numbers of more precise alerts,” says Chaban.


Improving relevance

According to Valerie Bannert-Thurner, global head of risk and surveillance solutions at Nasdaq, ML can play multiple roles in trade surveillance, from identification of potential abuse to decision support to trade reconstruction. Moreover, it is capable of improving the efficiency and accuracy of existing trade surveillance solutions and services, as well as paving the way for new approaches.

“We evolve the monitoring and surveillance models to cater for changing of regulatory climates and changing behaviour”
Taras Chaban, CEO and co-founder, Sybenetix


For example, Nasdaq is exploring the role of ML in the ranking and scoring of alerts that its trade surveillance solutions brings to the attention of customers. By learning from past experience of how previous alerts were responded to and acted upon by clients, individually and collectively, ML-powered tools can rank future alerts in accordance with their likely importance and relevance to each client, thus reducing the time spent on investigating false positives. “Moreover, as we widen the number of new factors and considerations involved in flagging an alert to a particular user, ML will help us understand which ones are most relevant to individual clients. This will help us to continue to improve the relevance and efficiency of alerts,” she says. “It could also help us to further fine-tune alerts and provide guidance to users on the setting of appropriate parameters.”

As anyone will know who has become tired of being offered slight variations on previous purchases by online retailers, there are down sides to the use of ML techniques to recommend future actions based on past behaviour. In the case of trade surveillance, the danger is that the user effectively trains the monitoring solution to look out for and prioritise known risks, potentially ignoring the emergence of new ones. Clearly, any trade surveillance system that fails to notice evolving forms of market abuse will fall short of today’s regulatory expectations, potentially exposing users to sanctions.

To avoid this risk, Nasdaq exploits the fact that its trade surveillance solutions are being used in multiple markets by multiple firms globally to ensure that the new forms of abusive behaviour uncovered by pattern-spotting algorithms are not overlooked. “We want to make sure that we still point people towards weak signals of new behaviour, not only the stuff they know is important anyway. We try to tap into the strength of our community of users and their feedback to help identify emerging patterns,” says Bannert-Thurner.

“We want to make sure that we still point people towards weak signals of new behaviour, not only the stuff they know is important”
Valerie Bannert-Thurner, global head of risk and surveillance solutions, Nasdaq


Collective wisdom

Bannert-Thurner also notes that clustering clients with common characteristics into sub-sets, e.g. market makers or long-only asset managers, can improve calibration of alerts and detection of outlier behaviour by making it specific to different market segments and peer groups.

“The ability to calibrate alerts in line with other users could be important in the event of an oversight, as the firm could prove to a regulator that it was following market practice,” she adds.

Garner agrees that use of commonly accepted tools can stand firms in good stead with regulators. “Use of third-party solutions is often viewed favourably by regulators, compared with bespoke in-house systems, especially if these can be shown to put firms in line with market standard practice,” he says. “Regulators are cracking down where they see insufficient automation or where systems are insufficiently robust or flexible to check for enough variations, permutations or potential problems.”

Pointing to the substantial resources required to develop and maintain AI/ML systems for trade surveillance, Gordon accepts that partnering with third parties may well be a cost-effective way of harnessing digital technology innovation in the campaign against market abuse. But he asserts the caveat that vendor solutions must have the flexibility to operate effectively across different markets, by geography and asset class, including those still dominated by voice-based trading protocols.

The substantial challenges around identifying market abuse in voice-brokered markets, and the labour-intensive efforts often required to investigate possible wrong-doing in such markets, lead Gordon to suggest that human compliance officers and the counterparts on the trading floor must continue to play the leading role in trade surveillance for some time to come, guiding the technology, without developing over-reliance.

“The ability of compliance officers to understand the nature of their business will remain paramount to the future of trade surveillance. Compliance officers are still spotting issues that automated systems have failed to pick up,” he Gordon. “In tier one firms, the relationship between compliance and the business is often very close, reflecting the overall maturity of trade surveillance capabilities of the firm, but this is still a work-in-progress at smaller forms and on the buy-side.”


Coming together

Nevertheless, AI/ML are gradually being applied more widely across the trade surveillance sphere. As well as helping to identify possible abuse more efficiently, ML techniques are increasingly being used by firms to investigate and resolve cases, for example, thanks to advances in natural language processing, according to Bannert-Thurner. As such, ML-based tools are being developed to scour disparate sources of written and verbal communications in order to understand the intent and meaning behind words and phrases used in emails, conversations etc. “You can basically look in either written or verbal communication for any signs of collusive behaviour and mailcious intent,” she says.

Rather than replacing humans in the trade surveillance field, Chaban sees AI and ML as handling the more mundane ‘grunt’ work of sifting through the data in search of activity that may warrant closer scrutiny and further investigation. He argues that the increased ability of compliance teams to focus on the more value-added aspects of trade surveillance is helping to bring about a beneficial cultural change within firms. “To investigate an alert, compliance staff need to source explanations from fund managers or traders, and can now ask more intelligent questions based on better initial information, which creates a higher level of trust between compliance officers on the one hand and traders and portfolio managers on the other,” he explains. “They can’t know as much as fund managers about a particular stock or what was going on at the time of execution, but systems can reduce information asymmetry, and give an insight into how today’s trading by a fund manager compares to his normal pattern.”

Looking further into the future, Chaban sees several previously disparate disciplines coming together in order to enable new trade surveillance insights and capabilities, with advances in computing power and data science augmenting ongoing progress in our understanding of human behaviour. “Our understanding of how humans operate and their motivations and how they make their decisions under particular circumstances, is still evolving. The future is about combining all of these different sciences into one system, and bringing a very holistic view of decision making,” he says.

Application of AI/ML in the compliance and trade surveillance space is clearly still in its infancy, but showing great potential to support the fight against market abuse at many levels. Firms in the finance sector and beyond are only just beginning to tap this potential. According to a recent survey of CCOs in seven industries conducted by KMPG , while 69% of CCOs say their compliance programme leverages technology to support its initiatives, only 47% of CCOs report using data and analytics to conduct root cause and trending analyses.

Moreover, as Gordon, observes, the data being captured and analysed in the interests of eliminating market abuse, is likely to have business benefits well beyond its initial usage. “Compliance departments now have a very rich view of the business, richer than the business itself. One very fascinating area is how this can be used with the business to gain new insights and efficiencies, offsetting potentially the costs of investing in these technologies. This can give business managers a view in real-time about activity across desks.”