On The Regulatory Technological Frontier

Both regulators and firms must invest to avoid Wild West situation

Originally published in the June 2014 issue

Technology is bringing a “transformational” change to the global financial services industry, as Martin Wheatley, CEO of the FCA, recently put it. Whether mobile banking, high frequency trading (HFT), payments technology, portfolio analysis or big data, the primary drivers behind industry change are technology-led.

Mr Wheatley’s remarks in June 2014 reveal that this trend presents market participants with both opportunities and challenges. For many, the changes open new possibilities. However, for others “the skies are darker”, he noted.

“The concern here is that financial services will become a kind of tech-led Wild West, if you like – full of cybercrime, data losses, runaway algos, flash crashes and hash-crashesof the type we saw last year, when hackers took over the twitter feed of AP [Associated Press].”

His comments have been echoed on the other side of the Atlantic, as regulators in the US are encountering similar difficulties. In fact, technology has not only radically transformed the industry, but, as Kinetic Partners’ recent Global Enforcement Review (GER) shows, it is bringing great changes to the way regulators monitor and control the industry. As SEC chairwoman Mary Jo White observed earlier this year: “It is not only our job to keep pace with this rapidly changing environment, but, where possible, also to harness and leverage advances in technology to better carry out our mission”.

According to the GER, published in April by Kinetic Partners, from 2006 to 2013 the SEC increased its number of employees by approximately 22%, but overall expenditure by 62%. For Hong Kong’s SFC, meanwhile, the figures were 51% and 120%.

If not on headcount, where is the extra money going? Technology accounts for a significant portion of where regulators are focusing their resources. Likewise, while expenditure increases have trailed the rise in headcount at the FCA, developing advanced Information Systems (IS) has been a priority, as made clear in the regulator’s 2014/15 Business Plan.

Increased surveillance
Part of this is an inevitable consequence of the regulators’ focus on market abuse, which has necessitated significant investments in technology.

Our research showed that in the US for 2013, enforcement actions over insider trading, market manipulation, financial fraud, issuer disclosure and similar activities accounted for nearly a quarter (24%) of all actions. Meanwhile, insider dealing and market manipulation together were the leading causes of enforcement actions in Hong Kong, and second in the UK – while accounting for the lion’s share of the total value of fines to individuals in both. Ensuring clean and fair markets is an indisputable focus for regulators worldwide.

Technology is central to identifying this abuse and building cases against wrongdoers. This is perhaps most obvious when it comes to high frequency and algorithmic trading. Regulations such as the revised Markets in Financial Instruments Directive (MiFID) in the EU may impose restrictions on the usage of high-tech transaction tools, but enforcement will depend on systems such as the US’s National Exam Analytics Tool (NEAT) and Market Information Data Analytics System (MIDAS) or the UK’s ZEN database.

Leveraging such surveillance technologies, regulators are able to capture and analyse millions of transactions every day to detect insider trading, front running, and other forms of misconduct. These investments are also, in a sense, pooled: increasing cross-border cooperation, demonstrated in recent market abuse cases around Libor and Forex rigging, illustrates that regulators are willing, and able, to share data to identify abuse. Establishing clear channels for exchange of information across jurisdictions and with law enforcement agencies has been a significant accomplishment with regard to the global regulators’ investigative and prosecutorial procedures.

Nevertheless, the burden of facing up to the challenges posed by technology is not just shared between regulators. The financial services industry itself must play its part, as regulators have made clear.

Protecting itself
Regulations such as MiFID and European Market Infrastructure Regulations (EMIR) already point to greater demands in terms of transaction reporting requirements from regulated firms and also non-financial counterparties. As the scope of regulators’ ability to “crunch” data grows, so, too, will the demands to supply it. The growing capabilities of the regulators will also mean greater scrutiny of thedata being supplied. There will be greater pressure from regulators for firms to produce accurate, timely data in the correct form, and this is likely to increase over time.

As noted in the GER report, firms will be expected to police themselves and be able to demonstrate that they are maintaining strong cultures and systems to discourage and detect misconduct. Manual, sample-based approaches to testing and the use of spread sheets in some firms should now give way to more sophisticated and automated systems that capture and analyse entire sets of data. For those firms executing even modest numbers of daily trades, there is simply no other way to monitor transactions effectively and guard against abuse.

With the advent of MiFIR and MAR, for large sell-side investment banks – from which regulators have long required detailed transaction monitoring and reporting – this will continue to present challenges. Theoretically, they already have significant internal monitoring capabilities in place. In Kinetic Partners’ experience, however, many buy side-firms do not.

Getting up to speed will require an investment – in both time and money – and support from advisors. Regardless of what is required by the regulator, however, there is an added element of self-interest in doing so.

Regulators have been at pains to emphasise that ultimate responsibility properly lies with individuals. Indeed it is they – rather than the firm – who are becoming the focus of sanctions. Even the SEC, which is already much more prone to bringing actions against individuals than some other regulators, remains keen to stress its commitment to pursuing those individuals who are accountable.

If firms detect abuse and report it themselves, or can at least demonstrate their proactive commitment to preventing misconduct by having established robust systems and processes, then regulators are likely to respond more positively. However, with the increased technological complexity of markets, and enhanced regulatory surveillance capabilities, firms and individuals judged to have contributed to, rather than curtailed, the Wild West will be ever more likely to find themselves in the regulatory cross-hairs.