Julia Hoggett, Director of Market Oversight at the FCA, has delivered a wide-ranging speech on the need for a dynamic response to the changing risk profile of market abuse. This develops a theme from a previous speech delivered in late 2017 (summarised here:), in which she described effective compliance with the Market Abuse Regulation as a “state of mind”. This means that the FCA perceives market abuse prevention as resting not only in the deterrent effect of enforcement action by the FCA after the fact, but also in the decisions and actions of all those subject to the regime. Consistent with this, Hoggett explored the theme of effective market abuse prevention through aspects of FCA Supervision’s Conduct Risk Framework. Summarised below are some of the key messages from her speech.
Market Abuse risk identification.
The FCA is concerned that there is inadequate awareness of the range of conduct that might constitute market abuse, from serious criminal illegality to errors of judgement. At one end of the spectrum this might result in firms under-estimating the risk that they will be used to facilitate serious criminal misconduct. For example, Hoggett highlighted the risk of inside information leaking from the firm as a result of deliberate staff misconduct or a cyber-attack. At the other end of the spectrum, staff may be unaware of the risks that their conduct and errors of judgment might pose, assuming that only serious illegality is captured by the market abuse regime.
Hoggett urged firms to consider market abuse risk holistically and not to focus only on areas where the risk has historically been perceived to exist. Sensibly the FCA is keen to discourage stale or outdated thinking on the nature of the market abuse threat.
Supporting individuals to conduct business appropriately.
Hoggett also said that firms should ensure that staff are aware of the very serious consequences of market abuse and should not underestimate the risk of market abuse by assuming that all staff will tend to want to “do the right thing” when, for example, in possession of inside information and a personal dealing account.
Firms need to ensure that staff understand the standards that they are subject to - in other words, that they have the appropriate “state of mind”. Hoggett mentioned in this context Code of Conduct Rule 5 of the Senior Managers and Certification Regime (observing proper standards of market conduct). The assessment of what constitutes proper standards of market conduct can be informed by industry guidance. For example, the FCA is currently considering whether to recognise the FX Global Code and the Money Market Code. However, firms also need to be alive to evolving and new risks and to educate staff accordingly. Hoggett gave the example of the risks posed by, “printing” and “flying” practices - a summary of the FCA’ recent warning on these practices is here.).
A focus on educating staff to do the right thing, both in terms of what constitutes obvious abuse and more subtle judgment calls, makes good sense. As does emphasising the jeopardy that may result if conduct is on the wrong side of the line and results in FCA enforcement.
Inside information, systems and controls.
The FCA remains concerned about the adequacy of systems, controls and surveillance. Again, Hoggett stressed that firms’ controls tend to focus on traditionally perceived threats, for example by operating a permissions system for an insider list or by having identifiable deal teams. This ignores the risk posed by serious deliberate misconduct, for example by staff who may have legitimately accessed inside information. Hoggett gave the example of the FSA’s successful prosecution in 2012 of an insider dealing ring based out of banks’ print rooms. In this context, she was keen to remind firms of the updated Financial Crime Guide (part of the SYSC Handbook), which gives examples of systems and controls to mitigate the risk of financial crime. Hoggett urged firms to consider, in the specific context of the risks presented by the business they operate, the inter-connectivity of surveillance tools, STORs and financial crime systems and controls.
Also on systems and controls and developing on a particular theme explored in Market Watch 56 (market abuse surveillance), Hoggett gave the specific example of firms’ calibration of market abuse alerts as an area of outdated thinking. Firms often tend to calibrate systems with reference to average peer alert volumes, rather than properly considering the particular risk management needs of its business.
Firms would clearly be well advised not only to assess the market abuse risks particular to their business, but also to regularly revisit and challenge that assessment, for example, in light of changing technologies or market practices.
Perceived future risks
As for risks coming down the track, amongst those identified by Hoggett were the market abuse risks caused by the rise of algorithmic or other machine-driven trading. She questioned whether and how the standards expected by the FCA could be embedded into automated trading and noted that whilst the FCA could not take action against software/hardware, it could take action against those designing and operating it. Whilst many firms will not deploy such technology or have an expectation of doing so anytime soon, the FCA is stressing the dynamic threat of market abuse and the need for firms to avoid thinking that is out-dated or even naive.