Market Abuse Regulation: are you in the dark?

EY surveyed financial institutions to identify trends and challenges in Market Abuse Regulation compliance.

In brief

• Second line of defense frameworks seem to be more mature than first line of defense frameworks.
• There is a trend toward leveraging innovative technologies. Nevertheless, manual controls persist in both first and second line of defense.
• Both group and non-group structures equally grapple with HR as their biggest challenge.

Navigating the web of financial regulations is no easy feat, especially when it comes to ensuring compliance with the Market Abuse Regulation. In this respect the European regulator foresaw a key role for financial institutions as gatekeepers to detect and prevent market abuse. Although the entry into force dates from July 2016, the dynamic landscape of financial markets and exponential growth of emerging technologies make that those financial institutions need to continuously keep their (control) frameworks up to date to tackle the changing risks they are exposed to.

To map how financial institutions strive to maintain integrity in their operations and continuously comply with the Market Abuse Regulation, the EY Financial Services Legal & Regulatory team took a deep-dive into the framework and measures currently in place, by surveying more than 20 credit institutions, stockbroking firms and portfolio management and investment advice companies. This resulted in a report addressing the challenges and best practices encountered by financial entities in their quest to uphold market integrity. The aim is to contribute to a robust framework against market abuse, allowing financial institutions to benchmark themselves, but also to serve to identify potential threats or weaknesses in the fight against market abuse.

Dealing with market abuse exposure: second line of defense frameworks seem to be more mature than first line of defense frameworks

Delving deeper into the data reveals that the second line of defense framework appears more mature and robust, but there are lingering questions about potential gaps in the initial defense line: 56.3% of respondents characterize their first-line framework as ad hoc, indicating a more reactive approach to risk management. In contrast, 81.3% describe their second line of defense framework as structural.

A significant majority of respondents conduct assessments at least annually, aligning with best practices in the industry. More than half of the respondents indicate that market abuse policies are updated at least yearly. We also see a correlation between the frequency of second-line risk assessments and policy updates, suggesting that changes in risk exposure may influence policy adjustments over time.
 

Technology plays an important role, but the level of automation could be increased

57% of controls are reported as automated, indicative of a concerted effort toward enhancing efficiency and precision in the initial screening processes. This emphasis on automation underscores a growing recognition of the potential of technology to bolster compliance frameworks. However, the utilization of AI remains relatively nascent, with only 7% of respondents incorporating AI-driven controls into their arsenal. This modest adoption rate signals the early stages of integration and highlights opportunities for further exploration of advanced technological solutions in market abuse detection.

Despite the efforts made in automation, manual controls persist in both the first and second lines of defense. Furthermore, the origins of automated screening solutions reveal a balanced distribution, with 50% of respondents leveraging services from external vendors and an equal proportion opting for in-house development.

An intriguing aspect of compliance practices pertains to the frequency of scenario and threshold updates. 58.3% indicate a reactive approach, updating scenarios and thresholds only when triggered. While this method offers flexibility, it also harbors inherent risks of non-compliance or delayed response to emerging threats. 

While technology plays a pivotal role in enhancing market abuse compliance, there remains untapped potential for increased automation and the strategic deployment of AI-driven solutions.

HR is, on average, the biggest challenge to fully comply

Both group and non-group structures equally grapple with this challenge. This underscores the universal pressure faced by institutions to navigate within constrained financial parameters.