Amid regulatory scrutiny on market surveillance, what’s your focus?

We discuss six key challenges in market surveillance and consider ways to address them.

In brief

• Market surveillance is coming under increased regulatory scrutiny, leading to higher compliance and reputational risk for financial institutions.
• Globally active trading organizations need to address this risk through their market surveillance operations – but face many challenges.
• A combination of staffing, organizational and technical measures can help overcome challenges and mitigate risk. 

Firms trading on regulated markets are required to perform market surveillance to maintain fair and transparent market practices. Most jurisdictions have implemented regulations against market abuse. For example, Switzerland has issued the Financial Market Infrastructure Act (FinMIA) and Ordinance (FinMIO), while the EU has its Market Abuse Regulation (MAR). Depending on their booking centers and the markets they trade on, financial institutions have to comply with various different regulations.

We also observe an increased regulatory focus on market surveillance in recent years. Regulators across the world have investigated institutions for their behavior and fined them for market abuse violations. In light of this significant compliance and reputational risk, institutions are allocating more budget, resources and effort to the topic of market surveillance than ever before. In this article, we explore some of the challenges financial institutions face in this area, especially given the rapidly changing market and regulatory landscape. We also suggest some approaches that can help them overcome these challenges.

Challenge 1: Organizational governance of global trading operations

Trading is usually operated through global booking centers to enable trade across different markets. This means that significant variation needs to be considered with regard to regulatory requirements, business activities, client communications and institutional cultural nuances.

Regulatory requirements

Central surveillance operating models need to accommodate variation in regulatory requirements of different locations through location-specific governance, data privacy and detection scenario configuration. This will lead to high complexity if group compliance manages all the local requirements centrally. This can be mitigated by setting up a regulatory baseline at group level and having locations adapt to local needs locally.

Business activities

Markets, asset classes and securities are different across different booking centers, leading to a need for specialized product and regulatory knowledge across locations. Specialized and focused trainings can help build the expertise needed in-house.

Institutional and regional cultural nuances

Local business and culture drive client types, their relationships with the relationship managers and local business culture. These aspects can be managed by empowering group compliance with a strong mandate to implement organization-wide policies. Group compliance should also be given specific oversight of local legal entities.

Globally consistent approach

Recently, regulatory scrutiny has shifted to the assessment of global consistency of policies, process and procedures. Against this background, group compliance should invest in developing a globally consistent governance structure including the process for alert investigation and report filing.

Challenge 2: Growing complexity of fraudulent activities

The risk of market manipulation has evolved in recent years amid increasing market volatility, new product types, interconnectedness of legal entities within an institution and the ability of individuals to trade across different jurisdictions. As fraudsters become more and more sophisticated, institutions will need to continually update their market surveillance systems and methodologies to keep up with emerging trends in fraudulent activities. They also need to invest in skilled personnel who can analyze data effectively and identify anomalies that may be indicative of fraudulent activities.

Challenge 3: Data privacy and security

Financial institutions are required to protect the confidentiality and integrity of their clients’ data, including trading strategies and customer communication. Different jurisdictions have different data privacy requirements depending on local law and regulation. Also, legal entities with a concentration of ultra-high-net-worth individuals among their client base can be reluctant to share their client information and alerts with other entities or group compliance. To address this, institutions should develop measures such as segregation of data, encryption protocols, firewalls and access control.

Challenge 4:  Specialized investigation

It is very common for clients to trade a variety of products, trade in multiple markets or move assets across jurisdictions. This leads to complex alert investigations which require specialized, skilled resources – people who are well versed in the relevant regulations and trading of financial products.

Financial institutions can address this challenge through a dual approach:

• First, institutions must develop risk-based policies and procedures for market surveillance.
• Second, they need to invest in setting up strong alert management/investigation units. This includes hiring skilled resources and continuous training. These resources should be assigned to alerts according to their skills and experience.

Financial institutions should also consider their business type, alert volume and risks when developing a target operating model for market surveillance. In businesses such as investment banking, level 1 and 2 investigations and reporting are typically assigned to a central entity. At private banks, however, local relationship managers and compliance are closer to their clients, local markets and products. Hence, level 1 and 2 investigations are usually managed by local legal entities, while escalations are sent to group compliance.

Finally, larger institutions frequently set up dedicated teams for specific investigation cases, such as options, structured products or cross-border alerts where specialized investigation skills and co-ordination with different teams is required.

Challenge 5: Employee evaluation

Multi-national financial institutions operate across different time zones, currencies, cultures and markets. Due to the decentralized and local nature of their business, developing a uniform employee evaluation policy at the central level is a complex task. As a result, there is often a mismatch between employee compensation and incentive structure across different locations. Additionally, employee performance evaluation KPIs may also be different across the global organization. This can lead to an unwarranted trade-off between compensation and performance across the locations.

This is a significant issue faced by many organizations. The first step in mitigating this is to empower group compliance with a mandate to develop compliance-based employee performance evaluation KPIs that are consistent across all legal entities in the group. At many organizations, there is a dotted line reporting structure between the local compliance resources and group compliance; group compliance therefore has a significant say in the annual review of local compliance team members

Challenge 6: MI reporting

Lack of proper MI reporting creates a challenge in identifying upcoming risks in a timely manner and restricts group compliance ability of end-to-end oversight of alert generation and management process.

This can be mitigated by developing comprehensive, robust and action-focused MI reporting. It can be helpful to identify concentration risk in a particular product type, typology, location or even client and to develop appropriate controls. This also provides the ability to predict alert volumes and respond with a sound resource plan.