Today’s European financial markets hardly resemble the ones from 15 years ago. The high speed of electronic trading, explosion in trading volumes, the diverse range of instruments classes & a proliferation of trading venues pose massive challenges. With all this complexity, market abuse patterns have also become egregious. Banks are now shelling out millions of euros in fines for market abuse violations. In response to this complex world, European regulators thus have been hard at work. They have created rules for surveillance of exchanges with a view to detecting suspicious patterns of trade behavior & increase market transparency. In this blogpost,we will discuss the state of the regulatory raft as well as propose a Big Data led reengineering of techniques of data storage, records keeping & forensic analysis to help Banks meet the same.
A Short History of Market Surveillance Regulation in the European Union..
As we have seen in previous posts, firms in typically most riskiest part of Banking – Capital Markets – deal in complex financial products in a dynamic industry. Over the last few years, Capital Markets have been undergoing a rapid transformation – at a higher rate perhaps than Retail Banking or Corporate Banking. This is being fueled by technology advances that produce ever lower latencies of trading, an array of financial products, differing (and newer) market participants, heavy quant based trading strategies and multiple venues (exchanges, dark pools etc) that compete for flow based on new products & services.
The Capital Markets value chain in Europe encompasses firms on the buy side (e.g wealth managers), the sell side (e.g broker dealers) & firms that provide custodial services as well as technology providers who provide platforms for post trade analytics support. The crucial link to all of these is the execution venues themselves as well as the clearing houses.With increased globalization driving the capital markets and an increasing number of issuers, one finds an ever increasing amount of complexity across a range of financial instruments assets (stocks, bonds, derivatives, commodities etc).
In this process, over the last few years the ESMA (European Securities and Markets Authority) has slowly begin to harmonize various pieces of legislation that were originally intend to protect the investor. We will focus on two major regulations that market participants in the EU now need to conform with. These are the MiFID II (Markets in Financial Instruments Directive) and the MAR (Market Abuse Regulation). While both these regulations have different effective dates, together they supplant the 2003 passage of the original MAD (Market Abuse Directive). The global nature of capital markets ensured that the MAD was outdated to the needs to today’s financial system. A case in point is the manipulation of the LIBOR (London Interbank Offered Rate) benchmark & the FX Spot Trading scandal in the UK- both of which clearly illustrated the limitations of dated regulation passed a decade ago. The latter is concerned with the FX (Foreign Exchange) market which is largest yet most liquid financial markets in the world. The turnover approaches around $5.3 trillion as of 2014 with the bulk of it concentrated in London. In 2014, the FCA (Financial Control Authority) fined several leading banks 1.1 billion GBP for market manipulation. All of that being said, let us quickly examine the two major areas of regulation before we study the downstream business & technology ramifications.
Though we will focus on MiFiD II and MAR in this post, the business challenges and technology architecture are broadly applicable across areas such as Dodd Frank CAT in the US & FX Remediation in the UK etc.
MiFiD,MiFiD II and MAR..
MiFiD (Markets in Financial Instruments Directive) originally started as the investment services directive in the UK in the early 90s. As EU law # (2004/39/EC), it has been applicable across the European Union since November 2007. MiFiD is a cornerstone of the EU’s regulation of financial markets seeking to improve the competitiveness of EU financial markets by creating a single market for investment services and activities and to ensure a high degree of harmonised protection for investors in financial instruments.MiFiD sets out basic rules of market participant conduct across the EU financial markets.It is intended to cover market type issues – best execution, equity & bond market supervision. It also incorporates statues for Investor Protection.
The financial crisis of 2008 (http://www.vamsitalkstech.com/?p=2758) led to a demand by G20 leaders to create more safer and resilient financial markets. This was for multiple reasons – ranging from overall confidence in the integrity of the markets to exposures of households & pension funds to these markets to ensuring the availability of capital for businesses to grow. Regulators across the globe thus began to address these changes to create safer capital markets. After extensive work, it has been concluded from a political standpoint and has evolved into two separate areas – MiFiD II & MiFiR. MiFID II expands on the original MiFID & goes live in 2018 , has rules built in that deal with breaching thresholds, disorderly trading and other potential abuse.
The FX market is one of the largest and most liquid markets in the world with a daily average turnover of $5.3 trillion, 40% of which takes place in London. The spot FX market is a wholesale financial market and spot FX benchmarks (also known as “fixes”) are used to establish the relative value of two currencies. Fixes are used by a wide range of financial and non-financial companies, for example to help value assets or manage currency risk.
MiFiD II transparency requirements cover a whole range of organizations in a very similar way including –
- A range of trading venues including Regulated Markets (RM), Multilateral trading facilities (MTF) & Organized trading facilities (OTF)
- Investment firms (any entity providing investment services) and the Systematic internalizers (clarified as any firm designated as a market maker or a bank that has an ability net out counterparty positions due to it’s order flow)
- Ultimately, MiFiD II affects the complete range of actors in the EU financial markets. This covers a range of asset managers, custodial services, wealth managers etc irrespective of where they are based (EU or no-EU)
The most significant ‘Transparency‘ portion of MiFID II expands the regime that was initially created for equity instruments in the original directive. It adds reporting requirements for both bonds and derivatives. Similar to the reporting requirements under Dodd Frank, this includes both trade reporting – public reporting of trades in realtime, and transaction reporting, – regulatory reporting no later than T+1.
Beginning early January 2018 when MiFID II goes into effect – both EU firms & regulators will be required to monitor a whole range of transactions as well as store more trade data across the lifecycle. Firms are also required to file Suspicious Transaction Reports (STR) as and when they detect suspicious trading patterns that may connote forms of market abuse.
The goal of the Market Abuse Regulation (MAR) is to ensure that regulatory rules stay in lockstep with the tremendous technological progress around trading platforms especially High Frequency Trading (HFT). The Market Abuse Directive (MAD) complements the MAR by ensuring that all EU member states adopt a common taxonomy of definitions for a range of market abuse. The MAR
Meanwhile, MAR defines inside information & trading with concrete examples of rogue behavior including collusion, ping orders, abusive squeeze, cross-product manipulation, floor/ceiling price pattern, ping orders, phishing, improper matched orders, concealing ownership, wash trades, trash and cash, quote stuffing, excessive bid/offer spread, and ‘pump and dump’ etc.
The MAR went live on July 2016. It’s goal is to ensure that rules keep pace with market developments, such as new trading platforms, as well as new technologies, such as high frequency trading (HFT) and Algorithmic trading. The MAR also requires identification requirements on the trader or algorithm that is responsible for an investment decision.
MiFID II clearly requires that firms have in place systems and controls that monitor such behaviors and are able to prevent disorderly markets.
The overarching intent of both MiFiD II & MAR is to maintain investor faith in the markets by ensuring market integrity, transparency and by catching abuse as it happens. Accordingly, the ESMA has asked for sweeping changes across how transactions on a range of financial instruments – equities, OTC traded derivatives etc – are handled. These changes have ramifications for Banks, Exchanges & Broker Dealers from a record keeping, trade reconstruction & market abuse monitoring, detection & prevention standpoint.
Furthermore, MiFID II enhances requirements for transaction reporting by including venues such as High Frequency Trading , Direct electronic access (DEA) providers & General clearing members (GCM). The reporting granularity has also been extended to identifying the trader and the client across the order lifecycle for a given transaction.
Thus, beginning early 3rd January 2018 when MiFiD II goes into effect , both firms and regulators will be required to capture & report on detailed order lifecycle for trades.
The below post captures the design of a market surveillance system to a good degree of detail. I had originally proposed it in the context of Dodd Frank CAT (Consolidated Audit Trail) Reporting in the US but we will extend these core ideas to MiFiD II and MAR as well. The link is reproduced below for review.
Architecture of a Market Surveillance System..
The ability perform deep & multi level analysis of trade activity implies the capability of not only storing heterogeneous data for years in one place as well as the ability to perform forensic analytics (Rules & Machine Learning) in place at very low latency. Querying functionality ranging from interactive (SQL like) needs to be supported as well as an ability to perform deep forensics on the data via Data Science. Further, the ability to perform quick & effective investigation of suspicious trader behavior also requires compliance teams to access and visualize patterns of trade, drill into behavior to identify potential compliance violations. A Big Data platform is ideal for these complete range of requirements.
The most important technical features for such a system are –
- Support end to end monitoring across a variety of financial instruments across multiple venues of trading. Support a wide variety of analytics that enable the discovery of interrelationships between customers, traders & trades as the next major advance in surveillance technology. HDFS is the ideal storage repository of this data.
- Provide a platform that can ingest from tens of millions to billions of market events (spanning a range of financial instruments – Equities, Bonds, Forex, Commodities and Derivatives etc) on a daily basis from thousands of institutional market participants. Data can be ingested using a range of tools – Sqoop, Kafka, Flume, API etc
- The ability to add new business rules (via either a business rules engine and/or a model based system that supports machine learning) is a key requirement. As we can see from the above, market manipulation is an activity that seems to constantly push the boundaries in new and unforseen ways. This can be met using open source languages like Python and R. Multifaceted projects such as Apache Spark allow users to perform exploratory data analysis (EDA), data science based analysis using language bindings with Python & R etc for a range of investigate usecases.
- Provide advanced visualization techniques thus helping Compliance and Surveillance officers manage the information overload.
- The ability to perform deep cross-market analysis i.e. to be able to look at financial instruments & securities trading on multiple geographies and exchanges
- The ability to create views and correlate data that are both wide and deep. A wide view is one that helps look at related securities across multiple venues; a deep view will look for a range of illegal behaviors that threaten market integrity such as market manipulation, insider trading, watch/restricted list trading and unusual pricing.
- The ability to provide in-memory caches of data for rapid pre-trade & post tradecompliance checks.
- Ability to create prebuilt analytical models and algorithms that pertain to trading strategy (pre- trade models –. e.g. best execution and analysis). The most popular way to link R and Hadoop is to use HDFS as the long-term store for all data, and use MapReduce jobs (potentially submitted from Hive or Pig) to encode, enrich, and sample data sets from HDFS into R.
- Provide Data Scientists and Quants with development interfaces using tools like SAS and R.
- The results of the processing and queries need to be exported in various data formats, a simple CSV/txt format or more optimized binary formats, JSON formats, or even into custom formats. The results will be in the form of standard relational DB data types (e.g. String, Date, Numeric, Boolean).
- Based on back testing and simulation, analysts should be able to tweak the model and also allow subscribers (typically compliance personnel) of the platform to customize their execution models.
- A wide range of Analytical tools need to be integrated that allow the best dashboards and visualizations. This can be supported by platforms like Tableau, Qlikview and SAS.
- An intelligent surveillance system needs to store trade data, reference data, order data, and market data, as well as all of the relevant communication from a range of disparate systems, both internally and externally, and then match these things appropriately. The matching engine can be created using languages supported in Hadoop – Java, Scale, Python & R etc.
- Provide for multiple layers of detection capabilities starting with a) configuring business rules (that describe a trading pattern) as well as b) dynamic capabilities based on machine learning models (typically thought of as being more predictive). Such a system can also parallelize execution at scale to be able to meet demanding latency requirements for a market surveillance platform.