FCA Market watch 69 | Key Takeaways & Considerations
20th May 2022 by Brielle Hewitt
The Regulator drills the monitoring and supervision message home; Mitigate the risk of Market Abuse and Financial Crime with a 360-degree approach.
The FCA released Market Watch 69 on the 17th of May 2022.
In this latest Market Watch, the regulator, without being totally direct, is throwing many ‘recommendations’ on best practices to mitigate the risk of Market Abuse and financial crime.
Our top three takeaways from Market Watch 69 are that the regulator stresses;
- Firms must consider the ‘intent’ of wrongdoing by using all available data and information; not just trade data but including communications and calls.
- Firms must now have a robust (systematic) policy-driven approach,
- Obligations apply equally across large and small firms.
In this article, we take a useful look at the updated lists of key areas the regulator has focused on during ongoing review work, key findings around operational set-up, and strong ‘recommendations’ around operational best practices…
Firms Must Consider Intent and take a 360 approach to risk.
The regulator expects that your organisation has reviewed its entire risk profile, even in the context of different areas of business activity, asset classes, method of execution, nature of trading platforms through to different types of market abuse risks (layering, spoofing, wash trading and ramping). The method of execution must be considered in both the easy to do e-trading and trade data systems to the more challenging intent based environments, where indicators and intent are typically found in eCommunications such as Bloomberg Chats, and Emails, Teams or WhatsApp or even Voice.
The regulator has been very clear that the entire risk profile of a firm’s business needs to be considered, not just simply the structured data around transactions and trades. Most importantly, the risk around the conduct of people, and the intent around a trade or transaction also need to be mitigated to prevent financial crime.
The regulator is advocating the use of technology to be able to do monitoring and surveillance well, with the goal to stop financial crime before it even starts. Most of this intent and misconduct happens within the ‘unstructured’ communications data around a trade or transaction, and therefore, appropriate, and proportionate systems need to be in place to monitor and counter these communication risks.
Those firms that take the time to understand their full risk profile, implement appropriate systems and controls to mitigate and monitor the risk around both their structured and unstructured data and continue to update policies, procedures, and guidance on how to do surveillance and monitoring well, will be sitting in a good position if the FCA ever come knocking for a review.
Take a Robust, Policy Driven Approach to manage risk.
Have a good Market Abuse Risk Assessment Policy in place
It’s best you have an up-to-date, watertight, MA Risk Assessment Policy for your organisation to answer the regulator with if called on. Be clear, provide detail, and keep them up to date.
From the regulator’s perspective, you can’t be too over-prescriptive. They expect that you are providing a level of guidance and detail that ensures staff members know not just what work should be completed but how work should be undertaken. Policies should only exist in a framework with KPI reporting, audit & review.
Robust and Effective Systems and Controls to Reflect the Policy
Organisation’s systems, controls and monitoring formal Policies & programmes should be informed by their most up to date risk assessment to ensure effective surveillance coverage, reporting & KPI management is in place. It is the duty of each firm to ensure Policies remain effective in the context of risks arising from changes in business activity and markets. Policies, KPIs and reports should be reviewed regularly to ensure risk continues to be mitigated as business activity and markets change. The KPI & Reports should be used to tune the systems in place to do the actual monitoring and supervision.
Policy should mitigate the risk of conflict of interest – who should be responsible for what role?
Depending on the size of your firm, you may have front office staff operating in dual roles as part of compliance, and therefore are responsible for market abuse surveillance. However, firms need to consider whether they have adequately assessed potential conflicts of interest when this is the case.
Independent compliance functions (if possible) are best
This takes away the risk of conflict of interest and allows for monitoring to be performed separately from the front office business, meaning surveillance is undertaken free from conflicts of interest.
Implement a formal SYSC 6.1.1R framework to manage relevant risks
If you don’t have one in place already, the regulator recommends you get a guidance framework in place around SYSC 6.1.1R. They published the Financial Crime Guide in 2018 which sets out regulatory guidance for firms in relation to market abuse related crime.
Having this framework in place will allow your firm to make appropriate decisions in managing those risks, in a consistent manner – from terminating client relationships, or limiting access to certain instruments – your employees should understand how to keep everything in check and compliant.
You might have systems in place, but your Policy & processes are more important to mitigating risk
“While all of these (systems) can be effective when implemented and used appropriately, we remind firms of the importance, and regulatory obligation, to periodically review their arrangements to ensure they remain effective. This will include surveillance alert parameters and logic, as well as work is undertaken on the analysis and escalation of alert output.”
Obligations apply equally across large and small firms
“Identifying and reporting instances of potential market abuse is required under the Market Abuse Regulation (‘UK MAR’). A firm must have effective arrangements, systems and procedures in place to detect and report suspicious activity, which should be appropriate and proportionate to the scale, size and nature of its business activities. “
Make the most of your tech – and learn to use it well
The FCA acknowledges that third party vendor systems have progressed hugely in recent years, however, firms need to be aware of these developments to ensure they are utilising these systems to their full potential. It is important to stay up to date with the capability of your system, tune the parameters against your KPI reports, and continue to train on how to get the most out of them.
How can Fingerprint help?
Holistic oversight over your unstructured communications data is achievable, and can be done effectively, in proportionality and most importantly, cost-effectively.
Fingerprint’s Supervision platform enables regulated firms to have effective oversight over ALL ‘unstructured’ communications data that flows through an organisation daily, weekly, monthly… It simplifies compliance surveillance and monitoring workflows and provides a suite of powerful and effective investigation tools and reporting that will satisfy both your firm’s regulatory requirements, as well as provide general management & compliance oversight. It automates many of the currently manual, ineffective processes of communications monitoring activity, but still allows for human judgement and decisions for the management of risk.
Speak to our expert team today to find out how Fingerprint can support your firm to achieve efficient compliance operations, in a cost-effective way.