Concerns over complete venue coverage and FCA ‘name and shame’ approach at compliance roundtable

Risk acceptance and supervisory visits also discussed at Global Relay’s quarterly roundtable in London.

Compliance professionals at the event shared concerns over complete venue coverage in the light of the recent CFTC fine of $500,000 for supervision failures. As a registered swap dealer, ANZ was found to be violating its supervision obligations when it failed to ensure that its spoofing surveillance tool was operating properly.

In general, there was a confidence in governance for the onboarding processes for new venues but gaps remain with historical data. There’s some historical “risk acceptance” to small venue trade data but there was a warning that it can mount up over time and become an issue.

There were some discussions on whether you can “risk accept” comms when you can’t understand the language the brokers are speaking (small numbers). The conclusion was that historically there was no alternative other than to risk accept. However, it is inadvisable to “risk accept” when not adhering to a regulatory rule.

Recordkeeping: surveillance minutes

Those present agreed that surveillance are the only people who really care about order recordkeeping.

It was reported as “hearsay” but remains of note that US regulators have expressed an interest in seeing minutes of firm surveillance meetings to see how decisions are being made and to identify if the right person/senior level is making the decision. There was some discussion about whether this resembled FCA SMCR.

In general, all meetings where decisions are being made are/should be recorded for audit purposes.

Supervisory visits of note

Germany’s financial regulator, BaFin, is asking for local offices to have oversight of local systems/comms. (This can be an issue if the talent sits in London).

In France, the AMF is also keen for local compliance presence, and similar reports have come in from Luxembourg. In some cases, surveillance decisions need to be approved by every location which worsens surveillance performance and effectiveness.

The UK’s FCA has been asking about “gifts and entertainment” – starting with banks and then moving on to brokers. (Note, no banker wants their name on a broker’s entertainment declaration form!)

The NFA is actively seeking information from some surveillance teams and also looking at vendor tech capability.

FCA’s February

MW 76 Flying & Printing

This was viewed as low-hanging fruit. Banks have been frustrated about broker pricing and where relevant have informed the FCA.

Flying and printing is generally frowned upon and consequences can be serious. However, some brokers have been seen to leave and go to smaller firms who are less concerned with FCA warnings.

See also FCA says that misleading market communication practices persist.

UK crypto market abuse regime

The FCA plans to help deliver a market abuse regime for crypto this year. The regime would apply to anyone committing market abuse on a crypto asset that is trading on a UK exchange, regardless of where they are based.

Whilst MiCA is pegged to MAR (they use the same indicators to identify market abuse), the FCA is pursuing a different strategy, supervising the venue and thus placing some reliance on the venue as the enforcer.

FCA ‘name and shame’ policy

This has not been well received by the industry. And the FCA has left many questions unanswered and issues unaddressed:

  • What is the purpose? Is it an early settlement tool?
  • How can a single-side publicity notice be an educational tool?
  • An enforcement decision does not pivot on witness and whistleblower statements.
  • Is this FCA response in reaction to the NAO reporting FCA delays?
  • The Public Interest Rule is still not explained – transaction reporting issues are not in the public interest (unlike pensions).
  • The FCA closes 65% of investigation cases and yet it is planning to publicise two thirds of its investigations.
  • There is uncertainty about whether if a US firm is named and shamed, will the firm then sue? There is a question mark over Statute of Immunity, but you can sue a regulator for negligence.

(See FCA’s Therese Chambers explains how the enforcement publicity proposal will work in practice.)

Jamie Bell in conversation @ Global Relay

Jamie Bell, the FCA’s head of secondary market oversight, spoke at a Global Relay event in London in front of an audience of over 140 compliance professionals. The UK regulator is “inflecting” and “pivoting” towards FICC markets.

The FCA is keen to engage firms before wrongdoing and advise firms to follow through on Market Watch communications.

Misconduct letters (as forewarned by Bell) have now gone out across all firms. The FCA has asked for statistics covering a three-year period and including the methods used to detect incidents as well as their outcomes.

(See Pragmatic and enabling: FCA’s Jamie Bell explains role regulator wants to play and FCA asks about non-financial misconduct at insurance firms.)

Non-financial misconduct

Jamie Bell said the FCA often sees strong correlations between market abuse failure and non-financial misconduct.

Examples of non-financial misconduct in practice and the problems with surveillance of the this type of conduct include:

  • Pressure on junior brokers to move screens / hovering over the shoulder of brokers to see their screens.
  • Inappropriate language in the workplace – often loose language remains in use by front office.
  • Being unable to monitor conduct in Europe due to Labour Laws.
  • No real measure of compliance culture in US.

Off-channel comms and recordkeeping

Transcription of voice recordings

There is no guidance from the regulators on recordkeeping the transcriptions. It was noted that at a recent NFA supervisory meeting, a transcription of a recording was not deemed a record. This was because with the use of current technology, it was considered that it is highly likely that the transcription would be an inaccurate record.

The consensus belief is that only the audio file needs to be retained. However, it is generally accepted that transcriptions are kept as long as the alert.

Voice recordings are held for one year and electronic records for 10 years (because of data storage).

It was queried whether transcriptions will feel more discoverable to the regulator and thus create more risk for the firm? There was some discussion about whether firms should “get rid” of them.