Duty to Detect, Prevent, and Report Market Abuse and Persons Professionally Arranging or Executing Transactions
By Lorenzo Parola and Francesco Falco
The duty to detect, prevent, and report market abuse provided for under Article 16 of Regulation (EU) No 596/2014 (“MAR”) applies broadly, including, inter alia, to “non-financial firms that, in addition to the production of goods and/or services, trade on own account in financial instruments as part of their business activities (_e.g., industrial companies for hedging purposes),” “_investment management firms,” and “firms professionally engaged in trading on own account (proprietary traders)”.
A recent decision by the English Financial Conduct Authority (“FCA”) offers an opportunity to examine the state of the art of the arrangements, systems, and procedures to be implemented by “persons professionally arranging or executing transactions”—and, in particular, global players—in order to comply with the mentioned regulation.
I. Prevention, Detection, and Reporting of Market Abuse
Under Article 16 of MAR, market makers, investment firms, and “persons professionally arranging or executing transactions” are in charge of maintaining effective arrangements, systems, and procedures in order to detect and prevent market abuse and reporting suspicious orders and transactions to the competent authority (“STOR”).
“Persons professionally arranging or executing transactions” are defined as persons professionally engaged in the reception and transmission of orders for, or in the execution of transactions in, financial instruments.
such definition is “activity based,” thus, it is independent from the definitions under MiFID in such a way that it is not limited to firms or entities providing investment services under MiFID; and
since the obligation to detect and identify market abuse applies broadly, the definition includes buy side firms, such as investment management firms (AIFs and UCITS managers), as well as firms professionally engaged in trading on own account (proprietary traders).
Therefore, according to ESMA, even non-financial firms that, in addition to the production of goods and/or services, trade on own account in financial instruments as part of their business activities (e.g., industrial companies for hedging purposes) can be considered firms professionally arranging or executing transactions in financial instruments. The fact that they have “staff or a structure dedicated to systematically deal on own account, such as a trading desk, or that they execute their own orders directly on a trading venue as defined under MiFID II, are indicators to consider a non-financial firm as a person professionally arranging or executing transactions.”
Under Article 16, par. 2, of MAR such persons shall (i) establish and maintain effective arrangements, systems and procedures to detect and report suspicious orders and transactions and (ii) notify the relevant authority
II. Arrangements, Systems, and Procedures for Persons Professionally Arranging or Executing Transactions
Commission Delegated Regulation (EU) 2016/957 (“Delegated Regulation”) provides several rules regarding the implementation of appropriate arrangements, systems, and procedures for STOR. In particular, such arrangements, systems, and procedures shall:
ensure effective and ongoing monitoring of all orders received and transmitted and all transactions executed,and the transmission of STORs to relevant authorities;
(i) be appropriate and proportionate in relation to the scale, size, and nature of their business activity, (ii) be regularly assessed, at least through an annually conducted audit and internal review, and updated when necessary, (iii) be clearly documented in writing, including any changes or updates to them, and (iv) guarantee and maintain the confidentiality of the information; and
provide the analysis, individually and comparatively, of each and every transaction executed and order placed, modified, cancelled, or rejected in the systems of the trading venue (and outside a trading venue) and produce alerts indicating activities requiring further analysis, covering the full range of trading activities undertaken by the persons concerned.
In this respect, in its Final Report, ESMA stressed that in the large majority of cases, once entities reach a certain level of activity, an automated surveillance system is needed to detect suspicious orders and transactions.
Furthermore, persons professionally arranging or executing transactions are entitled to delegate: (i) the performance of the functions of monitoring, detection, and identification of orders and transactions to a legal person forming part of the same group; in such case, the delegating entities remain fully responsible for the obligations stated in Article 16 and should be the ones submitting any STOR to the competent authority;
With regard to reporting obligations—for the purpose of submitting a STOR
ensure the submission of a STOR without delay, once reasonable suspicion of actual or attempted insider dealing or market manipulation is formed;
entail the possibility to report STORs in relation to transactions and orders which occurred in the past, when suspicions arise in light of subsequent events or information;
guarantee the submission to the competent authority of any relevant additional information they became aware of after the STOR had been submitted, and provide any information or document requested by the competent authority; and
ensure the maintenance for a period of five years of information documenting the analysis carried out and the reasons for submitting or not submitting a STOR.
III. FCA’s Decision
On 25 January 2018 the FCA fined an online brokerage firm based in the U.K. (“Broker”) in connection with systems, procedures, and policies adopted under the U.K. regulation related to STOR.
The decision clarified that, in respect of STOR, no “one size fits all” principle applies and a customization of systems, procedures, and policies is thus required.
According to the mentioned decision, Broker failed to: (i) implement adequate policies and procedures; (ii) provide adequate input into the design and calibration of those systems; (iii) test the operation of those systems; (iv) provide effective oversight of the review of the post-trade surveillance reports; and (v) provide adequate guidance or training to those carrying out the review.
In particular, according to the decision, Broker “relied entirely on post-trade surveillance systems which were designed for the whole [group]” and “which operated on a global basis, across multiple jurisdictions, for all Group entities,” Those systems “were not tailored in any way for the specific business” of Broker. Moreover, Broker delegated the conduct of its initial post-trade surveillance to a compliance team from a U.S.-based affiliate company. However, its “oversight of that team’s conduct of the reviews of the Post-Trade Surveillance Reports was inadequate, and in particular it failed to monitor the quality of the reviews that were conducted. It also failed to ensure that members of the team had adequate guidance or effective training.”
With specific reference to Broker’s policy, the FCA’s decision stated that Broker had failed to implement adequate policies and procedures as throughout the relevant period the policy in place did not, inter alia:
provide sufficient guidance to reviewers detailing how to carry out a review of the post-trade surveillance reports;
require reviewers to document their reviews of the post-trade surveillance reports;
provide for specific circumstances in which reviewers should escalate potentially suspicious transactions to the compliance team for further consideration or consultation; or
require the compliance team to monitor reviewers to ensure the reviews being carried out were done effectively.
Furthermore, the FCA noted that the policy: (i) was made available by Broker on the Group’s intranet, but had not been brought to the attention of the persons in charge of the review of orders and transactions; in particular, Broker’s compliance team did not carry out training or other checks to ensure the reviewers had read and understood the policy; and (ii) merely restated the law, without considering Broker’s own market abuse risks, and did not provide guidance on how to review the reports related to potentially suspicious transactions.
The wide definition of persons professionally arranging or executing transactions provided by ESMA should draw the attention of all those persons—including “non-financial” entities—that, to some extent, operate with financial instruments to the application of the duty to detect, prevent, and report market abuse.
Arrangements, systems, and procedures have to comply with rules and provisions set forth by both MAR and Delegated Regulation; in that regard, in light of the FCA’s decision and ESMA recommendations, a purely formal procedure (e.g., designed for all group entities or limited to a restatement of MAR provisions), which is not customized and/or does not contemplate a training of the entity’s staff, would not meet the requirement provided for under the relevant EU legislation.
Arrangements, systems, and procedures must be tailored to the single entity, taking into account the relevant market abuse risks and assuring a dissemination of the policy within the entity as well as a consistent application of the same by all persons involved in the entity’s activities by means of training activities.