Introduction

On January 19, 2023, the Financial Industry Regulatory Authority (FINRA) released its 2023 Examination and Risk Monitoring Program report (the FINRA Report), highlighting the following key elements of its expanded enforcement priorities:

• Member firms are encouraged to strengthen their compliance and reporting frameworks to combat increased threats from fraud, cybercrime, and other financial criminals.
  
• FINRA established a Cyber and Analytics division to address the increased cybersecurity threats to customers.
  
• Finally, the FINRA Report outlined enhanced expectations for its member firms regarding detection and prevention of impermissible trading practices, including manipulative trading. ¹

This regulatory brief will focus on FINRA obligations regarding manipulative trading prevention and related impacts to trade surveillance and compliance programs.

Background

FINRA Rule 3110 requires member firms to supervise any associated persons’ trading procedures; and supervisory procedures must include a process for reviewing securities transactions which is “reasonably designed” to detect and report trades that may violate applicable FINRA, SEC and other regulations that prohibit manipulative trading and “deceptive devices.” ² 

FINRA listed several findings from its 2022 enforcement program, including:

• Inadequate Written Supervisory Procedures – Member firms were cited for not identifying the specific steps and individuals responsible for detecting and reporting manipulative conduct; and for not having detailed enough escalation processes when such conduct was detected.
  
• “Non-Specific” Surveillance Thresholds – Additionally, member firms were found to be deficient for not reasonably designing and implementing surveillance controls.  Examples of such deficiencies could include thresholds set too low or too high to identify meaningful activity; thresholds that failed to capture certain security types or market classes; and thresholds that did not capture both proprietary and customer trading activities. 
  
• Surveillance-Related Deficiencies – Thirdly, member firms were found to have inadequately monitored customer activities for potential manipulation, including failing to review exception reports - not documenting the results of reviews/investigations -  and failing to consider other sources of red flags outside of surveillance (e.g. regulatory requests and inquiries), failing to train responsible staff, and having incomplete surveillance scenarios and rules.

What can Member Firms Do?

Strengthen their trade surveillance programs. In response to findings in the FINRA report, member firms should review their customer and proprietary data used to detect manipulative trading practices and ensure they have adequate coverage in their “reasonably designed” programs. This means that applicable rules and scenarios should be reviewed to ensure that potentially manipulative schemes such as layering, front-running, trading ahead, spoofing, wash sales, prearranged trading and momentum ignition are properly calibrated, and inclusive of potential schemes that involve correlated securities transactions such as stocks, exchange-traded funds (ETFs) and bonds.³ 

Trade surveillance programs likely may not be considered "reasonably designed" under FINRA requirements if specific measures to address potential momentum ignition trading are non-existent or otherwise inadequate. More specifically, member firms must be able to detect layering and spoofing activities where a customer places a non-bona fide bid (below the bid or above the offer) on one side of the market to entice other market participants to respond with a trade on the other side of the market. Additionally, firms must have the capacity to identify transactions in cross-product securities that manipulate the price of the underlying security, which influences the price at which a market participant can set or close a related options position.

Member firms should also evaluate whether their trade surveillance programs can effectively monitor trading activity across trading platforms which could involve related financial instruments or correlated securities products, as discussed above. Member firms should also review its trade surveillance scenarios specific to wash trading to ensure that they are monitoring instances where customers engage in wash trading to collect liquidity rebates from exchanges. This can be done by monitoring accounts flagged as “related” in a member firm’s wash trading/pre-arranged trading surveillance reports, and reviewing trading activity that relates to any information provided by a customer on onboarding/account opening documentation.  

Member firms should also be aware of FINRA expectations regarding exchange-traded products (ETPs) and the unique surveillance challenges they may present. FINRA expects a robust supervisory program designed to protect material, non-public information (MNPI) to prevent front-running and trading ahead based upon ETPs. Such supervisory measures could include:  information barriers to prevent leaking MNPI; reviewing the creation and redemption processes used in a member firms ETP program and tailoring the surveillance program to look for manipulative strategies that exploit those processes; reviewing strategies that seek to exploit information seepage from portfolio compression.

Finally, member firms should ensure their formal training programs are uniquely tailored to those with trade surveillance and reporting responsibilities including, but not limited to, potentially manipulative scenarios and escalation criteria. In planning, developing, and implementing a training program, each broker-dealer must consider its size, structure, scope of business and regulatory concerns, as front office personnel can be as effective in detecting potentially manipulative trading activities as compliance and operational teams.⁴

Conclusion

Member firms should be prepared to adapt to evolving threats to their compliance programs, not just from manipulative trading, but from other areas of potential abuse.  

FINRA appears poised to increase its focus on both trade surveillance and financial crimes more generally; therefore, member firms should proactively review their systems of internal controls to ensure they are “reasonably designed” to respond to increased threats from money laundering, cybersecurity, fraud and manipulative trading.  

In response, firms will increasingly have to take a holistic approach to compliance, as red flags for potential violative conduct may be better detected in other business units’ compliance processes – for example, trade surveillance may be in a better position to escalate manipulative conduct in micro-cap securities to the BSA/AML compliance teams; and coordination and data sharing in these investigations will be paramount. 

Firms with a traditionally siloed approach to suspicious activity monitoring across trading, fraud, money laundering, sanctions and cybersecurity should migrate to a more integrated approach to avoid missing the potential correlation and interconnections between varying criminal threats.  Examples of this evolutionary process might include: implementing a surveillance & monitoring Target Operating Model; creating an integrated center of excellence across the various surveillance functions; combining separate workflows to create a single case management workflow; and where possible, designing and implementing integrated controls.

____________________________________________

References

¹See, FINRA Rules 2010 (Standards of Commercial Honor and Principles of Trade), 2020 (Use of Manipulative, Deceptive or Other Fraudulent Devices), 5210 (Publication of Transactions and Quotations), 5220 (Offers at Stated Prices), 5230 (Payments Involving Publications that Influence the Market Price of a Security), 5240 (Anti-Intimidation/Coordination), 5270 (Front Running of Block Transactions), 5290 (Order Entry and Execution Practices) and 6140 (Other Trading Practices).

² See, FINRA Rule 3110 (Supervision), 3110. Supervision | FINRA.org

³ “Momentum ignition” refers to the practice of entering orders to trade or a series of orders to trade, or executing transactions or series of transactions, likely to start or exacerbate a trend and to encourage other participants to accelerate or extend the trend in order to create an opportunity to close out or open a position at a favorable price.  Momentum ignition may also be illustrated by the high ratio of cancelled orders (e.g., order to trade ratio) which may be combined with a ratio on volume (e.g. number of financial instruments per order).

⁴See, FINRA Registration, Exams, and Continuing Education