| Americas, Asia, Global, UK & Europe | Articles
The £1m fine levied on Interactive Brokers by the FCA for market abuse failings may not have made the same headlines as some of the eye watering financial crime related fines over recent years, however the messages coming out of the FCA should make all firms sit up and take action. Market abuse is also an issue in every major financial centre. Regulators in the US, UK, Europe and Asia-Pacific have issued fines, totalling $466 million for market abuse alone in 2017.
The Hong Kong Securities and Futures Commission (SFC) reprimanded and fined Interactive Brokers Hong Kong Limited $4.5 million, for failing to have adequate internal controls to prevent its execution of market orders from disrupting the market. Although slightly different to the FCA enforcement, the same entity is being picked up in another jurisdiction for market abuse offences.
The core issues involved failures of the trade surveillance controls. Interactive Brokers’ UK and HK electronic trading system was developed by its head office in the US, with the programming department responsible for the development and quality assurance of the system. However neither of the entities conducted adequate user acceptance testing on the system.
Although these fines relate to market abuse, the actions serve as a reminder that authorised firms must have appropriate controls to mitigate the various risks that they face through the nature of their business. Regulators are sending out a clear message that where controls are preformed outside of a firm’s home jurisdiction, firms will need to:
- understand how systems are calibrated and why they are suitable for the firm
- perform operational testing of the system to assess effectiveness
- undertake QA in relation to controls executed
- ensure policies and procedures being used by teams are fit for purpose and contain sufficient granularity on areas such as escalations
- ensure those performing controls have appropriate guidance and training
Questions senior management of firms should be asking themselves are:
- Which controls are performed overseas?
- What input have we had into the design and calibration of controls that we are relying upon?
- Have we tested the effectiveness of systems?
- What oversight do we have of the outsourced activity (particularly as we retain responsibility)?
- Do we have clear SLAs in place to manage outsourced activity?
- Are the policies and procedures used by the outsourced function relevant and practical?
If you would like to discuss practical approaches to managing your control framework please get in touch.
