The affirmation by a federal appeals court of the conviction of the first trader prosecuted for spoofing under the 2010 Dodd-Frank Act, and a sanctions discount for a non-US banking entity that cooperated with the Commodity Futures Trading Commission after detecting spoofing activity highlighted last week’s financial services industry developments in the US. In addition, staff of the CFTC granted relief from certain mandatory advance notice filing requirements that certain persons would otherwise have had to comply with beginning today in order to disaggregate futures and related options positions among affiliated entities for CFTC position limit purposes. As a result, the following matters are covered in this week’s edition of Bridging the Week:
Legal Weeds: The Department of Justice has now been responsible for three criminal prosecutions relying on the Dodd-Frank anti-spoofing provision – this criminal action against Mr. Coscia; a second matter against Navinder Singh Sarao who was indicted in April 2014 and settled with the DoJ in November 2016; and a third action against David Liew in June 2017.
In both the cases against Mr. Coscia and Mr. Sarao, prosecutors were likely emboldened to initiate the criminal actions because of a seemingly straightforward path to establish intent – a necessary element to prove spoofing and other related crimes: both Mr. Coscia and Mr. Sarao apparently used software purposely designed to layer and spoof markets to facilitate fills, and both proactively participated in the design of such software. As the Court noted in its Coscia decision, the defendant’s chief programmer testified at trial that Mr. Coscia asked that the relevant trading programs act “like a decoy” to be used to “pump [the] market.” Not good.
Mr. Liew’s case involved materially different circumstances, as he appears to have been a very junior trader who allegedly was trained to spoof and traded as taught.
Existence of an easy path to demonstrate intent to cancel bids or offers before execution (including documentary evidence in the form of computer code) coupled with overwhelming evidence of such cancellations associated with layering orders (compared to a far lower cancellation rate associated with other orders) – as apparently was present in Mr. Coscia’s and Mr. Sarao’s cases – could tempt a prosecutor to initiate other criminal prosecutions alleging spoofing and related offenses. This appears possible even where there are or have been prior CFTC, exchange or even foreign civil actions involving a potential defendant for the same essential offense. Prosecutors will likely feel even more emboldened after the Federal Appeals Court decision involving Mr. Coscia.
(Click here for details regarding Mr. Sarao’s indictment and settlement in the article “Alleged Flash Crash Spoofer Pleads Guilty to Criminal Charges and Agrees to Resolve CFTC Civil Complaint by Paying Over $38.6 Million in Penalties” in the November 13, 2016 edition of Bridging the Week. Click here for details regarding the criminal action against Mr. Liew in the article “Former Newbie Bank Trader Pleads Guilty to Criminal Charges and Settles CFTC Civil Charges for No Fine for Spoofing, Attempted Manipulation and Manipulation of Gold and Silver Futures” in the June 4, 2017 edition of Bridging the Week.)
(Under CFTC rules a person that holds a 10-percent or more ownership interest in another person, or directly or indirectly controls the trader of another person, must aggregate their futures and related options positions (on a futures equivalent basis) with those of such other person. However, CFTC rules provide for certain exemptions from aggregation in the case of affiliated entities where there are certain prescribed indicia of independence in trading decisions and information walls between the affiliates, and other circumstances. Click here to access CFTC Rule 150.4.)
Compliance Weeds: Importantly, DMO’s new relief is not an invitation to do nothing. Where a person is potentially required to aggregate its futures and related options positions with another affiliated person for core CFTC commodities (click here to access CFTC Rule 150.2 for the current list of core commodities), it should assess substantially in advance of a potential position limit breach whether it might be eligible to disaggregate its positions with such affiliated person based on any exemption provided by the CFTC (e.g., owned-entity exemption, independent account controller exemption). If such person is eligible and desires to disaggregate positions, it should confirm that all requisite conditions necessary to qualify for such exemption are in place or promptly implement all requirements. It may be too late to benefit from an exemption if appropriate measures are not implemented prior to a position limit breach, let alone after a CFTC or DCM request for a notice filing. Such analysis should also occur in connection with DCM position limits and exemptions available at DCMs where there may be parallel provisions.
Compliance Weeds: The SEC has brought two enforcement actions against registrants for failing to comply with Regulation S-P over the past two years.
(Regulation S-P requires registered broker-dealers, investment advisers and investment companies to adopt written policies to help protect customer records and information. The rule addresses administrative, technical and physical safeguards regarding such information. Click here to access the text of Regulation S-P.)
In one enforcement action, RT Jones Capital Equities Management, Inc., an investment adviser, agreed to pay a fine of US $75,000 to resolve charges by the SEC for not having written cybersecurity policies and procedures to protect customer records and information in advance of a cyber-attack. (Click here to access further details regarding this enforcement action in the article “SEC Sanctions Investment Adviser for Not Implementing Policies and Procedures in Advance of Cyber-Attack” in the September 27, 2015 edition of Bridging the Week.) Moreover, this year, as in 2016, OCIE has indicated that cybersecurity is a priority in its examinations of registrants. (Click here to access OCIE’s examination priories for 2017.)
Separately, effective March 1, 2016, all members of the National Futures Association were required to adopt and enforce written policies and procedures to protect customer data and help prevent unauthorized access to their electronic systems. (Click here for further details on NFA’s requirements in the article “NFA Proposes Cybersecurity Guidance” in the September 13, 2015 edition of Bridging the Week.)
SEC and CFTC registrants generally should ensure they not only have robust policies and procedures addressing cybersecurity, but also ensure such measures are tailored to their firms’ specific business and followed.
My View: In a press release accompanying this matter, Jamie McDonald, the CFTC’s recently appointed DOE Director stated, “We expect market participants, through adequate supervision, to prevent this sort of misconduct before it starts.” Hopefully, this is at least a bit of hyperbole. Although it might be possible to review an algorithmic trading system's source code prior to system implementation to detect potential spoofing functionality, there is nothing in the BTMU Order that definitively suggests Trader A utilized an automated trading program. A trading firm could and should have policies and procedures that make it clear to employees that all illicit trading, including spoofing, is prohibited. A trading firm should also conduct regular training to reinforce such measures and, if it proposes to use an automated trading program, consider having an independent person within or outside the organization review the program’s source code to detect any possible layering and spoofing features as practical. In addition, firms should likely have measures reasonably designed to flag problematic trading as soon as possible after it occurs, and to address any issues promptly. However, if a trader only manually enters orders, it would be very difficult in practice for the trader’s employer to prevent rogue conduct before it happens and it should not be held to an unrealistic standard to avoid a substantial sanction. The CFTC should follow the good precedent of CME Group in a disciplinary action against Geneva Trading last October when two of its exchanges opted not to insist on a fine as a condition of settlements where the firm apparently maintained and followed good procedures to try to prevent and detect alleged spoofing by its employees, but spoofing allegedly occurred anyway. (Click here for background on this matter in the article, "Recent CME Group Disciplinary Action Suggests Liability May Not Automatically Mean Fines" in the October 23, 2016 edition of Bridging the Week.)
For further information:
Canada AMF Cautions Against Solicitations of New Virtual Currency:
CFTC Suspends Advance Notice Filing Requirement to Perfect Disaggregation Relief for Position Limit Calculation Purposes:
CME and CBOT Settle Disciplinary Actions for Alleged Position Limits Violations and Spoofing:
ESMA Agrees to First Position Limits Under MiFID II for Three Contracts:
Federal Court Rejects CFTC Request for Permanent Trading Ban Against Energy Trader Who Falsely Altered Employer’s Records:
Foreign-Based Bank Settles CFTC Charge of Spoofing for US $600,000 Fine:
SEC Concludes Dodd-Frank Impact on Primary Issuance and Second Market Liquidity Has Been Mixed:
SEC Watchdog Finds Cybersecurity Policies Better But Not Always Enforced:
Trader’s Spoofing Conviction and Sentence Upheld by Federal Appeals Court:
The information in this article is for informational purposes only and is derived from sources believed to be reliable as of August 12, 2017. No representation or warranty is made regarding the accuracy of any statement or information in this article. Also, the information in this article is not intended as a substitute for legal counsel, and is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The impact of the law for any particular situation depends on a variety of factors; therefore, readers of this article should not act upon any information in the article without seeking professional legal counsel. Katten Muchin Rosenman LLP may represent one or more entities mentioned in this article. Quotations attributable to speeches are from published remarks and may not reflect statements actually made.