Behavox Blog

FCA takes electronic broker to task over market abuse controls and STR failings

Feb 7, 2018 11:12:54 AM / by Behavox Regulatory Intelligence









The UK arm of the US retail broker, Interactive Brokers, has been fined more than £1m by the UK’s Financial Conduct Authority (FCA) for supervisory control and surveillance failings.


The Behavox Regulatory Intelligence team takes a deep dive into the final order.


Interactive Brokers UK (IBUK) was sanctioned for “serious and systemic weaknesses”.


IBUK has approximately 31,000 retail and institutional clients and provides a trading platform for dealing in various index options, futures and contracts for difference (CFD) – it has no front office and all trading is facilitated online.


IBUK delegated its post-trade monitoring to a team based at another company within the Interactive Brokers Group in the US.

However, IBUK failed to adequately input into the design and calibration of the post-trade monitoring systems, or test their operation, to ensure that potential market abuse by its clients would be captured, and it failed to provide effective oversight of the US team’s conduct of the reviews of the reports produced. In particular, it carried out no quality assurance or monitoring of the review of the reports, and it failed to ensure that the staff conducting the reviews were adequately trained.


This heightened the risk of IBUK failing to submit suspicious transaction reports (STRs) to the FCA. Prior to being notified of the FCA’s concerns, during the Relevant Period IBUK failed to submit any STRs in relation to insider dealing and the Authority has identified three occasions on which IBUK failed to report suspicious trading by IBUK clients.


"Firms have a key responsibility to report suspicious conduct and an obligation to ensure their trading systems are not used for the purpose of financial crime," said Mark Steward, director of enforcement and market oversight at the FCA.


"IBUK’s systems were inadequate and ineffective in the face of potentially suspicious transactions; they fell below the appropriate standards and exposed counterparties and the market to risks they did not bargain for," Steward said.


Contentious regulatory expert Jonathan Cavill, of Pinsent Masons law firm, said the action shows the importance of having appropriate systems and controls in place to properly identify and prevent financial crime.


"Here, IBUK did not have appropriate post-trade systems and controls to identify suspicious trades, which could therefore allow for or encourage financial crime,” said Cavill. “Crucially, there was an over-reliance on group systems and controls by the firm in question, rather than the firm having its own bespoke systems and controls relevant to its specific UK business.”


Mark Steward, Director of Enforcement and Market Oversight at the FCA, said: 

"Firms not only have a key responsibility to report suspicious conduct in our capital markets, they also have an obligation to ensure their trading systems are not used for the purpose of financial crime. IBUK’s systems were inadequate and ineffective in the face of potentially suspicious transactions; they fell below the appropriate standards and exposed counterparties and the market to risks they did not bargain for. The FCA will continue to enforce appropriate standards of market conduct to ensure our markets function well."

The FCA considers that the breach revealed serious and systemic weaknesses within IBUK’s procedures. The FCA has therefore fined IBUK £1,049,412.


Brightlines to take away from this enforcement:


STRs - the obligations to ensure sufficient reporting of suspicious transactions are extremely important and the regulator will be unforgiving in cases where firms do not have systems and controls that are appropriate to their business to recognize potential market abuse, whether evidence of actual instances has been found or not. In this action, the FCA spelt out previous information given in its Market Watch newsletters, referring to guidance available from the Committee of European Securities Regulators.

The FCA newsletters have also underlined that while ‘it is not easy’ to identify suspicious transaction and order behavior, and the regulator does not expect every case to be found, the firm must have the necessary systems and procedures to do this.

Reporting is required if there are ‘reasonable grounds for suspecting the transaction involves market abuse’ (FCA SUP 15.10.2R); this obligation applies even where suspicion is raised about a situation retrospectively. Each firm needs to be sure of what its own parameters are for reasonable grounds for suspicion – certain proof of market abuse is not essential for a reviewer to have suspicion. It is key that the firm has appropriate and robust monitoring systems. FCA takes care to remind firms of SUP 15 Annex 5G of the Handbook where there are examples of indicators of potentially suspicious transactions.


Effectiveness of review and the obligations on outsourced supervision -  in this case the FCA took umbrage at the lack of involvement that IBUK had in the review process. It conducted no review of post-trade surveillance effectiveness, did not assess the adequacy of the policies and procedures and was not involved in the calibration or design of the review system.

No oversight of the review or regular quality assurance testing was applied – the firm wanted to avoid duplication of resource and review but this is not a valid excuse for the failure. Training and guidance given to the review team by those best placed to understand the regulatory requirements and the client base was unstructured, occasional and unrecorded.

The action calls into question the approach of many firms who in some way outsource their review to remote or unconnected units where communication challenges the process – the FCA seems to have put a marker down here as to the standards it expects and the level of interaction between the business unit that owns the client and the agent required to review its business. In the same vein, the clear message was the requirement that knowledge (in this case of the nuances of the UK Market Abuse Regime) and reporting be tailored to the specific business of the entity being monitored.

The firm must test the effectiveness of the system and check that training is provided to the review team – it should be involved in the design and calibration and reporting so both are effective. Each part of the business needs to specify criteria that need review regularly and could identify suspicious activity.

Indicators that need to be monitored that could identify market abuse – it is always helpful to study enforcement actions to garner hints from regulators of what is expected of compliance teams.


There are decent breadcrumbs here that show the basic standards and while some might seem glaringly obvious, they bear repeating. Here there was very profitable trading by clients in stocks they had never traded before in close proximity to market moving news (RNS announcements) where the size of trading was large based on each client’s usual activity. The case also referred to the size of position of each transaction in relation to the client’s portfolio and previous pattern of trading.

In this case, the different and perhaps smaller trading activity of the UK clients was overshadowed by that of the other regions and in only one instance made it onto exception reports.


The system relied on the honesty of the client to declare a connected interest in any entity in which they traded – FCA made it clear that this level of control was not robust enough to realistically identify insider dealing and it expects more effort and creativity in the approach to modern surveillance. It added that a firm must take into account ‘all relevant circumstances’ when creating and running systems and controls to identify market abuse – this is a wide definition and should discourage complacency or a ‘tick box attitude’ towards supervision and monitoring.


Policies & Procedures – define in any policy how to perform the review and when to escalate any hits (eg close calls must be given appropriate supervisory consideration); reviews must be documented. If it hasn’t been documented, in the regulator’s eyes it has not happened!


The FCA indicated that documenting the reviews ensures a consistent approach. It also means that guidance on the review process can be spelt out to deliver adequacy and target successful identification of suspicious behavior. Once potential abuse is uncovered, it must be investigated and escalated appropriately.


Think local even when global – the reports that were produced were global in nature and were not tailored to the UK trading environment; similarly the US surveillance team was not expert in identifying UK market abuse and was also left to its own business with relatively little guidance or communication from individuals in the UK who were in better touch with the regs and clients. The FCA noted that no attention was paid to the applicability of the policy to UK legal and regulatory needs by the Board or senior management. 


Addendum from the US: In July 2017 the US Commodity Futures Trading Commission (CFTC) settled charges against Interactive Brokers LLC, a discount direct access brokerage firm and registered futures commission merchant (FCM) headquartered in Greenwich, Connecticut.


The CFTC found that IBLLC failed to supervise diligently its compliance employees’ handling of a commodity futures trading account maintained in the name of Kevin J. Steele, a Canadian who used the account to defraud more than 200 Canadian, German, and United States citizens of approximately $8.1m in a commodity pool fraud that was the subject of an earlier CFTC enforcement action. The July 17, 2007, order required IBLLC to disgorge $175,000 in commissions it earned from Steele’s account and to remit those funds to the Clerk of the Provincial Court of British Columbia, to distribute the funds to the defrauded investors.


The CFTC order found that, from February 2003 through May 2005, IBL accepted 135 third-party deposits in the form of wire transfers and checks totaling $7.7m into Steele’s personal account, but did not have procedures reasonably designed to detect the deposit of third-party funds in an individual trading account. The frequency and magnitude of deposits and withdrawals to Steele’s account, relative to his stated liquid net worth, and the pattern of deposits followed by withdrawals suggested that Steele might be operating as an unregistered commodity pool operator. IBLLC compliance staff telephoned Steele on at least three occasions to inquire about the trading activity in his account. Each time, IBL compliance staff accepted Steele’s explanations as reasonable without conducting any additional or independent inquiries.


As noted in the CFTC order, an FCM’s ability to determine if funds in customer accounts are coming from someone other than the accountholder is a necessary part of an adequate supervisory system. If an FCM fails to monitor the source of funds being deposited into customer accounts at the time such funds are received, its ability to detect illegal activity such as pool fraud or money laundering is impaired. The order finds that, during the relevant time period, IBLLC’s procedures for determining the source of funds received through wire transfers were inadequate to meet its supervisory responsibilities.


In a parallel action resulting from a settlement, on May 29, 2007, the National Futures Association (NFA), a registered futures association in which IBLLC is a member firm, fined IBLLC $125,000 for doing business with Steele and failing to maintain adequate books and records. The NFA also ordered IBLLC to create a restitution fund to pay up to $325,000 for the benefit of individuals who invested with Steele.



Behavox runs regular roundtables for compliance professionals as part of its Compliance Community service in New York and London where peers get to share their knowledge and experience of market practice confidentially - as well as a discussion of methodologies used to adapt lexicons, lexicon themes, frequency of update etc. Anyone interested in attending should email



Topics: Financial Conduct Authority, surveillance, enforcement, compliance