2/5/19 - Promontory Currents: FMSB Issues Final Statement of Good Practice on Suspicious Transactions and Order Reports
Home > News & Insights > Insights & Publications

2/5/19 - Promontory Currents: FMSB Issues Final Statement of Good Practice on Suspicious Transactions and Order Reports

By Michael Sullivan, Alison Shanahan, and Nicholas John

On Jan. 16, 2019, the Fixed Income, Currencies, and Commodities Markets Standards Board (commonly referred to as FMSB) published its final statement of good practice1 for the identification of reportable transactions and orders and the associated processing of suspicious-transaction and order reports (STORs). Although the statement is not included as part of FMSB’s formal standards or adherence framework, it conveys FMSB’s view of “good or best practices.” Accordingly, FMSB expects its members, and invites other firms, to consider and make changes to their practices in a manner consistent with the statement.

While the focus of the statement is the investigation and reporting of suspicious transactions, identifying and processing STORs is only one component of a comprehensive wholesale-conduct program. For instance, internal investigations into potentially suspicious activities may originate from alerts generated by trading or by surveillance systems for electronic communications. In addition, the process for investigating and escalating potentially suspicious activities may be similar to the process for monitoring written e-communications. Therefore, firms may be able to leverage existing processes when implementing the practices outlined in the statement.

FMSB highlights for consideration the following key areas related to the identification of reportable transactions and orders and the processing of STORs:

Organization, Roles, and Responsibilities

FMSB states that “[f]irms should have a clear organizational structure in place to facilitate monitoring and reporting of suspicious orders or transactions.” For example, a function with relevant expertise that is independent from first-line business activity, such as compliance or a first-line control unit, should own surveillance activities. It should also report surveillance output and management information to individuals and governance functions, such as business and function heads, business-as-usual committees (e.g., risk, compliance, and audit), and breach committees. Firms should clearly articulate and document roles, responsibilities, and sign-off procedures for processes involving:

  • Surveillance and notification policies and procedures
  • The design and implementation of tools
  • Alert logic
  • Day-to-day monitoring
  • Investigation
  • Ongoing testing and calibration
  • Reporting and management information
  • External reporting

Firms should also design escalation processes that consider the type and severity of breaches based on their potential effect on business activities. Firms can support the identification, assessment, and monitoring of risks by embedding an understanding of conduct risk throughout the risk management framework.

Training

Firms should educate employees on how to identify and escalate suspicious orders and transactions, including how to identify potentially suspicious trading through language used in electronic messages. Training for all in-scope staff should be mandatory, consistent, and kept current. Further, firms should keep records of the employees who have received training.

Tailored Surveillance Systems

While out-of-the-box surveillance systems may be a good starting point for implementing a surveillance program, firms should tailor them to their unique needs. To start, these systems should analyze trading data using logic and look-back scenarios to identify potentially suspicious trading or messaging behavior. Personnel should also regularly review and update their analytics; for example, they should identify patterns and determine which types of suspicious behaviors are common to specific products, departments, and scenarios. Furthermore, firms should calibrate their systems according to a risk analysis that accounts for firm activities and abusive market behaviors. Finally, thematic reviews of systems should examine material events that were identified by means other than the system (e.g., events escalated by individual employees). If necessary, the system should be recalibrated to detect similar events in the future.

Alert Review and Escalation

Firms should process, investigate, and close alerts from surveillance systems according to agreed-upon and documented processes and governance. They should consider using a tiered approach with clear decision points, which could include the following tiers:

  1. Reviewed and closed
  2. Reviewed, escalated, and closed
  3. Reviewed, escalated, investigated, addressed by the business/compliance, and closed
  4. Reviewed, escalated, investigated, addressed by the business/compliance, and reported to appropriate regulator

Effective Manual Monitoring

Alert-based surveillance systems are inherently reactive. Firms should also consider implementing proactive manual processes to identify suspicious transactions and behaviors. FMSB suggests that the surveillance group should own and advocate for surveillance-program development through activities such as systematic reviews of themes and risks, consultation with internal and external experts, reviews of regulatory guidance, and reviews of market and peer events.

Manual monitoring should also include a decision-making process to establish whether suspicions regarding an order or transaction — or a series of orders and transactions — are reasonable. This process should consider commercial rationale, past behavior, and patterns related to the order or transaction. In some cases, additional monitoring may be necessary. Additionally, firms should determine whether the order or transaction has an anti-money-laundering nexus and whether it should file a suspicious-activity report instead of, or in addition to, a STOR.

Post-Submission Actions

After filing a STOR, firms should provide guidance to employees on any required subsequent actions, which should include requirements to:

  • Avoid tipping off suspect actors
  • Record similar behavior moving forward
  • Have senior management monitor whether the suspicious behavior continues
  • Submit additional information to regulators after the initial report has been sent

Actions will ultimately depend on the nature of communications with the regulator and the status of any consequent investigation.

Record Keeping

Firms should use a record-keeping tool that has the capability to document the full life cycle of suspicions, including analyses of submitted STORs, as well as orders and transactions the firm ultimately determines not to be suspicious. Every alert and case the firm investigates should have a full, recallable audit trail.

Authors

Michael Sullivan is a managing director, and Alison Shanahan is an associate, in Promontory’s Washington office. Nicholas John is an analyst in Promontory’s New York office.


FOOTNOTES

1. “Suspicious Transaction and Order Reporting: Statement of Good Practice for FICC Market Participants,” The Fixed Income, Currencies, and Commodities Markets Standards Board (January 2019).