Final Notice

On , the Financial Conduct Authority issued a Final Notice to Sigma Broking Limited
FINAL NOTICE

1.
ACTION

1.1.
For the reasons given in this Decision Notice, the Authority hereby imposes on Sigma

Broking Limited (“Sigma”) a financial penalty of £531,600 pursuant to section 206 of

the Act.

1.2.
Sigma agreed to resolve this matter and qualified for a 10% discount under the

Authority’s executive settlement procedures. Were it not for this discount, the

Authority would have imposed a financial penalty of £590,700 on Sigma.

2.
SUMMARY OF REASONS

2.1.
The Authority proposes taking this action because (a) in the period from 1 December

2014 to 12 August 2016, Sigma contravened SUP 17.1.4R and SUP 17.4.1 EU/SUP

17 Annex 1 EU; (b) in the period 21 April 2015 to 2 July 2016, Sigma contravened

SUP 15.10.2R and from 3 July 2016 to 12 August 2016, Sigma contravened Article

16 (2) of EU MAR (all periods taken together as the “Relevant Period”), and (c)

throughout the Relevant Period Sigma breached Principle 3 of the Authority’s

Principles for Businesses (“the Principles”).

Sigma’s business and the background to its failings

2.2.
Sigma is a privately-owned brokerage firm which provides its customers with a range

of services, including access to trading worldwide through its platform.

2.3.
Between 2008 and late 2014, Sigma’s core business was offering its customers

futures and options trading. But in December 2014, Sigma expanded its business to

include, amongst other products, contracts for difference (“CFDs”) and Spread-Bets

referenced to the share-price of listed companies, by recruiting several brokers and

establishing a desk which provided these products to its customers (“the CFD desk”).

2.4.
CFDs and Spread-Bets are high-risk, complex financial products. Given their high

leverage, they are particularly attractive to those seeking to commit market abuse,

including insider trading. Leverage means that it is possible to gain or lose

significantly more than the sum staked. However, if, as in the case of an insider

trader, the client has non-public information that a stock will move in a certain

direction, there is no risk of loss. Despite being aware of the significant change to

the risk profile of its business, Sigma did not perform an adequate risk assessment,

or engage in any other meaningful preparations to ensure its compliance with

regulatory standards prior to expanding its business into these new areas.

2.5.
Furthermore, throughout the Relevant Period, Sigma’s governing body, its board of

directors (“the Board”), failed to take fundamental steps, such as holding regular

board meetings where directors were provided with adequate management

information and ensuring the Board’s decisions were recorded by written minutes, to

enable it to perform its governance role effectively.

2.6.
The Board also failed to establish, oversee and resource an effective compliance

function, and failed to identify and address serious and systemic failures in relation

to Sigma’s market abuse systems and controls and transaction reporting obligations,

in respect of the CFD desk.

2.7.
Sigma’s
Compliance
Department
operated
without
clear
reporting
lines,

apportionment of responsibilities or appropriately qualified staff and failed to ensure

that the firm had adequate policies and procedures in place in relation to the conduct

of its CFD desk brokers. Such policies as were in place were not properly

communicated to, or adequate steps taken to ensure their observance by, its

brokers.

3


2.8.
During the Relevant Period SUP 17 required firms entering into reportable

transactions to send accurate and complete transaction reports to the Authority on

a timely basis. These reports were required to contain mandatory details of those

transactions. The Authority relies on firms to submit complete and accurate

transaction reports to enable it to carry out effective market surveillance and to

detect and investigate cases of market abuse, insider dealing, market manipulation

and financial crime. As such, these transaction reports are an essential tool in

assisting the Authority to meet its objective of protecting and enhancing the integrity

of the UK’s financial system.

2.9.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and

Spread-Bet products using a “matched principal” methodology. For each trade

executed, two trades were in fact carried out. While Sigma reported the first leg of

the trade, it did not report the second client-side transaction. Additionally, Sigma

failed to accurately report a number of other CFD transactions. As a result, during

the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to accurately

report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated 56,000

transactions.

Breaches of SUP 15 and Article 16(2) EU MAR

2.10.
A cornerstone of the regime in place to protect markets from abuse is the

requirement on firms to identify where there are reasonable grounds to suspect

market abuse has occurred and to submit Suspicious Transaction and Order Reports

(“STORs”) to the Authority (Suspicious Transaction Reports (“STRs”) before 3 July

2016). These are a critical source of intelligence for the Authority in identifying

possible market abuse.

2.11.
During the period from 21 April 2015 to 2 July 2016, Sigma contravened SUP

15.10.2R, and thereafter until the end of the Relevant Period Article 16 (2) EU MAR,

by failing to identify 97 suspicious transactions or orders, which likely would have

been reported collectively to the Authority as 24 STRs/STORs.

2.12.
In fact, during the Relevant Period Sigma did not report a single STR/STOR to the

Authority.

2.13.
During the Relevant Period, Sigma breached Principle 3 by failing to organise and

control its affairs responsibly and effectively with adequate risk management

systems in relation to the business activities of the CFD desk generally, and

specifically its compliance with the Authority’s MiFID transaction reporting

requirements.

2.14.
Many of these failings originated in the wholly inadequate governance and oversight

provided by Sigma’s governing body, namely its Board comprising of its three

directors.

2.15.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems

and controls, to enable its Board to review in a structured fashion the business

activities of the CFD desk. In particular, Sigma failed to:

(1)
Conduct Board meetings with sufficient regularity to enable the Board’s

effective oversight of the CFD desk’s business activities by its directors;

(2)
Maintain Board minutes that recorded attendees, the matters discussed, the

nature of any challenges made and decisions reached, sufficient to demonstrate

effective oversight of the CFD desk by its directors;

(3)
Obtain and circulate to members of the Board prior to its meetings, adequate

management information regarding the business of the CFD desk, sufficient to

enable its activities to be effectively reviewed by its directors, and any issues

of concern identified, challenged and any remedial measures proposed and

monitored;

(4)
Undertake an adequate risk assessment prior to the commencement of the CFD

desk’s business activities, sufficient to enable its directors to review and

understand the regulatory requirements and market conduct risks associated

with such activities, and to prepare accordingly;

(5)
Ensure that those directors with responsibility for compliance oversight and

money laundering reporting had the necessary skills and training to perform,

and were effectively performing, those functions;

(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and proper

functioning of the Compliance Department, including the implementation of

policies and procedures, as pertaining to the business of the CFD desk.

2.16.
Throughout the Relevant Period, the Board failed to review or approve any policies

and procedures describing the CFD desk’s reporting and monitoring activities. Nor

did the Board receive any, or any adequate, reports on the nature of any transaction

monitoring, the numbers of suspicious transactions that were being escalated from

the CFD desk to compliance, or the number of STRs or STORs that had been

submitted to the Authority.

2.17.
Sigma’s arrangements in this regard were wholly inadequate to furnish the Board

with the information it needed to play its part in identifying, measuring, managing

and controlling the risks associated with the CFD desk’s activities such as market

abuse, insider dealing, market manipulation and financial crime.

2.18.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance

function. In particular, Sigma failed to:

(1)
Adequately record and monitor the performance of those of Mr Tomlin’s

responsibilities, as CF10 (Compliance oversight), that had been delegated to

Sigma’s Chief Executive, Mr Tyson;

(2)
Adequately record and communicate the roles and responsibilities of its

Compliance Department staff, and those employed on the CFD desk who

assisted in certain compliance related activities, such that these were clear and

properly understood;

(3)
Ensure that the Compliance Department had in place adequate policies and

procedures in relation to the conduct of brokers on the CFD desk, and that

these were effectively communicated and their observance monitored;

(4)
Ensure that those staff responsible for transaction reporting were provided with

clear policies and procedures, and sufficient training and guidance, such that

they could properly discharge their responsibilities;

(5)
Ensure that it had effective systems, including clear reporting lines and written

policies and procedures, in place such that it could comply with its post-trade

transaction monitoring obligations, including the appropriate and timely

escalation of potentially suspicious transactions on the CFD desk, and that

these remained effective as the volume of the CFD desk’s transactions

increased;

(6)
Ensure that it had taken adequate preparatory steps for the introduction of EU

MAR in July 2016, despite the fundamental importance of EU MAR to the

detection and reporting of market abuse.

2.19.
By failing to manage its potential exposure to market abuse, insider dealing, market

manipulation and related financial crime, Sigma also breached SYSC 6.1.1R.

2.20.
The Authority considers Sigma’s failings to be serious because they inhibited the

Authority’s ability to conduct effective surveillance of the market and to detect

potential insider dealing and market abuse. Furthermore, Sigma’s failure to submit

an estimated 56,000 transaction reports, and to identify 97 suspicious transactions

or orders, which would likely have been reported collectively to the Authority as 24

STRs/STORs, significantly increased the risk that potentially suspicious trading and

financial crime would go undetected by the Authority.

2.21.
The Authority hereby imposes a financial penalty on Sigma in the amount of

£531,600 pursuant to section 206 of the Act.

3.
DEFINITIONS

3.1.
The definitions below are used in this Notice:

“the Act” means the Financial Services and Markets Act 2000;

“the ARM” means Approved Reporting Mechanism, an entity permitted to submit

transaction reports on behalf of an investment firm;

“the Authority” means the Financial Conduct Authority;

“the Board” and/or “directors” means Sigma’s board of directors, comprising, during

the Relevant Period, Mr Simon Tyson, Mr Stephen John Tomlin and Mr Matthew

Charles Kent;

“Contract for Difference” or “CFD” means a contract between two parties (a CFD

provider and a client) to pay each other the change in the price of an underlying

asset. At the expiry of the contract, the parties exchange the difference between the

opening and closing prices of a specified financial instrument, such as shares, without

owning the specified financial instrument;

“the CFD desk” means the part of Sigma’s business offering CFDs and Spread-Bets

to its customers and those employed, or otherwise retained, by Sigma to do so.

Where the term “CFD desk brokers” or “brokers” is used in this notice any facts or

findings should not be read as relating to all such persons, or even necessarily any

particular person, in that group;

“DEPP” means the Decision Procedure and Penalties Manual part of the Handbook;

“F&O” means futures and options;

7


“Handbook” means the Authority’s Handbook of Rules and Guidance;

“EU MAR” means Regulation (EU) No 596/2014 of the European Parliament and of

the Council of 16 April 2014 on market abuse;

“MRT” means the Authority’s Markets Reporting Team;

“MiFID II” means Directive 2014/65/EU of the European Parliament and of the

Council of 15 May 2014 on markets in financial instruments;

“Principle” means one of the Authority’s Principles for Businesses;

“RDC” means the Regulatory Decisions Committee of the Authority (see further under

Procedural Matters below);

“Relevant Period” means the period from 1 December 2014 to 12 August 2016;

“SAR” means a suspicious activity report, a report of suspected money laundering to

be made by financial institutions, amongst others, to the National Crime Agency as

required by Part 7 of the Proceeds of Crime Act 2002;

“Sigma” means Sigma Broking Limited;

“Spread-Bet” means a contract between a provider, such as Sigma, and a client

which takes the form of a bet as to whether the price of an underlying asset (such

as an equity) will rise or fall. A client who spread-bets does not own, for example,

the physical share, he simply bets on the direction he thinks the share price will

move;

“STOR” means a suspicious transaction and order report providing notification to the

Authority in accordance with Article 16(2) of EU MAR;

“STR” means a suspicious transaction report providing notification to the Authority

in accordance with SUP 15.10.2 R;

“SUP” means the Authority’s Supervision Manual;

“SYSC” means the Authority’s Senior Management Arrangements Systems and

Controls Sourcebook;

“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber); and

“TRUP” means the Transaction Reporting User Pack, the Authority’s guidance on

transaction reporting which was released in several versions. Version 1 became

effective from November 2007; version 2 became effective from 21 September 2009;

version 3 became effective from 1 March 2012; and version 3.1 became effective

from 6 February 2015.

4.
FACTS AND MATTERS

4.1.
Sigma is, and was during the Relevant Period, a brokerage firm authorised by the

Authority. It provides its customers with a range of services, including access to

worldwide exchanges through its trading platform.

4.2.
During the Relevant Period, almost all of Sigma’s trading was carried out by

customers instructing a Sigma broker by telephone, email or Bloomberg messenger,

with only a very few customers using direct market access.

4.3.
In December 2014, Sigma expanded its business, beyond its core service of F&O

provided to funds and institutions, and established its CFD desk which offered CFDs

and Spread-Bets to a customer base largely comprised of high net worth individuals.

4.4.
In order to grow the CFD desk’s business, during the early part of 2015, Sigma

recruited several brokers with their own established customer bases, whose

remuneration was to a very large extent determined by the levels of fees that they

generated rather than a fixed basic salary.

4.5.
The number of CFD trades executed by Sigma increased steadily following the

implementation of the CFD desk in December 2014. In the first quarter of 2015,

Sigma executed 1911 transactions, this number rose to 5,757 transactions in the

first quarter of 2016. Despite having up to 100 positions open per day by 2016,

Sigma’s trade surveillance remained entirely manual; neither automatic electronic

monitoring tools, nor basic case management software, were used to facilitate

monitoring of the trading activity or to maintain an audit trail. As a result, Sigma

failed to identify transactions which were potentially suspicious.

4.6.
In January 2016, the Authority became aware of transaction reporting anomalies at

Sigma, leading to the discovery that Sigma had failed to report any of the equity CFD

and Spread-Bet transactions it had executed with its clients since the inception of its

CFD desk in December 2014, and that it had never submitted an STR to the Authority.

A supervisory visit to Sigma in June 2016, identified further causes for concern as to

whether Sigma was complying with regulatory standards.

4.7.
On 12 August 2016, in response to the concerns identified by Supervision, Sigma

voluntarily applied to the Authority for the imposition of certain restrictions on its

permissions relating to the CFD desk.

Sigma’s systems and controls

Board governance

4.8.
During the Relevant Period, the Board comprised three directors: Simon Tyson, who

was approved to perform the CF3 (Chief Executive), CF1 (Director) and CF11 (Money

laundering reporting) controlled functions; Matthew Kent, who was approved to

perform the CF1 (Director) controlled function and Steven Tomlin, who was approved

to perform the CF1 (Director) and CF10 (Compliance oversight) controlled functions.

4.9.
During the Relevant Period, Sigma’s Board did not formally and regularly meet.

Sigma described holding informal meetings with “ad-hoc discussions held between

each director and other members of senior staff”. No formal minutes were maintained

of such meetings. As a result, there exists no record of attendees, the matters

discussed, the nature of any challenges made or decisions reached. Accordingly,

Sigma was unable to demonstrate the proper functioning of its Board or its effective

oversight of the activities of the CFD desk.

4.10.
Nor did the Board operate under any terms of reference describing its procedures

and responsibilities, or any similar such document, against which Sigma’s directors

could measure whether they were complying with them and providing effective

governance oversight.

Management information

4.11.
On those occasions when the Board met during the Relevant Period, they were not

provided with structured management information to enable them to understand the

business of the CFD desk, such that its activities could be reviewed, any issues of

concern identified and any remedial measures proposed and monitored. Sigma was

unable to provide the Authority with any board packs or briefing notes, or records of

any occasion when employees, such as those working in compliance, had briefed

members of the Board on the operations of the CFD desk.

4.12.
During the Relevant Period, the Board received no formal written reports from the

CF10 or the CF11 on matters relating to their areas of oversight. If they provided

oral briefings to the Board there is no adequate record of what was said or any

decisions that were reached to progress the concerns raised, because no minutes

were taken.

4.13.
Starting in January 2015, a member of staff in the Compliance Department produced

quarterly updates intended for the Board, largely outlining required actions. But there

is no evidence that the Board used these updates effectively to monitor and oversee

progress on the matters of concern that were raised.

4.14.
Sigma maintained a Risk Register, but there is no evidence that the Board, formally

or informally, used the register effectively to monitor and oversee risks to the

business. For example, a risk entered in December 2014 was a lack of up to date

and/or comprehensive policies and procedures. The control in place to address this

risk purported to be that procedures were either in place or being put in place to

ensure Sigma was compliant with current regulatory requirements. This risk was

classified as “critical” which the Risk Register defined as a “high likelihood of

regulatory censure and/or remedial action requiring significant expenditure or

timescale.” The Risk Register recorded this as a high risk which must be subject to

audit review. Despite the seriousness of these concerns, there is no evidence that

during the Relevant Period the Board monitored this risk or recorded the steps being

taken towards comprehensive policies being put in place.

4.15.
That remedial work was required in respect of Sigma’s governance, and its policies

and procedures over aspects of its business, including the CFD desk, had been set

out in a memo sent by a senior Sigma employee to Messrs Tyson, Tomlin and Kent

on 28 November 2014. The memo recorded, amongst other matters, a need to:

a)
“Review and update [Sigma’s] compliance manual and all associated policies

(for approval by Board) to ensure that Bonds and CFDs are included”;

b)
“Review primary compliance policies/procedures including the compliance

monitoring plan (especially in the context of the new businesses)”;

c)
“Recommend (and if necessary assist in the implementation of) appropriate

Governance procedures/practices for [Sigma] both at Board and Committee

level including org/structure charts and information flow”; and

d)
Under
the
heading
CFD
desk,
“Progress/draft
all
third-party

documents/agreements as well as all internal Compliance/Risk Policies and

Procedures.”

4.16.
Despite these concerns being brought directly to the Board’s attention, there is no

evidence that it sought to monitor progress on any of these areas in a structured

manner, or at all, or to seek regular updates from those members of staff delegated

to carry out these tasks.

Allocation and performance of controlled functions

4.17.
Although the controlled functions referred to above in paragraph 4.8 were nominally

assigned amongst the Board directors, they were allocated with little regard to each

director’s capabilities, training or previous experience.

4.18.
Mr Tomlin was appointed to, and performed, the CF10 controlled function of Sigma

from 10 August 2008. He did so with reluctance due to his lack of any previous

experience of the CF10 role, but accepted it nevertheless because there was no other

suitably qualified person within Sigma to do so. Prior to the supervisory visit he had

not, for example, received any training on transaction reporting.

4.19.
Throughout the Relevant Period, Mr Tomlin’s CF10 responsibilities included oversight

of the CFD desk. Mr Tomlin explained during an interview with the Authority that,

due to his experience in the industry, he had been comfortable performing the CF10

role overseeing Sigma’s F&O business, but he had never been comfortable doing so

over the business of the CFD desk. He had seen it as a necessity that served the

purpose for a limited period until he could pass it to someone with more appropriate

experience than himself.

4.20.
Mr Tyson was appointed to, and during the Relevant Period performed, the CF11

controlled function despite having no relevant qualifications, or having undertaken

any training, such as in relation to SARs, financial crime or market abuse, to enable

him properly to do so.

4.21.
In relation to the CF10 and CF11 controlled functions, Mr Tyson stated that he had

wanted both himself and Mr Tomlin to stop performing these roles because “it was

not a fair reflection of who did the work on a day-to-day basis and who had the

relevant knowledge within the firm”.

4.22.
Beyond the allocation of these controlled functions, there was no clear allocation of

responsibilities amongst the Board directors, for example by way of a statement of

responsibilities or employment contract, that set out the expectations of each director

in the performance of their controlled functions, over the various parts of Sigma’s

business.

4.23.
From 2009, Mr Tyson involved himself fully in the day-to-day running of the firm,

with Mr Tomlin doing so to a lesser extent.

4.24.
Mr Kent largely restricted his involvement in the firm to strategic decisions and

developing business relationships.

4.25.
In an email sent by Mr Tyson copied to Mr Tomlin on 21 October 2014, with the

subject “Re: Compliance and FCA related matters”, he wrote “Re: CF10 and CF11

positions - I will be assuming the CF10 position whilst keeping the CF11 position. It

is not proposed as a swap”. But there was no clarification or formalisation of whether

this proposal related to all CF10 responsibilities or those related solely to the CFD

desk or indeed from when it was to be effective.

4.26.
A further email sent by the Board to all staff in September 2015 announced that

“Simon Tyson will now become responsible for Compliance Oversight (CF10) for both

Sigma Broking and Sigma Americas”.

4.27.
But Sigma did not notify the Authority or seek its approval for any such transfer of

responsibilities for the performance of the CF10 function, and Mr Tomlin remained

the person approved to perform that function throughout the Relevant Period.

Risk assessment prior to commencement of the CFD desk’s activities

4.28.
CFDs and Spread-Bets are higher risk products. Their leveraged nature makes them

particularly attractive to those seeking to commit market abuse, including insider

trading. Sigma recognised this. Despite this significant change to the risk profile of

the business, Sigma failed to perform an adequate risk assessment prior to

expanding into this higher risk business area.

4.29.
The Board had no prior experience or expertise of CFDs and Spread-Bets and did not

take any steps to educate themselves about these products or to anticipate and

manage the associated risks. For example, compliance resourcing at Sigma remained

unchanged, and no additional training was provided for staff overseeing that aspect

of Sigma’s business.

Compliance oversight and delegation of responsibilities

4.30.
During an interview with the Authority, Mr Tyson acknowledged his own limited

understanding of the activities of the CFD desk but claimed that oversight of its

activities had been appropriately delegated to employees within the legal and

compliance departments. But such delegations, as may have been made, were not

clearly documented with the result that there was uncertainty over which

responsibilities had been delegated and to whom.

4.31.
One of those to whom Mr Tyson said compliance responsibilities had been delegated

was Mr A, a senior lawyer who had performed the CF10 and CF11 functions while at

previous firms which offered CFDs and Spread-Bets to their customers. Mr A joined

Sigma in mid-2014 initially as a consultant and as a permanent employee from early

2015. Another was a more junior employee within the Compliance Department, Mr

B.

4.32.
Mr Tyson stated that “[Mr A] had two roles with the firm, one was to advise and deal

with any legal matters in his function as a practising lawyer. The other was to advise,

implement and run the Compliance Department within Sigma … We as a firm brought

in what we considered at the time the appropriate skills and knowledge into the firm

in the light of the new business unit … So [Mr A] having held CF10, CF11 functions

at [two firms], we deemed that knowledge and experience as being exactly what we

needed to, sort of, plug the gap that we had”. Mr Tyson observed “I think we didn’t

rely on Steve [Tomlin] to perform that function [CF10]. We relied on the external

compliance consultancy firms before we hired [Mr A]”.

4.33.
Mr A, however, told the Authority that he did not have a role in relation to compliance

other than to give legal advice on regulatory matters. He said that his potentially

taking a Head of Compliance role was discussed but he never agreed to do so.

4.34.
Mr Tyson said that as to the performance of his CF11 role, for oversight of Sigma’s

compliance with the Authority's rules on systems and controls against money

laundering, he relied on Mr A for the “day-to-day of that”.

4.35.
Sigma was unable to provide the Authority with a signed and agreed job description

setting out Mr A’s responsibilities for compliance, or financial crime, matters

delegated to him by Mr Tomlin, or by the Board, or more generally in relation to his

responsibilities for the activities of the Compliance Department. A draft employment

contract was exchanged between Sigma and Mr A on 17 February 2015 which

described his role as “General Counsel & Chief Compliance Officer”. Correspondence

between Mr A and Messrs Tyson, Tomlin and Kent in November 2014 demonstrates

that Mr A was communicating with them regarding both legal and compliance

matters.

4.36.
Mr Tomlin stated that the CFD desk fell entirely outside his CF10 responsibilities and

that he was not involved in compliance issues that arose in that part of the business.

He did not know what systems and controls were in place regarding surveillance of

the CFD desk or what practical arrangements were in place to investigate potentially

suspicious trades. He did not know who was responsible for suspicious transaction

reporting on the CFD desk, and was unaware of any STRs or STORs that Sigma may

have submitted arising from its activities. The CFD desk was, Mr Tomlin said, “run as

a separate company by Simon [Tyson]”.

4.37.
During the Relevant Period, Mr B was the only employee in Sigma’s Compliance

Department. He had no prior experience of CFDs, and considered that his

responsibilities were restricted to Sigma’s F&O activities. Mr B said that the CFD desk

managed its own compliance issues, including market abuse surveillance and

transaction reporting, “on desk” with day-to-day compliance responsibilities

apportioned between Mr A and an individual, Mr C, who was involved in risk

monitoring for the CFD desk. He believed that Mr Tyson approved the arrangement.

4.38.
Mr A, however, said that Mr B, as compliance officer had overall responsibility for

compliance and monitoring for market abuse. Mr C denied responsibility for market

abuse surveillance and said that this was Mr B’s responsibility, he described his role

as making risk-based decisions around leverage and margin calls and liaising with

Sigma’s hedging counterparties.

4.39.
Whatever the situation was in practice, or individuals’ understanding of their own or

others’ responsibilities, the arrangements were unclear and confused and none of

these arrangements or divisions of responsibility were adequately documented by

Sigma.

4.40.
There is no evidence that the CFD desk’s trading system was used by Sigma’s

Compliance Department to perform any real-time trade surveillance, nor was there

any automated monitoring system in place to enable it to conduct effective post-

trade surveillance. Sigma did not even use basic management software, such as a

spreadsheet, to facilitate monitoring of the trading activity or to maintain an audit

trail.

4.41.
Sigma did not recruit suitably qualified compliance staff to, or provide necessary

training to those employed within, the Compliance Department and it remained

insufficiently resourced throughout the Relevant Period to enable it to adequately

monitor the growing business of the CFD desk. Concerns over inadequate and

ineffective compliance resourcing were not effectively escalated and the situation

was not remedied.

4.42.
During the Relevant Period, Sigma had in place a policy document called the

Compliance Monitoring Programme (“CMP”) which described its purpose as one of

the means by which Sigma could monitor its activities on a periodic basis in order to

ensure that it remained in compliance with all relevant rules and regulations and to

identify areas of weakness or non-compliance.

4.43.
According to the CMP, at Sigma, “Monitoring is performed on a regular basis and the

results submitted to senior management for review and to ensure prompt action to

correct any deficiencies or breaches identified”.

4.44.
The CMP also provided that “Findings and recommendations arising from completed

monitoring are circulated to the Board and line management where appropriate. The

Compliance Officer reports monthly to the Management Committee and includes in

his report any appropriate monitoring matters”. Sigma was unable to demonstrate

that it complied with these standards of reporting and monitoring.

4.45.
The CMP explained that it was divided into separate tests, which were conducted on

four different levels of frequency: monthly, quarterly, semi-annually and annually to

reflect the current assessment of operational and regulatory risk associated with each

underlying activity. It observed that it was important to evidence the application of

Sigma’s CMP with supporting documentation.

4.46.
Amongst many other matters identified by the CMP in its “High Level Programme for

2014” were quarterly monitoring of money laundering and financial crime processes,

to include a review of a suspicious activity reporting register, and of market conduct

to prevent the firm being a conduit for market abuse, and daily monitoring to ensure

all transactions conducted by telephone were recorded.

4.47.
The Business Standards section of the CMP gave “Market Conduct” a medium risk

rating in August 2014, with monitoring recorded as quarterly, giving the reason for

this as: “The FCA has raised concerns in issued guidance, Market Watch publications

and numerous speeches that all regulated entities are in the current climate, more

at risk of conducting or being a conduit in the performance of market abuse”.

4.48.
Sigma was unable to provide any supporting documentation to evidence that any

quarterly monitoring of the CFD desk’s activities occurred, as envisaged by the CMP,

which was then reported to the Board or to senior management. During the Relevant

Period Sigma did not monitor telephone conversations, daily or at all.

CFD desk policies and monitoring of broker conduct

4.49.
Sigma was unable to provide the Authority with a clear picture of which policies and

procedures, such as desk-manuals, it had in place with respect to the activities of

the CFD desk during the Relevant Period. Many areas which should have been

covered by written policies appear to have had no written policies in place, and of

those policy documents provided by Sigma, many did not record when they were

implemented or when they may have been revised, if at all.

4.50.
The following are examples of some of these deficiencies:


There was no formal written procedure or policy in place regarding the

escalation or consideration of STRs/STORs from the CFD desk, Sigma’s Market

Conduct Policy & Procedure referred only to procedures for reporting a SAR if a

suspicious transaction was identified;


During the Relevant Period, Sigma did not monitor any telephone

conversations, contrary to its own compliance policy;


There were no formal written policies in place prohibiting the use of unrecorded

devices to take instructions from Sigma’s customers, or any training provided

on restrictions around the use of personal devices or the use of personal phones

to communicate with customers, thereby placing Sigma in breach of COBS

11.8.5AR;


As a result, on occasion, brokers on the CFD desk were using encrypted chat

apps on their personal mobile devices to communicate with, and take orders

from, clients without the knowledge of, or approval from, compliance.

4.51.
During the Relevant Period, there were examples of arrangements concerning certain

brokers on the CFD desk which should have been overseen and monitored, had

suitable policies and procedures been in place.

Brokers on the CFD desk had Power of Attorney (“PoA”) arrangements with clients,

which were neither declared as a conflict of interest, nor monitored by compliance.

One broker on the CFD desk had PoA over the trading account of a family member,

from whom he had received loans which totalled more than £100,000 during the

Relevant Period. These loans were not recorded in Sigma’s gifts and inducements

register or reported to compliance.

Commission based remuneration

4.52.
Against the background of these deficiencies of Sigma’s policies, its commission-

based remuneration structure incentivised brokers on the CFD desk to focus on their

trading activity, to the potential detriment of promoting the identification and

escalation of potential market abuse. Brokers on the CFD desk were not paid a salary,

but instead were entitled to up to 60% of the net revenue generated by their clients

as commission.

4.53.
Whilst such remuneration structures are not an uncommon feature within the

industry, they may bring with them conflicts that should be mitigated. For example,

brokers dependent largely on fee income may be reluctant to escalate concerns

regarding trading by high-revenue generating customers. Clear front-desk policies

and procedures and routine compliance monitoring can mitigate the risk that

suspicious trading is not escalated appropriately. During the Relevant Period Sigma

lacked any such monitoring. These conflicts were further exacerbated by the fact that

many of the brokers on the CFD desk maintained close personal relationships with

their customers, which included, as in the example above, brokers receiving personal

loans which were not declared to Sigma.

4.54.
Furthermore, Mr Tomlin’s only income from Sigma during much of the Relevant

Period was brokerage derived from his trading, creating a potential further conflict in

the performance of his CF10 function which should have been appropriately

managed.

Transaction reporting

4.55.
During the Relevant Period SUP 17 and the guidelines in the Transaction Reporting

User Pack (“TRUP”) required firms entering into reportable transactions to send

accurate and complete transaction reports to the Authority on a timely basis. These

transaction reports assist the Authority to meet its objective of protecting and

enhancing the integrity of the UK’s financial system by helping it to identify situations

of potential market abuse. Each transaction report should include, amongst other

elements: information about the financial instrument traded, the firm undertaking

the trade, the buyer and the seller, and the date and time of the trade.

4.56.
TRUP (Version 3.1 effective from 6 February 2015) at section 10.1 contains the

following guidance regarding a firm’s obligations concerning data integrity:

“We expect firm’s controls and review processes to embody Principle 3 and

comply with SYSC obligations. To assist with this, firms should validate the

accuracy and completeness of the reports they submit to the FCA by

comprehensive testing of their full reporting processes and by regularly

performing ‘end-to-end transaction reconciliations.’ We consider an ‘end to end

reconciliation to mean the reconciliation of a firm’s front-office trading records

and data against the reports it submits to its ARM(s) and against data samples

extracted from the FCA transaction report database (see section 10.1.1.).”

4.57.
Section 10.1.1. states that:

“To help check reports have been successfully submitted to us, firms can

request a sample of their transaction reports using an online form on our

website. […] We encourage firms to use this facility from time to time as part

of their review and reconciliation processes. This enables firms to compare the

reports we receive with their own front office trading records and the reports

firms (or their representatives) submit to their ARM(s). Firms should also check

the accuracy and completeness of the individual data elements within their

transaction reports, and their compliance with transaction reporting rules and

requirements, having regard to the guidance we have issued.”

4.58.
During the Relevant Period, Sigma did not make use of this facility.

4.59.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and

Spread-Bet products using a “matched principle” methodology. For each trade

executed, two trades were in fact carried out. While Sigma reported the first leg of

the trade, it did not report the second, client-side transaction.

4.60.
In February 2016, the Authority’s Markets Reporting Team (“MRT”) wrote to Sigma

setting out concerns that MRT had identified regarding the completeness and

accuracy of Sigma’s transaction reporting. Following these communications, Sigma

instructed a specialist regulatory reporting firm (Firm A) to review the reports it had

submitted to the Authority across a one-week sample taken from earlier that month,

to assess their compliance with the rules in SUP, Chapter 17.

4.61.
In April 2016, Firm A reported its findings to Sigma and to the Authority. Whilst

Sigma’s F&O business, managed by Mr Tomlin, was compliant, the findings revealed

significant reporting failings in respect of the activities of the CFD desk. These failings

included, amongst others:

a mismatch between the instrument description and the derivative type in the

case of 1,314 out of 1,346 CFDs reported, from a one-week sample. The

description ended with “SB” indicating Spread Bet, although all of these trades

were CFD hedges against a brokerage firm;

CFDs were reported in GBP currency although the price stated reflected the

pence at which the stock traded (e.g. Barclays PLC reported at £164.56 instead

of 164.56p). UK stock prices need to be divided by 100 in most cases before

being reported in the major currency. This issue affected 1,257 out of 1,346

CFDs, from a one-week sample; and

Although Firm A was able to match all 383 CFD trades from Sigma’s raw data

to transactions accepted by the Authority, from a one-day sample, these trades

represented only the hedging portion of Sigma’s CFD activity, and its client-

side CFDs were not being reported as required.

4.62.
In particular, the failure to report client-side CFDs materially impacts the Authority’s

ability to carry out effective surveillance. Without client-side transaction reports, the

MRT is unable to differentiate transactions carried out by each individual and is

provided with an incomplete picture of each individual’s trading activity which may

have been conducted across a number of firms, or indeed any activity by customers

who only held accounts at Sigma.

4.63.
Mr Tyson told the Authority that Sigma’s failure to report client-side CFDs was “a

genuine misunderstanding” originating from when the CFD desk was set up.

4.64.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to

accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated

56,000 transactions.

Suspicious transaction reporting – STRs and STORs

4.65.
From the start of the Relevant Period until 2 July 2016, SUP 15.10.2 R provided that

a firm which arranges or executes a transaction with or for a client and which has

reasonable grounds to suspect that the transaction might constitute market abuse

must notify the Authority without delay; thereafter and throughout the rest of the

Relevant Period, Article 16(2) of EU MAR provided to similar effect in relation to both

suspicious orders and transactions.

4.66.
Sigma lacked an understanding of its regulatory obligations in respect of market

abuse and in particular the fundamental difference between the STR/STOR regime

and the SAR regime. Sigma did not put in place adequate policies or procedures or

deliver training to enable staff to identify and escalate suspicious transactions. As a

result, there was widespread uncertainty and misunderstanding amongst Sigma staff

as to the regulatory obligations regarding market abuse, which transactions should

be regarded as suspicious, when such transactions should be escalated, and to

whom.

Escalation of concerns regarding suspicious trading

4.67.
During the Relevant Period, there was no formal procedure or policy in place

regarding the escalation or consideration of suspicious transactions. The informal but

widely accepted custom for identifying suspicious transactions on the CFD desk

involved the front office staff verbally communicating their suspicions to senior

members of the CFD desk, who would take a personal view before deciding whether

to raise the matter verbally with Mr Tyson. Record-keeping was largely non-existent;

discussions around a suspicious transaction were not recorded, including the

rationale supporting any decision not to submit a STR/STOR.

Written procedures for the escalation of suspicious trades

4.68.
In May 2015, a senior CFD desk trader communicated by a brief email to the CFD

desk that suspicious transactions should be escalated in writing to him prior to his

discussing them with Mr A and Mr C; however, no accompanying guidance was issued

to any of the brokers to enable them to understand how to recognise a suspicious

transaction. Despite this apparent procedural change at Sigma, brokers on the CFD

desk made only eight such escalations from then until the end of the Relevant Period.

4.69.
During the Relevant Period, Sigma did not submit any STRs to the Authority.

4.70.
In correspondence with the Authority in May 2016, Sigma described responsibilities

purportedly placed on Mr C for “real-time” monitoring of the CFD desk, stating that

he had: “a consolidated view via the platform and reviews all client trading during

the day; the trading platform produces an end of day report of all transactions

together with associated profit and loss, which [Mr C] reviews on a daily basis; [Mr

C] will report any suspicious transactions to Compliance for further evaluation; [Mr

C] is supported by [a senior individual in technology and operations] who carries out

this role in his absence.” But these responsibilities were not recorded in any of

Sigma’s policies or procedures; and nowhere were they formally designated to Mr C.

4.71.
During an interview with the Authority, Mr C denied responsibility for market abuse

surveillance, asserting that it was the responsibility of Mr B.

Preparations for the introduction of EU MAR

4.72.
Towards the end of the Relevant Period, on 3 July 2016, the Market Abuse Regulation

came into force and introduced extra safeguards and responsibilities upon broker

firms in managing the risks of market abuse. Sigma did not take any preparatory

steps for the introduction of EU MAR, despite the fundamental importance of EU MAR

to the identification, prevention and detection of market abuse and the Authority

publishing communications reminding firms of their obligations under EU MAR.

Although a relevant member of Sigma’s staff attended a course concerning the

implementation of EU MAR, there were no formal presentations, announcements or

communications within Sigma about the changes to the STR regime in July 2016

which resulted from the introduction of EU MAR.

Post-trade Surveillance on the CFD desk

4.73.
During the Relevant Period, there was confusion about who was responsible for post-

trade surveillance to identify potentially suspicious trading activity including market

abuse. In practice, nobody was performing this role. There were no policies or

procedures which outlined the post-trade monitoring to be undertaken on the CFD

desk, and no thresholds, parameters or criteria to assist staff with identifying

suspicious orders or transactions.

4.74.
From March 2016, the Compliance Department started performing monthly post-

trade surveillance of F&O transactions, however no post-trade surveillance was

carried out in respect of the CFD desk.

4.75.
Sigma’s reliance on manual oversight of its CFD trading, without the benefit of proper

analysis or case management tools, hindered its ability to capture types of suspicious

activity and to identify patterns effectively. Given the daily volume of trades executed

by the CFD desk, Sigma should have implemented an in-house solution to collate the

trading data and to track and evaluate emerging suspicions.

Back-book review for STRs / STORs

4.76.
In February 2017, Sigma established a panel to conduct a review of all transactions

that had taken place on the CFD desk during the Relevant Period to determine

whether any required STR or STOR notifications to the Authority (“the Panel”). The

Panel consisted of four individuals including the newly recruited member of the

Compliance Department.

4.77.
First, Sigma used automated market abuse monitoring software to flag trades that

warranted review according to parameters which had been approved by the Skilled

Person for use by the CFD desk’s current transaction monitoring software. This

process flagged 1,621 transactions. Secondly, an initial review of the flagged

transactions was conducted by a senior individual on the CFD desk and a senior,

newly recruited, member of the Compliance Department. Thirdly, the Panel, reviewed

the initial analysis accordingly to set terms of reference.

4.78.
The review by the Panel resulted in the identification of 97 suspicious transactions or

orders during the Relevant period, which would likely have been collectively reported

to the Authority as 24 STRs/STORs, none of which had been identified previously by

Sigma as potentially suspicious. Some of these notification assessments, however,

were made with the benefit of information which would not have been available to

Sigma at the time of the transactions; such as subsequent trading behaviour, or

accounts which had been the subject of information requests from the Authority.

Sigma has not suggested that a significant proportion would only have been

identifiable with hindsight.

4.79.
SARs form part of a regime under which suspicious activity related to money

laundering or criminal property is reported to the UK Financial Intelligence Unit at

the National Crime Agency.

SARs submitted

4.80.
During the Relevant Period, only two SARs were submitted by Sigma to the National

Crime Agency. No STRs or STORs were submitted to the Authority despite at least

one of the SARs relating to a suspicious transaction.

5.
FAILINGS

5.1.
The statutory and regulatory provisions relevant to this Notice are referred to in

5.2.
SUP 17.1.4R provided that:

“A firm which executes a transaction:

in any financial instrument admitted to trading on a regulated market or a

prescribed market (whether or not the transaction was carried out on such a

market); or

in any OTC derivative the value of which is derived from, or which is otherwise

dependent upon, an equity or debt-related financial instrument which is

admitted to trading on a regulated market or on a prescribed market;

must report the details of the transaction to the Authority.”

5.3.
SUP 17.4.1EU provided that:

“Reports of transactions made in accordance with Articles 25(3) and (5) of

MiFID shall contain the information specified in SUP 17 Annex 1 EU which is

relevant to the type of financial instrument in question and which the FCA

declares is not already in its possession or is not available to it by other means.”

5.4.
SUP 17 Annex 1 EU set out the minimum content of a transaction report including

Field Identifiers and Descriptions.

5.5.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to

accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated

56,000 transactions.

5.6.
SUP 15.10.2R provided that:

“A firm which arranges or executes a transaction with or for a client and which

has reasonable grounds to suspect that the transaction might constitute market

abuse must notify the FCA without delay.”

5.7.
From 1 December 2014 to 2 July 2016, Sigma contravened SUP 15.10.2R by failing

to report 17 STRs to the Authority.

5.8.
Article 16 (2) EU MAR provides that:

“Any person professionally arranging or executing transactions shall establish

and maintain effective arrangements, systems and procedures to detect and

report suspicious orders and transactions. Where such a person has a

reasonable suspicion that an order or transaction in any financial instrument,

whether placed or executed on or outside a trading venue, could constitute

insider dealing, market manipulation or attempted insider dealing or market

manipulation, the person shall notify the competent authority [of the Member

State in which they are registered or have their head office] without delay.”

5.9.
From 3 July 2016 to 12 August 2016, Sigma contravened Article 16 (2) of EU MAR

by failing to report 7 STORs to the Authority.

5.10.
Principle 3 provides that a firm must take reasonable care to organise and control its

affairs responsibly and effectively, with adequate risk management systems.

5.11.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems

and controls, to enable its Board to review in a structured fashion the business

activities of the CFD desk. In particular, Sigma failed to:

(1)
Conduct Board meetings with sufficient regularity to enable the effective

oversight of the CFD desk’s business activities by its directors;

(2)
Maintain Board minutes that recorded attendees, the matters discussed,

the nature of any challenges made and decisions reached, sufficient to

demonstrate effective oversight of the CFD desk by its directors;

(3)
Obtain and circulate to members of the Board prior to its meetings,

adequate management information regarding the business of the CFD

desk, sufficient to enable its activities to be effectively reviewed by its

directors, and any issues of concern identified, challenged and any

remedial measures proposed, monitored;

(4)
Undertake an adequate risk assessment prior to the commencement of

the CFD desk’s business activities, sufficient to enable its directors to

review and understand the regulatory requirements and market conduct

risks associated with such activities, and to prepare accordingly;

(5)
Ensure that those directors with responsibility for compliance oversight

and money laundering reporting had the necessary skills and training to

perform, and were effectively performing, those functions;

(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and

proper functioning of the Compliance Department, including the

implementation of policies and procedures, as pertaining to the business

of the CFD desk.

5.12.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance

function. In particular, Sigma failed to:

(1)
Adequately record and monitor the performance of those of Mr Tomlin’s

responsibilities, as CF10 (Compliance oversight), that he had delegated

to Sigma’s Chief Executive, Mr Tyson;

(2)
Adequately record and communicate the roles and responsibilities of its

Compliance Department staff, and those employed on the CFD desk who

assisted in certain compliance related activities, such that these were

clear and properly understood;

(3)
Ensure that the Compliance Department had in place adequate policies

and procedures in relation to the conduct of brokers on the CFD desk, and

that these were effectively communicated and monitored;

(4)
Ensure that those staff responsible for transaction reporting were

provided with clear policies and procedures, and sufficient training and

guidance, such that they could properly discharge their responsibilities;

(5)
Ensure that it had effective systems, including clear reporting lines and

written policies and procedures, in place such that it could comply with

its
post-trade
transaction
monitoring
obligations,
including
the

appropriate and timely escalation of potentially suspicious transactions on

the CFD desk, and that these remained effective as the volume of the

CFD desk’s transactions increased;

(6)
Ensure that it had taken adequate preparatory steps for the introduction

of EU MAR in July 2016, despite the fundamental importance of EU MAR

to the detection and reporting of market abuse.

5.13.
Sigma also failed to establish, implement and maintain adequate policies and

procedures sufficient to ensure its compliance with its obligations under the

regulatory system and for countering the risk that it might be used to further financial

crime, thereby breaching SYSC 6.1.1R.

6. SANCTION

Power to impose a financial penalty in respect of Sigma’s conduct

6.1.
Section 206 of the Act gives the Authority the power to impose a penalty on an

authorised firm if that firm has contravened a requirement imposed on it by or under

the Act or by any directly applicable European Union regulation or decision made

under MiFID.

6.2.
The Authority considers that Sigma has contravened SUP 17.1.4R, SUP

17.4.1EU/SUP 17 Annex 1 EU, SUP 15.10.2R, Article 16(2) of EU MAR and Principle

3.

6.3.
The Authority’s policy for imposing a financial penalty is set out in Chapter 6 of DEPP.

In respect of conduct occurring on or after 6 March 2010, the Authority applies a

five-step framework to determine the appropriate level of financial penalty. DEPP

6.5A sets out the details of the five-step framework that applies in respect of financial

penalties imposed on firms.

6.4.
Given that the breaches of SUP 15.10.2R, Article 16 (2) of EU MAR, SUP 17.1.4R,

SUP 17.4.1 EU/SUP 17 Annex 1 EU and SYSC 6.1.1R occurred within the period of

the Principle 3 breach and are based on similar facts, the Authority considers it

appropriate to impose a combined financial penalty for these breaches.

Step 1: disgorgement

6.5.
Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the

financial benefit derived directly from the breach where it is practicable to quantify

this.

6.6.
The Authority has not identified any financial benefit that Sigma derived directly from

its breach.

6.7.
Step 1 is therefore £0.

Step 2: the seriousness of the breach

6.8.
Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that reflects

the seriousness of the breach. Where the amount of revenue generated by a firm

from a particular product line or business area is indicative of the harm or potential

harm that its breach may cause, that figure will be based on a percentage of the

firm’s revenue from the relevant products or business area.

6.9.
The Authority considers that the revenue generated by Sigma’s CFD desk is indicative

of the harm or potential harm caused by its breach. The Authority has therefore

determined a figure based on a percentage of Sigma’s relevant revenue. Sigma’s

relevant revenue is the revenue derived by Sigma during the period of the breach.

The period of Sigma’s breach was from 1 December 2014 to 12 August 2016.

6.10.
The Authority considers Sigma’s relevant revenue for this period to be £3,580,025.

6.11.
Having determined the relevant revenue, the Authority will then decide on the

percentage of that revenue which will form the basis of the penalty. In making this

determination the Authority will consider the seriousness of the breach and choose a

percentage between 0% and 20%. This range is divided into five fixed levels which

represent, on a sliding scale, the seriousness of the breach. The more serious the

breach, the higher the level. For penalties imposed on firms there are the following

five levels:

Level 1 – 0%

Level 2 – 5%

Level 3 – 10%

Level 5 – 20%

6.12.
The Authority has determined the seriousness of Sigma’s breaches to be Level 4 for

the purposes of Step 2 having taken into account:

(1)
DEPP 6.5A.2G(6-9) provides factors the Authority will generally take into

account which reflect the impact and nature of the breach, and whether it was

committed deliberately or recklessly, in deciding which level of penalty best

indicates the seriousness of the breach;

(2)
DEPP 6.5A.2G(11) lists factors likely to be considered ‘level 4 or 5 factors’; and

(3)
DEPP 6.5A.2G(12) lists factors likely to be considered ‘level 1, 2 or 3 factors.’

6.13.
Of these, the Authority considers the following factors to be relevant:

(1)
Sigma saved on the costs that it would otherwise have incurred had it

adequately resourced its Compliance Department and implemented proper

systems for transaction reporting and monitoring;

(2)
There was no loss to consumers, investors, or other market users;

(3)
There was no adverse effect on market confidence or orderliness, albeit the

breaches could have had an adverse effect on the market, in that they

increased the risk that market abuse could occur undetected;

(4)
The breaches revealed serious and systemic weaknesses in Sigma’s

procedures, management systems and internal controls in relation to its

oversight of the activities of the CFD desk;

(5)
There was a significantly increased risk that potentially suspicious trading could

go undetected as a result of the breaches, due to the combination of failings

across all levels of “defence” against market abuse within Sigma: at CFD desk

level; within its Compliance Department; governance at Board level; and

because Sigma’s failures in transaction reporting and notifications of

STR/STORs, which when remedied resulted in an estimated 56,000 transaction

reports and the identification of 97 suspicious transactions or orders, which

would likely have resulted in 24 collective STR/STOR notifications, failings

which potentially undermined the effectiveness of the Authority’s own

surveillance tools;

(6)
The Authority relies on firms to submit complete and accurate transaction

reports to enable it to carry out its market surveillance obligations and to detect

and investigate cases of market abuse and uphold proper conduct in the

financial system; and

(7)
The breach was committed negligently, not deliberately or recklessly.

6.14.
Taking all of these factors into account, the Authority considers the seriousness of

the breach to be level 4 and so the Step 2 figure is 15% of £3,580,025, which is

£537,003.

6.15.
Step 2 is therefore £537,003.

Step 3: mitigating and aggravating factors

6.16.
Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the

amount of the financial penalty arrived at after Step 2, but not including any amount

to be disgorged as set out in Step 1, to take into account factors which aggravate or

mitigate the breach.

6.17.
An aggravating factor in this case is that the Authority has given substantial and

ongoing support to the industry regarding transaction reporting requirements

including through the TRUP and Market Watch both prior and throughout the Relevant

Period that highlighted the importance of transaction reporting and submitting STRs

/ STORs.

6.18.
The Authority considers that the Step 2 figure should be increased by 10%.

6.19.
Step 3 is therefore £590,703.

Step 4: adjustment for deterrence

6.20.
Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after Step

3 is insufficient to deter the firm who committed the breach, or others, from

committing further or similar breaches, then the Authority may increase the penalty.

6.21.
The Authority considers that the Step 3 figure of £590,703 represents a sufficient

deterrent to Sigma and others, and so has not increased the penalty at Step 4.

6.22.
Step 4 is therefore £590,703.

Step 5: settlement discount

6.23.
The Authority and Sigma reached agreement to settle between the end of stage 1

and prior to the expiry of the period for making representations. The Authority has

applied a 10% discount to the Step 4 figure. Step 5 is therefore £531,632.

Financial penalty

6.24.
The Authority hereby imposes a total financial penalty of £531,600 (rounded down

to the nearest £100).

7.
PROCEDURAL MATTERS

7.1.
This Notice is given to Sigma under and in accordance with section 390 of the Act.

7.2.
The following statutory rights are important.

Decision maker

7.3.
The decision which gave rise to the obligation to give this Notice was made by the

Settlement Decision Makers.

Manner and time for payment

7.4.
The financial penalty must be paid in full by Sigma to the Authority no later than 28

October 2022.

If the financial penalty is not paid

7.5.
If all or any of the financial penalty is outstanding on 28 October 2022, the Authority

may recover the outstanding amount as a debt owed by Sigma and due to the

Authority.

7.6.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of information

about the matter to which this notice relates. Under those provisions, the Authority

must publish such information about the matter to which this notice relates as the

Authority considers appropriate. The information may be published in such manner

as the Authority considers appropriate. However, the Authority may not publish

information if such publication would, in the opinion of the Authority, be unfair to you

or prejudicial to the interests of consumers or detrimental to the stability of the UK

financial system.

7.7.
The Authority intends to publish such information about the matter to which this Final

Notice relates as it considers appropriate.

Authority contacts

7.8.
For more information concerning this matter generally, contact Kerri Scott at the

Authority (direct line: 020 7066 4620/email: Kerri.Scott@fca.org.uk).

Head of Department, Enforcement and Market Oversight Division

ANNEX A

RELEVANT STATUTORY PROVISIONS

The Financial Services and Markets Act 2000 (“the Act”)

The Authority’s operational objectives

1.
The Authority’s operational objectives are set out in section 1B(3) of the Act and include

securing an appropriate degree of protection for consumers and protecting and

enhancing the integrity of the UK financial system.

Section 206 of the Act

2.
Section 206 of the Act provides the Authority with the power to impose a financial

penalty on an authorised person, of such an amount as it considers appropriate, if it

considers that the authorised person has contravened a relevant requirement.

Regulation (EU) No 596/2014 (“EU MAR”)

3.
Article 16(2) of EU MAR provides: “Any person professionally arranging or executing

transactions shall establish and maintain effective arrangements, systems and

procedures to detect and report suspicious orders and transactions. Where such a

person has a reasonable suspicion that an order or transaction in any financial

instrument, whether placed or executed on or outside a trading venue, could constitute

insider dealing, market manipulation or attempted insider dealing or market

manipulation, the person shall notify the competent authority as referred to in

paragraph 3 without delay.”

RELEVANT REGULATORY PROVISIONS

The Authority’s Handbook of Rules and Guidance

4.
In exercising its powers to impose a financial penalty, the Authority must have regard

to the relevant regulatory provisions in the Authority’s Handbook of rules and guidance

(the “Handbook”). The main provisions that the Authority considers relevant are set out

below.

Principles for Businesses (“PRIN”)

5.
The Principles are a general statement of the fundamental obligations of firms under

the regulatory system and are set out in the Handbook. They derive their authority from

the Authority’s rulemaking powers as set out in the Act and reflect the Authority’s

regulatory objectives. They can be accessed here:

6.
Principle 3 provides: “A firm must take reasonable care to organise and control its affairs

responsibly and effectively, with adequate risk management systems.”

Senior management arrangements, systems and controls (SYSC)

7.
The following provisions of SYSC (relevant to the facts relied on in this notice) were in

force during the Relevant Period.

8.
SYSC 2.1.1R provided that:

“A firm must take reasonable care to maintain a clear and appropriate

apportionment of significant responsibilities among its directors and senior

managers in such a way that:

(1) it is clear who has which of those responsibilities; and

(2) the business and affairs of the firm can be adequately monitored and

controlled by the directors, relevant senior managers and governing body of

the firm.

9.
SYSC 2.1.3R provided that:

“A firm […] must appropriately allocate to one or more individuals, in accordance

with SYSC 2.1.4 R, the functions of:

(1) dealing with the apportionment of responsibilities under SYSC 2.1.1 R;

and

(2) overseeing the establishment and maintenance of systems and controls

under SYSC 3.1.1 R.”

10.
SYSC 2.1.4R provided that [so far as applicable to Sigma] both functions within SYSC

2.1.3R must be allocated to the firm’s chief executive, but in default of this they will fall

to the firm’s directors and senior managers.

11.
SYSC 6.1.1R provided that:

“A firm must establish, implement and maintain adequate policies and procedures

sufficient to ensure compliance of the firm including its managers, employees and

appointed representatives (or where applicable, tied agents) with its obligations

under the regulatory system and for countering the risk that the firm might be

used to further financial crime.”

12.
SYSC 6.1.2R provided that:

“A common platform firm and a management company must, taking into account

the nature, scale and complexity of its business, and the nature and range of

financial services and activities undertaken in the course of that business,

establish, implement and maintain adequate policies and procedures designed to

detect any risk of failure by the firm to comply with its obligations under the

regulatory system, as well as associated risks, and put in place adequate

measures and procedures designed to minimise such risks and to enable the

appropriate regulator to exercise its powers effectively under the regulatory

13.
SYSC 6.1.3R provided that:

“A common platform firm and a management company must maintain a

permanent and effective compliance function which operates independently and

which has the following responsibilities:

(1) to monitor and, on a regular basis, to assess the adequacy and

effectiveness of the measures and procedures put in place in accordance

with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the

firm's compliance with its obligations; and

(2) to advise and assist the relevant persons responsible for carrying out

regulated activities to comply with the firm's obligations under the regulatory

system.”

14.
SYSC 6.1.4R provided that:

“In order to enable the compliance function to discharge its responsibilities

properly and independently, a common platform firm and a management company

must ensure that the following conditions are satisfied:

(1) the compliance function must have the necessary authority, resources,

expertise and access to all relevant information;

(2) a compliance officer must be appointed and must be responsible for the

compliance function and for any reporting as to compliance required by SYSC

4.3.2 R; […]

15.
SYSC 4.3.2R provides:

“A common platform firm […], must ensure that:

(1) its senior personnel receive on a frequent basis, and at least annually,

written reports on the matters covered by SYSC 6.1.2R to SYSC 6.1.5R, […];

and

(2) the supervisory function, if any, receives on a regular basis written

reports on the same matters.”

Supervision Manual (“SUP”)

16.
SUP sets out the relationship between the Authority and authorised persons (referred

to in the Handbook as firms). The following provisions of SUP were in force during the

Relevant Period.

17.
SUP 15.10.2R provided that “A firm which arranges or executes a transaction with or

for a client and which has reasonable grounds to suspect that the transaction might

constitute market abuse must notify the FCA without delay.” This rule applied from 6

February 2014 to 2 July 2016.

18.
SUP 15.10.3R provided that, in applying SUP 15.10.2R, a firm "must decide on a case-

by-case basis whether there are reasonable grounds for suspecting that a transaction

involves market abuse, taking into account the elements constituting market abuse."

19.
SUP 15.10.2A EU records that Article 16 of EU MAR applied from 3 July 2016 to date,

in place of SUP 15.10.2R.

20.
SUP 17.1.4R provided that “A firm which executes a transaction: (1) in any financial

instrument admitted to trading on a regulated market or a prescribed market (whether

or not the transaction was carried out on such a market); or (2) in any OTC derivative

the value of which is derived from, or which is otherwise dependent upon, an equity or

debt-related financial instrument which is admitted to trading on a regulated market or

on a prescribed market; must report the details of the transaction to the FCA.” This rule

applied from 1 April 2013 to 2 January 2018.

21.
SUP 17.4.1 EU provided that “Reports of transactions made in accordance with Articles

25 (3) and (5) of MiFID shall contain the information specified in SUP 17 Annex 1 EU

which is relevant to the type of financial instrument in question and which the FCA

declares is not already in its possession or is not available to it by other means.” This

rule applied from 1 April 2013 to 2 January 2018.

Conduct of Business Sourcebook (“COBS”)

22.
COBS applies to a firm with respect to designated investment business carried on from

an establishment maintained by it, or its appointed representative, in the United

Kingdom and activities connected with them.

23.
The following provisions of COBS applied to Sigma during the Relevant Period.

24.
COBS 11.8.5R provides:

“A firm must take reasonable steps to record relevant telephone conversations,

and keep a copy of relevant electronic communications, made with, sent from or

received on equipment:

(1) provided by the firm to an employee or contractor; or

(2) the use of which by an employee or contractor has been sanctioned or

permitted by the firm;

to enable that employee or contractor to carry out any of the activities

referred to in COBS 11.8.1R.”

25.
COBS 11.8.5AR requires a firm take reasonable steps to prevent an employee or

contractor from making, sending or receiving relevant telephone conversations and

electronic communications on privately-owned equipment which the firm is unable to

record or copy.

Decision Procedure and Penalties Manual (“DEPP”)

26.
Chapter 6 of DEPP, which forms part of the Authority’s Handbook, sets out the

Authority’s policy for imposing a financial penalty. DEPP 6.5A sets out the details of the

five-step framework that applies to financial penalties imposed on firms, which can be

accessed here:

27.
EG sets out the Authority's approach to financial penalties and public censures is set

out in Chapter 7 of EG, which can be accessed here:

PUBLIC STATEMENTS

28.
The Authority has made public statements about the standards that are expected of

firms in relation to market abuse, and their obligation to submit suspicious transaction

reports (“STRs”) to the Authority.

29.
The Authority published two papers during the Relevant Period setting out observations

from suspicious transaction reporting supervisory visits.

30.
The first, Market Watch 48, published in June 2015, set out observations from the

Authority’s suspicious transaction reporting supervisory visits including:


the consideration of a detailed risk assessment of the market abuse risks to

which a firm may be exposed prior to designing a surveillance programme was

important to the effectiveness of the surveillance programme;


under-investment in training of front office staff was noted across several firms,

which led to a low level of understanding and commensurately low reporting of

potential incidents of market abuse;


where firms had undocumented reporting to heads of desk or business

management, the Authority observed it had led to conflicts of interest, lack of

audit trail and potentially inadequate challenge on decisions not to submit STRs.

31.
The second, Market Watch 50, published in April 2016, set out further observations from

the Authority’s supervisory visits including:

a. the importance of a well-resourced and independent second surveillance

function in order to provide genuine challenge to the business was highlighted;

b. forewarning of changes brought in by the EU MAR including, the requirement

for firms and other persons to report suspicious orders and attempted

behaviours as well as suspicious transactions

32.
Market Watch 48 and 50 can be accessed here:

33.
The Authority published guidance on 6 February 2015, FG/15/3 which clarified certain

requirements of firms, including that the transaction reports a firm sends for its

transactions must accurately reflect the change in the position for the firm and its

client(s) resulting from the transactions.

34.
The Authority publishes guidance concerning transaction reporting, highlighting the

importance of data accuracy, which includes its Transaction Reporting User Pack which

can be accessed here:


© regulatorwarnings.com

Regulator Warnings Logo