Final Notice
On , the Financial Conduct Authority issued a Final Notice to Sigma Broking Limited
FINAL NOTICE
1.
ACTION
1.1.
For the reasons given in this Decision Notice, the Authority hereby imposes on Sigma
Broking Limited (“Sigma”) a financial penalty of £531,600 pursuant to section 206 of
the Act.
1.2.
Sigma agreed to resolve this matter and qualified for a 10% discount under the
Authority’s executive settlement procedures. Were it not for this discount, the
Authority would have imposed a financial penalty of £590,700 on Sigma.
2.
SUMMARY OF REASONS
2.1.
The Authority proposes taking this action because (a) in the period from 1 December
2014 to 12 August 2016, Sigma contravened SUP 17.1.4R and SUP 17.4.1 EU/SUP
17 Annex 1 EU; (b) in the period 21 April 2015 to 2 July 2016, Sigma contravened
SUP 15.10.2R and from 3 July 2016 to 12 August 2016, Sigma contravened Article
16 (2) of EU MAR (all periods taken together as the “Relevant Period”), and (c)
throughout the Relevant Period Sigma breached Principle 3 of the Authority’s
Principles for Businesses (“the Principles”).
Sigma’s business and the background to its failings
2.2.
Sigma is a privately-owned brokerage firm which provides its customers with a range
of services, including access to trading worldwide through its platform.
2.3.
Between 2008 and late 2014, Sigma’s core business was offering its customers
futures and options trading. But in December 2014, Sigma expanded its business to
include, amongst other products, contracts for difference (“CFDs”) and Spread-Bets
referenced to the share-price of listed companies, by recruiting several brokers and
establishing a desk which provided these products to its customers (“the CFD desk”).
2.4.
CFDs and Spread-Bets are high-risk, complex financial products. Given their high
leverage, they are particularly attractive to those seeking to commit market abuse,
including insider trading. Leverage means that it is possible to gain or lose
significantly more than the sum staked. However, if, as in the case of an insider
trader, the client has non-public information that a stock will move in a certain
direction, there is no risk of loss. Despite being aware of the significant change to
the risk profile of its business, Sigma did not perform an adequate risk assessment,
or engage in any other meaningful preparations to ensure its compliance with
regulatory standards prior to expanding its business into these new areas.
2.5.
Furthermore, throughout the Relevant Period, Sigma’s governing body, its board of
directors (“the Board”), failed to take fundamental steps, such as holding regular
board meetings where directors were provided with adequate management
information and ensuring the Board’s decisions were recorded by written minutes, to
enable it to perform its governance role effectively.
2.6.
The Board also failed to establish, oversee and resource an effective compliance
function, and failed to identify and address serious and systemic failures in relation
to Sigma’s market abuse systems and controls and transaction reporting obligations,
in respect of the CFD desk.
2.7.
Sigma’s
Compliance
Department
operated
without
clear
reporting
lines,
apportionment of responsibilities or appropriately qualified staff and failed to ensure
that the firm had adequate policies and procedures in place in relation to the conduct
of its CFD desk brokers. Such policies as were in place were not properly
communicated to, or adequate steps taken to ensure their observance by, its
brokers.
3
2.8.
During the Relevant Period SUP 17 required firms entering into reportable
transactions to send accurate and complete transaction reports to the Authority on
a timely basis. These reports were required to contain mandatory details of those
transactions. The Authority relies on firms to submit complete and accurate
transaction reports to enable it to carry out effective market surveillance and to
detect and investigate cases of market abuse, insider dealing, market manipulation
and financial crime. As such, these transaction reports are an essential tool in
assisting the Authority to meet its objective of protecting and enhancing the integrity
of the UK’s financial system.
2.9.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and
Spread-Bet products using a “matched principal” methodology. For each trade
executed, two trades were in fact carried out. While Sigma reported the first leg of
the trade, it did not report the second client-side transaction. Additionally, Sigma
failed to accurately report a number of other CFD transactions. As a result, during
the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to accurately
report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated 56,000
transactions.
Breaches of SUP 15 and Article 16(2) EU MAR
2.10.
A cornerstone of the regime in place to protect markets from abuse is the
requirement on firms to identify where there are reasonable grounds to suspect
market abuse has occurred and to submit Suspicious Transaction and Order Reports
(“STORs”) to the Authority (Suspicious Transaction Reports (“STRs”) before 3 July
2016). These are a critical source of intelligence for the Authority in identifying
possible market abuse.
2.11.
During the period from 21 April 2015 to 2 July 2016, Sigma contravened SUP
15.10.2R, and thereafter until the end of the Relevant Period Article 16 (2) EU MAR,
by failing to identify 97 suspicious transactions or orders, which likely would have
been reported collectively to the Authority as 24 STRs/STORs.
2.12.
In fact, during the Relevant Period Sigma did not report a single STR/STOR to the
Authority.
2.13.
During the Relevant Period, Sigma breached Principle 3 by failing to organise and
control its affairs responsibly and effectively with adequate risk management
systems in relation to the business activities of the CFD desk generally, and
specifically its compliance with the Authority’s MiFID transaction reporting
requirements.
2.14.
Many of these failings originated in the wholly inadequate governance and oversight
provided by Sigma’s governing body, namely its Board comprising of its three
directors.
2.15.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems
and controls, to enable its Board to review in a structured fashion the business
activities of the CFD desk. In particular, Sigma failed to:
(1)
Conduct Board meetings with sufficient regularity to enable the Board’s
effective oversight of the CFD desk’s business activities by its directors;
(2)
Maintain Board minutes that recorded attendees, the matters discussed, the
nature of any challenges made and decisions reached, sufficient to demonstrate
effective oversight of the CFD desk by its directors;
(3)
Obtain and circulate to members of the Board prior to its meetings, adequate
management information regarding the business of the CFD desk, sufficient to
enable its activities to be effectively reviewed by its directors, and any issues
of concern identified, challenged and any remedial measures proposed and
monitored;
(4)
Undertake an adequate risk assessment prior to the commencement of the CFD
desk’s business activities, sufficient to enable its directors to review and
understand the regulatory requirements and market conduct risks associated
with such activities, and to prepare accordingly;
(5)
Ensure that those directors with responsibility for compliance oversight and
money laundering reporting had the necessary skills and training to perform,
and were effectively performing, those functions;
(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and proper
functioning of the Compliance Department, including the implementation of
policies and procedures, as pertaining to the business of the CFD desk.
2.16.
Throughout the Relevant Period, the Board failed to review or approve any policies
and procedures describing the CFD desk’s reporting and monitoring activities. Nor
did the Board receive any, or any adequate, reports on the nature of any transaction
monitoring, the numbers of suspicious transactions that were being escalated from
the CFD desk to compliance, or the number of STRs or STORs that had been
submitted to the Authority.
2.17.
Sigma’s arrangements in this regard were wholly inadequate to furnish the Board
with the information it needed to play its part in identifying, measuring, managing
and controlling the risks associated with the CFD desk’s activities such as market
abuse, insider dealing, market manipulation and financial crime.
2.18.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance
function. In particular, Sigma failed to:
(1)
Adequately record and monitor the performance of those of Mr Tomlin’s
responsibilities, as CF10 (Compliance oversight), that had been delegated to
Sigma’s Chief Executive, Mr Tyson;
(2)
Adequately record and communicate the roles and responsibilities of its
Compliance Department staff, and those employed on the CFD desk who
assisted in certain compliance related activities, such that these were clear and
properly understood;
(3)
Ensure that the Compliance Department had in place adequate policies and
procedures in relation to the conduct of brokers on the CFD desk, and that
these were effectively communicated and their observance monitored;
(4)
Ensure that those staff responsible for transaction reporting were provided with
clear policies and procedures, and sufficient training and guidance, such that
they could properly discharge their responsibilities;
(5)
Ensure that it had effective systems, including clear reporting lines and written
policies and procedures, in place such that it could comply with its post-trade
transaction monitoring obligations, including the appropriate and timely
escalation of potentially suspicious transactions on the CFD desk, and that
these remained effective as the volume of the CFD desk’s transactions
increased;
(6)
Ensure that it had taken adequate preparatory steps for the introduction of EU
MAR in July 2016, despite the fundamental importance of EU MAR to the
detection and reporting of market abuse.
2.19.
By failing to manage its potential exposure to market abuse, insider dealing, market
manipulation and related financial crime, Sigma also breached SYSC 6.1.1R.
2.20.
The Authority considers Sigma’s failings to be serious because they inhibited the
Authority’s ability to conduct effective surveillance of the market and to detect
potential insider dealing and market abuse. Furthermore, Sigma’s failure to submit
an estimated 56,000 transaction reports, and to identify 97 suspicious transactions
or orders, which would likely have been reported collectively to the Authority as 24
STRs/STORs, significantly increased the risk that potentially suspicious trading and
financial crime would go undetected by the Authority.
2.21.
The Authority hereby imposes a financial penalty on Sigma in the amount of
£531,600 pursuant to section 206 of the Act.
3.
DEFINITIONS
3.1.
The definitions below are used in this Notice:
“the Act” means the Financial Services and Markets Act 2000;
“the ARM” means Approved Reporting Mechanism, an entity permitted to submit
transaction reports on behalf of an investment firm;
“the Authority” means the Financial Conduct Authority;
“the Board” and/or “directors” means Sigma’s board of directors, comprising, during
the Relevant Period, Mr Simon Tyson, Mr Stephen John Tomlin and Mr Matthew
Charles Kent;
“Contract for Difference” or “CFD” means a contract between two parties (a CFD
provider and a client) to pay each other the change in the price of an underlying
asset. At the expiry of the contract, the parties exchange the difference between the
opening and closing prices of a specified financial instrument, such as shares, without
owning the specified financial instrument;
“the CFD desk” means the part of Sigma’s business offering CFDs and Spread-Bets
to its customers and those employed, or otherwise retained, by Sigma to do so.
Where the term “CFD desk brokers” or “brokers” is used in this notice any facts or
findings should not be read as relating to all such persons, or even necessarily any
particular person, in that group;
“DEPP” means the Decision Procedure and Penalties Manual part of the Handbook;
“F&O” means futures and options;
7
“Handbook” means the Authority’s Handbook of Rules and Guidance;
“EU MAR” means Regulation (EU) No 596/2014 of the European Parliament and of
the Council of 16 April 2014 on market abuse;
“MRT” means the Authority’s Markets Reporting Team;
“MiFID II” means Directive 2014/65/EU of the European Parliament and of the
Council of 15 May 2014 on markets in financial instruments;
“Principle” means one of the Authority’s Principles for Businesses;
“RDC” means the Regulatory Decisions Committee of the Authority (see further under
Procedural Matters below);
“Relevant Period” means the period from 1 December 2014 to 12 August 2016;
“SAR” means a suspicious activity report, a report of suspected money laundering to
be made by financial institutions, amongst others, to the National Crime Agency as
required by Part 7 of the Proceeds of Crime Act 2002;
“Sigma” means Sigma Broking Limited;
“Spread-Bet” means a contract between a provider, such as Sigma, and a client
which takes the form of a bet as to whether the price of an underlying asset (such
as an equity) will rise or fall. A client who spread-bets does not own, for example,
the physical share, he simply bets on the direction he thinks the share price will
move;
“STOR” means a suspicious transaction and order report providing notification to the
Authority in accordance with Article 16(2) of EU MAR;
“STR” means a suspicious transaction report providing notification to the Authority
in accordance with SUP 15.10.2 R;
“SUP” means the Authority’s Supervision Manual;
“SYSC” means the Authority’s Senior Management Arrangements Systems and
Controls Sourcebook;
“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber); and
“TRUP” means the Transaction Reporting User Pack, the Authority’s guidance on
transaction reporting which was released in several versions. Version 1 became
effective from November 2007; version 2 became effective from 21 September 2009;
version 3 became effective from 1 March 2012; and version 3.1 became effective
from 6 February 2015.
4.
FACTS AND MATTERS
4.1.
Sigma is, and was during the Relevant Period, a brokerage firm authorised by the
Authority. It provides its customers with a range of services, including access to
worldwide exchanges through its trading platform.
4.2.
During the Relevant Period, almost all of Sigma’s trading was carried out by
customers instructing a Sigma broker by telephone, email or Bloomberg messenger,
with only a very few customers using direct market access.
4.3.
In December 2014, Sigma expanded its business, beyond its core service of F&O
provided to funds and institutions, and established its CFD desk which offered CFDs
and Spread-Bets to a customer base largely comprised of high net worth individuals.
4.4.
In order to grow the CFD desk’s business, during the early part of 2015, Sigma
recruited several brokers with their own established customer bases, whose
remuneration was to a very large extent determined by the levels of fees that they
generated rather than a fixed basic salary.
4.5.
The number of CFD trades executed by Sigma increased steadily following the
implementation of the CFD desk in December 2014. In the first quarter of 2015,
Sigma executed 1911 transactions, this number rose to 5,757 transactions in the
first quarter of 2016. Despite having up to 100 positions open per day by 2016,
Sigma’s trade surveillance remained entirely manual; neither automatic electronic
monitoring tools, nor basic case management software, were used to facilitate
monitoring of the trading activity or to maintain an audit trail. As a result, Sigma
failed to identify transactions which were potentially suspicious.
4.6.
In January 2016, the Authority became aware of transaction reporting anomalies at
Sigma, leading to the discovery that Sigma had failed to report any of the equity CFD
and Spread-Bet transactions it had executed with its clients since the inception of its
CFD desk in December 2014, and that it had never submitted an STR to the Authority.
A supervisory visit to Sigma in June 2016, identified further causes for concern as to
whether Sigma was complying with regulatory standards.
4.7.
On 12 August 2016, in response to the concerns identified by Supervision, Sigma
voluntarily applied to the Authority for the imposition of certain restrictions on its
permissions relating to the CFD desk.
Sigma’s systems and controls
Board governance
4.8.
During the Relevant Period, the Board comprised three directors: Simon Tyson, who
was approved to perform the CF3 (Chief Executive), CF1 (Director) and CF11 (Money
laundering reporting) controlled functions; Matthew Kent, who was approved to
perform the CF1 (Director) controlled function and Steven Tomlin, who was approved
to perform the CF1 (Director) and CF10 (Compliance oversight) controlled functions.
4.9.
During the Relevant Period, Sigma’s Board did not formally and regularly meet.
Sigma described holding informal meetings with “ad-hoc discussions held between
each director and other members of senior staff”. No formal minutes were maintained
of such meetings. As a result, there exists no record of attendees, the matters
discussed, the nature of any challenges made or decisions reached. Accordingly,
Sigma was unable to demonstrate the proper functioning of its Board or its effective
oversight of the activities of the CFD desk.
4.10.
Nor did the Board operate under any terms of reference describing its procedures
and responsibilities, or any similar such document, against which Sigma’s directors
could measure whether they were complying with them and providing effective
governance oversight.
Management information
4.11.
On those occasions when the Board met during the Relevant Period, they were not
provided with structured management information to enable them to understand the
business of the CFD desk, such that its activities could be reviewed, any issues of
concern identified and any remedial measures proposed and monitored. Sigma was
unable to provide the Authority with any board packs or briefing notes, or records of
any occasion when employees, such as those working in compliance, had briefed
members of the Board on the operations of the CFD desk.
4.12.
During the Relevant Period, the Board received no formal written reports from the
CF10 or the CF11 on matters relating to their areas of oversight. If they provided
oral briefings to the Board there is no adequate record of what was said or any
decisions that were reached to progress the concerns raised, because no minutes
were taken.
4.13.
Starting in January 2015, a member of staff in the Compliance Department produced
quarterly updates intended for the Board, largely outlining required actions. But there
is no evidence that the Board used these updates effectively to monitor and oversee
progress on the matters of concern that were raised.
4.14.
Sigma maintained a Risk Register, but there is no evidence that the Board, formally
or informally, used the register effectively to monitor and oversee risks to the
business. For example, a risk entered in December 2014 was a lack of up to date
and/or comprehensive policies and procedures. The control in place to address this
risk purported to be that procedures were either in place or being put in place to
ensure Sigma was compliant with current regulatory requirements. This risk was
classified as “critical” which the Risk Register defined as a “high likelihood of
regulatory censure and/or remedial action requiring significant expenditure or
timescale.” The Risk Register recorded this as a high risk which must be subject to
audit review. Despite the seriousness of these concerns, there is no evidence that
during the Relevant Period the Board monitored this risk or recorded the steps being
taken towards comprehensive policies being put in place.
4.15.
That remedial work was required in respect of Sigma’s governance, and its policies
and procedures over aspects of its business, including the CFD desk, had been set
out in a memo sent by a senior Sigma employee to Messrs Tyson, Tomlin and Kent
on 28 November 2014. The memo recorded, amongst other matters, a need to:
a)
“Review and update [Sigma’s] compliance manual and all associated policies
(for approval by Board) to ensure that Bonds and CFDs are included”;
b)
“Review primary compliance policies/procedures including the compliance
monitoring plan (especially in the context of the new businesses)”;
c)
“Recommend (and if necessary assist in the implementation of) appropriate
Governance procedures/practices for [Sigma] both at Board and Committee
level including org/structure charts and information flow”; and
d)
Under
the
heading
CFD
desk,
“Progress/draft
all
third-party
documents/agreements as well as all internal Compliance/Risk Policies and
Procedures.”
4.16.
Despite these concerns being brought directly to the Board’s attention, there is no
evidence that it sought to monitor progress on any of these areas in a structured
manner, or at all, or to seek regular updates from those members of staff delegated
to carry out these tasks.
Allocation and performance of controlled functions
4.17.
Although the controlled functions referred to above in paragraph 4.8 were nominally
assigned amongst the Board directors, they were allocated with little regard to each
director’s capabilities, training or previous experience.
4.18.
Mr Tomlin was appointed to, and performed, the CF10 controlled function of Sigma
from 10 August 2008. He did so with reluctance due to his lack of any previous
experience of the CF10 role, but accepted it nevertheless because there was no other
suitably qualified person within Sigma to do so. Prior to the supervisory visit he had
not, for example, received any training on transaction reporting.
4.19.
Throughout the Relevant Period, Mr Tomlin’s CF10 responsibilities included oversight
of the CFD desk. Mr Tomlin explained during an interview with the Authority that,
due to his experience in the industry, he had been comfortable performing the CF10
role overseeing Sigma’s F&O business, but he had never been comfortable doing so
over the business of the CFD desk. He had seen it as a necessity that served the
purpose for a limited period until he could pass it to someone with more appropriate
experience than himself.
4.20.
Mr Tyson was appointed to, and during the Relevant Period performed, the CF11
controlled function despite having no relevant qualifications, or having undertaken
any training, such as in relation to SARs, financial crime or market abuse, to enable
him properly to do so.
4.21.
In relation to the CF10 and CF11 controlled functions, Mr Tyson stated that he had
wanted both himself and Mr Tomlin to stop performing these roles because “it was
not a fair reflection of who did the work on a day-to-day basis and who had the
relevant knowledge within the firm”.
4.22.
Beyond the allocation of these controlled functions, there was no clear allocation of
responsibilities amongst the Board directors, for example by way of a statement of
responsibilities or employment contract, that set out the expectations of each director
in the performance of their controlled functions, over the various parts of Sigma’s
business.
4.23.
From 2009, Mr Tyson involved himself fully in the day-to-day running of the firm,
with Mr Tomlin doing so to a lesser extent.
4.24.
Mr Kent largely restricted his involvement in the firm to strategic decisions and
developing business relationships.
4.25.
In an email sent by Mr Tyson copied to Mr Tomlin on 21 October 2014, with the
subject “Re: Compliance and FCA related matters”, he wrote “Re: CF10 and CF11
positions - I will be assuming the CF10 position whilst keeping the CF11 position. It
is not proposed as a swap”. But there was no clarification or formalisation of whether
this proposal related to all CF10 responsibilities or those related solely to the CFD
desk or indeed from when it was to be effective.
4.26.
A further email sent by the Board to all staff in September 2015 announced that
“Simon Tyson will now become responsible for Compliance Oversight (CF10) for both
Sigma Broking and Sigma Americas”.
4.27.
But Sigma did not notify the Authority or seek its approval for any such transfer of
responsibilities for the performance of the CF10 function, and Mr Tomlin remained
the person approved to perform that function throughout the Relevant Period.
Risk assessment prior to commencement of the CFD desk’s activities
4.28.
CFDs and Spread-Bets are higher risk products. Their leveraged nature makes them
particularly attractive to those seeking to commit market abuse, including insider
trading. Sigma recognised this. Despite this significant change to the risk profile of
the business, Sigma failed to perform an adequate risk assessment prior to
expanding into this higher risk business area.
4.29.
The Board had no prior experience or expertise of CFDs and Spread-Bets and did not
take any steps to educate themselves about these products or to anticipate and
manage the associated risks. For example, compliance resourcing at Sigma remained
unchanged, and no additional training was provided for staff overseeing that aspect
of Sigma’s business.
Compliance oversight and delegation of responsibilities
4.30.
During an interview with the Authority, Mr Tyson acknowledged his own limited
understanding of the activities of the CFD desk but claimed that oversight of its
activities had been appropriately delegated to employees within the legal and
compliance departments. But such delegations, as may have been made, were not
clearly documented with the result that there was uncertainty over which
responsibilities had been delegated and to whom.
4.31.
One of those to whom Mr Tyson said compliance responsibilities had been delegated
was Mr A, a senior lawyer who had performed the CF10 and CF11 functions while at
previous firms which offered CFDs and Spread-Bets to their customers. Mr A joined
Sigma in mid-2014 initially as a consultant and as a permanent employee from early
2015. Another was a more junior employee within the Compliance Department, Mr
B.
4.32.
Mr Tyson stated that “[Mr A] had two roles with the firm, one was to advise and deal
with any legal matters in his function as a practising lawyer. The other was to advise,
implement and run the Compliance Department within Sigma … We as a firm brought
in what we considered at the time the appropriate skills and knowledge into the firm
in the light of the new business unit … So [Mr A] having held CF10, CF11 functions
at [two firms], we deemed that knowledge and experience as being exactly what we
needed to, sort of, plug the gap that we had”. Mr Tyson observed “I think we didn’t
rely on Steve [Tomlin] to perform that function [CF10]. We relied on the external
compliance consultancy firms before we hired [Mr A]”.
4.33.
Mr A, however, told the Authority that he did not have a role in relation to compliance
other than to give legal advice on regulatory matters. He said that his potentially
taking a Head of Compliance role was discussed but he never agreed to do so.
4.34.
Mr Tyson said that as to the performance of his CF11 role, for oversight of Sigma’s
compliance with the Authority's rules on systems and controls against money
laundering, he relied on Mr A for the “day-to-day of that”.
4.35.
Sigma was unable to provide the Authority with a signed and agreed job description
setting out Mr A’s responsibilities for compliance, or financial crime, matters
delegated to him by Mr Tomlin, or by the Board, or more generally in relation to his
responsibilities for the activities of the Compliance Department. A draft employment
contract was exchanged between Sigma and Mr A on 17 February 2015 which
described his role as “General Counsel & Chief Compliance Officer”. Correspondence
between Mr A and Messrs Tyson, Tomlin and Kent in November 2014 demonstrates
that Mr A was communicating with them regarding both legal and compliance
matters.
4.36.
Mr Tomlin stated that the CFD desk fell entirely outside his CF10 responsibilities and
that he was not involved in compliance issues that arose in that part of the business.
He did not know what systems and controls were in place regarding surveillance of
the CFD desk or what practical arrangements were in place to investigate potentially
suspicious trades. He did not know who was responsible for suspicious transaction
reporting on the CFD desk, and was unaware of any STRs or STORs that Sigma may
have submitted arising from its activities. The CFD desk was, Mr Tomlin said, “run as
a separate company by Simon [Tyson]”.
4.37.
During the Relevant Period, Mr B was the only employee in Sigma’s Compliance
Department. He had no prior experience of CFDs, and considered that his
responsibilities were restricted to Sigma’s F&O activities. Mr B said that the CFD desk
managed its own compliance issues, including market abuse surveillance and
transaction reporting, “on desk” with day-to-day compliance responsibilities
apportioned between Mr A and an individual, Mr C, who was involved in risk
monitoring for the CFD desk. He believed that Mr Tyson approved the arrangement.
4.38.
Mr A, however, said that Mr B, as compliance officer had overall responsibility for
compliance and monitoring for market abuse. Mr C denied responsibility for market
abuse surveillance and said that this was Mr B’s responsibility, he described his role
as making risk-based decisions around leverage and margin calls and liaising with
Sigma’s hedging counterparties.
4.39.
Whatever the situation was in practice, or individuals’ understanding of their own or
others’ responsibilities, the arrangements were unclear and confused and none of
these arrangements or divisions of responsibility were adequately documented by
Sigma.
4.40.
There is no evidence that the CFD desk’s trading system was used by Sigma’s
Compliance Department to perform any real-time trade surveillance, nor was there
any automated monitoring system in place to enable it to conduct effective post-
trade surveillance. Sigma did not even use basic management software, such as a
spreadsheet, to facilitate monitoring of the trading activity or to maintain an audit
trail.
4.41.
Sigma did not recruit suitably qualified compliance staff to, or provide necessary
training to those employed within, the Compliance Department and it remained
insufficiently resourced throughout the Relevant Period to enable it to adequately
monitor the growing business of the CFD desk. Concerns over inadequate and
ineffective compliance resourcing were not effectively escalated and the situation
was not remedied.
4.42.
During the Relevant Period, Sigma had in place a policy document called the
Compliance Monitoring Programme (“CMP”) which described its purpose as one of
the means by which Sigma could monitor its activities on a periodic basis in order to
ensure that it remained in compliance with all relevant rules and regulations and to
identify areas of weakness or non-compliance.
4.43.
According to the CMP, at Sigma, “Monitoring is performed on a regular basis and the
results submitted to senior management for review and to ensure prompt action to
correct any deficiencies or breaches identified”.
4.44.
The CMP also provided that “Findings and recommendations arising from completed
monitoring are circulated to the Board and line management where appropriate. The
Compliance Officer reports monthly to the Management Committee and includes in
his report any appropriate monitoring matters”. Sigma was unable to demonstrate
that it complied with these standards of reporting and monitoring.
4.45.
The CMP explained that it was divided into separate tests, which were conducted on
four different levels of frequency: monthly, quarterly, semi-annually and annually to
reflect the current assessment of operational and regulatory risk associated with each
underlying activity. It observed that it was important to evidence the application of
Sigma’s CMP with supporting documentation.
4.46.
Amongst many other matters identified by the CMP in its “High Level Programme for
2014” were quarterly monitoring of money laundering and financial crime processes,
to include a review of a suspicious activity reporting register, and of market conduct
to prevent the firm being a conduit for market abuse, and daily monitoring to ensure
all transactions conducted by telephone were recorded.
4.47.
The Business Standards section of the CMP gave “Market Conduct” a medium risk
rating in August 2014, with monitoring recorded as quarterly, giving the reason for
this as: “The FCA has raised concerns in issued guidance, Market Watch publications
and numerous speeches that all regulated entities are in the current climate, more
at risk of conducting or being a conduit in the performance of market abuse”.
4.48.
Sigma was unable to provide any supporting documentation to evidence that any
quarterly monitoring of the CFD desk’s activities occurred, as envisaged by the CMP,
which was then reported to the Board or to senior management. During the Relevant
Period Sigma did not monitor telephone conversations, daily or at all.
CFD desk policies and monitoring of broker conduct
4.49.
Sigma was unable to provide the Authority with a clear picture of which policies and
procedures, such as desk-manuals, it had in place with respect to the activities of
the CFD desk during the Relevant Period. Many areas which should have been
covered by written policies appear to have had no written policies in place, and of
those policy documents provided by Sigma, many did not record when they were
implemented or when they may have been revised, if at all.
4.50.
The following are examples of some of these deficiencies:
•
There was no formal written procedure or policy in place regarding the
escalation or consideration of STRs/STORs from the CFD desk, Sigma’s Market
Conduct Policy & Procedure referred only to procedures for reporting a SAR if a
suspicious transaction was identified;
•
During the Relevant Period, Sigma did not monitor any telephone
conversations, contrary to its own compliance policy;
•
There were no formal written policies in place prohibiting the use of unrecorded
devices to take instructions from Sigma’s customers, or any training provided
on restrictions around the use of personal devices or the use of personal phones
to communicate with customers, thereby placing Sigma in breach of COBS
11.8.5AR;
•
As a result, on occasion, brokers on the CFD desk were using encrypted chat
apps on their personal mobile devices to communicate with, and take orders
from, clients without the knowledge of, or approval from, compliance.
4.51.
During the Relevant Period, there were examples of arrangements concerning certain
brokers on the CFD desk which should have been overseen and monitored, had
suitable policies and procedures been in place.
Brokers on the CFD desk had Power of Attorney (“PoA”) arrangements with clients,
which were neither declared as a conflict of interest, nor monitored by compliance.
One broker on the CFD desk had PoA over the trading account of a family member,
from whom he had received loans which totalled more than £100,000 during the
Relevant Period. These loans were not recorded in Sigma’s gifts and inducements
register or reported to compliance.
Commission based remuneration
4.52.
Against the background of these deficiencies of Sigma’s policies, its commission-
based remuneration structure incentivised brokers on the CFD desk to focus on their
trading activity, to the potential detriment of promoting the identification and
escalation of potential market abuse. Brokers on the CFD desk were not paid a salary,
but instead were entitled to up to 60% of the net revenue generated by their clients
as commission.
4.53.
Whilst such remuneration structures are not an uncommon feature within the
industry, they may bring with them conflicts that should be mitigated. For example,
brokers dependent largely on fee income may be reluctant to escalate concerns
regarding trading by high-revenue generating customers. Clear front-desk policies
and procedures and routine compliance monitoring can mitigate the risk that
suspicious trading is not escalated appropriately. During the Relevant Period Sigma
lacked any such monitoring. These conflicts were further exacerbated by the fact that
many of the brokers on the CFD desk maintained close personal relationships with
their customers, which included, as in the example above, brokers receiving personal
loans which were not declared to Sigma.
4.54.
Furthermore, Mr Tomlin’s only income from Sigma during much of the Relevant
Period was brokerage derived from his trading, creating a potential further conflict in
the performance of his CF10 function which should have been appropriately
managed.
Transaction reporting
4.55.
During the Relevant Period SUP 17 and the guidelines in the Transaction Reporting
User Pack (“TRUP”) required firms entering into reportable transactions to send
accurate and complete transaction reports to the Authority on a timely basis. These
transaction reports assist the Authority to meet its objective of protecting and
enhancing the integrity of the UK’s financial system by helping it to identify situations
of potential market abuse. Each transaction report should include, amongst other
elements: information about the financial instrument traded, the firm undertaking
the trade, the buyer and the seller, and the date and time of the trade.
4.56.
TRUP (Version 3.1 effective from 6 February 2015) at section 10.1 contains the
following guidance regarding a firm’s obligations concerning data integrity:
“We expect firm’s controls and review processes to embody Principle 3 and
comply with SYSC obligations. To assist with this, firms should validate the
accuracy and completeness of the reports they submit to the FCA by
comprehensive testing of their full reporting processes and by regularly
performing ‘end-to-end transaction reconciliations.’ We consider an ‘end to end
reconciliation to mean the reconciliation of a firm’s front-office trading records
and data against the reports it submits to its ARM(s) and against data samples
extracted from the FCA transaction report database (see section 10.1.1.).”
4.57.
Section 10.1.1. states that:
“To help check reports have been successfully submitted to us, firms can
request a sample of their transaction reports using an online form on our
website. […] We encourage firms to use this facility from time to time as part
of their review and reconciliation processes. This enables firms to compare the
reports we receive with their own front office trading records and the reports
firms (or their representatives) submit to their ARM(s). Firms should also check
the accuracy and completeness of the individual data elements within their
transaction reports, and their compliance with transaction reporting rules and
requirements, having regard to the guidance we have issued.”
4.58.
During the Relevant Period, Sigma did not make use of this facility.
4.59.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and
Spread-Bet products using a “matched principle” methodology. For each trade
executed, two trades were in fact carried out. While Sigma reported the first leg of
the trade, it did not report the second, client-side transaction.
4.60.
In February 2016, the Authority’s Markets Reporting Team (“MRT”) wrote to Sigma
setting out concerns that MRT had identified regarding the completeness and
accuracy of Sigma’s transaction reporting. Following these communications, Sigma
instructed a specialist regulatory reporting firm (Firm A) to review the reports it had
submitted to the Authority across a one-week sample taken from earlier that month,
to assess their compliance with the rules in SUP, Chapter 17.
4.61.
In April 2016, Firm A reported its findings to Sigma and to the Authority. Whilst
Sigma’s F&O business, managed by Mr Tomlin, was compliant, the findings revealed
significant reporting failings in respect of the activities of the CFD desk. These failings
included, amongst others:
a mismatch between the instrument description and the derivative type in the
case of 1,314 out of 1,346 CFDs reported, from a one-week sample. The
description ended with “SB” indicating Spread Bet, although all of these trades
were CFD hedges against a brokerage firm;
CFDs were reported in GBP currency although the price stated reflected the
pence at which the stock traded (e.g. Barclays PLC reported at £164.56 instead
of 164.56p). UK stock prices need to be divided by 100 in most cases before
being reported in the major currency. This issue affected 1,257 out of 1,346
CFDs, from a one-week sample; and
Although Firm A was able to match all 383 CFD trades from Sigma’s raw data
to transactions accepted by the Authority, from a one-day sample, these trades
represented only the hedging portion of Sigma’s CFD activity, and its client-
side CFDs were not being reported as required.
4.62.
In particular, the failure to report client-side CFDs materially impacts the Authority’s
ability to carry out effective surveillance. Without client-side transaction reports, the
MRT is unable to differentiate transactions carried out by each individual and is
provided with an incomplete picture of each individual’s trading activity which may
have been conducted across a number of firms, or indeed any activity by customers
who only held accounts at Sigma.
4.63.
Mr Tyson told the Authority that Sigma’s failure to report client-side CFDs was “a
genuine misunderstanding” originating from when the CFD desk was set up.
4.64.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to
accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated
56,000 transactions.
Suspicious transaction reporting – STRs and STORs
4.65.
From the start of the Relevant Period until 2 July 2016, SUP 15.10.2 R provided that
a firm which arranges or executes a transaction with or for a client and which has
reasonable grounds to suspect that the transaction might constitute market abuse
must notify the Authority without delay; thereafter and throughout the rest of the
Relevant Period, Article 16(2) of EU MAR provided to similar effect in relation to both
suspicious orders and transactions.
4.66.
Sigma lacked an understanding of its regulatory obligations in respect of market
abuse and in particular the fundamental difference between the STR/STOR regime
and the SAR regime. Sigma did not put in place adequate policies or procedures or
deliver training to enable staff to identify and escalate suspicious transactions. As a
result, there was widespread uncertainty and misunderstanding amongst Sigma staff
as to the regulatory obligations regarding market abuse, which transactions should
be regarded as suspicious, when such transactions should be escalated, and to
whom.
Escalation of concerns regarding suspicious trading
4.67.
During the Relevant Period, there was no formal procedure or policy in place
regarding the escalation or consideration of suspicious transactions. The informal but
widely accepted custom for identifying suspicious transactions on the CFD desk
involved the front office staff verbally communicating their suspicions to senior
members of the CFD desk, who would take a personal view before deciding whether
to raise the matter verbally with Mr Tyson. Record-keeping was largely non-existent;
discussions around a suspicious transaction were not recorded, including the
rationale supporting any decision not to submit a STR/STOR.
Written procedures for the escalation of suspicious trades
4.68.
In May 2015, a senior CFD desk trader communicated by a brief email to the CFD
desk that suspicious transactions should be escalated in writing to him prior to his
discussing them with Mr A and Mr C; however, no accompanying guidance was issued
to any of the brokers to enable them to understand how to recognise a suspicious
transaction. Despite this apparent procedural change at Sigma, brokers on the CFD
desk made only eight such escalations from then until the end of the Relevant Period.
4.69.
During the Relevant Period, Sigma did not submit any STRs to the Authority.
4.70.
In correspondence with the Authority in May 2016, Sigma described responsibilities
purportedly placed on Mr C for “real-time” monitoring of the CFD desk, stating that
he had: “a consolidated view via the platform and reviews all client trading during
the day; the trading platform produces an end of day report of all transactions
together with associated profit and loss, which [Mr C] reviews on a daily basis; [Mr
C] will report any suspicious transactions to Compliance for further evaluation; [Mr
C] is supported by [a senior individual in technology and operations] who carries out
this role in his absence.” But these responsibilities were not recorded in any of
Sigma’s policies or procedures; and nowhere were they formally designated to Mr C.
4.71.
During an interview with the Authority, Mr C denied responsibility for market abuse
surveillance, asserting that it was the responsibility of Mr B.
Preparations for the introduction of EU MAR
4.72.
Towards the end of the Relevant Period, on 3 July 2016, the Market Abuse Regulation
came into force and introduced extra safeguards and responsibilities upon broker
firms in managing the risks of market abuse. Sigma did not take any preparatory
steps for the introduction of EU MAR, despite the fundamental importance of EU MAR
to the identification, prevention and detection of market abuse and the Authority
publishing communications reminding firms of their obligations under EU MAR.
Although a relevant member of Sigma’s staff attended a course concerning the
implementation of EU MAR, there were no formal presentations, announcements or
communications within Sigma about the changes to the STR regime in July 2016
which resulted from the introduction of EU MAR.
Post-trade Surveillance on the CFD desk
4.73.
During the Relevant Period, there was confusion about who was responsible for post-
trade surveillance to identify potentially suspicious trading activity including market
abuse. In practice, nobody was performing this role. There were no policies or
procedures which outlined the post-trade monitoring to be undertaken on the CFD
desk, and no thresholds, parameters or criteria to assist staff with identifying
suspicious orders or transactions.
4.74.
From March 2016, the Compliance Department started performing monthly post-
trade surveillance of F&O transactions, however no post-trade surveillance was
carried out in respect of the CFD desk.
4.75.
Sigma’s reliance on manual oversight of its CFD trading, without the benefit of proper
analysis or case management tools, hindered its ability to capture types of suspicious
activity and to identify patterns effectively. Given the daily volume of trades executed
by the CFD desk, Sigma should have implemented an in-house solution to collate the
trading data and to track and evaluate emerging suspicions.
Back-book review for STRs / STORs
4.76.
In February 2017, Sigma established a panel to conduct a review of all transactions
that had taken place on the CFD desk during the Relevant Period to determine
whether any required STR or STOR notifications to the Authority (“the Panel”). The
Panel consisted of four individuals including the newly recruited member of the
Compliance Department.
4.77.
First, Sigma used automated market abuse monitoring software to flag trades that
warranted review according to parameters which had been approved by the Skilled
Person for use by the CFD desk’s current transaction monitoring software. This
process flagged 1,621 transactions. Secondly, an initial review of the flagged
transactions was conducted by a senior individual on the CFD desk and a senior,
newly recruited, member of the Compliance Department. Thirdly, the Panel, reviewed
the initial analysis accordingly to set terms of reference.
4.78.
The review by the Panel resulted in the identification of 97 suspicious transactions or
orders during the Relevant period, which would likely have been collectively reported
to the Authority as 24 STRs/STORs, none of which had been identified previously by
Sigma as potentially suspicious. Some of these notification assessments, however,
were made with the benefit of information which would not have been available to
Sigma at the time of the transactions; such as subsequent trading behaviour, or
accounts which had been the subject of information requests from the Authority.
Sigma has not suggested that a significant proportion would only have been
identifiable with hindsight.
4.79.
SARs form part of a regime under which suspicious activity related to money
laundering or criminal property is reported to the UK Financial Intelligence Unit at
the National Crime Agency.
SARs submitted
4.80.
During the Relevant Period, only two SARs were submitted by Sigma to the National
Crime Agency. No STRs or STORs were submitted to the Authority despite at least
one of the SARs relating to a suspicious transaction.
5.
FAILINGS
5.1.
The statutory and regulatory provisions relevant to this Notice are referred to in
5.2.
SUP 17.1.4R provided that:
“A firm which executes a transaction:
in any financial instrument admitted to trading on a regulated market or a
prescribed market (whether or not the transaction was carried out on such a
market); or
in any OTC derivative the value of which is derived from, or which is otherwise
dependent upon, an equity or debt-related financial instrument which is
admitted to trading on a regulated market or on a prescribed market;
must report the details of the transaction to the Authority.”
5.3.
SUP 17.4.1EU provided that:
“Reports of transactions made in accordance with Articles 25(3) and (5) of
MiFID shall contain the information specified in SUP 17 Annex 1 EU which is
relevant to the type of financial instrument in question and which the FCA
declares is not already in its possession or is not available to it by other means.”
5.4.
SUP 17 Annex 1 EU set out the minimum content of a transaction report including
Field Identifiers and Descriptions.
5.5.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to
accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated
56,000 transactions.
5.6.
SUP 15.10.2R provided that:
“A firm which arranges or executes a transaction with or for a client and which
has reasonable grounds to suspect that the transaction might constitute market
abuse must notify the FCA without delay.”
5.7.
From 1 December 2014 to 2 July 2016, Sigma contravened SUP 15.10.2R by failing
to report 17 STRs to the Authority.
5.8.
Article 16 (2) EU MAR provides that:
“Any person professionally arranging or executing transactions shall establish
and maintain effective arrangements, systems and procedures to detect and
report suspicious orders and transactions. Where such a person has a
reasonable suspicion that an order or transaction in any financial instrument,
whether placed or executed on or outside a trading venue, could constitute
insider dealing, market manipulation or attempted insider dealing or market
manipulation, the person shall notify the competent authority [of the Member
State in which they are registered or have their head office] without delay.”
5.9.
From 3 July 2016 to 12 August 2016, Sigma contravened Article 16 (2) of EU MAR
by failing to report 7 STORs to the Authority.
5.10.
Principle 3 provides that a firm must take reasonable care to organise and control its
affairs responsibly and effectively, with adequate risk management systems.
5.11.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems
and controls, to enable its Board to review in a structured fashion the business
activities of the CFD desk. In particular, Sigma failed to:
(1)
Conduct Board meetings with sufficient regularity to enable the effective
oversight of the CFD desk’s business activities by its directors;
(2)
Maintain Board minutes that recorded attendees, the matters discussed,
the nature of any challenges made and decisions reached, sufficient to
demonstrate effective oversight of the CFD desk by its directors;
(3)
Obtain and circulate to members of the Board prior to its meetings,
adequate management information regarding the business of the CFD
desk, sufficient to enable its activities to be effectively reviewed by its
directors, and any issues of concern identified, challenged and any
remedial measures proposed, monitored;
(4)
Undertake an adequate risk assessment prior to the commencement of
the CFD desk’s business activities, sufficient to enable its directors to
review and understand the regulatory requirements and market conduct
risks associated with such activities, and to prepare accordingly;
(5)
Ensure that those directors with responsibility for compliance oversight
and money laundering reporting had the necessary skills and training to
perform, and were effectively performing, those functions;
(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and
proper functioning of the Compliance Department, including the
implementation of policies and procedures, as pertaining to the business
of the CFD desk.
5.12.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance
function. In particular, Sigma failed to:
(1)
Adequately record and monitor the performance of those of Mr Tomlin’s
responsibilities, as CF10 (Compliance oversight), that he had delegated
to Sigma’s Chief Executive, Mr Tyson;
(2)
Adequately record and communicate the roles and responsibilities of its
Compliance Department staff, and those employed on the CFD desk who
assisted in certain compliance related activities, such that these were
clear and properly understood;
(3)
Ensure that the Compliance Department had in place adequate policies
and procedures in relation to the conduct of brokers on the CFD desk, and
that these were effectively communicated and monitored;
(4)
Ensure that those staff responsible for transaction reporting were
provided with clear policies and procedures, and sufficient training and
guidance, such that they could properly discharge their responsibilities;
(5)
Ensure that it had effective systems, including clear reporting lines and
written policies and procedures, in place such that it could comply with
its
post-trade
transaction
monitoring
obligations,
including
the
appropriate and timely escalation of potentially suspicious transactions on
the CFD desk, and that these remained effective as the volume of the
CFD desk’s transactions increased;
(6)
Ensure that it had taken adequate preparatory steps for the introduction
of EU MAR in July 2016, despite the fundamental importance of EU MAR
to the detection and reporting of market abuse.
5.13.
Sigma also failed to establish, implement and maintain adequate policies and
procedures sufficient to ensure its compliance with its obligations under the
regulatory system and for countering the risk that it might be used to further financial
crime, thereby breaching SYSC 6.1.1R.
6. SANCTION
Power to impose a financial penalty in respect of Sigma’s conduct
6.1.
Section 206 of the Act gives the Authority the power to impose a penalty on an
authorised firm if that firm has contravened a requirement imposed on it by or under
the Act or by any directly applicable European Union regulation or decision made
under MiFID.
6.2.
The Authority considers that Sigma has contravened SUP 17.1.4R, SUP
17.4.1EU/SUP 17 Annex 1 EU, SUP 15.10.2R, Article 16(2) of EU MAR and Principle
3.
6.3.
The Authority’s policy for imposing a financial penalty is set out in Chapter 6 of DEPP.
In respect of conduct occurring on or after 6 March 2010, the Authority applies a
five-step framework to determine the appropriate level of financial penalty. DEPP
6.5A sets out the details of the five-step framework that applies in respect of financial
penalties imposed on firms.
6.4.
Given that the breaches of SUP 15.10.2R, Article 16 (2) of EU MAR, SUP 17.1.4R,
SUP 17.4.1 EU/SUP 17 Annex 1 EU and SYSC 6.1.1R occurred within the period of
the Principle 3 breach and are based on similar facts, the Authority considers it
appropriate to impose a combined financial penalty for these breaches.
Step 1: disgorgement
6.5.
Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the
financial benefit derived directly from the breach where it is practicable to quantify
this.
6.6.
The Authority has not identified any financial benefit that Sigma derived directly from
its breach.
6.7.
Step 1 is therefore £0.
Step 2: the seriousness of the breach
6.8.
Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that reflects
the seriousness of the breach. Where the amount of revenue generated by a firm
from a particular product line or business area is indicative of the harm or potential
harm that its breach may cause, that figure will be based on a percentage of the
firm’s revenue from the relevant products or business area.
6.9.
The Authority considers that the revenue generated by Sigma’s CFD desk is indicative
of the harm or potential harm caused by its breach. The Authority has therefore
determined a figure based on a percentage of Sigma’s relevant revenue. Sigma’s
relevant revenue is the revenue derived by Sigma during the period of the breach.
The period of Sigma’s breach was from 1 December 2014 to 12 August 2016.
6.10.
The Authority considers Sigma’s relevant revenue for this period to be £3,580,025.
6.11.
Having determined the relevant revenue, the Authority will then decide on the
percentage of that revenue which will form the basis of the penalty. In making this
determination the Authority will consider the seriousness of the breach and choose a
percentage between 0% and 20%. This range is divided into five fixed levels which
represent, on a sliding scale, the seriousness of the breach. The more serious the
breach, the higher the level. For penalties imposed on firms there are the following
five levels:
Level 1 – 0%
Level 2 – 5%
Level 3 – 10%
Level 5 – 20%
6.12.
The Authority has determined the seriousness of Sigma’s breaches to be Level 4 for
the purposes of Step 2 having taken into account:
(1)
DEPP 6.5A.2G(6-9) provides factors the Authority will generally take into
account which reflect the impact and nature of the breach, and whether it was
committed deliberately or recklessly, in deciding which level of penalty best
indicates the seriousness of the breach;
(2)
DEPP 6.5A.2G(11) lists factors likely to be considered ‘level 4 or 5 factors’; and
(3)
DEPP 6.5A.2G(12) lists factors likely to be considered ‘level 1, 2 or 3 factors.’
6.13.
Of these, the Authority considers the following factors to be relevant:
(1)
Sigma saved on the costs that it would otherwise have incurred had it
adequately resourced its Compliance Department and implemented proper
systems for transaction reporting and monitoring;
(2)
There was no loss to consumers, investors, or other market users;
(3)
There was no adverse effect on market confidence or orderliness, albeit the
breaches could have had an adverse effect on the market, in that they
increased the risk that market abuse could occur undetected;
(4)
The breaches revealed serious and systemic weaknesses in Sigma’s
procedures, management systems and internal controls in relation to its
oversight of the activities of the CFD desk;
(5)
There was a significantly increased risk that potentially suspicious trading could
go undetected as a result of the breaches, due to the combination of failings
across all levels of “defence” against market abuse within Sigma: at CFD desk
level; within its Compliance Department; governance at Board level; and
because Sigma’s failures in transaction reporting and notifications of
STR/STORs, which when remedied resulted in an estimated 56,000 transaction
reports and the identification of 97 suspicious transactions or orders, which
would likely have resulted in 24 collective STR/STOR notifications, failings
which potentially undermined the effectiveness of the Authority’s own
surveillance tools;
(6)
The Authority relies on firms to submit complete and accurate transaction
reports to enable it to carry out its market surveillance obligations and to detect
and investigate cases of market abuse and uphold proper conduct in the
financial system; and
(7)
The breach was committed negligently, not deliberately or recklessly.
6.14.
Taking all of these factors into account, the Authority considers the seriousness of
the breach to be level 4 and so the Step 2 figure is 15% of £3,580,025, which is
£537,003.
6.15.
Step 2 is therefore £537,003.
Step 3: mitigating and aggravating factors
6.16.
Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the
amount of the financial penalty arrived at after Step 2, but not including any amount
to be disgorged as set out in Step 1, to take into account factors which aggravate or
mitigate the breach.
6.17.
An aggravating factor in this case is that the Authority has given substantial and
ongoing support to the industry regarding transaction reporting requirements
including through the TRUP and Market Watch both prior and throughout the Relevant
Period that highlighted the importance of transaction reporting and submitting STRs
/ STORs.
6.18.
The Authority considers that the Step 2 figure should be increased by 10%.
6.19.
Step 3 is therefore £590,703.
Step 4: adjustment for deterrence
6.20.
Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after Step
3 is insufficient to deter the firm who committed the breach, or others, from
committing further or similar breaches, then the Authority may increase the penalty.
6.21.
The Authority considers that the Step 3 figure of £590,703 represents a sufficient
deterrent to Sigma and others, and so has not increased the penalty at Step 4.
6.22.
Step 4 is therefore £590,703.
Step 5: settlement discount
6.23.
The Authority and Sigma reached agreement to settle between the end of stage 1
and prior to the expiry of the period for making representations. The Authority has
applied a 10% discount to the Step 4 figure. Step 5 is therefore £531,632.
Financial penalty
6.24.
The Authority hereby imposes a total financial penalty of £531,600 (rounded down
to the nearest £100).
7.
PROCEDURAL MATTERS
7.1.
This Notice is given to Sigma under and in accordance with section 390 of the Act.
7.2.
The following statutory rights are important.
Decision maker
7.3.
The decision which gave rise to the obligation to give this Notice was made by the
Settlement Decision Makers.
Manner and time for payment
7.4.
The financial penalty must be paid in full by Sigma to the Authority no later than 28
October 2022.
If the financial penalty is not paid
7.5.
If all or any of the financial penalty is outstanding on 28 October 2022, the Authority
may recover the outstanding amount as a debt owed by Sigma and due to the
Authority.
7.6.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of information
about the matter to which this notice relates. Under those provisions, the Authority
must publish such information about the matter to which this notice relates as the
Authority considers appropriate. The information may be published in such manner
as the Authority considers appropriate. However, the Authority may not publish
information if such publication would, in the opinion of the Authority, be unfair to you
or prejudicial to the interests of consumers or detrimental to the stability of the UK
financial system.
7.7.
The Authority intends to publish such information about the matter to which this Final
Notice relates as it considers appropriate.
Authority contacts
7.8.
For more information concerning this matter generally, contact Kerri Scott at the
Authority (direct line: 020 7066 4620/email: Kerri.Scott@fca.org.uk).
Head of Department, Enforcement and Market Oversight Division
ANNEX A
RELEVANT STATUTORY PROVISIONS
The Financial Services and Markets Act 2000 (“the Act”)
The Authority’s operational objectives
1.
The Authority’s operational objectives are set out in section 1B(3) of the Act and include
securing an appropriate degree of protection for consumers and protecting and
enhancing the integrity of the UK financial system.
Section 206 of the Act
2.
Section 206 of the Act provides the Authority with the power to impose a financial
penalty on an authorised person, of such an amount as it considers appropriate, if it
considers that the authorised person has contravened a relevant requirement.
Regulation (EU) No 596/2014 (“EU MAR”)
3.
Article 16(2) of EU MAR provides: “Any person professionally arranging or executing
transactions shall establish and maintain effective arrangements, systems and
procedures to detect and report suspicious orders and transactions. Where such a
person has a reasonable suspicion that an order or transaction in any financial
instrument, whether placed or executed on or outside a trading venue, could constitute
insider dealing, market manipulation or attempted insider dealing or market
manipulation, the person shall notify the competent authority as referred to in
paragraph 3 without delay.”
RELEVANT REGULATORY PROVISIONS
The Authority’s Handbook of Rules and Guidance
4.
In exercising its powers to impose a financial penalty, the Authority must have regard
to the relevant regulatory provisions in the Authority’s Handbook of rules and guidance
(the “Handbook”). The main provisions that the Authority considers relevant are set out
below.
Principles for Businesses (“PRIN”)
5.
The Principles are a general statement of the fundamental obligations of firms under
the regulatory system and are set out in the Handbook. They derive their authority from
the Authority’s rulemaking powers as set out in the Act and reflect the Authority’s
regulatory objectives. They can be accessed here:
6.
Principle 3 provides: “A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.”
Senior management arrangements, systems and controls (SYSC)
7.
The following provisions of SYSC (relevant to the facts relied on in this notice) were in
force during the Relevant Period.
8.
SYSC 2.1.1R provided that:
“A firm must take reasonable care to maintain a clear and appropriate
apportionment of significant responsibilities among its directors and senior
managers in such a way that:
(1) it is clear who has which of those responsibilities; and
(2) the business and affairs of the firm can be adequately monitored and
controlled by the directors, relevant senior managers and governing body of
the firm.
9.
SYSC 2.1.3R provided that:
“A firm […] must appropriately allocate to one or more individuals, in accordance
with SYSC 2.1.4 R, the functions of:
(1) dealing with the apportionment of responsibilities under SYSC 2.1.1 R;
and
(2) overseeing the establishment and maintenance of systems and controls
under SYSC 3.1.1 R.”
10.
SYSC 2.1.4R provided that [so far as applicable to Sigma] both functions within SYSC
2.1.3R must be allocated to the firm’s chief executive, but in default of this they will fall
to the firm’s directors and senior managers.
11.
SYSC 6.1.1R provided that:
“A firm must establish, implement and maintain adequate policies and procedures
sufficient to ensure compliance of the firm including its managers, employees and
appointed representatives (or where applicable, tied agents) with its obligations
under the regulatory system and for countering the risk that the firm might be
used to further financial crime.”
12.
SYSC 6.1.2R provided that:
“A common platform firm and a management company must, taking into account
the nature, scale and complexity of its business, and the nature and range of
financial services and activities undertaken in the course of that business,
establish, implement and maintain adequate policies and procedures designed to
detect any risk of failure by the firm to comply with its obligations under the
regulatory system, as well as associated risks, and put in place adequate
measures and procedures designed to minimise such risks and to enable the
appropriate regulator to exercise its powers effectively under the regulatory
13.
SYSC 6.1.3R provided that:
“A common platform firm and a management company must maintain a
permanent and effective compliance function which operates independently and
which has the following responsibilities:
(1) to monitor and, on a regular basis, to assess the adequacy and
effectiveness of the measures and procedures put in place in accordance
with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the
firm's compliance with its obligations; and
(2) to advise and assist the relevant persons responsible for carrying out
regulated activities to comply with the firm's obligations under the regulatory
system.”
14.
SYSC 6.1.4R provided that:
“In order to enable the compliance function to discharge its responsibilities
properly and independently, a common platform firm and a management company
must ensure that the following conditions are satisfied:
(1) the compliance function must have the necessary authority, resources,
expertise and access to all relevant information;
(2) a compliance officer must be appointed and must be responsible for the
compliance function and for any reporting as to compliance required by SYSC
4.3.2 R; […]
15.
SYSC 4.3.2R provides:
“A common platform firm […], must ensure that:
(1) its senior personnel receive on a frequent basis, and at least annually,
written reports on the matters covered by SYSC 6.1.2R to SYSC 6.1.5R, […];
and
(2) the supervisory function, if any, receives on a regular basis written
reports on the same matters.”
Supervision Manual (“SUP”)
16.
SUP sets out the relationship between the Authority and authorised persons (referred
to in the Handbook as firms). The following provisions of SUP were in force during the
Relevant Period.
17.
SUP 15.10.2R provided that “A firm which arranges or executes a transaction with or
for a client and which has reasonable grounds to suspect that the transaction might
constitute market abuse must notify the FCA without delay.” This rule applied from 6
February 2014 to 2 July 2016.
18.
SUP 15.10.3R provided that, in applying SUP 15.10.2R, a firm "must decide on a case-
by-case basis whether there are reasonable grounds for suspecting that a transaction
involves market abuse, taking into account the elements constituting market abuse."
19.
SUP 15.10.2A EU records that Article 16 of EU MAR applied from 3 July 2016 to date,
in place of SUP 15.10.2R.
20.
SUP 17.1.4R provided that “A firm which executes a transaction: (1) in any financial
instrument admitted to trading on a regulated market or a prescribed market (whether
or not the transaction was carried out on such a market); or (2) in any OTC derivative
the value of which is derived from, or which is otherwise dependent upon, an equity or
debt-related financial instrument which is admitted to trading on a regulated market or
on a prescribed market; must report the details of the transaction to the FCA.” This rule
applied from 1 April 2013 to 2 January 2018.
21.
SUP 17.4.1 EU provided that “Reports of transactions made in accordance with Articles
25 (3) and (5) of MiFID shall contain the information specified in SUP 17 Annex 1 EU
which is relevant to the type of financial instrument in question and which the FCA
declares is not already in its possession or is not available to it by other means.” This
rule applied from 1 April 2013 to 2 January 2018.
Conduct of Business Sourcebook (“COBS”)
22.
COBS applies to a firm with respect to designated investment business carried on from
an establishment maintained by it, or its appointed representative, in the United
Kingdom and activities connected with them.
23.
The following provisions of COBS applied to Sigma during the Relevant Period.
24.
COBS 11.8.5R provides:
“A firm must take reasonable steps to record relevant telephone conversations,
and keep a copy of relevant electronic communications, made with, sent from or
received on equipment:
(1) provided by the firm to an employee or contractor; or
(2) the use of which by an employee or contractor has been sanctioned or
permitted by the firm;
to enable that employee or contractor to carry out any of the activities
referred to in COBS 11.8.1R.”
25.
COBS 11.8.5AR requires a firm take reasonable steps to prevent an employee or
contractor from making, sending or receiving relevant telephone conversations and
electronic communications on privately-owned equipment which the firm is unable to
record or copy.
Decision Procedure and Penalties Manual (“DEPP”)
26.
Chapter 6 of DEPP, which forms part of the Authority’s Handbook, sets out the
Authority’s policy for imposing a financial penalty. DEPP 6.5A sets out the details of the
five-step framework that applies to financial penalties imposed on firms, which can be
accessed here:
27.
EG sets out the Authority's approach to financial penalties and public censures is set
out in Chapter 7 of EG, which can be accessed here:
PUBLIC STATEMENTS
28.
The Authority has made public statements about the standards that are expected of
firms in relation to market abuse, and their obligation to submit suspicious transaction
reports (“STRs”) to the Authority.
29.
The Authority published two papers during the Relevant Period setting out observations
from suspicious transaction reporting supervisory visits.
30.
The first, Market Watch 48, published in June 2015, set out observations from the
Authority’s suspicious transaction reporting supervisory visits including:
•
the consideration of a detailed risk assessment of the market abuse risks to
which a firm may be exposed prior to designing a surveillance programme was
important to the effectiveness of the surveillance programme;
•
under-investment in training of front office staff was noted across several firms,
which led to a low level of understanding and commensurately low reporting of
potential incidents of market abuse;
•
where firms had undocumented reporting to heads of desk or business
management, the Authority observed it had led to conflicts of interest, lack of
audit trail and potentially inadequate challenge on decisions not to submit STRs.
31.
The second, Market Watch 50, published in April 2016, set out further observations from
the Authority’s supervisory visits including:
a. the importance of a well-resourced and independent second surveillance
function in order to provide genuine challenge to the business was highlighted;
b. forewarning of changes brought in by the EU MAR including, the requirement
for firms and other persons to report suspicious orders and attempted
behaviours as well as suspicious transactions
32.
Market Watch 48 and 50 can be accessed here:
33.
The Authority published guidance on 6 February 2015, FG/15/3 which clarified certain
requirements of firms, including that the transaction reports a firm sends for its
transactions must accurately reflect the change in the position for the firm and its
client(s) resulting from the transactions.
34.
The Authority publishes guidance concerning transaction reporting, highlighting the
importance of data accuracy, which includes its Transaction Reporting User Pack which
can be accessed here:
1.
ACTION
1.1.
For the reasons given in this Decision Notice, the Authority hereby imposes on Sigma
Broking Limited (“Sigma”) a financial penalty of £531,600 pursuant to section 206 of
the Act.
1.2.
Sigma agreed to resolve this matter and qualified for a 10% discount under the
Authority’s executive settlement procedures. Were it not for this discount, the
Authority would have imposed a financial penalty of £590,700 on Sigma.
2.
SUMMARY OF REASONS
2.1.
The Authority proposes taking this action because (a) in the period from 1 December
2014 to 12 August 2016, Sigma contravened SUP 17.1.4R and SUP 17.4.1 EU/SUP
17 Annex 1 EU; (b) in the period 21 April 2015 to 2 July 2016, Sigma contravened
SUP 15.10.2R and from 3 July 2016 to 12 August 2016, Sigma contravened Article
16 (2) of EU MAR (all periods taken together as the “Relevant Period”), and (c)
throughout the Relevant Period Sigma breached Principle 3 of the Authority’s
Principles for Businesses (“the Principles”).
Sigma’s business and the background to its failings
2.2.
Sigma is a privately-owned brokerage firm which provides its customers with a range
of services, including access to trading worldwide through its platform.
2.3.
Between 2008 and late 2014, Sigma’s core business was offering its customers
futures and options trading. But in December 2014, Sigma expanded its business to
include, amongst other products, contracts for difference (“CFDs”) and Spread-Bets
referenced to the share-price of listed companies, by recruiting several brokers and
establishing a desk which provided these products to its customers (“the CFD desk”).
2.4.
CFDs and Spread-Bets are high-risk, complex financial products. Given their high
leverage, they are particularly attractive to those seeking to commit market abuse,
including insider trading. Leverage means that it is possible to gain or lose
significantly more than the sum staked. However, if, as in the case of an insider
trader, the client has non-public information that a stock will move in a certain
direction, there is no risk of loss. Despite being aware of the significant change to
the risk profile of its business, Sigma did not perform an adequate risk assessment,
or engage in any other meaningful preparations to ensure its compliance with
regulatory standards prior to expanding its business into these new areas.
2.5.
Furthermore, throughout the Relevant Period, Sigma’s governing body, its board of
directors (“the Board”), failed to take fundamental steps, such as holding regular
board meetings where directors were provided with adequate management
information and ensuring the Board’s decisions were recorded by written minutes, to
enable it to perform its governance role effectively.
2.6.
The Board also failed to establish, oversee and resource an effective compliance
function, and failed to identify and address serious and systemic failures in relation
to Sigma’s market abuse systems and controls and transaction reporting obligations,
in respect of the CFD desk.
2.7.
Sigma’s
Compliance
Department
operated
without
clear
reporting
lines,
apportionment of responsibilities or appropriately qualified staff and failed to ensure
that the firm had adequate policies and procedures in place in relation to the conduct
of its CFD desk brokers. Such policies as were in place were not properly
communicated to, or adequate steps taken to ensure their observance by, its
brokers.
3
2.8.
During the Relevant Period SUP 17 required firms entering into reportable
transactions to send accurate and complete transaction reports to the Authority on
a timely basis. These reports were required to contain mandatory details of those
transactions. The Authority relies on firms to submit complete and accurate
transaction reports to enable it to carry out effective market surveillance and to
detect and investigate cases of market abuse, insider dealing, market manipulation
and financial crime. As such, these transaction reports are an essential tool in
assisting the Authority to meet its objective of protecting and enhancing the integrity
of the UK’s financial system.
2.9.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and
Spread-Bet products using a “matched principal” methodology. For each trade
executed, two trades were in fact carried out. While Sigma reported the first leg of
the trade, it did not report the second client-side transaction. Additionally, Sigma
failed to accurately report a number of other CFD transactions. As a result, during
the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to accurately
report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated 56,000
transactions.
Breaches of SUP 15 and Article 16(2) EU MAR
2.10.
A cornerstone of the regime in place to protect markets from abuse is the
requirement on firms to identify where there are reasonable grounds to suspect
market abuse has occurred and to submit Suspicious Transaction and Order Reports
(“STORs”) to the Authority (Suspicious Transaction Reports (“STRs”) before 3 July
2016). These are a critical source of intelligence for the Authority in identifying
possible market abuse.
2.11.
During the period from 21 April 2015 to 2 July 2016, Sigma contravened SUP
15.10.2R, and thereafter until the end of the Relevant Period Article 16 (2) EU MAR,
by failing to identify 97 suspicious transactions or orders, which likely would have
been reported collectively to the Authority as 24 STRs/STORs.
2.12.
In fact, during the Relevant Period Sigma did not report a single STR/STOR to the
Authority.
2.13.
During the Relevant Period, Sigma breached Principle 3 by failing to organise and
control its affairs responsibly and effectively with adequate risk management
systems in relation to the business activities of the CFD desk generally, and
specifically its compliance with the Authority’s MiFID transaction reporting
requirements.
2.14.
Many of these failings originated in the wholly inadequate governance and oversight
provided by Sigma’s governing body, namely its Board comprising of its three
directors.
2.15.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems
and controls, to enable its Board to review in a structured fashion the business
activities of the CFD desk. In particular, Sigma failed to:
(1)
Conduct Board meetings with sufficient regularity to enable the Board’s
effective oversight of the CFD desk’s business activities by its directors;
(2)
Maintain Board minutes that recorded attendees, the matters discussed, the
nature of any challenges made and decisions reached, sufficient to demonstrate
effective oversight of the CFD desk by its directors;
(3)
Obtain and circulate to members of the Board prior to its meetings, adequate
management information regarding the business of the CFD desk, sufficient to
enable its activities to be effectively reviewed by its directors, and any issues
of concern identified, challenged and any remedial measures proposed and
monitored;
(4)
Undertake an adequate risk assessment prior to the commencement of the CFD
desk’s business activities, sufficient to enable its directors to review and
understand the regulatory requirements and market conduct risks associated
with such activities, and to prepare accordingly;
(5)
Ensure that those directors with responsibility for compliance oversight and
money laundering reporting had the necessary skills and training to perform,
and were effectively performing, those functions;
(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and proper
functioning of the Compliance Department, including the implementation of
policies and procedures, as pertaining to the business of the CFD desk.
2.16.
Throughout the Relevant Period, the Board failed to review or approve any policies
and procedures describing the CFD desk’s reporting and monitoring activities. Nor
did the Board receive any, or any adequate, reports on the nature of any transaction
monitoring, the numbers of suspicious transactions that were being escalated from
the CFD desk to compliance, or the number of STRs or STORs that had been
submitted to the Authority.
2.17.
Sigma’s arrangements in this regard were wholly inadequate to furnish the Board
with the information it needed to play its part in identifying, measuring, managing
and controlling the risks associated with the CFD desk’s activities such as market
abuse, insider dealing, market manipulation and financial crime.
2.18.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance
function. In particular, Sigma failed to:
(1)
Adequately record and monitor the performance of those of Mr Tomlin’s
responsibilities, as CF10 (Compliance oversight), that had been delegated to
Sigma’s Chief Executive, Mr Tyson;
(2)
Adequately record and communicate the roles and responsibilities of its
Compliance Department staff, and those employed on the CFD desk who
assisted in certain compliance related activities, such that these were clear and
properly understood;
(3)
Ensure that the Compliance Department had in place adequate policies and
procedures in relation to the conduct of brokers on the CFD desk, and that
these were effectively communicated and their observance monitored;
(4)
Ensure that those staff responsible for transaction reporting were provided with
clear policies and procedures, and sufficient training and guidance, such that
they could properly discharge their responsibilities;
(5)
Ensure that it had effective systems, including clear reporting lines and written
policies and procedures, in place such that it could comply with its post-trade
transaction monitoring obligations, including the appropriate and timely
escalation of potentially suspicious transactions on the CFD desk, and that
these remained effective as the volume of the CFD desk’s transactions
increased;
(6)
Ensure that it had taken adequate preparatory steps for the introduction of EU
MAR in July 2016, despite the fundamental importance of EU MAR to the
detection and reporting of market abuse.
2.19.
By failing to manage its potential exposure to market abuse, insider dealing, market
manipulation and related financial crime, Sigma also breached SYSC 6.1.1R.
2.20.
The Authority considers Sigma’s failings to be serious because they inhibited the
Authority’s ability to conduct effective surveillance of the market and to detect
potential insider dealing and market abuse. Furthermore, Sigma’s failure to submit
an estimated 56,000 transaction reports, and to identify 97 suspicious transactions
or orders, which would likely have been reported collectively to the Authority as 24
STRs/STORs, significantly increased the risk that potentially suspicious trading and
financial crime would go undetected by the Authority.
2.21.
The Authority hereby imposes a financial penalty on Sigma in the amount of
£531,600 pursuant to section 206 of the Act.
3.
DEFINITIONS
3.1.
The definitions below are used in this Notice:
“the Act” means the Financial Services and Markets Act 2000;
“the ARM” means Approved Reporting Mechanism, an entity permitted to submit
transaction reports on behalf of an investment firm;
“the Authority” means the Financial Conduct Authority;
“the Board” and/or “directors” means Sigma’s board of directors, comprising, during
the Relevant Period, Mr Simon Tyson, Mr Stephen John Tomlin and Mr Matthew
Charles Kent;
“Contract for Difference” or “CFD” means a contract between two parties (a CFD
provider and a client) to pay each other the change in the price of an underlying
asset. At the expiry of the contract, the parties exchange the difference between the
opening and closing prices of a specified financial instrument, such as shares, without
owning the specified financial instrument;
“the CFD desk” means the part of Sigma’s business offering CFDs and Spread-Bets
to its customers and those employed, or otherwise retained, by Sigma to do so.
Where the term “CFD desk brokers” or “brokers” is used in this notice any facts or
findings should not be read as relating to all such persons, or even necessarily any
particular person, in that group;
“DEPP” means the Decision Procedure and Penalties Manual part of the Handbook;
“F&O” means futures and options;
7
“Handbook” means the Authority’s Handbook of Rules and Guidance;
“EU MAR” means Regulation (EU) No 596/2014 of the European Parliament and of
the Council of 16 April 2014 on market abuse;
“MRT” means the Authority’s Markets Reporting Team;
“MiFID II” means Directive 2014/65/EU of the European Parliament and of the
Council of 15 May 2014 on markets in financial instruments;
“Principle” means one of the Authority’s Principles for Businesses;
“RDC” means the Regulatory Decisions Committee of the Authority (see further under
Procedural Matters below);
“Relevant Period” means the period from 1 December 2014 to 12 August 2016;
“SAR” means a suspicious activity report, a report of suspected money laundering to
be made by financial institutions, amongst others, to the National Crime Agency as
required by Part 7 of the Proceeds of Crime Act 2002;
“Sigma” means Sigma Broking Limited;
“Spread-Bet” means a contract between a provider, such as Sigma, and a client
which takes the form of a bet as to whether the price of an underlying asset (such
as an equity) will rise or fall. A client who spread-bets does not own, for example,
the physical share, he simply bets on the direction he thinks the share price will
move;
“STOR” means a suspicious transaction and order report providing notification to the
Authority in accordance with Article 16(2) of EU MAR;
“STR” means a suspicious transaction report providing notification to the Authority
in accordance with SUP 15.10.2 R;
“SUP” means the Authority’s Supervision Manual;
“SYSC” means the Authority’s Senior Management Arrangements Systems and
Controls Sourcebook;
“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber); and
“TRUP” means the Transaction Reporting User Pack, the Authority’s guidance on
transaction reporting which was released in several versions. Version 1 became
effective from November 2007; version 2 became effective from 21 September 2009;
version 3 became effective from 1 March 2012; and version 3.1 became effective
from 6 February 2015.
4.
FACTS AND MATTERS
4.1.
Sigma is, and was during the Relevant Period, a brokerage firm authorised by the
Authority. It provides its customers with a range of services, including access to
worldwide exchanges through its trading platform.
4.2.
During the Relevant Period, almost all of Sigma’s trading was carried out by
customers instructing a Sigma broker by telephone, email or Bloomberg messenger,
with only a very few customers using direct market access.
4.3.
In December 2014, Sigma expanded its business, beyond its core service of F&O
provided to funds and institutions, and established its CFD desk which offered CFDs
and Spread-Bets to a customer base largely comprised of high net worth individuals.
4.4.
In order to grow the CFD desk’s business, during the early part of 2015, Sigma
recruited several brokers with their own established customer bases, whose
remuneration was to a very large extent determined by the levels of fees that they
generated rather than a fixed basic salary.
4.5.
The number of CFD trades executed by Sigma increased steadily following the
implementation of the CFD desk in December 2014. In the first quarter of 2015,
Sigma executed 1911 transactions, this number rose to 5,757 transactions in the
first quarter of 2016. Despite having up to 100 positions open per day by 2016,
Sigma’s trade surveillance remained entirely manual; neither automatic electronic
monitoring tools, nor basic case management software, were used to facilitate
monitoring of the trading activity or to maintain an audit trail. As a result, Sigma
failed to identify transactions which were potentially suspicious.
4.6.
In January 2016, the Authority became aware of transaction reporting anomalies at
Sigma, leading to the discovery that Sigma had failed to report any of the equity CFD
and Spread-Bet transactions it had executed with its clients since the inception of its
CFD desk in December 2014, and that it had never submitted an STR to the Authority.
A supervisory visit to Sigma in June 2016, identified further causes for concern as to
whether Sigma was complying with regulatory standards.
4.7.
On 12 August 2016, in response to the concerns identified by Supervision, Sigma
voluntarily applied to the Authority for the imposition of certain restrictions on its
permissions relating to the CFD desk.
Sigma’s systems and controls
Board governance
4.8.
During the Relevant Period, the Board comprised three directors: Simon Tyson, who
was approved to perform the CF3 (Chief Executive), CF1 (Director) and CF11 (Money
laundering reporting) controlled functions; Matthew Kent, who was approved to
perform the CF1 (Director) controlled function and Steven Tomlin, who was approved
to perform the CF1 (Director) and CF10 (Compliance oversight) controlled functions.
4.9.
During the Relevant Period, Sigma’s Board did not formally and regularly meet.
Sigma described holding informal meetings with “ad-hoc discussions held between
each director and other members of senior staff”. No formal minutes were maintained
of such meetings. As a result, there exists no record of attendees, the matters
discussed, the nature of any challenges made or decisions reached. Accordingly,
Sigma was unable to demonstrate the proper functioning of its Board or its effective
oversight of the activities of the CFD desk.
4.10.
Nor did the Board operate under any terms of reference describing its procedures
and responsibilities, or any similar such document, against which Sigma’s directors
could measure whether they were complying with them and providing effective
governance oversight.
Management information
4.11.
On those occasions when the Board met during the Relevant Period, they were not
provided with structured management information to enable them to understand the
business of the CFD desk, such that its activities could be reviewed, any issues of
concern identified and any remedial measures proposed and monitored. Sigma was
unable to provide the Authority with any board packs or briefing notes, or records of
any occasion when employees, such as those working in compliance, had briefed
members of the Board on the operations of the CFD desk.
4.12.
During the Relevant Period, the Board received no formal written reports from the
CF10 or the CF11 on matters relating to their areas of oversight. If they provided
oral briefings to the Board there is no adequate record of what was said or any
decisions that were reached to progress the concerns raised, because no minutes
were taken.
4.13.
Starting in January 2015, a member of staff in the Compliance Department produced
quarterly updates intended for the Board, largely outlining required actions. But there
is no evidence that the Board used these updates effectively to monitor and oversee
progress on the matters of concern that were raised.
4.14.
Sigma maintained a Risk Register, but there is no evidence that the Board, formally
or informally, used the register effectively to monitor and oversee risks to the
business. For example, a risk entered in December 2014 was a lack of up to date
and/or comprehensive policies and procedures. The control in place to address this
risk purported to be that procedures were either in place or being put in place to
ensure Sigma was compliant with current regulatory requirements. This risk was
classified as “critical” which the Risk Register defined as a “high likelihood of
regulatory censure and/or remedial action requiring significant expenditure or
timescale.” The Risk Register recorded this as a high risk which must be subject to
audit review. Despite the seriousness of these concerns, there is no evidence that
during the Relevant Period the Board monitored this risk or recorded the steps being
taken towards comprehensive policies being put in place.
4.15.
That remedial work was required in respect of Sigma’s governance, and its policies
and procedures over aspects of its business, including the CFD desk, had been set
out in a memo sent by a senior Sigma employee to Messrs Tyson, Tomlin and Kent
on 28 November 2014. The memo recorded, amongst other matters, a need to:
a)
“Review and update [Sigma’s] compliance manual and all associated policies
(for approval by Board) to ensure that Bonds and CFDs are included”;
b)
“Review primary compliance policies/procedures including the compliance
monitoring plan (especially in the context of the new businesses)”;
c)
“Recommend (and if necessary assist in the implementation of) appropriate
Governance procedures/practices for [Sigma] both at Board and Committee
level including org/structure charts and information flow”; and
d)
Under
the
heading
CFD
desk,
“Progress/draft
all
third-party
documents/agreements as well as all internal Compliance/Risk Policies and
Procedures.”
4.16.
Despite these concerns being brought directly to the Board’s attention, there is no
evidence that it sought to monitor progress on any of these areas in a structured
manner, or at all, or to seek regular updates from those members of staff delegated
to carry out these tasks.
Allocation and performance of controlled functions
4.17.
Although the controlled functions referred to above in paragraph 4.8 were nominally
assigned amongst the Board directors, they were allocated with little regard to each
director’s capabilities, training or previous experience.
4.18.
Mr Tomlin was appointed to, and performed, the CF10 controlled function of Sigma
from 10 August 2008. He did so with reluctance due to his lack of any previous
experience of the CF10 role, but accepted it nevertheless because there was no other
suitably qualified person within Sigma to do so. Prior to the supervisory visit he had
not, for example, received any training on transaction reporting.
4.19.
Throughout the Relevant Period, Mr Tomlin’s CF10 responsibilities included oversight
of the CFD desk. Mr Tomlin explained during an interview with the Authority that,
due to his experience in the industry, he had been comfortable performing the CF10
role overseeing Sigma’s F&O business, but he had never been comfortable doing so
over the business of the CFD desk. He had seen it as a necessity that served the
purpose for a limited period until he could pass it to someone with more appropriate
experience than himself.
4.20.
Mr Tyson was appointed to, and during the Relevant Period performed, the CF11
controlled function despite having no relevant qualifications, or having undertaken
any training, such as in relation to SARs, financial crime or market abuse, to enable
him properly to do so.
4.21.
In relation to the CF10 and CF11 controlled functions, Mr Tyson stated that he had
wanted both himself and Mr Tomlin to stop performing these roles because “it was
not a fair reflection of who did the work on a day-to-day basis and who had the
relevant knowledge within the firm”.
4.22.
Beyond the allocation of these controlled functions, there was no clear allocation of
responsibilities amongst the Board directors, for example by way of a statement of
responsibilities or employment contract, that set out the expectations of each director
in the performance of their controlled functions, over the various parts of Sigma’s
business.
4.23.
From 2009, Mr Tyson involved himself fully in the day-to-day running of the firm,
with Mr Tomlin doing so to a lesser extent.
4.24.
Mr Kent largely restricted his involvement in the firm to strategic decisions and
developing business relationships.
4.25.
In an email sent by Mr Tyson copied to Mr Tomlin on 21 October 2014, with the
subject “Re: Compliance and FCA related matters”, he wrote “Re: CF10 and CF11
positions - I will be assuming the CF10 position whilst keeping the CF11 position. It
is not proposed as a swap”. But there was no clarification or formalisation of whether
this proposal related to all CF10 responsibilities or those related solely to the CFD
desk or indeed from when it was to be effective.
4.26.
A further email sent by the Board to all staff in September 2015 announced that
“Simon Tyson will now become responsible for Compliance Oversight (CF10) for both
Sigma Broking and Sigma Americas”.
4.27.
But Sigma did not notify the Authority or seek its approval for any such transfer of
responsibilities for the performance of the CF10 function, and Mr Tomlin remained
the person approved to perform that function throughout the Relevant Period.
Risk assessment prior to commencement of the CFD desk’s activities
4.28.
CFDs and Spread-Bets are higher risk products. Their leveraged nature makes them
particularly attractive to those seeking to commit market abuse, including insider
trading. Sigma recognised this. Despite this significant change to the risk profile of
the business, Sigma failed to perform an adequate risk assessment prior to
expanding into this higher risk business area.
4.29.
The Board had no prior experience or expertise of CFDs and Spread-Bets and did not
take any steps to educate themselves about these products or to anticipate and
manage the associated risks. For example, compliance resourcing at Sigma remained
unchanged, and no additional training was provided for staff overseeing that aspect
of Sigma’s business.
Compliance oversight and delegation of responsibilities
4.30.
During an interview with the Authority, Mr Tyson acknowledged his own limited
understanding of the activities of the CFD desk but claimed that oversight of its
activities had been appropriately delegated to employees within the legal and
compliance departments. But such delegations, as may have been made, were not
clearly documented with the result that there was uncertainty over which
responsibilities had been delegated and to whom.
4.31.
One of those to whom Mr Tyson said compliance responsibilities had been delegated
was Mr A, a senior lawyer who had performed the CF10 and CF11 functions while at
previous firms which offered CFDs and Spread-Bets to their customers. Mr A joined
Sigma in mid-2014 initially as a consultant and as a permanent employee from early
2015. Another was a more junior employee within the Compliance Department, Mr
B.
4.32.
Mr Tyson stated that “[Mr A] had two roles with the firm, one was to advise and deal
with any legal matters in his function as a practising lawyer. The other was to advise,
implement and run the Compliance Department within Sigma … We as a firm brought
in what we considered at the time the appropriate skills and knowledge into the firm
in the light of the new business unit … So [Mr A] having held CF10, CF11 functions
at [two firms], we deemed that knowledge and experience as being exactly what we
needed to, sort of, plug the gap that we had”. Mr Tyson observed “I think we didn’t
rely on Steve [Tomlin] to perform that function [CF10]. We relied on the external
compliance consultancy firms before we hired [Mr A]”.
4.33.
Mr A, however, told the Authority that he did not have a role in relation to compliance
other than to give legal advice on regulatory matters. He said that his potentially
taking a Head of Compliance role was discussed but he never agreed to do so.
4.34.
Mr Tyson said that as to the performance of his CF11 role, for oversight of Sigma’s
compliance with the Authority's rules on systems and controls against money
laundering, he relied on Mr A for the “day-to-day of that”.
4.35.
Sigma was unable to provide the Authority with a signed and agreed job description
setting out Mr A’s responsibilities for compliance, or financial crime, matters
delegated to him by Mr Tomlin, or by the Board, or more generally in relation to his
responsibilities for the activities of the Compliance Department. A draft employment
contract was exchanged between Sigma and Mr A on 17 February 2015 which
described his role as “General Counsel & Chief Compliance Officer”. Correspondence
between Mr A and Messrs Tyson, Tomlin and Kent in November 2014 demonstrates
that Mr A was communicating with them regarding both legal and compliance
matters.
4.36.
Mr Tomlin stated that the CFD desk fell entirely outside his CF10 responsibilities and
that he was not involved in compliance issues that arose in that part of the business.
He did not know what systems and controls were in place regarding surveillance of
the CFD desk or what practical arrangements were in place to investigate potentially
suspicious trades. He did not know who was responsible for suspicious transaction
reporting on the CFD desk, and was unaware of any STRs or STORs that Sigma may
have submitted arising from its activities. The CFD desk was, Mr Tomlin said, “run as
a separate company by Simon [Tyson]”.
4.37.
During the Relevant Period, Mr B was the only employee in Sigma’s Compliance
Department. He had no prior experience of CFDs, and considered that his
responsibilities were restricted to Sigma’s F&O activities. Mr B said that the CFD desk
managed its own compliance issues, including market abuse surveillance and
transaction reporting, “on desk” with day-to-day compliance responsibilities
apportioned between Mr A and an individual, Mr C, who was involved in risk
monitoring for the CFD desk. He believed that Mr Tyson approved the arrangement.
4.38.
Mr A, however, said that Mr B, as compliance officer had overall responsibility for
compliance and monitoring for market abuse. Mr C denied responsibility for market
abuse surveillance and said that this was Mr B’s responsibility, he described his role
as making risk-based decisions around leverage and margin calls and liaising with
Sigma’s hedging counterparties.
4.39.
Whatever the situation was in practice, or individuals’ understanding of their own or
others’ responsibilities, the arrangements were unclear and confused and none of
these arrangements or divisions of responsibility were adequately documented by
Sigma.
4.40.
There is no evidence that the CFD desk’s trading system was used by Sigma’s
Compliance Department to perform any real-time trade surveillance, nor was there
any automated monitoring system in place to enable it to conduct effective post-
trade surveillance. Sigma did not even use basic management software, such as a
spreadsheet, to facilitate monitoring of the trading activity or to maintain an audit
trail.
4.41.
Sigma did not recruit suitably qualified compliance staff to, or provide necessary
training to those employed within, the Compliance Department and it remained
insufficiently resourced throughout the Relevant Period to enable it to adequately
monitor the growing business of the CFD desk. Concerns over inadequate and
ineffective compliance resourcing were not effectively escalated and the situation
was not remedied.
4.42.
During the Relevant Period, Sigma had in place a policy document called the
Compliance Monitoring Programme (“CMP”) which described its purpose as one of
the means by which Sigma could monitor its activities on a periodic basis in order to
ensure that it remained in compliance with all relevant rules and regulations and to
identify areas of weakness or non-compliance.
4.43.
According to the CMP, at Sigma, “Monitoring is performed on a regular basis and the
results submitted to senior management for review and to ensure prompt action to
correct any deficiencies or breaches identified”.
4.44.
The CMP also provided that “Findings and recommendations arising from completed
monitoring are circulated to the Board and line management where appropriate. The
Compliance Officer reports monthly to the Management Committee and includes in
his report any appropriate monitoring matters”. Sigma was unable to demonstrate
that it complied with these standards of reporting and monitoring.
4.45.
The CMP explained that it was divided into separate tests, which were conducted on
four different levels of frequency: monthly, quarterly, semi-annually and annually to
reflect the current assessment of operational and regulatory risk associated with each
underlying activity. It observed that it was important to evidence the application of
Sigma’s CMP with supporting documentation.
4.46.
Amongst many other matters identified by the CMP in its “High Level Programme for
2014” were quarterly monitoring of money laundering and financial crime processes,
to include a review of a suspicious activity reporting register, and of market conduct
to prevent the firm being a conduit for market abuse, and daily monitoring to ensure
all transactions conducted by telephone were recorded.
4.47.
The Business Standards section of the CMP gave “Market Conduct” a medium risk
rating in August 2014, with monitoring recorded as quarterly, giving the reason for
this as: “The FCA has raised concerns in issued guidance, Market Watch publications
and numerous speeches that all regulated entities are in the current climate, more
at risk of conducting or being a conduit in the performance of market abuse”.
4.48.
Sigma was unable to provide any supporting documentation to evidence that any
quarterly monitoring of the CFD desk’s activities occurred, as envisaged by the CMP,
which was then reported to the Board or to senior management. During the Relevant
Period Sigma did not monitor telephone conversations, daily or at all.
CFD desk policies and monitoring of broker conduct
4.49.
Sigma was unable to provide the Authority with a clear picture of which policies and
procedures, such as desk-manuals, it had in place with respect to the activities of
the CFD desk during the Relevant Period. Many areas which should have been
covered by written policies appear to have had no written policies in place, and of
those policy documents provided by Sigma, many did not record when they were
implemented or when they may have been revised, if at all.
4.50.
The following are examples of some of these deficiencies:
•
There was no formal written procedure or policy in place regarding the
escalation or consideration of STRs/STORs from the CFD desk, Sigma’s Market
Conduct Policy & Procedure referred only to procedures for reporting a SAR if a
suspicious transaction was identified;
•
During the Relevant Period, Sigma did not monitor any telephone
conversations, contrary to its own compliance policy;
•
There were no formal written policies in place prohibiting the use of unrecorded
devices to take instructions from Sigma’s customers, or any training provided
on restrictions around the use of personal devices or the use of personal phones
to communicate with customers, thereby placing Sigma in breach of COBS
11.8.5AR;
•
As a result, on occasion, brokers on the CFD desk were using encrypted chat
apps on their personal mobile devices to communicate with, and take orders
from, clients without the knowledge of, or approval from, compliance.
4.51.
During the Relevant Period, there were examples of arrangements concerning certain
brokers on the CFD desk which should have been overseen and monitored, had
suitable policies and procedures been in place.
Brokers on the CFD desk had Power of Attorney (“PoA”) arrangements with clients,
which were neither declared as a conflict of interest, nor monitored by compliance.
One broker on the CFD desk had PoA over the trading account of a family member,
from whom he had received loans which totalled more than £100,000 during the
Relevant Period. These loans were not recorded in Sigma’s gifts and inducements
register or reported to compliance.
Commission based remuneration
4.52.
Against the background of these deficiencies of Sigma’s policies, its commission-
based remuneration structure incentivised brokers on the CFD desk to focus on their
trading activity, to the potential detriment of promoting the identification and
escalation of potential market abuse. Brokers on the CFD desk were not paid a salary,
but instead were entitled to up to 60% of the net revenue generated by their clients
as commission.
4.53.
Whilst such remuneration structures are not an uncommon feature within the
industry, they may bring with them conflicts that should be mitigated. For example,
brokers dependent largely on fee income may be reluctant to escalate concerns
regarding trading by high-revenue generating customers. Clear front-desk policies
and procedures and routine compliance monitoring can mitigate the risk that
suspicious trading is not escalated appropriately. During the Relevant Period Sigma
lacked any such monitoring. These conflicts were further exacerbated by the fact that
many of the brokers on the CFD desk maintained close personal relationships with
their customers, which included, as in the example above, brokers receiving personal
loans which were not declared to Sigma.
4.54.
Furthermore, Mr Tomlin’s only income from Sigma during much of the Relevant
Period was brokerage derived from his trading, creating a potential further conflict in
the performance of his CF10 function which should have been appropriately
managed.
Transaction reporting
4.55.
During the Relevant Period SUP 17 and the guidelines in the Transaction Reporting
User Pack (“TRUP”) required firms entering into reportable transactions to send
accurate and complete transaction reports to the Authority on a timely basis. These
transaction reports assist the Authority to meet its objective of protecting and
enhancing the integrity of the UK’s financial system by helping it to identify situations
of potential market abuse. Each transaction report should include, amongst other
elements: information about the financial instrument traded, the firm undertaking
the trade, the buyer and the seller, and the date and time of the trade.
4.56.
TRUP (Version 3.1 effective from 6 February 2015) at section 10.1 contains the
following guidance regarding a firm’s obligations concerning data integrity:
“We expect firm’s controls and review processes to embody Principle 3 and
comply with SYSC obligations. To assist with this, firms should validate the
accuracy and completeness of the reports they submit to the FCA by
comprehensive testing of their full reporting processes and by regularly
performing ‘end-to-end transaction reconciliations.’ We consider an ‘end to end
reconciliation to mean the reconciliation of a firm’s front-office trading records
and data against the reports it submits to its ARM(s) and against data samples
extracted from the FCA transaction report database (see section 10.1.1.).”
4.57.
Section 10.1.1. states that:
“To help check reports have been successfully submitted to us, firms can
request a sample of their transaction reports using an online form on our
website. […] We encourage firms to use this facility from time to time as part
of their review and reconciliation processes. This enables firms to compare the
reports we receive with their own front office trading records and the reports
firms (or their representatives) submit to their ARM(s). Firms should also check
the accuracy and completeness of the individual data elements within their
transaction reports, and their compliance with transaction reporting rules and
requirements, having regard to the guidance we have issued.”
4.58.
During the Relevant Period, Sigma did not make use of this facility.
4.59.
Throughout the Relevant Period, Sigma executed its client trades in CFDs and
Spread-Bet products using a “matched principle” methodology. For each trade
executed, two trades were in fact carried out. While Sigma reported the first leg of
the trade, it did not report the second, client-side transaction.
4.60.
In February 2016, the Authority’s Markets Reporting Team (“MRT”) wrote to Sigma
setting out concerns that MRT had identified regarding the completeness and
accuracy of Sigma’s transaction reporting. Following these communications, Sigma
instructed a specialist regulatory reporting firm (Firm A) to review the reports it had
submitted to the Authority across a one-week sample taken from earlier that month,
to assess their compliance with the rules in SUP, Chapter 17.
4.61.
In April 2016, Firm A reported its findings to Sigma and to the Authority. Whilst
Sigma’s F&O business, managed by Mr Tomlin, was compliant, the findings revealed
significant reporting failings in respect of the activities of the CFD desk. These failings
included, amongst others:
a mismatch between the instrument description and the derivative type in the
case of 1,314 out of 1,346 CFDs reported, from a one-week sample. The
description ended with “SB” indicating Spread Bet, although all of these trades
were CFD hedges against a brokerage firm;
CFDs were reported in GBP currency although the price stated reflected the
pence at which the stock traded (e.g. Barclays PLC reported at £164.56 instead
of 164.56p). UK stock prices need to be divided by 100 in most cases before
being reported in the major currency. This issue affected 1,257 out of 1,346
CFDs, from a one-week sample; and
Although Firm A was able to match all 383 CFD trades from Sigma’s raw data
to transactions accepted by the Authority, from a one-day sample, these trades
represented only the hedging portion of Sigma’s CFD activity, and its client-
side CFDs were not being reported as required.
4.62.
In particular, the failure to report client-side CFDs materially impacts the Authority’s
ability to carry out effective surveillance. Without client-side transaction reports, the
MRT is unable to differentiate transactions carried out by each individual and is
provided with an incomplete picture of each individual’s trading activity which may
have been conducted across a number of firms, or indeed any activity by customers
who only held accounts at Sigma.
4.63.
Mr Tyson told the Authority that Sigma’s failure to report client-side CFDs was “a
genuine misunderstanding” originating from when the CFD desk was set up.
4.64.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to
accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated
56,000 transactions.
Suspicious transaction reporting – STRs and STORs
4.65.
From the start of the Relevant Period until 2 July 2016, SUP 15.10.2 R provided that
a firm which arranges or executes a transaction with or for a client and which has
reasonable grounds to suspect that the transaction might constitute market abuse
must notify the Authority without delay; thereafter and throughout the rest of the
Relevant Period, Article 16(2) of EU MAR provided to similar effect in relation to both
suspicious orders and transactions.
4.66.
Sigma lacked an understanding of its regulatory obligations in respect of market
abuse and in particular the fundamental difference between the STR/STOR regime
and the SAR regime. Sigma did not put in place adequate policies or procedures or
deliver training to enable staff to identify and escalate suspicious transactions. As a
result, there was widespread uncertainty and misunderstanding amongst Sigma staff
as to the regulatory obligations regarding market abuse, which transactions should
be regarded as suspicious, when such transactions should be escalated, and to
whom.
Escalation of concerns regarding suspicious trading
4.67.
During the Relevant Period, there was no formal procedure or policy in place
regarding the escalation or consideration of suspicious transactions. The informal but
widely accepted custom for identifying suspicious transactions on the CFD desk
involved the front office staff verbally communicating their suspicions to senior
members of the CFD desk, who would take a personal view before deciding whether
to raise the matter verbally with Mr Tyson. Record-keeping was largely non-existent;
discussions around a suspicious transaction were not recorded, including the
rationale supporting any decision not to submit a STR/STOR.
Written procedures for the escalation of suspicious trades
4.68.
In May 2015, a senior CFD desk trader communicated by a brief email to the CFD
desk that suspicious transactions should be escalated in writing to him prior to his
discussing them with Mr A and Mr C; however, no accompanying guidance was issued
to any of the brokers to enable them to understand how to recognise a suspicious
transaction. Despite this apparent procedural change at Sigma, brokers on the CFD
desk made only eight such escalations from then until the end of the Relevant Period.
4.69.
During the Relevant Period, Sigma did not submit any STRs to the Authority.
4.70.
In correspondence with the Authority in May 2016, Sigma described responsibilities
purportedly placed on Mr C for “real-time” monitoring of the CFD desk, stating that
he had: “a consolidated view via the platform and reviews all client trading during
the day; the trading platform produces an end of day report of all transactions
together with associated profit and loss, which [Mr C] reviews on a daily basis; [Mr
C] will report any suspicious transactions to Compliance for further evaluation; [Mr
C] is supported by [a senior individual in technology and operations] who carries out
this role in his absence.” But these responsibilities were not recorded in any of
Sigma’s policies or procedures; and nowhere were they formally designated to Mr C.
4.71.
During an interview with the Authority, Mr C denied responsibility for market abuse
surveillance, asserting that it was the responsibility of Mr B.
Preparations for the introduction of EU MAR
4.72.
Towards the end of the Relevant Period, on 3 July 2016, the Market Abuse Regulation
came into force and introduced extra safeguards and responsibilities upon broker
firms in managing the risks of market abuse. Sigma did not take any preparatory
steps for the introduction of EU MAR, despite the fundamental importance of EU MAR
to the identification, prevention and detection of market abuse and the Authority
publishing communications reminding firms of their obligations under EU MAR.
Although a relevant member of Sigma’s staff attended a course concerning the
implementation of EU MAR, there were no formal presentations, announcements or
communications within Sigma about the changes to the STR regime in July 2016
which resulted from the introduction of EU MAR.
Post-trade Surveillance on the CFD desk
4.73.
During the Relevant Period, there was confusion about who was responsible for post-
trade surveillance to identify potentially suspicious trading activity including market
abuse. In practice, nobody was performing this role. There were no policies or
procedures which outlined the post-trade monitoring to be undertaken on the CFD
desk, and no thresholds, parameters or criteria to assist staff with identifying
suspicious orders or transactions.
4.74.
From March 2016, the Compliance Department started performing monthly post-
trade surveillance of F&O transactions, however no post-trade surveillance was
carried out in respect of the CFD desk.
4.75.
Sigma’s reliance on manual oversight of its CFD trading, without the benefit of proper
analysis or case management tools, hindered its ability to capture types of suspicious
activity and to identify patterns effectively. Given the daily volume of trades executed
by the CFD desk, Sigma should have implemented an in-house solution to collate the
trading data and to track and evaluate emerging suspicions.
Back-book review for STRs / STORs
4.76.
In February 2017, Sigma established a panel to conduct a review of all transactions
that had taken place on the CFD desk during the Relevant Period to determine
whether any required STR or STOR notifications to the Authority (“the Panel”). The
Panel consisted of four individuals including the newly recruited member of the
Compliance Department.
4.77.
First, Sigma used automated market abuse monitoring software to flag trades that
warranted review according to parameters which had been approved by the Skilled
Person for use by the CFD desk’s current transaction monitoring software. This
process flagged 1,621 transactions. Secondly, an initial review of the flagged
transactions was conducted by a senior individual on the CFD desk and a senior,
newly recruited, member of the Compliance Department. Thirdly, the Panel, reviewed
the initial analysis accordingly to set terms of reference.
4.78.
The review by the Panel resulted in the identification of 97 suspicious transactions or
orders during the Relevant period, which would likely have been collectively reported
to the Authority as 24 STRs/STORs, none of which had been identified previously by
Sigma as potentially suspicious. Some of these notification assessments, however,
were made with the benefit of information which would not have been available to
Sigma at the time of the transactions; such as subsequent trading behaviour, or
accounts which had been the subject of information requests from the Authority.
Sigma has not suggested that a significant proportion would only have been
identifiable with hindsight.
4.79.
SARs form part of a regime under which suspicious activity related to money
laundering or criminal property is reported to the UK Financial Intelligence Unit at
the National Crime Agency.
SARs submitted
4.80.
During the Relevant Period, only two SARs were submitted by Sigma to the National
Crime Agency. No STRs or STORs were submitted to the Authority despite at least
one of the SARs relating to a suspicious transaction.
5.
FAILINGS
5.1.
The statutory and regulatory provisions relevant to this Notice are referred to in
5.2.
SUP 17.1.4R provided that:
“A firm which executes a transaction:
in any financial instrument admitted to trading on a regulated market or a
prescribed market (whether or not the transaction was carried out on such a
market); or
in any OTC derivative the value of which is derived from, or which is otherwise
dependent upon, an equity or debt-related financial instrument which is
admitted to trading on a regulated market or on a prescribed market;
must report the details of the transaction to the Authority.”
5.3.
SUP 17.4.1EU provided that:
“Reports of transactions made in accordance with Articles 25(3) and (5) of
MiFID shall contain the information specified in SUP 17 Annex 1 EU which is
relevant to the type of financial instrument in question and which the FCA
declares is not already in its possession or is not available to it by other means.”
5.4.
SUP 17 Annex 1 EU set out the minimum content of a transaction report including
Field Identifiers and Descriptions.
5.5.
During the Relevant Period, Sigma failed to report, in breach of SUP 17.1.4R, or to
accurately report, in breach of SUP 17.4.1 EU/SUP 17 Annex 1 EU, an estimated
56,000 transactions.
5.6.
SUP 15.10.2R provided that:
“A firm which arranges or executes a transaction with or for a client and which
has reasonable grounds to suspect that the transaction might constitute market
abuse must notify the FCA without delay.”
5.7.
From 1 December 2014 to 2 July 2016, Sigma contravened SUP 15.10.2R by failing
to report 17 STRs to the Authority.
5.8.
Article 16 (2) EU MAR provides that:
“Any person professionally arranging or executing transactions shall establish
and maintain effective arrangements, systems and procedures to detect and
report suspicious orders and transactions. Where such a person has a
reasonable suspicion that an order or transaction in any financial instrument,
whether placed or executed on or outside a trading venue, could constitute
insider dealing, market manipulation or attempted insider dealing or market
manipulation, the person shall notify the competent authority [of the Member
State in which they are registered or have their head office] without delay.”
5.9.
From 3 July 2016 to 12 August 2016, Sigma contravened Article 16 (2) of EU MAR
by failing to report 7 STORs to the Authority.
5.10.
Principle 3 provides that a firm must take reasonable care to organise and control its
affairs responsibly and effectively, with adequate risk management systems.
5.11.
In breach of Principle 3, Sigma did not have any, or any adequate, formal systems
and controls, to enable its Board to review in a structured fashion the business
activities of the CFD desk. In particular, Sigma failed to:
(1)
Conduct Board meetings with sufficient regularity to enable the effective
oversight of the CFD desk’s business activities by its directors;
(2)
Maintain Board minutes that recorded attendees, the matters discussed,
the nature of any challenges made and decisions reached, sufficient to
demonstrate effective oversight of the CFD desk by its directors;
(3)
Obtain and circulate to members of the Board prior to its meetings,
adequate management information regarding the business of the CFD
desk, sufficient to enable its activities to be effectively reviewed by its
directors, and any issues of concern identified, challenged and any
remedial measures proposed, monitored;
(4)
Undertake an adequate risk assessment prior to the commencement of
the CFD desk’s business activities, sufficient to enable its directors to
review and understand the regulatory requirements and market conduct
risks associated with such activities, and to prepare accordingly;
(5)
Ensure that those directors with responsibility for compliance oversight
and money laundering reporting had the necessary skills and training to
perform, and were effectively performing, those functions;
(6)
Monitor and reasonably satisfy itself as to the adequate resourcing and
proper functioning of the Compliance Department, including the
implementation of policies and procedures, as pertaining to the business
of the CFD desk.
5.12.
Also in breach of Principle 3, Sigma failed to put in place an effective compliance
function. In particular, Sigma failed to:
(1)
Adequately record and monitor the performance of those of Mr Tomlin’s
responsibilities, as CF10 (Compliance oversight), that he had delegated
to Sigma’s Chief Executive, Mr Tyson;
(2)
Adequately record and communicate the roles and responsibilities of its
Compliance Department staff, and those employed on the CFD desk who
assisted in certain compliance related activities, such that these were
clear and properly understood;
(3)
Ensure that the Compliance Department had in place adequate policies
and procedures in relation to the conduct of brokers on the CFD desk, and
that these were effectively communicated and monitored;
(4)
Ensure that those staff responsible for transaction reporting were
provided with clear policies and procedures, and sufficient training and
guidance, such that they could properly discharge their responsibilities;
(5)
Ensure that it had effective systems, including clear reporting lines and
written policies and procedures, in place such that it could comply with
its
post-trade
transaction
monitoring
obligations,
including
the
appropriate and timely escalation of potentially suspicious transactions on
the CFD desk, and that these remained effective as the volume of the
CFD desk’s transactions increased;
(6)
Ensure that it had taken adequate preparatory steps for the introduction
of EU MAR in July 2016, despite the fundamental importance of EU MAR
to the detection and reporting of market abuse.
5.13.
Sigma also failed to establish, implement and maintain adequate policies and
procedures sufficient to ensure its compliance with its obligations under the
regulatory system and for countering the risk that it might be used to further financial
crime, thereby breaching SYSC 6.1.1R.
6. SANCTION
Power to impose a financial penalty in respect of Sigma’s conduct
6.1.
Section 206 of the Act gives the Authority the power to impose a penalty on an
authorised firm if that firm has contravened a requirement imposed on it by or under
the Act or by any directly applicable European Union regulation or decision made
under MiFID.
6.2.
The Authority considers that Sigma has contravened SUP 17.1.4R, SUP
17.4.1EU/SUP 17 Annex 1 EU, SUP 15.10.2R, Article 16(2) of EU MAR and Principle
3.
6.3.
The Authority’s policy for imposing a financial penalty is set out in Chapter 6 of DEPP.
In respect of conduct occurring on or after 6 March 2010, the Authority applies a
five-step framework to determine the appropriate level of financial penalty. DEPP
6.5A sets out the details of the five-step framework that applies in respect of financial
penalties imposed on firms.
6.4.
Given that the breaches of SUP 15.10.2R, Article 16 (2) of EU MAR, SUP 17.1.4R,
SUP 17.4.1 EU/SUP 17 Annex 1 EU and SYSC 6.1.1R occurred within the period of
the Principle 3 breach and are based on similar facts, the Authority considers it
appropriate to impose a combined financial penalty for these breaches.
Step 1: disgorgement
6.5.
Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the
financial benefit derived directly from the breach where it is practicable to quantify
this.
6.6.
The Authority has not identified any financial benefit that Sigma derived directly from
its breach.
6.7.
Step 1 is therefore £0.
Step 2: the seriousness of the breach
6.8.
Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that reflects
the seriousness of the breach. Where the amount of revenue generated by a firm
from a particular product line or business area is indicative of the harm or potential
harm that its breach may cause, that figure will be based on a percentage of the
firm’s revenue from the relevant products or business area.
6.9.
The Authority considers that the revenue generated by Sigma’s CFD desk is indicative
of the harm or potential harm caused by its breach. The Authority has therefore
determined a figure based on a percentage of Sigma’s relevant revenue. Sigma’s
relevant revenue is the revenue derived by Sigma during the period of the breach.
The period of Sigma’s breach was from 1 December 2014 to 12 August 2016.
6.10.
The Authority considers Sigma’s relevant revenue for this period to be £3,580,025.
6.11.
Having determined the relevant revenue, the Authority will then decide on the
percentage of that revenue which will form the basis of the penalty. In making this
determination the Authority will consider the seriousness of the breach and choose a
percentage between 0% and 20%. This range is divided into five fixed levels which
represent, on a sliding scale, the seriousness of the breach. The more serious the
breach, the higher the level. For penalties imposed on firms there are the following
five levels:
Level 1 – 0%
Level 2 – 5%
Level 3 – 10%
Level 5 – 20%
6.12.
The Authority has determined the seriousness of Sigma’s breaches to be Level 4 for
the purposes of Step 2 having taken into account:
(1)
DEPP 6.5A.2G(6-9) provides factors the Authority will generally take into
account which reflect the impact and nature of the breach, and whether it was
committed deliberately or recklessly, in deciding which level of penalty best
indicates the seriousness of the breach;
(2)
DEPP 6.5A.2G(11) lists factors likely to be considered ‘level 4 or 5 factors’; and
(3)
DEPP 6.5A.2G(12) lists factors likely to be considered ‘level 1, 2 or 3 factors.’
6.13.
Of these, the Authority considers the following factors to be relevant:
(1)
Sigma saved on the costs that it would otherwise have incurred had it
adequately resourced its Compliance Department and implemented proper
systems for transaction reporting and monitoring;
(2)
There was no loss to consumers, investors, or other market users;
(3)
There was no adverse effect on market confidence or orderliness, albeit the
breaches could have had an adverse effect on the market, in that they
increased the risk that market abuse could occur undetected;
(4)
The breaches revealed serious and systemic weaknesses in Sigma’s
procedures, management systems and internal controls in relation to its
oversight of the activities of the CFD desk;
(5)
There was a significantly increased risk that potentially suspicious trading could
go undetected as a result of the breaches, due to the combination of failings
across all levels of “defence” against market abuse within Sigma: at CFD desk
level; within its Compliance Department; governance at Board level; and
because Sigma’s failures in transaction reporting and notifications of
STR/STORs, which when remedied resulted in an estimated 56,000 transaction
reports and the identification of 97 suspicious transactions or orders, which
would likely have resulted in 24 collective STR/STOR notifications, failings
which potentially undermined the effectiveness of the Authority’s own
surveillance tools;
(6)
The Authority relies on firms to submit complete and accurate transaction
reports to enable it to carry out its market surveillance obligations and to detect
and investigate cases of market abuse and uphold proper conduct in the
financial system; and
(7)
The breach was committed negligently, not deliberately or recklessly.
6.14.
Taking all of these factors into account, the Authority considers the seriousness of
the breach to be level 4 and so the Step 2 figure is 15% of £3,580,025, which is
£537,003.
6.15.
Step 2 is therefore £537,003.
Step 3: mitigating and aggravating factors
6.16.
Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the
amount of the financial penalty arrived at after Step 2, but not including any amount
to be disgorged as set out in Step 1, to take into account factors which aggravate or
mitigate the breach.
6.17.
An aggravating factor in this case is that the Authority has given substantial and
ongoing support to the industry regarding transaction reporting requirements
including through the TRUP and Market Watch both prior and throughout the Relevant
Period that highlighted the importance of transaction reporting and submitting STRs
/ STORs.
6.18.
The Authority considers that the Step 2 figure should be increased by 10%.
6.19.
Step 3 is therefore £590,703.
Step 4: adjustment for deterrence
6.20.
Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after Step
3 is insufficient to deter the firm who committed the breach, or others, from
committing further or similar breaches, then the Authority may increase the penalty.
6.21.
The Authority considers that the Step 3 figure of £590,703 represents a sufficient
deterrent to Sigma and others, and so has not increased the penalty at Step 4.
6.22.
Step 4 is therefore £590,703.
Step 5: settlement discount
6.23.
The Authority and Sigma reached agreement to settle between the end of stage 1
and prior to the expiry of the period for making representations. The Authority has
applied a 10% discount to the Step 4 figure. Step 5 is therefore £531,632.
Financial penalty
6.24.
The Authority hereby imposes a total financial penalty of £531,600 (rounded down
to the nearest £100).
7.
PROCEDURAL MATTERS
7.1.
This Notice is given to Sigma under and in accordance with section 390 of the Act.
7.2.
The following statutory rights are important.
Decision maker
7.3.
The decision which gave rise to the obligation to give this Notice was made by the
Settlement Decision Makers.
Manner and time for payment
7.4.
The financial penalty must be paid in full by Sigma to the Authority no later than 28
October 2022.
If the financial penalty is not paid
7.5.
If all or any of the financial penalty is outstanding on 28 October 2022, the Authority
may recover the outstanding amount as a debt owed by Sigma and due to the
Authority.
7.6.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of information
about the matter to which this notice relates. Under those provisions, the Authority
must publish such information about the matter to which this notice relates as the
Authority considers appropriate. The information may be published in such manner
as the Authority considers appropriate. However, the Authority may not publish
information if such publication would, in the opinion of the Authority, be unfair to you
or prejudicial to the interests of consumers or detrimental to the stability of the UK
financial system.
7.7.
The Authority intends to publish such information about the matter to which this Final
Notice relates as it considers appropriate.
Authority contacts
7.8.
For more information concerning this matter generally, contact Kerri Scott at the
Authority (direct line: 020 7066 4620/email: Kerri.Scott@fca.org.uk).
Head of Department, Enforcement and Market Oversight Division
ANNEX A
RELEVANT STATUTORY PROVISIONS
The Financial Services and Markets Act 2000 (“the Act”)
The Authority’s operational objectives
1.
The Authority’s operational objectives are set out in section 1B(3) of the Act and include
securing an appropriate degree of protection for consumers and protecting and
enhancing the integrity of the UK financial system.
Section 206 of the Act
2.
Section 206 of the Act provides the Authority with the power to impose a financial
penalty on an authorised person, of such an amount as it considers appropriate, if it
considers that the authorised person has contravened a relevant requirement.
Regulation (EU) No 596/2014 (“EU MAR”)
3.
Article 16(2) of EU MAR provides: “Any person professionally arranging or executing
transactions shall establish and maintain effective arrangements, systems and
procedures to detect and report suspicious orders and transactions. Where such a
person has a reasonable suspicion that an order or transaction in any financial
instrument, whether placed or executed on or outside a trading venue, could constitute
insider dealing, market manipulation or attempted insider dealing or market
manipulation, the person shall notify the competent authority as referred to in
paragraph 3 without delay.”
RELEVANT REGULATORY PROVISIONS
The Authority’s Handbook of Rules and Guidance
4.
In exercising its powers to impose a financial penalty, the Authority must have regard
to the relevant regulatory provisions in the Authority’s Handbook of rules and guidance
(the “Handbook”). The main provisions that the Authority considers relevant are set out
below.
Principles for Businesses (“PRIN”)
5.
The Principles are a general statement of the fundamental obligations of firms under
the regulatory system and are set out in the Handbook. They derive their authority from
the Authority’s rulemaking powers as set out in the Act and reflect the Authority’s
regulatory objectives. They can be accessed here:
6.
Principle 3 provides: “A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.”
Senior management arrangements, systems and controls (SYSC)
7.
The following provisions of SYSC (relevant to the facts relied on in this notice) were in
force during the Relevant Period.
8.
SYSC 2.1.1R provided that:
“A firm must take reasonable care to maintain a clear and appropriate
apportionment of significant responsibilities among its directors and senior
managers in such a way that:
(1) it is clear who has which of those responsibilities; and
(2) the business and affairs of the firm can be adequately monitored and
controlled by the directors, relevant senior managers and governing body of
the firm.
9.
SYSC 2.1.3R provided that:
“A firm […] must appropriately allocate to one or more individuals, in accordance
with SYSC 2.1.4 R, the functions of:
(1) dealing with the apportionment of responsibilities under SYSC 2.1.1 R;
and
(2) overseeing the establishment and maintenance of systems and controls
under SYSC 3.1.1 R.”
10.
SYSC 2.1.4R provided that [so far as applicable to Sigma] both functions within SYSC
2.1.3R must be allocated to the firm’s chief executive, but in default of this they will fall
to the firm’s directors and senior managers.
11.
SYSC 6.1.1R provided that:
“A firm must establish, implement and maintain adequate policies and procedures
sufficient to ensure compliance of the firm including its managers, employees and
appointed representatives (or where applicable, tied agents) with its obligations
under the regulatory system and for countering the risk that the firm might be
used to further financial crime.”
12.
SYSC 6.1.2R provided that:
“A common platform firm and a management company must, taking into account
the nature, scale and complexity of its business, and the nature and range of
financial services and activities undertaken in the course of that business,
establish, implement and maintain adequate policies and procedures designed to
detect any risk of failure by the firm to comply with its obligations under the
regulatory system, as well as associated risks, and put in place adequate
measures and procedures designed to minimise such risks and to enable the
appropriate regulator to exercise its powers effectively under the regulatory
13.
SYSC 6.1.3R provided that:
“A common platform firm and a management company must maintain a
permanent and effective compliance function which operates independently and
which has the following responsibilities:
(1) to monitor and, on a regular basis, to assess the adequacy and
effectiveness of the measures and procedures put in place in accordance
with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the
firm's compliance with its obligations; and
(2) to advise and assist the relevant persons responsible for carrying out
regulated activities to comply with the firm's obligations under the regulatory
system.”
14.
SYSC 6.1.4R provided that:
“In order to enable the compliance function to discharge its responsibilities
properly and independently, a common platform firm and a management company
must ensure that the following conditions are satisfied:
(1) the compliance function must have the necessary authority, resources,
expertise and access to all relevant information;
(2) a compliance officer must be appointed and must be responsible for the
compliance function and for any reporting as to compliance required by SYSC
4.3.2 R; […]
15.
SYSC 4.3.2R provides:
“A common platform firm […], must ensure that:
(1) its senior personnel receive on a frequent basis, and at least annually,
written reports on the matters covered by SYSC 6.1.2R to SYSC 6.1.5R, […];
and
(2) the supervisory function, if any, receives on a regular basis written
reports on the same matters.”
Supervision Manual (“SUP”)
16.
SUP sets out the relationship between the Authority and authorised persons (referred
to in the Handbook as firms). The following provisions of SUP were in force during the
Relevant Period.
17.
SUP 15.10.2R provided that “A firm which arranges or executes a transaction with or
for a client and which has reasonable grounds to suspect that the transaction might
constitute market abuse must notify the FCA without delay.” This rule applied from 6
February 2014 to 2 July 2016.
18.
SUP 15.10.3R provided that, in applying SUP 15.10.2R, a firm "must decide on a case-
by-case basis whether there are reasonable grounds for suspecting that a transaction
involves market abuse, taking into account the elements constituting market abuse."
19.
SUP 15.10.2A EU records that Article 16 of EU MAR applied from 3 July 2016 to date,
in place of SUP 15.10.2R.
20.
SUP 17.1.4R provided that “A firm which executes a transaction: (1) in any financial
instrument admitted to trading on a regulated market or a prescribed market (whether
or not the transaction was carried out on such a market); or (2) in any OTC derivative
the value of which is derived from, or which is otherwise dependent upon, an equity or
debt-related financial instrument which is admitted to trading on a regulated market or
on a prescribed market; must report the details of the transaction to the FCA.” This rule
applied from 1 April 2013 to 2 January 2018.
21.
SUP 17.4.1 EU provided that “Reports of transactions made in accordance with Articles
25 (3) and (5) of MiFID shall contain the information specified in SUP 17 Annex 1 EU
which is relevant to the type of financial instrument in question and which the FCA
declares is not already in its possession or is not available to it by other means.” This
rule applied from 1 April 2013 to 2 January 2018.
Conduct of Business Sourcebook (“COBS”)
22.
COBS applies to a firm with respect to designated investment business carried on from
an establishment maintained by it, or its appointed representative, in the United
Kingdom and activities connected with them.
23.
The following provisions of COBS applied to Sigma during the Relevant Period.
24.
COBS 11.8.5R provides:
“A firm must take reasonable steps to record relevant telephone conversations,
and keep a copy of relevant electronic communications, made with, sent from or
received on equipment:
(1) provided by the firm to an employee or contractor; or
(2) the use of which by an employee or contractor has been sanctioned or
permitted by the firm;
to enable that employee or contractor to carry out any of the activities
referred to in COBS 11.8.1R.”
25.
COBS 11.8.5AR requires a firm take reasonable steps to prevent an employee or
contractor from making, sending or receiving relevant telephone conversations and
electronic communications on privately-owned equipment which the firm is unable to
record or copy.
Decision Procedure and Penalties Manual (“DEPP”)
26.
Chapter 6 of DEPP, which forms part of the Authority’s Handbook, sets out the
Authority’s policy for imposing a financial penalty. DEPP 6.5A sets out the details of the
five-step framework that applies to financial penalties imposed on firms, which can be
accessed here:
27.
EG sets out the Authority's approach to financial penalties and public censures is set
out in Chapter 7 of EG, which can be accessed here:
PUBLIC STATEMENTS
28.
The Authority has made public statements about the standards that are expected of
firms in relation to market abuse, and their obligation to submit suspicious transaction
reports (“STRs”) to the Authority.
29.
The Authority published two papers during the Relevant Period setting out observations
from suspicious transaction reporting supervisory visits.
30.
The first, Market Watch 48, published in June 2015, set out observations from the
Authority’s suspicious transaction reporting supervisory visits including:
•
the consideration of a detailed risk assessment of the market abuse risks to
which a firm may be exposed prior to designing a surveillance programme was
important to the effectiveness of the surveillance programme;
•
under-investment in training of front office staff was noted across several firms,
which led to a low level of understanding and commensurately low reporting of
potential incidents of market abuse;
•
where firms had undocumented reporting to heads of desk or business
management, the Authority observed it had led to conflicts of interest, lack of
audit trail and potentially inadequate challenge on decisions not to submit STRs.
31.
The second, Market Watch 50, published in April 2016, set out further observations from
the Authority’s supervisory visits including:
a. the importance of a well-resourced and independent second surveillance
function in order to provide genuine challenge to the business was highlighted;
b. forewarning of changes brought in by the EU MAR including, the requirement
for firms and other persons to report suspicious orders and attempted
behaviours as well as suspicious transactions
32.
Market Watch 48 and 50 can be accessed here:
33.
The Authority published guidance on 6 February 2015, FG/15/3 which clarified certain
requirements of firms, including that the transaction reports a firm sends for its
transactions must accurately reflect the change in the position for the firm and its
client(s) resulting from the transactions.
34.
The Authority publishes guidance concerning transaction reporting, highlighting the
importance of data accuracy, which includes its Transaction Reporting User Pack which
can be accessed here: