Surveillance Data: The Stuff No One is Talking About

The Surveillance Data Problem

EFRP: If your commodity firm is going to get fined for something, odds are it’s going to be for an EFRP documentation violation.  More companies get hit for this than any other violation.   In 

stone key

summary, every EFRP must be tied back to the independent OTC transaction. Most firms get in trouble for a simple reason.  The trading desk is executing EFRPs and there is no one double checking the documentation. 

Solution (or in this case the FIX)

The fix is simple...   All EFRPs are tagged right in the exchange feed, also called the FIX feed.that is.   So in this case the FIX is the FIX! In K3, we simply set up an alert to compliance when an EFRP crosses the desk.  It’s all real time and avoids miles of pain.

Tick Data is the Surveillance Elephant In the Room

What vendors won’t tell you is that currently all commodities surveillance is limited to one dimension. What I mean by this is that we, as vendors, are limited to using order and execution data to detect manipulative behavior.  It’s a limitation of available surveillance data. What is more difficult is adding the additional dimension of how a manipulative behavior actually impacted prices. Why? Tick Data. Tick data is the moment by moment movement in prices and at least the BBO (Best Bid Offer.) The problem with tick data is IT’S ENORMOUS.

Tick Data is Surveillance Data and True Big Data.

I downloaded some tick data.  Just one day, one exchange, one product open to close.  It was 8 gigabytes! I was in a hotel at the time with a 2MB connection. So, yea… it took a while.  Just one product. We estimate that keeping just one year of tick data across a typical spread of products will require somewhere around 150 Terabytes of storage.  Impossible? No not at all. But over the coffee machine ask your IT team what it would cost to store 150Tb of data. Just a shot from the hip. That will give you a sense of if it is a big take down for your company.   

But in the meantime don’t be fooled with lower granularity data.  For example, if a trader is layering between 9:01 and 9.25 but the price interval is 30 minutes… that’s not helpful at all.  So when a vendor talks a big game around prices, if it’s not tick data…it’s not helping at all.


Judicious Use of Alerts

There is and old Latin legal term that comes to mind when talking about alerts. Scienter (see-enter). Scienter means “knowledge of wrongdoing.”   Lets just say that scienter is a huge element to drawing big fines and sanctions.

Scienter comes into play for supervision teams when compliance gets an alert…and promptly ignore that alert.  It’s a bit of, “you knew, or should have known but allowed it to go on anyway” that is going to draw a failed supervision fine.  In other words, the false positive conundrum.

I’m going to call it as I see it.  In an ideal world, compliance officers want a black box that sends them an alert every time something looks amiss. But, when half or more of the alerts are false positives, it’s only human to start ignoring these alerts.  That’s reality. Remember that word scienter?  The ultimate challenge of surveillance is ensuring your team does not have scienter machine on its hands.

Everyone has to recognize that  false positives are absolute Kryptonite to a meaningful surveillance program.  So, what’s the solution?

Where alerts fail…humans with the right tools prevail.  Instead of using alerts to prompt action, give human beings data tools to refine signals from all the noise easily.  Have these people review dashboard reports of trading behavior. Do it regularly. Document findings. I’ll take an educated human any day over an alert.   What I am suggesting is judicious alerts. Alerts demand action (like the EFRP alert). But if there a just too many to follow up on or the alert is regularly nonsense, it’s time to refactor your approach.