In today’s economic reality, where businesses are affected by the impact of the COVID-19 pandemic, no company is exempt from increased risk of fraud.

The COVID-19 pandemic has heightened the risk of fraud due to an abrupt change in working practices, as well as increasing pressure on organizations, their customers and their supply chain. In addition, many governments have announced support packages for businesses using financial services institutions as a vector, which will open new avenues for fraudsters.

This third blog post focuses on what to look out for and what you can do to mitigate around the current heightened market abuse risks associated with the COVID-19 crisis. Click on the buttons below to read other articles of the series:


Market volatility and unprecedented changes to the working environment resulting from the COVID-19 crisis continue to have an impact on market abuse risks and related surveillance operations. 

In light of the current situation, the Financial Conduct Authority (FCA) has published information for organizations on COVID-19[1], clarifying that it expects they “should take all reasonable steps to meet the regulatory obligations which are in place to protect their consumers and maintain market integrity” and continue to “take all steps to prevent market abuse risks.” The FCA has suggested that organizations could undertake enhanced monitoring or retrospective reviews.

Other regulators, such as the Financial Crimes Enforcement Network (FinCEN), have received reports regarding suspected COVID-19-related insider trading[2] and are advising financial institutions to remain alert about malicious or fraudulent transactions like those that occur in the wake of natural disasters.

There is currently limited published regulatory guidance to organizations to help with decision-making surrounding operational risks and compliance with market abuse obligations; however, the FCA has highlighted that it continues to act against market abuse. While information and guidance for organizations develops, we encourage them to assess the risks associated with the current market and new working arrangements, and to consider their measures (tactically and in the medium term) to ensure continuation of their control environment.

Interim measures that might be needed

Changes in trading strategy or employee operations resulting from the COVID-19 pandemic could increase market abuse risks, resulting in the need for interim measures. For example:

  • Short-term versus long-term behaviors: Global markets are seeing increased volumes of trading and volatility as clients respond to rapidly changing circumstances. Not only does this pose opportunities for increased revenue and profits, but traders may also change their trading strategies: e.g., by moving toward a shorter-term style of trading by locking in profits at an earlier opportunity compared with taking a longer-term approach. Organizations need to be ready to challenge themselves and traders as to whether their behavior was a fair response to market conditions. Regulators have indicated that, while they do not expect perfection, they expect organizations to be thoughtful about their approach and able to articulate their rationale.
  • Increased alert volumes: Increased trading volumes predictably cause an increase in the number of alerts being processed on a daily basis. Some regulators, such as the Commodity Futures Trading Commission (CFTC), have recognized this by temporarily relaxing regulatory obligations. However, during such volatile conditions, some market participants may take advantage and seek to hide market manipulation among wider market activities. Organizations will need to avoid the assumption that spikes in alert activity reflect increased or volatile activity and be prepared to challenge the trader.
  • Disclosure of inside information: With a large number of employees working remotely, there is a greater risk that those in possession of insider information may inadvertently disclose it to family or friends in shared accommodation. Organizations may need to perform enhanced monitoring for insider dealing and sharing of confidential information to aid in mitigating this risk. They should give consideration to sectors that have been particularly impacted and seek to understand whether traders have traded ahead of large market movements.
  • Surveillance challenges: With a greater number of alerts being generated and employees working in isolated locations, it may be more difficult to conduct trade surveillance and monitoring, increasing the risk that potentially illicit market behavior goes undetected and potentially unreported to regulators. Organizations should consider not only whether there is adequate resourcing in surveillance teams, but also how they incentivize employee to focus time on high-priority alerts, rather than feeling obliged to close down larger volumes of alerts quickly. Organizations should be assessing skillsets in their control functions to fill gaps where their surveillance resources become depleted. Technology and analytics could be deployed quickly to allow teams to identify and prioritize higher-risk alerts, or to group certain alerts together to allow for an efficient workflow.
  • New communication channels: More traders working remotely or increased use of video conferencing technology (such as Zoom, Microsoft Teams, Skype and Webex) heightens the risk that inappropriate communications may take place. Traders can use their personal mobiles while working remotely, whereas on the trading floor, they are prohibited. In some instances, employees may be using interim or new communication channels that are not yet set up to be recorded.

Organizations should consider limiting new forms of technology to trading and sales employees. Other employees who are under surveillance will need to have controls put in place for technology that cannot yet be monitored, such as mandatory addition of meetings to calendars or even enforced supervisors access to video calls.

  • Existing detection: Increased market volatility enhances the risk that surveillance and monitoring capabilities may not be as effective as in normal markets. In assessing exposure to market abuse risk, organizations may also consider whether existing detection methods are actually required in this type of market. For example, should new techniques, tuning and questions be used to spot potentially abusive behavior? Organizations may need to carry out a tactical review of their scenarios to identify priorities to amend in line with new market conditions and to manage the volume of   false alerts.

Red flags: what to look out for right now

  • Hidden abusive activities: Organizations should be prepared for market abuse activities hidden among the increased trading volumes. There is a greater ability and incentive for opportunist or unscrupulous actors to commit market abuse activity. Organizations will need to be ready to challenge explanations that trading behavior is in response to market conditions. This can be supported by looking at behavior relative to peers and creating a set of indicators relating to:
    • Trade execution trends (frequency, average trade size and daily maximum size)
    • Order trends (average order size, level of deviation versus peers and level of participation versus the market).
  • Increased motivation and opportunity:  With more volatile prices and greater trade flow, there may be heightened opportunity and motivation for certain risks, such as frontrunning client orders. Organizations may want to focus enhanced monitoring on these behaviors.
  • Conduct risks: For many organizations, the grayer area of conduct risks is as concerning as the black-and-white abuse risks. Ensuring that spikes in profitability are understood, pricing is proportionate to risk, and all activity is carried out in line with mandates and institutional purpose is key in supporting employees and the markets, to maintain an effective control environment and manage reputational risk.
  • Value of information: Inside information garnered by corporate insiders may hold an even greater value than in normal market conditions[3].

What does this mean for you?

Managing market abuse risks through this period requires consideration of four aspects: risks, controls, operation and regulation.

  • Risks: Organizations should balance increased trading volumes and revenues with a proportionate control framework and perform a focused risk assessment based on the changing market conditions, market profile and the existing controls in place to identify temporary gaps. The results of this assessment can be used to define appropriate tactical measures, such as enhanced reviews or lookback exercises.

If alternative arrangements in response to the pandemic become embedded over several months, or permanent features, organizations should perform and document a broader risk assessment, as potentially weaker supervision as some controls (e.g., mobile phone bans on the trading floor) may become impossible to apply.

  • Controls: Organizations should consider the need for additional controls such as deepdive or proactive conduct reviews to ensure that trader behavior and revenue generation is in line with management expectations. They may also need to consider tactical methods such as record-keeping requirements for orders and trades to comply with Market Abuse Regulation (MAR).

Organizations should develop interim first line of defense policies that factor in remote working conditions and increase communications emphasizing employees’ requirements to comply with existing obligations. Bulletins may remind employee of the organization’s requirements in trading remotely and maintaining a robust market conduct environment, and the responsibilities on all employees to adhere to them.

  • Operation: Organizations should develop a plan for coping with operational challenges as the ratio between alert volumes and investigator capacity flexes over the coming months. Where this involves risk prioritization or bulk closure, ensuring this is well documented and run through the appropriate governance channels is key.

Organizations should avoid increasing workloads to unrealistic levels and decreasing the time available for investigators to perform reviews. Finally, they should look at key-person risk in the surveillance team (e.g., absence due to illness or caring responsibilities) and what short-term strategies can be put in place to support team resilience over the coming months.

  • Regulation: Organizations should have an open and proactive dialogue with regulators as they respond to COVID-19 challenges. They should also consider how they are developing the recommended enhanced monitoring and retrospective reviews in line with regulatory expectations and ensure that they document and can explain rationale for their response to the pandemic.

[1] FCA: Coronavirus (Covid-19): Information for firms

[2] FINCEN: The Financial Crimes Enforcement Network (FinCEN) Encourages Financial Institutions

[3] SEC: Statement enforcement