Trade Surveillance and Regulatory Compliance Solutions | eflow

eflow client base surges 23% as trading complexity intensifies surveillance demands

sales@eflowglobal.com (eflow) — Tue, 20 Jan 2026 05:38:00 +0000

London, UK: Tuesday 20th January 2026: eflow, a leading provider of regulatory compliance technology for financial services, today announces 23% client growth in 2025, as firms strengthen surveillance infrastructure to address complex and increasingly AI-driven trading and sophisticated regulatory demands. The expansion resulted in 56 new deployments of eflow’s modular compliance software as financial institutions modernise monitoring capabilities in response to rapidly evolving market dynamics.

The growth reflects mounting pressure on compliance and surveillance systems as firms navigate a combination of market volatility, geopolitical uncertainty, and increasingly complex trading activity. Automated and algorithmic trading now underpins a significant proportion of global market activity, while the use of AI across financial services continues to expand. As regulators pursue more sophisticated market abuse typologies and place greater scrutiny on firms’ surveillance capabilities, traditional, rules-based monitoring tools are struggling to keep pace, driving increased investment in integrated, adaptive surveillance technology.

Addressing the surveillance gap

In response to these challenges, eflow launched PATH AI to help compliance teams investigate trading alerts more efficiently through explainable, contextual insights delivered via a conversational interface. Users can analyse alert history, identify behavioural patterns, and generate audit-ready case summaries, with all data fully referenced and conversations tracked for reporting.

eflow also enhanced its TZEC suite with new eComms surveillance and archiving modules, offering significant cost and deployment advantages. Data extraction is priced at $0.20 per GB versus up to $50 per GB from legacy providers, and full deployment can be completed in as little as 90 days.

Adoption surges amid regulatory scrutiny

eflow’s 2025 client wins included Finalto, a global liquidity provider, and Mirae Asset Securities UK, both of which selected eflow’s technology to centralise their trade surveillance and best execution monitoring. In total, 40 new or expanded client relationships contributed to 56 new system deployments across the company’s product suite, reflecting both new client wins and broader adoption among existing customers, with 14% of current clients expanding their use of eflow’s technology.

The company strengthened its technology capabilities through strategic partnerships with EXANTE, enhancing market data depth, and AI specialist DHI, enabling the integration of AI-generated risk scoring into its surveillance technology. To support accelerating demand, eflow made three strategic senior appointments: Kristian Frost Pedersen as Chief Financial Officer, Michael De Jongh as Chief Growth Officer, and Ross Pearson as Head of AI.

Ben Parker, CEO at eflow, commented: “Our strong growth in 2025 reflects a clear market shift. Between geopolitical uncertainty, significant market volatility, and increasing regulatory complexity, firms can no longer rely on siloed surveillance as regulators target increasingly sophisticated manipulation and scrutiny of surveillance capabilities intensifies. Clients expanded their use of our platform, driving 56 new technology deployments in 2025 - clear evidence that an integrated approach delivers measurable value. As AI reshapes both trading behaviour and regulatory expectations, the firms that succeed in 2026 and beyond will be those investing in surveillance technology that can match this complexity while maintaining the transparency regulators demand.”

eflow enters 2026 focused on expanding its presence in Europe, North America and Asia-Pacific whilst advancing its position in AI-powered, explainable surveillance technology.

eflow expands TZEC platform with new eComms archiving and surveillance modules

sales@eflowglobal.com (eflow) — Wed, 03 Dec 2025 08:34:00 +0000

London, UK: Wednesday 3rd December 2025: eflow, a leading provider of regulatory compliance technology, today announced further enhancements to its TZEC platform, a comprehensive suite of eComms archiving and surveillance tools to help financial institutions meet their global regulatory obligations.

The new technology will streamline regulatory workflows while significantly reducing the costs associated with the management, archiving and extraction of eComms-related data. For financial firms, the new eComms surveillance and archiving modules offer major savings compared to some legacy vendors, with eflow charging a data extraction fee of just $0.20 per GB compared with up to $50 per GB from other firms. The products can also be fully deployed in as little as 90 days, a fraction of the time required for traditional systems.

In recent years, financial regulators worldwide have intensified scrutiny of eComms recordkeeping, with enforcement penalties exceeding $3.2 billion in the last five years alone for firms failing to demonstrate robust monitoring and archiving of digital communications. As staff increasingly use multiple platforms to interact, compliance teams face unprecedented challenges in monitoring, storing, and analysing communications for potentially high-risk or abusive behaviour.

To address these challenges, eflow has developed a suite of solutions designed to support firms in meeting regulatory obligations and strengthening oversight. TZEC Archive simplifies core recordkeeping, providing an intuitive interface for archiving, searching, and extracting digital messages from channels such as email, instant chat, voice, voice to text and other off-channel platforms. It ensures compliance with global regulatory standards, including MAR, FCA SYSC, and DORA, without the costly and well publicised data extraction charges that are associated with other archiving technology vendors.

For more advanced monitoring of digital messages, TZEC Focus and TZEC Integrate offer comprehensive surveillance solutions. Using sentiment analysis, natural language processing and machine learning, TZEC Focus analyses multiple communication channels to flag suspicious messages for further analysis and investigation. Meanwhile, TZEC Integrate provides a further layer of contextual insights by linking communications with trade data and leveraging eflow’s Lexicon Service to detect potential market abuse or manipulation. This holistic approach to identifying and preventing market abuse gives compliance teams a deeper, more complete view of high-risk behaviour across their organisation.

“Financial institutions are under growing pressure to monitor and archive communications across multiple digital channels,” said Ben Parker, CEO and founder at eflow. “TZEC equips firms with AI-powered tools to meet regulatory obligations in a cost-effective and transparent way. Unlike other legacy solutions, TZEC users can extract their archived data without being hit by significant additional charges that threaten to place firms in a ‘data hostage’ situation - this potentially saves mid-market firms thousands of pounds. Our rapid onboarding process also means that we can implement a client’s system rapidly without the frustrating waiting times associated with lengthy implementation periods. This makes the process of meeting regulatory obligations more manageable and sustainable from day one.”

By combining robust archiving, AI-driven surveillance, and trade-linked analysis, TZEC enables compliance teams to detect and act on high-risk behaviour more quickly, streamline reporting, and maintain regulatory readiness.

For more information, visit the TZEC product pages.

What eflow saw at XLoD London - The challenges, insights and questions still to be answered

sales@eflowglobal.com (eflow) — Mon, 25 Nov 2024 08:00:00 +0000

What eflow saw at XLoD London - The challenges, insights and questions still to be answered

Last week, the eflow team was delighted to be part of XLoD Global conference in London, an event that brings together regulators, industry practitioners and regulatory technology vendors from around the world.

After meeting existing clients, speaking to some of the world’s largest financial institutions, and sharing our expertise across a series of roundtable discussions, we’ve pulled together our thoughts on some of the hot topics of discussion.

The volume of eComms false positives are a major problem for firms

It won’t be much of a surprise that eComms surveillance was one of the most talked about regulatory challenges of the show. The huge surge in enforcement action seen in the US this year, coupled with the FCA’s very public announcement that this a key focus area for them has clearly garnered the attention of regulatory professionals on both sides of the Atlantic.

So, while awareness of the challenge is certainly not a problem, it appears that finding an operational solution is. After speaking with a number of large firms during the event, there appears to be a common thread - how do you reduce the massive volume of false positives generated by multiple eComms channels? Several firms independently told us that the sheer number of alerts were swamping their compliance teams, putting a strain on resources, and ultimately making it more difficult to review and identify messages that genuinely require further investigation.

How eflow helps: Our TZTS Trade Surveillance and TZEC eComms Surveillance systems feature highly configurable alert parameters that can be configured in line with your firm’s specific risk strategy. As part of your system, you will also have access to an independent sandbox environment where alert parameters can be tested, refined and then promoted to your live system, enabling you to identify the perfect set up for your team.

Can AI help identify where thresholds should be based upon model feedback loops?

This was a topic that eflow explored as part of the FCA’s recent Market Abuse Surveillance Tech Sprint. The use of an alert feedback loop allows machine learning to understand what should be considered a high or low value alert. As a result, we can then understand the commonalities within these results and apply them to the design of alert logic.

For example, this could be the time traded before the release of Material Non-Public Information (MNPI) for an insider dealing alert, or the time for cancellations of a non-bona fide order for spoofing. These patterns will highlight the type of activity that a firm will consider to be high risk, which can then be applied to both risk scoring and the fine tuning of specific thresholds.

How eflow helps: Our work as part of the FCA Tech Sprint is already being developed and enhanced for use across eflow’s products in the near future. We expect to make further announcements on the integration of this functionality during 2025.

Can AI-generated risk score alerts help analysts get to their risk quicker?

Perhaps unsurprisingly, the use of AI within regulatory technology remains a hot topic. However, while the last couple of years has seen an unrelenting ‘buzz’ around AI and the seemingly endless possibilities it offers, it does feel like the conversation has become a little more ‘realistic’ at this year’s event.

A recurring theme was around the use of AI-generated risk scoring of alerts and whether they can help compliance teams to identify risks quicker. This dovetailed nicely with one of the themes from the FCA’s Tech Sprint which eflow was invited to contribute to. Our opinion is that AI can play a vital role in helping analysts to identify the high value alerts that require higher amounts of attention, rather than having to sift through dozens of alerts to get there. We also believe that machine learning will help to understand the parameters that sit behind these alerts and offer suggestions on how they could be dynamically adjusted over time.

While there is no doubt that AI can (and already is) enhancing operational efficiency in a number of ways, it is important to remember that nothing can fully replace the expertise of an experienced regulatory professional. One should also always remember that it’s the firm and individuals who will be on the receiving end of any enforcement action, rather than the technology.

How eflow helps: Our products use the latest technological advancements to aid operational efficiency wherever possible. In terms of AI, this is most evidently deployed in our TZEC eComms Surveillance system, which uses machine learning to identify linguistic trends at both a company and industry-wide level that are indicators of suspicious behaviour.

A holistic approach to surveillance is high on firms’ agendas

Holistic surveillance is not a new topic, but it remains a key challenge that many firms have yet to find a compelling solution to. Specifically, we found that firms were keen to explore how technology could be used to leverage multiple data points to cut down on the volume of false positive alerts and improve investigation synergies.

How eflow helps: Our integrated trade surveillance solution combines a firm’s structured trading data with unstructured communications data to provide ‘one true view’ of your market abuse risks. In doing so, it provides highly contextualised information that allows firms to easily link digital communications to suspicious trading activity and uncover previously inaccessible insights. This data is then ‘learnt’ by the system so that the use of similar language or terminology in the future is flagged for further investigation before any potentially non-compliant activity has taken place.

Risk assessing your programs for digital assets

With digital assets once again at the forefront of people’s minds, ensuring that firms are MiCA ready is vital. With Title VI of MiCA requiring trade surveillance to be in place by 30th December 2024 (and grandfathering not possible for Trade Surveillance) CeFI exchanges with central limit order books and those offering advice on, and trading with, client funds will need to be compliant soon.

How eflow helps: By offering a trade surveillance platform capable of handling large volumes of data 24/7, together with MiCA and ESMA/MAR- ready alert typologies, we are well placed to understand and mitigate your digital asset risk profile. It’s important to understand that with different tokens and liquidity profiles come different trading risks; eflow can create contextual parameters that avoid compliance teams being swamped with false positives and make sure they get to their risk quicker.

Calibrating your trade surveillance strategy for multiple asset risk profiles

It would be naive to think that a ‘one size fits all’ approach to trade surveillance is likely to meet either the demands of regulators, or the operational needs of firms dealing in multiple asset classes. So the question facing many firms is how do you test and calibrate models for different asset risk profiles and subsequent thresholds?

How eflow helps: eflow’s TZTS Trade Surveillance system features conditional parameters as part of its core functionality, providing firms with the ability to set different conditions for alerts for various types of trading activity. The parameters can be set for factors like market volatility, liquidity, or client type. For example, this means it can distinguish between activity driven by natural market fluctuations and those which may be suspicious.

Thanks to this level of customisation, TZTS increases the accuracy of alerts and significantly reduces the number of false positives reported. This enables firms to have more confidence that their compliance teams are focusing on genuine threats, while also working more efficiently.

In conclusion…

There’s little doubt that financial institutions are facing regulatory challenges that are becoming more sophisticated and nuanced each year. Based on our conversations, it’s reassuring to see that many firms are taking a proactive approach to these challenges which is directly in line with demands from regulators.

With this in mind, assessing and identifying the technological tools that will help a firm to strengthen their regulatory governance while streamlining increasingly complex processes is vital. For more information on how eflow can support your firm’s regulatory strategy, request a no-obligation consultation call with our team of experts today.

Global regulatory enforcement action update - Q3 2024

sales@eflowglobal.com (eflow) — Thu, 10 Oct 2024 08:00:00 +0000

Q3 2024 enforcement update: The cost of unmonitored communications

In the third quarter of 2024, enforcement actions related to market conduct reached a combined value of almost $800 million across four jurisdictions, with regulators coming down hard on widespread deficiencies in off-channel communications monitoring.

The total value of fines issued in these three months alone were almost equal to those levied in the first six months of the year, while the number of fines has almost doubled.

In this blog, we present an overview of what’s driven such a significant uplift in regulatory activity. Spoiler alert: traders are still using WhatsApp.

Q3 enforcement action in numbers

In the last three months, 89 market conduct enforcements were issued by global regulators, the majority of which were for eComms surveillance failures…

The fines associated with this action totaled nearly $740 million…

Electronic communications remain in Regulators’ focus

Q3 saw yet another surge in regulatory scrutiny around recordkeeping practices, with US regulators imposing 61 fines related to off-channel communications on platforms like WhatsApp, Signal, and Telegram. The SEC and CFTC continue to lead the charge, imposing penalties against institutions of varying sizes. Notably, Toronto Dominion Bank received a $75 million fine, while others like Canadian Imperial Bank of Commerce and prominent rating agencies - Moody’s Investors Service, Inc. and S&P Global Ratings - also faced substantial repercussions.

Penalties typically correlated with the severity and duration of deficiencies, and in many cases, firms’ inability to capture and store encrypted communications not only hindered regulatory investigations but also heightened internal risks, eroding trust in their compliance frameworks.

Despite the sharp consequences, the benefits of proactive cooperation are clear. According to Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, “there are several [firms] that differentiated themselves by self-reporting prior to the staff’s investigation, demonstrating once again the real benefits of proactive cooperation.” Firms that identified gaps and engaged with regulators early on saw a tangible reduction in penalties. In contrast, those slower to enact remedial protocols often faced harsher sanctions and the requirement to retain compliance consultants to manage future oversight

The ripple effects of these enforcement actions are now being felt beyond the US, as the UK’s Financial Conduct Authority (FCA) has initiated probes into how banks monitor encrypted communications by sending surveys that request disclosure of policy breaches. These actions are the FCA’s most obvious signal yet that a similar enforcement strategy is likely to follow if results from these inquiries don’t meet regulatory expectations.

Market manipulation in commodities markets

The US CFTC has also been intensifying efforts to protect market integrity throughout the energy sector, where the effects of malpractice can cascade across global markets.

Most recently, TOTSA TotalEnergies Trading was fined $48 million for attempting to manipulate the EBOB gasoline futures market through spoofing - placing fake orders to artificially depress prices and boost short positions. Controlling over 60% of the market volume, TOTSA’s actions had a significant impact, and although the firm partially cooperated, its failure to preserve key WhatsApp communications led to an even steeper penalty. This particular case involved coordination with Swiss (FINMA) and UK (FCA) regulators, demonstrating the interconnected nature of modern commodities trading and the need for international collaboration in identifying and penalising perpetrators.

This is not an isolated incident. Just two months prior, Trafigura Trading LLC faced a $55 million fine for a series of violations, including market manipulation and the misuse of non-public information, as well as actions to obstruct whistleblower communications

Outside of the US, market manipulation fines tend to be levied against individuals, rather than firms. Whilst the magnitude of financial penalties might not match the North American sanctions, regulators are still demonstrating a zero-tolerance attitude toward cases of brazen misconduct.

Australia: ASIC charged four individuals for conspiracy to commit market rigging and false trading in a pump-and-dump scheme. Using a private Telegram group, they inflated penny stock prices before selling for profit. They face up to 15 years in prison and $1 million in fines.
Hong Kong: The Securities and Futures Commission (SFC) has intensified its crackdown on market manipulation.
- On 6 August 2024, Cheng Ming was charged with conspiracy to defraud in Hong Kong for his role in a ramp-and-dump scheme. Alongside 11 others facing trial, he is accused of manipulating stock prices to deceive investors. The case follows a joint investigation by the SFC and Hong Kong Police.
- Ms. Sit Yi Ki, Mr. Tam Cheuk Hang, and Ms. Lam Wing Ki received lengthy prison sentences for manipulating Ching Lee Holdings’ shares through false trading, deceiving investors and distorting stock value. This case resulted in the heaviest jail sentence for market manipulation since 2003, with $124.9 million in assets frozen by the SFC.
- In another Hong Kong case, an individual was ordered to disgorge $5.6 million in illicit profits after orchestrating false trading between personal and hedge fund accounts. He was also handed a four-year ban from dealing in securities.

Trade reporting

In Q3 2024, the SEC and CFTC penalised 13 firms for deficiencies in the accuracy and timeliness of trade reporting, with the largest fine of $5 million imposed on The Bank of New York Mellon (BNYM). BNYM was found to have misreported millions of swap transactions and failed to properly supervise its swap dealer operations. In addition to the fine, BNYM must engage an independent compliance consultant to strengthen its trade reporting systems, highlighting regulators’ growing distrust in firms’ ability to manage and remediate controls internally.

How technology solves the eComms regulatory challenge

Regulators are continuing to scrutinise firms that fail to prevent market-related communications on unmonitored channels. This focus is justified: without proper oversight, neither regulators nor firms can detect or prevent market abuse. While an initial solution may seem straightforward - banning or restricting off-channel communications - firms cannot stop there.

Once these communications are moved on-channel, the real challenge begins: extracting signals of suspicious activity from vast amounts of unstructured text data. Failures at this stage won’t just result in ‘recordkeeping fines’ but could lead to other serious repercussions, including failing to prevent market manipulation with tangible, traceable consequences.

eflow addresses this challenge by enabling firms to integrate their trade and eComms data, and analyse them together to provide full context for each trade. TZEC captures the full spectrum of electronic interactions taking place across your firm. It ingests and normalises data from various sources, employing advanced algorithms to detect anomalies and patterns that are indicative of suspicious behaviour, before linking them to relevant trade activity for further analysis. TZEC utilises eflow’s unique Global Lexicon Service so that financial institutions can identify signs of market abuse based on global data and behavioural trends, not just their own limited terms.

Follow these links for more information on eflow’s TZTS Trade Surveillance and TZEC eComms Surveillance solutions, or book a no obligation consultation to speak to one of our experts.

Harnessing technology: How asset and wealth managers are tackling market abuse

sales@eflowglobal.com (eflow) — Wed, 02 Oct 2024 10:59:00 +0000

Market abuse has long been a concern for both asset and wealth managers. Insider trading is the most prevalent type of non-compliant activity that they’re likely to come across in their work, but they also face risks including market manipulation, front-running and spoofing, among others.

Identifying and managing market abuse is a highly complex challenge for these types of firms due to the variety of asset types, diverse client portfolios, and numerous internal teams involved across trades. Building on this complexity, regulators have heightened their scrutiny, making compliance with frameworks such as MAR (Market Abuse Regulation) and MiFID II (Markets in Financial Instruments Directive) more demanding than ever before.

To navigate these challenges, many asset and wealth managers are increasingly turning to technology as a tool to enhance their regulatory oversight and control. In fact, recent eflow research reveals that 65% of firms in this sector have expressed “significant investment plans” in technology aimed at mitigating compliance challenges.

Understanding the complexity of market abuse risks for asset managers

Asset and wealth managers work with a wide range of asset types, each of which come with its own set of regulatory frameworks and risk profiles. Their clients vary from institutional investors to high-net-worth individuals, each with different objectives and reporting requirements. This means the potential for market abuse can arise from numerous angles, all of which need to be monitored.

This is in addition to the fact that regulatory expectations of financial firms have increased significantly. In recent years, authorities around the world have increased their scrutiny of operational practices, particularly in Europe with the enforcement of MAR and MiFID II. These regulations have expanded what constitutes market abuse and introduced more stringent compliance requirements, making it imperative for asset and wealth managers to adopt advanced technological solutions to avoid penalties.

How technology is streamlining asset managers’ trade surveillance

Automation of trade surveillance tasks

Traditionally, trade surveillance has involved manual, human led processes, where compliance teams have to filter through vast amounts of trading data and communications to identify any suspicious patterns. However, this can be a time consuming and resource intensive task, especially if the number of trades undertaken increases.

Many firms are now using technology, such as eflow’s TZTS Trade Surveillance solution, to manage these processes more efficiently. TZTS, for example, can process vast amounts of trading data, flag any irregularities in real time, reducing the likelihood of human error and enabling compliance teams to focus on high-importance issues. The system also uses automation and machine learning to enable faster, more accurate detection of suspicious behaviour.

Real-time data analysis

Data analytics tools play a crucial role in the detection of early signs of market abuse by analysing trading data in real-time. They can identify patterns which may signal potential misconduct, such as sudden spikes or drops in trading activity which could indicate insider trading or market manipulation.

For asset and wealth managers, identifying these patterns early provides their compliance teams with the data to investigate and act quickly before a minor issue escalates. TZTS uses integrated machine learning to learn from historic data and refine its algorithm to improve accuracy and reduce false positives.

Contextual insight

By pulling together multiple data sources, an overview of key contextual information can be created in one place, enhancing and easing the evaluation of potential market abuse. For example, when an alert is triggered, TZTS collates data from multiple sources, including trader details, counterparties, communications, market data, news events, global index movements, and portfolio information.

This holistic approach enables compliance managers to evaluate alerts with a full understanding of the factors surrounding the trade, providing deeper insight into potential risks without needing to manually gather and compare data from various sources. This integrated view makes it easier to identify patterns, improving the accuracy and speed of compliance efforts.

One source of truth

Asset and wealth management firms often involve multiple teams in the trading process, such as portfolio managers, compliance officers, legal departments, and operations staff, all of which interact at different stages. This complexity requires streamlined, coordinated surveillance workstreams to ensure that all activities are properly monitored and compliant with regulations.

TZTS’s integrated case management tool facilitates efficient communication within these teams by centralising information and enabling seamless collaboration. It also maintains a full audit trail of all activities, ensuring transparency and accountability across the firm while reducing the risk of errors or compliance breaches.

The increasing importance of eComms Surveillance

Communication between traders, brokers, portfolio managers, and other stakeholders are increasingly happening across multiple channels, including email, messaging apps, and more. These communications are key to detecting early signs of insider trading or market manipulation, and can play a vital role in analysing signs of market abuse when alerts are triggered.

Given regulators’ increasing focus on preventing market abuse, the surveillance of electronic communications (e-comms) has become an important element of a holistic trade surveillance strategy. In fact, having a robust e-comms surveillance system is no longer optional - it’s a necessity.

For asset managers, the key challenge lies in connecting the dots between e-comms data and actual trading activities. An isolated email might seem harmless, but when cross-referenced with trade execution data, it could reveal signs of insider trading or market manipulation. This is where integrated trade and communications surveillance systems come into play. eflow’s TZEC eComms Surveillance platform integrates with TZTS, combining the monitoring of trade data with real-time communication surveillance, offering a more comprehensive view of potential misconduct.

Conclusion: Technology is the key to navigating regulatory complexity

As regulatory scrutiny intensifies and market abuse risks become more sophisticated, technology is proving to be even more important for the asset and wealth management industry. By leveraging automation, data analytics, and integrated surveillance systems, firms can streamline their operations, reduce resource strain, and improve their ability to detect and prevent market abuse.

eflow’s surveillance technology solutions, TZTS and TZEC, provide asset and wealth managers with powerful tools to strengthen their regulatory controls. These solutions offer a more robust, efficient, and streamlined approach to monitoring compliance, enabling firms to stay ahead of evolving risks while meeting heightened regulatory demands with confidence.

Discover how it can benefit your firm by scheduling a free consultation with one of our experts.

US market abuse crackdown: How integrated surveillance can protect firms

sales@eflowglobal.com (eflow) — Mon, 30 Sep 2024 10:59:00 +0000

US regulators, led by the SEC and CFTC, have made headlines in recent years through their aggressive enforcement actions to safeguard market integrity. From proven market manipulation to trade surveillance lapses and failures in electronic communications (eComms) monitoring, regulators are sending a clear message: firms must have effective controls in place or face significant penalties.

These enforcements also indicate where regulatory scrutiny will likely fall in the near future. This blog explores the present environment by referencing major enforcement actions, sets out a view of what’s to come next, and how firms can best prepare.

Market manipulation enforcements

FINRA, the CFTC, and SEC have actively pursued direct cases of market manipulation. Recent enforcements have highlighted complex schemes, including:

Wash Trades and Non-Competitive Transactions: These trades, made between accounts under common control without real transfer of ownership, mislead the market. In one notable case, a Brazilian energy company and its Swiss affiliate executed 44 transactions involving over 50,000 sugar contracts, worth more than $1 billion. The firms misused competitive markets to facilitate the internal transfer of physical sugar between their entities, distorting the true market conditions.
Bear Raiding: TOTSA TotalEnergies Trading SA attempted to manipulate the Argus Eurobob (EBOB) benchmark for European gasoline by selling large quantities of EBOB gasoline at artificially low prices. These were then reported to Argus and incorporated into the benchmark price, benefiting its short position in EBOB-linked futures.

Regulators highlight system deficiencies

While some enforcements do not involve direct manipulative acts, they punish critical gaps in internal controls and monitoring systems that could allow market abuse to go undetected. These failures emphasise the urgent need for firms to regularly test and refine their surveillance frameworks to ensure that suspicious activity is not missed. This is an issue that exists in the context of both trade and eComms surveillance.

Trade surveillance

There have been several notable cases of trade surveillance system inadequacies picked up by US regulators in 2024:

Failure to configure systems properly: J.P. Morgan (May 2024) was fined $200 million for failing to properly configure data feeds for its trade surveillance system, resulting in billions of orders not being captured.
Gaps in surveillance reporting: Goldman Sachs (July 2024) failed to include certain securities (warrants, rights, and OTC equity securities) in its surveillance reports, leading to undetected suspicious activity over a prolonged period.
Inadequate monitoring and escalation procedures: TradeStation (February 2024) lacked proper procedures for escalating alerts from its automated surveillance system, leading to missed opportunities to detect activities like wash trading and pump-and-dump schemes.
Reliance on deficient third-party systems: Merrill Lynch (August 2024) relied on third-party surveillance systems that were later deemed by FINRA to be insufficient, limiting the firm’s ability to detect manipulative trades like prearranged trading.

eComms surveillance

In 2024, the enforcement landscape for eComms surveillance was marked by two significant waves of fines, primarily targeting broker-dealers and investment advisers. These actions revealed significant failures in maintaining and archiving business-related communications, particularly through unauthorised channels like personal messaging apps.

In February 2024, the SEC fined five broker-dealers, seven dually registered firms, and four affiliated advisers over $81 million for widespread violations of federal securities laws related to eComms recordkeeping. The August 2024 crackdown escalated these efforts, with the SEC imposing $392.75 million in penalties on 26 additional firms for similar failures.

These enforcement actions exposed significant gaps in internal controls across multiple firms, many of which admitted to non-compliance with regulatory requirements. While some firms reduced their penalties through self-reporting and remediation, the SEC’s ongoing focus underscores a zero-tolerance stance on off-channel communications and a commitment to enforcing robust recordkeeping standards.

What’s next?

From data to detection

US regulators have made it clear that accurate and comprehensive data collection, along with robust systems and controls, are foundational to maintaining market integrity. The enforcements of 2024 highlight the importance of getting the data right - from ensuring complete recordkeeping to deploying systems that can effectively analyse relevant transactions and communications.

However, as firms address these issues, regulators are likely to increasingly shift their attention to how effectively these organisations leverage trade and eComms data to detect and prevent market abuse. Compliance will not be a box-ticking exercise, but one that requires enhanced clarity and depth of insights to enable decisive action.

The case for an integrated approach

An integrated approach, where trade and eComms data are analysed together, provides firms with the vital context that is needed to construct the full story of a trade and detect malicious intent and potential market abuse.

Many firms still use siloed systems that require a significant amount of manual intervention and cross-referencing of data to link communications to their associated trades. However, by deploying a mix of process automation and machine learning, firms can not only capture and link data more effectively, but also interpret it in one holistic view. This also means that the technology can ‘learn’ the telltale signs of market abuse and apply these proactively to future communications surveillance.

This approach offers the more comprehensive and robust regulatory framework that regulators are evidently seeking, whilst also yielding additional efficiencies for firms prepared to take the next step.

A truly integrated system, that handles both trade and eComms data natively**,** maximises these efficiencies and is otherwise superior to the use of multiple separate systems that are “bolted-on”. A couple of key factors are easily overlooked:

First, native integration ensures data provenance - the ability to track and verify the origin and flow of data through the system. In a ‘bolted-on’ system, mismatches or manual errors can occur when linking different data streams, potentially leading to gaps or inconsistencies in the audit trail.

Second, data security is more robust in an integrated system. When trade and eComms data are handled together in one system, there is less risk of vulnerabilities that can arise when transferring sensitive information between separate platforms, such as security breaches or data losses.

Conclusion

While US regulators have been cracking down on systems and controls deficiencies, they have also been targeting cases of market abuse. As firms establish and improve data practices and surveillance systems, regulators will find more and clearer evidence of market abuse wherever it occurs, and firms will be left with no excuse for their regulatory non-compliance.

This next phase of regulatory scrutiny will require tools optimised for provenance, insights and action. Adopting a holistic, technology-driven surveillance approach will be essential for firms looking to meet these heightened expectations and to do so in an efficient manner.

For more information on how eflow can support your firm with a holistic approach to trade and eComms surveillance, explore our TZTS and TZEC products or book a consultation with our team of experts.

FCA requests details of communication policy breaches

sales@eflowglobal.com (eflow) — Tue, 24 Sep 2024 12:35:35 +0000

The FCA has requested that UK banks report details of any employees breaching their communication policies in a move signalling a further crack-down on controls around eComms monitoring and surveillance.

This follows reporting from FN that the FCA would begin to survey firms with regards to how they use and monitor messages sent using so-called off-channel communication platforms such as WhatsApp, Signal and Telegram.

With growing concerns around the increased risk of market abuse and insider trading caused by poor controls around off-channel communications, this recent flurry of activity may indicate that the FCA is looking to more closely align themselves with US regulatory standards.

The stance of US regulators

Since 2021, US regulators - namely the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) - have made the unmonitored use of off-channel communications an area of focus for regulatory enforcement. Tier one institutions such as Goldman Sachs, JPMorgan Chase and Bank of America have all faced such fines, with approximately $2.8bn in penalties being levied since 2021 for improper controls around communications surveillance.

While the FCA’s fines have been relatively small in comparison, this latest initiative may indicate a change in approach is forthcoming.

If results from this latest survey indicate a significant risk of market abuse and insider trading being created by failures in communications monitoring - a fact that seems likely if we consider the North American market - then further investigations and strengthened regulatory controls seem highly likely.

Why is communications monitoring important?

Ultimately, this focus on communications record keeping and monitoring is about transparency and risk management. If firms don’t have robust controls in place around off-channel communications, then traders will be able to send private, encrypted messages freely. As a result, firms will be unable to demonstrate their compliance with market abuse regulations to regulators and the risk of non-compliant activity will be increased.

Unmonitored communication channels create surveillance gaps, which in turn create points of risk; if employees are allowed to communicate about trades on unmonitored platforms, gaps in the regulatory audit trail are created. This leads to a heightened risk of market abuse and insider trading and a lack of demonstrable compliance with regulatory standards.

To that end, it is vital that firms track and analyse all relevant communications between employees. Not only does this limit the risk of abusive or insider trading, but it also allows firms to protect their own reputation and the integrity of the market.

How can firms protect themselves?

As the regulatory focus on robust record keeping and monitoring of communications grows, firms will need to prove to regulators that they have suitable controls in place if they want to avoid a regulatory backlash.

While simply keeping records of communications may have previously sufficed, firms today are increasingly expected to be able to actively monitor those communications for evidence of potentially abusive trading.

Recent technological advancements have allowed firms to implement solutions that can not only store records of communications, but actively surveil them for evidence of behaviours indicative of market abuse or insider trading. By harnessing machine learning technologies such as natural language processing and sentiment analysis, these tools can flag suspicious messages before linking them to relevant trades. This integrated approach allows firms to indicate that they are generating a holistic overview of risk which incorporates both communications and the trade data itself.

eflow’s eComms surveillance solution TZEC has been designed specifically to provide this service to firms. It can capture data from any platform - on- or off-channel communications, email or voice calls - analyse those communications for potentially suspicious language, then link those messages to relevant trades to provide a holistic overview of the entire trade lifecycle.

If you’d like to learn more about how TZEC could help your firm, book a consultation here.

How TZEC offers an integrated approach to eComms and trade surveillance

sales@eflowglobal.com (eflow) — Wed, 11 Sep 2024 12:06:00 +0000

TZEC is eflow’s multi-channel eComms surveillance system, designed to enable financial institutions to gain a comprehensive view of various communication channels, identify potentially suspicious behaviour, and make informed, data-led regulatory decisions.

Globally, financial regulators are increasingly focusing on how compliance teams manage the risk of communications across electronic platforms. Digital messages can often carry the first signs of potential market abuse, and regulators want to ensure that firms are monitoring these interactions and linking them to abusive trading.

eflow’s TZEC module captures the full spectrum of electronic interactions taking place across your firm. It ingests and normalises data from various sources, employing advanced algorithms to detect anomalies and patterns that are indicative of suspicious behaviour, before linking them to relevant trade activity for further analysis.

TZEC uses a unique Global Lexicon Service developed by eflow. This analyses language and vocabulary using global data and behavioural trends to identify potential signs of market abuse. This is then combined with a firm’s own Client Lexicon Service, which can be tailored to include company or industry-specific words, phrases and terms.

When combined with TZEC’s automated workflows, sophisticated machine-learning technology, and robust linkage capabilities, the system provides financial institutions with a depth and breadth of regulatory analysis that is simply unmatched.

The key benefits of TZEC

Thanks to its ability to undertake deep-dive analysis of all types of communication channels in a matter of seconds, TZEC enables firms to monitor, analyse and audit vast quantities of data while streamlining surveillance operations and mitigating against the risk of non-compliance. And because TZEC has been engineered to normalise any communications channel, firms have the peace of mind that any new channels can be onboarded effortlessly to future-proof their eComms surveillance strategy.

TZEC can digitally link suspicious communications to high-risk trade activity to provide additional context that can be used for further investigation. By directly associating communication data with trade activity, compliance teams can conduct more thorough investigations and make informed decisions based on a granular timeline of interactions that would have previously been hugely time-consuming to define accurately.

The system also utilises cutting-edge machine learning to evolve and enhance its ability to detect suspicious activity. For example, TZEC’s ‘sentiment analysis’ capabilities are able to determine whether a message contains threatening or coercive terminology, while the Global Lexicon Service monitors linguistic and behavioural trends to contextualise the potential risk associated with them.

Book a consultation

Across the globe, financial regulators are increasingly focusing on how compliance teams manage the risk of communications across electronic platforms. TZEC offers a robust, comprehensive solution for eComms surveillance, enabling financial firms to stay ahead of regulatory requirements and manage compliance risks effectively. Book a consultation today to see how TZEC can mitigate the threat of market abuse.

Trade surveillance, unstructured data and privacy concerns

sales@eflowglobal.com (eflow) — Mon, 19 Aug 2024 14:28:00 +0000

In recent years, we have seen the introduction of cutting-edge technology to the trade surveillance sector. This has revolutionised how data is collected and analysed together with the nature of these services. However, if we take a step back, many instances of market abuse are planned days, weeks, or even months before their execution.

The introduction of electronic communication data has given regulated firms the ability to take a proactive approach to market abuse and surveillance. When collecting data from various messaging apps, phone calls, emails, and other sources, it is now possible to convert unstructured data and analyse it in a structured fashion. With this, however, there arise issues around data protection and privacy, and how they balance with the legal obligations of financial institutions and regulators.

The role of trade surveillance in financial markets

Before we move to the complexities of unstructured data and privacy concerns, it’s essential to highlight the basic elements of trade surveillance within investment markets.

Monitoring financial data
Identifying market manipulation
Collating relevant data
Reporting to regulators

This brings us to the critical purpose of trade surveillance: to preserve market integrity, protect investors, and assist with the prosecution of those engaging in market abuses. We live in an era of high-tech trading systems and ever-more innovative market abuse strategies, and the cost of fulfilling regulatory duties continues to rise.

Understanding unstructured data in trade surveillance

The term unstructured data relates to datasets that can be human or machine-generated in a textual or non-textual format. In essence, they aren’t stored in a structured database format, making it difficult (if not impossible) to search and analyse in their original format. The most common forms of unstructured data include:

Emails
Word-processing documents
Audio files
Video files
Collaboration software
Instant messaging
Text messages
Phone calls

It is estimated that unstructured data makes up 80% of all enterprise data and this will likely grow in the future. Consequently, if your surveillance activities are based on only 20% of structured data, how much potentially incriminating information are you missing?

There are four critical differences between structured and unstructured data:

Defined vs Undefined
Qualitative vs Quantitative
Easy vs Difficult to analyse
Predefined format vs Variety of formats

While it is possible to store structured and unstructured data in the cloud, unstructured data requires significantly more storage space and is therefore less efficient. To balance this, the collating of unstructured data is less expensive than structured data and can be accumulated much quicker. Converting this data into usable information does require using the latest technology, such as AI, ML and Big Data analysis.

Privacy concerns and trade surveillance

There are broader issues when it comes to balancing the requirements for surveillance with the requirements under GDPR and the principles of data minimisation, wherein only data that is needed for the purposes (of surveillance) should be collected and processed. This helps firms to approach the dual requirements of promoting market integrity together with ensuring data privacy is ensured in a consistent, principle-led fashion.

It is estimated that broader unstructured data will reach a staggering 175 billion TB annually by 2025, presenting substantial logistical, analysis and cost issues. Under UK data protection regulations, companies must make sure that all information collected is:

Used fairly, lawfully and transparently
Used for specified, explicit purposes
Used in a manner which is only necessary for its purpose
Kept up-to-date where applicable
Accurate
Retained for no longer than is necessary (legally or operationally)

Data must also be stored securely, with access limited to relevant individuals and protected from loss, destruction, unlawful use, or damage. This brings us to cybersecurity, a broader topic that companies holding private and personal information must consider.

Addressing privacy concerns in unstructured data surveillance

As a RegTech, eflow feels it is essential to address the elephant-in-the-room: employee privacy concerns, especially in the context of unstructured data surveillance. Many people ask whether, as an employee of a company, you need to consent to surveillance of communication during your working day.

Where an employer can identify a lawful basis for gathering, analysing, and holding private data, consent would not typically be required from the individual(s). In this scenario, it would likely come under the “legitimate interest” basis in the context of the wider business operation and, in this case, abiding by strict regulations. As we mentioned above, there should be no scope to use the data collected for any other purpose, and it must be stored securely and accessed on a strict need-to-use basis.

It’s important to note that employers must make their employees aware of the surveillance systems and the specific scope. When it comes to data and privacy protection for third parties communicating with individuals within your business, this will again be covered by the legitimate interest argument.

Ironically, while we tend to focus on privacy and data protection, US regulators issued $2 billion in fines in September 2022 for the opposite. These fines related to the failure of several financial institutions to record communications on unauthorised messaging apps, most notably WhatsApp.

Financial institutions are being squeezed from both sides, data privacy regulations restrict the use of data collated and regulators are issuing enormous fines for failure to maintain communication records.

Converting unstructured data

As it stands, unstructured data offers little assistance for those looking to identify instances of market abuse. There may be elements you can extract, but due to the format at best this would be time-consuming, at worst, inaccurate and potentially misleading. To maximise the benefits of unstructured data it should be converted into a structured format.

The main stages of this process are:

Collating unstructured data
Create a preferred data structure
Cleaning the unstructured data
Entity extraction
Store the data
Analyse the data

The less structure, the greater the challenge to extract the relevant information and rebuild within a predefined structure. To ensure maximum accuracy, legal obligations and business responsibilities, constant data quality checks must be done, with tweaks and changes where applicable. This is not a one-off activity; this is something that should be ongoing at all times to fulfil regulatory liabilities and responsibilities to your employees and clients.

Regulatory compliance and data protection

As the digital era expands into more areas of everyday life, business, and personal, governments worldwide have been forced to respond to concerns about data protection and privacy. In the UK, we have the UK Data Protection Act (DPA) 2018, in conjunction with the General Data Protection Regulation (GDPR), which took effect on 1 January 2021.

The EU has similar regulations to the UK, and other countries, such as the US, China, Switzerland, Australia, Brazil, Canada, Hong Kong, and many others, have also introduced privacy and data protection regulations. This is relevant because investment markets are now global; as a consequence of the digital era, you can deal in foreign markets at the touch of a button.

While the specific regulations will vary across countries, if you look at UK and EU GDPR, this gives you an idea of the scope of the regulations. These include but are not limited to, the following:

Lawful, fair and transparent processing
Limitation of purpose, data and storage
Data subject rights
Consent
Personal data breaches
Privacy by design
Data protection impact assessment
Data transfers
Appointment of a data protection officer
Awareness and training

Data storage also presents legal and logistical challenges. For example, Swiss regulations stipulate that data collected in Switzerland must stay (and be processed) in the country. This can add additional layers of cost and compliance for financial institutions with operations worldwide.

Technological solutions and ethical considerations

Many would argue that trade surveillance in relation to electronic communication is a proactive approach to market abuse, as opposed to reactive and retroactive when using historical data to identify similar activities. Undoubtedly, AI, ML, and, in particular, Big Data analysis have allowed financial institutions and regulators to identify potential illegal activity much earlier.

The growing use of cloud services has significantly increased the speed of IT service delivery. This has helped reconstruct unstructured data in a structured format and analyse the information in real time. We know that fraudsters often use keywords and particular phrases that are replicated across connected communications. In normal circumstances, they may not stand out but are often signs and signals for criminals. However, incorporating Natural Language Processing (NLP) with the latest technology allows patterns, phrases, and individual words to be used as triggers.

While NLP has existed for more than 50 years, it has only recently started to play a significant role in trade surveillance. It has helped significantly reduce the number of false positives, allowing companies to focus critical resources and funding on more likely instances of market abuse. These may seem like subtle improvements, but the knock-on effect on efficiently using resources and finances is significant.

Conclusion

The depth and quality of trade surveillance available today have improved dramatically compared to just a decade ago, taking in not just actual trade data but also the monitoring of electronic communications. This creates the potential for a genuinely proactive approach to detecting market abuse, compared to the reactive and retroactive approach associated with monitoring and analysing trade data. However, this addition to the armoury of the financial services industry comes with challenges.

Data protection and privacy regulations have been enhanced in recent years with the introduction of the GDPR in Europe and the UK. Finding a balance between protecting and maintaining privacy while using unstructured data elements to identify illegal activity is challenging. There are strict regulations in both areas, trade regulations and data protection, with financial institutions caught in the middle.

We provide a range of trade and broader surveillance services so financial institutions can fulfil their regulatory obligations. This promotes a healthy relationship between financial institutions and regulators and, more importantly, helps to maintain the integrity of investment markets.

If you would like to discuss your options and our services, please book a consultation.

Why are firms turning to integrated eComms and trade surveillance?

sales@eflowglobal.com (eflow) — Fri, 26 Jul 2024 14:59:31 +0000

Firms’ communication channels have expanded significantly in recent years, especially with the pandemic highlighting the importance and adaptability of digital communication channels.

In the context of trade surveillance, it’s crucial for firms to recognise this expansion and meticulously evaluate the communications integral to their trade surveillance processes. This ensures they gain precise and actionable insights into potential misconduct, something that is increasingly pertinent to regulators investigating market abuse.

Consequently, many firms are now exploring ways to integrate eComms surveillance into their trade surveillance strategies.

Growing sophistication of market abuse

Firms and regulators continually face the daunting task of substantiating market abuse, requiring extensive investigations and intricate evidence collection. This challenge escalates as bad actors employ increasingly sophisticated strategies across diverse markets and products, while the increase of communication channels heightens the risk of unmonitored blind spots.

These combined factors significantly elevate the risk of non-compliance for firms. Without a comprehensive surveillance approach, piecing together a narrative behind suspicious trades and crucially, establishing liability in a legal context, becomes exceedingly difficult.

Increasing regulatory scrutiny

Integrating trade data and electronic communications surveillance is rapidly becoming an essential regulatory requirement. It is no longer viewed solely as a compliance measure but as a critical enhancement to the depth of data insights and clarity in decision-making available to firms.

With increased scrutiny on the quality of firms’ recordkeeping, the frequency and severity of enforcement actions is likely to expand globally. Regulatory bodies are growing impatient with incomplete data hindering market abuse investigations.

For instance, in the UK, Ofgem imposed a landmark £5.41 million fine on Morgan Stanley & Co in September 2023 for failing to record and retain electronic communications, marking the UK’s inaugural penalty under transparency rules aimed at combating market abuse and insider trading.

Firms must recognise that collecting and storing communication data is just the beginning. The real challenge—and necessity—lies in effectively leveraging this data to detect and comprehend market abuse. Regulators consistently rely on eComms data and expect firms to vigilantly monitor their operations with equal rigour.

Adopting a holistic approach to surveillance is imperative for firms committed to safeguarding market integrity and preserving their reputation, both with regulators and the public.

Cost pressures

Over the past few decades, as firms have adopted increasingly sophisticated surveillance technology, they have encountered operational challenges stemming from high false positive rates generated by isolated lexicon-based or basic sample-based surveillance methods. Integrated systems offer a solution by significantly decreasing the occurrence of false positives, thereby reducing the time compliance teams spend reviewing them.

Moreover, consolidating data analysis into a unified platform allows firms to streamline operations and lower operational costs. Integrated systems eliminate the necessity for multiple surveillance tools and minimise the administrative overhead associated with maintaining separate systems for trade and eComms surveillance.

TZEC: A holistic surveillance tool

TZEC - eflow’s integrated eComms surveillance solution - addresses these challenges by offering a highly configurable, holistic solution that uses eflow’s sentiment analysis tooling to accurately identify suspicious behaviour, link messages to associated trading activity, all while minimising the reporting of ‘false positives’ that can drain compliance resources.

Unlike existing systems that merely provide ‘archive and search’ functionality, TZEC utilises eflow’s Client Lexicon Service to learn firm-specific vocabulary and slang terms that are unique to that organisation. These are then combined with other wider linguistic trends and industry terminology through eflow’s Global Lexicon Service, which enables TZEC to continuously evolve and improve surveillance outcomes based on behavioural-led insights.

Discover how firms are advancing their eComms surveillance, and integrating with trade surveillance in our latest eBook. Download it today to delve deeper into this evolving trend.