The United Kingdom’s vote to leave the European Union roiled worldwide financial markets on Friday, and will dominate financial headlines for quite some time. On a less macro scale, a broker-dealer agreed to pay sanctions of US $415 million for not complying with the Customer Protection Rule of the Securities and Exchange Commission, while the SEC sued a UK citizen for purportedly hacking into the brokerage accounts of investors to trade on an unauthorized basis in order to benefit separate trading in his own personal account. Meanwhile, the CME Group brought disciplinary actions based on alleged violations of its rules related to block trades, exchange for related position transactions and wash sales. As a result, the following matters are covered in this week’s edition of Bridging the Week:
(Because of the US Independence Day holiday, this will be the last scheduled version of Bridging the Week until July 11, 2016.)
Two Merrill Lynch entities agreed to pay sanctions of US $415 million to resolve charges brought by the Securities and Exchange Commission that, contrary to SEC requirements, they failed to set aside sufficient funds for the benefit of their customers from 2009-2012 in its so-called “reserve account,” and failed to hold fully-paid-for securities of their customers in certain approved locations in lien-free accounts from 2009 to 2016. The SEC’s requirements are encapsulated in its so-called “Customer Protection Rule” (Rule 15c3-3; click here to access).
The two ML entities are Merrill Lynch, Pierce, Fenner & Smith Incorporated (MLPF&S) and its wholly owned subsidiary, Merrill Lynch Professional Clearing Corp. MLPF&S is itself a wholly owned subsidiary of Bank of America Corporation.
According to the SEC, during the relevant time, ML engaged in certain transactions with customers – known as “Leveraged Conversion Trades” to finance certain of its own business transactions. The SEC said the companies accomplished this by including margin loans to its customers as part of these trades, which had the effect of reducing the amount of cash or securities ML itself had to maintain in its customer reserve account. ML used this freed-up cash to finance inventory that was used in the trades and “ML considered the difference between the cost of financing the position through traditional means and through a Leveraged Conversion Trade as profit,” alleged the SEC.
In addition, the SEC charged that, during the relevant time, MLPF&S held a substantial amount of fully-paid-for and excess margin customer securities in clearing banks or other approved depositories subject to liens, contrary to SEC rule.
To resolve the SEC’s allegations, ML agreed to pay a fine of US $358 million, disgorgement of US $50 million and US $7 million in interest. The SEC acknowledged ML’s voluntary retention of an independent consultant to review its handling of customer funds and securities during the course of its investigation of the two companies.
The SEC commenced a separate enforcement action against William Tirrell, the Head of Regulatory Reporting and Financial and Operations Principal for MLPF&S during the relevant time where he oversaw the regulatory reporting for both companies. The SEC charged that Mr. Tirrell willfully aided and abetted ML’s violations. This action is pending.
Simultaneously with disclosing its actions against ML and Mr. Tirrell, the SEC announced a “Customer Protection Rule Initiative” to encourage broker-dealers to review their handling of customer funds and securities, and to self-report to it by November 1, 2016, any potential violation in order to receive favorable settlement terms in a potential enforcement action. For broker-dealers to benefit from favorable settlement terms, they must advise the SEC, among other things, of the period of noncompliance; the nature of the noncompliance; the amount of cash and/or securities at issue; and all remedial measures taken. At the same time it encouraged broker-dealers firms to self-report, the SEC announced it is embarking on a “risk-based sweep” of broker-dealers to assess their compliance with the Customer Protection Rule.
Unrelatedly, MLPF&S also settled separate actions brought by the SEC and the Financial Industry Regulatory Authority for allegedly not disclosing certain recurring costs in a structured note product based on a proprietary volatility index it sold to retail clients in 2010 and 2011.
According to both the SEC and FINRA, during this time, MLPF&S disclosed to investors they would be subject to a 2 percent sales commission and a 0.75 percent annual fee in connection with the structured notes, but did not disclose that there would be a recurring fixed cost known as the “execution factor” that was equivalent to the transaction costs that an investor would incur by pursuing the strategy underlying the notes.
MLPF&S agreed to pay the SEC US $10 million and FINRA, US $5 million, to resolve these two additional matters.
(Click here to access information about another recent enforcement action by the Financial Industry Regulatory Authority against a broker-dealer for an alleged Customer Protection Rule violation in the article, “Broker-Dealer Charged by FINRA for Failing to Protect Customer Assets” in the June 5, 2016 edition of Bridging the Week.)
Compliance Weeds: Under the SEC’s Customer Protection Rule, a broker-dealer must promptly obtain and maintain physical possession or control of fully-paid-for securities and excess margin securities carried for its customers (its so-called “segregation requirement”), and to set aside on at least a weekly basis in a special account for the benefit of its customers – its so-called “reserve account” – funds or qualified securities at least equal in value to the net cash it owes its customers. According to the SEC, a broker-dealer maintains physical possession or control of securities when they are held in an approved location specified in the rule and they are held “free of liens or any other interest that could be exercised by a third party to secure an obligation of the broker dealer.” In assessing its reserve account obligations, a broker-dealer may not employ any “device, window dressing or restructuring of transactions” solely to reduce the amount of customer credits over debits and enable it to set aside less cash or qualified securities for its customers. The requirement under the Customer Protection Rule that calculations related to the reserve account and required funding must be performed only once each week contrasts with requirements under rules of the Commodity Futures Trading Commission which mandate that such calculations and funding for its equivalent customer segregated accounts must be undertaken daily. (Click here for an overview of the customer funds protection regime for futures and cleared swaps in the November 2014 FIA publication, "Protection of Customer Funds.")
The Commodity Futures Trading Commission received 18 formal comment letters in response to its re-opening of the comment period for Regulation Automated Trading following a staff roundtable on June 10. Although there were no uniform topics addressed by all commentators, some themes were addressed similarly by multiple commentators particularly around risk controls, third-party provided software and systems, and source code.
In one comment letter submitted jointly by the Futures Industry Association, the Managed Futures Association, the International Swaps and Derivatives Association and the Asset Management Group of the Securities Industry and Financial Markets Association, the industry organizations urged the CFTC to separate and prioritize at this time its consideration of pre-trade risk controls from the remaining portions of proposed Regulation AT.
The industry organizations also emphasized that pre-trade risk controls are the responsibility of all market participants regardless of registration. However, futures commission merchants facilitating customers’ electronic access could be made responsible for ensuring that all orders are subject to pre-trade risk controls – either through “pre-trade risk controls provided by the FCM itself, or those provided by software that the FCM has administrative control over,” said the industry organizations.
The industry organizations also reiterated their prior objections to providing source code outside of a subpoena process, and encouraged the CFTC to adopt a “principles-based retention policy” as opposed to requiring the establishment of new, separate source code repositories.
ICE Futures U.S. echoed the industry organizations’ themes in its own comment letter by advocating that Regulation AT should be addressed in phases and that all market participants should maintain appropriate pre-trade and other risk controls.
IFUS also argued that the definition of Algorithmic Trading and AT Person should “focus on algorithmic trading activity that may pose a risk to the derivatives markets” as opposed to the definition as currently proposed in Regulation AT that it claimed “is overly broad and may include a wide range of market activity that does not capture the type of systemic risk that Proposed Rule attempts to target.”
The Commercial Energy Working Group, the Commodity Markets Council and the Electric Power Supply Association submitted a joint comment letter that repeated themes raised by the industry organizations and IFUS. According to this letter, the CFTC should not adopt a quantitative measure to establish who AT Persons are, but instead should “focus its resources and efforts on (i) identifying market participants whose automated trading activities present a legitimate threat of systemic risk to commodity markets, and (ii) requiring the application of appropriate risk controls to mitigate such risks.”
CME Group argued that Regulation AT should not mandate that designated contract markets “prevent” algorithmic trading disruptions or compliance issues. According to CME Group, “no rule…can always prevent disruptions and other operational problems...” and thus a “prevent” standard is not achievable. Accordingly, CME Group recommended that the CFTC “adopt a standard that [solely] requires DCMs to implement tools to mitigate the effect of an Algorithmic Trading Disruption.”
Both the industry organizations and Quantitative Investment Management raised in their comment letters concerns about the practicality of AT Persons conducting system testing, as required by Regulation AT, on third-party provided Algorithmic Trading systems and software. According to QIM, “[d]espite contrary assertions at the Roundtable, clients of many [independent software vendors] have limited ability to comprehensively test ISV algorithms.”
Trading Technologies, in its comment letter, argued that requirements related to the testing of source code “should focus on the output of an Algorithmic Trading system or software rather than the source code underlying such systems or software, which would yield no material benefit.”
Taking a different perspective, Better Markets argued that source code should be made available to the CFTC upon its request – potentially in real time and not just through subpoenas – in order to facilitate its timely investigations. The self-identified public interest group also requested that the CFTC reconsider its proposed exclusion of the application of Regulation AT to trades executed on swap execution facilities.
(Click here for background on Regulation AT in the article, “CFTC’s Proposed New Algorithmic Trading Rules Augur Potential Increased Obligations and Costs, and a New Registration Requirement” in the November 29, 2015 edition of Between Bridges.)
Compliance Weeds: As I have written before, there are only two types of financial services firms: those that have experienced cybersecurity breaches and addressed them, and those that have experienced cybersecurity breaches and did not know. By now all financial service firms—no matter what size—should have assessed or be in the process of assessing the scope of their data (e.g., customer information, proprietary), potential cybersecurity risk, protective measures in place, consequences of a breach and cybersecurity governance (e.g., how would they react if a breach occurred) in order to evaluate their cybersecurity needs and develop a robust protective program. Engaging an outside consultant to try to penetrate a firm’s system is also advisable, as is ensuring that each third-party service provider that accesses a firm’s data has its own, robust cybersecurity program. (Click here for a detailed discussion of cybersecurity and a comprehensive checklist of practical measures in the June 24, 2015 Advisory “Cyber-Attacks: Threats, Regulatory Reaction and Practical Proactive Measures to Help Avoid Risks” by Katten Muchin Rosenman LLP.) All members of the National Futures Association were required to adopt and enforce written policies regarding cybersecurity by March 1, 2016. (Click here for details in the article, "NFA's Interpretive Guidance Regarding Cybersecurity Becomes Effective March 1, 2016" in the October 25, 2015 edition of Bridging the Week.)
Compliance Weeds: Currently, once a party is solicited for a block trade, it cannot disclose the details of the solicitation to any other party except to facilitate the execution of the block trade. This ban is in effect until a public report of the block trade is made by the exchange. Moreover, pre-hedging, anticipatory hedging or trading ahead of any portion of a block trade in the same product or a closely related product is prohibited following solicitation to participate in such transaction. Counterparties to the block trade, however, may initiate trades to hedge or offset the risk of a block trade as soon as they execute the trade, even before the public report of the trade by the exchange. (Click here to access the relevant CME Group Rule 526 and here to access the related advisory notice regarding block trades.) Recently, ICE Futures U.S. proposed a rule change that would permit pre-hedging of block trades under certain circumstances. (Click here for background regarding this proposal in the article, “IFUS and ICE Futures Europe Update Block Trade Guidance” in the June 5, 2016 edition of Bridging the Week.)
Legal Weeds: NASDAQ Oslo appears to suggest that even negligent conduct might provide the basis for a finding of market manipulation, no matter that the conduct is concededly inadvertent. In its warning letter to J. Aron the exchange observed that “the trader at least should have been aware that [his] actions gave or were likely to give false or misleading signals to other market participants and, in addition to having deleted the erroneous sell order, the trader should also have informed the Broker and in addition Nasdaq Oslo Market Surveillance of the error. The Board finds that the trader showed negligence when giving misleading signals.” This seems an unexpectedly low bar and contrary to the traditional standard in legal actions involving manipulation that there be a finding of intent, or even a finding of intent or recklessness to show a manipulative device, scheme or artifice to defraud.
And more briefly:
My View: Last Thursday, UK citizens formally expressed their frustration with the status quo by voting that their country should leave the EU. The following day, markets expressed their grave concern regarding the potential consequences of Brexit by hammering both the British Pound and Euro currencies, and stocks worldwide. Financial markets do not favor uncertainty, and no one can predict with certainty how this dissolution process will play out or what impact it may have on world economies, let along on the UK and EU themselves. That being said, what surprises me is the surprise many had with the outcome on June 23. I certainly could not predict the Brexit vote, but it is clear that, worldwide, there is an accelerating momentum for quick fixes to very complicated underlying issues that have fueled economic and safety concerns by many persons. As a result, proposed solutions that seem to offer anything but the status quo are embraced enthusiastically without regard to merit or consequence. This seems irrational, but a great many people are simply scared of the future and believe they have no other alternative than to try something radically different. It will be politically difficult for leaders of the EU to negotiate departure terms for the UK that maintain and, in fact, nurture the important mutually-dependent relationship between the EU and UK for fear it might encourage other countries to leave the EU. However, this is not time for vengeance, and the need of the EU and the UK to remain close partners is not diminished by the Brexit vote. Here is a chance for politicians on both sides of the English Channel to do the right thing to calm nervous markets while at the same time addressing both the rational and irrational (but no less real) concerns of so many. Let’s hope they succeed.
For more information, see:
Broker-Dealer Agrees to Pay US $275,000 to Resolve Faulty Short-Interest Reporting FINRA Disciplinary Action:
Broker-Dealer Sanctioned US $415 Million by SEC for Violating Customer Protection Requirements:
Customer Protection Rule Initiative:
CFTC Commissioner Muses on Corporate Governance and Testing Requirements for Swap Intermediaries While ESMA Chair Muses About CCP Resolution and Monty Python:
CFTC Receives 18 Formal Comment Letters in Response to Staff Reg AT Roundtable; Myriad of Issues Raised:
CFTC Seeks Public Comment on Clearinghouses’ Swap Clearing Requirement Recommendations:
One FCM Agrees to CME Group Settlement for Pre-Hedging Block Trades and Another For Entering Into Wash Sales to Help Client Freshen Positions for Deliveries:
IOSCO Recommends Better Data Collection by Regulators From Asset Managers:
Exchange Issues Warning to Trading Firm for Non-Intentional Sell Instead of Buy Order of Electricity Futures Relying on Its Market Manipulation Prohibition:
NFA Late Fees for Tardy PQR and PR Filings to Go Into Effect for Reports Dated September 30 and Later:
SEC Sues UK Resident Accused of Hacking Brokerage Accounts of US Persons to Place Unauthorized Trades:
The information in this article is for informational purposes only and is derived from sources believed to be reliable as of June 25, 2016. No representation or warranty is made regarding the accuracy of any statement or information in this article. Also, the information in this article is not intended as a substitute for legal counsel, and is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The impact of the law for any particular situation depends on a variety of factors; therefore, readers of this article should not act upon any information in the article without seeking professional legal counsel. Katten Muchin Rosenman LLP may represent one or more entities mentioned in this article. Quotations attributable to speeches are from published remarks and may not reflect statements actually made.