Last week, the enforcement divisions of the three major exchange groups released a settlement agreement with JP Morgan Securities imposing an $800,000 fine for inadequate pre-trade controls and post-trade surveillance.

The post-trade surveillance portion of the settlement agreement revealed that JPMS used an unnamed “commercial non-proprietary Third-Party Surveillance System” (it wasn’t Surveyor), but set the parameters of that system “at levels that were unreasonable to detect activity that may be indicative of layering and spoofing activity.”

The settlement agreement explained:

“For example, one threshold requires that potential non-bona fide orders must be priced within a certain number of ticks of the NBBO which, as currently employed by the Firm, would fail to identify instances of potential layering or spoofing when the non-bona fide orders were displayed and priced at the NBBO or established ‘a new best bid or offer.’ Additionally, another threshold requires that the volume on the opposite side of the market must exceed a certain set percentage of the ADTV of the relevant security for the preceding 30 day period in order for an alert to be generated. However, since this percentage is the same for all securities regardless of the ADTV of a security, this exception report would be less likely to identify potential layering or spoofing in a security with a significant ADTV.”

As a result of these mis-set parameters, JPMS’s trade surveillance system failed to detect “potentially violative spoofing activity” over a three month period in 2015.

This is not the first time a large brokerage firm has been sanctioned for investing in a commercial trade surveillance platform but then not using it properly. In 2015, the same SROs fined Wedbush Securities $1.8 million for, among other things, implementing “some surveillance reviews via Nasdaq’s SMARTS surveillance system,” but then assigning only one individual to review the output of that system. The SROs found that “given Wedbush’s status as a leading liquidity provider, it was not reasonable to assign just one person to this task.” The one reviewer fell behind in his work, and did not review numerous instances of potential manipulative activity by Wedbush customers over a three month period in 2013.

In addition, several firms have been sanctioned for attempting to build their own trade surveillance systems that either (i) did not adequately detect manipulative conduct or (ii) were manually adjusted to reduce the number of alerts, to the exclusion of events that required attention. FINRA’s 2016 settlement with ETC and the SEC’s pending enforcement action against Lek Securities both involve that fact pattern.

The common thread in these cases is that trade surveillance platforms often generate a lot of alerts, many of which are false positives. A common response to that problem is to adjust the system’s parameter settings to reduce the number of alerts. Such adjustments are fraught with risk. The goal of any adjustments must be to improve accuracy, a by-product of which may be reduced alert counts. Reduced alert counts alone cannot be the primary goal.

At Surveyor, our starting point for designing or modifying detection filters is always accuracy. We are the only trade surveillance platform that uses depth-of-book market data to determine whether a trade sequence does or does not generate an alert. Our method for doing so is patented. By looking not just at our customers’ order sequences, but where they occurred in the order book and how other traders reacted to them, we are able to automatically exclude many legitimate trade sequences that our competitors cannot. In most cases, this preempts the problem of “too many alerts” before it begins.

To be sure, there are occasional instances where a new customer has an unusual style of trading that triggers repeated alerts but is objectively not manipulative. We do make filter adjustments in those circumstances, but any changes are back tested against our library of customer trade data before being released into production, to ensure that other valid alerts are not inadvertently excluded by the change.

It also helps to rely on a third party trade surveillance vendor to decide what filter changes should or should not be made. In several of the cases listed above, the broker deliberately modified its filters to avoid flagging the regular trade activity of a lucrative customer. A third party vendor is less likely to be play favorites with which customer’s alerts are excluded by a parameter change. In the JP Morgan case, there is no indication of such willful avoidance, but the broker did make changes that left open a gap in its surveillance umbrella. Relying on third party vendors allows brokers to leverage the vendor’s expertise in current industry standards and the most current enforcement precedent to avoid such gaps.