A recent flurry of criminal and civil spoofing charges includes a novel theory of liability against an independent software vendor (ISV). Trillium’s Michael Friedman reviews the new filings and highlights the risks for other ISVs going forward.

Eight individuals were criminally charged with spoofing in the futures markets last week, and parallel civil enforcement actions were also filed against them and three banks: Deutsche Bank, UBS, and HSBC.

While these actions all began with the same starting gun, they are more of a medley than a relay. The eight criminal defendants are only partially related to one another. Three were former colleagues at Deutsche Bank of a ninth defendant who pled guilty to criminal spoofing last June and agreed to cooperate. A fourth worked with one on the DB defendants after he moved to BAML. Three others were traders at UBS in Stamford, at Tower Research in Chicago, and at Propex Derivatives, a small prop trading firm in Sydney, Australia. The last was not a trader at all, but rather a software developer who built trading tools for Nav Sarao (the London trader accused in 2015 of causing the May 2010 Flash Crash) that enabled Sarao to more easily reposition his spoofing orders.

The three bank actions, which settled for $30 million (DB), $15 million (UBS), and $1.6 million (HSBC), all involved reductions in penalties for substantial cooperation by the defendants, and the two with the larger fines also involved different traders manipulating prices in order to deliberately trigger customer stop-loss orders.

Most of the fact patterns in these cases are very familiar by now: several involve traders at big banks openly coordinating their manipulations in recorded instant messages with colorful British trader slang and time stamps from 2008; all involve classic spoofing, entering large orders to create an order book imbalance in order to induce others to trade against smaller or hidden opposite side orders.

The one action that breaks new ground, both legally and factually, is the case against Jitesh Thakkar, Nav Sarao’s software developer. Thakkar is charged with designing and building custom software that would automatically reposition Sarao’s bids and offers to the back of the queue at a particular price tier, making them less likely to be filled.

The charges against Thakkar are notable for at least two reasons.

First, they appear to be defensible.

Market makers routinely use specialized order types or order entry algorithms to minimize the risk of getting “run over” when prices move significantly. As I wrote in 2015 when the Sarao charges were first announced, the major exchanges each offer an order type called an “offset peg” that automatically repositions quotes away from the spread to make them less likely to be filled as market prices change. These tools can be misused to spoof, but they can also be used legitimately to manage risk when providing liquidity. The difference is often whether they are used with balanced two-sided quotes (good), or just on one side to create a low-risk order book imbalance (bad).

Prosecutors may have evidence that Thakkar knew Sarao was using his software specifically to spoof, but the mere creation of software to reposition quotes away from the market seems insufficient to prove any, much less criminal, wrongdoing.

Second, the charges against Thakkar should make independent software vendors very nervous.

For the first time, prosecutors and regulators are seeking to hold someone other than the trader originating the orders, or the broker bringing the orders to market, liable for spoofing. There are many other participants in the trading industry whose services are in some sense necessary to the commission of spoofing–software and telco providers, clearing firms, order routers, exchanges–but none of them have ever considered themselves at risk for spoofing liability, until now.

To be sure, there are strict limits on secondary liability. To prove any of the conspiracy or aiding and abetting charges brought by prosecutors and the CFTC, it must be established that Thakkar knew that Sarao planned to use the software to spoof.

When a service provider sells an off-the-shelf product or service with obvious legitimate uses and has no specific knowledge of a criminal’s plans, he will not be charged, even when the thing he provided is used by another to commit a crime. But the more customized the product or service is, the greater the risk of liability. If a buyer requests specialized features that could only be used for illegal purposes, the seller can be liable. This appears to be the government’s theory in the Thakkar case.

Independent software vendors should consider this carefully in deciding whether to build custom features going forward. If there is any reason to believe the buyer may be using the custom features for illegal purposes, there is now a risk that the seller will be held liable.

Morover, to the extent the charges against Thakkar are based on him having knowledge of trading data sufficient to tell him Sarao was spoofing, ISVs that provide front-end order-entry interfaces may now face liability even without building custom features. Order entry ISVs have access to their customers’ order messages, data sufficient to determine whether their customers are spoofing.

Brokers, who have long been held legally responsible for the wrongdoing of their customers, have developed robust “know your customer” and trade surveillance checks to manage that risk. Last week’s filings may be the dawn of a great expansion of those checks into other buyer-seller relationships.