The mission of the Securities Exchange Commission (SEC) is to protect investors, maintain fair, orderly, and efficient markets and facilitate capital formation. The SEC’s goal is to promote a market environment that the public finds trustworthy. In order to accomplish this, SEC oversight of the financial sector includes the following activities:
While the SEC will focus on a number of different areas of oversight, as part of their remit for 2022, the Transfer Agents Division of the SEC, “will continue to examine core functions of transfer agents including the timely turnaround of items and transfers, record keeping and record retention, and safeguarding of funds and securities.”
The original SEC record keeping rules were outlined in the Securities and Exchange Act of 1934 (“SEA”). Given all the changes that have taken place with respect to technology, data and privacy, the SEC has implemented several updates which better align record keeping rules with today’s financial markets and institutions. Key changes or amendments that were put in place were Rules Title 17, Chapter 2, part 240 Rule 17a-3 and Rule 17a-4 as well as Rule 18a-5 and Rule 18a-6.
Rule 17a-3 of the SEA highlights examples of the books and records broker-dealers are required to retain, such as:
While Rule 17a-3 primarily outlines what types of books and records must be retained, Rule 17a-4 primarily outlines how the records must be retained and the length of time for which they must be retained.
According to 17a-4, records must be retained and indexed for a period of no less than three years with immediate access for two years. In certain cases, records must be retained for a minimum of six years. Rule 17a-4(f) states that the “records required to be maintained and preserved” can be stored on “micrographic media … or by means of electronic storage media.” The rules for ‘electronic storage media’ are as follows:
records must be preserved exclusively in a non-rewriteable, non-erasable format, write once and read many (“WORM”)
the quality and accuracy of the storage media recording process must be automatically verified
originals need to be serialized and, if applicable, units of storage media must be duplicated and have the time-date for the required retention period on the storage media
the media recording process must contain the ability to readily download indexes and the preserved records to any medium
There are a number of broad challenges related to record keeping, regardless of the regulatory agency rules.
One of the first and biggest challenges relates to being able to identify which records need to be retained and produced.
Building the inventory of records requires an understanding of which products/services the institution operates within, and then based on this, which rules and records are within scope.
In addition, new record keeping rules require institutions to review any new requirements and assess whether improvements in technology are required to meet minimum standards for SEC record keeping. This can be costly in terms of both time and money.
Another challenge includes the volume of data and the complexity of technologies. The sheer amount of data institutions are faced with capturing and retaining creates a serious challenge as far as what is to be collected and how to retain it.
The complexity of technology such as outside messenger services like WhatsApp creates a number of challenges as far as tracking and retaining these communications. As more and more interactions, both internally and externally, are being conducted on mobile or non-work devices, tracking and keeping those records has become increasingly difficult.
SteelEye provides an efficient and reliable response to firm's SEC record keeping needs. The platform brings together structured and unstructured data from a wealth of sources and stores it in an immutable format, WORM compliant format.
This practice is done to ensure firms are not participating in any manipulative or deceptive trading practices. Market manipulation rules by the SEC fall within section 9 and 10 of the Securities and Exchange Act of 1934, which prohibits manipulation of security prices and regulates the use of manipulative and deceptive devices. This therefore gives the SEC the issue enforcement actions against firms for any violation of rules set out in Section’s 9 or 10.
Additionally, SEC Rule 206-4 requires investment advisors to implement internal compliance controls that will detect and prevent regulatory violations; establish supervisory policies and procedures for client communications; and monitor the accuracy of disclosures made to investors, clients, and regulators, among other things.
To meet SEC trade surveillance and market manipulation rules it is imperative that firms have in place a supervisory oversight program covering trades and communications. Such a program should include policies, processes and controls designed to ensure there is no violation of the regulations and rules.
While the SEC does not prescribe exactly the way in which surveillance of trades and communications must be carried out, there are aspects of supervisory oversight that firms must adhere to in order to meet SEC regulatory guidance. Firms should be aware of the fact that the SEC retain the right to examine surveillance and communications programs in order to check whether the programs are appropriate to meet the regulations at hand.
The concept of market manipulation is broad in nature, but may include any of the following activities:
“Pump and Dump”, where insiders gain a controlling interest in a security and then hype the stock to generate artificial interest in the security, which they then use to their own benefit
“Churning”, where a trader executes both buy and sell orders at approximately the same price in order to create greater activity in the security
“Wash Sales”, where one takes both the buy and sell side of a trade using a third party to generate increased activity and thus increased price
“Price-Fixing”, which is a relatively simple and straightforward type of fraud where those who publish a price conspire to set it falsely and benefit their own interests (e.g. the LIBOR scandal)
Read about prominent market abuse behaviors here.
There are many challenges firm’s face in relation to trade and communications surveillance and market manipulation rules. Below sets out a few examples. However as many firms operate in different manners, additional challenges may present themselves, which will also need to be accounted for.
One of the biggest challenges the industry faces concerning trade and communication surveillance is the broad nature of the rules themselves. The rules are written with no prescribed way in which surveillance should be conducted, allowing the SEC a significant amount of room to determine what they deem as violations of market manipulation rules and take enforcement action.
More widespread use of new communications channels such as third-party apps like WhatsApp or iMessage, prompted by the Covid pandemic and increases in remote working, makes surveillance even more challenging for compliance teams. This is because communications on new channels either need to be captured or made prohibited through a corporate policy. But when a platform is banned, firms need to be able to identify intent among employees to, for example, start talking on this unmonitored channel to ensure policies are being adhered to. This can be done through lexicon searches for phrases like “let’s talk on WhatsApp”. However, a lot of surveillance technology is not up to date with modern ways of communicating.
A firm’s ability to distinguish between clear signals of wrongdoing and simply ‘noise’ within the trading environment makes it even more challenging for firms to comply with SEC market manipulation rules. Many trade surveillance systems find it difficult to distinguish between false results (or "false positives") and instances that actually warrant an investigation. Additionally, there needs to be evidence of intent, which further complicates matters for firms.
Surveillance doesn't have to be done holistically. In fact, many firms today still use different systems for different types of data or even asset classes. For example, many financial firms carry out their communications and trade surveillance separately, through different platforms. However, trades don’t happen in isolation and this data is deeply interconnected. Disparate data not only impacts the time it takes for firms to respond to potential instances of misconduct or market manipulation but it also prevents them from getting a holistic view of their trading operations.
There have been a number of enforcements related to SEC market manipulation violations. Two large violations that have occurred more recently include:
Holistic surveillance solution that delivers simple, effective and efficient supervisory controls. The platform brings together multidimensional data on a single, flexible platform with rich reporting, automated workflows and analytics that identify suspicious activity, quickly.
(Section 9 – page 85, Section 10 – page 89)