The Radar Guide To Spoofing

(Or, how to spot rogue trading and save your firm tens of millions of dollars.)

Three European banks and eight individuals were charged in January with the largest criminal takedown of fraudulent activity in the futures market to date by the US Commodity Futures Trading Commission.

Deutsche Bank AG, HSBC Securities and UBS AG agreed to pay more than $40m between them for their part in the commodities fraud and spoofing schemes.

Seven of the eight individuals were charged with the crime of spoofing, an illegal trading practice that can be used to manipulate the commodities markets, but only a handful of individuals have ever been publicly charged with the crime of spoofing.

What is spoofing and layering?

Spoofing is a practice in which traders attempt to give an artificial impression of market conditions by entering and quickly canceling large buy or sell orders onto an exchange, in an attempt to manipulate prices.

Though the tactic has long been used by some traders, regulators have only recently begun clamping down on the practice.

Layering is a more specific form of spoofing, and occurs when a trader places multiple orders that he has no intention of executing. The fake orders trick other market participants by creating the false impression of heavy buying or selling pressure.

The rogue trader places subsequent sell orders for the security at successively lower prices as the best ask price falls (to increase the appearance of selling interest). When the price has dropped sufficiently, the trader makes a real trade, buying the stock at the now lower best ask price, and cancels all the sell orders.

Spoofing is hard to detect because it is typically a solo act and communication trails are often thin and easily attributable to other instances of market activity or just trivial discussions.

Moreover trade data in isolation is not easy to monitor because placing and cancelling orders is not immediately indicative of spoofing. The tools to protect against spoofing are aggregating multiple data points (trade, comms, market data) in one place to run analytics in concert.

• Are there permanent chat rooms with traders from different banks? If so, why? Should you look at reporting on chat rooms?
• Are your traders having an unusually high volume of comms with competitors or brokers? If so, why?
• Are your traders displaying unusually strong relationships with others in financial services, if so, why?