FCA Market Watch and CBI ‘Dear CEO Letter’:

The FCA has published the following Market Watches; 79, 77, 76, 75 which have flagged deficiencies in firms’ market abuse surveillance systems. Firms are expected to have robust systems in place to detect, report, and mitigate market abuse risks. This includes effective trade surveillance and the prompt reporting of suspicious transactions and order reports (STOR). Topics covered in these editions of Market Watch include: the prohibition of Flying prices and Printing trades; the FCA’s expectations around trading during Market Soundings and the risks around insider information concerning MA activity.

Accurate and timely transaction reporting remains a critical area. The FCA across both Market Watch 78 and 74 have noted ongoing issues with the quality and completeness of transaction reports and has also provided a view on instrument reference data rejections. Firms are required to review their reporting frameworks and rectify any discrepancies to comply with regulatory standards. The recent report (81) highlights the root cause of current data issues which are tied to weaknesses within change management, existing reporting processes and control frameworks, data governance as well as oversight and resourcing. Given that these issues are raised again in the latest publication underscores the urgency for firms to take action.

The FCA and CBI emphasize the need for firms to strengthen their operational resilience frameworks. This includes ensuring that business continuity plans are robust, tested regularly, and capable of withstanding significant disruptions from cyber threats. In light of increasing cyber threats, regulators expect firms to implement comprehensive cybersecurity measures. This includes regular assessments of cyber risks, incident response planning, and ensuring that cybersecurity policies are embedded across all levels of the organization and that the required level of investment in advanced technology solutions is essential to enhance their compliance and risk management capabilities. Digital Operational Resilience Act (DORA) aims to address the resilience of firms and is expected to be implemented in the EU by January 2025.

Regulators underscore the importance of sound governance structures and a positive organisational culture. Firms are urged to conduct regular reviews of their governance arrangements and to foster a culture that prioritises compliance and ethical behaviour. Firms must ensure that governance structures are not only compliant but also effective in promoting a culture of integrity and accountability. Leadership should actively engage in fostering a culture that supports regulatory compliance and ethical behaviour. There is not a one size fits all for governance and firms must ensure that they have full accountability and traceability which can be achieved with documentation of issues from identification through to resolution.

There is a clear directive for firms to enhance their anti-money laundering (AML) and counter-terrorist financing (CTF) controls. This involves rigorous customer due diligence, ongoing monitoring, and ensuring that AML/CTF frameworks are aligned with the latest regulatory requirements. Our analysis shows that the FCA – AML failings are one of the top areas where firms have received significant fines over the last ten years totalling < £ 500 million pounds across 6 separate instances.

Firms should undertake thorough reviews of their compliance programs, surveillance systems, transaction reporting and control frameworks. External audits, and quality assurance can provide an independent, objective assessment and are vital to identify and rectify any weaknesses. This involves updating policies, investing in technology, and providing ongoing training to staff. Firms that are marking their own homework will fail to identify and resolve their issues.