Trade Talk Blog

The official blog of Trading Technologies, your source for professional futures trading software.

← Back to Trade Talk Blog

On January 29, 2018, the CFTC and the DOJ coordinated announcements regarding the filing of civil enforcement actions by the CFTC, naming five corporations and six individuals, and the filing of criminal actions by the DOJ against eight individuals (including six of the same persons named in the CFTC actions), for engaging in, or aiding and abetting, spoofing in the U.S. futures markets. The CFTC actions imposed fines ranging from $1.6 million to $30 million, which was the highest CFTC spoofing penalty to date. The announcement also marked the largest futures market criminal enforcement action in the history of the DOJ.

According to CFTC Division of Enforcement Director James McDonald, the cases were investigated by the CFTC’s newly formed Spoofing Task Force, comprised of personnel from CFTC offices across the U.S. Acting Assistant Attorney General John P. Cronan also made it clear in his statements that the Criminal Division of the DOJ and its law enforcement partners will leave no stone unturned in their efforts to combat and eradicate illegal, fraudulent and manipulative market conduct. Based on these comments, it appears rather likely that this coordinated announcement was just the first of many that will be made by the CFTC and DOJ in the upcoming year about cracking down on spoofing activity.

The purpose of this blog post, though, is not to instill more fear about today’s regulatory environment—the regulators are doing a good enough job of that themselves. Instead, what we would like to provide is a closer look at exactly how traders and compliance officers can leverage TT Score’s machine learning technology to supercharge their compliance systems and instantaneously detect the complex patterns of spoofing activity that are drawing increased regulatory attention.

After reading the complaints, what stood out to us was just how much the spoofing patterns varied from case to case. We have spoof orders as small as 22 contracts, ratios of 1:1 spoof to legitimate orders using icebergs, spoof orders broken up into many small orders, spoof orders in the market for minutes and others for a fraction of a second. The amount of variables in each of these simple spoof matters is staggering, yet they are only a fraction of the variables that can change from one spoof pattern to another, especially when dealing with the more sophisticated forms of spoofing that have evolved in recent years.

Prior to the introduction of TT Score, all of the trade surveillance systems available in the marketplace relied on human-made parameter models. These human-made models require that the traders and compliance officers themselves engage in manual parameter selection to generate “alerts” that may (after further investigation) reveal an instance of potential spoofing activity. These surveillances need to be constantly adjusted and revised based on new information, such as the aforementioned enforcement actions. A Sisyphean task if there ever was one.

Designing a surveillance using rules and thresholds to detect all known variations of spoofing would be nearly impossible without opening the floodgates of false positives. Humans are constrained by imperfect and limited memory, cognitive biases, time, etc., and even minor mistakes in parameter selection can lead to both false positives and (in the worst case scenarios) false negatives.

The solution to this puzzle is to employ more sophisticated and powerful technology. The machine-learning models that power TT Score have been trained with positively labeled regulatory case data by a team of data scientists and domain experts to recognize the mathematical vectors (“features”) of manipulative trading activity, thereby removing human intuition from the process.

A feature is like a parameter in some ways; it’s a measurement or ratio of some key piece of information within the clustered activity (e.g., cancel to fill ratio), and TT Score’s spoofing model has a set of 30+ unique features that are used in various combinations to construct 1,000 unique “probability trees,” all of which are run on every clustered segment of trading data. What this means is that every single cluster of trading events is looked at in 1,000 different ways and assigned 1,000 different probabilities, which are computed to a single similarity score.

Contrast this with a rules-based system where nothing is reviewed unless all rigid preset thresholds are met:

rule based trade surveillance decision tree

Now TT Score’s method:

tt score trade surveillance probability tree

By taking this approach, TT Score’s machine-learning spoofing model is both more powerful and flexible than a human-made model, allowing just the single model to detect and classify an essentially unlimited amount of patterns of activity that have a high probability of drawing regulatory attention.

TT Score’s spoofing model also has the unique ability to adapt over time as market abuse evolves and regulatory priorities change without ever having to tune a parameter again. As a result, all of the advanced analytics and workflow prioritization is done before the user even opens the tool.

If you’re at all curious as to how TT Score could replace or supplement your current surveillance software, you can see TT Score’s spoofing model in action for yourself run on your own data. To schedule a demo of TT Score, contact your TT Sales or Customer Success Manager.