Citi Agrees to Adopt Compliance Program and Pay CFTC $25 Million for Alleged Spoofing

Emily HayesCase Studies, Market Rules & Responsibilities

citi-cftc-spoofing

Citigroup Global Markets Inc. (Citi) settled with the Commodity Futures Trading Commission (CFTC) on January 19, 2017 over the CFTC’s allegations that five traders at Citi “spoofed” the U.S. Treasury futures markets and that Citi failed to supervise the trading activity of its employees.  Pursuant to the Order, Citi must pay a fine of $25,000,000 and must maintain systems and controls that, at a minimum, detect and generate reports on trading activity that may be spoofing. 

According to the CFTC, Citi’s traders entered approximately 2,500 bids or offers between July 16, 2011 and December 31, 2012 in the U.S. Treasury futures markets with the intent to cancel the orders before execution.  The traders allegedly placed large orders on one side of the U.S. Treasury futures markets after the traders had placed smaller orders on the opposite side of the relevant market. The traders conducted this activity with, the CFTC claimed, the intent to “create or exacerbate an imbalance in the order book” that gave other market participants the impression that greater buying or selling interest existed. This impression served to induce other traders to fulfill Citi’s smaller resting orders.  The Citi traders then cancelled the spoofing orders after the small orders were filled or if they believed the spoofing orders might be filled. This activity, according to the CFTC, violated Section 4c(a)(5)(C) of the Commodity Exchange Act, 7 U.S.C. § 6c(a)(5)(C).

Furthermore, the CFTC alleged that Citi failed to properly train its employees on spoofing and to maintain adequate systems and controls to detect and identify spoofing in violation of CFTC Regulation 166.3, 17 C.F.R. § 166.3. The single compliance alert Citi sent its traders during the relevant period, according to the CFTC, insufficiently instructed the traders on the illegality of spoofing. Moreover, the CFTC claimed that after Citi learned of the alleged spoofing, supervisors and other traders on Citi’s U.S. Treasury futures desks failed to comply with Citi’s internal policies on reporting spoofing and supervisors failed to take “sufficient action to address, detect, and prevent [future] misconduct.”

The CFTC cites a specific example of a junior trader who travelled to the U.S. to receive training on U.S. treasuries and making markets. This junior trader observed the Citi U.S. treasuries desk and witnessed two traders working the desk place spoofing orders.  The junior trader returned to his home, Tokyo, and began to place spoofing orders. One of the junior trader’s spoofing trades, however, resulted in a loss because most his spoofing order traded before he could cancel the order.  The junior trader then contacted traders on the U.S. Treasuries desk, including the head of the desk, and informed them of his loss and explain how it occurred. The CFTC alleges that, although the head of the desk told the junior trader “that’s not a smart thing to do” and not to repeat the strategy, not one informed person reported the incident to compliance or told a senior manager that the junior trader had engaged in spoofing, even though Citi’s then-existing policies regarding spoofing required them to report the incident.

After Citi learned of the extent of its employees’ alleged spoofing, it self-reported other suspicious trading activity and cooperated with CME and CFTC investigations. This Order represents the culmination of the CFTC’s investigation. Citi has neither confirmed nor denied the allegations, although Citi may not make any public statement denying any of the CFTC’s findings or conclusions of fact in the Order.

This Order and the examples therein highlight two important compliance issues for any CFTC registrant.  One, the CFTC’s Order implies that compliance with Regulation 166.3 obliging registrants to diligently supervise their employees requires registrants to at least sufficiently train their employees and to create and maintain adequate systems and internal controls to detect spoofing.  And two, if a trader places an order with the intent to cancel it, but the order is executed before the trader cancels, the trader has still engaged in spoofing regardless of whether the spoofing results in a profit or loss to the trader.

Regarding the first implication, it is difficult to deduce from the Order what exactly the CFTC would consider sufficient training to meet the diligent supervision requirement, but it is clear from the language that one compliance alert from a registrant to traders informing them of the language of the anti-spoofing statute fails to properly train traders adequately on spoofing. The CFTC’s Order states Citi “shall provide annual training addressing the legal requirements of the [Commodity Exchange] Act with regard to spoofing, to be given to [Citi] employees who submit any orders on U.S. futures markets and their supervisors.”  However, it is arguable whether “shall provide” means that the traders must attend the training.

In addition to training, it is clear that the registrant must have “adequate systems and controls in place to detect spoofing by traders” in order to diligently supervise its employees and not run afoul of Regulation 166.3.  Again, it is difficult to deduce what the CFTC would determine to be “adequate.” However, the CFTC’s order requires Citi to “maintain systems and controls reasonably designed to detect spoofing activity by its traders” which, at a minimum, shall “be designed to detect and generate a report regarding patterns of trading that might constitute spoofing activity (e.g. the placement and rapid cancellation of large-lot futures orders).” Other Citi employees must “promptly review such reports and follow up as necessary to determine whether spoofing activity has occurred.” The CFTC has not stated what it would consider a “reasonably designed” systems and controls structure, but a system that detects and generates reports on spoofing that would be reviewed like the one Citi must adopt is an example for other registrants to model their own systems on to not run afoul of Regulation 166.3.

Further, the CFTC considers the “placement and rapid cancellation of large-lot futures orders” to be a “pattern of trading that might constitute spoofing activity.”  Thus, the CFTC implied through the terms of the settlement that the placement and rapid cancellation of any large-lot futures order indicates possible spoofing thereby necessitating a superior’s review of the activity.  The fact that the CFTC required Citi to “at least” institute this internal compliance monitoring system begs the question whether all CFTC registrants should adopt a computer program that can detect and generate reports on possible spoofing activity.  If not, a registrant could ultimately find itself battling the CFTC over its compliance programs and possible spoofing activity.

Second, the CFTC uses the example of the junior trader in Tokyo to explain how Citi did not “diligently supervise” its employees. Yet, more importantly, the use of the example demonstrates that the CFTC considers an order to be “spoofed” even if the trader engaging in the activity fails to cancel the order before it is executed.  Thus, all that is required to “spoof” is that the trader intends to cancel an order before it is executed and not that the trader succeed in cancelling the order.  Even though the trader’s actions did not harm the market because the order was executed, the CFTC maintains that spoofing occurred because the intent existed to cancel the orders even though they were not cancelled.  The CFTC may use a trader’s act of placing and then cancelling large lot orders as circumstantial evidence to prove spoofing, but it is not a necessary element required under the statute or the CFTC’s corresponding regulations to prove spoofing.  In other words, as the intent to cancel, not simply the action of cancelling, is forbidden by the statute, even failed “spoofers” can end up in legal trouble.

To avoid similar CFTC enforcement and penalties, a CFTC registrant should:

  1. Institute and maintain internal compliance monitoring systems that will detect and report possible trading violations and follow-up on those reports with the trader.
  2. Consider having outside counsel review any compliance procedures before they are implemented and distributed to relevant employees.

 

 

Emily Hayes

Emily Hayes

Emily Hayes joined Ziliak Law in September of 2016 as a law clerk working with the Startups, Business and Corporate and Financial Industry Groups. She is in her third year of law school at Loyola University Chicago where she is a senior editor of the International Law Review. Read more...
Emily Hayes