The Hypothetical Case of the Undetectable Spoofer


Last week, Citigroup agreed to pay a $25 million fine to the CFTC for violating section 4c(a)(5) of the Commodity Exchange Act.  This section was added after the Dodd-Frank Act was passed in 2010 and it gives the CFTC greater room to prosecute “spoofers”.    The CFTC issued an interpretative guidance of this rule in 2013 where they detailed their new powers:

CEA section 4c(a)(5) states that it shall be unlawful for any person to engage in any trading, practice, or conduct on or subject to the rules of a registered entity that:

(A) Violates bids or offers;
(B) Demonstrates intentional or reckless disregard for the orderly execution of transactions during the closing period; or (C) Is, is of the character of, or is commonly known to the trade as, ‘spoofing’ (bidding or offering with the intent to cancel the bid or offer before execution).

Let’s take a quick look at the Citigroup case.  According to the complaint, the Citigroup traders were using some basic spoofing practices:

“Generally, the Traders’ spoofing strategy involved placing bids or offers of 1,000 lots or more with the intent to cancel those orders before execution. The spoofing orders were placed in the U.S. Treasury futures markets after another smaller bid or offer was placed on the opposite side of the same or a correlated futures or cash market. The Traders placed their spoofing orders to create or exacerbate an imbalance in the order book.

This created the impression of greater buying or selling interest than would have existed absent the spoofing orders and was done to induce other market participants to fill the Traders’ smaller resting orders on the opposite side of the market from the Traders’ spoofing orders in advance of anticipated price changes. The Traders cancelled their spoofing orders after either the smaller resting orders had been filled or the Traders believed that the spoofing orders were at too great a risk of being executed.”

This case is very interesting for a number of reasons including:

– Citigroup lacked the proper internal controls to identify abusive behavior by their traders.  

– Citigroup supervisors knew about the spoofing behavior and did not report it to compliance.

– Citigroup self-reported the violations in this case after they were confronted by the CME about a limited number of suspicious orders that had nothing to do with this case.

There does not appear to be a whistle blower in this case but instead Citigroup blew the whistle on themselves. According to the CFTC:

“Upon notification of a CME inquiry regarding a limited number of suspicious orders placed by two Traders, Citigroup identified and promptly self-reported additional orders by other Traders that were potentially violative and provided the Division important information and analysis regarding the same.”

Citigroup has been disciplined and is paying a $25 million fine but we can’t help but wonder why the CFTC has only brought a handful of “spoofing” cases over the past three years.  This brings us to the title of today’s post, “The Hypothetical Case of the Undetectable Spoofer”. While spoofing should be easily detectable when trading just a single asset class like Treasury futures, what happens if the spoofer is trading multiple asset classes which are regulated by different regulatory authorities that do not share information.  Here is an example of how this could occur:

1-  Spoofer decides to bid for a sizable number of e-mini S&P futures contracts without any intention of buying them.  

2- Prior to entering the bids in the e-minis, the spoofer enters a sell order on the S&P 500 ETF (SPY).  

3 – Upon seeing the large e-minis bid, the market adjusts to the demand and the e-mini offers are taken.

4-  The SPY ETF also has its price adjusted and the spoofers ETF sell order is filled.

5- The spoofer cancels their e-mini bids.

The above situation is pretty much undetectable since the CFTC and the SEC would only be seeing half of the picture.  The CFTC would just see the e-mini bid entered and cancelled while the SEC would just see an ETF trade.  There is currently no regulatory surveillance system in place that we know of which could detect the above scenario.  

You might be thinking that the scenario we outlined above is similar to the Citigroup case so the CFTC should be able to identify it since they caught the Citigroup spoofers?  Not exactly.  The CFTC didn’t catch anything.  Citigroup self-reported their violations after getting flagged by the CME for some unrelated suspicious activity.  You might also be thinking that, when finally built and implemented, the Consolidated Audit Trail (CAT) would identify the spoofing situation we described.  Unfortunately, the CAT would not catch this spoofer since it is limited to stocks and options and does not cover futures.

Even though regulators have new powers and new regulatory surveillance systems, they still appear to be outmatched when it comes to cross-assert spoofing.  The only way to catch these spoofers is to track their movements across asset class.  This would require implementing something similar to a legal entity identifier (LEI).  But more importantly, it would require that the CFTC and SEC regularly share information.  We don’t think that this is too much to ask.