A tougher regime on market abuse: is your firm doing enough?

October 27, 2015

The EU's new Market Abuse Regulation (“MAR”) comes into force on 3 July 2016. The recently published regulatory technical standards (“RTS”) have now set out the more detailed implementation proposals. In this alert we summarise MAR’s most significant reforms and consider what firms should be doing now to prepare for their enhanced obligations which take effect in less than 9 months’ time.


MAR replaces the Market Abuse Directive which sought to harmonise the civil offences of market abuse across the EU. As well as providing for a more intrusive regime for investment firms and trading venues to prevent market abuse, MAR refreshes these offences, bringing them into line with MiFID II’s reforms to market structure.


The related Directive on Criminal Sanctions for Market Abuse (“CSMAD”) harmonises the criminal regime for insider trading offences across the EU. However, the UK (and Denmark) have elected to opt out of CSMAD, with the UK having determined that the Criminal Justice Act 1993 is already consistent with what these reforms are designed to achieve.



The financial instruments caught by MAR are widened to include the new financial instruments defined in MiFID II (for example, emission allowances), and any instrument traded on a trading venue (including the new Organised Trading Facilities) or derivatives of such instruments. The concept of a derivative is also applied in reverse, looking back to the underlying asset, where “the price or value depends on or has an effect on the price or value of a financial instrument” – thus capturing spot FX and cash commodity markets where a link to a derivative instrument can be established.

MAR also covers unexecuted orders (in financial instruments), as well as modifications or terminations to an existing order. Similarly, attempted market manipulation becomes an explicit offence, as does the attempted manipulation of benchmarks.

Prevention and detection

The RTS set out exacting requirements for the “arrangements” or systems that must be put in place to prevent, detect and report abusive practices or suspicious orders or transactions. There is a clearly stated expectation that these will be required to employ a degree of automation – manual analysis of a sample of transactions is no longer enough. At the same time, surveillance capabilities must have “an appropriate level of human analysis”. More specifically, they must include the capacity:

  • To analyse every individual execution or order placed;
  • To detect patterns of repeated abusive behaviour which, when aggregated, could give rise to suspicions; and
  • To generate suspicious activity alerts to be escalated for further analysis.

Regulators will have the power to require firms to provide information on such systems on request and firms will be expected to be able to justify the extent of automation and ability of their systems to identify patterns and generate relevant alerts.

Reporting of suspicions

With the inclusion of suspicious orders (unexecuted), the previous Suspicious Transaction Report (“STR”) now becomes a Suspicious Transaction and Orders Report (“STOR”). A new template has been provided which sets out a more prescriptive approach, containing 6 sections and a total of 25 possible data fields. These include quite detailed information on the individual or entity on whom the suspicion falls. Such reports are expected to be “meaningful, comprehensive and useful”.

Firms are also expected to maintain a record of analysis performed where STORs are flagged internally through the firm’s surveillance systems but a decision is made not to make an external submission to the relevant authorities.


Firms will have to provide comprehensive training for staff directly involved in the monitoring and detection process. This is likely to go beyond the general awareness sessions currently provided to all staff. Such training will need to cover the following areas:

  • How to identify and refine parameters for potential suspicious activity;
  • How to conduct further analysis on identified flags; and
  • How to make the final determination on whether a STOR is made.

Other areas of note:

Market soundings – potential recipients of market soundings (typically about a forthcoming corporate event and related market placing) will have to positively agree to receiving such information, and those providing it (issuers or their placement agents) will have to make an assessment on whether the information provided amounts to inside information.

Disclosure of inside information and insider lists – similarly, issuers and their placement agents will have to follow a much more prescriptive set of procedures when disclosing insider information, including maintaining lists of insiders, either permanent (e.g. an issuer’s professional advisers) or temporary (those brought inside for a particular deal or event). Even if you decline to receive such information, you will appear on such a list (thus addressing inadvertent disclosure).


The RTS is now subject to a final round of endorsement from the European Commission, Council and Parliament, but major changes at this stage look unlikely. The FCA has indicated that it will issue a Consultation Paper in the next few weeks on its proposed changes to the Handbook, and further guidance from ESMA and the FCA on the implementation of MAR is likely in the first half of next year.

Although the main MAR and Level 2 measures come into force next July, some of the measures relating to MiFID II reforms (new financial instruments and trading venues) will only apply from 3 January 2017.

Next steps for firms

  1. Review the financial instruments utilised by your investment strategy (including any of the new instruments now caught by MiFID II/MAR), as well as your research and idea generation processes, to re-assess what are the key risk areas to your firm from a market abuse perspective.
  2. Consider now what an automated system would need to do to effectively detect suspicious orders and transactions (appropriate to your investment strategy), and whether it would make more sense to outsource such capability to a third party supplier, or develop this internally.   
  3. Consider how you are going to resource the new surveillance and analysis arrangements. These should include new, related MiFID II organisational requirements on telephone calls and other electronic communications.

Please contact Martin Lovick or your regular ACA consultant with any questions on this e-mail.