Financial institutions identify suspicious trading activities by searching for specific patterns in the actions performed by a trader and other market actors. These patterns are based on the rules set by regulators that define target risk behaviors, entities or patterns. Such suspicious trading activities are called “alerts” signaling possible market abuse activity.
Compliance officers review the alerts and on the basis of the actual trades enriched with additional contextual information (news, emails, voice communications, market data, historical trading activities performed by the trader) determine whether the alerts need further investigation or are false positives.
The Goal
A global bank wanted to improve the trade surveillance system that provided alerts for suspicious activities for possible market abuse. The existing alert review process could not manage efficiently the high number of alerts generated on a daily basis and reviewed manually.
The compliance task grows exponentially difficult when the company is active in multiple asset classes ranging from: the traditional equities, currencies and debt; via the futures, options, commodities, precious metals; to the multilateral dark pools energy contracts and cryptocurrencies, which are traded on different markets, under the supervision of different regulators and even in different jurisdictions.
On top of that, the regulatory obligations have been steadily growing over the last decade and multiple new requirements needed to be addressed. All this required a smarter approach to spotting suspicious patterns. The bank needed a solution that could improve the efficiency of the alert review process and provide better signals for potential risks.
The Challenges
There were various challenges in achieving this goal. Some of the most significant ones were:
- Poor data quality – missing, inconsistent or ambiguous information and/or identifiers for accounts (clients who request the operation), traders or brokers who perform the actual operation) and sometimes even assets (the actual traded stock, financial instrument, good, etc.);
- Missing contextual information – lack of continuous organizational business structure to provide the full context and allow interpretation of the activities of a trader as interrelated events
- Ambiguous meaning – mechanically integrated information from diverse sources, without alignment of the used terms and definitions. Absence of definition of foundational terms, such as client and account.
- Lack of analytical software capabilities to allow pattern search for detection of the parties coordinating and executing even the simplest known practices such as: Pump-and-dump, Spoofing and Frontrunning
The Solution: A Knowledge Graph Powered Smart Trade Surveillance Solution
The bank chose Ontotext’s GraphDB to power their Trade Surveillance system. The introduction of a knowledge graph based solution improved the efficiency and precision of the alert review process.
The introduction of a knowledge graph provided the following accelerators:
- Identification – unique global identifiers for all parties and instruments;
- Meaning – interoperable definitions helping to align all different regulatory and business requirements;
- Expressivity – the ability to express domain and use-case specific knowledge and constraints;
- Constraints – the ability to ensure consistent quality of the data by enforcing business rules on it.
The flexible and dynamic structure of the knowledge graph significantly enhanced the quality of the available data by using formal semantics to automatically interpret it and infer new facts. With the help of a simple identity resolution technique, identifiers coming from different systems were easily reconciled. The use of the Financial Industry Business Ontology (FIBO) acted as a foundation and accelerator for developing a suitable hierarchy to enable identity and meaning based interoperability of the traded instruments despite the multiple identifiers used by some of the traders.
The interlinked descriptions of concepts and entities in the knowledge graph (where concepts use other concepts to describe each other) created the necessary context to facilitate the work of the bank’s Compliance team. The new solution also allowed them to interpret each alert not only against the latest version of the organizational structure, but against its state at the time when it happened.
Finally, the semantics of knowledge graphs enabled domain-centric views on compliance information and data. The graph model also provided better context for smart interpretation, which enabled different types of pattern searches, on the basis of GraphDB graph similarity, such as:
- Given Trader A (who has been previously identified as suspicious), discover all alerts related to him/her and group together similar alerts.
- Given Trader A (who has been previously identified as suspicious), discover all similar traders based on trading style, instrument purchase concentration, etc.
- Given Trader A, discover all communications related to the buying of Facebook.
Business Benefits
- The smooth integration of aggregated data allowed monitoring traders who closed a lot of deals and generated a lot of alerts.
- Adding business unit hierarchies helped provide a better picture of what was normal and where to look for deviations from the norm.
- The graph structure enabled data scientists to further develop statistical models for analyzing strange patterns of information or subsets of information.
Why Choose Ontotext
With Ontotext’s smart Trade Surveillance solution, the bank’s Compliance team was able to monitor and analyze a greater number of suspected activities. It enabled the bank to increase its efficiency in the process of reviewing alerts for suspicious trading activities, minimize potential risks of market manipulation, and enhance regulatory compliance.
Do you think this case resembles your particular needs?
