Insider trading, the covert practice that involves trading securities based on non-public, material information, presents a significant challenge to maintaining fair and transparent financial markets. This illicit activity is often obscured within the vast sea of normal trading activities, making it difficult to detect and prevent. KRM22’s innovative Market Surveillance product contains ParticipantView, which offers a multi-faceted approach to address the challenges associated with identifying insider trading. In this blog post, we will explore the challenges faced in detecting insider trading and how ParticipantView provides solutions to each of these challenges.

Challenge 1: Hidden Historical Activity

One of the primary challenges in detecting insider trading is the ability of wrongdoers to hide their activities amidst legitimate trading. Insider traders often take great care to blend in by executing their trades in a manner that doesn’t raise suspicion. ParticipantView addresses this challenge by offering Historical Activity for a particular security. This feature allows users to scrutinize all orders and trades associated with a suspected trader, broker, or client for a specific security. By examining a trader’s history with a security, analysts can determine whether their current activities deviate from their norm. Sudden and unusual activity in a security they rarely trade can raise red flags, helping to uncover potential insider trading schemes.

Challenge 2: Evading Detection Patterns

Insider traders are not only adept at disguising their historical activity but also at evading detection patterns. They often alter their behavior when they sense scrutiny. This presents a challenge for surveillance systems, as sudden changes in behavior can be harder to spot. To counter this challenge, ParticipantView contains Alerts and Behavior Analysis. In addition to historical data, it displays alerts raised by the suspected trader over a specified timeframe. This feature enables analysts to identify any sudden cessation of alerts coinciding with potentially suspicious trading activities. Such a pattern may indicate an attempt to avoid detection and further warrants investigation.

Challenge 3: Concealed Buy/Sell Activity

Another challenge in detecting insider trading is identifying abrupt shifts in a trader’s position, especially when they attempt to hide their true intentions. For instance, a trader who traditionally buys a security may suddenly start selling in large volumes. This could be indicative of insider information being used to profit from a forthcoming decline in the security’s value. ParticipantView addresses this challenge through its “Buy/Sell Activity Breakdown” feature. This capability allows for a detailed analysis of a trader’s historical activity by categorizing transactions into buys and sells. By monitoring changes in this breakdown, analysts can spot sudden and suspicious shifts, thereby helping uncover potential insider trading activities.


Detecting insider trading is a formidable challenge, given the clandestine nature of this illegal practice. However, innovative tools like KRM22’s ParticipantView provide a robust solution to these challenges. By offering historical activity analysis, behavior pattern detection, and buy/sell activity breakdown, ParticipantView equips financial institutions and regulators with powerful tools to identify and mitigate insider trading risks. In doing so, it contributes to the maintenance of fair and transparent financial markets, where all participants can trade with confidence, knowing that surveillance systems are actively working to protect the integrity of the market. As the financial landscape continues to evolve, tools like ParticipantView will play a crucial role in ensuring the trust and credibility of global financial systems.

Credit risk is a critical factor for capital markets firms as it directly affects their ability to manage potential financial losses stemming from defaults or failure to meet obligations. However, complexity within these organizations often hampers the assessment and communication of credit risk. In this blog post, we will explore the significance of understanding credit risk, examine two key drivers influencing it, and highlight how the Risk Cockpit can help firms achieve cohesive risk management.

Understanding the Drivers of Credit Risk

Capital markets firms often face challenges in comprehending the two distinct drivers influencing credit risk and how they interact with each other. This lack of clarity makes it difficult for firms to accurately assess and communicate their credit risk levels while aligning them with their risk appetite. These two drivers are:

1.    Variation in Credit Risk Profiles

The credit risk profiles of different desks within an organization significantly impact the overall risk faced by the firm. Inadequate visibility of this relationship impedes effective control as firms are not able to identify the source of their credit risk and so do not make conscious decisions to operate at a given level of risk. By unknowingly operating outside of their risk appetite, firms can suffer from unexpected losses.

2.    Control Failures

Three examples of potential control failures that we see firms actively managing are:

a)      Inability to calculate margin requirements due to system issues:

Flaws or limitations in the systems used can compromise the firm’s ability to assess and manage credit risk effectively. Alternatively cyber-attacks can result in systems not being available leaving firms flying blind if adequate controls are not in place.

b)      Trading limits misalignment with client capital:

Inconsistent or inadequate alignment between trading limits and client capital can lead to situations where positions are not adequately covered, increasing the potential for financial losses. In the most extreme situations, this can even lead to harm to the market

c)      Ineffective management of intraday margin changes:

Changes in intraday margin requirements by counterparties can result in exposures that are not promptly communicated or passed on to clients. Failure to manage these changes effectively not only contributes to credit risk but also increases liquidity risk within organizations, as highlighted by the Financial Conduct Authority (FCA).

Understanding Credit Risk through the Risk Cockpit

To address the complexities associated with credit risk assessment, capital markets firms can leverage the Risk Cockpit. The Risk Cockpit allows organizations to track credit risk both at the corporate level and individual desks. By leveraging heatmap functionality, risk management teams can identify and understand the key drivers of credit risk. This enables them to communicate the current credit risk level and associated drivers to the board with confidence, facilitating informed decision-making.

Mitigating Credit Risk | A Case in Point

Consider a firm that identifies high credit risk due to ineffective trading limit controls. Recognizing the potential harm this risk poses to the market, the firm decides to invest in enhancing its trading limit controls. This strategic decision reduces the potential harm associated with this specific credit risk. The firm needs to track the implementation of this control, understanding the cost, quality and time associated with implementation to ensure that it is effective. Once implemented the firm needs to track the effectiveness of this control to ensure that they continue to operate at their desired level of credit risk. The Risk Cockpit supports this workflow from the identification of an issue through to the mitigation.

The Power of Cohesive Risk Management

Credit risk is a critical factor that capital markets firms must diligently address. Recognizing and comprehending the complexity inherent in these organizations is essential for accurately assessing and managing credit risk. By leveraging the Risk Cockpit and adopting a cohesive risk management approach, firms can effectively monitor and communicate their credit risk levels, align risk appetite, and make informed decisions to mitigate potential harm. Ultimately, understanding credit risk empowers capital markets firms to navigate the intricate landscape of the financial industry with confidence.

Contact us to find out more about how we can help you manage your credit risk

Group of traders and compliance team looking over trading data performing trade Surveillance

At KRM22 we are committed to providing our customers with the services they need to manage their risks as they require. This commitment has resulted our Market Surveillance team spotting a new Fixed Income related trend in the operational risks managed by compliance teams.

For some time, Fixed Income houses have leveraged dealer streaming and composites. Streaming is when a dealer or electronic market maker constantly sends prices and volumes at which it is willing to both buy and sell the given bonds to their clients. They would typically do this for every major on-the-run issue, and provide different pricing for different sizes. Buy side clients can then see the prices for their requirements without needing to submit a Request for Quote (RfQ). Through this, information leakage from the buy side’s perspective is eliminated pre-trade. A composite can be seen as an aggregate pricing data that uses statistical averaging techniques to eliminate outlier quotes from the population of bids and offers. The resulting composite prices, spreads and yields are recognized by market participants as accurate and representative of the range in which trades are likely to be filled.

Operationally, both these structures are well within the risk profile of the industry. However, through our ongoing conversations with Fixed Income customers, we have identified that certain market participants often stream highly competitive prices and then provide a worse quote following an RFQ, meaning the streamed price acts as bait to attract the client. At the same time, they have seen that it is also possible for prices to be quoted that are significantly away from the average price.

Although not currently on the radar of regulators, compliance teams are seeing deployment of these strategies and indicators of undesired behavior in their traders. With the trend to prevention rather than retrospective action, our customers wish to operate in a more proactive surveillance model. They are looking for patterns to isolate dealers and take a look at their other activity to identify issues such as Wash Trading and Front Running.

This is why we have released two new features this month, which you can read about here.

If you’d like to know more about how KRM22 can help you move to a proactive surveillance model, contact us for a discussion or demonstration.

Trader worried about volatility risk management

2022 has seen a period of increased volatility worldwide. Investors are focused on central banks raising rates, with markets already factoring in a 75-basis point hike by the U.S. Federal Reserve. The latest Consumer Price Index report showed inflation rising faster than expected, and while conversely the equity markets are staging a small rally, many major US names that are often seen as safe havens, including the likes of Netflix, Tesla, Apple and Meta, are down 30%-60% from 52-week highs.

Within this global backdrop, the UK has suffered extreme volatility in the wake of the resignation of Prime Minister Boris Johnson in July.

It started with an idea formed from basic assumptions by the new leader of the UK Government, Liz Truss, and her new chancellor, Kwasi Kwarteng; Cutting tax would lead to increased consumer spending, boosting growth and counter slowing activity and rising inflation. Plus, lower taxes tend to increase the government’s tax receipts longer-term, rather than reduce them.

The market reaction was immediate and negative, with concerns weighing on UK assets and the British Pound losing value overnight, adding to the cost of importing any goods of services, introducing the risk of an inflation spiral. Add in the deepening energy crisis, most of which is priced in USD and the UK is facing a double whammy which could tip the nation into a recession this winter.

This created massive upheaval in the UK markets. Whilst the British Pound stabilized against the U.S. dollar, there was a large selloff in long-dated UK government bonds (Gilts) as investors scrambled for cover trying to free up cash. The tax cuts would need to be paid for which would likely mean a more aggressive approach to interest rate rises.

The Bank of England (BoE) stepped in, immediately purchasing gilts to ensure stability in the value of both the British Pound and UK government treasuries. The Chancellor was forced to revise or cancel many elements of the spending package, scrapping plans for tax cuts for Britain’s highest earning citizens. However, UK markets remained in turmoil. The BoE have stopped propping up the gilt market in order to concentrate on controlling the double-digit inflation that the country now faces.

Ultimately the UK Government leaders stood down after just 44 days in power. Wind forward just 5 days and a new leader, Rishi Sunak and his cabinet, are in power, reversing almost all of the previous teams’ decisions with immediate effect.

Overall, the situation remains complex and fast-moving. Global markets are likely to remain volatile and turbulent, emphasizing the need for discipline from the investors and control by the Banks and Brokers that service them. KRM22’s customers have been able to use our products to manage their risk effectively. The Market Surveillance product has supported firms concerned about market abuse during the gilt run and the Market Risk suite has helped those concerned about the effect of increased volatility on the derivatives and equities markets. Meanwhile, other customers have been able to use the Risk Cockpit to track clearing and settlement without interruption during this time.

We do not know what tomorrow brings, but with the right partners, services and infrastructure we can make sure that we are ready for it, and be ready for whatever the day after that brings as well.

SOC2 compliance risk management

In Q3 2022, KRM22 completed its annual SOC2 Type 2 assessment for the year and passed with no issues reported by its auditor. SOC2 is a compliance standard for service organizations that specifies how they should manage and secure customer data. As businesses turn to software vendors that deploy IT solutions in the cloud, it has become critical that these cloud-based solutions adhere to the highest standards for security, availability and confidentiality and that this can be demonstrated.

Why does this matter?

Internally, this gives us confidence that our processes, policies and procedures are fit for purpose. We want to be sure that what we say we do and what we actually do are one and the same. Good controls and policies also mean that everyone at KRM22 is better placed to understand our individual and collective responsibilities – and, perhaps most importantly, why they matter.

Externally, audits such as SOC2 also provide confidence to our customers. KRM22 can be trusted to act responsibly and professionally on their behalf with their data in mission critical systems. Our customers can show their own IT, InfoSec and Compliance teams that KRM22 meets their requirements for data security.

How do we track compliance?

We have deployed an instance of our Risk Cockpit product to ensure all its processes are completed accurately and promptly. SOC2 is listed as a Process that KRM22 must complete and each control our auditor assesses us on is stored in the Cockpit as an Information Asset.

All tasks that are regular (these can be monthly, quarterly or annually) are tracked as automated items, assigned to the correct team, assigned due dates, linked to evidence that shows the task has been completed, and then finally tracked back to the underlying Control.

By using our Kanban-boards, the Information Security team can see immediately what tasks are open, in progress, or completed. When a task is set to recur, it is automatically recreated at the defined interval and it’s progress shown on the board.

Any authorized KRM22 staff can see who is Accountable or Responsible for a given task, and who in the firm they should Inform or Consult too.

We use these tools to conduct a mid-year audit on itself to verify that no tasks are falling behind or not completed. We then review the quality and availability of evidence to support a task, immediately seeing if we are fulfilling the requirement, and how easy it is for KRM22 to provide evidence to match

Finally, should a member of staff leave KRM22, all tasks previously owned by that staff member can be handed over to a replacement in an automated fashion. Nothing gets dropped or missed even in the event of staff changes.

The Risk Cockpit has become a tool which not only supports the SOC2 process, but is central to it.

Bitstamp logo

Bitstamp was founded in 2011 and is now the longest-running Crypto Exchange in the world. Being a pioneer in its field it has helped shape the technical and security standards for the industry.

As Market Surveillance Officer, Colin Scanes is an expert on market microstructure across digital assets, equities, futures, options and FX. He has spent over 20 years working on the cutting edge of financial technology, most recently moving into Crypto. Bitstamp uses KRM22 Market Surveillance to monitor for and prevent market abuse across all of its trading activity. Being one of the first crypto exchanges to implement an institutional grade surveillance platform, Bitstamp demonstrated its on-going commitment to ensuring a fair and orderly market for its customers, and its desire to see the industry mature to where it is today.

We sat down with Colin to gain a deeper insight into the rapidly evolving regulatory landscape around digital assets and how Bitstamp intends to balance a compliance first culture with its aggressive plans for growth.

Thank you for talking with us today. Let’s start with a brief introduction – please tell us about how you came to join Bitstamp?

Having worked in institutional brokerage for 18 years at Bloomberg Tradebook, focused principally on Equities but also Futures, Options and FX, I found I had developed some useful skills. I knew my way around central limit order books and was pretty confident I knew what worked well when it came to execution algorithms and Pairs Trading. In seeking to get best execution for our clients we often strayed close to what would now be frowned upon by Regulators. In Pairs trading particularly, because you often try to post in the Order Book of the least liquid side of the pair and then act as a taker of the more liquid side if you get hit or lifted on your posted order, you end up sending a lot of orders and cancelling them. We were trying to trade a spread so every time the liquid market moved, we had to re price our posted order in the Book. This got us into trouble with the Exchange for the sheer number of cancel/replace messages we were sending, and we realised that although our intentions were honourable as we were just trying to trade a spread, trading behaviour can appear suspicious when viewed out of context. We throttled back the number of times our Pairs algorithm re-priced and got back in the good books of the Exchange.

This experience led me from working on the execution side of algorithms to the monitoring of their performance and onto working with regulators using software to detect manipulative trading practices on European Equities Exchanges.

An old friend of mine introduced me to crypto and then to Bitstamp where they were at the time in the process of setting up a Market Surveillance function. I was lucky enough to be considered for a role and having joined the company have had one of the most enjoyable, fascinating episodes of my career to date.

The fundamental principles of trade surveillance are essentially the same for both traditional and digital assets. Beyond that, can you explain the key differences that may arise and what gaps might need to be bridged when thinking about a crypto exchange’s surveillance strategy?

After you get through some of the easier problems to solve, like fractional order sizes and prices out to 8 decimal places not playing well in your database, some other differences start to be revealed. 24/7 Exchanges don’t have open and close periods, but the Exchange does need down time to run upgrades etc, so the impact of scheduled maintenance has to be carefully considered. Markets can run up when you are closed but everyone else is still open, so you have to manage your reopening with care, as liquidity is thinnest as your clients re-engage with your Order book.

Although Bitstamp is currently purely a Spot Exchange with no derivatives or leveraged trading, we do have to be aware of the very many ways that participants can get exposure to crypto in regulated and unregulated venues and so have reason to try to impact our price and volume. The fungible, global nature of crypto means that we have to be aware that threats exist anywhere in the world at any time.

Bitstamp is one of five Exchanges whose prices are used in multiple Indices that underlie Crypto Futures, Options, Perpetuals and Funds. We need to share information with other venues and Index providers whilst maintaining the anonymity of our Exchange participants. We often have no common regulator to whom we can funnel information who has jurisdiction to act across multiple venues, so we need to be aware and help each other protect crypto trading from abuse.

What are the biggest Regulatory challenges facing Crypto Exchanges today, and how does it affect expansion into new markets and jurisdictions?

As an asset class crypto is both varied in type whilst being accessible globally by all. The democratising of trading, giving retail clients access to orderbooks, a view of depth and advanced order types, as well as API connectivity means Regulators have to focus on a variety of actors. In the traditional world their focus is often on intermediaries such a Brokers and FCMs who themselves play a role in detecting and constraining bad actors and preventing their manipulative activity reaching the Exchange. Having everyone, retail and institutional alike, able to effectively self-broker, creates new challenges.

The rules for trading crypto and hopefully soon back applied to traditional markets, need to both protect the investor whilst not denying them the access to investment products and methods of trading that have been the preserve of institutional market participants only.

The challenge for Exchanges is often trying to understand the challenge for regulators and then good planning to make sure, however the Regulators choose to address those challenges, the Exchange is prepared. This will vary according to jurisdiction but in large part if you are passionate about doing the right thing for your clients, as we at Bitstamp are, you won’t stray far from any regulator’s requirements.

There is a lot of discussion about the use of artificial intelligence within compliance programs. What’s your view of incorporating machine learning into your operations and do you think rules-based systems will remain a core part of your strategy?

For me, rules-based systems will continue to maintain primacy. AI can play a part in helping with refinement of parameters empirically over time, but the fundamental constructs of market abuse and manipulation have to remain explicit and completely understood by those charged with monitoring them.

Engagement with Regulators is done by people in the Market Surveillance Department not machines. They have to fully understand what they are looking for, why they are looking for it and explain in detail when they see it happen. Surveillance Systems are a Surveillance Officer’s tools of the trade. They cannot reliably replace the human thought process or the ability to reframe perspective and apply disparate mitigating factors. Market Surveillance tools shine a light on specific suspicious activity, AI can make that light brighter but ultimately a human has to see, understand and act on what has been illuminated.

Finally, where do you see the biggest growth for the Crypto Industry in the next 5 years, and how does Bitstamp plan to stay on top of the wave?

It’s a question almost as difficult as predicting what the price of Bitcoin will bein 5 years. Things move so rapidly in crypto, new things emerge, become enormous in a short space of time and sometimes disappear from relevance even quicker. Lessons are learned from the embers of failed projects and quickly incorporated into the collective body of knowledge.

The key to Bitstamp continuing to prosper is how well we remember the quote, often attributed to Charles Darwin, about it not being “the strongest or the most intelligent that survives but those most adaptable to change”. We were the first Crypto Exchange in Europe back in 2011, crypto and Bitstamp have adapted and changed an awful lot since then, but our core philosophy has remained. We will always be a trusted partner and good actor in the space. It will be exciting to see our next adaptation!