The great mid-market clampdown: Smaller firms now on regulators’ radar

This month, the SEC in the US announced record enforcement actions in the first quarter of the fiscal year 2025. Based on its preliminary results, the SEC filed 200 total enforcement actions, including 118 standalone enforcement actions, marking the highest number of actions filed in their respective periods since at least 2000. These actions addressed a broad spectrum of violations, including financial misstatements, misleading disclosures and failures to disclose conflicts of interest. This surge in enforcement activity is the latest milestone in an established global regulatory clampdown on market abuse, with a particular focus on multi-channel communications.

Regulators like the SEC and FINRA have already shown their teeth by targeting large financial institutions, and now they are starting to look at mid-market firms as well. In 2025, we’re likely to see the focus of this regulatory clampdown continue to broaden beyond just the big players.

The proliferation of electronic communications (eComms) channels traders use to share messages has altered the trading landscape. While email and platforms like Bloomberg Chat are regularly monitored, individuals also have the option to use a wide array of messaging apps on personal and work devices – and these are far more difficult for financial institutions to deal with.

Channels such as WhatsApp, Telegram, and WeChat can be more difficult to monitor, making it tricky for firms to survey them effectively and identify instances of potential abuse. However, firms are still liable for those actions, regardless of how hard it is to manage. As the recent news on enforcement actions stated, the SEC has emphasised the importance of holding wrongdoers accountable while encouraging firms to self-report and remediate violations to avoid harsher penalties.

With smaller firms now on the regulator’s radar, these institutions need to ensure that their eComms surveillance strategy is robust enough to avoid the fines and reputational damage that come with regulatory action.

A shift in regulatory strategy
In recent years, enforcement action has tended to focus on significant financial penalties being handed out to high-profile offenders. However, 2024 saw regulators shift their approach to issuing a much higher volume of penalties.

For example, 61 cases of eComms-related enforcement actions were taken by global regulators in Q3 2024 alone, a 408% increase on the first half of the year. Interestingly, the average fine value also grew during this period, highlighting that it’s not just the frequency of penalties being issued but also the severity.

While mid-market firms may have previously believed that they had some ‘breathing space,’ the evolving profile of companies being investigated suggests that this is no longer the case. With eComms-related penalties accounting for 55% of all fines issued globally in the first half of 2024, it’s a fair bet that regulators will continue to focus their attention on this hot topic as we move through 2025.

The caveat to all of this is that the new administration moved into the White House this week. For US firms, the uncertainty and unpredictability ahead reinforce the need for firms of all sizes to ensure they are on top of their compliance and have robust trade and eComms surveillance processes in place.

Monitoring the unmonitored
To effectively monitor and preserve eComms efficiently and cost-effectively, technology has to be embedded within a company’s compliance processes. Specifically, firms should consider a centralised digital system that can automatically track eComms over multiple channels, link messages with potential instances of abuse, and use machine learning to continuously enhance how suspicious communication patterns are identified. Such technology gives compliance teams near real-time insight and automatically records messages, significantly streamlining compliance processes. Yet, for this process to truly work, a holistic approach is crucial.

By merging eComms surveillance with trade surveillance, compliance teams can gain a truly holistic overview of trading activity. Trade surveillance tools monitor already-occurring activity and assess its compliance against defined rules, while eComms surveillance attempts to identify and preempt potential instances of abuse before they occur. This dual perspective allows firms to take a more contextualised view of trading risk, mitigate it faster, and significantly reduce the number of false positives that compliance teams have to investigate.

Assessing your risk
It’s important to note that the significant penalties handed out so far are not just for instances of financial crime and market abuse. Instead, regulators are increasingly taking action against firms that fail to have preventative measures in place to mitigate those risks, such as effectively monitoring eComms and screening new customers. For example, in the UK, the FCA fined Starling Bank £29 million “for failings in their financial crime systems and controls,” representing the second-largest UK fine last year.

The onus is very clear on firms to take proactive steps to adhere to regulatory rules and implement adequate controls. Risk assessments are a vital part of this process, helping to identify potential risks in trading activities and using this information to create strategies that prevent said risks. With firms needing to handle and process so much data, regulatory technology provides a highly effective way of ingesting and processing data, identifying risks, and generating the necessary alerts.

Ensuring that your firm is ‘regulator ready’
The accelerating use of eComms channels by traders has created a regulatory landscape that is increasingly challenging for firms to manage. However, regulators are clear that firms must implement the necessary safeguards to monitor, assess, and preserve these messages robustly and effectively. Having targeted larger institutions so far, they are now turning their attention to mid-market firms and increasing fines across the board.

Faced with this shift in regulatory strategy, smaller firms must ensure all aspects of their compliance processes and controls are ‘regulator ready.’ Technology is fundamental to this challenge and offers firms the ability to create a holistic compliance strategy that integrates trade and eComms surveillance seamlessly. Coupled with stringent, regularly reviewed, risk assessments, this approach should help firms protect themselves from instances of market abuse and the enforcement action that goes with it.

For US firms in particular, big regulatory change is coming, and we will need to wait and see what this means in practice. However, it does reaffirm one thing, the best way to mitigate the risk of enforcement action and the significant financial penalties that come with it, is to be ‘regulator ready’ in the first place.

Stay Ahead of the Financial Curve with Our Latest Fintech News Updates!