Trade Surveillance AI: FINRA Rule 3110, EU Market Abuse Regulation & Spoofing/Layering Enforcement
Trade surveillance AI has become the primary tool for detecting market manipulation in equity, options, and derivatives markets — and the regulatory expectations for AI surveillance have grown to match its capabilities. FINRA Rule 3110 requires member firms to maintain supervisory systems for detecting manipulative trading, with AI surveillance specifically referenced in FINRA guidance as an acceptable and increasingly expected approach. The EU's Market Abuse Regulation (MAR) requires trading venues and investment firms to implement surveillance systems capable of detecting market manipulation patterns, with AI meeting this requirement for many of the complex patterns that rule-based systems miss.
CFTC v. Navinder Singh Sarao — Spoofing Enforcement and AI Detection
Case: CFTC v. Navinder Singh Sarao (2015 complaint; 2020 sentencing)
Penalty: $38.6 million CFTC civil penalty; $12.9 million disgorgement; US criminal sentence (no imprisonment due to cooperation)
Activity: Sarao deployed spoofing algorithms in E-mini S&P 500 futures from 2009-2014, placing and canceling large orders to manipulate prices and profit from resulting price movements
Detection gap: Sarao's activity — contributing to the 2010 Flash Crash — was missed by exchange surveillance for years; AI pattern recognition eventually identified the manipulation signature
Regulatory lesson: Complex multi-layered spoofing at algorithmic speeds exceeds human surveillance capacity; AI detection is operationally necessary for regulators and firms
Source: CFTC Press Release 7049-15
Regulatory Risks and Compliance Challenges
FINRA Rule 3110 requires member firms to establish and maintain a system to supervise the activities of associated persons that is reasonably designed to achieve compliance with applicable securities laws and regulations. FINRA's 2015 Report on Surveillance and Controls Guidance for Broker-Dealers established specific surveillance expectations for algorithmic trading manipulation — including spoofing, layering, and quote stuffing — that require technology-based detection systems rather than human review of transaction logs. AI trade surveillance directly addresses the detection standard FINRA's guidance establishes.
The EU's Market Abuse Regulation (Regulation 596/2014) requires trading venues and investment firms to implement effective arrangements, systems, and procedures to prevent and detect market abuse. Article 16 specifically requires trading venues to maintain trade monitoring systems capable of identifying market manipulation. ESMA's technical standards under MAR specify the algorithmic manipulation patterns that surveillance systems must be capable of detecting — patterns that AI surveillance systems identify through behavioral anomaly detection that rule-based systems cannot match.
Claire's AI Compliance Solution
Claire Platform Capabilities
AI Spoofing and Layering Detection
Claire's market manipulation detection module applies machine learning to identify spoofing, layering, and quote stuffing patterns in real-time — detecting manipulation signatures at algorithmic trading speeds that exceed human surveillance and rule-based system capabilities, with alert generation for compliance review.
FINRA Rule 3110 Supervisory Documentation
Claire generates FINRA Rule 3110 supervisory documentation for trade surveillance — recording alert generation, review workflows, escalation decisions, and examination findings in the format FINRA expects during member firm examinations.
MAR Article 16 Compliance Reporting
Claire generates MAR Article 16 suspicious transaction and order reports (STORs) for EU trading venues and investment firms — automating the identification and filing of suspicious trading reports to national competent authorities.
Compliance Checklist
AI Regulatory Compliance Requirements
AI governance framework with board oversight: Board-approved AI policy with named accountability owners for all AI systems.
Pre-deployment risk assessment: Written risk assessment for all material AI before production use.
Independent model validation: Annual independent validation with documented results.
Fairness and anti-discrimination testing: AI credit and decision models tested for disparate impact on protected groups.
Consumer-facing explainability: AI decisions include explanation capability meeting applicable adverse action or transparency requirements.
Third-party AI vendor due diligence: Due diligence and monitoring documentation for all AI vendor relationships.
Data quality governance: Training data quality, lineage, and bias review documented.
Immutable audit trail: Records of all AI decisions affecting consumers or regulatory obligations maintained.
Board AI risk reporting: Quarterly AI risk reporting to board.
Incident response plan: Written plan for AI failures with regulator notification protocols.
Frequently Asked Questions
What patterns must AI trade surveillance detect under FINRA guidance?
FINRA's 2015 guidance identifies specific manipulation patterns that surveillance systems must be capable of detecting: spoofing (placing orders with intent to cancel before execution); layering (placing multiple orders at different price levels to create false appearance of demand); quote stuffing (submitting large numbers of orders rapidly to overwhelm competitors); wash trading (buying and selling to create artificial volume); and marking the close (trading near market close to affect closing prices). AI detection is necessary for algorithmic-speed patterns.
What is the EU Market Abuse Regulation and how does it apply to AI?
MAR (Regulation 596/2014) prohibits market manipulation and insider trading in EU financial markets. Article 16 requires investment firms and trading venues to establish systems to detect and report potential market abuse. ESMA's technical standards specify algorithmic manipulation patterns that surveillance systems must detect. AI trade surveillance systems that can identify these patterns meet MAR's detection obligation — and many firms use AI surveillance specifically to satisfy MAR Article 16 requirements.
How do FINRA and SEC coordinate on spoofing enforcement?
FINRA and SEC have a coordinated enforcement arrangement for securities market manipulation. FINRA's Market Regulation department provides surveillance services for national exchanges and generates referrals to FINRA enforcement and SEC enforcement when manipulation is identified. FINRA Rule 3110 requires member firms to maintain supervisory systems that complement (but do not replace) FINRA's market regulation surveillance. AI firm-level surveillance provides a first layer of detection that feeds referrals to regulatory surveillance.
What penalties do spoofing violations carry?
Spoofing violates the Commodity Exchange Act and the Securities Exchange Act. CFTC enforcement penalties for spoofing have included: Sarao ($38.6M CFTC penalty); Tower Research Capital ($67.4M, 2019); JPMorgan ($920M DOJ/CFTC combined, 2020); Deutsche Bank ($30M, 2021). SEC enforcement for related securities violations has produced additional penalties. Criminal charges under the wire fraud and commodities fraud statutes can result in imprisonment — Sarao received no imprisonment due to cooperation but other spoofers have been sentenced.
What is the difference between spoofing and layering?
Spoofing involves placing one or more large orders with intent to cancel before execution — creating false price pressure that moves the market in a direction that benefits the spoofer's other positions. Layering involves placing multiple orders at several price levels (creating a 'layer' of apparent market depth) and then canceling them when the manipulation has moved the price. Both are prohibited under the Commodity Exchange Act and Securities Exchange Act. AI detection distinguishes these patterns from legitimate order management by analyzing order-to-trade ratios, cancellation timing, and price impact patterns.
Related: Finance AI Overview | AI Model Risk Management | Regulatory Compliance