The Disciplinary Committee of Nasdaq Helsinki Ltd has imposed a reprimand and a fine of EUR 350,000 to Citigroup Global Markets Europe AG due to the breaches of the Nordic Member Rules of Nasdaq Helsinki Ltd. Citigroup Global Markets Europe AG had breached the Rules as the trading member of the Exchange in relation to the market incident occurred in May 2022.

Events

The Disciplinary Committee concluded in its decision that a trader at CITI placed at 9:57 a.m. on 2 May 2022 a series of sell orders with a combined value of USD 444 billion to the trading system. These orders were erroneous and caused by a so called “fat-finger” mistake, as they were based on an incorrectly entered quantity of 58 million units instead of the intended EUR 58 million. The majority of these orders were intercepted by CITI’s internal trade control system. However, orders with a combined value of approximately USD 190 billion were forwarded for execution via CITI’s algorithmic trading system. CITI’s internal trading control system automatically generated “Pop-up”-warnings that were displayed at the trader’s screen, but these warnings were overridden by the trader and as a consequence the erroneous order was registered and transmitted to different marketplaces. In total, orders representing a notional value of USD 1.4 billion were executed prior to the trader’s subsequent intervention, at approximately 10:10 a.m., to withdraw the outstanding unexecuted orders.

Immediately following the execution of the aforementioned orders, Nasdaq Nordic identified an abnormal and significant decline in the prices of various financial instruments and indices, including, inter alia, shares, futures contracts, and exchange-traded products traded on markets operated by Nasdaq Nordic (hereinafter referred to as the “Market Event”). The price drop persisted for a duration of approximately seven minutes before market prices corrected to approximately the same levels as before the Market Event. During the drop in prices, indices in Denmark, Finland, and Sweden fell by approximately 6.5 per cent, 7 per cent, and 8 per cent, respectively. Nasdaq Nordic’s analysis indicated that CITI was the largest seller in the market and, thus, the party that triggered the Market Event. Subsequently CITI has taken the responsibility for the fact that the Market Event occurred.

Soon after the Market Event was noticed by Nasdaq Nordic, Nasdaq Nordic tried to reach the person registered by CITI as the Head of Trading as well as other persons in order to notify of the Market Event that occurred and to find out more about the reasons that caused it. It was later revealed that the registered person did not hold anymore said position. Furthermore, it required several phone calls and correspondence to several persons between Nasdaq Nordic and CITI’s organization to locate persons who were in charge of the trading and who would be able to provide explanation for the Market Event.

Pre-trade controls and algorithmic trading activity

According the Rules, 3.5.2 (4.5.2), the members shall have in place pre-trade controls on price, volume and value of orders and post-trade controls on their trading activities, as well as technical and administrative arrangements in place enabling it to cancel immediately, as an emergency measure, any or all of its unexecuted Orders submitted to the Exchange (Members kill functionality) as required by MiFID. Further, according to the Rules, 3.12.2 (4.11.2), the Member shall establish procedures for Algorithmic Trading which ensure that the risks associated with such Order placements are reasonable in relation to the limits which apply to the Member’s activities and to its limits for delivery, settlement and, where relevant, clearing.

The Disciplinary Committee firstly concludes in its decision that one of the principal objectives of the aforementioned provisions concerning pre-trade controls in algorithmic trading is to prevent the emergence of, or contribution to, disorderly market conditions. A central element of these rules is that a trading member’s order submission system must be appropriately configured to suit the business it operates and in such a manner that it would prevent the sending of erroneous orders, such as so-called “fat-finger” mistakes, into the exchange’s order book.

The Disciplinary Committee emphasizes that it is the responsibility of the trading member to implement pre-trade control mechanisms that are both effective and proportionate, and that can prevent clearly erroneous orders from being submitted and transmitted by an algorithmic trading system to the order book. The members with individual trading systems are also in the best position to configure their individual control system to meet the required standards and it is not the Exchange’s responsibility to establish specific thresholds or to propose certain design of a control system.

In the present case, the Market Event was caused by the fact that a manually operated order entry system permitted an individual trader— acting as an authorized representative of CITI — to override multiple warnings issued by its internal control systems. Although CITI’s internal controls successfully intercepted the majority of the erroneous orders prior to their entry into the market, the pre-trade controls in place were ultimately inadequate. This directly contributed to a significant market disruption and a serious trading incident. The Disciplinary Committee furthermore noted in its decision that the submission of the erroneous and high quantity orders was a result of a fully unintentional and quite easily recurring manual error of one single trader. It cannot be therefore deemed unreasonable to require that the pre-trade control systems in place should have prevented such an error. The Disciplinary Committee agreed with CITI’s argument that merely the fact that CITI has enhanced its pre-trade control mechanisms after the incidence does not constitute as such proof of them being inadequate in the first place. These enhancements however demonstrate that there has clearly been room for improvement.

The Disciplinary Committee further noted in its decision that, pursuant to the applicable rules, a member shall be held liable for all trading activity conducted via its electronic connection to the exchange’s trading system, irrespective of whether such activity is carried out by an authorized representative of the member. As CITI has itself clarified, it is responsible for the Market Event and for meeting the required standards of the pre-trade controls. The Disciplinary Committee finally noted in its decision, when assessing pre-trade controls in algorithmic trading, Sections 3.5.2 (4.5.2) and 3.12.2 (4.11.2) should be considered together as whole.

Based on the above reasoning, the Disciplinary Committee found that CITI had breached sections 3.5.2 (4.5.2) and 3.12.2 (4.11.2) of the Rules.

Internal monitoring and handling of erroneous orders

The purpose of the rules governing the monitoring of trading, in this case specifically Sections 3.5.3 (4.5.2) and 2.7.4 (3.7.4) of the Rules, is according to the Disciplinary Committee to identify during the trading potential issues in the conduct of trading members, particularly in relation to algorithmic trading. These rules are primarily designed to detect signs of disorderly trading and to enable timely and appropriate corrective actions, including immediate notifications to the Exchange and, where necessary, the potential cancellation of trades.

The Disciplinary Committee noted in its decision that CITI’s internal real-time monitoring function investigated the alerts triggered by its control system. However, the monitoring function only contacted CITI’s trading desk at 10:31 CET, which was over 30 minutes after the incident was initiated by the trader and after the Market Event had started to escalate. Subsequently, over 30 minutes later, at 11:09 CET, the Exchange was informed of the reasons for the incident. Nonetheless, this information was not provided through contact initiated by CITI, but rather by the Exchange itself. Furthermore, at 14:08 CET, CITI fulfilled remedial action in the form of an application for the cancellation of trades, as late as approximately four hours after the Market Event.

In light of these facts, and in the Disciplinary Committee’s view, it is evident that CITI’s monitoring function failed to effectively perform its duties in real-time monitoring of trading activity. The Disciplinary Committee further observed in its decision that, in such circumstances, a real-time monitoring function should have been capable of initiating contact with the Exchange at an earlier stage than was actually done.

Based on the above reasoning, the Disciplinary Committee found in its decision that CITI had breached Sections 3.5.3 (4.5.3) and 2.7.4 (3.7.4) of the Rules.

Trading member’s contact information

According to the Rules, 3.2.5 (4.2.5), the Member shall ensure that all information provided in Nasdaq’s Member Portal is kept up to date at all times.

CITI had stipulated that there was an error in regard to registered contact details and as such a breach of Section in question, but that as the erroneous contact detail was just one out of five potential contact points available for the Exchange, CITI does not consider it to be a material deviation from the Rules that warrants any disciplinary sanction.

The Disciplinary Committee took in its decision into consideration the importance of the up-to-date contact details of Head of Trading, and found that CITI was in breach of the Rules, 3.2.5 (4.2.5), by failing to keep the information in the Member Portal up to date.

Assessment of sanctions

The Disciplinary Committee has found in its decision, in summary, that CITI has breached five Sections of the Rules. The most serious violation pertained to CITI’s deficiencies in its pre-trade controls related to algorithmic trading, which enabled the submission of an erroneous and excessively large order that subsequently led to a significant market disruption and a severe trading incident. In light of this, the Disciplinary Committee regarded CITI’s breach as a serious one.

In its assessment, the Disciplinary Committee has considered the corrective actions taken by CITI following the incident as a mitigating factor. However, these post-incident remedial actions cannot be afforded substantial weight in the sanctioning assessment, as they represent measures that CITI was obligated to undertake in the first place.

The Disciplinary Committee further noted in its decision that while the impact of the Market Event was, to some extent, less severe for Nasdaq Helsinki in comparison to Nasdaq Stockholm and Nasdaq Copenhagen, particularly with respect to changes in indices and the volume of orders and executed trades, this does not constitute a mitigating factor. The relative severity of the consequences does not diminish the seriousness of the violations of the applicable rules. The erroneous orders entered into the algorithmic trading system were still sufficiently large to cause significant disruption, thereby constituting a serious incident in Nasdaq Helsinki market.

As a result of the same Market Event and CITI’s breach of trading rules across multiple marketplaces, CITI has already been sanctioned, including a fine of SEK 6 million imposed by Disciplinary Committee of Nasdaq Stockholm. The Disciplinary Committee has in its decision considered the relevance of these multiple sanctions and emphasizes that each related Nasdaq Nordic exchange is a separate licensed entity with distinct obligations to supervise its local market. Also, CITI as a trading member is bound to applicable rules and sanctions when operating in each of the local markets. Consequently, the Disciplinary Committee concluded that although the regulations, rules and trading system are common across the Nasdaq Nordic markets, the sanctions already imposed to CITI cannot have substantial mitigating or commensurate effects in this case.

The Disciplinary Committee further concluded that the breaches of the rules in question involve basic obligations for a trading member. The multiple rule violations, occurring in a short period of time, were of a severe nature and their consequences substantial in both size and volume. Although the incident was a result of human error, it also highlighted significant deficiencies in CITI’s processes, systems, and controls. A system that allows consecutive warnings to be bypassed by a single trader demonstrates inadequate functioning of internal controls. Moreover, the failure to act in a timely manner exacerbates the situation. These failures undermine investor protection and erode the trustworthiness of the securities markets and the Exchange.

In light of the above, the documentation provided, and the reasoning as a whole, the Disciplinary Committee concluded in its decision that a proportionate sanction to CITI consists of a reprimand and a fine of the amount of EUR 350,000.

Surveillance at Nasdaq Helsinki and the Disciplinary Committee

The surveillance unit of Nasdaq Helsinki Ltd investigates all suspected breaches of regulations. Minor breaches will result in reprimand to the party, whereas more serious cases are referred to the Disciplinary Committee. The members of the Disciplinary Committee are legal and financial experts independent of Nasdaq Helsinki Ltd. The members of the Committee are Mr. Ari Kantor, Justice, Supreme Court of Finland; Mrs. Helena Kontkanen, L. of Laws and trained on the bench; Mr. Kari Hietanen, Master of Laws, Executive Vice President; and Mr. Sami Torstila, D. Sc, M. of Laws, Associate Professor. The sanctions may be a reprimand, a fine or in an utmost case a termination of the membership.

Nasdaq Nordic Foundation

Established in 2006, the Foundation supports financial markets through scientific research. The Nasdaq Nordic Foundation receives paid fines from breaches by members or listed companies in Nasdaq Helsinki, Nasdaq Copenhagen, and Nasdaq Stockholm. The Foundation’s mission is to promote scientific research and other initiatives related to financial markets in Finland, Denmark, and Sweden, with the goal of increasing competence and competitiveness for the financial markets in these countries.

About Nasdaq

Nasdaq (Nasdaq:NDAQ) is a leading global technology company serving corporate clients, investment managers, banks, brokers, and exchange operators as they navigate and interact with the global capital markets and the broader financial system. We aspire to deliver world-leading platforms that improve the liquidity, transparency, and integrity of the global economy. Our diverse offering of data, analytics, software, exchange capabilities, and client-centric services enables clients to optimize and execute their business vision with confidence.