How to Catch a Spoofer

A federal judge in Chicago is expected to rule soon on a high-profile spoofing case. Brought by local firm HTG Capital, the lawsuit seeks to compel the owner of the Chicago Board of Trade to identify those behind thousands of trades that, the company alleges, manipulated the U.S. Treasury futures market. Spoofing is when a trader enters deceptive orders tricking the rest of the market into thinking there's more demand to buy or sell than there actually is. Spoofers make money by pushing the market up or down in tiny increments, allowing them to buy at a low price and sell when the price goes back up, or the other way around. When repeated hundreds or thousands of times in the space of a few minutes, all those small transactions add up. Spoofing has been getting a lot of attention in the news lately. Earlier this year, Navinder Sarao was arrested in London and accused of spoofing from 2009 to 2014 — including allegations he contributed to the frightening May 2010 “flash crash” in U.S. stocks. In July, Chinese officials said they thought they detected 24 instances of spoofing as shares on the Shanghai and Shenzhen stock exchanges plummeted. In today’s computerized markets it can be extremely difficult to catch a spoofer amid the deluge of daily trades.

The trading on the Chicago Board of Trade is anonymous and organized in an order book like the one seen here. It shows the best prices to buy or sell near the last traded price. The total number of bid and ask offers at each price indicates where the demand is.

The spoofing alleged in the lawsuit took place in the market for U.S. government’s 10-year Treasury bond, which trades on the CME Group’s Chicago Board of Trade. In that minute, orders were modified or executed more than 5,000 times. The data comes from Vertex Analytics, which has exclusive access to the Board of Trade’s feed, so what you are looking at is not a simulation; it’s actually what happened on December 6, 2013, the day in question. While there have always been ways to cheat the system, the rise of computerized trading has made manipulation more of a threat as markets around the world are linked in ways they never were before. The speed and sophistication of cheaters have also increased with electronic trading, which is posing a challenge to regulators. Futures trading today mostly involves one computer trading against another computer. That’s where the spoofer comes in.

It takes a practiced eye to catch a spoofer in that maelstrom. “Regulators” or high-frequency trading competitors like HTG look for irregular patterns of behavior. There are several types of spoofing, but in the HTG case, what’s alleged is a three-stage process. The first stage is called the build-up. The spoofer places many phantom orders to sell—orders the spoofer doesn’t intend to make good on. Honest traders are tricked into following suit and enter sell orders on the expectation that prices will fall and they can buy back the contracts for a profit. The spoofer then cancels all the fake orders in the second phase. In the third phase, called the sweep, the spoofer enters a large buy order. That leaves the honest part of the market having sold contracts as prices are rising, not falling. As the honest traders—their computers, actually—scramble to reverse their trades, the spoofer is waiting to sell them contracts at a profit.

Of course, honest traders change their minds all the time and cancel orders as economic conditions change. That’s not illegal. To demonstrate spoofing, prosecutors or regulators must show the trader entered orders he never intended to execute. That’s a high burden of proof in any market.

In its lawsuit, HTG produced a list of 6,960 other instances in which it believes it was tricked by alleged spoofers in 2013 and 2014. The case now hinges on whether the court will demand to know who was on the other side of those transactions.