Prosecutors Catch a Spoofing Panther
Whenever I talk to people about high-frequency trading I ask them: "What should I think about spoofing?" My basic problem is that it seems so dumb. I mean, this is spoofing:
- Widgets are quoted at $100 bid, $105 ask and last traded at $102.50.
- You place an order to sell a million widgets at $104.
- You immediately place an order to buy 10 widgets at $101.
- Everyone sees the million-widget order and is like, "Wow, lotta supply, the market is going down, better dump my widgets!"
- So someone is happy to sell you 10 widgets for $101 each.
- Then you immediately cancel your million-widget order, leaving you with 10 widgets for which you paid $1,010.
- Then you place an order to buy a million widgets for $101, and another order to sell 10 widgets at $104.
- Everyone sees the new million-widget order, and since no one has any attention span at all, they are like, "Wow, lotta demand, the market is going up, better buy some widgets!"
- So someone is happy to buy 10 widgets from you for $104 each.
- Then you immediately cancel your million-widget order, leaving you with no widgets, no orders and $30 in sweet sweet profits.
Ugh doesn't that sound dumb? For two reasons. First of all, it is terribly risky. What if, unbeknownst to you, someone really wanted to buy widgets? You waltz in with your million-widget sell order, get lifted and all of a sudden you are short a million widgets at $104, $1.50 above the last trade. That is an awful risk to take for the prospect of making $30. 1
Second, though, it relies on a certain dumbness in your counterparties. You've done nothing here to deceive anyone about the value of widgets; you're not publishing fake research about blight in the Siberian widget fields or touting a new social network that will render widgets obsolete. All you're doing is modifying the order book so that it looks like there are more sellers (or buyers) of widgets than there were before. Anyone who had good fundamental reasons for buying or selling widgets at $100 or $105 before your order should have the same reasons after it. You're confusing only those with no opinions of their own, who decide what they want to do based on what other people are doing.
But, yes, of course, spoofing exists. Michael Coscia had a brief but lucrative and eventful career as an algorithmic spoofer; it seems to have started in August 2011 when he "devised, implemented, and executed a high-frequency trading strategy in which he entered large-volume orders that he intended to immediately cancel before they could be filled by other traders," and it culminated yesterday in his indictment by federal prosecutors. In between, he and his firm, Panther Energy Trading LLC, settled spoofing charges in 2013 with the U.K. Financial Conduct Authority for about $900,000, and with the U.S. Commodity Futures Trading Commission for $2.8 million. 2 And now he gets to be "the first federal prosecution nationwide under the anti-spoofing provision that was added to the Commodity Exchange Act by the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act."
Here is the indictment, which tells a similar story to the one in the FCA and CFTC actions:
COSCIA designed computer programs named Flash Trader and Quote Trader to implement his strategy, and instructed a computer programmer to create the programs. COSCIA gave the computer programmer instructions specifying how COSCIA wanted the programs to operate in particular market conditions.
Coscia himself is an old-school floor trader, not a tech guy. He outsourced the high-frequency part of his trading. 3 But he told the programmer what to look for, based on his trading experience:
COSCIA's trading programs looked for market conditions such as price stability, low volume at the best prices, and a narrow bid-ask spread -- that is, the difference between the prices at which prospective purchasers were willing to buy and prospective purchasers [sic] were willing to sell -- because his fraudulent trading strategy worked best under these conditions.
It was further part of the scheme that COSCIA's trading programs sometimes placed a "ping order" of one contract to test the market and ensure that market conditions would allow his fraudulent trading strategy to work well.
That's the risk management plan: Before placing the order to sell a million widgets at $104, you place an order to sell one widget at $104 and see if anyone lifts it. If someone does, stay away from the million-widget decoy. If not, you're safe.
Once it knew it was safe, Coscia's program would (allegedly) do things like:
- Put in an order to buy 14 euro/dollar future contracts at 14288.
- 11 milliseconds later, offer to sell 241 contracts at prices from 14298 to 14291. 5
- Watch the market drop on that big sell order.
- 7 milliseconds later, the 14-contract buy order is filled.
- 6 milliseconds later, cancel the big sell orders.
- 5 milliseconds later, put in an order to sell the 14 contracts at 14289.
- 22 milliseconds later, put in orders to buy 325 contracts at 14282 to 24288. 6
- 9 milliseconds later, the 14-contract sell order is filled.
- 5 milliseconds later, cancel the big buy orders.
So he seems to have bought 14 contracts at 14288 and sold them at 14289, making on my math $175 (one hundred seventy-five dollars and no cents) by risking $58 million, albeit only for 14 milliseconds at a time. Again, this seems dumb to me, but over the course of a couple of months he made a few million dollars, so I guess it worked out for him. 7 I mean until the indictment etc.
The other dumb thing is that this relied on exploiting dumbness in Coscia's counterparties. Or, it relied on exploiting a specific type of dumbness in a specific type of counterparty. That whole trade took a bit under 1/10th of a second. The only people who were fooled by the illusion Coscia created of supply and demand were not people. They were high-frequency trading algorithms. Coscia's algorithm couldn't have deceived anyone but other algorithms. The direct victims of his spoofing were high-frequency trading algorithms that made their trading decisions by looking at what other algorithms were doing. 8
Now, there are a lot of algorithms like that. Many high-frequency traders follow a market-making strategy, trying to buy at the bid and sell at the offer, and moving their markets based on how the algorithm perceives supply and demand. The algorithm can use various inputs -- if you're trading euro/dollar futures, you might look at interest rates and other currency pairs and commodity prices and so forth -- but the more information it uses, the slower it will be. The most immediately relevant information comes from the order book and executed trades: If a lot of people want to buy a thing and its price has been going up, then it will probably go up some more; if a lot of people want to sell it and its price has been going down, then it will probably go down some more. Spoofing works by manipulating the signal sent by the order book, and it works primarily against high-frequency traders who trade based on what the order book tells them.
But those high-frequency traders are pretty controversial these days. There are two overlapping lines of attack on them: 9
- They add no value, they're not doing any research or adding any information to the market, they're just trading based on what other people are doing.
- They are "legalized front-running": That is, they see what orders are in the order book, and what trades are executed, and race ahead of real investors to buy up shares and sell them to the real guys.
If you believe the first one, then you should have no objection to spoofing. That is: If you think that the only people who add value to financial markets are those doing fundamental research and coming up with their own view of what things are worth, and that algorithmic market-makers are just a tax on those real-money investors, then you should applaud Michael Coscia. He's just making life difficult for the bandits. You shouldn't believe this -- it is silly, there is value in market-making, it provides liquidity and makes prices efficient and balances supply and demand 10 -- but lots of people do.
If you believe the second one, then you might conclude that order information should be private: Big hedge funds, for instance, should be able to accumulate big positions without moving prices or being front-run by predatory traders. Again, this is a weird thing to think, but if you do think it there's an easy way to shut down spoofing: Just make all order books secret. If no one can know what the bids and offers are, no one can be deceived by big fake bids and offers. That, of course, is not the approach of Dodd-Frank or of the Justice Department, though I suppose it is arguably the approach of say dark pools.
Basically, spoofing doesn't hurt fundamental investors directly. 11 Fundamental investors trade based on fundamental views of value, not order-book information, so they shouldn't be thrown off by fake bids and offers. Also they probably trade too slowly to even notice this sort of spoofing. Spoofing only directly hurts market-makers, 12 whose job is to buy and sell in reaction to changes in supply and demand. In most modern markets, that means primarily high-frequency traders. If the FBI is going after spoofing, that's good for other high-frequency traders. The reason to crack down on spoofing is that high-frequency traders are socially valuable and need to be protected.
I'm stacking the deck here with my silly numbers; no one really offers a million contracts to buy 10. The Coscia indictment says that he offered, for instance, 241 with the intention of buying 14, still a big imbalance. I suspect that spoofers who don't get caught have even smaller imbalances.
By the way, that CFTC settlement featured a concurring statement from Bart Chilton that called high frequency traders "cheetahs" but didn't call attention to the big-cat synergies of punishing Panther for being a cheating cheetah.
You don't even need to do that to spoof, by the way, as we've discussed. Also yesterday there was a CFTC default judgment against another accused spoofer, who seems to have just entered his orders manually, albeit relatively quickly.
30 million euros, $43 million, give or take.
40.6 million euros, $58 million.
From the 2013 FCA order:
The orders placed by Mr Coscia were resting on the order book for typically less than one second. The FCA has concluded that placing the large orders for such a short period of time and automatically cancelling the remainder of a large order in the event of a partial execution made it very unlikely that the large orders would be executed. The execution statistics for Mr Coscia’s orders demonstrates that very few were in fact executed.
Obviously if he did get hit on his $58 million order in the example in the text, he could trade out of it at probably not that big a loss; it's not like there's any real risk of buying $58 million of euro futures and suddenly finding them worthless.
Possibly relevant is that another recent high-profile spoofing case involves one high-frequency trading firm, HTG Capital Partners, suing another one, Allston Trading, because HTG claims that Allston spoofed HTG's algorithms.
Besides the one that is like "well they're all spoofers," but my point is that HFT spoofers are only directly hurting other HFTs. If they are literally all spoofers then you get a pretty weird market, though it's not impossible that that's what we have.
I mean, there are some real and interesting issues. I mostly think that market-making based on order information provides social value in the form of making prices more efficient, and that we're not yet close to the point where it tips over into creating inefficiency by dissipating the returns to fundamental research. I don't have a ton of empirical evidence for that last point, other than the fact that hedge fund managers get paid a lot, and there is therefore no obvious lack of incentives to manage a hedge fund. I've written more on this here.
I keep saying "directly" because, of course, if market-making is valuable to real investors, then hurting market-makers indirectly hurts real investors by driving out market-makers or widening spreads or whatever.
And, like, goofball day-traders, but come on.
To contact the author on this story:
Matthew S Levine at email@example.com
To contact the editor on this story:
Zara Kessler at firstname.lastname@example.org