COLUMN – OLAF RANSOME | Like riding a Zurich tram without a ticket, insufficient trade and transaction reporting can go under the radar for a long time, but what when you face your day of reckoning and the punishment that follows? Join Olaf for a look into the anatomy of the problem, and the art of getting the basics straight.
Through a series of six column articles for PostTrade 360° in 2025, banking operations veteran Olaf Ransome digs into everyday operations – seeking to help us understand some of the everyday challenges and how to master them. Find Olaf’s articles indexed here.
Trade and transaction reporting is the focus of this month’s post. Several things prompted me to dig into this topic. Firstly, this ought to be easy; requirements are known, yet time and again, the regulators announce big fines for financial institutions for shortcomings over many years and lastly, I see one of my industry veteran friends being called in to one firm after another to help fix reporting problems.
Fines around matters reporting feel like sackings of football managers in England: frequent, recurring and happening at all places big and small. A first pass Google search proves the point:
Jan 2025: Infinox Capital Limited (Infinox) has been fined £99,200 by the FCA for failing to submit 46,053 transaction reports which risked market abuse going undetected. (UK FCA announcement here)
May 2024: JPMorgan to pay $100 million over CFTC trade reporting. (Reuters article here.)
Mar 2019: FCA fines Goldman Sachs International £34.3 million for transaction reporting failures. (UK FCA announcement here.)
Yes, they do it – just wrong
So, it looks like we have a failing across the industry. Is this a sign of deliberately not doing things or just a process failure? This would definitely fall into the world of Operational Risk, or OpRisk. As the Basel Framework puts it: “… the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk but excludes strategic and reputational risk”. When I think about OpRisk, I see only two flavours, which are MECE, mutually exclusive and collectively exhaustive:
1. Inadequate process.
2. Adequate process not followed.
“Firms are not doing the work, perhaps not at all or perhaps improperly, to verify that the report output can be tied back to what was booked or is in open status in books and records.”
What’s going wrong and why are firms struggling to control things?
First, two definitions. Trade reporting is: “this is the trade we have executed”, normally reported on trade date – as distinct from transaction reporting: “these are the open transactions we have right now”, which is reported on trade date + 1 and afterwards.
To find out more, I sat down with one of my industry veteran friends, Jeff Kiy. For as long as we have had things EMIR and MiFID, he has been at the sharp end of matters reporting. Jeff is like the Red Adair for things reporting; there is always a new reporting fire for him to help put out.
A first observation from our chat is that the challenge here is as near as, damn it, 100% a case of inadequate process. Simply put, firms are doing their regulatory reporting and someone, somewhere is ticking the box marked “report X filed”. First R word done as it were, but they are following defined processes which are inadequate. Inadequate in the sense that they are either under- or even over-reporting, in other words not reporting the right things, and / or the details, such as direction of trade, are not correct, which is not reporting the right things right.
Is it adding up?
Whether we are talking trade or transaction reporting, we are talking high volumes of activity. A buy-side shop might be reporting on 20,000 open transactions. Those sorts of volumes beg the question of: “If we reported 20,000 transactions, how do I know if that is the right number?” And there is an additional wrinkle, which is something where a so-called “delegated party” does the reporting on behalf of another firm. In that case, it is even less likely that somebody is really pondering if the reported numbers are correct or not.
Jeff’s thoughts on this were around controls, specifically two other R words: reconciliation and remediation. For both trade and transaction reporting, in any shop, the process starts with extracting data from one or more systems into some form of reporting tool. This is followed by some data enrichment and then the report submission process. Reconciliation is the first place we find process inadequacy. Firms are not doing the work, perhaps not at all or perhaps improperly, to verify that the report output can be tied back to what was booked or is in open status in books and records. In the case of trade reporting, which has to be done very shortly after a trade is booked, some form of end-of-day check of the ledger to what was reported would at least uncover issues quickly.
“Addressing these issues is really a matter of having the right tools; ones which can deal with the volume of data and still keep an audit trail to show “we started with 100 records, 80 were reported, these 20 were not for these reasons”. This is beyond the reach of Excel.”
In the case of open transactions, there are two points where controls might properly be applied; one is simply comparing open trades to what was reported. Another is comparing the aggregate net positions reported to the net open positions in the books and records. Jeff’s words: “People are doing the reporting as ordered, but they don’t do a reconciliation. Far too often they are not performing any controls to ensure they are neither under- nor over-reporting.” Jeff pointed me to the underlying causes of this oversight:
1. The tools which most folks use do not themselves explain why a record was not reported; they just know that 80 transactions are being reported and have no record of why the other 20, of the original universe of 100, are not reported.
2. A complicating factor is that the reporting output is in XML; this is not easily scanned to even know there are 80 records being reported although some TRs provide a CSV copy for some of the reports.
3. There are not enough senior Ops folks involved in the process. Those seniors are the ones likely to understand when and why reporting breaks down.
Addressing these issues is really a matter of having the right tools; ones which can deal with the volume of data and still keep an audit trail to show “we started with 100 records, 80 were reported, these 20 were not for these reasons”. This is beyond the reach of Excel, which like advertising is not necessarily a good or a bad thing, but it depends on the use to which it is put.
Fixes, quick and slow
Another process inadequacy is how firms go about remediating the problems they do identify. Jeff explained to me how two standard processes turn out to be progress prevention obstacles: “Reporting standards require you to deliver records with the field values the reporting authority sets out. As an example: under EMIR norms the ‘Intragroup’ field requires values of ‘TRUE’ or ‘FALSE’, but a firm’s systems might have this incorrectly hard coded as X or Blank. My approach to this is to divide the problem into two:
i) locally, do a data transformation to repair and re-submit and then
ii) put in a change request for the change to be made in the upstream systems to fix the ‘golden source’. When things are eventually fixed at source, part i) is simply redundant.” But he goes on: “Many firms don’t want end-users adjusting data and insist the only acceptable solution is fixing the source. Then along comes their SDLC, the software development life cycle, and nothing gets done anytime soon.”
“This approach makes everything an IT problem, which results in further de-skilling in Operations.”
This approach makes everything an IT problem, which results in further de-skilling in Operations. Whilst IT leaders are rightly worried about end-user computing, the overall process control would be better served by empowering senior Ops folks with the right tools. It’s a relatively simple process to build a remediation tool to interrogate open transactions at the TR and produce a remediation file to re-report easy trackable errors without the need to wait for IT dept to fix at source and reduces the chance of fines from the Regulators, as Jeff has done at a number of Buy and Sale side firms.
With so much volume, I had to ask Jeff the question: “If the firms themselves are somehow blissfully unaware of this reporting problem, how do the regulators find them out?” He had a simple explanation for me: “Reporting is not much different to matching trades for settlement in Euroclear. In Transaction reporting we talk about pairing and matching; the former is a simple match on a limited number of fields, whereas Matching is based on more fields being agreed between two parties. When one party reports and one doesn’t, that mis-match is very visible.”
I would put his answer in the same bucket as travelling by public transport here in Switzerland without buying a ticket. We have an honesty system; eventually you will get checked and found out. And a failed check will cause a deeper dive. Here in Switzerland, if you get caught without a ticket, the fine is some $100, a civil penalty. But they keep score; three strikes and you have a criminal record. My sense of the regulatory fines I see is that if the regulators catch you out, and the problem has persisted over a long period, then the fine includes a big element of being punished for having inadequate procedures.
In conclusion
In your shop there will be various trade and transaction reporting processes. That means there is every risk that your reporting is not 100% and if it is not 100%, then you will get found out. The fine that will go with it is likely more expensive than the effort to do a little bit of common sense checking now.
If you are the COO of the firm, or the CFO, or even its Head of Operations or COO of the arm which houses any trading, ask your people the following question: “In our trade and transaction reporting, how do you know that we are reporting 100% of what we should report and that we aren’t opening ourselves up to fines down the road – and am I on the hook for this under the Senior Management Conduct Rules (SMCR)?” That question is pretty much free; at most it will take a bit of somebody’s time, which is already paid for, to come up with an answer. The rest is up to you: what do you think about what they are telling you? If you do need help, don’t be too shy to ask for it.
