Skip to content

Spoofing: What it is and our top 5 tips for prevention

9 February 2023

We take a deep dive into the practice of spoofing, what it looks like, and how we can prevent it from happening.

What is spoofing?

Spoofing is a type of disruptive trading behaviour that can occur frequently in the commodities markets, or where there is the use of algorithmic or high frequency trading strategies.

Spoofing (also referred to as ‘layering’) is a term used to describe a form of market manipulation where traders place a bid or offer with no intention of fulfilling it, instead cancelling the bid or offer before execution. The actual form of spoofing can vary, however it usually involves the placing of non-bona fide orders on one side of the order book which are then cancelled immediately or soon after. The purpose of the spoof is usually to artificially move the price of the relevant security or commodity, by creating a false impression of its supply or demand in the market, in order to benefit the trader’s own trading position.

The Financial Conduct Authority (FCA) in the UK is the main body responsible for enforcement action in relation to spoofing and market manipulation. It highlighted its concerns about such behaviour as early as August 2009 in their Market Watch newsletter (Issue 33) and have continued in subsequent newsletters to emphasise the importance of firms taking measures to prevent and detect such behaviour. The FCA’s commitment to taking action on market abuse was most recently confirmed in their 2022-2025 strategy in which they committed to making significant upgrades in their market surveillance systems to enable them to “keep pace with evolving market abuse techniques and take advantage of advancements in big data analytics” to catch out potentially abusive market behaviours.

What are the consequences for those who engage in spoofing practices?

The UK Market Abuse Regulations (UK MAR), which is based on and still closely follows the EU Market Abuse Regulations, contains a general prohibition against ‘market manipulation’ and provides the definition of market manipulation in Article 12 which includes examples of the broad type of behaviours which would fall under this category, such as entering into a transaction which gives false or misleading signals as to the supply/demand/price of a financial instrument. Annex 1 provides further examples of types of behaviours which could amount to market manipulation, although these types of behaviour may be difficult to spot. Under UK MAR the FCA can take regulatory (civil) action against firms and individuals found to have engaged in market abuse. Regulatory action can include a financial penalty, being prohibited from certain activities1 and withdrawal of approval.

In a criminal context, market manipulation is covered by the Financial Services Act 2012 (FSA 2012) and the Fraud Act 2006 (FA 2006). Section 89 of the FSA 2012 contains the offence of making misleading statements where it must be shown that the person making the statement knew it was it to be false and misleading or was reckless or dishonest in doing so.

Section 90 of the FSA 2012 is the offence of making misleading impressions, where the person intended to make a misleading impression with the intention of inducing another to acquire, dispose of or subscribe to investments, while making a gain for himself or causing loss to another. Although, note for this offence, no actual gain or loss needs to have been taken place for the offence to be made out.

For the FSA 2012 offences, it will be a defence if it can be shown that there was a ‘reasonable belief’ that the conduct in question would not create a false or misleading impression.

There is a separate offence under Section 2 of the Fraud Act 2006 of dishonestly making a false representation intending to make a gain for himself or cause loss to another.

All of the above criminal offences carry a maximum punishment of 10 years’ imprisonment and/or an unlimited fine.

How to prevent it

Firms and individuals who arrange or execute transactions are required under Article 16 of UK MAR to establish and maintain effective arrangements, systems and procedures to detect and report market abuse while market operators and investment firms who operate trading venues are required to have similar controls in place to prevent and detect market abuse.

Prevention and detection include conducting regular risk assessments focused on market abuse risks, conducting real time (or as near to as possible) transaction monitoring/surveillance and ensuring that those responsible for managing financial crime risks (e.g. front office employees as well as those in the compliance function) are given training to understand what market abuse is and to identify suspicious transactions and orders. Some examples of key data points to look for when analysing trading data are any size discrepancy between buy and sell orders on both sides of the market, the percentage of cancelled orders relative to the number of orders placed, the passage of time before large volume orders were cancelled, and the frequency of order patterns.

In its May 2022 Market Watch Issue 692 newsletter the FCA focused on market conduct and transactions reporting issues and suggested that companies can go further in their efforts to prevent spoofing and improve on the efficacy of their risk assessments by gathering additional data on the different business areas, the methods of execution for trades, the different asset classes and specific financial instruments. In relation to order and trade surveillance arrangements, it indicated that it favoured a tailored approach to surveillance which took into account the different characteristics of different asset classes and instruments, which in turn would reduce the number of false positives.

Reporting suspicions

Where a firm identifies any orders, transactions, or behaviour which they have ‘reasonable grounds’ to suspect might be market abuse, they must make a suspicious transaction and order report (STORs)3 to the FCA who then have the option to initiate an investigation.

In terms of timing the FCA take the view that STORs should be submitted without delay, once a reasonable suspicion that the relevant conduct could constitute market abuse is formed. It does, however, recognise that where firms identify conduct by their own employees they may wish to conduct an internal investigation to establish what has happened and state that in such circumstances any further information not available at the time the STOR is made can be sent to them at a later date.

For individuals faced with enquiries from the FCA in relation to spoofing or other market abusive behaviours, it will be a defence to show that they had ‘reasonable belief’ that the conduct in question would not create an impression which was false or misleading. It is also worth noting that there are scenarios in which the cancellation of orders is perfectly legitimate; each case will depend on the facts and an analysis of the trading patterns as a whole.

How to respond to a query by the FCA

When the FCA becomes aware of a transaction which could be a form of market manipulation, whether from its own transaction monitoring or as a result of a STOR, the first step will always be engagement with the employer organisation. The FCA has the power to issue information requests, and it is highly advisable to comply with such requests.

The regulator may want further information, and as a company it will be important to preserve any transaction data, any risk assessments that were conducted, and any policies and procedures related to market manipulation that the company has in place. It is recommended that legal advice is taken at the earliest opportunity to ascertain whether an internal investigation or disciplinary proceedings are necessary. Experienced investigations lawyers will also be able to provide tactical insight as to how best to deal with regulators, assisting as needed but also minimising the business risk for the company generally.

If you are an individual who approached by the FCA, the key takeaway is to be able to show that the transactions were done with a reasonable belief that the conduct in question would not amount to creating a false or misleading impression. Examples of this can be to show that the individual was in fact compliant with any existing policies on market manipulation or show that the cancellation of orders for example were for a bona fide reason, or that they had reasonable belief to that they were not creating a misleading impression.

Like a company, the individual should also collect and preserve all records and/or transaction data in relation to the trades to aid their defence.


In its 2020-2025 strategy the FCA committed to taking decisive action where market abuse is detected using “the full range of our supervisory and enforcement tools, including criminal and civil sanctions where appropriate, to pursue offenders and deter future wrongdoers”.

Whether the FCA will pursue civil enforcement in the case of spoofing will vary depending on the facts and an analysis of the trading patterns of each case, therefore preserving all relevant information and records is key. While the UK does not have a codified criminal offence of spoofing like the US does , the FCA continues to robustly investigate cases of market abuse.

Unlike the UK, the US has had a run of success in prosecuting individuals for spoofing, the most recent result in August 2022 when the DOJ successfully convicted Michael Nowak and Gregg Smith. Nowak and Smith were former precious metals traders at JP Morgan in Chicago, IL, and their conviction represents the largest successful prosecution of spoofing in the US thus far.

Top 5 Tips to reduce the risk of spoofing

We recommend:

  1. Risk assessments for market abuse should be comprehensive, accurate and up to date.
  2. Trade surveillance is undertaken and that it is calibrated to the underlying assets being traded. The price movements in some assets can be very different to others and if not properly calibrated it is likely false positives will result.
  3. Policies and procedures and training should be detailed and up to date. We recommend that policies should include guidance as to what the signs of suspicious activity might include and what information to use and/or consider.
  4. If your trade surveillance is outsourced, whether internally or externally, ensure that the firm understands what work is actually being done on its behalf and that it is effective for the UK business (for example, that it is appropriately calibrated)
  5. Provide regular and tailored training to staff to ensure that they understand market abuse and their role in escalating potentially suspicious behaviour.


  1. For example, Corrado Abbattista, a trader and portfolio manager, partner and chief investment officer at Fenician Capital Management LLP was fined £100,000 in December 2020 and prohibited from performing any function in relation to any regulated activities in connection with a number of misleading orders he placed in 2017.
  3. STORs relate to suspicions of market abuse and should not be confused with Suspicious Activity Reports (SARs) made to the NCA when money laundering is suspected.
Download Briefing

Download a PDF version of ‘Spoofing: What it is and our top 5 tips for prevention’