Summary
- Market manipulation spans commodities, securities, crypto, and FinTech.
- Regulators combat schemes like spoofing, pump-and-dump, and AI-driven fraud, focusing on cybersecurity, transparency, and evolving tech challenges.
The Business Lawyer
Market Manipulation Developments
iStock.com/primeimages
Jump to:
Introduction
This survey addresses various regulatory developments regarding market manipulation. Contemporary regulatory programs have been initiated to confront systemic manipulation across multiple markets, including agricultural commodities, securities, derivatives, swaps, currencies, energy, credit, and interest rates. Successful manipulation heavily relies on contagion sentiment and the wisdom or folly of the crowd. The immediacy of electronic communication and connectivity fosters innovation in manipulative schemes, while financial technologies continue to test whether countermeasures against manipulation are sufficiently robust, creating a persistent cat-and-mouse game. This survey begins with an historical context of market manipulation, followed by an examination of key regulatory authorities and their roles. The survey then focuses on common manipulative schemes, the impact of financial technology, cybersecurity measures, and notable case studies. It concludes with insights into future trends and challenges in combating market manipulation.
Relevance of Manipulation History to Cyberspace
The motivation to regulate commodities manipulation dates back to the Anti-Gold Futures Act of 1864 and the Future Trading Act of 1921. The Grain Futures Act and the Commodity Exchange Act (CEA) eventually addressed manipulation directly. Securities regulations emerged in the early twentieth century, with initiatives such as Kansas’ 1911 regulation of speculative schemes. Manipulative practices during the Roaring Twenties prompted Congress to enact New Deal legislation that, among other things, regulated the financial markets and established the Securities and Exchange Commission (SEC). Today, financial technologies (FinTech), like many cryptocurrency transaction configurations, are prime manipulation suspects. Social media (SM) manipulation is directly linked to market manipulation. Energy and currency markets, while traditionally considered commodities, offer additional opportunities for manipulation. Energy manipulation is addressed under the regulatory authority of the Federal Trade Commission (FTC), the Federal Energy Regulatory Commission (FERC) and the Justice Department (DoJ). Currency manipulation is generally enforced by federal financial and consumer protection authorities, as well as the DoJ. With the growth of innovative technology-based products and services, we believe that, in the future, additional assertions of international, federal, and state enforcement actions related to manipulation should be expected in both existing and emerging markets.
Regulatory Authorities
Various international, federal, state, and self-regulatory organizations (SROs) regulate markets to prevent manipulation. Key regulatory bodies include the FTC, SEC, FERC, DoJ, stock exchanges, Financial Industry Regulatory Authority (FINRA), Office of the Comptroller of the Currency (OCC), Federal Reserve Board (FRB), and Consumer Finance Protection Board (CFPB). These organizations target cognitive biases that manipulators exploit, often leading to market failures. The targets of these manipulations may serve as unwitting participants, victims on the losing side of transactions, or both. For these reasons, this survey highlights various schemes and techniques leading to market failures.
Defining Manipulation
Manipulative schemes generally perform best at scale, thereby causing significant economy-wide impact by crossing both related and dissimilar market platforms. While this survey does not catalog the full range of manipulative schemes, it does present several well-known devices and some potentially unexpected practices, including both direct manipulations and ancillary, but necessary, elements in manipulative schemes. Examples of well-known manipulative schemes include rigged and matched trades, bear/bull raids, short sales, options trading, insider trading, frontrunning, shadow trading, financial disclosure fraud, rumormongering, spoofing, pump-and-dump schemes, corners, wash sales, marking the open/close, scalping, and swaps. Related, supportive techniques and structures that assist manipulators may be unlawful when deployed with manipulative intent. Sometimes conspirators simply exploit structural vulnerabilities, with cybersecurity failures being paramount among these vulnerabilities. Other exploitable conditions include trades in related derivatives or correlates, offshore trading, multiple account use, benchmark/indices manipulation, timing of trades, pent-up demand during off-hours, and deceit that encourages market misinterpretation, including the enlistment of analysts and SM influencers. Schemes powered by artificial intelligence (AI) have emerged, enabling algorithmic and high-frequency trading. Furthermore, AI generates and amplifies both hype and pessimistic misinformation, making it extremely challenging to follow compliance practices properly and meaningfully.
The lack of a clear definition of manipulation likely permits, and even encourages, the proliferation of various schemes. Manipulation is increasingly characterized as a form of fraud, requiring proof of scienter and often involves conspiracy networks, making an accurate and eternal taxonomy challenging. Consequently, regulatory pursuit of manipulation is quite challenging and reliant on cyber-forensics of electronically stored information (ESI) on various devices, in cloud repositories, and on open-source intelligence sources, like social media. Market manipulation involves artificially affecting prices, volume, supply, or demand through deception, matched purchases/sales, or rigged quotes and trades.
Cybersecurity: Cross-Cutting Manipulation Countermeasures
Poised for greater intensity, cybersecurity defends against manipulation, enhancing both prevention and the discovery of vast troves of forensic-quality evidence. Concerns over insufficient cybersecurity investment, deployment, and maintenance are now pervasive and will likely remain so into the near and medium term. Entities have long focused on cybersecurity costs and benefits, but evidence shows that competition alone cannot solve under-investment without major intervention.
In 2023–2024, the White House, Commerce Department, SEC, and FRB issued significant cybersecurity policy guidance, which will impact market manipulation. An essential cybersecurity factor is the intensifying compliance efforts of SROs, broker-dealers, futures commission merchants, and various financial intermediaries. Inadequate compliance efforts increase the vulnerability to financial fraud by permitting disinformation, forgery, and inaccurate market signals. Successful compliance prevents asset and information sabotage and misappropriation, and it provides an evidentiary trail discoverable by forensic-quality experts. Compliance security can ensure accurate transaction and communications record-keeping. However, security may become targeted for cutbacks when risk management is considered costly or weakens profitability, thereby making financial information systems fragile.
White House Cybersecurity Standardization Efforts
In 2024, the inaugural cybersecurity report issued by the White House provides a “nudge” from the president’s bully pulpit. First, it flips cybersecurity duties from primarily the end-user to the “least cost provider.” This reversal swaps haphazard, non-standardized security measures for systematic cybersecurity, improving resilience, and diminishing free-riders. Second, it urges long-term cybersecurity investment that would deter market manipulation, as it provides guidance on: (i) critical infrastructure focus (financial markets, communications networks), (ii) ransomware, (iii) supply-chain exploitation, (iv) commercial spyware, and (v) AI. Third, it reports cybersecurity developments throughout the federal government and in collaborations with the public-sector (government contractors).
On February 28, 2024, President Biden issued an executive order titled Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern, which solidified defenses to online acquisition of SM data. The order will reduce spoofing and fictitious account acquisition, thereby deterring market manipulation and data exploitation by foreign nations.
In August 2023, the National Institute of Standards and Technology (NIST) released for public comment a draft revising its cybersecurity framework. In February 2024, the NIST published its finalized Cybersecurity Framework 2.0, which drives cybersecurity standardization in the cybersecurity “hardening” activities of most government agencies and achieves considerable private-sector compliance. NIST’s updates focus on information governance and supply chains hardening, both critical to manipulation enforcement. As reflected in Figure 1, NIST contributes to cybersecurity standardization by supplementing the efforts of various domestic and foreign financial market SROs.
Figure 1: NIST Cybersecurity Framework
SEC Cybersecurity Rule
Finalized on July 26, 2023, the SEC’s long-awaited cybersecurity incident disclosure rule essentially operates as a standardized transparency rule for publicly traded registrants. The rule supplements previous SEC Cybersecurity Guidance on safeguarding client credentials, ransomware, third-party cybersecurity service providers, cybersecurity risk analytics, incident materiality, incident disclosure timing, and insider trading prior to incident disclosure.
Under the new rule, cybersecurity incidents must be publicly filed within four days on Form 8-K. Further, annual disclosures of cybersecurity risk management processes, strategy, governance, and board oversight must be filed on Form 10-K, with foreign issuers filing on Form 20-F. The annual disclosure obligations apply for fiscal years ending on or after December 15, 2023. SEC Chair Gary Gensler emphasized that the materiality of losses regarding intangibles, such as data, may often rank as high as losses of tangible property. Materiality assessments must be made quickly. As with an increasing number of regulatory matters, compliance requires interdisciplinary teams: creation, empowerment, management, and integrated work product that includes computer/network security, risk management, legal, and accounting expertise. Readiness, testing, and resilience are required. Disclosures must be made in standardized Inline eXtensible Business Reporting Language (Inline XBRL) to enhance online accessibility and comparability.
Manipulation Flourishes in FinTech
FinTech broadens the opportunities for and boundaries of manipulative schemes. Most FinTech “inventions” depend largely on networked communications, computer-mediated trading, and the substitution of alternate means to reduce costs through dis-intermediation. FinTech targets a wide range of manipulation subject matters, whether directly or indirectly through intermediate correlates (derivatives, indices, SM). FinTech has spawned manipulative schemes in cryptocurrency, indices, swaps, commodities, traditional stocks, and derivatives thereof. Networked communications of transaction processing (such as smart contracts) and information dissemination (SM) are essential FinTech components.
Cryptocurrency Manipulation Schemes
The range of unlawful cryptocurrency schemes is quite broad, drawing the attention of numerous regulators. The SEC seeks to regulate the “securities” aspects of such schemes; the CFTC seeks to regulate the “commodities” aspects of those schemes; banking and monetary regulators focus on schemes involving “currencies,” and the DoJ takes enforcement action when the manipulation implicates criminal conduct.
The DoJ achieved its first commodities manipulation criminal conviction involving open-market trades in the Mango crypto case. Avraham Eisenberg was found guilty of commodities fraud, commodities manipulation, and wire fraud constituting cryptocurrency market manipulation. Eisenberg was also charged civilly by the SEC and CFTC for crypto manipulation in a so-called “oracle” scheme to rig trading in Mango tokens. Mango Markets was a decentralized finance (DeFi) trading platform facilitating crypto investor transactions to lend, borrow, swap, and leverage their cryptocurrency. Eisenberg allegedly opened two anonymous accounts to swap between Mango tokens and the stablecoin USD Coin. He quickly purchased Mango tokens on three exchanges that fed data into the “oracle” Mango Markets used to value swap positions. By rapidly purchasing substantial quantities of Mango tokens on Mango Markets, Eisenberg artificially inflated the price of those tokens by 1300 percent within a thirty-minute period, allowing him to cash out his swaps at the temporarily manipulated price. As a result, Eisenberg misappropriated $110 million in digital assets, substantially “drain[ing] all liquidity from Mango Markets.”
After being indicted in December 2022, and following “crypto’s trial of the century,” Sam Bankman-Fried—founder of now-bankrupt FTX—was convicted in November 2023 of wire fraud, conspiracy to commit money laundering, and conspiracy to commit wire fraud, securities fraud, and commodities fraud. FTX was founded in 2019 as a crypto exchange and crypto hedge fund. Bankman-Fried was convicted of misappropriating customer funds to benefit an unrelated company he owned, to use personally, and to repay debts owed to Alameda Research, another cryptocurrency hedge fund. After FTX’s collapse, customers, lenders, and investors suffered billions in losses. Importantly here, the manipulative techniques were detected and established by forensics, cooperating witnesses, crypto-market expertise, and compelling visuals. Ancillary enforcement actions were filed by the SEC and CFTC.
Manipulation of Energy Markets and Indices
FERC continues to bring enforcement actions, with 20 to 50 percent of its caseload alleging violations of the anti-manipulation rule applicable to purchases or sales of natural gas or electric power and to their transportation or transmission. Two such consent agreements were completed in the second half of 2023 and resulted in disgorgement and civil penalties against BP and Pacific Summit Engineering. FERC seems particularly diligent in market surveillance to reveal fraud and manipulation in the natural gas and electricity markets. With benchmark indices regularly used in policy making, energy efficiency, life-cycle costing, and in setting prices and tariffs, regulators now target the manipulation of indices. Some commentators argue index manipulation strategies are more feasible than schemes targeting the underlying asset, despite the surveillance and forensic and enforcement challenges of benchmark/indices distortion.
Pump and Dump
Pump and dump is a classic orchestration of price and volume effects, when a manipulator touts an investment to initially raise its price (pump) and then quickly liquidates that investment (dump) before the price falls back to its pre-hyped valuation. Clearly the pump phase is intended to signal to non-participating traders in the targeted (and related) markets that prices are rising. The intentional signal directly causes price increases (when the pump actually works). Pump and dump is as old as the South Sea Bubble, yet pump-and-dump schemes have emerged in FinTech markets, as discussed above in the FTX crypto case.
The DoJ, the SEC, and private plaintiffs have a range of statutory provisions to pursue manipulators: civil securities fraud, criminal mail and wire fraud, criminal securities and commodities fraud, and the nearly inevitable attempts and conspiracies often used to commit such frauds. However, following United States v. Constantinescu, the regulatory pathway—whether criminal, administrative, or civil—may prove pivotal as to the effectiveness of curbing manipulation.
Despite longstanding judicial recognition of pump and dump illegitimacy, on March 20, 2024, in Constantinescu, Judge Andrew Hanen of the Southern District of Texas dismissed charges against the defendants without prejudice, holding that criminal prosecution of a pump-and-dump scheme must allege, with particularity, all of the elements of the applicable criminal offense, which, in Constantinescu, involved Sections 1348 and 1349. Because the DoJ failed to plead that the conspirators deprived any particular, identified victims of property interests, the court dismissed the criminal indictment, citing Ciminelli v. United States. In Ciminelli, the Supreme Court rejected the Second Circuit’s “right to control” theory as providing a valid basis for liability under the federal wire fraud statute. “Under the right-to-control theory, a defendant [would be] guilty of wire fraud if he scheme[d] to deprive the victim of ‘potentially valuable economic information’ ‘necessary to make discretionary economic decisions.’” Under the right-to-control theory, the DoJ likely would have succeeded in proving scienter because of one of the defendant’s stated, “We’re robbing … idiots of their money.”
A parallel SEC civil case remains on hold. The DoJ and the SEC alleged the defendants conducted a $100 million securities fraud scheme as SM influencers who promoted various stocks on Twitter and Discord. The promotions increased the prices of the participants’ holdings (pump), which they liquidated before prices declined (dump). Participants posed in SM as successful traders funding their extravagant lifestyles. As SM influencers, they attracted many novice investors, repeatedly feeding them price-boosting misinformation. Furthermore, the scheme was reinforced in a widely distributed podcast. Perhaps most alarming, however, now that SM influence has become a widely understood manipulation component, insistence that accurate information is not a property interest seems anachronistic and inconsistent with long-standing precedent. Indeed, the federal criminal fraud chapter reinforces that information is property, that the provision of information is a service, and that fraud includes the manipulation of information: “For the purposes of this chapter, the term ‘scheme or artifice to defraud’ includes a scheme or artifice to deprive another of the intangible right of honest services.” Fraud is a current hot topic in First Amendment jurisprudence, yet fraud remains a stable First Amendment exception. Nevertheless, the dismissal without prejudice, and the SEC’s suspended civil complaint, may allow revival against this pump and dump. The long tradition condemning pump and dump would appear to permit continued manipulation enforcement despite recent strict readings of federal anti-fraud criminal provisions.
Shadow Trading
The SEC’s evolving theory of insider trading now includes “shadow trading,” which extends liability beyond trading a company’s own securities based on internal material nonpublic information (MNPI). Shadow trading encompasses trading one company’s securities informed by MNPI regarding a second company to which the trader owes a duty. In the landmark case SEC v. Panuwat, the defendant, an employee of Medivation Inc., used MNPI about Pfizer’s impending acquisition of Medivation by trading call options of Incyte Corporation. Incyte’s share price increased after the acquisition was announced. Shadow trading has three elements. First, the trader must owe a duty of trust, confidence, or confidentiality to her employer and the trade must breach that duty. Such duty is typically established through company policies, confidentiality agreements, and common law. Second, the trader must possess MNPI acquired from her employer, potentially affecting valuation of some other company’s securities. Third, trading on this MNPI occurred without employer consent.
Panuwat broadens the scope of the SEC’s insider trading enforcement by emphasizing an employee’s understanding of her employer’s insider trading policies. Shadow trading proscription applies to companies within narrow, highly interconnected market segments. Further clarification of the shadow trading rule is anticipated. Loper Bright Enterprises v. Raimondo ended Chevron deference, likely impacting federal agency rulemaking significantly. Shadow trading arguably extends traditional insider trading principles where insiders’ MNPI regarding other companies was not addressed by existing regulations. Without more explicit statutory authority, sustaining market manipulation enforcement actions may become more challenging in the absence of Chevron deference.
Spoofing
Spoofing is manipulation involving buy or sell orders that will be cancelled before execution. Spoofing creates a false appearance of market activity by displaying orders that will not be executed, thereby misleading others and influencing prices. Spoofing distorts market integrity, increases volatility, and undermines investor confidence. Spoofing is prohibited under the CEA; similar SEC rules apply in the securities markets. Regulatory bodies like the CFTC, SEC, and OCC, and SROs like FINRA actively monitor and prosecute spoofing.
The SEC charged Archipelago Trading Services, Inc. with failure to establish anti-money laundering procedures causing the failure to file at least 461 suspicious activity reports and failing to surveil red flags about possible spoofing involving trading in OTC stocks over the company’s alternative trading platform. Archipelago settled the charges by paying a civil penalty of $1.5 million. FINRA settled spoofing charges with censure and a $24 million fine against Bank of America, after alleging 717 instances of spoofing in U.S. Treasuries. The OCC issued an order against John Edmonds, former vice president of JPMorgan Chase, prohibiting him from holding office in any FDIC- or FCUA-insured institution, based upon criminal convictions involving spoofing.
The DoJ and the CFTC pursued a trilogy of cases establishing the elements for a spoofing charge, most recently in United States v. Pacilio, based on specific criminal prohibitions in the Dodd-Frank Act of 2010. Spoofing is also subject to prosecution under mail and wire fraud statutes. In Pacilio, the Seventh Circuit built on its 2021 Coscia decision, in which an algorithm was deployed to make and then immediately cancel large orders, thereby creating the illusion of price movements.
Swaps
Swaps are financial derivatives involving the exchange of cash flows or other financial instruments. Swaps are heavily regulated due to their complexity and potential for manipulative use. The SEC’s 2023 rule on security-based swaps aims to enhance transparency and reduce associated risks. The Dodd-Frank Act significantly expanded swap oversight by requiring central clearing and reporting to swap data repositories to mitigate systemic risk and increase transparency. Swaps can be manipulated through schemes in which traders amass large positions to influence asset prices. Rules promulgated by the SEC and CFTC prohibit such manipulation under the SEA and the CEA. Notable enforcement actions, including cases of manipulating interest rate benchmarks like LIBOR through swaps trading, underscore the regulatory challenges and the necessity for stringent oversight.
Intermediation
Financial intermediaries facilitate transactions with specialized expertise, achieving economies of scale. Intermediary mapping is a supply chain approach to the “plumbing” of securities transfers and payments. Intermediary services enhance market efficiency, liquidity, and transaction processing accuracy. However, manipulators exploit such infrastructure in their schemes. Generally, intermediaries provide clearance services: order execution, reconciliation, custodianship, ownership transfers, loans (margin, actual securities), funds transfers, and record-keeping. Recent SEC developments that may impact manipulation involving intermediaries include the T+1 settlement rule and the disclosures regarding securities lending required by Rule 10c-1a.
Prior to May 28, 2024—the compliance date for T+1—the T+2 rule required settlement within two business days following the transaction day—the official transfer of securities to the buyer’s account and cash payment to the seller’s account. Long settlement delays favor short sellers and increase default risk, as occurred during the meme stock frenzy of 2021. Affected securities include stocks, bonds, municipal securities, exchange-traded funds and limited partnerships, and certain mutual funds. Shortened settlement periods should reduce default risk by either party: non-payment by the buyer or non-delivery by the seller.
SEC Rule 10c-1a requires disclosures regarding securities lending, an essential step in short selling. Shorting amounts to a bet against a company. Shorting involves the sale of a security not owned by the seller, where the security is borrowed and promptly sold at today’s presumably higher price and repurchased later at a presumably lower price, so that the security may be returned to the lender. Shorting is a major step in many manipulative schemes. Securities loans are not the margin loans to purchase securities but are the actual loan of securities to facilitate shorting. Disclosure of such securities loans is made by broker-dealers and other sellers to a registered national securities association (RNSA), like FINRA. Loan terms that are made public include the issuer; the ticker symbol; the time/date of the loan; the platform/venue/exchange on which the loan was effected; the amount of securities loaned; any loan rates, fees, and rebates; any collateral; the loan termination date; and the borrower type. Loan terms reported to the RNSA (but not reported publicly) include the identity of the parties to the loan, whether a broker-dealer loaned the security from its inventory, and whether a “fail to deliver” exists under or outside Regulation SHO. This disclosure rule reinforces the suppression of manipulation through short-selling abuses by requiring transparency and creating a uniform evidentiary trail and repository.
Conclusion
This survey demonstrates that manipulation is not merely a theoretical concern but a pervasive and persistent issue across most markets. Manipulative techniques are frequently deployed in various sectors, necessitating their distinct treatment as a cyberspace law concern. As highlighted earlier, most manipulation schemes are significantly impacted by cyberspace, where they are implemented as trading practices and reinforced through deceitful misinformation, affecting price movements, trading volume, sentiment creation, and market volatility. Modern market manipulation increasingly relies on electronic tools and methods, including online communications, digital contracting, electronic transaction intermediation (clearance and payments), electronic record-keeping, and SM influencers. Key components of the information supply chain are often involved, such as cloud computing services, the power of emerging AI, big data analytics, exhaustive search capabilities, specialized podcasts, transaction clearance intermediaries and custodians, mobile computing, and robust telecommunication networks. Understanding these innovative manipulation attempts is crucial to effectively regulate and enforce laws against manipulators to ensure the integrity and stability of financial markets.
