Darshana Karunatilleke
Mark Pell
Sasha Stancliffe Bird
Market surveillance teams are tasked with a challenging mandate - to detect market abuse, protect market integrity, and meet regulatory expectations. The quickly evolving nature of the trading environment in recent years has only added complexity. Regulatory divergence, new asset classes, rising data volumes and accelerating market velocity are now reshaping both risk and opportunity.
To understand the practical implications for those involved in market surveillance, three experts in regulatory compliance, quantitative analytics and commercial strategy at LSEG share their perspectives.
Q: Looking ahead, what should market surveillance teams feel confident or cautious about?
Darshana Karunatilleke, Senior Manager, Live Supervision & Post Trade (DK):
What we’re seeing is a rapid evolution in market structure alongside increasing regulatory divergence.
In parallel, extended trading, digital assets, and alternative trading venues are changing how and where activity occurs. The positive thing here is that surveillance teams gained significant exposure into navigating the extreme volatility and market fragmentation during the past few years and this has strengthened their position for the future in a more proactive way.
Q: Where is the biggest gap today between what businesses expect and what surveillance teams can deliver?
Mark Pell, LSEG’s Head of Quantitative Analytics (MP):
Compliance and risk leaders are under pressure to demonstrate that controls are not only in place, but working as intended. When surveillance teams spend large amounts of time triaging alerts rather than analysing behaviour, that assurance becomes harder to provide. Closing this gap requires systems that are designed to scale with data growth, adapt to changing market conditions, and surface meaningful risk earlier.
Q: Is it important that market surveillance retains a human element?
MP: Absolutely. What we see emerging is a streamlined workflow, not a fully automated one. AI can help prioritise alerts, it can summarise findings and accelerate triage, but final judgement, particularly where interaction with regulators is concerned, still requires human oversight.
In the near to medium term, surveillance systems won’t be autonomously reporting suspicious activity. Instead, they’ll empower analysts with better context, faster insights and clearer recommendations, while retaining that critical “four-eyes” check.
Q: What are the biggest data challenges surveillance teams face today?
MP: Three stand out: data format diversity, higher data volumes and ecosystem fragmentation.
First, format diversity is largely a legacy issue. Different venues and vendors describe orders and trades differently. Regulatory initiatives like MiFID II and RTS 22 have helped standardise outputs, but unstructured and semi-structured data remains a challenge. This is solvable with good data architecture, but it must be designed properly.
Second, data volumes have roughly doubled since the peak of COVID volatility. More data gives a more accurate picture of what “normal” looks like, which improves statistical detection. But there’s a catch. If technology doesn’t evolve at the same pace, performance starts to go backwards. Firms relying on legacy systems will see latency increase just as markets demand faster responses.
DK: Alert latency is critical as both from regulatory and market oversight perspectives alerts need to be reviewed and actioned in near real time. The right technology and appropriate statistical detection are critical, Otherwise, teams face ‘alert fatigue’, higher costs and greater regulatory risk.
MP: The third big challenge is ecosystem fragmentation. This becomes an advantage if you can consolidate it properly. Surveillance can’t look at a single venue or asset class in isolation anymore. You need to link derivatives to underlying equities, positions across venues, and behaviour across markets. Regulators increasingly expect multi-asset, cross-market surveillance. Without that, firms only ever see a partial picture.
DK: This becomes even more important as markets move toward extended or near 24/7 trading, whether in crypto, new derivatives or alternative venues. Fragmentation (as well as lack of liquidity) creates opportunities for manipulation unless surveillance keeps pace with the ability to detect cross asset and cross market behaviour.
Q: False positives are a major pain point. Why do they persist?
MP: The root cause is poor communication between the business and technical teams. If requirements don’t capture every relevant scenario, false positives are inevitable.
The irony is that false positives then consume analyst time, leaving less capacity to feedback into system improvements. The solution is to collaborate from day one, during design, testing and post-deployment.
Sasha Stancliffe Bird, Senior Product Manager (SSB):
The feedback loop is critical. Continuous iteration between analysts, developers and regulatory SMEs, is what keeps surveillance aligned with changing market conditions.
Q: Explainable detection has become a regulatory focus. Why?
MP: Models are becoming more complex. A simple threshold is easy to explain, whereas machine-learning models are less so. Explainability means clearly linking inputs to outputs and validating behaviour across both normal and edge-case scenarios before deployment.
Visualisation plays a big role here. Showing how an alert was raised is often more effective than pages of documentation.
DK: Regulators have been explicit about this. An example is the recent FCA Market Watch 79 which highlighted a few critical observations in terms of core surveillance failures. Certain firms had surveillance programmes where their alerts were not functioning as intended, or weren’t suitable for the magnitude and complexity of underlying business conducted. Firms must be able to explain why alerts exist, what typologies they address and how they align with market abuse regulation (MAR) as well as their internal market abuse risk assessment (MARA)
Q: Are there any regulatory developments that firms should keep an eye on?
DK: Not that impact market surveillance directly, but I do expect to see further changes to the transaction reporting regime. In the UK, the FCA is reforming this regime to be more proportionate and data driven. In the EU, the savings and investment union (SIU) is looking at reducing the reporting burden and simplification of this regime. We would also see possible additional fields materialising from consolidated tape initiatives.
These will have an impact on data quality and availability. Also, the market abuse regulation for traditional MiFID instruments cannot be completely transposed for crypto assets without some sort of modification. So, we should be ready for that adaptation. Both UK and EU are reviewing this in parallel, and so firms need to be prepared for divergences, operational changes and technology requirements.
Q: How are cyber-enabled market abuse techniques changing the way surveillance systems need to be designed?
MP: Market abuse techniques such as spoofing and layering have become far more complex. What were once relatively simple patterns can now involve thousands of orders across multiple venues and price levels. In view of the threat from cybercrime, modern surveillance systems need to assess market context, not just activity. Detection logic must account for where orders sit in the order book, their likely market impact, and how behaviour unfolds across instruments and venues.
Q: How important to businesses is interoperability between systems and easy onboarding of new capabilities?
Q: Where and how should firms invest their surveillance resources today?
Conclusion
Read more about
Legal Disclaimer
Republication or redistribution of LSE Group content is prohibited without our prior written consent.
The content of this publication is for informational purposes only and has no legal effect, does not form part of any contract, does not, and does not seek to constitute advice of any nature and no reliance should be placed upon statements contained herein. Whilst reasonable efforts have been taken to ensure that the contents of this publication are accurate and reliable, LSE Group does not guarantee that this document is free from errors or omissions; therefore, you may not rely upon the content of this document under any circumstances and you should seek your own independent legal, investment, tax and other advice. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon.
Copyright © 2025 London Stock Exchange Group. All rights reserved.
The content of this publication is provided by London Stock Exchange Group plc, its applicable group undertakings and/or its affiliates or licensors (the “LSE Group” or “We”) exclusively.
Neither We nor our affiliates guarantee the accuracy of or endorse the views or opinions given by any third party content provider, advertiser, sponsor or other user. We may link to, reference, or promote websites, applications and/or services from third parties. You agree that We are not responsible for, and do not control such non-LSE Group websites, applications or services.
The content of this publication is for informational purposes only. All information and data contained in this publication is obtained by LSE Group from sources believed by it to be accurate and reliable. Because of the possibility of human and mechanical error as well as other factors, however, such information and data are provided "as is" without warranty of any kind. You understand and agree that this publication does not, and does not seek to, constitute advice of any nature. You may not rely upon the content of this document under any circumstances and should seek your own independent legal, tax or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the publication and its content is at your sole risk.
To the fullest extent permitted by applicable law, LSE Group, expressly disclaims any representation or warranties, express or implied, including, without limitation, any representations or warranties of performance, merchantability, fitness for a particular purpose, accuracy, completeness, reliability and non-infringement. LSE Group, its subsidiaries, its affiliates and their respective shareholders, directors, officers employees, agents, advertisers, content providers and licensors (collectively referred to as the “LSE Group Parties”) disclaim all responsibility for any loss, liability or damage of any kind resulting from or related to access, use or the unavailability of the publication (or any part of it); and none of the LSE Group Parties will be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, howsoever arising, even if any member of the LSE Group Parties are advised in advance of the possibility of such damages or could have foreseen any such damages arising or resulting from the use of, or inability to use, the information contained in the publication. For the avoidance of doubt, the LSE Group Parties shall have no liability for any losses, claims, demands, actions, proceedings, damages, costs or expenses arising out of, or in any way connected with, the information contained in this document.
LSE Group is the owner of various intellectual property rights ("IPR”), including but not limited to, numerous trademarks that are used to identify, advertise, and promote LSE Group products, services and activities. Nothing contained herein should be construed as granting any licence or right to use any of the trademarks or any other LSE Group IPR for any purpose whatsoever without the written permission or applicable licence terms.
