Decision maker

FCA Settlement Decision Makers

Firm

Dinosaur Merchant Bank Limited (Firm Reference Number: 436215)

Related material

FCA Market Watch 69 and 73 (referenced in relation to calibration of insider dealing alerts and look-back periods)

Sanction

Financial penalty of £338,000 (including 30% settlement discount and utilising 15% of relevant revenue at step 2 with 10% uplift for mitigating factors) 

Settlement

Yes 

Provisions

Article 16(2) of UK MAR (obligation to establish and maintain effective arrangements, systems and procedures to detect and report suspicious orders and transactions) 

Principle 3 of the FCA’s Principles for Businesses (reasonable care to organise and control affairs responsibly and effectively, with adequate risk management systems) 

SYSC 6.1.1R (obligation to establish, implement and maintain adequate policies and procedures to ensure compliance with regulatory obligations and to counter the risk of furthering financial crime)

Relevant period

1 June 2024 to 6 May 2025

Factual findings

DMBL is a UK-based independent investment firm providing brokerage services for investment firms, proprietary trading companies and professional investors.  Its three principal business lines during the Relevant Period were: single-stock CFDs; traditional inter-dealer broking; and custody services and repo activity. 

In June 2024, DMBL implemented a new order management system enabling it to offer direct market access (DMA) to its CFD clients. In the first four months following its introduction, the average number of weekly CFD trades increased by approximately 45% compared with the preceding six-month period. DMBL did not perform any additional risk assessment or take any other preparatory steps to ensure its market abuse surveillance systems were performing correctly for the new platform. 

Between 1 June and 8 October 2024, trades placed via the new order system were not ingested into DMBL’s automated surveillance system. Therefore, alerts were not generated for DMA trading activity and potential suspicious activity was not flagged to Compliance. 

In August 2024, the FCA identified potentially suspicious trading by Client A in Stock A (profit of £433,685) and, in September 2024, by Client A and Client B in Stock B (profits of £290,536 and £1,285,178 respectively).  In each case, the clients had no prior trading history in the relevant stock, purchased CFDs shortly before material price-sensitive news, and sold at a significant profit. 

DMBL failed to submit STORs in respect of this activity and only did so retrospectively following the FCA’s contact. 

In February 2025, a further instance was identified by the FCA when Client C purchased CFDs in Stock C and subsequently sold the position following news of a potential sale, generating a profit of £3,359,841. Although the surveillance system generated alerts relating to the size of orders, no insider dealing alert was triggered because the look-back period was set at seven days (five working days), which was too narrow. 

Following identification of the issues, DMBL took a number of remedial steps including: 

• conducting a re-run of all trades from 1 June to 8 October 2024 which generated 2,916 alerts (2,723 relating to insider dealing and 193 to market manipulation), resulting in multiple retrospective STORs;
• ingesting DMA trades into the surveillance system from 9 October 2024;
• implementing a Market Abuse Risk Assessment and documented STOR procedures in December 2024;
• engaging an external MAR consultant;
• recruiting specialist compliance personnel including a dedicated Market Surveillance Officer;
• implementing a new enhanced surveillance system in April 2025; and
• electing to wind down and cease its CFD business entirely from May 2025.

Failings

The FCA found that DMBL breached the following provisions:

• Article 16(2) of UK MAR - DMBL failed to establish and maintain effective arrangements, systems and procedures to detect and report suspicious orders and transactions which were proportionate and effective for the nature, scale and size of its CFD business.  In particular:

1. between 1 June 2024 and 8 October 2024, DMBL failed to ensure trading conducted via its new DMA order system was connected to and ingested into its automated surveillance system, resulting in a failure to submit STORs in circumstances where it appears it would have been appropriate to do so; and
2. throughout the Relevant Period, DMBL failed to effectively calibrate its surveillance system in line with its own business needs and risks, meaning that even after trades were ingested from 8 October 2024, the failure to report STORs when appropriate continued.

• Principle 3 - DMBL failed to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems. DMBL failed to:

1. undertake adequate testing of the new order execution platform;
2. undertake a risk assessment before December 2024 to enable the Board to review and understand market abuse risks associated with increased CFD activity;
3. obtain adequate management information from its surveillance system to enable effective review and identification of issues;
4. ensure there were adequate written policies and procedures for the review and escalation of suspicious activity; and
5. ensure there were written policies for the review and management of alert calibration.

• SYSC 6.1.1R - DMBL failed to establish, implement and maintain adequate policies and procedures sufficient to ensure compliance with its regulatory obligations and to counter the risk of furthering financial crime. DMBL failed to have in place:  

1. a formal written policy or procedure regarding the process that staff should follow if an alert is triggered;
2. formal written policies for the review of alert calibration to ensure surveillance was working as intended and CFD risks managed effectively; and
3. a change control process to ensure market abuse risks and controls were considered whenever there was a business or business process change.