After a week in a London jail, Navinder Singh Sarao has become the unlikely symbol of the precarious state of American financial markets. The 36-year-old trader is challenging extradition to U.S. courts after his arrest last week on charges of manipulating stock futures prices. Meanwhile, the financial community continues to puzzle over astounding allegations that Sarao's 2010 trading activity precipitated the Flash Crash, the wildest market gyration in financial history.

The long road to charging Sarao, who has denied wrongdoing, reveals how hamstrung U.S. regulators are in addressing what some say has become ubiquitous manipulation in the world's largest and most systemically important exchanges. 

At stake is the soundness and integrity of financial markets that affect millions of American investors, from professional traders to working people with pensions. The Flash Crash erased $1 trillion of stock-market wealth in a matter of minutes, before prices shakily rebounded.

But faith in the stability of the markets has taken longer to heal. Stock and futures exchanges are still replete with the questionable practices and structural vulnerabilities that regulators say led to the Flash Crash. How authorities proceed with Sarao's case will help determine whether the financial regulatory apparatus is up to the task of preventing another meltdown. 

Parsing The Data

Nabbing Sarao wasn’t easy. According to the U.S. Department of Justice, regulators relied on a whistleblower's painstaking analysis. Authorities also required the assistance of a consulting firm and a high-priced professor in its investigation, conducted with the Commodity Futures Trading Commission.

Even then, it took more than two years to assemble charges against Sarao, the Wall Street Journal reported.

The chief difficulty regulators face lies in how they pick through mountains of trading data. Since Sarao's arrest, new details have emerged around how the CFTC originally carried out its analysis of the data from the Flash Crash.

On the day of the crash -- May 6, 2010 -- Sarao allegedly entered more than 32,000 orders to sell futures contracts, then canceled the vast majority of them. The technique, known as spoofing, allegedly allowed Sarao to profit from artificial price movements.

The criminal complaint says that Sarao’s offers to sell Standard & Poor's 500 E-Minis, a commonly traded stock index future, eventually totaled 29 percent of the market.

With such a huge role in major market activity, how did Sarao’s alleged spoofing go unnoticed for so long?

The CFTC could not monitor real-time daily trading activity in 2010 -- or now. The agency had to request trade-by-trade data from the Chicago Mercantile Exchange (CME). Once it had the data, the CFTC faced the monumental task of choosing what to scrutinize for its joint report with the Securities and Exchange Commission.

When the report came out five months later, it focused mainly on trades occurring on a second-by-second basis -- an analysis that passed over Sarao’s alleged rapid-fire algorithmic trades, most of which were canceled. (Blame for the crash instead fell largely on a Kansas trading firm called Waddell & Reed.)

The CFTC and SEC have been widely criticized for this apparent oversight. But former CFTC chief economist Andrei Kirilenko, who helped write the analysis, said that the regulators investigating the Flash Crash considered a wide range of hypotheses, ranging from a cyber attack to a data glitch.

Though the commission did investigate high-speed trading and canceled orders, Kirilenko said spoofing scenarios produced no red flags as causes of the Flash Crash. “The hypotheses that didn’t withstand statistical scrutiny with respect to the Flash Crash are not included in this report,” said Kirilenko, who is skeptical of Sarao’s role in the crash.

“In 2010 spoofing had only recently entered the CFTC’s consciousness,” said Robert Pease, a former legal counsel at the CFTC who advised the drafting of the Flash Crash report. “There was not a focus on it. There were very few monitoring tools capable of detecting it.”

Regardless of whether the CFTC should have noticed Sarao in 2010, former regulators say the agency still needs sharper data analysis tools. The agency wants the ability to monitor markets in real time, and it has begged for a larger budget to hire experts and update systems.

“Even if you have the real-time data you need the time to analyze it,” said Kenneth McCracken, a former CFTC chief trial attorney who is now an attorney at Schiff Hardin. With a market that has grown exponentially more complex and frenetic with electronic trading, that’s a tall order.

“Cancellations and modifications happen hundreds of thousands of times a day for legitimate reasons,” McCracken said. “Finding the ones that could be spoofing is extraordinarily difficult.”

Kirilenko also stressed the need for more personnel and expertise at the CFTC and the exchanges it cooperates with. “It isn’t just the data -- you need to maintain the analytics,” he said. “Algorithms come and go. The ecosystem changes over time.”

Fragmented Markets, Multiple Regulators

Another hurdle in cleaning up the trading that occurs under CFTC authority -- which collectively involves contracts totaling some $450 trillion -- is the fragmentation and complexity of the futures and swaps markets.

The CFTC oversees 15 futures exchanges like the CME. Each is responsible for regulating itself and reporting malfeasance to the CFTC. The CME had apparently caught wind of Sarao’s trading irregularities as early as 2008, and even sent him a reminder on the day of the Flash Crash to enter orders “in good faith for the purpose of executing bona fide transactions.”

But Sarao continued trading on the exchange until 2015, the criminal complaint says. That has spurred renewed scrutiny over how the CME earns its revenues -- namely, from the activity of traders on its exchange, like Sarao, customers it has an interest in maintaining.

That apparent conflict of interest has highlighted the divide between so-called self-regulatory organizations like the CME and the agencies that have ultimate jurisdiction over their clients' behavior. "Self-regulatory organizations are on the front lines of the surveillance system for automated markets," Kirilenko said. "Regulators need to be much more integrated into that.”

Moreover, the CME took less than two weeks after the Flash Crash to absolve the futures market it operates of contributing to the meltdown, a position it maintains today. Not everyone agrees with that conclusion.

“The CME rushed to judgment when they concluded that algo trading did not play a role in the Flash Crash,” Pease said.

Others have questioned the fragmented nature of the regulators themselves. The original Flash Crash report was jointly authored by the SEC and the CFTC, because the event spanned markets covered by each regulator. For years, legislators have floated the idea of merging the two agencies to provide a more complete oversight of financial markets.

Intent And Recklessness

As soon as the initial curiosity over Sarao had died down, many wondered why it had taken nearly five years since the Flash Crash to bring charges against the trader. But legal experts caution that spoofing cases take time.

“It’s extraordinarily difficult, time-consuming and intensive resource-wise for a regulator to bring this sort of case,” McCracken said.

Regulators not only have to find the needle of spoofing in the haystack of daily trading volume -- they have to demonstrate either intent or recklessness on the part of the accused trader.

“To prove spoofing you have to prove specific intent. It takes a long time,” Pease said. In the absence of a “smoking gun” correspondence, he said, “intent has to come from trades themselves.”

That requires a level of expertise that goes beyond flagging irregular trading activity. “You have to understand the algorithm,” Pease said. “You’re going to have to go into the code itself.”

If prosecutors fail to prove Sarao intentionally manipulated prices, they could still show he acted recklessly under a CFTC rule called Regulation 180.1. “Recklessness is a different standard, and one could argue it’s easier to prove than intent,” McCracken said.

Still, many legal observers see a difficult road ahead for prosecutors. The CFTC has brought only one previous litigation surrounding spoofing, a case that is ongoing. Some, like former hedge fund manager John Arnold, have even argued that spoofing is good for the markets, because it keeps high-frequency front-running algorithms in check.  

Those explanations don't sit well with Eric Hunsader, whose research firm Nanex provided regulators with data in 2010. Hunsader, who continually tweets live-action examples of what he sees as spoofing, said that regulators have allowed mass manipulation to proliferate in financial markets.

The new charges against Sarao, five years after the Flash Crash, don’t inspire confidence. “I’m wondering why the team at the SEC was unable to see this,” Hunsader said. “Within days they should have seen Sarao.”


CORRECTION: An earlier version of this article incorrectly stated that the joint Flash Crash report discussed only completed trades. The report also analyzed total market depth in E-Minis, which includes all offers to buy or sell prior to being completed. The language has been clarified to reflect these changes.