Explaining and Exploring Spoofing

The concept of spoofing is infamous in both traditional and cryptocurrency markets. Today I look at what it is, why regulators tend to be against it, and who are the actual winners and losers from its existence.

What is spoofing?

The standard definition of a spoof is an order which is artificial, to dupe others into buying in front of it or selling behind it and with the intent of cancelling before being filled. To spoof is to place spoof orders.

Some litigated spoofing cases involving principal traders include Igor Oystacher, Navinder Sarao, and DRW:

The first case involved mastering how the CME matching engine works to first place a large bid, then to hit one’s own bids, thereby triggering a cancellation and sweeping the remaining order size.

The second case involved placing and flashing large orders on S&P futures to impact the next ticks of the order book.

The third case involved taking a position in a mispriced derivative and then bidding the underlying to fair value to trigger financial cash flows from the derivative itself.

In all three cases, allegations of spoofing arose because some market participants felt disadvantaged by these trading tactics.

How can an order be artificial?

The first question we might ask is how can we know whether an order is artificial or not. The simple answer is we cannot! We cannot see into the state of mind of the placer of any given order on a central limit order book to ascertain whether it is bona fide or otherwise. After all, it is impossible to state that just because a large order is cancelled that it must have been artificial. Small, medium, and large orders are frequently placed and cancelled in all order books as a matter of market practice.

Evidentiary processes in spoofing cases therefore focus less on activities in the order books themselves and more on proving the state of mind of the placer of the order. Plaintiffs must show that these orders were placed with clear intent to mislead and to avoid a fill, while defendants must show that these orders were in fact freely available in markets for anyone to aggress against and that they would’ve been fine to be filled. It is a murky space filled with room for interpretation. It is worth noting that regulators won the first two cases against smaller participants, but lost the third case which was against a large trading firm with significant legal resources.

Losers and Winners

So the next question would be: who exactly loses money against spoofers? In a word, front-runners, and more specifically, front-running algorithms. This may include algos which are looking at buy/sell imbalance to determine how fast to execute accumulation orders, but may also include profit-seeking algos looking to buy and sell ahead of large flow.

You may wonder why it is a mandate of public policy to treat frontrunners as a protected class. Why can’t traders simply dynamically react to the existence of spoofers by ignoring all large orders in execution logic?

One reason may be the concept of a “right to herd.” Given the prevalence of algorithmic execution on the buyside and sellside, participants who exploit this population are looked upon derisively. A poker analogy may be apt here; if no one ever bluffs when they miss their drawing hand, the first person to do so might be called ungentlemanly.

The CFTC, in the Navinder Sarao case, argued that order book changes must represent “legitimate changes to supply and demand:”

Many market participants, relying on the information contained in the Order Book, consider the total relative number of bid and ask offers in the Order Book when making trading decisions. For instance, if the total number of sell orders significantly outweighs the total number of buy orders, market participants may believe a price drop is imminent and trade accordingly. Similarly, if the balance of buy and sell orders changes abruptly, market participants may believe the new orders represent legitimate changes to supply and demand and therefore trade accordingly. Further, many market participants utilize automated trading systems that analyze the market for these types of order imbalances and use that information to determine trading strategies. Consequently, actions in the Order Book can, and do, affect the price of the E-mini S&P.

Another reason may be that spoofers make easy scapegoats. John Arnold notes the absurdity of blaming the Flash Crash on Savao when he had been employing the same spoofing strategy for six years before the Flash Crash itself. Indeed, it is not a coincidence that most spoofing cases that have been brought to the market have been against independent traders and trading firms.

The beneficiaries of spoofers are less obvious but equally important. John Arnold also argued in a Bloomberg opinion piece in 2015:

The battles between spoofers and front-runners are games being played between one computer and another in a tenth the time that it takes the human eye to blink. No human can see these trades, much less react to them in real time. The only party that is touched by the spoofer’s deception is the front- running HFT, whose strategies are harmful to every other market participant.

For Arnold, the spoofer, by placing large orders that are then cancelled, is actually doing god’s work by helping other large traders be able to disguise their own intentions. A marketplace without spoofers means that anyone wishing to place a large order must logically be uninterested in cancelling it, and therefore can be frontrun. Once a spoofer enters the market, frontrunning algos have to think twice before trading in front of it.

DeFi: a spoofer’s paradise?

As central limit order books become viable in DeFi, it is likely that it will be completely impossible to do market surveillance of any kind, much less hold a court to determine whether spoofing has occurred. This will mean a sort of spoofer’s paradise, but may also mean that it will become a great A/B test for whether non-spoofers actually care about being spoofed or not. Conversely, if regulators find DeFi to be unconscionably unpoliceable, they may act to disallow trading on decentralized exchanges entirely.