MCX data scandal: Tip of an iceberg or case closed for SEBI?

PGurus has listed out certain violation at the Multi Commodities Exchange (MCX) and would like to leave it to the government, investigative agencies and courts to decide if these constitute mere acts of ‘procedural lapse’ or ‘scandal by design’ that amounts to insider trading or front running. Most violations are self-explanatory but PGurus has added its note on few to give a background that may be unknown to readers.

Will the blatant cases of alleged front running and insider trading at Multi Commodity Exchange (MCX), country’s largest commodity trading platform, be passed as mere procedural lapse by Securities and Exchange Board of India (SEBI)? There is a strong perception that the ‘data sharing scandal at MCX’ too will be passed by SEBI as a case of ‘procedural lapse’ and violation of ‘code of conduct’ of exchange rules. SEBI’s recent order involving the co-location scam at the National Stock Exchange (NSE) is a live example of such ‘shoddy adjudication,’ which has led the Securities and Appellate Tribunal (SAT) issue stay on SEBI’s key orders and more such action is in the offing.

In most large financial scandals, it is enough for the Central Bureau of Investigation (CBI) or other investigative agencies to swing into action based on even a chit of paper that would be strong prima-facie evidence of illegal or unlawful activity. But in the case of MCX, where there is an entire audit report signaling severe compromises by exchange management, under the watchful eyes of vigilant board members, yet nobody is seeking any investigation by any independent agency.

We leave it to the readers, government, investigative agencies, and the court to conclude if such blatant data breach involving the same characters as NSE is mere procedural lapse or a market access scandal…

Moneycontrol and The Hindu Businessline have reported that SEBI recently issued a simple notice seeking answers from former MCX Managing Director Mrugank Paranjape on the allegations in the audit report. Is he alone responsible for all the lapses?

PGurus (PG) has listed out certain violations at MCX and would like to leave it to the readers to decide if these constitute mere acts of ‘procedural lapse’ or ‘scandal by design’ that amounts to insider trading or front-running. Most violations are self-explanatory but PG has added its note on few to give a background that may be unknown to readers.

Caution: A few key characters involved in MCX data sharing scandal are the same that were linked to the co-location scam at the NSE and the modus operandi too is not hugely different from that at NSE. The scandal at MCX moves around Susan Thomas, a researcher at Indira Gandhi Institute of Developmental Research (IGIDR) and wife of now infamous former finance ministry consultant Ajay Shah.

What does the internal audit of MCX dated Feb 1, 2019, say on data sharing with IGIDR and Susan Thomas?

1. IGIDR, through Susan Thomas, initiated talks with MCX to get data for research. There were two pacts by MCX. One agreement with IGIDR wherein the research organization was supposed to be given historic data and another ‘unknown to anybody in IGIDR and a secret undertaking’ by Thomas for sharing of separate data.
2. Agreement to IGIDR was on a commercial basis i.e. “cost to MCX.” But the undertaking arrangement with Thomas was on “no cost basis.” The contract to IGIDR was given based on the organizations’ own “reputation.”
   
   PG: Agreement between IGIDR and MCX was entered in September 2016. SEBI was already investigating co-location scam at NSE, the lid of which was blown in January 2015. Name of IGIDR, Thomas and Shah were already out in the public domain linking them to NSE scam. How did MCX a first level regulator fail? Was it by design or lapse of intelligence or memory? MCX board was not concerned what its MD does?
3. Preferential treatment to IGIDR and Thomas: Similar assignments with regard to study in the area of commodity transaction tax (CTT) were given to IIT Kharagpur and ISI Kolkata. The catch: they used data which was already in the public domain and no direct data sharing was done by MCX in respect to these entities.
4. MCX data feed policy silent on end use of data by the subscriber and only mentions that it should not be illegally used by the subscriber.
   
   PG: On instructions of Thomas, MCX shared ‘sensitive’ data with Chirag Anand, a New Delhi based algo trading software designer and trader. What was the end use of MCX data? The external auditor T R Chaddha and Co. citing the sensitivity of the data, says that ‘data shared by MCX based on undertaking’ could have been used for algo strategy.
5. IGIDR requested for historical data starting from one year prior to 2016. But based on the undertaking by Thomas, data was to be provided to her from October 22, 2016, up to October 21, 2017. More, MCX gave data up to 7 December 2017.
   
   PG: Demanding forward data was ‘historical?’ Also, the forward ‘live’ data as declared by T R Chaddha was shared with Anand up to December 2017. Why the charity?
6. IGIDR submitted a paper on the data it received on August 23, 2017 against an assignment date of March 2017. The paper was not accepted by MCX. Further, as per agreement IGIDR conducted a round table based on the data on June 26, 2017. Minutes of the roundtable were not provided as required by the agreement. Another policy paper on Gold as required by the agreement was not delivered.
   
   PG: What happened to the data given to Thomas and Anand as per the undertaking?

What does the external audit by T R Chaddha & Co. say?

1. MCX did not verify if Thomas was authorized to sign any ‘undertaking or not.’
   
   PG: What authorization? IGIDR was not even aware of the ‘secret undertaking signed by Thomas on behalf of IGIDR.’
2. T R Chaddha & Co. states that whistleblower raised concern in respect to data provided to IGIDR by NSE. However, no detailed check was carried out by MCX in respect to the credentials of IGIDR/related individuals. Even when SEBI appointed Ernst and Young as the forensic auditors and ISB for examining the case of NSE trading, nobody in MCX made any effort to verify the role of IGIDR/related individuals. Paranjape said NSE scandal was out of his knowledge.
3. Most of the people involved in communicating with MCX for data were not on payrolls of IGIDR.
4. The agreement did not mention about any data fields. These were only in ‘undertaking.’ Thomas informed MCX via an email that one Chirag Anand would help with data specifications. Anand was not working with IGIDR. His area of interest is “high-performance computing, algorithmic/ high-frequency trading, and financial data.” Anand asked for more than 100 data fields, which prima facie indicates that the object behind seeking these details seems more related to develop algo strategy than the underlying deliverables as per agreement/ undertaking.”
5. The final signed undertaking with Thomas dated August 29, 2016, has 11 fields for trade data and 18 fields for order booking including one additional field being “Order Type,” which had not been advised by Technical Team of MCX.
6. Four additional fields viz. client identity flag, trading member ID (masked), volume filled today and spread combination type were also shared with IGIDR though this was not part of the undertaking. Nor the undertaking was amended subsequently when MCX agreed to give additional data fields. As per MCX, this was done in pursuance of discussions with IGIDR to “reconstruct live market conditions,” however, no written record was mentioned. No documents, instructions were shown to reflect the need for sharing such additional data.
7. There was no need to share on daily basis as per the undertaking / agreement most of the data that was shared.
8. In none of the data uses mentioned in the agreement/ undertaking, the data shared by MCX was used, which indicates the possibility of usage of data for some other purpose.
   
   PG: Can this “live” exchange data be used for filling a swimming pool? Of course, for creating algo and high-frequency trading strategy. Is this not a blatant scandal?
9. It was observed that data files shared with IGIDR were stored on FTP server of MCX at night whereas as per IIS log for the same day, the said files were retrieved in the early morning at around 9 am. MCX has expressed ignorance of this – “logically time should not change. The same has to be further analyzed to come to a conclusion.”
   
   PG: Anand, Thomas duo had “live” MCX data.
10. On review of IIS log for FTP server, it was observed that certain key fields such as bytes received, bytes sent, time taken was not enabled resulting in not knowing the size of the data file. In absence of the size of the data file, the forensic auditor has stated that they were unable to comment whether the files which are now available on MCX server (95) are the same which were shared with IGIDR.
    
    PG: Nobody knows how much amount of data was shared. Was the entire market position with Anand and Thomas?
11. MCX has no data masking policy. However, the trading member ID field was masked which in the first place was not required to be shared with IGIDR or Anand or Thomas. It could not be verified if any other data shared was masked and the process followed for the same. Three more data fields, which were not part of the undertaking were not masked.
12. Data demanded by the Delhi-based software designer included 22 fields regarding trade data, 24 fields of order data, 37 fields of bhav copy and 64 fields of master file data. The auditors have said that the MCX research team was directly in touch with the technology team to extract the required data without involving people from operations and compliance departments.
13. What constituted ‘live data’? MCX gave out details of pending orders that were still valid up to a certain date at the exchange level, actual order quantity, and display quantity along with quantity filled ‘today’, all of which reflect actual transactions done against orders on that date. Further, the report states that “the researcher, by gaining access to ‘disclosed quantity’ and ‘actual quantity’ on a daily basis, is made aware of the actual quantity placed by the trader, which the trader did not want others to know as it would result in knowledge of sensitive data.”
14. “It seems ‘researchers’ want to gain access to data not available to other traders and not required to be available as per the order of the said trader,” the draft forensic audit says. The audit report further shows there is no trail of data that was shared with the researchers as the files uploaded on the FTP server have been deleted.

PG conclusion

We leave it to the readers, government, investigative agencies, and the court to conclude if such blatant data breach involving the same characters as NSE is mere procedural lapse or a market access scandal involving insider trading or front running of gargantuan proportion.

1. Who are the ultimate beneficiaries of this scandal?
2. Can Paranjape alone be held responsible? Is he being made the scapegoat? Should the MCX board, which is highly conflicted, also accept responsibility?
3. Is the failure of SEBI, the regulator tasked with the responsibility of conducting regular inspections, representing the shareholder’s interests?

But still, if SEBI says the MCX episode was a mere procedural lapse like NSE, all will agree. No questions asked. Case closed.

• Author
• Recent Posts

Team PGurus

We are a team of focused individuals with expertise in at least one of the following fields viz. Journalism, Technology, Economics, Politics, Sports & Business. We are factual, accurate and unbiased.

Latest posts by Team PGurus (see all)

• Prime Minister Narendra Modi: A Gujju businessman who does not invest his precious time for a losing battle - April 13, 2024
• NIA arrests two accused Shazib and Taahaa in Bengaluru’s Rameshwaram Cafe blast case from Kolkata - April 12, 2024
• National Herald scam: Adjudicating Authority upholds Rs.752 crore assets attached by ED - April 11, 2024