Receive free Virtu Financial Inc updates
We’ll send you a myFT Daily Digest email rounding up the latest Virtu Financial Inc news every morning.
Market maker Virtu has been sued by US regulators for allegedly giving misleading statements and omitting information about its protections against the potential misuse of sensitive customer information it held.
The Securities and Exchange Commission’s lawsuit on Tuesday said a database containing post-trade information generated from customer orders through Virtu’s institutional business was accessible via two widely-known passwords to “practically anyone” at Virtu Americas — including in its proprietary trading business, which trades for its own account and profit rather than for clients.
Virtu began life as a “prop” trader but is best known as a leading market maker for brokers such as Robinhood. Its institutional business pays brokers for those retail orders. That practice, known as payment for order flow, or PFOF, is banned in several countries, including the UK, because it might incentivise a retail broker to direct orders where the broker is best-rewarded, not necessarily where their retail trading customers get the best price.
Virtu’s alleged information breach lasted from January 2018 through the beginning of April 2019, according to the SEC.
“At a time when Virtu Americas handled around a quarter of all market orders placed by retail investors in the US, we allege that proprietary traders had nearly unfettered access to material non-public information about its institutional customers’ trades — information which could be abused for personal gain,” said Gurbir Grewal, director of the SEC’s enforcement division.
The SEC also alleged Virtu repeatedly misled institutional customers and the wider market by claiming it had barriers to prevent misuse of the information and used “systemic separation between business groups” to protect its customers’ private details.
The type of order flow data available in the database could be potentially valuable to a trader if a client’s trading pattern was likely to be repeated, theoretically allowing trading programs to get ahead of deals by placing earlier orders to get better prices than the client would subsequently be offered.
“[Virtu Americas] could not track who logged into the system that stored its customers’ material non-public information, could not track what information was extracted from the database by proprietary traders, and ultimately cannot determine to this day whether its traders abused the trust placed in [Virtu] by customers,” the SEC said in its complaint.
The watchdog said Virtu was aware of the problem by August 2018 but took no immediate steps to limit the risk of misuse.
Virtu said it rejected the SEC’s allegations and the theory that the possibility of access by a broader group of Virtu employees rendered its policies and procedures “unreasonable”.
“We are disappointed by the SEC’s decision to bring this action. Despite our belief that these allegations are meritless, we engaged in good faith settlement discussions with the SEC to bring this matter to a reasonable resolution,” said Virtu chief executive Douglas Cifu. “Unfortunately, the SEC’s position appears to be driven by politics and headlines rather than the facts and the law.”
The SEC said it was seeking disgorgement of any ill-gotten gains with interest, as well as civil penalties.