I’ve often written that HFT firms are the best able to detect spoofers, and to take preventative measures (which reduce the profitability of spoofing, and hence its prevalence). The whole business of HFT is extracting signals from orders and order flow, and trading accordingly. Spoofing is based on manipulating the order flow–in essence, injecting noise into it. HFT firms evaluate their executions, and attempt to identify patterns that predict both winning and losing trades. If spoofers systematically impose losses on HFT firms, eventually the latter will figure it out.

This is the first article that I’ve read that supports this contention:

Inside Ken Griffin’s $25 billion empire, Citadel’s cyber investigators had isolated a new enemy: spoofers.

It was late 2013, and at the firm’s Chicago headquarters, a team of researchers discovered that a rival company’s algorithm was outmaneuvering their automated trader. The algo was placing futures orders it had no intention of filling to entice firms like Citadel into the transactions, then canceling them, leaving Citadel with money-losing trades. Citadel’s plan: to pit its computers against the spoofer in a high-stakes duel over market manipulation.

. . . .

Vertex Analytics may have devised a way to make high-frequency trading more transparent and spoofing easier to detect. The Chicago-based technology firm can represent graphically every order and transaction on CME’s markets, obviating the need to go through pounds of paper searching for a telltale sequence of

Vertex’s approach was a revelation for Robert Korajczyk, a finance professor for more than 30 years at Northwestern University, where he’s studied asset pricing and liquidity.

“My first reaction to seeing the graphics capabilities was ‘This can’t be done,’” Korajczyk said. “However, Vertex can do it.”

. . . .

Citadel isn’t the only firm that took measures against spoofers without regulators’ help.

In 2012, Chicago-based HTG Capital Partners detected a pattern of large canceled orders followed by aggressive trades in the opposite direction that left them with losing positions, according to an affidavit released last month. The firm created tools to help identify when spoofing was taking place, the affidavit said.

Transmarket Group has created an “anti-manipulation guide” that tells traders how to spot spoofing, according to a copy seen by Bloomberg News. The Chicago-based firm lists specific examples of spoofing in the natural gas market on CME as part of the guide.

The article spends a lot of time discussing enforcement actions against spoofers, and the difficulties of making a case. Even ignoring my doubts (expressed in earlier posts) whether the social costs of spoofing really warrant expensive enforcement efforts, the fact that sophisticated and knowledgeable players have the incentive to detect this kind of conduct, and take defensive measures (and perhaps offensive–at least that’s what the description of Citadel “pit[ting] its computers” against spoofers suggests) means that the frequency and scale of spoofing activity is likely to decline significantly. It is a pathogen that found a niche, but the hosts’ immune systems are adapting, and it will become less dangerous in short order.

This isn’t true of all forms of manipulation, but the very nature of spoofing–which involves doing things that are intended to be detected–makes it vulnerable to detection and countermeasures. This means that the system tends to be self-correcting, and this mitigates the need for enforcement. Unfortunately, it appears that enforcement officials (both civil and criminal) think otherwise, and have prioritized the prosecution of spoofing. Combined with the outrageous overcharging and over-penalizing that I’ve mentioned before, this is a disturbing development.