Sarao made about US$40 million over four years, the U.S. Justice Department said. On May 6, 2010, his spoofing contributed to a market plunge known as the Flash Crash that temporarily wiped out almost $1 trillion in the value of U.S. equities, according to Justice and the CFTC. That day, he made about $900,000, they said.

The only other person to face criminal spoofing charges is Rumson, New Jersey, trader Michael Coscia. He reaped nearly $1.6 million over three months of illegal trading in 2011, Chicago U.S. Attorney Zachary Fardon said when the charges were announced in October.

Traders canceling orders before they're filled and immediately placing new ones to cash in on more favorable pricing can be detected by review of millisecond-by-millisecond electronic trading records. Enforcement has been sporadic, and prosecution is complicated by the need to show intent.

It's not against the rules to cancel orders; it is against the rules to place them with no intention of filling them.

For prosecutors, success hinges on the ability to establish whether accused traders intended to actually buy stocks before canceling their orders. In both cases, they may argue that the trading software used by Sarao and Coscia placed orders that were never meant to be filled, or couldn't be filled, according to former federal prosecutor and CFTC lawyer of Chicago.

"What's the intent?" Histed said. "To not trade? Then it's spoofing."

Coscia is the principal of Panther Energy Trading LLC. He was indicted in October after earlier settling civil claims by the CFTC by paying a $2.8 million fine and consenting to a one-year trading ban.

Market Confusion

On April 16 he lost a bid to dismiss the indictment against him when a Chicago federal judge rejected his lawyer's argument the law was too vague to be enforced.

There's confusion in the market about regulators' approach to policing abusive trading practices, said Christopher Hehmeyer, the chief executive officer of HTG Capital Partners LLC, whose firm filed an arbitration case and a federal lawsuit against another CME trader. That company was subsequently identified by CME as Allston Trading LLC, one of Chicago's biggest high-frequency trading firms.

"The market's desperate for clarity," said Hehmeyer. "Our opinion is the law is pretty clear and the behavior is prohibited, but the fact that there's doubt creates confusion."

Allston has denied any wrongdoing and hasn't been charged with breaking any CME rules. "Allston has conducted itself with the highest standards of excellence and integrity," Dave Lundy, a spokesman, said in an e-mailed statement. "We look forward to putting this matter to rest."

The CFTC said in a report last year that 10 spoofing probes had been initiated from July 2012 to July 2013 at Nymex and Comex, two of the derivatives markets owned by CME Group Inc. The regulator recommended the exchanges "continue to develop strategies" to detect the banned behavior.

"Ensuring the integrity of our markets is the highest priority of CME Group," Anita Liskey, a spokeswoman, said in an e-mailed statement. "We take that responsibility very seriously, and we continually police and prosecute disruptive trading activity, including spoofing." 

In the Sarao case, CME contacted the U.K.-based trader as early as 2009, and the Justice Department complaint alleges that he continued to spoof the markets until last year. Sarao is fighting extradition to the U.S. where he'll face 22 criminal counts, including wire fraud, commodities fraud, commodities manipulation, and spoofing, plus the CFTC's civil enforcement action.

Sarao E-mail

In a March 2010 e-mail exchange with CME officials, Sarao said he was "just showing a friend of mine what occurs on the bid side of the market almost 24 hours a day, by the high-frequency geeks," the complaint said.

On May 6, 2010, the day of the flash crash, CME sent Sarao another message. All orders to CME's electronic exchange were to be "entered in good faith for the purpose of executing bona fide transactions," CME said, according to the FBI affidavit.

That day Sarao and his firm, Nav Sarao Futures Limited Plc, employed computer algorithms to engage in a spoofing technique known as layering to trade thousands of futures S&P 500 E-mini contracts. The orders amounted to about $200 million worth of bets that the market would fall, a trade that represented between 20 percent and 29 percent of all sell orders at the time. The orders were then replaced or modified 19,000 times before being canceled in the afternoon.

James Moser was acting chief economist at the CFTC in 2010 when the flash crash happened, and he oversaw the agency's report on it. He said investigators had the entire order book from the CME but didn't look for spoofing because it was not on their radar at all. He said they could have looked for odd trading patterns but didn't do it.

"At that point in 2010, that wasn't high on the radar at least in our minds," Moser said. "CME was very forthcoming and they helped us immensely. At that time we were not used to seeing the order book. We were calling them daily and asking questions so we could understand how to interpret the messages coming in. It was an incredible amount of data."

Now, some in the industry are seeking their own means of detecting spoofing.

Vertex Analytics Inc., a Chicago-based firm, has begun offering software called Echo that can show futures bids, offers, and trades down to the millisecond. The data it features comes straight from CME, which authorized Vertex to distribute it, said Chief Operating Officer Doug Duquette.

While manipulation and tactics such as spoofing pre-date the move to computerized trading, what occurs behind the screen has become invisible, which is a problem, Duquette said.

"Let's put some sunlight on this process," he said.

The criminal case is U.S. v. Coscia, 14-CR-551, U.S. District Court, Northern District of Illinois (Chicago). U.S. v. Sarao, 15-CR-00075, U.S. District Court, Northern District of Illinois (Chicago).

–With assistance from Silla Brush and Tom Schoenberg in Washington and Sam Mamudi in New York.

Copyright 2018 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.