
AMF Bourse Direct Decision: Market Abuse Surveillance Lessons (Busy But Blind)
A market-abuse surveillance system can generate thousands of alerts a year and still leave an important risk uncovered. A June 2026 enforcement decision from the French Autorité des marchés financiers shows how that happens, and why the annual review obligation matters.
1. What the regulator decided
On 23 June 2026, the enforcement committee of the French Autorité des marchés financiers (AMF) sanctioned Bourse Direct and its chief executive for professional-obligation breaches involving transaction reporting and market-abuse surveillance. The firm received a financial penalty of 800,000 euros and its chief executive a personal penalty of 50,000 euros. The breaches were characterised over the period from 1 January 2021 to 30 November 2023.
The decision runs across two areas: the accuracy and completeness of transaction reporting, and the effectiveness of the market-abuse surveillance system. This article concentrates on the surveillance findings, because they carry the clearest read-across for compliance officers running automated monitoring today. The reporting findings are summarised at the end.
The decision states that it may be appealed under Article R. 621-44 of the French Monetary and Financial Code.
2. The blind spot in the scenarios
Bourse Direct ran two internally developed monitoring tools producing daily alerts, analysed by a compliance team. On paper the coverage looked complete. In practice, the AMF identified a specific gap running through the design.
The automated scenarios did not cover a particular insider-dealing risk: a client holding information likely to push a price down, selling out of a position to avoid a loss. The individual scenarios were fairly precise, one built around selling followed by large purchases of new securities, another around sudden sales meeting restrictive criteria, but none of them addressed that loss-avoidance pattern. According to the decision, that hypothesis simply was not covered.
A further weakness sat alongside it. No automated scenario used financial or economic news, or a client's risk profile, as an alert input. The firm argued that news monitoring and client sensitivity were handled by human review, and it maintained a list of sensitive clients. The AMF found, however, that the human-review procedures did not ensure those factors were sufficiently taken into account, at either first or second level.
The practical point: Coverage is not the number of alerts a system produces. It is whether the patterns most likely to signal abuse in your own client base are among the things the system is actually configured to look for. A precise scenario aimed at the wrong behaviour still leaves you exposed.
3. The client who exposed the weakness
The AMF illustrated the gap with one client, referred to only as Mr A. According to the decision, he had previously been sanctioned for market abuse and appeared on the firm's own internal list of at-risk clients. In mid-2023 he carried out operations in securities of companies that were in the financial news at the time because of their debt levels.
Those operations were treated by the AMF as potentially suspicious activity that should have received closer scrutiny. They were not flagged by the automated system, because of how the scenarios were calibrated, and they were not flagged by human reviewers either, despite the firm's own knowledge of the client's history. The relationship was ended only after the compliance function escalated the risk internally, and even then no retrospective review of his past activity was carried out.
It is worth being precise here. The AMF presented this client as an illustration of the system's weakness, not as a finding of proven abuse and not as the substance of the breach itself. The breach was structural. The client's operations simply made it visible.
4. The review that did not happen
This is the second half of the story, and the part that is easiest to overlook. The applicable rules require that surveillance measures, systems and procedures be regularly assessed, at least through an annual internal audit and review, and updated where necessary.
Across the whole period reviewed, only one internal audit had been conducted, in December 2022. That audit had itself identified the loss-avoidance gap and recommended reviewing transactions showing significant losses. The recommendation was not acted on at the time. The corresponding fix, a new scenario targeting loss-minimisation, was only introduced in July 2024, about 19 months later.
The monitoring tools themselves had been in place since 2013 and 2015 respectively, without recalibration. Scenarios written years earlier kept running, unchanged, against a risk environment that had moved on.
The practical point: The annual review obligation is the mechanism that tests a system built for yesterday's risks against today's. A review that happens but changes nothing, or an audit finding that is noted but left unimplemented, does not discharge it.
5. Busy is not the same as effective
What makes this decision instructive is that the firm was not idle. It ran two internally developed monitoring tools, produced several thousand alerts a year, all analysed by the compliance team, and filed 31 suspicious transaction reports with the AMF between 2021 and 2023. By volume, the function looked active and healthy, and the AMF acknowledged as much when weighing the seriousness of the breach.
The point of the decision was never that the firm lacked a system. It was that the system, however busy, was not effective enough for the risks the AMF had identified: it did not guarantee adequate alerts for the operations that required deeper analysis, and it did not ensure an appropriate level of human review. A high alert count masked a specific, persistent blind spot.
For compliance officers the read-across is uncomfortable, precisely because it is familiar. In many firms a surveillance system was calibrated years ago, against the risks that seemed most pressing at the time. The scenarios still run. The alerts still fire. The question the review obligation forces, and that this decision makes concrete, is whether they still catch what they are supposed to catch.
6. Questions to take back to your own surveillance
A short inspection-readiness check for anyone running automated monitoring, framed in the first person:
Do my scenarios cover selling as well as buying? Can the system alert on a client exiting a position to avoid a loss, not only on a client building one?
Does anything in my system respond to news or client profile? If human review is meant to handle that, is the requirement written into a documented procedure, or is it left to individual judgement?
When was my last genuine review? Not the daily clearing of alerts, but a structured annual assessment of whether the scenarios are still fit for the risks I face now.
What happened to the last audit finding? If a review flagged a gap, was it fixed, and how long did that take?
7. The reporting findings, in brief
Alongside the surveillance failings, the decision also characterised transaction-reporting breaches over the same period. A volume of transactions was never reported to the AMF because certain order flow never entered the order book that fed the reporting, and a significant proportion of reported transactions carried an incorrect trading venue transaction identification code (TV-TIC). On the sequence of warnings, the decision draws a distinction: the AMF had alerted Bourse Direct several times about the completeness of its reporting (RDT exhaustivity) from October 2019 onward, and it records separate AMF alerts about the TV-TIC issues from 2022 onward. These reporting findings are a distinct matter from the surveillance analysis and are noted here for completeness.
Know what supervisors are looking for. Our Market Abuse course works through surveillance calibration, the annual review obligation and real enforcement decisions like this one, so your monitoring is built around where enforcement is actually going.
Explore the Market Abuse course at cpds.academy
This article is based on the publicly available enforcement decision of the AMF enforcement committee dated 23 June 2026 (reference SAN-2026-05). The decision states that it may be appealed under Article R. 621-44 of the French Monetary and Financial Code. The regulatory read-across and practical framing represent the author's professional analysis and are not attributed to the decision.
Source: AMF, Décision de la commission des sanctions SAN-2026-05, 23 June 2026.

Article by Nikolas Demetriades
Published 07 Jul 2026