Market anomaly: Quote Stuffing

• SEC inquiries into "Market-Makers-as-a-Service" (9/10 October 2024): In several proceedings the US regulator describes algorithms on popular crypto trading platforms producing extreme volumes of order/transaction messages - up to "quadrillions" of single events - to simulate market activity. Functionally this is order/quote flooding and matches the technical signature of Quote Stuffing (massive, short-lived quotes/orders with minimal execution). Status: regulatory allegations / enforcement filings.
• Note: Quote Stuffing is well studied in equities literature and correlated with degraded market quality. The same mechanics apply on centralized crypto order books.

In short: In Quote Stuffing an actor sends very many quotes/orders in a very short time and withdraws them immediately. The aim is not execution but to overload data feeds or matching engines: other participants see delayed/"noisy" information, spreads widen, depth briefly collapses - the initiator exploits this latency advantage (e.g., by reacting to fresh info before others).

Why it works: Technical systems can handle only a limited number of order/cancel events per second. When the message rate explodes, latencies rise, cancel rates spike and real fills remain rare - a pattern described in the literature as Quote-Stuffing episodes (liquidity ↓, trading costs ↑, ephemeral volatility ↑).

• Messages-per-second spikes (orders/amends/cancels) far above the venue baseline, lifetimes in the millisecond range.
• Extreme order-to-trade ratios (e.g. ≫ 100:1), very few executions despite high book activity.
• Simultaneous spread inflation and top-of-book depth collapse; often accompanied by feed-lag jumps.
• Bursty wave patterns (several bursts in rapid succession).

These effects - worse liquidity and higher implicit costs - are documented in empirical studies.

• High API rates: Large venues commonly allow thousands of requests per minute and high order limits per (sub-)account - enough headroom for flooding. Example: Binance Futures documents ~2,400 request-weight/min and ~1,200 orders/min per (sub-)account; OKX cites ~1,000 order requests per 2 seconds per sub-account.
• Centralized infrastructure: A single matching system feeds venue feeds; short-term overloads can be locally exploited without an immediate cross-venue audit trail to counteract them.

• Surveillance & tools: Exchanges and SROs operate multi-venue monitoring (e.g., Nasdaq SMARTS) and provide cross-market reports (e.g., FINRA) for order-based anomalies such as layering/spoofing - the same sensors (message rates, C2T, spread/depth metrics) help detect flooding/stuffing.
• Time & data quality: MiFID II / RTS 25 requires UTC-synchronised, high-precision timestamps for trading venues - forensic analysis of bursts becomes more reliable. MAR Art. 12 targets misleading signals generated via orders.

• Market quality & fairness: Undetected stuffing worsens execution quality, slippage and latency fairness - especially harming retail flows and simple algos.
• EU context (MiCA): Since 30 December 2024 core obligations for CASPs apply; transitional arrangements until 1 July 2026 may exist. Supervisors expect demonstrable monitoring of message-driven bursts and technical abuse.

Adaptive, quantile-based, per symbol/venue against a 30-day baseline at the same time of day. Required data: L2/L3 events including Add/Amend/Cancel, ms timestamps, spread/depth time series.

E3 (high) - "Flood + market quality damage"

• Messages/sec > p99.9 and order-to-trade ≥ 500:1 for ≥ 2 seconds, and
• Spread ≥ 2× baseline and top-of-book depth ≤ 0.5× baseline concurrently.

E2 (medium)

• Messages/sec > p99.5 and order-to-trade ≥ 200:1, and spread widening ≥ 1.5× baseline (1–5s window).

E1 (low)

• Short burst (> p99 messages/sec over ≤ 1s) without clear spread/depth effect → watchlist.

Thresholds align with research on market quality effects of episodic quote spikes and tie to venue-specific limits.

• Exclude technical causes: Deploy events, gateway incidents, rate-limit brakes or exchange incidents can create similar patterns - consult logs and status feeds.
• Check plausibility against rate limits: Bursts above documented account/IP limits suggest multi-account aggregation or measurement error; below limits they may be technically plausible.
• Distance to touch and duration: Weight serial bursts more heavily; consider 0–10bp / 10–25bp / 25–50bp bins separately.
• Cross-venue check: Comparing spread/depth degradation on other venues helps separate local incidents from deliberate flooding attacks.

• For traders: Early warning prevents fills on distorted feeds, reduces slippage and produces more realistic trend assessment.
• For operators/compliance: Clean burst profiles (messages/sec, C2T, spread/depth, ms timestamps) ease internal reviews, customer communication and cooperation with supervisors - aligned with MiCA/MAR expectations.

• U.S. Securities and Exchange Commission (SEC): press releases "SEC Charges Three So-Called Market Makers …", 9 October 2024; "SEC Charges Cumberland DRW …", 10 October 2024 - describe extreme, artificially generated activity on crypto platforms (functional order/quote flooding).
• J. F. Egginton, R. A. Van Ness, B. F. Van Ness: "Quote Stuffing", Financial Management, 2016 - empirical evidence: episodic quote spikes degrade liquidity, increase costs and volatility.
• Binance: "Rate Limits on Binance Futures" (updated 27 December 2024); Developers: Exchange/Derivatives Rate Limits - documented ~2,400 request-weight/min, ~1,200 orders/min per (sub-)account.
• OKX: "Sub-account rate limit" (announcement 10 January 2024) - ~1,000 order requests per 2 seconds per sub-account; Broker API Guide (rate limits per user ID).
• Nasdaq (SMARTS): "Nasdaq Trade/Market Surveillance" - multi-venue monitoring and alert patterns (including order-based anomalies). FINRA: Cross-Market Equities Supervision - Potential Manipulation Report (layering/spoofing analysis; methodologically relevant for flood detection).
• MiFID II / RTS 25 (UTC synchronisation): Delegated Regulation (EU) 2017/574 - precise UTC timestamps for trading venues; MAR Art. 12 - behavioural prohibitions ("false or misleading signals").
• ESMA: "Markets in Crypto-Assets (MiCA) – Transitional Measures", 17 December 2024 - CASP transitional regime to 1 July 2026 possible.