Blogs from September, 2025

New York Supreme Court in Manhattan, where major financial fraud and enforcement cases are heard.
|

Model Manipulation at Two Sigma: Enforcement Actions and Best Practices for Funds

R Tamara de Silva

On September 11, 2025, federal prosecutors and the Securities and Exchange Commission (SEC) announced parallel criminal and civil actions against Jian Wu, a former senior quantitative researcher at Two Sigma Investments. Two Sigma is a New York-based quantitative hedge fund managing over $100 billion in assets and is regarded as one of the most sophisticated firms in the industry. Wu is accused of manipulating algorithmic trading models to secure a $23 million compensation package while causing $165 million in losses to clients. Two Sigma later reimbursed those losses.

The scale of the alleged misconduct makes this case significant, but its importance lies in more than the dollar amounts involved. The proceedings illustrate the regulatory risks that accompany reliance on quantitative models and the consequences when governance and supervision fail. For firms registered with the CFTC or SEC, the Wu matter illustrates the need for careful attention to internal controls, incentive structures, and compliance systems that can withstand scrutiny in both regulatory and criminal forums.

The Allegations

According to the SEC’s complaint, Wu manipulated at least fourteen models he developed or co-developed between 2021 and 2023. Two Sigma’s procedures require new models to be sufficiently “decorrelated” from existing ones to ensure that each produces unique forecasts and contributes independent returns. Wu allegedly bypassed this safeguard by altering model parameters that were stored outside the firm’s secure code repository.

By reducing decorrelation values to near zero, his models effectively mirrored the forecasts of other models already in use. The result was that his models appeared to generate outsized returns even though they did not. Two Sigma believed that his models were uniquely profitable and, as a result, increased his incentive compensation dramatically. At the same time, clients were exposed to trading activity that deviated from intended strategies and suffered at least $165 million in harm.

The SEC has charged Wu with violations of Section 17(a) of the Securities Act and Section 10(b) of the Exchange Act and Rule 10b-5. The Commission is seeking injunctive relief, disgorgement of ill-gotten gains, civil penalties, and a permanent bar from serving in the advisory industry.

The criminal indictment from the Southern District of New York mirrors many of these allegations. Wu is charged with wire fraud, securities fraud, and money laundering. Prosecutors allege that he deceived his employer by altering models after they had been approved for live trading and that he misrepresented their performance in connection with securities transactions. They also claim that he used proceeds from the scheme to purchase a multimillion-dollar Manhattan apartment.

If convicted, Wu faces a maximum sentence of sixty years in prison. The government is also seeking forfeiture of the apartment and other property traceable to the alleged fraud.

Parallel Enforcement: Criminal and Civil

The Wu case is a clear example of how the same conduct can trigger simultaneous criminal prosecution and regulatory enforcement. The Department of Justice has presented Wu’s actions as a fraudulent scheme to obtain personal gain, while the SEC has brought a civil case under the antifraud provisions of the securities laws.

For funds, this convergence means that a significant compliance breach can lead to dual exposure. Employees may face criminal liability, while firms may be subjected to regulatory enforcement and reputational damage even if they remediate harm to clients. Questions of fairness and due process are not unique to this case; they were also central in the recent FINRA appellate decision limiting its ability to expel members without SEC review.

Compliance Lessons for Quantitative and Algorithmic Funds

Two Sigma had a formal model approval process, known as the PAM process, and a secure repository for approved code. Yet vulnerabilities in the parameter storage database, called celFS, enabled Wu to circumvent controls. The case demonstrates that compliance cannot end at the point of approval. Ongoing monitoring, independent validation, and strict governance of parameter changes are essential for funds that rely heavily on models.

The structure of Wu’s compensation also played a role. His bonuses and performance grants were directly tied to the alpha his models appeared to generate. That arrangement created an incentive to inflate results. Firms should review their compensation structures to ensure that incentives do not inadvertently encourage misconduct. Linking pay directly to model outputs without effective oversight can increase the risk of manipulation and regulatory exposure.

The case also highlights the importance of fiduciary duty and disclosure. Two Sigma voluntarily repaid $165 million to its clients. Despite that remediation, regulators still pursued both criminal and civil charges. This demonstrates that returning client funds does not insulate a firm from enforcement. Once client harm occurs, regulators will examine whether the firm’s disclosures, supervisory systems, and governance practices satisfied its fiduciary duties. As I have noted in my analysis of the CME Group’s dual role as both exchange and FCM, structural vulnerabilities in oversight can magnify systemic risk when governance frameworks fail.

Early detection is another critical lesson. Wu’s misconduct began to unravel when employees noticed unusual correlations in his models and when an anonymous social media post drew attention to his extraordinary compensation. Firms should implement robust internal reporting channels so that employees can raise concerns safely and supervisors can investigate promptly. Whistleblower protections and responsive compliance structures are essential in complex trading environments.

Wall Street and New York Stock Exchange, representing financial markets and hedge fund trading at the center of SEC and DOJ enforcement actions

Historical Precedents and Model-Risk Failures

The Wu case is not the first time that misrepresentation or weaknesses in model governance have caused major losses or led to regulatory action. In 2012, JPMorgan’s Chief Investment Office incurred over $6 billion in losses in what became known as the “London Whale” scandal. The firm’s risk models misestimated correlations and exposures in credit derivatives trades, which were mischaracterized as hedges. The debacle highlighted the dangers of faulty model assumptions and inadequate validation.

A year earlier, the SEC charged AXA Rosenberg and its founder for concealing a material error in the computer code of a quantitative investment model used to manage client assets. The firm paid more than $200 million in compensation to investors and penalties. The case showed that undisclosed flaws in models can rise to the level of securities fraud.

Also in 2011, UBS trader Kweku Adoboli caused approximately $2 billion in losses through unauthorized trades that he concealed by misrepresenting positions and exploiting gaps in oversight. His case illustrated how failures in supervision and weak reporting lines can magnify the risk of trader misconduct.

These historical examples demonstrate that while the technology and strategies may evolve, the underlying risks remain constant. Model manipulation, misrepresentation, and control failures expose firms to enormous financial and reputational damage. The Wu case falls squarely within this lineage, demonstrating once again that compliance, governance, and vigilance cannot be compromised.

What should firms do differently to prevent any one person from creating this level of exposure?

Start by treating model governance as a full life-cycle discipline, not a one-time approval. Segregate duties so the person who designs a model cannot unilaterally change code or parameters in production, and require dual authorization with documented change control for any parameter stored outside the core repository. Maintain a centralized model registry with versioning, audit trails, and immutable logs, and enforce least-privilege access through role-based controls reviewed quarterly. Build independent model validation into policy, including pre-deployment testing, correlation and drift monitoring, and continuous surveillance that alerts on decorrelation shifts, unusual concentration, or unexplained P&L attribution. Pair that with a “two-person rule” for privileged actions, periodic red-team reviews of controls, and a kill-switch procedure when monitoring flags a breach. Align compensation with risk by using deferrals, clawbacks, and malus so payouts reflect durability rather than short-term model contribution. Finally, ensure the compliance framework actually fits the business by mapping these controls to recognized standards and rules, including an SEC Rule 206(4)-7 program for RIAs, NFA Rule 2-9 supervision for CFTC registrants, and established control frameworks like SR 11-7 model risk guidance, COSO, and NIST, supported by a confidential reporting channel that routes quant concerns quickly to independent oversight.

Why This Case Matters

The Wu prosecution is not just about one employee’s misconduct. It reflects a growing willingness by regulators and prosecutors to focus on model governance, internal controls, and the integrity of quantitative strategies. For commodity trading advisors, commodity pool operators, registered investment advisers, and funds that rely on algorithmic models, the lessons are direct. Enforcement risk is significant, and the consequences of a breakdown in supervision are severe.

The SEC and DOJ have demonstrated that they will bring overlapping actions, even where firms repay harmed clients. Incentive structures tied to model performance must be scrutinized, and vulnerabilities in databases, approval systems, and supervisory chains must be eliminated before they become points of exposure.

Conclusion

The Two Sigma case shows that even in highly sophisticated quantitative environments, misconduct often reduces to failures in basic compliance. The allegations against Wu will ultimately be tested in court, but the takeaways for funds are already clear. Firms must design robust supervisory structures, enforce strict governance over models and parameters, and prepare for both regulatory and criminal scrutiny if things go wrong.

For the broader market, the case is a reminder that quantitative innovation does not diminish regulatory risk. On the contrary, it may magnify it.

References

  1. Complaint, Securities and Exchange Commission v. Jian Wu, No. 1:25-cv-07573 (S.D.N.Y. Sept. 11, 2025).
  2. Indictment, United States v. Wu, No. 1:25-cr-00413 (S.D.N.Y. Sept. 11, 2025).
  3. JPMorgan Chase Trading Loss (“London Whale”), see 2012 JPMorgan Chase trading loss, WIKIPEDIA, https://en.wikipedia.org/wiki/2012_JPMorgan_Chase_trading_loss.
  4. Press Release, SEC Charges AXA Rosenberg Entities for Concealing Error in Quantitative Investment Model (Feb. 3, 2011), available at https://www.sec.gov/news/press/2011/2011-37.htm.
  5. Kweku Adoboli, WIKIPEDIA, https://en.wikipedia.org/wiki/Kweku_Adoboli.

NB: This article is provided for informational purposes only and does not constitute legal advice. Reading this article does not create an attorney-client relationship. Parties considering participation in cryptocurrency or derivatives markets should consult qualified legal counsel regarding their specific circumstances and obligations.

Share To:

Most Recent Posts from September, 2025