Regulation 23.600 does not explicitly require an SD’s RMP to include written policies and procedures to safeguard counterparty collateral.
From a Press Release:
The Commodity Futures Trading Commission today published an advanced notice of proposed rulemaking (ANPRM) seeking public comment on potential amendments to the Risk Management Program (RMP) requirements in CFTC Regulations 23.600 and 1.11 (collectively, RMP Regulations) applicable to swap dealers and futures commission merchants.
The ANPRM seeks information and public comment on several areas of the RMP regulations, including governance and structure, the enumerated risks RMPs must monitor and manage, and the specific risk considerations RMPs must take into account. In addition, the ANPRM seeks feedback on how the risk exposure report requirement under the RMP regulations could be improved or modified.
The Commission intends to use the information and comments received to inform potential future agency action, such as a rulemaking, with respect to the RMP Regulations.
Comments must be in writing and received within 60 days of the ANPRM’s publication in the Federal Register. Comments may be submitted via the CFTC Comments Portal at: https://comments.cftc.gov.
Title VII of the Dodd-Frank Wall Street Reform and Consumer Protection Act (DoddFrank Act) amended the Commodity Exchange Act (CEA)2 to establish a comprehensive regulatory framework to reduce risk, increase transparency, and promote market integrity within the financial system by, among other things, providing for the registration and comprehensive regulation of swap dealers (SDs) and major swap participants (MSPs), 4 and enhancing the rulemaking and enforcement authorities of the CFTC with respect to all registered entities and intermediaries subject to its oversight, including, among others, futures commission merchants (FCMs). Added by the Dodd-Frank Act, CEA section 4s(j) outlines the duties with which SDs must comply. Specifically, CEA section 4s(j)(2) requires SDs to “establish robust and professional risk management systems adequate for managing the day-to-day business of the [registrant].” CEA section 4s(j)(7) directs the Commission to prescribe rules governing the duties of SDs, including the duty to establish risk management procedures. In April 2012, the Commission adopted Regulation 23.600, which established requirements for the development, approval, implementation, and operation of SD risk management programs (RMPs).
Following two FCM insolvencies involving the misuse of customer funds in 2011 and 2012, the Commission proposed and adopted a series of regulatory amendments designed to enhance the protection of customers and customer funds held by FCMs. The Commission adopted Regulation 1.11 in 2013 to establish risk management requirements for those FCMs that accept customer funds. Regulation 1.11 is largely aligned with the SD risk management requirements in Regulation 23.600 (together with Regulation 1.11, the RMP Regulations). The Commission concluded at that time that it could mitigate the risks of misconduct and an FCM’s failure to maintain required funds in segregation with more robust risk management systems and controls. The Commission is issuing this ANPRM for several reasons. After Regulation 23.600 was initially adopted in 2012, the Commission received a number of questions from SDs concerning compliance with these requirements, particularly those concerning governance (for example, questions regarding who is properly designated as “senior management,” as well as issues relating to the reporting lines within the risk management unit). The intervening decade of examination findings and ongoing requests for staff guidance from SDs with respect to Regulation 23.600 warrant consideration of the Commission’s rules and additional public discourse on this topic.
The Commission has further identified the enumerated areas of risk that RMPs are required to take into account, and the quarterly risk exposure reports (RERs), as other areas of potential confusion and inconsistency in the RMP Regulations for SDs and FCMs. Commission staff has observed significant variance among SD and FCM RERs with respect to how they define and report on the enumerated areas of risk (e.g., market risk, credit risk, liquidity risk, etc.), making it difficult for the Commission to gain a clear understanding of how specific risk exposures are being monitored and managed by individual SDs and FCMs over time, as well as across SDs and FCMs during a specified time period. Furthermore, the Commission’s implementation experiences and certain market events over the last decade indicate that it may be appropriate to consider whether to include additional enumerated areas of risk in the RMP Regulations. The Commission has observed inefficiencies with respect to the RER requirements in the RMP Regulations. Currently, Regulations 23.600(c)(2) and 1.11(e)(2) prescribe neither the format of the RER nor its exact filing schedule. As a result, the Commission frequently receives RERs in inconsistent formats containing stale information, in some cases data that is at least 90 days out-of-date. Furthermore, a number of SDs have indicated that the quarterly RERs are not relied upon for their internal risk management purposes, but rather, they are created solely to comply with Regulation 23.600, indicating to the Commission that additional consideration of the RER requirement is warranted.
Finally, the Commission also reminds SDs and FCMs that their RMPs may require periodic updates to reflect and keep pace with technological innovations that have developed or evolved since the Commission first promulgated the RMP Regulations. The Commission is seeking information regarding any risk areas that may exist in the RMP Regulations that the Commission should consider with respect to notable product or technological developments. Therefore, the Commission is issuing this Notice to seek industry and public comment on these aforementioned specific aspects of the existing RMP Regulations, as discussed further below.
Wut mean? (I think):
The Dodd-Frank Wall Street Reform and Consumer Protection Act was introduced to provide comprehensive regulation of the financial system. It required the creation of robust risk management systems by Swap Dealers (SDs) and Major Swap Participants (MSPs). In 2012, Regulation 23.600 was established, outlining the risk management program (RMP) requirements for these entities. After several insolvencies involving misuse of customer funds in 2011-2012, additional risk management rules were established in 2013 for Futures Commission Merchants (FCMs).
Despite these measures, there were ongoing queries from SDs about compliance, particularly regarding governance, suggesting further clarifications necessary. There were also significant variances observed in the risk exposure reports (RERs) of SDs and FCMs, which affected the ability of the Commodity Futures Trading Commission (CFTC) to understand how risks were being monitored and managed.
There are also concerns that the current reporting schedule and lack of a specific format result in inconsistent reports with outdated information. Many SDs reported that these RERs were only created for compliance purposes, not for internal risk management, suggesting a review of this requirement is needed.
Lastly, there is recognition that risk management programs might need to be updated to reflect technological innovations. Therefore, the Commission is seeking industry and public comments on these issues related to the existing RMP regulations.
Periodic Risk Exposure Reporting by Swap Dealers and Futures Commission Merchants:
In accordance with Regulation 23.600(c)(2), an SD must provide to its senior management and governing body a quarterly RER containing specific information on the SD’s risk exposures and the current state of its RMP; the RER shall also be provided to the SD’s senior management and governing body immediately upon the detection of any material change in the risk exposure of the SD.48 SDs are required to furnish copies of all RERs to the Commission within five (5) business days of providing such RERs on a quarterly basis to their senior management.49 Likewise, Regulation 1.11(e)(2) has an identical RER requirement for FCMs.50 This Notice seeks comment generally on how the current RER regime for SDs and FCMs could be improved, as well as specific responses to the questions listed below:
- At what frequency should the Commission require SDs and FCMs to furnish copies of their RERs to the Commission?
- Should the Commission consider changing the RER filing requirements to require filing with the Commission by a certain day (e.g., a week, month, or other specific timeframe after the quarter-end), rather than tying the filing requirement to when the RER is furnished to senior management?
Should the Commission consider harmonizing or aligning, in whole or in part, the RER content requirements in the RMP Regulations with those of the National Futures Association (NFA)’s SD monthly risk data filings?
- If so, should the Commission consider any changes or additions to the data metrics currently collected by NFA as could be required in the RMP Regulations?
- For FCMs who are not currently required to file monthly risk data filings with NFA, were the Commission to adopt a monthly risk exposure reporting requirement, are there different risk data metrics for FCMs that it should consider including? If so, what are they?
- Are there additional SD or FCM-specific data metrics or risk management issues that the Commission should consider adding to the content requirements of the RER?
- Should the Commission consider prescribing the format of the RERs? For instance, should the Commission consider requiring the RER to be a template or form that SDs and FCMs fill out?
In furtherance of the RER filing requirement, should the Commission consider allowing SDs and FCMs to furnish to the Commission the internal risk reporting they already create, maintain, and/or use for their risk management program?
- If so, how often should these reports be required to be filed with the Commission?
- If the Commission allowed an SD or FCM to provide the Commission with its own risk reporting, should the Commission prescribe certain minimum content and/or format requirements?
- Should the Commission consider prescribing the standard SDs and FCMs use when determining whether they have experienced a material change in risk exposure, pursuant to Regulations 23.600(c)(2)(i) and 1.11(e)(2)(i)? Alternatively, should the Commission continue to allow SDs and FCMs to use their own internally-developed standards for determining when such a material change in risk exposure has occurred?
- Should the Commission clarify the requirements in Regulations 23.600(c)(2)(i) and 1.11(e)(2)(i) that RERs “shall be provided to the senior management and the governing body immediately upon detection of any material change in the risk exposure” of the SD or FCM?
- Should the Commission consider setting a deadline for when an SD or FCM must notify the Commission of any material changes in risk exposure? If so, what should be the deadline?
- Should the Commission consider additional governance requirements in connection with the provision of the quarterly RER to the senior management and the governing body of a SD, or of an FCM, respectively?
- Should the Commission require the RERs to report on risk at the registrant level, the enterprise level (in cases where the registrant is a subsidiary of, affiliated with, or guaranteed by a corporate family), or both? What data metrics are relevant for each level?
- Should the Commission require that RERs contain information related to any breach of risk tolerance limits described in Regulations 23.600(c)(1)(i) and 1.11(e)(1)(i)? Alternatively, should the Commission require prompt notice, outside of the RER requirement, of any breaches of the risk tolerance limits that were approved by an SD’s or FCM’s senior management and governing body? Should there be a materiality standard for inclusion of breaches in RERs or requiring notice to the Commission?
- Should the Commission require that RERs contain information related to material violations of the RMP policies or procedures required in Regulations 23.600(b)(1) and 1.11(c)(1)?
- Should the Commission require that RERs additionally discuss any known issues, defects, or gaps in the risk management controls that SDs and FCMs employ to monitor and manage the specific risk considerations under Regulations 23.600(c)(4) and 1.11(e)(3), as well as including a discussion of their progress toward mitigation and remediation?
Potential Risks Related to the Segregation of Customer Funds and Safeguarding Counterparty Collateral:
The segregation of customer funds and safeguarding of counterparty collateral are cornerstones of the Commission’s FCM and SD regulatory regimes, respectively. Currently, the existing RMP Regulations address the management of segregation risk and the safeguarding of counterparty collateral in different ways, given the differing business models between FCMs and SDs. Regulation 1.11(e)(3)(i) requires an FCM’s RMP to include written policies and procedures “reasonably designed to ensure segregated funds are separately accounted for and segregated or secured as belonging to customers. This requirement further lists several subjects that must, “at a minimum,” be addressed by an FCM’s RMP policies and procedures, including the evaluation and monitoring process for approved depositories, the treatment of related residual interest, transfers, and withdrawals, and permissible investments.
Although Regulation 23.600(c)(6) of the SD RMP Regulations requires compliance with all capital and margin requirements, Regulation 23.600 does not explicitly require an SD’s RMP to include written policies and procedures to safeguard counterparty collateral. Rather, the Commission chose to adopt Regulations 23.701 through 23.703 for the purpose of establishing a separate framework for the elected segregation of assets held as collateral in uncleared swap transactions. 53 Additionally, the Commission requires certain initial margin to be held through custodial arrangements in accordance with Regulation 23.157.
The Commission seeks comment generally on the risks attendant to the segregation of customer funds and the safeguarding of counterparty collateral. In addition, commenters should seek to address the following questions:
- Do the current RMP Regulations for FCMs adequately and comprehensively require them to identify, monitor, and manage the risks associated with the segregation of customer funds and the protection of customer property? Are there other Commission regulations that address these risks for FCMs?
- Currently, the Commission understands that no FCM holds customer property in the form of virtual currencies or other digital assets such as stablecoins. To the extent that FCMs may consider engaging in this activity in the future, would the current RMP Regulations for FCMs adequately and comprehensively require them to identify, monitor, and manage the risks associated with that activity, including custody with a third-party entity?
- Do the current RMP Regulations for SDs adequately and comprehensively require them to identify, monitor, and manage all of the risks associated with the collection, posting, and custody of counterparty collateral and the protection of such assets? Are there any other risks that should be addressed by the RMP Regulations for SDs related to the collection, posting, and custody of counterparty collateral?
- Do the Commission’s RMP Regulations adequately address risks to customer funds or counterparty collateral that may be associated with SDs and FCMs that have multiple business lines and registrations? Although the Commission understands that SDs and FCMs currently engage in limited activities with respect to digital assets, should the Commission consider additional RMP requirements applicable to SDs and FCMs that are or may become involved in, or affiliated with, the provision of digital asset financial services or products (e.g., digital asset lending arrangements or derivatives)?
Potential Risks Posed by Affiliates, Lines of Business, and All Other Trading Activity:
In light of increasing market volatility and recent market disruptions, as well as the growth of digital asset markets, the Commission generally seeks comment on the risks posed by SDs’ and FCMs’ affiliates and related trading activity. Generally, the RMP Regulations require SD and FCM RMPs to take into account risks posed by affiliates and related trading activity. Specifically, Regulation 23.600(c)(1)(ii) requires an SD’s RMP to take into account “risks posed by affiliates” with the RMP integrated into risk management functions at the “consolidated entity level.” Similarly, Regulation 1.11(e)(1)(ii) requires an FCM’s RMP to take into account risks “posed by affiliates, all lines of business of the [FCM], and all other trading activity engaged in by the [FCM].”
Some SDs and FCMs are subject to regulatory requirements designed to mitigate certain risks arising from certain affiliate activities. For example, SDs and FCMs that are affiliates or subsidiaries of a banking entity may have to comply with certain restrictions and requirements on inter-affiliate activities. Further, those SDs and FCMs that are subject to the Volcker Rule, codified and implemented in part 75 of the Commission’s regulations, and incorporated into other requirements, such as Regulation 3.3, are subject to the Volcker Rule’s risk management program and compliance program requirements.
The Commission seeks comment generally on the requirements related to risks posed by affiliates and related trading activity found within the RMP Regulations for SDs and FCMs, including non-bank affiliated SDs or non-bank affiliated FCMs. In addition, commenters should seek to address the following questions:
- What risks do affiliates (including, but not limited to, parents and subsidiaries) pose to SDs and FCMs? Are there risks posed by an affiliate trading in physical commodity markets, trading in digital asset markets, or relying on affiliated parties to meet regulatory requirements or obligations? Are there contagion risks posed by the credit exposures of affiliates? Are there risks posed by other lines of business of an SD, or of an FCM, respectively, that are not adequately or comprehensively addressed by the Commission’s regulations, including, as applicable, the Volcker Rule regulations found in 17 CFR part 75?
- Do the current RMP Regulations adequately and comprehensively address the risks associated with the activities of affiliates (whether such affiliates are unregulated, less regulated, or subject to alternative regulatory regimes), or of other lines of business, of an SD or of an FCM, respectively, that could affect SD or FCM operations? Alternatively, to what extent are the risks posed by affiliates discussed in this section adequately addressed through other regulatory requirements (for example, the Volcker Rule or other prudential regulations, or applicable non-U.S. laws, regulations, or standards)?
- Should the Commission further expand on how SD and FCM RMPs should address risks posed by affiliates in the RMP Regulations, including any specific risks? Should the Commission consider enumerating any specific risks posed by affiliates or related trading activities within the RMP Regulations, either as a separate enumerated risk, or as a subset of an existing enumerated area of risk (e.g., operational risk, credit risk, etc.)?
How to comment:
You may submit comments, identified by RIN 3038-AE59, by any of the following methods:
- CFTC Comments Portal: https://comments.cftc.gov. Select the “Submit Comments” link for this rulemaking and follow the instructions on the Public Comment Form.
- Mail: Send to Christopher Kirkpatrick, Secretary of the Commission, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.
- You should submit only information that you wish to make available publicly
- Commodity Futures Trading Commission (CFTC) seeks public comment on the Risk Management Program Requirements for Swap Dealers and Futures Commission Merchants.
- Regulation 23.600 does not explicitly require an SD’s RMP to include written policies and procedures to safeguard counterparty collateral.