Earlier today, the US Commodity Futures Trading Commission's (CFTC or Commission) Division of Swap Dealer and Intermediary Oversight (DSIO) issued staff guidance (Guidance) that addresses how chief compliance officers (CCOs) are to issue their annual reports.
Derivatives market participants should pay particular attention to the Guidance and incorporate its detailed suggestions before filing their 2019 annual reports.
The Guidance addresses issues including a registrant's materiality standard, certain best practices, and the adequacy of disclosure for material noncompliance matters.
The CCO annual report is a requirement under CFTC Rule 3.3, and the last time staff issued guidance on it was in 2018 following modifications to the regulation itself. After reviewing the annual reports submitted for the 2018 fiscal year, though, DSIO staff felt it helpful to provide further direction in how CCOs are to be completing their annual reports.
Here are eight quick takeaways from the Guidance:
- Registrants are on notice that they must disclose their materiality standard. The Commission has previously declined to define what constitutes "materiality" for purposes of the CCO annual report. DSIO registrants have taken divergent views on what that standard is, and some firms have simply declined to disclose the threshold they use for their annual report. DSIO now requires the registrant to establish its own materiality standard and then declare that standard. This likely will result in several disparate materiality standards being used, which only further encourages the CFTC to provide additional clarity on the appropriate approach.
- DSIO expects firms to delve deeper than a review of the written policies and procedures, and a simple disclosure of instances of noncompliance. The areas for improvement and assessments of effectiveness must go beyond the papers that reside in a binder; they must include a written synopsis – from the compliance officer's perspective – of necessary initiatives or programs to be undertaken with an eye towards improved compliance. The Guidance makes clear that the CFTC staff expect the annual report to concurrently serve as a communication from the compliance officer to the registrant’s executives and, at the same time, to the regular on the registrant's compliance program.
- DSIO believes firms are generally deficient in their discussion of areas for improvement. However, DSIO does not establish or identify in the Guidance the criteria by which firms should measure this metric to determine when certain areas for improvement should be included in their annual reports.
- DSIO staff expect specific changes to be identified and addressed in a standalone section of the annual report and not just in the general assessment. This makes it easier, on an annual basis, for the regulator to evaluate whether the compliance officer has made progress since the prior year.
- DSIO staff recommends a "best practice" of reporting lower-level compliance issues as areas for improvement. While such an approach might remove some of the ambiguity caused by the lack of a materiality standard, this Guidance might establish an expectation that all noncompliance matters will be included in the annual report – those that rise to "material non-compliance issues" and those that may be less material and now reside under an area for improvement.
- Enterprise level compliance resources should be broken down to the registrant level. This will further challenge firms who centralize compliance for multiple regulatory frameworks and force some compliance offers to produce quantifiable metrics about how resources are split between, for example, SEC, CFTC, and prudential regulatory requirements. The "as much detail as is necessary" standard from the 2018 guidance seems to be replaced with a new, more prescriptive "precise numerical budget and staffing information related to compliance with the" Commodity Exchange Act standard.
- The Guidance requires detailed compliance software-oriented disclosure, including "the name of the specific software used for compliance purposes, how the software is used by personnel, and how the software fits into the entity's overall regulatory compliance program." This is an expansion from the 2018 Guidance's "general infrastructure" approach to the regulatory requirement of "operational resources."
- The Guidance makes clear that the certification requirement should be copied/pasted from the rule into the annual report. Including this requirement in the staff guidance is interesting because it means enough firms have been establishing their own certification standard that DSIO staff felt the need to issue guidance on this point.
CCOs should review this Guidance carefully to ensure that their 2019 annual reports satisfy CFTC Rule 3.3. and the DSIO staff's understanding of the regulations as set forth in today's advisory.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.