CFTC Approves Two Proposals and a DCO Application

On December 18, 2023, the Commodity Futures Trading Commission (CFTC) published a press statement to inform of three (legislative) outcomes of its last open hearing on December 13, 2023. Specifically, the CFTC informs that it has
1. approved proposed rule amendments to Statutory Instruments 17 CFR Part 1 and 17 CFR Part 23 to create an operational resilience framework for futures commission merchants (FCMs), swap dealers (SDs), and major swap participants (MSPs);
2. approved proposed rule amendments to Statutory Instrument 17 CFR Part 39 to provide additional safeguards to clearing members‘ funds held by a derivatives clearing organization (DCO); and
3. approved the application of a firm to operate as a DCO.
Each one of these measures is described in more detail below.
—
(1) Creation of an operational resilience framework for FCMs, SDs, and MSPs: In an effort to enhance the resilience of FCMs, SDs, and MSPs, the Commission has adopted a proposal on a forthcoming consultation on a proposed new „resilience framework“. The framework introduces a comprehensive approach to managing risks related to information and technology security, third-party relationships, and business continuity.
The first key provision of the framework is the implementation of an information and technology security program. This program is designed to help in-scope firms identify, monitor, manage, and assess risks related to information and technology security. The program should include policies, procedures, and controls to protect against cyber threats and ensure the confidentiality, integrity, and availability of sensitive information. Additionally, firms must conduct regular risk assessments to identify and address any potential vulnerabilities in their information and technology systems.
Another important aspect of the framework is the requirement for firms to establish appropriate risk appetite and risk tolerance limits. This means that FCMs, SDs, and MSPs must determine the level of risk they are willing to accept and establish controls to ensure that those limits are not exceeded. Firms must also conduct annual risk assessments to ensure that their risk appetite and tolerance limits remain appropriate and that any changes in the risk environment are taken into account.
The framework also includes a third-party relationship program, which is designed to help FCMs, SDs, and MSPs manage risks associated with third-party service providers. Firms must establish policies and procedures for evaluating, selecting, and monitoring third-party service providers to ensure that they are able to meet the operational and security requirements of the covered firms. FCMs, SDs, and MSPs must also conduct regular risk assessments of their third-party service providers and ensure that appropriate controls are in place to mitigate any identified risks.
Another key provision of the framework is the requirement for firms to have a business continuity and disaster recovery plan in place. This plan should include policies, procedures, and controls for ensuring the continuity of critical business operations in the event of a disruption. The plan should also include procedures for recovering from a disaster and returning to normal operations as quickly as possible.
In addition to these key provisions, the framework also requires firms to implement controls to prevent, detect, and mitigate risks. This includes implementing an incident response plan, which should include procedures for detecting, responding to, and recovering from security incidents. In-scope firms must also establish controls to prevent unauthorized access to their information and technology systems and to protect against insider threats.
To conclude, the new framework would allow firms to participate in a consolidated program or plan that meets the requirements of the framework, as long as it is approved by the Commission. This allows them to benefit from economies of scale and to leverage the resources of other financial institutions to enhance their operational resilience. However, FCMs, SDs, and MSPs must still provide written attestation of compliance with the framework, regardless of whether they participate in a consolidated program or plan.
—
(2) Safeguarding clearing members and customer funds: In an effort to prevent the misuse of proprietary funds of clearing members and to ensure that funds of clearing members are appropriately protected should a DCO fail, the Commission proposes to implement various new requirements on DCOs which are briefly summarized below. It shall be noted in this context that the Commission proposes to introduce a new definition, namely the „proprietary funds“, to clearly distinguish funds of DCOs from other funds held or managed by a DCO. Specifically, „proprietary funds“ would refer to all money, securities, or property received by a DCO from or on behalf of clearing members in connection with futures, options on futures, and swaps contracts cleared by the DCO.
To ensure the proper handling and identification of proprietary funds, the CFTC proposes that DCOs account for these funds separately from their own funds and hold them in accounts specifically labeled as belonging to clearing members. DCOs would thereby be allowed to commingle proprietary funds belonging to multiple clearing members in a single account. Additionally, the CFTC suggests to require DCOs to hold such funds at a depository which in turn must confirm their engagement via a written acknowledgment letter. The CFTC provides a template letter for this purpose, which is similar to the current template letter for customer funds. This acknowledgement letter would have to be submitted to the CFTC. In same context, DCOs would be required to confirm daily the amount of proprietary and customer funds owed to each clearing member and verify daily that sufficient proprietary and customer funds are held to settle all obligations to all clearing members.
Furthermore, the CFTC proposes to prohibit DCOs and depositories to use proprietary funds for purposes other than those agreed with the clearing member and / or those purposes stipulated in the rules of a DCO. This includes DCOs utilizing the proprietary funds to guarantee or cover deficits in a customer account of a clearing member. DCOs may also use proprietary funds of non-defaulting clearing members‘ money, securities, or property held as a guaranty fund to „distribute“ losses resulting from a default by a clearing member.
Finally, the CFTC proposes to exclude foreign DCOs (those with a primary place of business outside the United States) from many of the proposed rules. Proprietary funds held at a foreign DCO would be subject to the foreign jurisdiction’s bankruptcy or insolvency laws in the event the foreign DCO enters bankruptcy.
—
(3) Approval of a new DCO: The Commission has approved the application of Bitnomial Clearinghouse, LLC for registration as a derivatives clearing organization under Section 5b of the Commodity Exchange Act. Thereafter, the company may provide „clearing services for futures and options on futures traded on a designated contract market (DCM)“.