Recently the CFTC settled an administrative proceeding with an FCM that FCM risk managers will want to examine closely.
The settlement relates to allegations (among others) that the FCM violated CFTC Rules 1.11 and 1.73. Specifically, the CFTC alleged and settled allegations that the FCM had violated requirements under Rule 1.11 that an FCM (i) establish, maintain, and enforce a risk management program consisting of risk management policies and procedures designed to monitor and manage the risks associated with the activities of the FCM; and requirements under Rule 1.73 that an FCM that is also a clearing member of a derivatives clearing organization (ii) establish risk-based limits in each customer account based on position size, order size, margin requirements, or similar factors (and, if the clearing FCM provides electronic market access to customers, the FCM must use automated means to screen orders for compliance with those risk-based limits).
The settlement order cites several actions by the FCM alleged to have violated these requirements:
- Although the FCM established risk-based trading limits for a customer account, it “effectively disabled” those limits, in several ways:
- as a result of manual error, the account’s limit was initially set too high in the FCM’s automated systems;
- when the FCM discovered the error, it reset the account’s limit at a higher level, and without reference to the customer’s “financial resources” or “business needs”;
- when it again reset the account’s limit based on a “mathematical formula developed by a risk consultant,” the FCM preserved no record explaining the basis for the formula, or how “it took into account [the customer’s] resources or hedging needs” in setting it, and implemented no automated system for calculating or enforcing the new limit;
- because the customer’s order-routing system required the FCM to input a risk limit in a format different from the new formula limit, the FCM input a limit into the system “so high as to be meaningless”; and,
- when the customer exceeded even that limit, the FCM failed to enforce the limit or impose consequences on the customer for exceeding it.
- Although the FCM obtained financial statements from the customer and conducted conferences with the customer to understand its sources of funds, the FCM failed to notice material omissions in those statements (for example, reflecting net margin payments to the FCM), and generally failed to account for how the customer was consistently able to satisfy margin calls that were clearly beyond its financial resources, as reflected in those statements.
Based on the settlement order, FCM risk managers and legal and compliance coverage should confirm that their internal risk management procedures include the following:
- For each customer account, a process for “tailoring” (as the order states) risk-based limits to credit due diligence concerning customers’ resources and business needs. At a minimum, such a process should provide for meaningful communication between credit risk officers evaluating a customer’s financial resources and market risk officers responsible for setting risk-based limits for the customer’s accounts, by which such limits are informed by a credit view of the customer supported by diligence (financials, analysis thereof, and follow-up with customer on any issues arising from that analysis).
- Ongoing monitoring of customer trading designed to identify activity not within customers' financial resources or reasonably related to its business needs.
- A process for escalating and evaluating risk limit exceptions. Where limit breaches are approved and trading activity in excess of limits permitted, such approvals should be reasonable in light of the FCM’s credit and risk view of the customer (as informed by ongoing diligence).
- The foregoing processes should be documented and that documentation should be preserved in the FCM’s regulatory books and records.