Swap Dealers and Futures Commission Merchants: "Let's Talk About Risk," Says CFTC in an Advanced Notice of Proposed Rulemaking

Current risk management program (RMP) requirements of swap dealers (SDs) and future commission merchants (FCMs) will be re-evaluated as part of an advanced notice of proposed rulemaking (ANPRM) issued by the Commodity Futures Trading Commission (CFTC) on June 1, 2023.

Among other things, the Commission seeks comments on whether current RMP requirements “adequately and comprehensively address the risks associated with the activities of affiliates.” 

The Commission also seeks input on risk management governance at SDs and FCMs, periodic risk exposure reporting, and whether specific types of risks should be required to be considered for the first time or, if already subject to consideration,  required to be addressed with greater specificity within SDs’ and FCMs’ RMPs. These risks include geopolitical; cybersecurity; environmental, social and governance; climate-related financial; and client funds’ protection risks. 

The CFTC further queries whether risks associated with artificial intelligence and machine learning, as well as risks associated with blockchain technologies, are specific technological risks that should be addressed by SDs and FCMs in their RMPs. Curiously, the advent of quantum computers that potentially jeopardizes the common encryption standards currently employed by financial services firms to protect proprietary and third-party systems as well as customer data was not expressly identified as a potential, specific technological risk that potentially should be considered at this time.

The CFTC imposed comprehensive requirements related to risk management systems by SDs and FCMs in response to the 2008 financial crisis and passage of the Dodd-Frank Act in 2010, and the misuse of customer funds by two FCMs in 2011 and 2012 – MF Global, Inc. and Peregrine Financial Group.

The Commission also seeks feedback on whether there should be closer alignment of various different requirements of SDs and FCMs and whether certain currently used broad terms in CFTC rules should be more appropriated defined (e.g., “governing body,” “senior management,” and “operational risk”).

In a statement accompanying the CFTC’s release of its ANPRM, Commissioner Christy Goldsmith Romero noted that “[m]anagement of existing, evolving and emerging risk is paramount to the financial stability of the United States and global markets. …Re-evaluating our risk management rules is responsible and necessary to keep pace with evolving markets that can give rise to emerging risk.”

Comments to the ANPRM are due by 60 days following publication of ANPRM in the Federal Register. Access the full ANPRM here.