On January 3, 2020, the Division of Swap Dealer and Intermediary Oversight (DSIO) of the U.S. Commodity Futures Trading Commission (CFTC) issued two cyber threat alerts regarding the hacking of approximately one dozen cloud service providers, as described in a Wall Street Journal article published December 30, 2019, entitled “Ghosts in the Clouds: Inside China’s Major Corporate Hack.”
One DSIO cyber threat alert was directed to swap dealers (SDs) and futures commission merchants (FCMs). Another was directed to commodity pool operators (CPOs), commodity trading advisors (CTAs), introducing brokers (IBs) and retail foreign exchange dealers (RFEDs). The National Futures Association (NFA) then sent a blast email to all NFA members in these registration categories (on behalf of the CFTC), with the DSIO alerts attached, further emphasizing to NFA members the information requested by DSIO and the deadlines for providing such information.
On July 31, 2018, the U.S. Office of the Comptroller of the Currency (OCC) announced its decision (the Fintech Charter Decision) to begin accepting applications from financial technology (fintech) companies for special purpose national bank charters.1 The OCC has indicated it will not grant a charter to a fintech company that wishes to accept deposits or engage in fiduciary activities (for business plans that involve purely fiduciary activities, a limited purpose trust charter may provide an alternative vehicle). The Fintech Charter Decision is discussed in greater detail in a prior Sidley Banking and Financial Services Update.2
On September 14, the New York State Department of Financial Services (DFS) filed a federal court complaint seeking to enjoin further actions by the OCC to implement the Fintech Charter Decision and related actions, arguing that such acts are lawless, ill-conceived and destabilizing of financial markets. DFS also argued that such acts are beyond the OCC’s statutory authority and in violation of the Tenth Amendment to the U.S. Constitution, alleging that the police power to regulate financial services and products delivered within a state’s own geographical jurisdiction is among a state’s fundamental sovereign powers.3 (more…)
On May 23, 2017, the Commodity Futures Trading Commission (CFTC) unanimously approved proposed amendments to the recordkeeping obligations set forth in CFTC Regulation 1.31 (Recordkeeping Rule) which is applicable to all CFTC registered entities and other persons required to maintain records under the Commodity Exchange Act (CEA). The final amendments are intended to modernize the Recordkeeping Rule by making the form and manner in which regulatory records must be kept technology-neutral. The amendments provide recordkeepers with greater flexibility regarding the retention and production of CFTC regulatory records. The CFTC indicated that it does not believe the amendments impose any new recordkeeping requirements on any recordkeeper, and existing recordkeeping methods remain valid for compliance with the amended Recordkeeping Rule should a recordkeeper choose not to take advantage of the less-prescriptive, principles based approach of the amended Recordkeeping Rule. The final amendments also reorganized the Recordkeeping Rule for ease of understanding, including by adopting new definitions. The amendments represent a long-awaited and generally positive modernization of important CFTC rules that have often frustrated market participants. The effective date for the amended Recordkeeping Rule is August 28, 2017. (more…)
On September 8th, the Commodity Futures Trading Commission (“CFTC”) approved amendments (“Final Rules”) to its ”system safeguards rules.” The system safeguards rules obligate designated contract markets, swap execution facilities, and swap data repositories (for convenience, collectively referred to as “Exchanges”) as well as derivatives clearing organizations (“Clearinghouses”) to have in place cybersecurity programs of risk analysis and oversight. As part of such a program, Exchanges and Clearinghouses (collectively, “Covered Entities”) must conduct testing and review sufficient to ensure their automated systems are reasonably reliable and secure, and have adequate scalable capacity.
This Article originally appeared in the Thomson Reuters FinTech Law Report, Volume 18, Issue 6 (2016).
On September 17, 2015, the Commodity Futures Trading Commission (“CFTC”) issued an order (“Coinflip Order”) settling charges brought against Coinflip, Inc., the operator of an online trading platform that facilitated the trading of derivatives on Bitcoin and other digital currencies, also referred to by the CFTC and other regulators as “virtual currencies” (“Bitcoin Derivatives”), including U.S. dollar cash-settled options. The CFTC found that Coinflip, Inc. had violated the Commodity Exchange Act (“CEA”) and CFTC rules by failing to register as a swap execution facility (“SEF”) or designated contract market (“DCM”). The direct impact of the Coinflip Order is minimal, as the platform itself had already shut down due to lack of volume. However, the Coinflip Order represents a watershed in the development of virtual currencies, as it is the first time that the CFTC has affirmatively asserted that Bitcoin and other virtual currencies are “properly defined as commodities” and that the CFTC has jurisdiction over Bitcoin Derivatives.