The CFTC approved final rules requiring enhanced protections afforded customers and customer funds held by futures commission merchants (“FCMs”). The rules require FCMs to adopt and enforce a risk management program, evidenced by written policies and procedures approved in writing by the FCM’s governing body, which must be furnished to the CFTC and the FCM’s self-regulatory organization. The risk management program must be reviewed and tested at least annually by qualified internal audit staff independent of the business unit or by a qualified third party audit service reporting to staff that are independent of the business unit. In addition, each FCM must establish and maintain a risk management unit with sufficient authority, qualified personnel, and the necessary resources to carry out the risk management program; the risk management unit must report directly to senior management and be independent from the business unit. The risk management unit must, among other things, prepare quarterly written reports regarding the FCM’s risk exposures, recommended changes, and the status of previously-recommended changes and provide those reports to senior management, the FCM’s governing body, and the CFTC.
The rules also require that FCM customer funds be separately accounted for and segregated, and prohibit an FCM from using one customer’s funds to secure or guarantee the commodity interests of, or secure or extend the credit of, any other person. Although funds from multiple customers may be commingled in a single account for operational convenience, they may not be commingled with the FCM’s own funds. The rules specify that customer funds may only be deposited with banks, trust companies, derivatives clearing organizations (“DCOs”), or another FCM, and require that the FCM perform appropriate due diligence to ensure that the entity with which customer funds are deposited is financially sound. Any such depository must agree to provide the CFTC with direct, read-only access to transaction and account balance information for futures customer accounts. Furthermore, the rules impose restrictions on the FCM’s ability to withdraw funds from certain customer accounts.
The final rules also require additional risk disclosure by FCMs, including both general and firm-specific disclosures, to existing and prospective customers. For example, the rules require FCMs to provide notice that the funds deposited with the FCM are not protected by insurance in the event of the bankruptcy or insolvency of the FCM or in the event that the funds are misappropriated, nor are such funds protected by the Securities Investor Protection Corporation even if the FCM is registered with the SEC as a broker or dealer. FCMs are also required to promptly notify the CFTC, their self-regulatory organization, and, if the FCM is a securities broker or dealer, the SEC, of certain solvency and material events, and to make certain financial information available to the public on their website.
The rules require the governing body of each FCM to ensure that the certified public accountant engaged to audit the FCM is duly qualified to do so. Among other things, such certified public accountant must be registered with, and have undergone an examination by, the Public Company Accounting Oversight Board (“PCAOB”). The rules also address certain related issues concerning DCOs and chief compliance officers.
The rules will become effective 60 days after their publication in the Federal Register. This effective date is also the compliance date for most of the rules’ provisions. However, compliance with certain provisions will be required at various later dates, the latest of which is December 31, 2015.