The Commission will continue to sustain CFTC-wide enterprise technology solutions that enable the sharing and reuse of software across the Commission. The Commission continues to sustain technology to provide support for automated market and trade practice surveillance, enforcement and other legal counsel matters (eLaw), financial and risk surveillance, the CFTC.gov website, and document management. IT development, integration, and enhancements support critical business requirements through delivery of technological capability represented by quick, secure information access, analytical capabilities, and successful business process automation. To effectively accomplish its mission, the CFTC must adapt to frequent and innovative changes in the derivatives markets, increasing use of technology and growing market complexity. The Commission must invest heavily and judiciously in IT to timely track market activity, understand the markets and provide effective oversight. Prior year investments in infrastructure and system capabilities must be leveraged and built upon to provide services that multiply the effectiveness of staff, accomplishing integration between futures and swaps data and increased integration of CFTC systems and processes for monitoring registered entities, market and financial risk, market integrity, and trade practice as well as systems and processes for enforcement and economic analysis. The CFTC must sustain existing program initiatives, providing mission operations and maintenance. Several systems and services will require, in addition to ongoing routine maintenance and support, enhancements to support the implementation of the Dodd-Frank Act. ($7.389 million)
The Commission is expected to receive a continually increasing volume of transaction, position, reference, financial risk, and enforcement-related data. Each of these streams is increasing in variety and complexity and is sourced from an increasing number of participants. Transaction data will include pre-trade information and is complicated by the addition of swaps and high frequency trading. Position data must be aggregated from multiple sources for participants with complex organizational structures and must be correlated with transaction data. Definition and cataloguing of reference data related to exchange-traded futures was relatively straight-forward. Product reference data for standardized swaps transactions is significantly more complex and varies considerably by asset class. Financial risk data varies significantly by asset class and must be evaluated at multiple levels (trader, owner and counterparty; clearing member, clearing organization). Enforcement-related data has connections to the other data streams that can be mined and patterned. It is imperative that the CFTC have the appropriate capabilities to manage these data streams effectively, assist in applying the data streams in new and innovative ways to increase the efficiency and effectiveness of Commission oversight, and identify gaps that might reduce the effectiveness of the Commission. (4 FTE, $1.679 million)
CFTC network services are responsible for the underlying infrastructure of every single IT program at the Commission. The network enables messaging and communications, network security, database administration, IT business continuity, and data storage management. Storage and servers are at the core of our business. The CFTC network consist of over 300 servers between the primary network site in Washington, D.C., three secondary sites in Chicago, Kansas City, and New York, and a continuity facility at a remote site. The network handles internal email messages and the data transfer necessary to support Commission-wide technology solutions. Mission critical data on the network is replicated from the network hub site in Washington, D.C., to the co-location alternate computing facility. Enforcement and other staff, on an as-needed basis are also provided alternative, "off-network" access to the internet to support anonymity during investigations and access to external resources that pose a potential information security risk to the CFTC production network. As the scope of CFTC oversight increases and expands surveillance, analytics, enforcement, and transparency capabilities, the Commission must continue to scale communication, processing, and storage infrastructure to meet demand in both FY 2012 and FY 2013.
In addition to scaling up technology capacity, like industry participants and other regulators, the Commission must also continue to increase, automate, and scale information security controls in the face of evolving security threats. In FY 2012 the Commission will invest in automated physical network access controls and additional traffic monitoring and scanning tools and in FY 2013 the Commission will need to continue automating security controls and increasing the level of continuous monitoring of threats. The Commission is charged with protecting sensitive information assets that are critical to overseeing the markets, such as position data, and this data must be secured to ensure market integrity. CFTC anticipates continuing its investment in IT security to keep pace with ever evolving threats to data and systems.
The Commission currently stores more than 350 terabytes of data with data storage requirements increasing 64 percent annually. Implementation of the Dodd-Frank Act is anticipated to increase this rate of increase, particularly in the initial years of implementation. Increasingly aggressive automated surveillance strategies and analysis of very large datasets, as well as market reconstruction and simulation, valuation of complex swaps, and analysis of high speed and algorithmic trading require that the Commission acquire high speed computing capabilities for rapid analysis of datasets approaching one petabyte in FY 2013. Data communication capacity must also be increased to support connectivity to swap data repositories, high-volume DCMs, and increased communication with newly-regulated industry participants as well as other regulators.
In FY 2012, the Commission will complete the first phase of a three-phase effort to improve business continuity. The Commission has established an Alternate Computing Facility (ACF) as part of the first phase and will complete the first phase by implementing the replication of mission critical and mission essential data to the ACF. The second phase will implement the capability to restore mission critical and mission essential systems from the ACF in accordance with recovery time and recovery point objectives. With Phase 3, which will begin in FY 2013, we will implement recovery capability for all Commission systems. (7 FTE, $8.167 million)
Organizationally, the Commission’s data infrastructure increases will support the Commission-wide requirements through one program area:
|Data and Technology||11.00||$2,695||$14,540||$17,235|