2017-01287

Federal Register, Volume 82 Issue 15 (Wednesday, January 25, 2017)

[Federal Register Volume 82, Number 15 (Wednesday, January 25, 2017)]

[Proposed Rules]

[Pages 8369-8391]

From the Federal Register Online via the Government Publishing Office [www.gpo.gov]

[FR Doc No: 2017-01287]

=======================================================================

-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION

17 CFR Part 49

RIN 3038-AE44

Proposed Amendments To Swap Data Access Provisions and Certain

Other Matters

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: Pursuant to Title VII of the Dodd-Frank Wall Street Reform and

Consumer Protection Act of 2010 (``Dodd-Frank Act''), as amended by the

Fixing America's Surface Transportation Act of 2015 (``FAST Act''), the

Commodity Futures Trading Commission (``Commission'' or ``CFTC'') is

proposing amendments the Commission's regulations relating to access to

swap data held by Swap Data Repositories. The proposed amendments would

implement pertinent provisions of the FAST Act and make associated

changes to the Commission's regulations governing the grant of access

to swap data to certain foreign and domestic authorities by Swap Data

Repositories and to certain other regulations unrelated to such access.

DATES: Comments must be received on or before March 27, 2017.

ADDRESSES: You may submit comments, identified by RIN 3038-AE44, by any

of the following methods:

CFTC Web site: https://comments.cftc.gov. Follow the

instructions for submitting comments through the Comments Online

process on the Web site.

Mail: Christopher Kirkpatrick, Secretary of the

Commission, Commodity Futures Trading Commission, Three Lafayette

Centre, 1155 21st Street NW., Washington, DC 20581.

Hand Delivery/Courier: Same as Mail, above.

Federal eRulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

Please submit your comments using only one method.

All comments must be submitted in English, or if not, accompanied

by an English translation. Comments will be posted as received to

www.cftc.gov. You should submit only information that you wish to make

available publicly. If you wish the Commission to consider information

that you believe is exempt from disclosure under the Freedom of

Information Act (``FOIA''), a petition for confidential treatment of

the exempt information may be submitted according to the procedures

established in Sec. 145.9 of the Commission's regulations.\1\

---------------------------------------------------------------------------

\1\ 17 CFR 145.9. All Commission regulations cited herein are

set forth in chapter I of Title 17 of the Code of Federal

Regulations.

---------------------------------------------------------------------------

The Commission reserves the right, but shall have no obligation, to

review, pre-screen, filter, redact, refuse or remove any or all of your

submission from www.cftc.gov that it may deem to be inappropriate for

publication, such as obscene language. All submissions that have been

redacted or removed that contain comments on the merits of the

rulemaking will be retained in the public comment file and will be

considered as required under the Administrative Procedure Act and other

applicable laws, and may be accessible under the FOIA.

FOR FURTHER INFORMATION CONTACT: Daniel Bucsa, Deputy Director,

Division of Market Oversight--Data and Reporting Branch, (202) 418-

5435, [email protected]; Jeffrey P. Burns, Assistant General Counsel,

Office of the General Counsel, (202) 418-5101, [email protected]; David

E. Aron, Special Counsel, Division of Market Oversight--Data and

Reporting Branch, (202) 418-6621, [email protected]; or Owen J. Kopon,

Special Counsel, Division of Market Oversight--Data and Reporting

Branch, (202) 418-5360, [email protected], Commodity Futures Trading

Commission, Three Lafayette Centre, 1151 21st Street NW., Washington,

DC 20581.

SUPPLEMENTARY INFORMATION:

Table of Contents

I. Background and Introduction

A. Statutory Background: The Dodd-Frank Act

B. Regulatory History: The Part 49 Rules and the Commission's

2012 Interpretative Statement

1. Access to SDR Swap Data

2. The Regulatory Indemnification Requirement

C. FAST Act Amendments to CEA Section 21

D. CEA Section 8 Informs the Confidentiality Provisions of CEA

Section 21

E. Summary of Proposed Revisions to Part 49

F. Rescission of 2012 Interpretative Statement

II. Discussion

A. Definitions: Proposed Amendments to Sec. 49.2

B. Domestic and Foreign Regulators With Regulatory

Responsibility Over SDRs: Proposed Amendments to Sec. 49.17(d)(2)

and (3)

1. The Current Rule

2. Proposed Amendments

3. Request for Comment

C. Appropriateness Determination for Foreign Regulators and Non-

Enumerated Domestic Regulators: Proposed Sec. 49.17(h) and Proposed

Amendments to Sec. 49.17(b)

1. The Current Rule

2. The Proposed Amendments

3. The Factors Required for a Determination Order

a. Scope of Jurisdiction

b. Robust Confidentiality Safeguards

c. Additional Considerations

d. Other Matters Regarding the Determination Order Process

e. Request for Comment

4. Proposed Amendments to Sec. 49.17(d)(4)--SDR Notice and

Verification Obligations

5. Proposed New Sec. 49.17(i)--Delegation of Authority

6. Request for Comment

D. CEA Section 21(d) Confidentiality Agreements: Proposed

Amendments to Sec. 49.18

1. Current Sec. 49.18

2. Proposed Amendments to Sec. 49.18(a)--Confidentiality

Arrangement Required Prior to Disclosure of Swap Data

3. Proposed Amendments to Sec. 49.18(b)--Required Elements of

the Confidentiality Arrangement

4. Removal of Sec. 49.18(c)--ADRs and AFRs With Regulatory

Responsibility Over an SDR

5. Failure To Fulfill the Terms of a Confidentiality

Arrangement: Proposed Sec. 49.18(c) and (d)

6. Proposed Sec. 49.18(e)--Delegation of Authority

7. Conforming Changes

8. Request for Comment

E. Other Changes

III. Request for Comment

IV. Related Matters

A. Regulatory Flexibility Act

B. Paperwork Reduction Act

1. Summary of the Proposed Requirements

2. Collection of Information

3. Request for Comments on Collection

C. Cost-Benefit Considerations

D. Antitrust Considerations

I. Background and Introduction

A. Statutory Background: The Dodd-Frank Act

Title VII of the Dodd-Frank Act \2\ amended the Commodity Exchange

Act (``CEA'' or the ``Act'') \3\ to establish a

[[Page 8370]]

comprehensive new regulatory framework for swaps including, in new CEA

section 21, the registration and regulation of Swap Data Repositories

(``SDRs'').\4\ CEA section 21 imposes on SDRs, among other duties and

responsibilities, the duty to maintain the privacy of all swap

transaction information received from a swap dealer, counterparty, or

any other registered entity.\5\ CEA section 21(c)(7) directs SDRs to

make swap data available ``on a confidential basis pursuant to section

8 [of the CEA]'' \6\ to certain enumerated domestic authorities and any

other person the Commission determines to be appropriate, which may

include certain types of foreign authorities.\7\ Entities that are

eligible to receive access to swap data from an SDR pursuant to CEA

section 21(c)(7) are referred to herein, collectively, as the

``21(c)(7) entities'').

---------------------------------------------------------------------------

\2\ See Dodd-Frank Wall Street Reform and Consumer Protection

Act, Public Law 111-203, 124 Stat. 1376 (2010), available at http://www.cftc.gov/LawRegulation/OTCDERIVATIVES/index.htm. Title VII of

the Dodd-Frank Act, which amended the Commodity Exchange Act

(``CEA'' or the ``Act''), may be cited as the Wall Street

Transparency and Accountability Act of 2010.

\3\ 7 U.S.C. 1 et seq.

\4\ See Dodd-Frank Act section 728 (adding new CEA section 21, 7

U.S.C. 24(a), to establish a registration requirement and regulatory

regime for SDRs).

\5\ 7 U.S.C. 24a(c)(6).

\6\ As is discussed more fully below, CEA section 8 describes

circumstances under which public disclosure of information in the

Commission's possession is permitted and prohibited. As is

particularly relevant here, CEA section 8(e) permits the Commission

to disclose information in its possession and obtained in connection

with the administration of the CEA, upon request, to Federal

departments and agencies acting within the scope of their

jurisdiction but prohibits such recipients from disclosing such

information except in an action or proceeding under the laws of the

United States to which the recipient, the Commission or the United

States is a party. CEA section 8(e) further permits the Commission

to disclose information in its possession obtained in connection

with administration of the CEA, upon request, to any foreign futures

authority, department, central bank and ministries, or agency of a

foreign government or political subdivision thereof, acting within

the scope of its jurisdiction, subject to the condition that the

Commission is satisfied that the information will not be disclosed

by such recipient other than in connection with an adjudicatory

action or proceeding to which the foreign futures authority,

department, central bank and ministries, or the foreign government

or political subdivision or agency thereof is a party, and which is

brought under the laws of the foreign government or its political

subdivision, See 7 U.S.C. 12(e).

\7\ See 7 U.S.C. 24a(c)(7). See also Commission, Final

Rulemaking: Swap Data Recordkeeping and Reporting Requirements, 77

FR 2136, Jan. 13, 2012 (``Data Final Rules''). The Data Final Rules

set forth, among others, regulations governing SDR data collection

and reporting responsibilities under part 45 of the Commission's

regulations.

---------------------------------------------------------------------------

As originally enacted, CEA sections 21(d)(1) and (2) of the Act

mandated that, prior to receipt of any requested data or information

from an SDR, a 21(c)(7) entity agree in writing to abide by the

confidentiality requirements described in CEA section 8 and,

separately, to indemnify the SDR and the Commission for ``any expenses

arising from litigation relating to the information provided under

section 8.'' \8\ Congress's repeal of the CEA section 21(d)(2)

indemnification requirement in the FAST Act in December 2015 gave rise

to the amendments proposed in this release.

---------------------------------------------------------------------------

\8\ 7 U.S.C. 24a(d). As noted above, the indemnification

requirement was stricken from CEA section 21(d) by the FAST Act. See

Public Law 114-94, section 86001(b)(2).

---------------------------------------------------------------------------

B. Regulatory History: The Part 49 Rules and the Commission's 2012

Interpretative Statement

1. Access to SDR Swap Data

In 2011, the Commission adopted rules implementing CEA section 21's

requirements for SDRs.\9\ The Commission implemented the SDR swap data

access provisions of CEA sections 21(c)(7) and (d) by establishing

processes by which various categories of entities could gain access to

SDR swap data. The domestic entities enumerated in CEA section

21(c)(7)(A)-(D),\10\ and certain others deemed by the Commission to be

appropriate recipients of such swap data pursuant to CEA section

21(c)(7)(E),\11\ were defined in Sec. 49.17(b)(1) of the Commission's

regulations as ``Appropriate Domestic Regulators'' (``ADRs'').\12\

---------------------------------------------------------------------------

\9\ Swap Data Repositories: Registration Standards, Duties and

Core Principles; 76 FR 54538 (Sept. 1, 2011) (``SDR Final Rules'');

see also Swap Data Repositories: Registration Standards, Duties and

Core Principles, 75 FR 80898 (Dec. 23, 2010) (the proposed SDR Final

Rules) (``SDR NPRM'').

\10\ The domestic regulators enumerated in CEA section

21(c)(7)(A)-(D) are: (A) Each appropriate prudential regulator; (B)

the Financial Stability Oversight Council (``FSOC''); (C) the

Securities and Exchange Commission (``SEC''); and (D) the Department

of Justice. The term ``prudential regulator'' is defined in CEA

section 1a(39).

\11\ In addition to enumerating certain domestic entities to

which an SDR must grant swap data access, CEA section 21(c)(7)(E)

identifies as an eligible recipient of such access ``any other

person that the Commission determines to be appropriate, including--

foreign financial supervisors (including foreign futures

authorities); foreign central banks; foreign ministries; and other

foreign authorities[.]'' 7 U.S.C. 24a(c)(7)(E). Pursuant to this

authority, in rules 49.17(b)(1)(v) and (vi), the Commission

identified any Federal Reserve Bank and the Office of Financial

Research (``OFR''), respectively, as ``Appropriate Domestic

Regulators.'' The Commission also defined as an ``Appropriate

Domestic Regulator'' each prudential regulator identified in CEA

section 1(a)(39), with respect to requests related to any such

regulator's statutory authority. See Sec. 49.17(b)(1)(ii). The

Commission further reserved the discretion, in Sec.

49.17(b)(1)(vii), to recognize ``[a]ny other person the Commission

deems appropriate'' to be an ``Appropriate Domestic Regulator.''

\12\ Pursuant to Sec. 49.17(d)(2), ADRs with regulatory

jurisdiction over an SDR are not required to apply for access to SDR

data or to execute a confidentiality and indemnification agreement

if the regulator executes an information sharing arrangement with

the Commission and the Commission designates the regulator to

receive direct electronic access to SDR data pursuant to CEA section

21(c)(4). See also Sec. 49.18(c).

---------------------------------------------------------------------------

The term ``Appropriate Foreign Regulator'' (``AFR'') \13\ was

defined in Sec. 49.17(b)(2) as a ``Foreign Regulator'' \14\ with an

existing memorandum of understanding (``MOU'') or similar type of

arrangement with the Commission; no AFRs were specifically identified

in the rule. The term ``Appropriate Foreign Regulator'' was also

defined to include a Foreign Regulator without an existing MOU with the

Commission, as determined by the Commission on a case-by-case basis.

Such a Foreign Regulator was required to file with the Commission an

application providing sufficient facts and procedures to permit the

Commission to analyze whether the Foreign Regulator employs appropriate

confidentiality procedures, and to satisfy the Commission that any SDR

data accessed by the Foreign Regulator would be disclosed ``only as

permitted by [s]ection 8(e)'' of the CEA.\15\

---------------------------------------------------------------------------

\13\ The Commission established the category of AFRs pursuant to

CEA section 21(c)(7)(E), which, among other things, includes a list

of the types of foreign entities that the Commission may determine

to be appropriate recipients of such swap data access.

\14\ The term ``Foreign Regulator'' is defined in Sec.

49.2(a)(5) to mean a foreign futures authority as defined in CEA

section 1(a)(26), foreign financial supervisors, foreign central

banks and foreign ministries.

\15\ 17 CFR 49.17(b)(2)(i)(B).

---------------------------------------------------------------------------

An ADR or AFR seeking access to SDR data is required by current

Sec. 49.17(d)(1) to file an access request with the SDR certifying

that it is acting within the scope of its jurisdiction and is required

by current Sec. 49.17(d)(6) to execute a ``Confidentiality and

Indemnification Agreement'' with the SDR.\16\

---------------------------------------------------------------------------

\16\ Current Sec. 49.18(b) requires an SDR to receive such a

Confidentiality and Indemnification Agreement from an ADR or AFR

prior to releasing swap data to the ADR or AFR.

---------------------------------------------------------------------------

2. The Regulatory Indemnification Requirement

In the preamble to the SDR Final Rules, the Commission acknowledged

commenters' concerns that compliance with the statutory and regulatory

indemnification requirements would be difficult for certain domestic

and foreign regulators due to various home country laws and other

regulations prohibiting such arrangements,\17\ and expressed its intent

to continue to work to provide regulators sufficient access to SDR

data. In this regard, the Commission outlined the circumstances under

which it believed the indemnification provision of CEA section 21(d)

and Sec. 49.18 would

[[Page 8371]]

not apply. The Commission explained that, under the part 49 rules,

certain Appropriate Domestic Regulators may in some circumstances

obtain access to swap data reported and maintained by SDRs without

regard to the notice and indemnification requirements of CEA sections

21(c)(7) and (d).\18\ With respect to foreign regulatory authorities,

the Commission determined in the SDR Final Rules that swap data

reported to and maintained by an SDR may be accessed by an AFR without

the execution of a confidentiality and indemnification agreement when

the AFR has supervisory authority over a Commission-registered SDR that

is also registered with the AFR pursuant to foreign law and/or

regulation.

---------------------------------------------------------------------------

\17\ See SDR Final Rules at 54554. The Commission notes that,

prior to passage of the FAST Act on December 4, 2015, no 21(c)(7)

entity had entered into a confidentiality or indemnification

agreement pursuant to CEA section 21(d) or the part 49 rules.

\18\ It was, in the Commission's view, appropriate to permit

access to the swap data maintained by SDRs to Appropriate Domestic

Regulators that have concurrent regulatory jurisdiction over such

SDRs, without the application of the notice and indemnification

provisions of CEA sections 21(c)(7) and (d). See SDR Final Rules at

54554, n163. Accordingly, pursuant to the Commission's Part 49

rules, these provisions did not apply to an Appropriate Domestic

Regulator that has regulatory jurisdiction over an SDR registered

with it pursuant to a separate statutory authority that is also

registered with the Commission, if the Appropriate Domestic

Regulator executes an MOU or similar information sharing arrangement

with the Commission and the Commission, consistent with CEA section

21(c)(4)(A), designates the Appropriate Domestic Regulator to

receive direct electronic access. See 17 CFR 49.17(d)(2).

---------------------------------------------------------------------------

Concerns about the scope of the indemnification provision

persisted, and in October 2012 the Commission issued an Interpretative

Statement, which was designed to provide guidance and greater clarity

to interested members of the public and foreign regulators with respect

to the scope and application of CEA section 21(d) and the part 49

rules.\19\ The Interpretative Statement clarified that a foreign

regulatory authority's access to swap data held in a CFTC-registered

SDR would not be subject to the confidentiality and indemnification

provisions of CEA section 21(d) or the part 49 regulations if (i) the

registered SDR is also registered in, or recognized or otherwise

authorized by, the foreign authority's regulatory regime; and (ii) the

data sought to be accessed by the foreign authority has been reported

to the registered SDR pursuant to such foreign regulatory regime.\20\

---------------------------------------------------------------------------

\19\ See Swap Data Repositories: Interpretative Statement

Regarding the Confidentiality and Indemnification Provisions of the

Commodity Exchange Act, 77 FR 65177 (Oct. 25, 2012)

(``Interpretative Statement'').

\20\ Interpretative Statement at 65181.

---------------------------------------------------------------------------

C. FAST Act Amendments to CEA Section 21

Congress responded to the regulators' access concerns by including

in the FAST Act a repeal of CEA section 21(d)(2)'s indemnification

requirement.\21\ The confidentiality requirement in CEA section

21(d)(1) was retained in CEA section 21(d), as amended.\22\

---------------------------------------------------------------------------

\21\ Title LXXXVI (``Repeal of Indemnification Requirements'')

of the FAST Act amends the CEA by:

repeal[ing] the indemnification requirements added by the Dodd-

Frank Wall Street Reform and Consumer Protection Act for regulatory

authorities to obtain access to swap data. Foreign regulators and

regulatory entities have indicated concerns regarding the

indemnification requirements of Dodd-Frank. The title removes such

requirements so data can be shared with foreign authorities. The

title would still require the regulatory agencies requesting the

information to agree to certain confidentiality requirements prior

to receiving the data.

FAST Act: Conference Report to Accompany H.R. 22, Dec. 1, 2015

at 486-87. The repeal applied as well to the analogous provision in

the Securities Exchange Act of 1934, 15 U.S.C. 78m(n)(5).

\22\ The legislation struck subsection (d) of CEA section 21 and

inserted in its place a provision entitled, ``Confidentiality

Agreement,'' that states that before a swap data repository may

share information with any entity described in subsection (c)(7),

the swap data repository shall receive a written agreement from each

entity stating that the entity shall abide by the confidentiality

requirements described in section 8 of the CEA relating to the

information on swap transactions that is provided. See FAST Act,

Public Law 114-94, 129 Stat. 1312 (Dec. 4, 2015).

---------------------------------------------------------------------------

The FAST Act also modified CEA section 21(c)(7)(A) by specifying

that ``swap'' data--as opposed to ``all'' data--must be provided to

21(c)(7) entities, and added to CEA section 21(c)(7)(E)'s non-exclusive

list of persons that the Commission may determine to be appropriate

recipients of SDR swap data the new category ``other foreign

authorities.''

D. CEA Section 8 Informs the Confidentiality Provisions of CEA Section

21

CEA section 8 governs the Commission's treatment of nonpublic

information in its possession in a number of circumstances, and its

disclosure restrictions and confidentiality standards expressly inform

the access provisions of CEA sections 21(c)(7) and 21(d). As relevant

here, CEA section 8(e) permits the Commission to furnish to the

specified types of domestic or foreign entities--upon their request and

acting within the scope of their jurisdiction--any information in its

possession obtained in connection with the administration of the

Act.\23\ CEA section 8(e) specifies, with respect to U.S. entities,

that any information furnished thereunder shall not be disclosed except

in an action or proceeding under the laws of the United States to which

the entity, the Commission or the United States is a party. CEA section

8(e) further specifies, with respect to the specified types of foreign

entities, that the Commission shall not furnish information thereunder

unless the Commission is satisfied that the information will not be

disclosed by the entity except in connection with an adjudicatory

action or proceeding to which the entity is a party brought under the

laws to which such entity is subject.

---------------------------------------------------------------------------

\23\ 7 U.S.C. 12(e).

---------------------------------------------------------------------------

The principles underlying CEA section 8(e) are also fundamental to

CEA sections 21(c)(7) and (d) and to the access standards and

confidentiality provisions proposed in this release. In proposing

clearer and more robust access and confidentiality standards in

Sec. Sec. 49.17 and 49.18, the Commission is mindful of these

foundational principles: Where information is sought to be accessed,

the information must relate to the scope of the requesting entity's

jurisdiction or authority; and information provided by the SDR shall

not be further disclosed except in limited, defined circumstances.

E. Summary of Proposed Revisions to Part 49

Pursuant to its authority under the Act,\24\ the Commission is

proposing amendments to Sec. Sec. 49.2, 49.9, 49.17, 49.18, and 49.22

to (i) implement the statutory changes mandated by the FAST Act

Amendments; (ii) make certain conforming and clarifying changes related

to such implementation; (iii) revise the process by which

appropriateness is determined for purposes of access to SDR swap data

and clarify the standards in connection with the Commission's

appropriateness determinations; and (iv) establish the form and

substance of the written agreement mandated by CEA section 21(d), as

amended. In formulating the following proposed amendments, the

Commission has endeavored to balance the goal of effective and

consistent global regulation of swaps \25\ with the mandate of CEA

sections 21(c)(7) and (d) that swap data be made available to a limited

universe of regulators on a

[[Page 8372]]

confidential basis pursuant to CEA section 8. The proposed rules and

rule amendments would, if adopted:

---------------------------------------------------------------------------

\24\ See, e.g., CEA section 21(f)(4) (Additional duties

developed by Commission), 7 U.S.C. 24a(f)(4). The Commission is also

authorized by CEA section 8a(5), 7 U.S.C. 12a(5), to make such rules

and regulations as, in the judgment of the Commission, are

reasonably necessary to effectuate any of the provisions or to

accomplish any of the purposes of the Act.

\25\ Section 752 of the Dodd-Frank Act directs the CFTC, the SEC

and the prudential regulators, as appropriate, to consult and

coordinate with foreign regulatory authorities in this regard and

provides that these entities may agree to such information-sharing

arrangements as may be deemed necessary or appropriate in the public

interest or for the protection of investors, swap counterparties,

and security-based swap counterparties.

---------------------------------------------------------------------------

Add ``other foreign authorities'' to the foreign

regulators identified in Sec. 49.2(a)(5), consistent with the FAST

Act's amendment to CEA section 21(c)(7)(E) to include this category

among the entities that the Commission may deem appropriate to access

SDR swap data;

Amend Sec. 49.9 to make clarifying changes;

Amend Sec. 49.17 to, among other things: (i) Delete all

references to the indemnification requirement and/or indemnification

agreement; (ii) establish a process and clarify the standards for

determining whether certain entities not enumerated in Sec.

49.17(b)(1)(i)-(vi) are appropriate to directly access swap data from

an SDR; (iii) revise the SDR notification requirement so that SDRs

notify the Commission only for each initial request for swap data by

ADRs and AFRs and any subsequent request at variance with the ADR's or

AFR's scope of jurisdiction; (iv) specify that the information

available to ADRs and AFRs is ``swap data''--as distinguished from

``data,'' to reflect the corresponding FAST Act amendment to CEA

section 21; and (v) add a delegation of authority provision so that

Commission staff is able to efficiently administer certain functions

related to SDR swap data access;

Amend Sec. 49.18 to, among other things: (i) Delete all

references to the indemnification requirement and/or indemnification

agreement; (ii) require that SDRs receive, prior to providing SDR swap

data access to an ADR or AFR, a written confidentiality arrangement

between the Commission and such ADR or AFR; (iii) specify the required

elements of such written confidentiality arrangement; (iv) require SDRs

to notify the Commission of any known failures to fulfill the terms of

a confidentiality arrangement required by Sec. 49.18(a); (v) inform

ADRs, AFRs and SDRs that the Commission may direct an SDR to limit,

suspend or revoke an ADR's or AFR's access to swap data held by an SDR

if such ADR or AFR has failed to fulfill the terms of a confidentiality

arrangement required by Sec. 49.18(a); and (vi) add a delegation of

authority provision so that Commission staff is able to efficiently

administer certain functions related to SDR swap data access; and

Amend Sec. 49.22(d)(4) to omit a reference to

indemnification in order to conform to the corresponding FAST Act

amendment to the CEA.

F. Rescission of 2012 Interpretative Statement

The Commission has determined to rescind its 2012 Interpretative

Statement. References to the indemnification requirement in the

Interpretative Statement are no longer relevant as the indemnification

requirement in CEA section 21(d) has been repealed by the FAST Act.

Additionally, the modifications to Sec. 49.17(d)(3) that are proposed

here are consistent with the clarifications provided in the

Interpretative Statement.

II. Discussion

A. Definitions: Proposed Amendments to Sec. 49.2

As originally adopted, Sec. 49.2(a)(5) defined the term ``foreign

regulator'' to include a foreign futures authority as defined in CEA

section 1a(26), foreign financial supervisors, foreign central banks

and foreign ministries.\26\ The FAST Act amendments to the CEA added to

subsection 21(c)(7)(E) a new category of entity--``other foreign

authorities''--that the Commission may deem appropriate to obtain

access to SDR swap data. The Commission proposes a corresponding

amendment to the definition of ``foreign regulator'' in Sec.

49.2(a)(5) to conform this definition to amended subsection

21(c)(7)(E).

---------------------------------------------------------------------------

\26\ 17 CFR 49.2(a)(5). CEA Section 1a(26) defines ``foreign

futures authority'' as any foreign government, or any department,

agency, governmental body, or regulatory organization empowered by a

foreign government to administer or enforce a law, rule, or

regulation as it relates to a futures or options matter, or any

department or agency of a political subdivision of a foreign

government empowered to administer or enforce a law, rule, or

regulation as it relates to a futures or options matter. Section

723(a)(2) of the Dodd-Frank Act added section 2(d) to the CEA to

provide that enumerated provisions, including CEA section 1a, apply

to swaps.

---------------------------------------------------------------------------

B. Domestic and Foreign Regulators With Regulatory Responsibility )

Over SDRs: Proposed Amendments to Sec. 49.17(d)(2) and (3)

1. The Current Rule

Commission regulation 49.17(d)(2) of the Commission's regulations

currently provides that an ADR with regulatory jurisdiction over an SDR

registered with it pursuant to a separate statutory authority that is

also registered with the Commission is not subject to the requirements

of Sec. 49.17(d) (application and notice provisions) and Sec.

49.18(b) (confidentiality and indemnification agreement) as long as the

following conditions are met: (i) The ADR executes an MOU or similar

information sharing arrangement with the Commission; and (ii) the

Commission, consistent with CEA section 21(c)(4)(A), designates the ADR

to receive direct electronic access. As described in the SDR Final

Rules, the Commission provided that these ADRs may be provided access

to the swap data reported and maintained by SDRs without being subject

to the notice and indemnification provisions of CEA sections 21(c)(7)

and (d).\27\

---------------------------------------------------------------------------

\27\ See SDR Final Rules at 54554.

---------------------------------------------------------------------------

Commission regulation 49.17(d)(3) of the Commission's regulations

currently provides that an AFR with supervisory authority over an SDR

registered with it pursuant to foreign law and/or regulation that is

also registered with the Commission is not subject to the requirements

of Sec. 49.17(d) (application and notice provisions) and Sec.

49.18(b) (confidentiality and indemnification agreement). As described

in the SDR Final Rules and Interpretative Statement, the Commission

believes that confidential swap data reported to, and maintained, by an

SDR may be appropriately accessed by an AFR without the execution of a

confidentiality and indemnification agreement when the AFR is acting in

a regulatory capacity with respect to an SDR that is also registered

with the AFR and with respect to data reported to such SDR pursuant to

such AFR's regulatory regime.\28\

---------------------------------------------------------------------------

\28\ Id. See also Interpretative Statement at 65181; section 752

of the Dodd-Frank Act.

---------------------------------------------------------------------------

2. Proposed Amendments

With respect to domestic regulators with regulatory jurisdiction

over an SDR, the Commission proposes to remove: (1) The reference to

``Appropriate Domestic Regulator'' in Sec. 49.17(d)(2) and replace it

with the term ``domestic regulator'' to clarify that all domestic

regulators and not just ADRs would fall under Sec. 49.17(d)(2); (2)

subparagraph (i) to Sec. 49.17(d)(2) (the information sharing

arrangement condition) and (3) subparagraph (ii) to Sec. 49.17(d)(2)

(the direct electronic access condition). Although the Commission in

the original part 49 rules adopted the information sharing and direct

electronic access conditions so that ADRs would not be subject to the

then-existing confidentiality and indemnification requirements, the

Commission through experience with SDR swap data access believes an

additional refinement of these rules is necessary in order to promote

greater efficiency and cooperation among domestic regulators.

Accordingly, the Commission submits that a domestic regulator that has

regulatory jurisdiction

[[Page 8373]]

over an SDR registered with it pursuant to a separate statutory

authority should be able to access SDR data reported to such SDR

pursuant to such separate statutory authority irrespective of whether

such domestic regulator has executed an MOU or similar information

sharing arrangement with the Commission or been designated to receive

direct electronic access by the Commission.\29\

---------------------------------------------------------------------------

\29\ The Commission's proposal is consistent with the principle

previously set forth in its Interpretative Statement relating to the

confidentiality and indemnification provisions of the CEA. In

particular, the Commission stated ``that a foreign regulator's

access to data from a registered SDR that is also registered,

recognized, or otherwise authorized in a foreign jurisdiction's

regulatory regime, where the data to be accessed has been reported

pursuant to that [other] regulatory regime, [such access] will be

dictated by that jurisdiction's regulatory regime and not by the CEA

or Commission regulations.'' See Interpretative Statement at 65181.

---------------------------------------------------------------------------

In connection with foreign regulatory authorities that have

supervisory authority over an SDR, the Commission proposes to (i)

remove the reference to ``Appropriate Foreign Regulator'' in Sec.

49.17(d)(3) and replace it with the term ``Foreign Regulator'' as

defined in Sec. 49.2 to clarify that all Foreign Regulators, not only

those that have been determined ``appropriate'' by the Commission would

fall under Sec. 49.17(d)(3); and (ii) add qualifying language to Sec.

49.17(d)(3) so that Sec. 49.17(d)(3) applies not only to SDRs that are

``registered'' with the Foreign Regulator but also to those SDRs that

are ``registered, recognized, or otherwise authorized'' by a foreign

jurisdiction's regulatory regime, and where such swap data has been

reported to the SDR pursuant to the Foreign Regulator's regulatory

regime.\30\

---------------------------------------------------------------------------

\30\ Id.

---------------------------------------------------------------------------

As it was when adopting the SDR Final Rules, the Commission is

mindful of the need to protect the confidentiality of swap data when

such data is provided to another regulator. Under the proposal, the

Commission believes that the proposed changes to Sec. 49.17(d)(3)

strike the appropriate balance in providing access to swap data

consistent with the confidentiality protections set forth in the

CEA.\31\

---------------------------------------------------------------------------

\31\ See CEA section 21(c)(7); see also section 752 of the Dodd-

Frank Act.

---------------------------------------------------------------------------

3. Request for Comment

The Commission requests comment on all aspects of amendments to

Sec. 49.17(d)(2) and (3).

C. Appropriateness Determination for Foreign Regulators and Non-

enumerated Domestic Regulators: Proposed Sec. 49.17(h) and Proposed

Amendments to Sec. 49.17(b)

1. The Current Rule

CEA section 21(c)(7) specifies U.S. entities to which swap data

must be released by an SDR, provided certain prerequisites are

satisfied. Because Congress has determined that access to SDR swap data

by these entities is appropriate when the prerequisites are satisfied,

no further access consideration by the Commission is necessary. These

U.S. entities, along with others determined to be appropriate by the

Commission pursuant to CEA section 21(c)(7)(E), are identified in Sec.

49.17(b)(1) as ``Appropriate Domestic Regulators.'' The term

``Appropriate Domestic Regulator'' is also defined to include ``any

other person the Commission deems appropriate.'' The current part 49

rules do not include a process for determining that a U.S. entity not

specifically enumerated in Sec. 49.17(b)(1) is an ``Appropriate

Domestic Regulator.''

Under current Sec. 49.17(b)(2)(i), in order for a Foreign

Regulator \32\ that does not have a current MOU with the Commission to

be determined to be an ``Appropriate Foreign Regulator,'' \33\ it must

file with the Commission an application in the form and manner

specified by the Commission.\34\ The application must provide

sufficient facts and procedures to permit the Commission to analyze

whether the Foreign Regulator's confidentiality procedures are

appropriate and to satisfy the Commission that information provided by

an SDR will not be disclosed by the Foreign Regulator except as

permitted by CEA section 8(e).

---------------------------------------------------------------------------

\32\ The term ``Foreign Regulator'' is defined in Sec.

49.2(a)(5) to mean a foreign futures authority as defined in CEA

section 1(a)(26), foreign financial supervisors, foreign central

banks and foreign ministries.

\33\ No Foreign Regulators are enumerated in CEA section

21(c)(7) or specifically identified as Appropriate Foreign

Regulators in Sec. 49.17(b)(2).

\34\ To date the Commission has not specified a form and manner

for the application referenced in current Sec. 49.17(b)(2)(i)(A).

---------------------------------------------------------------------------

2. The Proposed Amendments

The Commission proposes to eliminate the current filing

requirements set forth in current Sec. 49.17(b)(2)(i) and establish

new filing requirements in proposed Sec. 49.17(h). The Commission also

proposes to include in Sec. 49.17(h), CEA section 8-related

confidentiality considerations and the ability for the Commission to

revisit or reassess appropriateness determinations. The filing

requirements proposed in new Sec. 49.17(h) would apply to all foreign

regulators regardless of whether a current MOU or similar arrangement

with the Commission exists, and to any domestic regulator that is not

an ADR enumerated in Sec. 49.17(b)(1)(i)-(vi) (``Enumerated ADR'').

Proposed Sec. 49.17(h)(3) would specify two threshold requirements for

a finding of appropriateness: (i) The requesting entity has in place

appropriate safeguards to maintain the confidentiality of such swap

data; and (ii) such entity is acting within the scope of its

jurisdiction in seeking access to swap data maintained by an SDR. These

requirements are necessary but may or may not be sufficient to support

an appropriateness determination: The Commission proposes to evaluate

each filing on a case-by-case basis with reference to these and other

factors that the Commission may find germane to its determination. If

the Commission finds on the basis of information submitted that access

to SDR swap data is appropriate, the Commission would issue an order

confirming the regulator's status as an ADR or AFR and setting forth

any conditions or limitations on access consistent with the relevant

statutory and regulatory requirements (the proposed ``Determination

Order''). The Commission is also proposing, through Sec. 49.17(h)(4),

to be able to revisit, reassess, limit, suspend or revoke a previously

issued Determination Order. The Commission believes it is necessary to

be able to revisit an appropriateness determination, and potentially

take one of the foregoing remedial actions, in order to be able to

address situations that may arise subsequent to the determination, such

as where an AFR or ADR violates the term of a Determination Order or

fails to properly keep SDR swap data confidential.

3. The Factors Required for a Determination Order

a. Scope of Jurisdiction

CEA section 21(c)(7) directs SDRs to provide swap data to

regulators ``on a confidential basis pursuant to section 8.'' \35\ The

Commission interprets this provision to require consistency with CEA

section 8(e)'s mandate that information may be furnished, on a

confidential basis, only to other regulators acting within the scope of

their jurisdiction. Accordingly, the Commission believes that an

appropriateness determination must be

[[Page 8374]]

informed by reference to the regulator's jurisdiction and to the

entity's legitimate regulatory or legal interest in the swap data to be

sought.

---------------------------------------------------------------------------

\35\ 7 U.S.C. 24(c)(7).

---------------------------------------------------------------------------

In this regard, the Commission proposes to add to part 49 new Sec.

49.17(h)(2), which would require an applicant seeking a Determination

Order to provide the Commission sufficient information to permit the

Commission to conclude that the applicant would be acting within the

scope of its jurisdiction in seeking access to swap data maintained by

an SDR. As part of this information, the Commission expects that an

applicant would explain the relationship between its jurisdiction and

its request for access to swap data maintained by SDRs, including an

explanation of the applicant's need for particular swap data to carry

out its regulatory mandate, legal authority or responsibility.

The Commission proposes in new Sec. 49.17(h)(3) to specify that

the Commission will not issue a Determination Order unless it is

satisfied that the regulator is acting within the scope of its

jurisdiction in seeking access to SDR swap data, and that any grant of

access will be limited to swap data appropriate to the entity's

regulatory mandate or legal authority. Each Determination Order would

further require, as a condition of the appropriateness determination

set forth therein, that a regulator that has received a Determination

Order promptly notify the Commission, and each SDR from which it has

received swap data, of any change to its jurisdiction that would relate

to the swap data access requested.\36\ As described in proposed Sec.

49.17(d)(5), the Commission would be able to direct SDRs to limit,

suspend or revoke the scope of an ADR's or AFR's SDR swap data access

to reflect the new scope of its jurisdiction.\37\ The Commission

expects that this proposed limitation on access will reduce the risk of

unauthorized or unnecessary disclosures because each appropriate

regulator will have access to swap data only to the extent necessary to

fulfill its jurisdictional mandate or regulatory responsibility.

---------------------------------------------------------------------------

\36\ The form of confidentiality arrangement set forth in

proposed Appendix B to part 49 also would require such notices.

\37\ As is relevant here, proposed Sec. 49.17(d)(5) would

require that each SDR ``shall, as directed by the Commission, limit,

suspend or revoke . . . such access should the Commission . . .

direct the [SDR] to limit, suspend or revoke such access.''

---------------------------------------------------------------------------

b. Robust Confidentiality Safeguards

CEA section 21(c)(7) is explicit in requiring that SDRs make swap

data available on a confidential basis pursuant to CEA section 8.

Proposed Sec. 49.17(h)(2) accordingly would require that the applicant

submit to the Commission information sufficient to permit a

determination that the applicant employs adequate confidentiality

safeguards to ensure that swap data the applicant receives from an SDR

will not be disclosed other than as permitted by the confidentiality

arrangement required by Sec. 49.18(a). The Commission anticipates that

this would involve the Commission considering whether the applicant's

confidentiality protocols, system safeguards and security compliance

procedures can be expected to ensure the confidentiality of the swap

data, and that the applicant has in place protections sufficient to

prevent unauthorized intrusions into the systems that maintain the swap

data. In this regard, the Commission would also expect to consider the

applicant's processes for limiting internal access to swap data to

those persons with a need to know, as well as how the swap data will be

stored and whether the swap data will be segregated from other

information.

It is the Commission's view that reliance on these factors strikes

an appropriate balance between realizing the benefits of data access by

regulators \38\ and the obligation to protect confidential information

in accordance with the dictates of CEA section 8(e), as incorporated by

reference in CEA section 21(c)(7) and (d) through those sections'

incorporation of CEA section 8. The Commission considers these factors

essential to a determination of appropriateness. Other considerations,

while not proposed to be codified in these proposed rules, may also

contribute to the Commission's appropriateness analysis.

---------------------------------------------------------------------------

\38\ See CEA section 21(c)(7); see also Section 752 of the Dodd-

Frank Act (recognizing the goal of effective and consistent global

regulation of swaps).

---------------------------------------------------------------------------

c. Additional Considerations

Although the Commission proposes to eliminate the current

regulatory provision conferring AFR status on a foreign regulator with

``an existing [MOU] or other similar type of information sharing

arrangement executed with the Commission . . ., '' \39\ it nonetheless

continues to believe that the existence of such an arrangement fosters

a cooperative relationship and encourages the development of shared

understandings related to regulatory responsibilities. Although not

dispositive, indications of a strong cooperative relationship with

another authority, as established by the existence of such an

arrangement and the Commission's experience working with such authority

in finalizing and administering the arrangement, would likely be a

factor supporting an appropriateness determination. Also, a failure to

cooperate fully or to comply with the terms of an existing or prior

arrangement might be expected to weigh against an appropriateness

determination.

---------------------------------------------------------------------------

\39\ 17 CFR 49.17(b)(2).

---------------------------------------------------------------------------

Similarly, when assessing appropriateness, the Commission expects

to consider whether it receives access to swap data maintained by trade

repositories in that regulator's jurisdiction. The Commission is

mindful of the Dodd-Frank Act's encouragement of coordination and

cooperation with foreign regulatory authorities.\40\ The Commission

believes that increased data access by regulators has the potential to

provide the Commission and other authorities with more complete

information with which to monitor risk exposures and should be expected

to promote global market stability through enhanced regulatory

transparency. Accordingly, Commission access to swap data maintained by

trade repositories in such other regulator's jurisdiction, an

arrangement prospectively to assist the Commission in obtaining data

from other jurisdictions, and a history of assistance from a foreign

regulator, would be viewed favorably by the Commission in considering

appropriateness.

---------------------------------------------------------------------------

\40\ See Dodd-Frank Act section 752, supra.

---------------------------------------------------------------------------

d. Other Matters Regarding the Determination Order Process

The Commission preliminarily believes that the Determination Order

process and factors discussed above offer a reasonable approach to

providing requesting entities access to SDR swap data based on clearly

articulated factors and any additional considerations or circumstances

the Commission may deem relevant on a case-by-case basis. Both the

required factors and the additional considerations support the mandate

of CEA sections 8, 21(c)(7) and 21(d) and are consistent with the

express intent of Congress that the Commission coordinate and cooperate

with foreign regulatory authorities on matters related to the

regulation of swaps. Through the issuance of Determination Orders, the

Commission will be able to impose appropriate conditions or

restrictions on an entity's access to SDR swap data such that the

entity's access is linked to its jurisdictional scope. Pursuant to

proposed Sec. 49.17(h)(4), the Commission

[[Page 8375]]

may also, in its discretion, issue a Determination Order of limited

duration, and may otherwise limit, suspend or revoke such an order if

the entity fails to comply with its terms or the terms of the statutory

confidentiality arrangements. The Commission would expect SDRs to take

into account any conditions or restrictions contained in a

Determination Order when providing access to swap data to an ADR or

AFR.

The Commission further believes it is appropriate to make the

process and factors proposed in Sec. 49.17(h) applicable to any

domestic entities that are not enumerated as ADRs in Sec.

49.17(b)(1)(i)-(vi), as scope of jurisdiction and confidentiality

considerations are equally applicable to U.S. entities, and has drafted

proposed Sec. 49.17(h) accordingly.

e. Request for Comment

The Commission requests comment on all aspects of proposed Sec.

49.17(h), particularly on whether the proposed regulatory and other

factors are sufficient to determine whether access to SDR swap data is

appropriate.

4. Proposed Amendments to Sec. 49.17(d)(4)--SDR Notice and

Verification Obligations

CEA section 21(c)(7) requires each SDR to notify the Commission of

a swap data request received from an ADR or AFR.\41\ Currently, this

statutory requirement is implemented in Sec. 49.17(d)(4)(i), which

provides that an SDR must promptly notify the Commission regarding

``any'' request received by an ADR or AFR to gain access to swap data

maintained by the SDR.

---------------------------------------------------------------------------

\41\ See CEA section 21(c)(7), 7 U.S.C. 24a(c)(7).

---------------------------------------------------------------------------

To reduce the burden on SDRs and provide greater operational

efficiency consistent with the intent of CEA section 21(c)(7), the

Commission is proposing to amend the SDR notification requirement in

current Sec. 49.17(d)(4)(i) to require an SDR to notify the Commission

(i) at the time that it receives the first request for swap data from a

particular ADR or AFR and (ii) at any time that a request does not

comport with the scope of the ADR's or AFR's jurisdiction, as described

in the confidentiality arrangement required by proposed Sec. 49.18(a).

The proposed amendment would make the notification applicable only to

the initial request for swap data and any subsequent request at

variance with the ADR's or AFR's scope of jurisdiction: On receiving

either such request for data by a particular ADR or AFR, the SDR would

be required to provide prompt electronic notification to the Commission

of the request, in a format specified by the Secretary of the

Commission, pursuant to proposed Sec. 49.17(d)(4)(ii). The SDR would

be required to keep such notification and related requests confidential

consistent with the requirements of CEA sections 21(c)(6) and (7) and

related regulatory requirements set forth in Sec. Sec. 49.16 and

49.17.

The Commission believes that the proposed approach to SDR

notification supports the Commission's need to be aware of who is able

to access SDR swap data and what data has been accessed, while

eliminating potentially costly, unwieldy and inefficient notice of

every swap data request. Under the proposal, the Commission would be

notified that a particular ADR or AFR has requested access to SDR swap

data and will be able to examine records of the ADR's or AFR's

individual swap data requests, and the swap data provided, as it deems

necessary.\42\

---------------------------------------------------------------------------

\42\ Consistent with the current recordkeeping requirements for

SDRs in Sec. 45.2(f), SDRs are required to maintain records of all

information related to the initial and all subsequent requests for

swap data from ADRs/AFRs. Appropriate records would include, at a

minimum, the identity of the ADR/AFR accessing the swap data; the

date, time and substance of the request for access; confirmation

that the request is consistent with the scope of the regulator's

jurisdiction; and copies of all swap data provided in connection

with the request for access. Pursuant to CEA section 1.31, SDRs are

required to maintain such records for a period of no less than five

years after the date of such request and must provide this

information to the Commission upon request.

---------------------------------------------------------------------------

The Commission also proposes to amend Sec. 49.17(d)(4) by adding

new subsection (iii) to require each SDR that receives a request for

access to its swap data from an ADR or AFR to verify, prior to

providing such access, that the request is consistent with the scope of

the ADR's or AFR's jurisdiction, as described in the confidentiality

arrangement required by proposed Sec. 49.18(a).\43\ This verification

would need to incorporate any subsequent changes thereto. The

Commission is also proposing to require an ADR or AFR that has executed

a confidentiality arrangement with the Commission pursuant to Sec.

49.18(a) and provided such confidentiality arrangement to one or more

SDRs to notify the Commission and each such SDR of any change to such

ADR's or AFR's scope of jurisdiction as described in such

confidentiality arrangement. Additionally, the proposal would enable

the Commission to direct a SDR to suspend, limit, or revoke access to

swap data maintained by such SDR based on any such change to such ADR's

or AFR's scope of jurisdiction, and that, if so directed, such SDR

shall so suspend, limit, or revoke such access.

---------------------------------------------------------------------------

\43\ The scope of jurisdiction would be described in Exhibit A

to the form of confidentiality arrangement set forth in proposed

Appendix B to part 49.

---------------------------------------------------------------------------

As proposed, Sec. 49.17(d)(4)(iv) would require SDR verification

only once with respect to a request for ongoing or recurring access to

particular data, provided that there has not been a change in the scope

of the regulator's jurisdiction (in which case an SDR would need to

verify anew that the swap data requested is within the scope of the

requesting ADR's or AFR's jurisdiction). The Commission recognizes that

the proposed requirement imposes a burden on SDRs; however, it notes

that SDRs are obliged by CEA section 21(c)(7) to provide access

``pursuant to section 8'' of the CEA, which requires a jurisdictional

nexus to the information requested. In these circumstances, the

Commission believes SDRs must take a role in ensuring compliance with

these statutory restrictions.

5. Proposed New Sec. 49.17(i)--Delegation of Authority

In the interests of expedience and efficiency in determining

appropriateness of access by regulators, the Commission proposes to

delegate all functions reserved to the Commission in Sec. 49.17 to the

Director of the Division of Market Oversight and to such members of the

Commission's staff acting under his or her direction as he or she may

designate from time to time.

6. Request for Comment

The Commission requests comment on all aspects of the proposed

amendments to Sec. 49.17, and particularly invites comments on:

1. Whether commenters believe there are more cost-effective methods

of notification and recordkeeping that would still provide the

Commission with access to the information necessary for it to perform

its regulatory functions in a manner consistent with CEA section

21(c)(7); and

2. Whether a phase-in process is necessary to decrease the

likelihood that a large number of new demands on SDRs' systems from

ADRs and AFRs seeking access to swap data will decrease SDR systems

reliability, efficiency or speed.

D. CEA Section 21(d) Confidentiality Agreements: Proposed Amendments to

Sec. 49.18

CEA section 21(d), as amended, requires that, prior to providing

swap data to a 21(c)(7) entity, an SDR ``shall

[[Page 8376]]

receive a written agreement from each entity stating that the entity

shall abide by the confidentiality requirements described in CEA

section 8 relating to the information on swap transactions that is

provided.'' \44\ As originally adopted, the part 49 rules required that

such confidentiality agreements be executed between the SDR and the

21(c)(7) entity.\45\ The Commission proposes to add a new Sec.

49.18(a) to require that a confidentiality arrangement be executed by

and between the ADR or AFR and the Commission.\46\ Once the ADR or AFR

and the Commission have executed a confidentiality arrangement, the ADR

or AFR may present the executed document to any SDR from which it

requests access to swap data in satisfaction of CEA section 21(d).

---------------------------------------------------------------------------

\44\ See CEA section 21(d). 7 U.S.C. 24a(d) as amended by the

FAST Act.

\45\ See current Sec. 49.17(d)(6) and 49.18(b).

\46\ See proposed Sec. 49.18(a) (requiring that an SDR received

``an executed confidentiality arrangement between the Commission and

the [ADR] or [AFR] . . . .''). The Commission notes that the SEC has

implemented a similar approach with respect to the execution of the

required agreement. See Access to Data Obtained by Security-Based

Swap Data Repositories, 81 FR 60585 at 60591 and 60608 (Sept. 2,

2016) (SEC rule 13n-4(b)(10), 17 CFR 240.13n-4(b)(10), and

associated preamble text).

---------------------------------------------------------------------------

The Commission recognizes that its proposed amendments to Sec.

49.18 represent a change in approach from the part 49 rules as adopted.

Based on its experience with SDRs and swap data access since the

adoption of part 49 in 2011, and further consideration of the

relationship between CEA sections 21 and 8, however, the Commission

believes this change is consistent with the statutory framework

established by Congress in CEA section 21(d) and 21(c)(7). Moreover, in

the Commission's view a confidentiality arrangement between the

Commission and the regulator more directly supports the confidentiality

mandate of CEA section 8. Finally, the Commission believes that the

proposed requirement will promote regulatory efficiency and reduce

costs to SDRs, ADRs and AFRs while ensuring the confidentiality of SDR

swap data by giving full effect to the strictures of CEA section 8(e).

To further promote regulatory efficiency, the Commission is

proposing to provide a form of confidentiality arrangement as Appendix

B to Part 49, for use by ADRs and AFRs. The Commission would expect its

use by ADRs and AFRs to reduce significantly the need for these

entities to negotiate separate confidentiality arrangements with the

Commission. This proposed change also would eliminate the costs and

potential inefficiencies to SDRs inherent in requiring them to

negotiate confidentiality agreements with a potentially large number of

ADRs and AFRs. Finally, while its use is not required, the Commission

believes that the proposed form of confidentiality arrangement in

Appendix B to Part 49 can be expected to conserve its limited staff

resources by eliminating in many cases the need for the Commission and

its staff to develop individualized confidentiality arrangements with

multiple ADRs or AFRs seeking access to SDR swap data.

1. Current Sec. 49.18

The Commission adopted Sec. 49.18 to implement CEA section

21(d)(1) and (2) as originally enacted. Accordingly, the current rule

sets forth the obligation for SDRs to execute a ``Confidentiality and

Indemnification Agreement'' before providing SDR swap data to an ADR or

AFR. Congress has repealed the indemnification requirement, and the

Commission proposes to make conforming amendments to Sec. 49.18 to

remove references to indemnification.

Separately, the Commission is proposing revisions to Sec. 49.18 to

modify the substantive requirements of the confidentiality arrangement

and the parties to the confidentiality arrangement, to establish

conditions for restricting or revoking access to SDR swap data, and to

clarify the confidentiality obligations of ADRs and AFRs with

regulatory responsibility over an SDR.

2. Proposed Amendments to Sec. 49.18(a)--Confidentiality Arrangement

Required Prior to Disclosure of Swap Data

The Commission proposes to remove current Sec. 49.18(a) \47\ and

add a new Sec. 49.18(a) requiring that an SDR receive a

confidentiality arrangement, executed by the Commission and the ADR or

AFR seeking access to the swap data maintained by the SDR, that, at a

minimum, contains all elements described in proposed Sec. 49.18(b).

---------------------------------------------------------------------------

\47\ Current Sec. 49.18(a) describes the purpose of Sec.

49.18.

---------------------------------------------------------------------------

3. Proposed Amendments to Sec. 49.18(b)--Required Elements of the

Confidentiality Arrangement

The Commission proposes to replace the text of current Sec.

49.18(b) \48\ with a requirement that the confidentiality arrangement

required pursuant to Sec. 49.18(a) shall, at a minimum, include all

elements included in the form of confidentiality arrangement set forth

in proposed Appendix B to part 49. Paragraph 5 of the confidentiality

arrangement would require the ADR or AFR to undertake that it will be

acting within the scope of its jurisdiction each time it requests swap

data from an SDR, and to promptly notify the Commission and each

relevant SDR if the scope of the ADR's or AFR's jurisdiction changes.

Paragraph 5 of the confidentiality arrangement also would require ADRs

and AFRs to employ procedures to maintain the confidentiality of swap

data and any information and analyses derived therefrom (the swap data

and such information are referred to collectively as the ``Confidential

Information'').

---------------------------------------------------------------------------

\48\ Current Sec. 49.18(b) requires an SDR to receive a

confidentiality agreement from a 21(c)(7) entity before granting the

21(c)(7) entity access to swap data maintained by the SDR. As

discussed above, the Commission proposes to address in proposed

Sec. 49.18(a) the confidentiality arrangement condition to swap

data access.

---------------------------------------------------------------------------

Paragraph 6 of the confidentiality arrangement would require ADR

and AFR signatories to employ the following safeguards to maintain the

confidentiality of the Confidential Information:

To the maximum extent practicable, maintain Confidential

Information received from SDRs separately from other data and

information; \49\

---------------------------------------------------------------------------

\49\ ADRs and AFRs seeking useful guidance for Confidential

Information segregation can look to the data segregation standards

contained in the National Institute of Standards and Technology

(``NIST'') Special Publication 800-53, Revision 4, Security and

Privacy Controls for Federal Information Systems and Organizations

(April 2013), available at http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf or in the Federal

Information Security Management Act of 2002, as amended (``FISMA'').

44 U.S.C. 3541. As the Commission has previously noted in a

different context, FISMA ``is a source of cybersecurity best

practices and also establishes legal requirements for federal

government agencies . . . .'' System Safeguards Testing

Requirements, 80 FR 80139, 80142 (Dec. 23, 2015) (``Registered

Entity Cyber NPRM''). The Commission recently adopted final rules

based on the Registered Entity Cyber NPRM. See System Safeguards

Testing Requirements, 81 FR 64271 (Sept. 19, 2016) (``Final

Registered Entity Cyber Rules'').

---------------------------------------------------------------------------

Protect such Confidential Information from

misappropriation and misuse; \50\

---------------------------------------------------------------------------

\50\ This should include cybersecurity measures. As the

Commission detailed in a different context in the Final Registered

Entity Cyber Rules, ``cyber threats to the financial sector continue

to expand.'' See Final Registered Entity Cyber Rules at 64272. See

also System also Safeguards Testing Requirements for Derivatives

Clearing Organizations, 80 FR 80113, 80114-80115 (Dec. 23, 2015)

(describing escalating and evolving cybersecurity threats);

Registered Entity Cyber NPRM at 80140-80141 (Dec. 23, 2015)

(describing, inter alia, the current cybersecurity threat

environment).

---------------------------------------------------------------------------

Ensure that only ADR or AFR personnel with a need to

access particular Confidential Information to perform their job

functions related to such Confidential Information have access thereto

and that such access is

[[Page 8377]]

permitted only to the minimum extent necessary to perform such job

functions; \51\

---------------------------------------------------------------------------

\51\ One basic principle of data security is that only those

with a need to access data to perform their work should be granted

access to such data. See, e.g., Framework for Improving Critical

Infrastructure Cybersecurity at 23 (Feb. 12, 2014), available at

http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf (characterizing the ``Protect'' element of a core

cybersecurity framework as one where ``[a]ccess to assets and

associated facilities is limited to authorized users, processes, or

devices, and to authorized activities and transactions.'').

---------------------------------------------------------------------------

Except as provided in paragraph 8 of the confidentiality

arrangement, prevent disclosure of Confidential Information unless

sufficiently aggregated and anonymized to prevent identification,

through disaggregation or otherwise, of a market participant's business

transactions, trade data, market positions, customers or

counterparties; \52\

---------------------------------------------------------------------------

\52\ The Commission understands that ADRs and AFRs may want to

use aggregated and anonymized information derived from SDR swap data

in analyses that may be made public. Cf. U.S. Gov't Accountability

Office, GAO-16-175, Financial Regulation: Complex and Fragmented

Structure Could Be Streamlined To Improve Effectiveness 71-75 (2016)

(``GAO Report''), available at http://www.gao.gov/assets/680/675400.pdf (discussing the OFR's Financial Stability Monitor and

related confidentiality issues and protections surrounding sharing

aggregated and disaggregated information provided by other

agencies). The Commission believes that, when properly aggregated

and anonymized, information derived from SDR swap data generally can

be disclosed without violating the requirement in CEA section 21(d)

that a recipient of swap data agree, with respect to the information

on swap transactions that is provided by an SDR, to abide by the

confidentiality requirements described in CEA section 8. Cf. Sec.

49.16(c) (stating that ``[s]ubject to Section 8 of the Act, [SDRs]

may disclose aggregated swap data on a voluntary basis or as

requested[ ] in the form and manner[ ] prescribed by the

Commission.''); SDR Final Rules at 54551 (stating that ``the

Commission believes that it is permissible under the Dodd-Frank Act

and part 49 of the Commission's regulations for an SDR to disclose,

for non-commercial purposes, data on an aggregated basis such that

the disclosed data reasonably cannot be attributed to individual

transactions or market participants.''). In certain cases, however,

even aggregated information may enable a reader to determine a

market participant's business transactions, trade secrets (e.g.,

algorithms) or positions. Thus, the proposed form of confidentiality

arrangement requires ADRs and AFRs to implement safeguards designed

to appropriately limit the use of information that has been

aggregated from SDR swap data and to prevent disaggregation or other

derivations of a market participant's business transactions, trade

data or market positions. ADRs and AFRs can look to Sec.

43.4(d)(1), (d)(4) and (g) for guidance on anonymization principles.

---------------------------------------------------------------------------

Prohibit the use of Confidential Information by ADR or AFR

personnel for any improper purpose; and

Monitor compliance with the confidentiality safeguards and

ensure prompt notification of the CFTC and each relevant SDR of any

violation of the safeguards or failure to fulfill the terms of the

confidentiality arrangement.

Paragraph 7 of the confidentiality arrangement also would preclude,

with limited exceptions, ADRs and AFRs from disclosing any Confidential

Information, via onward sharing \53\ or otherwise. The only permitted

disclosures would be (1) in actions, adjudicatory actions or

proceedings, as applicable, described in CEA section 8(e), the

operative language of which is included in paragraph 8 of the

confidentiality arrangement and (2) aggregated SDR swap data that is

anonymized to prevent identification (through disaggregation or

otherwise) of a market participant's business transactions, trade data,

market positions, customers or counterparties.

---------------------------------------------------------------------------

\53\ The Commission interprets the restrictions on disclosure

contained in CEA section 8 that are incorporated in CEA section

21(c)(7) and 21(d) as prohibiting an ADR or AFR from onward sharing

swap data it obtains from an SDR.

---------------------------------------------------------------------------

Paragraph 9 of the confidentiality arrangement contains certain

provisions requiring ADRs and AFRs to notify the Commission, and take

certain protective actions, prior to disclosing SDR swap data even

where an ADR or AFR receives a legally enforceable demand to disclose

Confidential Information.

Paragraph 11 of the confidentiality arrangement would require ADRs

and AFRs accessing swap data from SDRs to comply with all security-

related requirements imposed by SDRs in connection with access to such

swap data, as such requirements may be revised from time to time.

Because, subject to specified conditions, CEA sections 21(c)(7) and

21(d) require SDRs to provide ADRs and AFRs access to swap data, the

Commission expects that SDRs will not impose security-related access

requirements beyond those that are necessary to ensure the privacy and

confidentiality of SDR swap data. The Commission further expects that

SDRs' security-related access requirements for ADRs and AFRs would be

akin, if not identical, to the requirements SDRs impose on others

(e.g., the Commission, reporting counterparties) to whom SDRs provide

swap data access.

To further protect the confidentiality of SDR swap data, paragraph

12 of the confidentiality arrangement would require ADR and AFR

signatories to promptly destroy all Confidential Information for which

they no longer have a need or which no longer falls within their scope

of jurisdiction.\54\ While it may be the case that ADRs or AFRs will

use some or all Confidential Information in perpetuity, if they no

longer have a need for Confidential Information, they should destroy

such Confidential Information to prevent its misuse. Similarly, it is

possible that an SDR may inadvertently provide swap data outside the

scope of an ADR or AFR's jurisdiction. In such circumstances, such swap

data also should be destroyed immediately after the ADR or AFR

discovers that such swap data is outside the scope of its jurisdiction.

---------------------------------------------------------------------------

\54\ Paragraph 12 of the confidentiality arrangement would also

require ADR and AFR signatories to certify to the CFTC, upon

request, that they have destroyed such swap data.

---------------------------------------------------------------------------

The proposed rule would require that the confidentiality

arrangement must include an exhibit (Exhibit A) specifying the scope of

jurisdiction of the ADR or AFR signatory. If such signatory is not an

Enumerated ADR, the ADR or AFR would attach the Commission

Determination Order described in Sec. 49.17(h) as Exhibit A to the

confidentiality arrangement. If such signatory is an Enumerated ADR, it

would attach, as Exhibit A to the confidentiality arrangement, a

detailed description of its scope of jurisdiction as it relates to the

swap data maintained by SDRs that the ADR would seek pursuant to the

confidentiality arrangement. This requirement is designed to assist

SDRs in determining that the scope of each swap data request is within

the scope of the requesting entity's jurisdiction.

While the Commission would impose certain obligations on ADRs and

AFRs, with respect to swap data received from an SDR, in the proposed

confidentiality arrangement, ADRs and AFRs retain the discretion to

determine how to comply with those obligations. Additionally, to the

extent that neither the proposal nor commenters address a relevant

confidentiality issue that arises after an ADR or AFR commences

accessing swap data, the Commission expects affected ADRs and AFRs to

take appropriate measures to safeguard affected swap data and advise

the Commission of such issue promptly so that the Commission may

consider appropriate action.

4. Removal of Sec. 49.18(c)--ADRs and AFRs With Regulatory

Responsibility Over an SDR

The Commission proposes to remove current Sec. 49.18(c), which

provides that the indemnification and confidentiality requirements

established in Sec. 49.18(b) do not apply to certain ADRs and AFRs

with regulatory jurisdiction or supervisory responsibilities over an

SDR, but requires such regulators to comply with CEA section 8 and

``any other relevant statutory confidentiality authorities.'' As noted

above in section II.B. relating to Sec. 49.17(d)(2) and (3), the

Commission believes that those domestic and foreign regulators that

have regulatory responsibility over an

[[Page 8378]]

SDR should be able to access SDR data reported to such SDR pursuant to

such other regulator's regulatory regime, without limitation.

Therefore, the Commission submits that Sec. 49.18(c) is not

appropriate because it requires these domestic and foreign regulators

with regulatory responsibility over SDRs to comply with CEA section 8

and any other relevant statutory confidentiality authorities. In

addition, Sec. 49.17(d)(2) and (3) already provide that the

confidentiality and indemnification requirements of Sec. 49.18(b) do

not apply to these domestic and foreign regulators with regulatory

responsibility over SDRs. However, insofar as a regulator sought swap

data that was not reported to the SDR pursuant to that regulator's

regulatory regime, the exclusions set forth within Sec. 49.17(d)(2)

and (3) would not apply.

The Commission accordingly submits that current Sec. 49.18(c) is

inappropriate and unnecessary, and therefore, should be eliminated.

5. Failure to Fulfill the Terms of a Confidentiality Arrangement:

Proposed Sec. 49.18(c) and (d)

The Commission proposes in new Sec. 49.18(c) to require SDRs to

promptly report to the Commission any known failure to fulfill the

terms of a confidentiality arrangement that they receive pursuant to

Sec. 49.18(a). Proposed new Sec. 49.18(d) would authorize the

Commission to direct an SDR to limit, suspend or revoke an AFR's or

ADR's access to swap data, if the Commission determines that the AFR or

ADR has failed to fulfill the terms of its confidentiality arrangement

with the Commission.\55\

---------------------------------------------------------------------------

\55\ Proposed Sec. 49.18(d) provides that, if an ADR or AFR

fails to fulfill the terms of a confidentiality arrangement under

paragraph (a) of proposed Sec. 49.18, the Commission may direct

each registered SDR to limit, suspend or revoke the ADR's or AFR's

access to swap data held by the SDR Similarly, proposed Sec.

49.17(d)(5) would require an SDR, as directed by the Commission, to

limit, suspend or revoke an ADR's or AFR's swap data access should

the Commission revoke the appropriateness determination for such ADR

or AFR or otherwise direct the SDR to suspend or revoke such access.

---------------------------------------------------------------------------

6. Proposed Sec. 49.18(e)--Delegation of Authority

The Commission is proposing to add Sec. 49.18(e)(1) to delegate to

the Director of the Division of Market Oversight, and to such staff

acting under his or her direction as he or she may designate from time

to time, all functions reserved to the Commission in Sec. 49.18.

Proposed Sec. 49.18(e)(2) would reserve to the Director of the

Division of Market Oversight the authority to submit to the Commission

for its consideration any matter which has been delegated to the

Director under proposed Sec. 49.18(e)(1). The Commission proposes in

Sec. 49.18(e)(3) to expressly permit the Commission, at its election,

to exercise the authority delegated to the Director of the Division of

Market Oversight under proposed Sec. 49.18(e)(1).

This delegation is intended to conserve Commission resources and

increase the effectiveness and efficiency of the Commission's oversight

and supervision of SDR swap data access. The Commission anticipates

that the delegation of authority will help facilitate timely access to

SDR swap data by ADRs and AFRs consistent with the requirements set

forth in part 49 of the Commission's regulations. However, the Division

of Market Oversight may submit matters to the Commission for its

consideration, as it deems appropriate.

7. Conforming Changes

As a result of the FAST Act Amendments, the Commission proposes

conforming changes to Sec. 49.17(d)(6), to delete references to an

Indemnification Agreement. As a result of the proposed changes to Sec.

49.18, and in particular, Sec. 49.18(a), the Commission proposes

conforming changes to Sec. 49.22(d)(4) relating to chief compliance

officer compliance responsibilities and duties so that the appropriate

section reflecting the confidentiality arrangement is referenced.

8. Request for Comment

1. The Commission requests comment on all aspects of the proposed

amendments to Sec. 49.18. Commenters are particularly invited to

address the proposed amendments to Sec. 49.18 relating to the

confidentiality provisions of CEA sections 21(c)(7) and 21(d), whether

the Commission should prescribe specific processes to govern ADR and

AFR requests for swap data access from an SDR; and whether the

Commission should prescribe a process to govern an SDR's treatment of

requests for swap data access.

2. In addition, commenters are invited to address the proposed

rules implementing the notification requirement. In this regard, is

there an alternative to requiring SDRs to maintain copies of all data

they provide in connection with the data access provisions that would

still permit the Commission to assess the SDR's ongoing compliance with

those provisions? For example, are alternative approaches available

such that the Commission need not require SDRs to maintain actual

copies of all information provided pursuant to the data access

provisions? Would such an alternative approach reduce the burdens on

SDRs while still permitting the Commission to assess ongoing

compliance?

E. Other Changes

In addition to those changes discussed throughout this release, the

Commission is proposing other changes to part 49, including a number of

ministerial changes. The Commission proposes to amend Sec. 49.9(a)(9)

to change the reference in Sec. 49.9(a)(9) from ``certain appropriate

domestic regulators and foreign regulators'' to ``Appropriate Domestic

Regulators and Appropriate Foreign Regulators'' to make clear that an

SDR is required to provide access to swap data, pursuant to Sec.

49.17, only to ADRs and AFRs. The Commission is proposing to make a

number of other changes to part 49 to more consistently refer to the

defined term ``swap data''. The Commission is proposing to modify the

references in existing Sec. Sec. 49.9(a)(9) and 49.17(b)(2)(i) to

``swap data or information''; the reference in existing Sec.

49.17(d)(4)(i) to ``swaps transaction data''; and the reference in

existing Sec. 49.17(d)(6) to ``requested data,'' to be references to

``swap data'' as that term is defined in Sec. 49.2(a)(15). The

Commission is proposing these changes to eliminate confusion and to

conform part 49 to the FAST Act's amendment of CEA section 21(c)(7) to

refer to ``swap data.''

The Commission is also proposing to replace the reference in Sec.

49.17(a) to ``swaps data'' with a reference to ``swap data'' and to

replace the reference in Sec. 49.17(a) to ``Regulation'' with a

reference to ``Sec. 49.17'' to match the format of the reference in

Sec. 49.17(b). The Commission does not intend to effect any

substantive changes with these proposed amendments.

The Commission is proposing to change the references to ``swap

transaction data'' and ``swaps transaction data'' in Sec. 49.17(c)(2)

and 49.17(c)(3) to ``swap data'' as defined in Sec. 49.2(a)(15). The

Commission is also proposing to change the references to ``data'' in

Sec. 49.17(d)(5), (d)(6), (e), and (e)(1) to ``swap data'' in order to

clarify the Commission's intent to refer to ``swap data'' within the

meaning of Sec. 49.2(a)(15). For the same reason, the Commission is

also proposing to add ``swap data and'' before ``information'' in Sec.

49.17(e)(2) to conform it to Sec. 49.17(e)(1), as proposed to be

amended.\56\ The Commission also

[[Page 8379]]

proposes to add the term ``and information'' after the term ``swap

data'' in the second sentence of Sec. 49.17(e) so that such sentence

is consistent with the first sentence of Sec. 49.17(e), which permits

access by third parties to both swap data and information maintained by

a registered SDR, subject to certain conditions.

---------------------------------------------------------------------------

\56\ Although Sec. 49.17(e) uses the terms ``data'' and ``swap

data'' interchangeably, the Commission intended those paragraphs to

reference the definition of ``swap data'' and, consequently,

believes that these do not represent a change to the Commission's

original intent in promulgating Sec. 49.17(e). However, the term

``swap data'' is narrower than the terms ``data'' and

``information.'' Consequently, changing ``data'' to ``swap data''

arguably would narrow the scope of the confidentiality procedures

and confidentiality arrangement required by Sec. 49.17(e)(1) and

(2).

---------------------------------------------------------------------------

In Sec. 49.17(f)(2), the Commission is proposing to change both

references to ``[d]ata and information'' to ``[S]wap data and

information'' in order to clarify, in each case, that the intended

reference is to ``swap data'' as defined in Sec. 49.2(a)(15).

In addition to those changes related to references to swap data,

the Commission is also proposing to amend Sec. 49.17(b)(1)(vii) to

change ``[a]ny other person the Commission deems appropriate[ ]'' to

``[a]ny other person the Commission determines to be appropriate

pursuant to the process set forth in Sec. 49.17(h)'' to match the

language in CEA section 21(c)(7).

Commission regulation 49.17(f)(1) currently states, ``Access of

swap data maintained by the registered swap data repository to market

participants is generally prohibited.'' The Commission is proposing to

amend Sec. 49.17(f)(1) to state, ``Access by market participants to

swap data maintained by the registered swap data repository is

prohibited other than as set forth in Sec. 49.17(f)(2)'' in order to

clarify its meaning. The Commission does not intend this to be a

substantive change to Sec. 49.17(f)(1).

Finally, the Commission is proposing several minor clarifying

changes to Sec. 49.18(b).\57\ These changes include replacing ``the

swap data'' with ``swap data''; replacing the ``with any Appropriate

Domestic Regulator or Appropriate Foreign Regulator'' reference with

``to any Appropriate Domestic Regulator or Appropriate Foreign

Regulator''; and adding ``each'' before ``as defined in Sec.

49.17(b)'' to reflect that both ``Appropriate Domestic Regulator'' and

``Appropriate Foreign Regulator'' are defined terms in Sec. 49.17(b).

---------------------------------------------------------------------------

\57\ These proposed changes appear in proposed Sec. 49.18(a).

---------------------------------------------------------------------------

III. Request for Comment

In addition to the specific questions set forth in various sections

above, the Commission requests comment on all aspects of the proposal,

and particularly invites comment on the questions set forth below.

(1) What, if any, impediments exist to accurately and cost-

effectively determining whether swap data access requests are within

the scope of an ADR's/AFR's jurisdiction?

(2) Are there any particular elements the Commission has proposed

to include in the confidentiality arrangement that are unnecessary? Has

the Commission omitted particular element(s) that should be included in

a confidentiality arrangement?

(3) Do SDRs maintain swap data in a manner that permits accurate

reproduction at a later date of the results of an ADR's/AFR's request

for swap data? If so, is it necessary for the Commission to require

that SDRs maintain records of the results of such requests, as opposed

to merely maintaining the details of the request?

IV. Related Matters

A. Regulatory Flexibility Act

The Regulatory Flexibility Act (``RFA'') requires federal agencies,

in promulgating rules, to consider the impact of those rules on small

entities.\58\ The rules proposed herein will have a direct effect on

the operations of SDRs and certain domestic and foreign regulators

seeking access to swap data reported to, and maintained, by SDRs.

---------------------------------------------------------------------------

\58\ See 5 U.S.C. 601 et seq.

---------------------------------------------------------------------------

The Commission has previously established certain definitions of

``small entities'' to be used by the Commission in evaluating the

impact of its rules on small entities in accordance with the RFA.\59\

The Commission has previously determined that SDRs are not small

entities for purpose of the RFA.\60\ For purposes of the Regulatory

Flexibility Act, the definition of ``small entity'' also encompasses

``small governmental jurisdictions,'' which in relevant part means

governments of locales with a population of less than fifty

thousand.\61\ Although the Commission anticipates that this proposal

may be expected to have an economic impact on various governmental

entities that access data pursuant to Dodd-Frank's data access

provisions, the Commission does not anticipate that any of those

governmental entities would be small governmental jurisdictions.

Therefore, the Commission does not believe that this proposal will have

a significant economic impact on a substantial number of small

entities. Therefore, the Chairman, on behalf of the Commission,

pursuant to 5 U.S.C. 605(b), hereby certifies that the proposed rules

will not have a significant economic impact on a substantial number of

small entities.

---------------------------------------------------------------------------

\59\ See Policy Statement and Establishment of ``Small

Entities'' for purposes of the Regulatory Flexibility Act, 47 FR

18618 (Apr. 30, 1982) at 18618-21.

\60\ See Part 49 Adopting Release at 54575 and Notice of

Proposed Rulemaking: Swap Data Repositories, 75 FR 80898 (Dec. 23,

2010) at 80926.

\61\ 5 U.S.C. 601(5), (6).

---------------------------------------------------------------------------

B. Paperwork Reduction Act

The proposed amendments to part 49 would result in new ``collection

of information'' requirements within the meaning of the Paperwork

Reduction Act of 1995 (``PRA'').\62\ An agency may not conduct or

sponsor, and a person is not required to respond to, a collection of

information unless it displays a currently valid Office of Management

and Budget (``OMB'') control number. The OMB control number for the

information collection associated with part 49 swap reporting is 3038-

0086.\63\ The Commission is seeking to revise Information Collection

3038-0086 because the rule amendments proposed herein will impose

information collection requirements that require approval from OMB

under the PRA. The Commission is therefore submitting this proposal to

OMB for review in accordance with 44 U.S.C. 3507(d) and 5 CFR 1320.11.

---------------------------------------------------------------------------

\62\ 44 U.S.C. 3501 et seq.

\63\ See OMB Control Number 3038-0086 (``Information Collection

3038-0086''). The most recent revision to OMB Control Number 3038-

0086 was approved November 30, 2015 and is available at: http://www.reginfo.gov/public/do/PRAOMBHistory?ombControlNumber=3038-0086.

---------------------------------------------------------------------------

1. Summary of the Proposed Requirements

The proposed modifications to part 49 would require SDRs to make

swap data available to requesting entities if certain conditions are

satisfied. These conditions include the requesting entity executing a

confidentiality arrangement and, in some cases, receiving a

determination order from the Commission that it is an appropriate

entity to receive SDR swap data. The proposed modifications would also

require SDRs to report failures to fulfill the terms of confidentiality

arrangements to the Commission.

2. Collection of Information

Currently, OMB Control Number 3038-0086 sets out burden estimates

relating to a broad range of SDR obligations associated with

registration requirements, reporting requirements, recordkeeping

requirements, and disclosure requirements. Where the information

collection associated with those obligations would be modified by this

proposed rule, the Commission is proposing to revise Information

[[Page 8380]]

Collection 3038-0086 accordingly. To the extent the proposed

modifications to part 49 introduce new information collections that

were not previously incorporated into Information Collection 3038-0086,

the Commission is proposing to revise Information Collection 3038-0086

to account for the new information collections. Finally, many of the

information collections discussed in Information Collection 3038-0086

are not implicated or modified by the Commission's proposed revisions

to part 49 in this release. The Commission, therefore, is not proposing

to revise the estimated burdens associated with such information

collections. New or revised information collections contained in these

proposed revisions to part 49 will affect SDRs as well as entities that

request access to SDR swap data pursuant to these provisions.

As discussed above, the proposed modifications to part 49 set out

in this release are intended to provide a process by which other

authorities may obtain access to SDR swap data. The information

collections associated with this process are intended to ensure that

SDR swap data is only accessed by appropriate entities and that the

confidentiality of any accessed SDR swap data is adequately protected.

The ultimate result of this process is intended to provide other

authorities with information to assist with the oversight of the global

swaps market and market participants.

ADR/AFRs. As discussed throughout this release, certain conditions

must be satisfied before a requesting entity is permitted to access SDR

swap data. These conditions may implicate various PRA collections and

burdens as discussed below.

Pursuant to Sec. 49.18(a), every requesting entity seeking access

to SDR swap data must execute a confidentiality arrangement with the

Commission prior to receiving access. This requirement applies to both

those entities that are specifically enumerated as appropriate in Sec.

49.17(b)(1) and those entities that require a determination from the

Commission that they are appropriate entities to receive access to SDR

swap data, regardless of whether the requesting entity is a domestic or

foreign entity.

In addition to executing a confidentiality arrangement, requesting

entities that are not Enumerated ADRs will be required to seek a

Determination Order from the Commission to have access to SDR swap

data. Such Determination Orders will describe SDR swap data that is

appropriate for the entity to access, based on the requesting entity's

scope of jurisdiction. For Enumerated ADRs, the Commission is proposing

to require that the confidentiality arrangement describe the requesting

entity's scope of jurisdiction. The Commission believes the use of the

form of confidentiality arrangement set out in Appendix B to part 49

will provide an efficient means to satisfy the requirements of Sec.

49.18(a).

The Commission, for PRA purposes, believes that it is reasonable to

assume that 300 total entities will seek access to SDR swap data. This

estimate is based on the Commission's experience in receiving data

requests from other regulators and its experience in coordinating and

cooperating with other regulators.\64\ For PRA purposes, the Commission

assumes there are four SDRs, which is the number of SDRs that are

provisionally registered with the Commission. As the confidentiality

arrangement will be between the ADR or AFR and the Commission and

delivered to the SDR, AFRs and ADRs need not execute a separate

confidentiality arrangement for each SDR. Accordingly, the Commission

estimates, for PRA purposes, that the total number of confidentiality

arrangements that will be executed under the proposed rules is 300.

Given that the Commission will have published a form of confidentiality

arrangement as an appendix to part 49, the Commission estimates that

the review and execution of each confidentiality arrangement by an ADR

or AFR will take approximately 40 hours, for a total burden of 12,000

hours. The burden estimates associated with entering into such

confidentiality arrangements are addressed in the proposed revised OMB

Control Number 3038-0086.

---------------------------------------------------------------------------

\64\ The Commission estimates that up to approximately 30

authorities in the United States may seek to access swap data from

SDRs. In the context of potential AFRs, the Commission believes that

most requests will come from authorities in G20 countries, each of

which will have no more and likely fewer than 30 authorities that

may request swap data from SDRs. In addition, certain authorities

from outside the G20 also may request swap data from SDRs.

Accounting for all of these entities, the Commission estimates that

there likely will be a total of no more than 300 relevant domestic

and foreign authorities that may request swap data from SDRs.

---------------------------------------------------------------------------

An entity that seeks access to SDR swap data must be considered

appropriate by the Commission prior to that entity receiving access to

SDR swap data. For Enumerated ADRs, there is no burden associated with

seeking to be deemed appropriate by the Commission as they are already

enumerated as such. Those entities that are not Enumerated ADRs will be

required to receive a Determination Order prior to receiving access to

SDR swap data. The process for obtaining such a Determination Order is

set out in general terms in proposed Sec. 49.17(h) and requires the

requesting entity to prepare and submit an application to the

Commission. The preparation and submittal of this application

constitutes an information collection under the PRA.

As discussed above, the Commission believes that for PRA purposes

it is reasonable to assume that 300 domestic and foreign entities will

seek access to SDR swap data. Very few of these entities are

specifically enumerated in Sec. 49.17(b)(1). The Commission estimates,

for PRA purposes, that each such requesting entity would expend 100

hours in connection with filing an application to receive an

appropriateness determination, for a total initial burden of no more

than 30,000 hours, calculated as the product of 300 domestic and

foreign entities seeking access to SDR swap data and 100 hours per

application). This estimate considers the relevant information that

would be required to be provided in such an application, including

information regarding the entity's scope of jurisdiction, mutual

assistance provided to the Commission, and the existence of cooperation

related to an MOU or similar information sharing arrangement with the

Commission, as well as any other information relevant for the

Commission's determination. This burden estimate is included in the

Commission's proposed revisions to Information Collection 3038-0086.

Swap Data Repositories. As discussed throughout this release, SDRs

are required to facilitate access to SDR swap data by requesting

entities, provided certain conditions are met. This requirement may

implicate PRA collections and burdens, some of which are already

addressed in the existing OMB Control Number 3038-0086, and some of

which constitute new collections, as discussed below. Currently, the

burden on SDRs of making data available to ADRs and AFRs is accounted

for in OMB Control Number 3038-0086, as this is an existing obligation

under existing Sec. 49.17(d). However, the proposed rules set out in

this release clarify and modify the requirements imposed on SDRs in

providing access to SDR swap data to ADRs and AFRs. Consequently the

Commission is revising Information Collection 3038-0086 to account for

these modifications.

The Commission expects to limit a requesting entity's access to SDR

swap data based on the entity's scope of jurisdiction. In connection

with this

[[Page 8381]]

limitation, the Commission expects SDRs to incur burdens and costs

associated with setting up access to SDR swap data that is consistent

with an ADR or AFR's scope of jurisdiction. The Commission expects that

each confidentiality arrangement will identify, either directly or

through the attached Determination Order, the scope of access that is

appropriate for a given requesting entity. The Commission expects SDRs

to use these limitations to program their systems to reflect the scope

of the ADR or AFR's access to SDR swap data. These limits set out in

the confidentiality arrangement are expected to reduce the burdens on

SDRs of assessing whether a request satisfies the relevant conditions,

particularly with regard to whether SDR swap data relates to persons or

activities within the requesting entity's scope of jurisdiction. The

Commission estimates that the burden on an SDR associated with setting

up access restrictions to match a requesting entity's scope of

jurisdiction will include 20 hours of programmer analyst time, five

hours of senior programming time, and one hour of attorney time, for a

total of 26 hours. Consequently, for PRA purposes, the Commission

estimates that each SDR would incur a total burden of 7,800 hours

(i.e., the product of 300 entities and 26 hours of time) associated

with setting up access for each ADR or AFR. The burdens associated with

these permissioning requirements are addressed in proposed revised OMB

Control Number 3038-0086.

SDRs will also be required to provide electronic notice to the

Commission of the first request for data from a particular requesting

entity and promptly after receiving any request that does not comport

with the scope of the ADR's or AFR's jurisdiction. In addition to

notifying the Commission of the foregoing, the Commission is proposing,

in Sec. Sec. 49.17(d)(4)(i) and (iii), to require SDRs to maintain

records of all information related to the initial and all subsequent

requests for data from the requesting entity. These records shall

include, at a minimum, the identity of the requestor or person

accessing the data; the date, time and substance of the request or

access; and copies of all data reports or other aggregation of data

provided in connection with the request or access. The SDR shall

maintain this information for a period of no less than five years after

the date of such request and shall provide this information to the

Commission upon request.

Currently, OMB Control Number 3038-0086 estimates burdens

associated with various registration, reporting, recordkeeping, and

disclosure requirements to which SDRs are subject. The proposed

recordkeeping requirements relating to requesting entities' data

requests constitute an information collection for PRA purposes and

require the Commission to revise the recordkeeping burden estimates

contained in OMB Control Number 3038-0086. The reporting and

recordkeeping requirements proposed in this release may potentially

impact each SDR.

SDRs already have the ability to communicate electronically with

the Commission and are subject to significant recordkeeping

requirements pursuant to Sec. 49.12. Therefore, the proposed

requirements should not result in SDRs having to incur initial costs to

implement systems to properly notify the Commission when a requesting

entity submits a data request for the first time that are in excess of

what is already accounted for in OMB Control Number 3038-0086. The

Commission estimates that initially each SDR may incur a burden of 360

hours associated with these proposed recordkeeping requirements, for a

total of 1,440 hours (i.e., the product of four SDRs and 360 hours).

Additionally, the Commission estimates that each SDR would incur an

annual burden of 280 hours associated with the recordkeeping

requirements, for a total of 1,120 hours annually (i.e., the product of

four SDRs and 280 hours). The burdens associated with these

notification requirements are addressed in proposed revised Information

Collection 3038-0086.

Finally, current Information Collection 3038-0086 accounts for the

costs to SDRs of executing a ``Confidentiality and Indemnification

Agreement'' with each requesting ADR and AFR. Under the Commission's

proposal, the SDR is no longer required to execute such an agreement

with the ADRs or AFRs. The proposed confidentiality arrangement shall

be between the requesting ADR or AFR and the Commission. Accordingly,

the total burden to SDRs, as currently reflected in Information

Collection 3038-0086, is reduced by the cost to execute such

agreements. The reduction in burden associated with this change in the

confidentiality agreement is addressed in proposed revised Information

Collection 3038-0086.

3. Request for Comments on Collection

The Commission invites the public and other Federal agencies to

comment on any aspect of the reporting burdens discussed above.

Pursuant to 44 U.S.C. 3506(c)(2)(B), the Commission solicits comments

in order to: (1) Evaluate whether the proposed collection of

information is necessary for the proper performance of the functions of

the Commission, including whether the information will have practical

utility; (2) evaluate the accuracy of the Commission's estimate of the

burden of the proposed collection of information; (3) determine whether

there are ways to enhance the quality, utility, and clarity of the

information to be collected; and (4) minimize the burden of the

collection of information on those who are to respond, including

through the use of automated collection techniques or other forms of

information technology.

Comments may be submitted directly to the Office of Information and

Regulatory Affairs, by fax at (202) 395-6566 or by email at

[email protected] Please provide the Commission with a copy

of submitted comments so that all comments can be summarized and

addressed in the final rule preamble. Refer to the ADDRESSES section of

this notice of proposed rulemaking for comment submission instructions

to the Commission. A copy of the supporting statements for the

collections of information discussed above may be obtained by visiting

www.RegInfo.gov. OMB is required to make a decision concerning the

collection of information between 30 and 60 days after publication of

this document in the Federal Register. Therefore, a comment is best

assured of having its full effect if OMB receives it within 30 days of

publication.

C. Cost-Benefit Considerations

1. Introduction

As discussed in Section I, entitled ``Background and

Introduction,'' above, Congress passed the FAST Act to facilitate

broader access to swap data by the regulatory community. Section

86001(b) of the FAST Act amends CEA section 21 by, among other things,

eliminating the requirement that, as a condition of receiving

information from SDRs, each ADR or AFR agree to indemnify the SDR and

the Commission for any expenses arising from litigation relating to the

information provided under CEA Section 8. The Commission is issuing

this proposed rulemaking to enable ADRs and AFRs to access swap data,

subject to certain safeguards designed to protect swap data from

misappropriation or misuse, and to advise the public of the practical

implications of the changes to the CEA made by the FAST Act. The

Commission preliminarily believes that the proposed safeguards are

warranted based on the incorporation by reference

[[Page 8382]]

in CEA sections 21(c)(7) and 21(d) of the strong protections of CEA

section 8.

CEA section 15(a) requires the Commission to consider the costs and

benefits of its actions before promulgating a regulation under the CEA

or issuing certain orders. CEA section 15(a) further specifies that the

costs and benefits shall be evaluated in light of the following five

broad areas of market and public concern: (1) Protection of market

participants and the public; (2) efficiency, competitiveness, and

financial integrity of futures markets; (3) price discovery; (4) sound

risk management practices; and (5) other public interest

considerations. The Commission considers the costs and benefits

resulting from its discretionary determinations with respect to the CEA

section 15(a) factors.

As an initial matter, the Commission recognizes that there are

benefits, discussed more fully below, for domestic and foreign

regulators to have access to SDR swap data. Yet, there are inherent

compromises between data access and data security. More directly,

greater access leads to data being less secure from misappropriation or

misuse. The Commission recognizes that there are costs associated with

this proposed rulemaking. The Commission, however, lacks the requisite

data and information to precisely estimate costs, in part, because the

proposed rulemaking grants SDRs, ADRs, and AFRs discretion to implement

the proposed regulations through alternative measures. Furthermore, the

Commission does not know which approach SDRs, ADRs, and AFRs will take.

As a consequence, where it is not feasible to quantify (e.g., because

of the lack of accurate data or appropriate metrics), the Commission

has considered the costs and benefits of this proposed rulemaking in

qualitative terms. The Commission, nevertheless, requests that

commenters provide any data or other information that would be useful

in the estimation of the quantifiable costs and benefits of this

proposed rulemaking.

2. Baseline and Proposed Rule Summary

a. Definition of Foreign Regulator--Proposed Amendment to Sec.

49.2(a)(5)

The status quo baseline definition for the term ``foreign

regulator'' as defined in current Sec. 49.2(a)(5) is a ``foreign

futures authority as defined in CEA Section 1a(26), foreign financial

supervisors, foreign central banks and foreign ministries.'' \65\ The

Commission is proposing to amend the term ``foreign regulator'' to add

entities. Specifically, the Commission is adding the phrase ``other

foreign authorities'' to the definition. This approach is consistent

with the FAST Act's amendment to CEA section 21(c)(7)(E).

---------------------------------------------------------------------------

\65\ 17 CFR 49.2(a)(5).

---------------------------------------------------------------------------

b. Definition of Appropriate Foreign Regulator--Proposed Amendment to

Sec. 49.17(b)(2)

The status quo baseline definition for the term ``Appropriate

Foreign Regulator'' (defined in current Sec. 49.17(b)(2)) is ``those

Foreign Regulators with an existing memorandum of understanding or

other similar type of information sharing arrangement executed with the

Commission and/or Foreign Regulators without an MOU as determined on a

case-by-case basis by the Commission.'' \66\

---------------------------------------------------------------------------

\66\ 17 CFR 49.17(b)(2).

---------------------------------------------------------------------------

The Commission is proposing to amend current Sec. 49.17(b)(2) to

require all ``foreign regulators'' to file an application with the

Commission to become ``Appropriate Foreign Regulators.'' The existence

of a current MOU or other information sharing arrangement with the

Commission will not be dispositive to a determination of

appropriateness. The proposed amendment would require the Commission to

issue an order finding each foreign regulator ``appropriate.'' In this

manner, the Commission will ensure that each ``Appropriate Foreign

Regulator'' is acting within its scope of jurisdiction as mandated

under CEA section 21(c)(7) through incorporation by reference of CEA

section 8(e). The Commission believes that this proposal will provide

greater control over the process by which foreign regulators obtain

access to SDR swap data; specifically, it will help to ensure that only

those foreign regulators who have a regulatory interest in SDR swap

data can access such swap data. The limitation on swap data access

proposed in this recommendation is expected to help reduce the risk of

unauthorized disclosure, misappropriation or the misuse of swap data.

c. Duties of Registered SDRs--Proposed Amendments to Sec. 49.9(a)(9)

The Commission has proposed conforming language changes to current

Sec. 49.9(a)(9).\67\ There are no substantive changes with respect to

costs and benefits.

---------------------------------------------------------------------------

\67\ 17 CFR 49.9(a)(9).

---------------------------------------------------------------------------

d. Purpose of Access to SDR Data--Proposed Amendment to Sec. 49.17(a)

The Commission has proposed conforming language changes to current

Sec. 49.17(a).\68\ There are no substantive changes with respect to

costs and benefits.

---------------------------------------------------------------------------

\68\ 17 CFR 49.17(a).

---------------------------------------------------------------------------

e. Appropriate Domestic Regulator--Proposed Amendment to Sec.

49.17(b)(vii)

The Commission has proposed conforming language changes to current

Sec. 49.17(b)(vii) to cross-reference the process under Sec.

49.17(h).\69\ There are no substantive changes with respect to costs

and benefits in proposed Sec. 49.17(b)(vii). If there are any costs or

benefits associated with the changes in Sec. 49.17(b)(vii), they will

be discussed in regards to the process defined under proposed Sec.

49.17(h), which is the appropriateness-determination process.

---------------------------------------------------------------------------

\69\ 17 CFR 49.17(b)(vii).

---------------------------------------------------------------------------

f. Domestic Regulator With Regulatory Responsibility--Proposed

Amendment to Sec. 49.17(d)(2)

By way of this proposed rulemaking, the Commission has explained

that if a domestic regulator receives swap data pursuant to its

regulatory regime, that access is not subject to CEA sections 21(c)(7)

or 21(d), or Commission regulations Sec. 49.17(d) or Sec. 49.18.

g. Foreign Regulator With Regulatory Responsibility--Proposed Amendment

to Sec. 49.17(d)(3)

Foreign Regulators require data in order to fulfill their

regulatory responsibilities. In proposed Sec. 49.17(d)(3) the

Commission has explained that, if a foreign regulator receives swap

data pursuant to its regulatory regime, that access is not subject to

CEA sections 21(c)(7) or 21(d), or Sec. Sec. 49.17(d) or 49.18.

h. SDR Notification Requirement--Proposed Amendment to Sec.

49.17(d)(4)(i) to (iv)

Current Sec. 49.17(d)(4)(i) requires an SDR to promptly notify the

Commission regarding any request for swap data received by Appropriate

Domestic or Foreign Regulators.\70\ SDRs under this current regulation

are required to notify the Commission for each and every request of an

Appropriate Domestic or Foreign Regulator (including ongoing swap data

requests).

---------------------------------------------------------------------------

\70\ 17 CFR 49.17(d)(4)(i).

---------------------------------------------------------------------------

The Commission proposes to amend current Sec. 49.17(d)(4)(i)-(ii)

to provide that SDRs notify the Commission at the time that such SDR

receives the initial request for swap data from a particular

[[Page 8383]]

ADR or AFR and promptly after receiving any request that does not

comport with the scope of the ADR's or AFR's jurisdiction. Consistent

with current recordkeeping requirements set forth in Sec. 49.12, SDRs

are required to maintain books and records of all information related

to the initial and any subsequent requests for swap data from an

Appropriate Domestic or Foreign Regulator. The Commission also proposed

electronic notification similar to the current rule requirement. In

addition, the Commission placed a few obligations on SDRs under

proposed Sec. 49.17(d)(4)(iii) and (iv) regarding data access to ADRs

and AFRs, and determining an ADR's or AFR's jurisdiction.

In addition, proposed Sec. 49.17(d)(4)(iii) requires SDRs to

limit, suspend, or revoke an ADR's or AFR's swap data access if the

ADR's or AFR's scope of jurisdiction changes and the Commission directs

the ADR or AFR to limit, suspend, or revoke an ADR's or AFR's swap data

access.

i. Timing; Limitation, Suspension or Revocation of Access--Proposed

Amendments to Sec. 49.17(d)(5)

The changes to the rule text in current Sec. 49.17(d)(5) make

clear that SDRs must notify the Commission of an ADR or AFR access

request and the receipt of a confidentiality arrangement, among other

things. In addition, proposed Sec. 49.17(d)(5) requires SDRs to limit,

suspend, or revoke an ADR's or AFR's swap data access if the Commission

limits, suspends or revokes the ADR's or AFR's appropriateness

determination or otherwise directs the ADR or AFR to limit, suspend, or

revoke an ADR's or AFR's swap data access.

j. Confidentiality Agreement--Proposed Amendments to Sec. Sec.

49.17(d)(6) and 49.18(a)-(f)

Current Sec. Sec. 49.17(d)(6) and 49.18, adopted as part of the

original part 49 rules, provide that SDRs execute a ``Confidentiality

and Indemnification Agreement'' with a CEA section 21(c)(7) entity,

prior to sharing swap transaction data and information.\71\ This

Agreement is required to state that the other regulator will abide by

the confidentiality provisions of CEA section 8 and agree to indemnify

both the SDR and the Commission against any litigation expenses

relating to information provided under CEA section 8. However, through

the passage of the FAST Act, Congress has eliminated the requirement

that certain domestic and foreign regulators execute the

``Confidentiality and Indemnification Agreement'' prior to obtaining

SDR swap data. More specifically, Congress amended CEA section 21(d) to

require only the execution of a written agreement by domestic and

foreign regulators prior to receipt of swap data from SDRs so that

these regulators will abide by the confidentiality requirements

described in CEA section 8.

---------------------------------------------------------------------------

\71\ See 17 CFR 49.17(d)(6) and 49.18.

---------------------------------------------------------------------------

The Commission proposes to amend current Sec. Sec. 49.17(d)(6) and

49.18 to (i) reflect the FAST Act amendments to CEA sections 21(c)(7)

and (d), and (ii) require SDRs to receive a confidentiality arrangement

from a 21(c)(7) entity, before sharing swap data, to satisfy the

requirements of CEA section 21(d). Unlike the current regulations, this

confidentiality arrangement will not be executed by the SDR with the

21(c)(7) entity, but instead would be executed by the Commission and

the 21(c)(7) entity. The Commission proposes to provide a form of

confidentiality arrangement attached as Appendix B to part 49. Use of

the form would not be mandatory but would provide an efficient and

expeditious means of fulfilling the confidentiality requirement of

21(d) and Sec. Sec. 49.17(d) and 49.18.

k. Third-Party Service Providers--Proposed Amendments to Sec. 49.17(e)

The Commission modified the text in current Sec. 49.17(e) for

clarity. There are no substantive cost or benefit implications.

l. Access by Market Participants Barred--Proposed Amendment to Sec.

49.17(f)

The Commission modified the text in current Sec. 49.17(f) for

clarity. There are no substantive cost or benefit implications.

m. Filing Requirements for Applicants To Be Determined Appropriate--

Proposed Amendments to Sec. 49.17(h)

In this proposed rulemaking, the Commission has added proposed

Sec. 49.17(h) to describe the application process for persons seeking

an appropriateness determination. In sub-paragraph (2), the Commission

explains that the applicant must provide sufficient detail to explain

its jurisdiction and its confidentiality safeguards. Proposed Sec.

49.17(h)(3) also outlines the standards by which the Commission will

issue an appropriateness determination. Finally, the Commission

explains in proposed Sec. 49.17(h)(4) that it reserves the right to

``revisit, reassess, limit, suspend or revoke'' an appropriateness

determination.

n. Delegation of Authority--Addition of Proposed Sec. Sec. 49.17(i)

and 49.18(e)

Current Sec. Sec. 49.17 and 49.18 do not have delegation of

authority provisions. The Commission proposes to amend Sec. Sec. 49.17

and 49.18 to add a delegation of authority to the Director of the

Division of Market Oversight (``DMO'') and the Director's designee(s)

of functions reserved to the Commission in Sec. Sec. 49.17 and 49.18.

The delegation of Commission authority would make the process more

effective and efficient.

o. SDR Chief Compliance Officer Duties--Proposed Amendment to Sec.

49.22(d)(4)

The change to current Sec. 49.22(d)(4) is the removal of the word

``indemnification'' from the rule text. This is a conforming change to

make the rule consistent with the FAST Act amendments.

3. Benefits

At a high level regarding benefits, the rulemaking is expected to

assist regulators in performing their supervisory and regulatory

functions by providing them access to swap data, which would help

regulators better understand the risks their regulated entities are

assuming and the impact of such risks on the broader markets. These

supervisory and regulatory functions may include: Monitoring and

mitigation of systemic risk; ensuring financial stability; registration

and oversight of financial market infrastructures; registration and

oversight of trading venues; registration and oversight of market

participants; central bank activities; prudential supervision;

restructuring or resolution of infrastructures and firms; and

regulation of cash markets, in some of which swap counterparties are

active.

A more granular benefit to regulators flows from the Commission's

proposal to resolve a conflict or potential conflict between the

Commission's Interpretative Statement and current Sec. 49.18(c). In

the Interpretative Statement, the Commission took the view that other

regulators who access swap data based on their own authority over SDRs

are not subject to the swap data access-related provisions of the CEA.

On the other hand, current Sec. 49.18(c) provides that such regulators

are required to comply with CEA section 8 and any other relevant

statutory confidentiality provisions. The Commission proposes to delete

the statement in current Sec. 49.18(c) providing that other regulators

are required to comply with CEA section 8 and any other relevant

statutory

[[Page 8384]]

confidentiality provisions even when they access swap data based on

their own authority over SDRs.\72\ Other regulators will benefit both

from the clarity this action provides and by the greater ease of access

to swap data within their jurisdiction.

---------------------------------------------------------------------------

\72\ 17 CFR 49.18(c).

---------------------------------------------------------------------------

4. Costs

The Commission recognizes that there are different types of costs

associated with this proposed rulemaking. One cost is the potential

harm to market participants and the public if swap data is misused--for

example, inappropriately disclosed by ADRs and AFRs. Or, another

harmful scenario might involve misappropriated data where hackers

pilfer swap data from ADRs and AFRs to learn the positions of market

participants so that the hackers, or other interested parties who may

even pay for such information, scam the market. Such bad actors might

be able to anticipate such market participants' trades and trade in

front of them, raising swap trading costs to market participants,

thereby reducing their profits.\73\ If the aforementioned scenario

occurred frequently enough this might induce swap dealers to widen

their spreads, making hedging more expensive. In turn, this might lead

to sub-optimal business and investment strategies, as parties would be

less willing to participate in swap markets, because it would be more

costly. Further, the scenario posed could cause market participants to

be concerned that their business strategies might be tipped to their

competitors, because with stolen data, somebody might be able to infer

their strategies from knowing their swap positions and how these

positions change in response to relevant economic events.\74\ Such

concerns could lead some market participants to withdraw to some extent

from swap markets, reducing liquidity and potentially inducing them to

use less effective hedging instruments or trading strategies in other

markets.

---------------------------------------------------------------------------

\73\ See, e.g., Registered Entity Cyber proposed rulemaking at

80141 (observing that ``there has . . . been a rise in attacks by .

. . hacktivists . . . aimed at . . . [, among other things,] theft

of data or intellectual property . . . .''); Id. at 80189

(Concurring Statement of Commissioner Bowen) (stating that ``our

firms are facing an unrelenting onslaught of attacks from hackers

with a number of motives ranging from petty fraud to international

cyberwarfare.'').

\74\ While the same risks of misuse and misappropriation exist

with respect to swap data maintained at SDRs, SDRs are regulated,

and subject to sanctions, by the Commission, whereas ADRs and AFRs

are not.

---------------------------------------------------------------------------

At a high level regarding costs to ADRs and AFRs, the less access

to swap data granted to ADRs and AFRs, the less such swap data would

help in performing ADRs' and AFRs' supervisory and other regulatory

functions. Similarly, the more impediments to swap data access, the

longer it would take ADRs and AFRs to use, or the less use ADRs and

AFRs could make of, such swap data.

At a more granular level, the Commission is proposing several new

obligations applicable to foreign regulators and certain domestic

regulators that will trigger costs for such regulators. The obligation

for foreign regulators and unenumerated domestic regulators to apply

for a Determination Order conferring AFR or ADR status so that such

foreign regulators and unenumerated domestic regulators can receive

access to SDR swap data will, at a minimum, require such applicants to

dedicate personnel to drafting the application. Some applicants for ADR

and AFR status may choose to retain outside counsel or another third

party to draft the application, thereby incurring related costs. There

also may be an additional cost associated with the complexity of the

application because applicants for ADR and AFR status will have to

explain their jurisdiction and link it to the sought swap data so that

the Commission can provide swap data access parameters to SDRs in the

Determination Orders.\75\ While applicants will need to expend

resources developing their ``appropriateness'' applications, the

Commission expects that the requirements and guidance it has provided

in the proposed rulemaking should reduce such expenditures to a certain

extent. Nonetheless, such expenditures will depend on the particulars

of a given applicant. Because the Commission lacks sufficient knowledge

of the specific characteristics of the applicants, among other things,

the Commission is unable to quantify these expenditures at this time.

---------------------------------------------------------------------------

\75\ Enumerated domestic regulators also will have to

demonstrate to the Commission the scope of their jurisdiction so

that SDRs will know the contours of the swap data access they can

provide to enumerated domestic regulators.

---------------------------------------------------------------------------

The proposed requirement in Sec. 49.18(a) that SDRs receive an

executed confidentiality arrangement from an ADR or AFR before the SDR

can provide the ADR or AFR swap data is based on a corresponding

requirement set forth in CEA section 21(d) and will generate costs to

ADRs and AFRs. CEA section 21(d) does not specify any details of the

required written agreement other than that it must state that the ADR

or AFR shall abide by CEA section 8's confidentiality requirements. The

Commission, however, is proposing, in Appendix B to this part 49, to

specify required elements as well as a form of confidentiality

arrangement providing for ADRs and AFRs to implement a number of

safeguards that would impose burdens on ADRs and AFRs. The

confidentiality arrangement would include safeguards that:

To the maximum extent practicable, maintain Confidential

Information separately from other data and information;

Protect Confidential Information from misappropriation and

misuse;

Ensure that only ADR or AFR personnel with a need to

access particular Confidential Information to perform their job

functions related to such Confidential Information have access thereto

and that such access is permitted only to the minimum extent necessary

to perform such job functions;

Prevent disclosure of aggregated Confidential Information

unless anonymized to prevent identification, through disaggregation or

otherwise, of a market participant's business transactions, trade data,

market positions, customers or counterparties;

Prohibit the use of Confidential Information by ADR or AFR

personnel for any improper purpose, including in connection with

trading for their personal benefit or for the benefit of others or with

respect to any commercial or business purpose;

Monitor compliance with the confidentiality safeguards and

ensure prompt notification of the CFTC and each relevant SDR of any

violation of the safeguards or failure to fulfill the terms of the

confidentiality arrangement;

Prohibit the onward sharing or disclosing of Confidential

Information unless exempted in paragraphs 6(d) or 8 of the

confidentiality arrangement;

Notify the CFTC in writing prior to complying with any

legally enforceable demand for Confidential Information and assert all

available appropriate legal exemptions or privileges with respect to

such Confidential Information, and use its best efforts to protect the

confidentiality of the Confidential Information; and

Promptly destroy all Confidential Information for which an

ADR or AFR no longer has a need or for which the information no longer

falls within the scope of its jurisdiction, and certify to the CFTC,

upon request, that the ADR or AFR has destroyed such Confidential

Information.

The Commission preliminarily believes that the monetary costs of

these burdens would be minor, and the other costs of complying with

these burdens, such as the costs to develop policies,

[[Page 8385]]

procedures and safeguards, are within the scope of ADRs' and AFRs'

expertise.\76\ Given that ADRs and AFRs can elect not to seek access to

swap data from SDRs and that ADRs and AFRs who do seek such access have

some control over the manner in which they seek to access such swap

data, ADRs and AFRs themselves can influence to some degree the costs

they impose on themselves by seeking access to swap data from SDRs.

---------------------------------------------------------------------------

\76\ The Commission believes that potential ADRs and AFRs would

likely have established safeguards to protect sensitive data other

than swap data and that such safeguards could be adapted to address

the requirements of the proposed form of confidentiality arrangement

without great cost.

---------------------------------------------------------------------------

The proposed rulemaking would prohibit ADRs and AFRs from onward

sharing Confidential Information with other parties. This could impose

some costs in that ADRs and AFRs would not be able to freely share swap

data among themselves. This could reduce the utility of the swap data

to ADRs and AFRs, possibly reducing the effectiveness thereof. In

addition, the fact that the Commission is proposing not to specify a

particular means of ADRs and AFRs accessing swap data could result in

SDRs providing a means of access other than a means preferred by ADRs

and AFRs. This might impose additional costs to ADRs and AFRs relative

to the potentially lesser costs of their preferred means of access.

Because of these uncertainties, the Commission is unable to quantify

these costs but is able to identify such costs generally.

For SDRs, providing swap data access to so many potential ADRs and

AFRs may be expensive. For example, SDRs may be forced to purchase new

servers, hire new system administrators to oversee the new swap data/

system usage and troubleshoot related problems that may arise. New

recordkeeping requirements would require more system resources. The

proposed requirement to limit the swap data provided to ADRs and AFRs

to only swap data that is within the scope of ADRs' and AFRs'

jurisdiction may cause SDRs to elect to create new methods for parsing

swap data to comply with the proposed requirement to so limit swap

data. The proposed reporting obligations also will increase SDRs'

costs, although to the extent that such reporting obligations are not

triggered, such cost increases would be tempered accordingly.

Nevertheless, SDRs presumably would need to incur some costs to develop

policies and procedures, and build out systems, to monitor potential

events that would trigger the proposed new reporting requirements.

Other SDR costs will include those related to SDRs verifying that

each access request by an ADR or AFR is within the scope of the ADR's

or AFR's jurisdiction. This will require SDRs to expend resources to

ensure that they do not improperly disclose to an ADR or AFR swap data

that such ADR or AFR is not entitled to see, in violation of CEA

section 21(c)(7)'s requirement that SDRs disclose swap data to ADRs and

AFRs ``on a confidential basis pursuant to [CEA] section 8 . . . .''

\77\ By stating that SDRs shall not provide ADRs or AFRs with swap data

access unless such swap data is within the scope of a requesting ADR's

or AFR's jurisdiction as described and appended to the confidentiality

arrangement required by proposed Sec. 49.18(a), proposed Sec.

49.17(d)(4)(iii) would narrow the scope of the sources SDRs must

consult to determine the ADR's or AFR's scope of jurisdiction. The

Commission anticipates that narrowing the scope of the sources that

SDRs must review to determine an ADR's or AFR's scope of jurisdiction

would limit the resources SDRs must expend to verify the scope of an

ADR's or AFR's jurisdiction. The Commission also anticipates that lists

of ADRs' and AFRs' regulated entities' legal entity identifiers

(``LEIs'') and uniform product identifiers (``UPIs'') of swaps within

the scope of ADRs' and AFRs' jurisdiction would limit the resources

SDRs must expend to verify whether swap data access requests are within

the scope of an ADR's or AFR's jurisdiction--if ADRs and AFRs choose to

develop such lists--which the Commission anticipates they would.

---------------------------------------------------------------------------

\77\ The need for these resource expenditures would flow from

proposed Sec. 49.17(d)(4)(iii), which would preclude SDRs from

granting ADRs or AFRs access to swap data unless the SDR has

determined that such swap data is within the then-current scope of

such ADRs' or AFRs' jurisdiction.

---------------------------------------------------------------------------

The Commission understands that there are some blank data entries

in LEI fields, however, despite the Commission having designated an LEI

system in 2012, and masked LEIs in a number of cases to reflect certain

other jurisdictions' privacy law limits on disclosure.\78\ In addition,

UPIs are still evolving for many swap contracts. Specifically, UPIs are

in widespread use for standardized swaps but less so for other swaps.

In cases where there is no UPI for a class of swaps, Sec. 45.7(c)(2)

requires SDRs to create a UPI for such class and requires SDRs, all

other registered entities and swap counterparties to use such SDR UPI-

equivalent contract identifiers to classify swaps. In such cases, ADRs

and AFRs could use SDRs' UPI-equivalents to identify swaps within the

scope of ADRs' and AFRs' jurisdiction.

---------------------------------------------------------------------------

\78\ See, e.g., DMO No-Action Letter 16-03 (Jan. 15, 2016),

available at http://www.cftc.gov/idc/groups/public/@lrlettergeneral/documents/letter/16-03.pdf, for further information regarding such

privacy law restrictions.

---------------------------------------------------------------------------

In general, the blank or masked LEI data fields and UPI limits

discussed above would raise the costs for SDRs and potentially for ADRs

and AFRs. Inadequate data fields and UPIs hinder SDRs' abilities to

identify transactions and determine whether such transactions, in

particular swap data, are within an ADR's or AFR's jurisdictional scope

and interest. Even though the Commission believes these obstacles would

increase costs, the Commission also believes that such costs are

difficult to quantify at this time. The Commission specifically

requests comment on this concern. Commenters are encouraged to quantify

such costs, if practical. The Commission understands that lists of LEIs

of ADRs' and AFRs' regulated entities and lists of UPIs or UPI-

equivalents of swaps within ADRs' and AFRs' jurisdiction may have to be

updated from time to time as regulated entities move in and out of

ADRs' and AFRs' jurisdiction, ADRs' and AFRs' jurisdiction expands or

contracts, swaps evolve, and new swaps are developed. In these cases,

for example, an ADR or AFR likely would have to modify periodically the

list of LEIs and UPIs it gives to SDRs.

The proposal would further mitigate the costs to SDRs by permitting

them to verify the scope of an ADR's or AFR's jurisdiction just once

for a recurring request the details of which do not change. SDRs might

incur additional costs, however, if the scope of jurisdiction changes

for an ADR or AFR. Such additional costs include some fraction of the

above costs as well as the cost to notify the Commission of the change

in jurisdiction for the ADR or AFR.

The Commission is proposing Appendix B to Part 49 to provide a form

of confidentiality arrangement for execution by the Commission and by

ADRs and AFRs seeking swap data access maintained by SDRs so that ADRs

and AFRs can satisfy the confidentiality agreement requirement set

forth in CEA Sec. 21(d). The Commission believes that this form would

eliminate SDRs' costs and reduce ADRs' and AFRs' costs to negotiate the

terms of such an arrangement relative to an alternative of negotiating

and signing confidentiality arrangements with four separate SDRs.

Otherwise, confidentiality arrangement costs could be substantial in

terms of management

[[Page 8386]]

attention and expenditures.\79\ The Commission expects that reviewing

and signing a confidentiality arrangement would not require substantial

expenditures, but request public comments on such costs.\80\ Commenters

are encouraged to quantify where practical.

---------------------------------------------------------------------------

\79\ Nevertheless, proposed Sec. 49.18(a) would allow ADRs and

AFRs to negotiate an alternative to the proposed form, provided that

such alternative contains the elements required in proposed Sec.

49.18(b), which, in turn, requires that such alternative contain all

the elements of the proposed form.

\80\ The Commission has on occasion used the SIFMA Report on

Management and Professional Earnings in the Securities Industry to

estimate these kinds of costs. For instance, on page 279 of the

SIFMA Report for 2013, the mean salary for a compliance attorney is

$100,840 with an average bonus of $26,666. This gives $127,506 in

average total compensation for a compliance attorney. This number is

divided by 1,800 hours and multiplied by 5.35 to account for

overhead to get approximately $379 per hour. Next, multiplying by

12,000 burden hours (from the Paperwork Reduction Act section of

this release) results in approximately $4,500,000 in estimated

costs.

---------------------------------------------------------------------------

The Commission is proposing to permit SDRs to determine the means

by which they will provide access to swap data to ADRs and AFRs. The

Commission notes that SDRs already provide the Commission and the

National Futures Association with data. Providing incremental access to

ADRs and AFRs may permit SDRs to take advantage of economies of scale,

thus mitigating SDRs' costs. The proposal would also mitigate SDRs'

costs by permitting them to choose the means by which they will provide

access to swap data to ADRs and AFRs. The Commission expects that SDRs

would choose the lowest cost means of access consistent with their

statutory obligation to provide ADRs and AFRs access to swap data and

other constraints. The Commission cannot forecast what these costs

would be at this time, however, because it depends on particulars of

each SDR that the Commission does not know. Consequently, the

Commission welcomes public comments on this requirement and how SDRs

might satisfy this requirement. Commenters are encouraged to quantify

where practical.

CEA section 21(c)(7) requires SDRs to notify the Commission of

requests for data from a particular ADR or AFR. Proposed Sec.

49.17(d)(4)(i) would reduce that burden by permitting SDRs to notify

the Commission only of the first such request by each ADR or AFR and

promptly after receiving any request that does not comport with the

scope of the ADR's or AFR's jurisdiction. In addition to the foregoing,

the Commission is proposing to amend current Sec. 49.17(d)(4)(i) to

require SDRs to maintain records of all information related to the

initial and all subsequent requests for data from the requesting

entity. The SDR would have to maintain this information for the same

period required for other SDR records. Although these costs may be

relatively small, the Commission anticipates using such data to, for

example, monitor ADRs' and AFRs' access requests from time to time to

ensure that they remain within the scope of their jurisdiction and,

relatedly, to ensure that SDRs have been monitoring this access issue.

As one alternative to proposing comprehensive swap data safeguards,

the Commission instead could have chosen to merely delete the

indemnification references in its regulations. While that approach

could have avoided imposing many of the costs to ADRs, AFRs, and SDRs

related to protection of confidentiality discussed herein, it would

have dramatically increased the risk of imposing on market participants

and the public the costs discussed above in the first paragraph of this

section IV.C.4. and below in section IV.C.5.a.-c., which the Commission

preliminarily believes is inconsistent with the historical importance

Congress and the Commission have placed on protecting information

covered by CEA section 8. Consequently, the Commission has determined

to take the proposed approach.

5. Consideration of CEA Section 15(a) Factors

a. Protection of Market Participants and the Public

The Commission is proposing a number of safeguards to prevent

market participants' swap data maintained at SDRs from being

misappropriated or misused, as discussed above. Those proposed

safeguards include: Modifying the requirements for being an AFR;

requiring both ADRs and AFRs to demonstrate the scope of their swap-

data jurisdiction as a limit on the swap data to which an ADR or AFR

may have access; having the Commission issue Determination Orders;

imposing on ADRs and AFRs seeking access to swap data maintained by

SDRs a number of required confidentiality safeguards; barring onward

sharing of swap data; certain recordkeeping and reporting requirements;

and ensuring the Commission's ability to revoke an ADR's or AFR's swap

data access. Some market participants, and the public, could be harmed

if market participants' proprietary swap data were misappropriated or

misused. As detailed above in the ``Cost'' discussion, there is the

potential harm that misappropriated swap data could be used to front

run market participants whose swap data were misappropriated, raising

their costs of completing swap transactions. More specifically, spreads

could widen, which could deter some market participants from engaging

in swap transactions trading and prevent prices from adjusting as

quickly. Another possible misuse of market participants' swap data is

if those who obtained misappropriated swap data were to reverse

engineer the trading strategies of the market participants whose data

were misappropriated and use such strategies, potentially undermining

their efficacy.

b. Efficiency, Competitiveness, and Financial Integrity of Futures

Markets

The Commission believes that there will be little effect on

efficiency, competiveness, and financial integrity of futures markets

if swap data is properly protected from being misappropriated or

misused. If swap data is not properly protected, however, competition

might be affected, in that market participants might be less willing to

engage in swap transactions if parties are trading in front of them,

raising their costs, or misappropriating their trading strategies,

lowering such strategies' effectiveness. This could induce some swap

dealers to charge higher fees (explicitly or implicitly) for their

services and otherwise reduce profits. Such concerns may also encourage

market participants to increase their use of futures contracts relative

to swaps, because futures position data may be better protected.

c. Price Discovery

The Commission believes that price discovery would not be affected

by this proposed rulemaking. There may be some indirect effects on

price discovery if the safeguards in this proposed rulemaking prove

ineffective, however. Price discovery could be negatively impacted if

position data is misappropriated or misused to the disadvantage of some

participants. For instance, as previously explained, some market

participants might withdraw from swaps markets if they fear that their

position data will be misappropriated or misused. This could lead to

less frequent trading as well as reduced liquidity in swap markets.

Furthermore, spreads could widen due to front-running concerns, which

could make prices more volatile and harm price discovery.

[[Page 8387]]

d. Sound Risk Management Practices

This proposed rulemaking will help regulators better understand the

risks posed by their regulated entities. Without swaps data, it is

impossible to comprehensively supervise entities that engage in swap

trading. In this way, the proposed rulemaking helps to mitigate

systemic risk. Allowing more ADRs and AFRs to access SDR swap data

establishes the potential to improve SDR data by potentially

facilitating research and analysis that ultimately leads to better risk

management by market participants. This can occur through academic

research that influences market participants to improve their risk

management based on the research, or by ADRs and AFRs asserting their

authority over their regulated entities to compel them to improve their

swap data reporting and risk management.

e. Other Public Interest Considerations

The Commission does not believe that there are any other public

interest considerations with respect to this proposed rulemaking.

6. Request for Comment

The Commission requests comment on all aspects of its cost and

benefit considerations. Commenters are encouraged to quantify their

comments, if practical.

D. Antitrust Considerations

CEA section 15(b) requires the Commission to take into

consideration the public interest to be protected by the antitrust laws

and endeavor to take the least anticompetitive means of achieving the

objectives of the CEA, in issuing any order or adopting any Commission

rule or regulation.

The Commission does not anticipate that the proposed amendments to

part 49 will result in anticompetitive behavior. However, because the

proposed amendments affect existing SDR procedures relating to data

reporting validation and data accuracy, the Commission encourages

comments from the public on any aspect of the proposal that may have

the potential to be inconsistent with the antitrust laws or be

anticompetitive in nature.

List of Subjects in 17 CFR Part 49

Access to swap data; Commodity Exchange Act section 8;

Confidentiality; Registration and regulatory requirements; Swap data

repositories.

For the reasons stated in the preamble, the Commodity Futures

Trading Commission proposes to amend 17 CFR part 49 as set forth below:

PART 49--SWAP DATA REPOSITORIES

0

1. The authority citation for part 49 is revised to read as follows:

Authority: 7 U.S.C. 12a and 24a, unless otherwise noted.

0

2. In Sec. 49.2, revise paragraph (a)(5) to read as follows:

Sec. 49.2 Definitions.

(a) * * *

(5) Foreign Regulator. The term ``foreign regulator'' means a

foreign futures authority as defined in Section 1a(26) of the Act,

foreign financial supervisors, foreign central banks, foreign

ministries and other foreign authorities.

* * * * *

0

3. In Sec. 49.9, revise paragraph (a)(9) to read as follows:

Sec. 49.9 Duties of registered swap data repositories.

(a) * * *

(9) Upon request of Appropriate Domestic Regulators and Appropriate

Foreign Regulators, provide access to swap data held and maintained by

the swap data repository, as prescribed in Sec. 49.17;

* * * * *

0

4. Amend Sec. 49.17 as follows:

0

a. Revise paragraphs (a), (b)(1)(vii), (b)(2), (c)(2) and (c)(3),

(d)(2) through (d)(6), and (e) and (f); and

0

b. Add paragraphs (h) and (i).

The revisions and additions to read as follows:

Sec. 49.17 Access to SDR data.

(a) Purpose. This section provides a procedure by which the

Commission, other domestic regulators and foreign regulators may obtain

access to the swap data held and maintained by registered swap data

repositories. Except as specifically set forth in this section, the

Commission's duties and obligations regarding the confidentiality of

business transactions or market positions of any person and trade

secrets or names of customers identified in Section 8 of the Act are

not affected.

(b) * * *

(1) * * *

(vii) Any other person the Commission determines to be appropriate

pursuant to the process set forth in Sec. 49.17(h).

(2) Appropriate Foreign Regulator. The term ``Appropriate Foreign

Regulator'' shall mean those Foreign Regulators the Commission

determines to be appropriate pursuant to the process set forth in Sec.

49.17(h).

* * * * *

(c) * * *

(2) Monitoring tools. A registered swap data repository is required

to provide the Commission with proper tools for the monitoring,

screening and analyzing of swap data, including, but not limited to,

Web-based services, services that provide automated transfer of data to

Commission systems, various software and access to the staff of the

swap data repository and/or third-party service providers or agents

familiar with the operations of the registered swap data repository,

which can provide assistance to the Commission regarding data structure

and content. These monitoring tools shall be substantially similar in

analytical capability as those provided to the compliance staff and the

Chief Compliance Officer of the swap data repository.

(3) Authorized users. The swap data provided to the Commission by a

registered swap data repository shall be accessible only by authorized

users. The swap data repository shall maintain and provide a list of

authorized users in the manner and frequency determined by the

Commission.

(d) * * *

(2) Domestic regulator with regulatory responsibility over a swap

data repository. When a swap data repository that is registered with

the Commission pursuant to this chapter is also registered with a

domestic regulator pursuant to a separate statutory authority, and such

domestic regulator seeks access to swap data that has been reported to

such swap data repository pursuant to the domestic regulator's

regulatory regime, such access is not subject to the requirements of

sections 21(c)(7) or 21(d) of the Act, or of Sec. Sec. 49.17(d) or

49.18.

(3) Foreign Regulator with regulatory responsibility over a swap

data repository. When a swap data repository that is registered with

the Commission pursuant to this chapter is also registered with, or

recognized or otherwise authorized by, a Foreign Regulator that has

supervisory authority over such swap data repository pursuant to

foreign law and/or regulation, and such Foreign Regulator seeks access

to swap data that has been reported to such swap data repository

pursuant to the Foreign Regulator's regulatory regime, such access is

not subject to the requirements of sections 21(c)(7) or 21(d) of the

Act, or of Sec. Sec. 49.17(d) or 49.18.

(4) Obligations of the registered swap data repository in

connection with appropriate domestic regulator or appropriate foreign

regulator requests for data access. (i) A registered swap data

repository shall notify the

[[Page 8388]]

Commission promptly after receiving an initial request from an

Appropriate Domestic Regulator or Appropriate Foreign Regulator to gain

access to swap data maintained by such swap data repository and

promptly after receiving any request that does not comport with the

scope of the ADR's or AFR's jurisdiction, as described and appended to

the confidentiality arrangement required by Sec. 49.18(a). Each

registered swap data repository shall maintain records thereafter,

pursuant to Sec. 49.12, of the details of such initial request and of

all subsequent requests by such Appropriate Domestic Regulator or

Appropriate Foreign Regulator for such access.

(ii) The registered swap data repository shall notify the

Commission electronically, in a format specified by the Secretary of

the Commission, of the receipt of a request specified in Sec.

49.17(d)(4)(i).

(iii) The registered swap data repository shall not provide an

Appropriate Domestic Regulator or Appropriate Foreign Regulator access

to swap data maintained by the swap data repository unless the swap

data repository has determined that the swap data to which the

Appropriate Domestic Regulator or Appropriate Foreign Regulator seeks

access is within the then-current scope of such Appropriate Domestic

Regulator's or Appropriate Foreign Regulator's jurisdiction, as

described and appended to the confidentiality arrangement required by

Sec. 49.18(a). An Appropriate Domestic Regulator or Appropriate

Foreign Regulator that has executed a confidentiality arrangement with

the Commission pursuant to Sec. 49.18(a) and provided such

confidentiality arrangement to one or more swap data repositories shall

notify the Commission and each such swap data repository of any change

to such Appropriate Domestic Regulator's or Appropriate Foreign

Regulator's scope of jurisdiction as described in such confidentiality

arrangement. The Commission may direct a swap data repository to

suspend, limit, or revoke access to swap data maintained by such swap

data repository based on any such change to such Appropriate Domestic

Regulator's or Appropriate Foreign Regulator's scope of jurisdiction,

and, if so directed, such swap data repository shall so suspend, limit,

or revoke such access.

(iv) The registered swap data repository need not make the

determination required pursuant to Sec. 49.17(d)(4)(iii) more than

once with respect to a recurring swap data request. If such request

changes, the swap data repository must make a new determination

pursuant to Sec. 49.17(d)(4)(iii).

(5) Timing; limitation, suspension or revocation of swap data

access. Once a registered swap data repository has--

(i) Notified the Commission, pursuant to Sec. 49.17(d)(4)(i) and

(ii), of an initial request for swap data access by an Appropriate

Domestic Regulator or Appropriate Foreign Regulator, as applicable,

that was submitted pursuant to Sec. 49.17(d)(1);

(ii) Received from such Appropriate Domestic Regulator or

Appropriate Foreign Regulator a confidentiality arrangement executed by

the Commission and such Appropriate Domestic Regulator or Appropriate

Foreign Regulator as required by Sec. 49.18(a); and

(iii) Satisfied its obligations under Sec. 49.17(d)(4)(iii), such

swap data repository shall provide access to the requested swap data;

provided, however, that such swap data repository shall, as directed by

the Commission, limit, suspend or revoke such access should the

Commission limit, suspend or revoke the appropriateness determination

for such Appropriate Domestic Regulator or Appropriate Foreign

Regulator or otherwise direct the swap data repository to limit,

suspend or revoke such access.

(6) Confidentiality arrangement. Consistent with Sec. 49.18(a),

the Appropriate Domestic Regulator or Appropriate Foreign Regulator

shall, prior to receiving access to any requested swap data, execute a

confidentiality arrangement with the Commission consistent with the

requirements set forth in Sec. 49.18(b).

(e) Third-party service providers to a registered swap data

repository. Access to the swap data and information maintained by a

registered swap data repository may be necessary for certain third

parties that provide various technology and data-related services to a

registered swap data repository. Third-party access to the swap data

and information maintained by a swap data repository is permissible

subject to the following conditions:

(1) Both the registered swap data repository and the third party

service provider shall have strict confidentiality procedures that

protect swap data and information from improper disclosure.

(2) Prior to a registered swap data repository granting access to

swap data or information to a third-party service provider, the third-

party service provider and the registered swap data repository shall

execute a confidentiality agreement setting forth minimum

confidentiality procedures and permissible uses of the swap data and

information maintained by the swap data repository that are equivalent

to the privacy procedures for swap data repositories outlined in Sec.

49.16.

(f) Access by market participants--(1) General. Access by market

participants to swap data maintained by the registered swap data

repository is prohibited other than as set forth in Sec. 49.17(f)(2).

(2) Exception. Swap data and information related to a particular

swap that is maintained by the registered swap data repository may be

accessed by either counterparty to that particular swap. However, the

swap data and information maintained by the registered swap data

repository that may be accessed by either counterparty to a particular

swap shall not include the identity or the legal entity identifier (as

such term is used in part 45 of this chapter) of the other counterparty

to the swap, or the other counterparty's clearing member for the swap,

if the swap is executed anonymously on a swap execution facility or

designated contract market, and cleared in accordance with Commission

regulations in Sec. Sec. 1.74, 23.610, and 37.12(b)(7) of this

chapter.

* * * * *

(h) Appropriateness determination process. (1) Each person seeking

an appropriateness determination pursuant to this paragraph shall file

an application with the Commission.

(2) Each applicant seeking an appropriateness determination shall

provide sufficient detail in its application to permit the Commission

to analyze whether the applicant is acting within the scope of its

jurisdiction in seeking access to swap data maintained by a registered

swap data repository, and whether the applicant employs appropriate

confidentiality safeguards to ensure that any swap data such applicant

receives from a registered swap data repository will not, except as

allowed for in the form of confidentiality arrangement set forth in

Appendix B of this part, be disclosed.

(3) If the Commission determines that an applicant pursuant to this

paragraph is, conditionally or unconditionally, appropriate for

purposes of CEA section 21(c)(7), the Commission shall issue an order

setting forth its appropriateness determination. The Commission shall

not determine that an applicant pursuant to this paragraph is

appropriate unless the Commission is satisfied that--

(i) The applicant employs appropriate confidentiality safeguards to

ensure that any swap data such applicant receives from a registered

swap data repository

[[Page 8389]]

will not be disclosed, except as allowed for in the form of

confidentiality arrangement set forth in Appendix B of this part and

(ii) Such applicant is acting within the scope of its jurisdiction

in seeking access to swap data from a registered swap data repository.

(4) The Commission reserves the right, in connection with any

appropriateness determination with respect to an Appropriate Domestic

Regulator or Appropriate Foreign Regulator, to revisit, reassess,

limit, suspend or revoke such determination consistent with the Act.

(i) Delegation of authority relating to certain matters in this

section. (1) The Commission hereby delegates, until such time as the

Commission orders otherwise, the following functions to the Director of

the Division of Market Oversight and to such members of the

Commission's staff acting under his or her direction as he or she may

designate from time to time: All functions reserved to the Commission

in this section.

(2) The Director of the Division of Market Oversight may submit any

matter which has been delegated under paragraph (i)(1) of this section

to the Commission for its consideration.

(3) Nothing in this section may prohibit the Commission, at its

election, from exercising the authority delegated under paragraph

(i)(1) of this section.

0

5. Revise Sec. 49.18 to read as follows:

Sec. 49.18 Confidentiality arrangement.

(a) Confidentiality arrangement required prior to disclosure of

swap data by a registered swap data repository to an Appropriate

Domestic Regulator or Appropriate Foreign Regulator. Prior to a

registered swap data repository providing access to swap data to any

Appropriate Domestic Regulator or Appropriate Foreign Regulator, each

as defined in Sec. 49.17(b), the swap data repository shall receive,

pursuant to Section 21(d) of the Act, an executed confidentiality

arrangement between the Commission and the Appropriate Domestic

Regulator or Appropriate Foreign Regulator, as applicable, in the form

set forth in Appendix B of this part or, at a minimum, containing the

elements required in paragraph (b) of this section, from such

Appropriate Domestic Regulator or Appropriate Foreign Regulator. Such

confidentiality arrangement must include, either as Exhibit A to the

form set forth in Appendix B of this part or similarly appended, a

description of the Appropriate Domestic Regulator's or Appropriate

Foreign Regulator's jurisdiction. Once a registered swap data

repository is notified that a confidentiality arrangement received from

an Appropriate Domestic Regulator or Appropriate Foreign Regulator no

longer is in effect, the swap data repository shall not provide access

to swap data to such Appropriate Domestic Regulator or Appropriate

Foreign Regulator.

(b) Elements of confidentiality arrangement. The confidentiality

arrangement required pursuant to paragraph (a) of this section shall,

at a minimum, include all elements included in the form of

confidentiality arrangement set forth in Appendix B of this part.

(c) Reporting failures to fulfill the terms of a confidentiality

arrangement. A registered swap data repository shall immediately report

to the Commission any known failure to fulfill the terms of a

confidentiality arrangement that it receives pursuant to paragraph (a)

of this section.

(d) Failures to fulfill the terms of the confidentiality

arrangement. The Commission may, if an Appropriate Domestic Regulator

or Appropriate Foreign Regulator fails to fulfill the terms of a

confidentiality arrangement described in paragraph (a) of this section,

direct each registered swap data repository to limit, suspend or revoke

such Appropriate Domestic Regulator's or Appropriate Foreign

Regulator's access to swap data held by such swap data repository.

(e) Delegation of authority relating to certain matters in this

section. (1) The Commission hereby delegates, until such time as the

Commission orders otherwise, the following functions to the Director of

the Division of Market Oversight and to such members of the

Commission's staff acting under his or her direction as he or she may

designate from time to time: All functions reserved to the Commission

in this section.

(2) The Director of the Division of Market Oversight may submit any

matter which has been delegated under paragraph (e)(1) of this section

to the Commission for its consideration.

(3) Nothing in this section may prohibit the Commission, at its

election, from exercising the authority delegated under paragraph

(e)(1) of this section.

0

6. In Sec. 49.22, revise paragraph (d)(4) to read as follows:

Sec. 49.22 Chief compliance officer.

* * * * *

(d) * * *

(4) Taking reasonable steps to ensure compliance with the Act and

Commission regulations in this chapter relating to agreements,

contracts, or transactions, and with Commission regulations in this

chapter under Section 21 of the Act, including confidentiality

arrangements received by the chief compliance officer's registered swap

depository pursuant to Sec. 49.18(a);

* * * * *

0

7. Add Appendix B to part 49, to read as follows:

Appendix B to Part 49--Confidentiality Arrangement for Appropriate

Domestic Regulators and Appropriate Foreign Regulators To Obtain Access

To Swap Data Maintained by Registered Swap Data Repositories Pursuant

to Sec. Sec. 49.17(d)(6) and 49.18(a)

[[Page 8390]]

[GRAPHIC] [TIFF OMITTED] TP25JA17.088

The U.S. Commodity Futures Trading Commission (``CFTC'') and the

[name of foreign/domestic regulator (``ABC'')] (each an

``Authority'' and collectively the ``Authorities'') have entered

into this Confidentiality Arrangement (``Arrangement'') in

connection with [whichever is applicable] [CFTC Regulation

49.17(b)(1)[(i)-(vi)]/the determination order issued by the CFTC to

[ABC] (``Order'')] and any request for swap data by [ABC] to any

swap data repository (``SDR'') registered with the CFTC.

Article One: General Provisions

1. ABC is permitted to request and receive swap data directly

from a registered SDR (``Swap Data'') on the terms and subject to

the conditions of this Arrangement.

2. This Arrangement is entered into to fulfill the requirements

under Section 21(d) of the Commodity Exchange Act (``Act'') and CFTC

Regulation 49.18. Upon receipt by a registered SDR, this Arrangement

will satisfy the requirement for a written agreement pursuant to

Section 21(d) of the Act and CFTC Regulation 49.17(d)(6). This

Arrangement does not apply to information that is [reported to a

registered SDR pursuant to [ABC]'s regulatory regime where the SDR

also is registered with [ABC] pursuant to separate statutory

authority, even if such information also is reported pursuant to the

Act and CFTC regulations][reported to a registered SDR pursuant to

[ABC]'s regulatory regime where the SDR also is registered with, or

recognized or otherwise authorized by, [ABC], which has supervisory

authority over the repository pursuant to foreign law and/or

regulation, even if such information also is reported pursuant to

the Act and CFTC regulations.] \1\

---------------------------------------------------------------------------

\1\ The first bracketed paragraph will be used for ADRs; the

second will be used for AFRs. The inapplicable paragraph will be

deleted.

---------------------------------------------------------------------------

3. This Arrangement is not intended to limit or condition the

discretion of an Authority in any way in the discharge of its

regulatory responsibilities or to prejudice the individual

responsibilities or autonomy of any Authority.

4. This Arrangement does not alter the terms and conditions of

any existing arrangements.

Article Two: Confidentiality of Swap Data

5. ABC will be acting within the scope of its jurisdiction in

requesting Swap Data and employs procedures to maintain the

confidentiality of Swap Data and any information and analyses

derived therefrom (collectively, the ``Confidential Information'').

ABC undertakes to notify the CFTC and each relevant SDR promptly of

any change to ABC's scope of jurisdiction.

6. ABC undertakes to treat Confidential Information as

confidential and will employ safeguards that:

a. To the maximum extent practicable, identify the Confidential

Information and maintain it separately from other data and

information;

b. Protect the Confidential Information from misappropriation

and misuse;

c. Ensure that only authorized ABC personnel with a need to

access particular Confidential Information to perform their job

functions related to such Confidential Information have access

thereto, and that such access is permitted only to the extent

necessary to perform their job functions related to such particular

Confidential Information;

d. Prevent the disclosure of aggregated Confidential

Information; provided, however, that ABC is permitted to disclose

any sufficiently aggregated Confidential Information that is

anonymized to prevent identification, through disaggregation or

otherwise, of a market participant's business transactions, trade

data, market positions, customers or counterparties;

e. Prohibit use of the Confidential Information by ABC personnel

for any improper purpose, including in connection with trading for

their personal benefit or for the benefit of others or with respect

to any commercial or business purpose; and

f. Include a process for monitoring compliance with the

confidentiality safeguards described herein and for promptly

notifying the CFTC, and each SDR from which ABC has received Swap

Data, of any violation of such safeguards or failure to fulfill the

terms of this Arrangement.

7. Except as provided in Paragraphs 6.d. and 8, ABC will not

onward share or otherwise disclose any Confidential Information.

8. ABC undertakes that:

a. If a department, central bank, or agency of the Government of

the United States, it will not disclose Confidential Information

except in an action or proceeding under the laws of the United

States to which it, the CFTC, or the United States is a party;

b. If a department or agency of a State or political subdivision

thereof, it will not disclose Confidential Information except in

connection with an adjudicatory action or proceeding brought under

the Act or the laws of [name of either the State or the State and

political subdivision] to which it is a party; or

c. If a foreign futures authority or a department, central bank,

ministry, or agency of a foreign government or subdivision thereof,

or any other Foreign Regulator, as defined in Commission Regulation

49.2(a)(5), it will not disclose Confidential Information except in

connection with an adjudicatory action or proceeding brought under

the laws of [name of country, political subdivision, or (if a

supranational organization) supranational lawmaking body] to which

it is a party.

9. Prior to complying with any legally enforceable demand for

Confidential Information, ABC will notify the CFTC of such demand in

writing, assert all available appropriate legal exemptions or

privileges with respect to such Confidential Information, and use

its best efforts to protect the confidentiality of the Confidential

Information.

10. ABC acknowledges that, if it does not fulfill the terms of

this Arrangement, the CFTC may direct any registered SDR to suspend

or revoke ABC's access to Swap Data.

11. ABC will comply with all applicable security-related

requirements imposed by an SDR in connection with access to Swap

Data maintained by the SDR, as such requirements may be revised from

time to time.

12. ABC will promptly destroy all Confidential Information for

which it no longer has a need or which no longer falls within the

scope of its jurisdiction, and will certify to the CFTC, upon

request, that ABC has destroyed such Confidential Information.

Article Three: Administrative Provisions

13. This Arrangement may be amended with the written consent of

the Authorities.

14. The text of this Arrangement will be executed in English,

and may be made available to the public.

15. On the date this Arrangement is signed by the Authorities,

it will become effective and may be provided to any registered SDR

that holds and maintains Swap Data that falls within the scope of

ABC's jurisdiction.

[[Page 8391]]

16. This Arrangement will expire 30 days after any Authority

gives written notice to the other Authority of its intention to

terminate the Arrangement. In the event of termination of this

Arrangement, Confidential Information will continue to remain

confidential and will continue to be covered by this Arrangement.

This Arrangement is executed in duplicate, this ___day of ___.

-----------------------------------------------------------------------

[name of Chairman]

Chairman

U.S. Commodity Futures Trading Commission

-----------------------------------------------------------------------

[name of signatory]

[title]

[name of foreign/domestic regulator]

[Exhibit A: Description of Scope of Jurisdiction. If ABC is not

enumerated in Commission Regulations 49.17(b)(1)(i)-(vi), it must

attach the Determination Order received from the Commission pursuant

to Commission Regulation 49.17(h). If ABC is enumerated in

Commission Regulations 49.17(b)(1)(i)-(vi), it must attach a

sufficiently detailed description of the scope of ABC's jurisdiction

as it relates to Swap Data maintained by SDRs.]

Issued in Washington, DC, on January 13, 2017, by the

Commission.

Christopher J. Kirkpatrick,

Secretary of the Commission.

Note: The following appendices will not appear in the Code of

Federal Regulations.

Appendices to Proposed Amendments to the Swap Data Access Provisions of

Part 49 and Certain Other Matters--Commission Voting Summary and

Chairman's Statement

Appendix 1--Commission Voting Summary

On this matter, Chairman Massad and Commissioners Bowen and

Giancarlo voted in the affirmative. No Commissioner voted in the

negative.

Appendix 2--Statement of Chairman Timothy G. Massad

The increased reporting of data on swaps transactions is an

important reform of the derivatives markets agreed to by the G20

leaders in 2009. Today, thanks to this reporting, regulators across the

globe are in a better position to assess exposures and risks related to

this market. Because of the global nature of the market, it is critical

for regulators to be able to share information, subject to appropriate

confidentiality and other protections.

That's why I am pleased we are issuing this proposal, which will

make it easier for other regulators, both domestic and foreign, to gain

access to swap data repository (SDR) swap data. The proposal would

conform our rules to various changes Congress made in the law and

provide a process for sharing of information. Among other things,

Congress removed a requirement that another regulator must indemnify

both the Commission and the swap data repository for expenses related

to litigation before data could be shared. To date, no domestic or

foreign regulator has provided such an indemnification. Today's

proposal removes this requirement in the CFTC's own rules, makes other

changes consistent with Congressional action, and creates a process for

when and how other regulators gain access to SDR information that will

protect confidentiality.

I thank my fellow Commissioners Bowen and Giancarlo for their

unanimous support for this proposal. I also thank the hardworking CFTC

staff for all their efforts.

[FR Doc. 2017-01287 Filed 1-24-17; 8:45 am]

BILLING CODE 6351-01-P

Last Updated: January 25, 2017