I support the final rule on reporting and information requirements for derivatives clearing organizations (DCOs) (DCO Reporting Final Rule) because of its careful attention and response to public comments received. I would like to thank Clark Hutchison, Eileen Donovan, Parisa Nouri, August Imholtz, Gavin Young, Theodore Polley, and Elizabeth Arumilli of the Division of Clearing and Risk (DCR) for their work on the DCO Reporting Final Rule. I appreciate the staff addressing my concerns. 

The Commission has a great deal to be proud of with respect to its DCO registration and oversight regimes. Mandatory clearing for swaps was a pillar of the G20 reforms, and the U.S. was one of the first jurisdictions to adopt a clearing requirement pursuant to the directive.[1] Since then, the CFTC has amended its rules to keep them up to date and ensure they reflect changes that take place in the industry.[2] 

I am pleased that the DCO Reporting Final Rule is appropriately responsive to industry concerns that the Commission’s existing rules were unworkable.[3] I continue to stress the need that the Commission evaluate its rules to ensure they are functioning as intended, and propose workable solutions to any operational or implementation challenges to enable firms to more effectively achieve compliance, particularly for technical issues that do not meaningfully impact our oversight or systemic risk concerns. 

In this instance, Regulation 39.19(c)(1) required a DCO to report to the Commission on a daily basis initial margin, variation margin, cash flow, and position information for each clearing member, by house origin, by each customer origin, and by individual customer account.[4] Since providing certain information by individual customer account was unworkable, the Commission proposed amending Regulation 39.19(c)(1)(i)(B) and (C) to remove the requirement that a DCO report daily variation margin and cash flows by individual customer account.[5] In response to commenters, all of whom supported removing this part of the requirement, the Commission is removing the unfeasible part of the requirement. 

There are other instances of the Commission responding to overwhelming support from commenters on unworkable proposals. These include significant amendments the Commission had proposed to the system safeguards rules for DCOs. To highlight one, Regulation 39.18(g)(1) requires that a DCO promptly notify DCR staff of any hardware or software malfunction, security incident, or targeted threat that materially impairs, or creates a significant likelihood of material impairment of, automated system operation, reliability, security, or capacity.[6] 

The Commission had proposed amending Regulation 39.18(g)(1) to eliminate the materiality threshold, requiring DCOs to report all such events regardless of their magnitude.[7] Eight out of nine commenters opposed this proposal, and took the time to detail the compliance issues the proposal created. Reasons included that DCOs would report events that do not impact the DCO; the requirement would divert attention and resources away from incidents that deserve greater focus and planning, with little corresponding benefit to the Commission; and the requirement would be inconsistent with other notification regimes, including similar Commission rules and reporting obligations to other agencies and authorities. In general, the commenters’ position was that the CFTC underestimated the increase in reporting the amended rule would create. 

Speaking from personal experience, I think that if we had removed the materiality requirement, there would be a nonstop flood of notifications coming in to the staff because there are operational issues that occur all the time, many of which are insignificant and are resolved with de minimis impact. But nonetheless, without a materiality threshold then all such incidents would need to be reported promptly. So, I am pleased that we are taking the time to consider this aspect of the proposed rule further, particularly since there is ongoing work around the world on international standards, and the Fed and the Securities and Exchange Commission (SEC) are also both updating their incident reporting requirements. There is no doubt that the maintenance of strong incident reporting regimes is critical to CFTC oversight, but I also believe that it is important for the Commission to harmonize its reporting regime with other similar regulatory approaches. 

The SEC’s Reg SCI is most analogous to our DCO systems safeguards and systems incident reporting requirements.[8] It was promulgated in 2014 after our system safeguard rules, and after a joint CFTC-SEC advisory committee examined the cause of the 2010 flash crash, which showed the interconnectedness between the stock and futures markets and made recommendations for market structure reforms. Many firms operate DCOs that are either dually registered, or have affiliates that are registered as SEC clearing agencies, and have already implemented policies, procedures, and processes to comply with Reg SCI. Accordingly, it should be simpler and faster for them to apply the same SEC reporting framework to the DCOs if we are considering an update to our system safeguards requirements. 

In looking at the preamble to the NPRM for Reg SCI, I note that it dates back to two policy statements by the SEC on “Automated Systems for Self-Regulatory Organizations” dated 1989 and 1991.[9] And, these policy statements are based on SEC reports dating back to 1986. Ultimately these policy statements established the initial framework for what would later become Reg SCI. 

Both the securities and futures markets experienced the same shift to electronic trading and reliance on automated systems in the wake of rapid technological advance, and given how these developments dominated the industry, I believe it is reasonable to infer that the contemporaneous use of the term “automated systems” in CFTC regulations would have similar meaning to the SEC’s use of that term in the context of securities regulation.[10] If the CFTC revisits these rules, I would be interested in learning more about the genesis of the DCO systems safeguards and reporting requirements, and reviewing the original CFTC rulemakings, to confirm whether that was the case.

Therefore, I think it would make sense to evaluate whether to adopt essentially the same definition for “automated systems” as the SEC definition of “SCI systems” because I think the intent and scope would be the same. In fact, the SEC explicitly acknowledged the similarities in the securities and U.S. commodities markets with respect to systems issues and incidents in its preamble to the final rule.[11] 

Overall, this rule is an example of how good government works, and I am pleased to support it. Thank you.

[2]  Derivatives Clearing Organization General Provisions and Core Principles, 85 FR 4800 (Jan. 27, 2020).

[3]  In January 2020, as part of updates to its DCO regulations, the CFTC amended the daily reporting requirements for DCOs to require, among other things, the reporting of margin and position information by each individual customer account. The Commission then learned of concerns about futures commission merchants’ ability to provide this information to DCOs. As a result, CFTC staff issued a no-action letter extending the compliance date for this reporting requirement in order to resolve this issue. See CFTC Letter No. 21-01, United States Commodity Futures Trading Commission (Dec. 31, 2020), https://www.cftc.gov/csl/21-01/download; see also CFTC Letter No. 21-31, United States Commodity Futures Trading Commission (Dec. 22, 2021), https://www.cftc.gov/csl/21-31/download; CFTC Letter No. 22-20, United States Commodity Futures Trading Commission (Dec. 19, 2022) (further extending the compliance date), https://www.cftc.gov/csl/22-20/download.

[4]  17 C.F.R. § 39.19(c)(1).

[5]  Reporting and Information Requirements for Derivatives Clearing Organizations, 87 FR 76698 (Dec. 15, 2022).

[6]  17 C.F.R § 39.18(g)(1).

[7] See footnote 5, supra.

[8]  See generally Regulation Systems Compliance and Integrity, 79 FR 72251 (Dec. 5, 2014) (codified at 17 C.F.R. 240).

[9]  Automated Systems of Self-Regulatory Organizations, 54 FR 48703 (Nov. 16, 1989); Automated Systems of Self-Regulatory Organizations, 56 FR 22490 (May 15, 1991).

[10]  Regulation Systems Compliance and Integrity, 79 FR 72251, 72272 (codified at 17 C.F.R. 240) (noting the definition of SCI systems to include “all computer, network, electronic, technical, automated, or similar systems of, or operated by or on behalf of, an SCI entity that, with respect to securities, directly support trading, clearance and settlement, order routing, market data, market regulation, or market surveillance”).

[11]  See id. at 72256 (“Systems issues are not unique to the U.S. securities markets, with similar incidents occurring in the U.S. commodities markets as well as foreign markets.”).