On September 10, 2020, the Commodities Futures Trading Commission (CFTC) issued the latest in a series of circulars regarding corporate compliance released this summer by government agencies. In June, the Criminal Division of the Department of Justice (DOJ) issued updated guidance regarding its evaluation of corporate compliance programs (see our prior blog here). In July, DOJ and the Securities and Exchange Commission (SEC) jointly issued an updated Resource Guide to the U.S. Foreign Corrupt Practices Act, which includes a 12-part section covering the “hallmarks” of effective corporate compliance programs. The instant CFTC guidance is the first issued by CFTC on this topic. The guidance signals to commodities market participants that compliance programs that do not meet guideline standards are fair game for CFTC examination and enforcement staff.
The CFTC guidance is meant to supplement the “Penalty Guidance” the CFTC issued in May 2020 concerning factors that should be considered in recommending an appropriate civil monetary penalty in an enforcement action, which include “the [e]xistence and effectiveness of the company’s pre-existing compliance program.” The new CFTC guidance instructs its Division of Enforcement (“DOE”) staff to evaluate the effectiveness of a corporation’s compliance program based on whether it is reasonably designed and implemented to achieve three specific goals: (1) prevention of the underlying misconduct at issue; (2) detection of the misconduct; and (3) remediation of the misconduct. The goals are followed by a brief set of factors for DOE staff to consider:
- Did existing policies and procedures and training address the underlying misconduct?
- Is the compliance function appropriately staffed and sufficiently independent from the business function?
- Have deficiencies in the compliance program been addressed and rectified?
- Has the company implemented adequate surveillance and monitoring for suspicious activity?
- Is the company’s internal reporting infrastructure accessible and effective?
- Has any harm from the misconduct been identified and cured?
- Have the responsible individuals been disciplined?
The factors set forth in the CFTC guidance echo those previously set forth by DOJ and SEC. All three emphasize the importance of a risk-based compliance program tailored to the corporation’s specific characteristics; the independence and staffing of the compliance function; and keeping the compliance program dynamic and up-to-date by detecting, correcting, and integrating previously-identified deficiencies. However, the CFTC guidance should stand out to commodities market participants for several reasons. First, its issuance and timing is a clear indication that corporate compliance will be a key feature of commodities market enforcement in the coming months and years. Second, it specifically calls out the importance of internal surveillance and monitoring for suspicious activity. In the commodities markets, this would include any kind of manipulative activity (e.g., spoofing and layering, front running, wash trades, etc.) as well as conventional Bank Secrecy Act (31 U.S.C. § 5311, et seq.) and anti-money laundering red flags (e.g., unverifiable account information, suspicious third-party wires, inconsistent account activity, etc.). Notwithstanding that surveillance for this kind of activity is complicated and costly, it should be seen as a necessary component of any effective compliance program.