CFTC Issues Staff Advisory on FCM Risk Management Program (RMP) Requirements | Practical Law

CFTC Issues Staff Advisory on FCM Risk Management Program (RMP) Requirements | Practical Law

On March 2, 2016, the CFTC issued a staff advisory to remind futures commission merchants (FCMs) of the risk-management program (RMP) requirements and to share suggestions for implementation of an effective RMP.

CFTC Issues Staff Advisory on FCM Risk Management Program (RMP) Requirements

Practical Law Legal Update w-001-5990 (Approx. 4 pages)

CFTC Issues Staff Advisory on FCM Risk Management Program (RMP) Requirements

by Practical Law Finance
Published on 15 Mar 2016USA (National/Federal)
On March 2, 2016, the CFTC issued a staff advisory to remind futures commission merchants (FCMs) of the risk-management program (RMP) requirements and to share suggestions for implementation of an effective RMP.
On March 2, 2016, the CFTC issued a staff advisory reviewing its risk-management program (RMP) requirements for futures commission merchants (FCMs). The advisory includes examples of practices for implementing an effective RMP.
In November 2013, the CFTC issued various rules that enhanced protection for customers of FCMs, including CFTC Regulation 1.11b (see Legal Update, Final Rules on Protection of FCM Customer Funds Adopted by CFTC). CFTC Regulation 1.11 requires that an FCM that accepts customer assets or extends credits to customers must establish an RMP that is administered by a risk management unit (RMU).

CFTC Regulation 1.11(d)

CFTC Regulation 1.11(d) specifies that the RMU must have sufficient authority, qualified personnel, and financial, operational, and other resources to carry out the RMP. The RMU must also be independent from the FCM's business unit and report directly to senior management. The advisory includes some tips to demonstrate compliance with RMU requirements, including:
  • Developing an organizational chart identifying:
    • all members of the RMU;
    • their respective management duties; and
    • their reporting lines within the RMU.
  • Describing the following details in the RMP:
    • all committees responsible for risk management and their supervisory reporting lines; and
    • how often the FCM will consider the sufficiency of the RMU's resources.

CFTC Regulation 1.11(e)

CFTC Regulation 1.11(e) requires an RMP to account for all applicable risks of the FCM, including a clear description of how each risk relates to the firm's business activities, and to identify the personnel responsible for managing each risk.
Because of this regulation, many RMPs include:
  • An overview of the risk framework for the FCM.
  • A description and methods used to determine the FCM's risk tolerance limits, as well as procedures for review and approval.
  • Written policies and procedures for risk tolerance limit exceptions. Some FCMs use multiple limit thresholds for some or all risks.
  • Written policies and procedures for risk limit breaches.
  • Procedures for monitoring applicable risks.
  • A description of the training program and procedures for implementing the training programs addressing segregation requirements, notice requirements under Regulation 1.12, and procedures for reporting suspected limit breaches.
  • A description of the technical systems utilized and how those systems interface to manage risk.
  • A description of the FCM's capital requirements and liquidity needs and the potential sources of funds available to meet those needs and remain in compliance with the capital requirements.
The advisory also reminds FCMs that RMPs are required to take into account:
  • Risks posed by affiliates.
  • All lines of business of the FCM.
  • All other trading activity of the FCM.
The RMP must also describe with sufficient detail how the RMP has been integrated into risk management at the consolidated entity level.

CFTC Regulation 1.11(e)(2)

Under CFTC Regulation 1.11(e)(2), all applicable risk exposures of an FCM must be reported in quarterly risk exposure reports (RERs). These RERs must describe changes in RMP policies and procedures, and must be delivered to:
  • FCM senior management.
  • The FCM's governing body.
  • The CFTC.
The advisory recommends that it may be helpful for RERs to provide greater context for this information, such as:
  • Additional information regarding the actual risk exposure during the period for each risk metric rather than providing only limit-breach information.
  • A discussion of overall risk trends for the quarter including a prediction of future trends.
  • Comparison of the stress testing during the quarter with the firm's risk and business strategy.
  • Including the date the RER was provided to senior management.
  • Including definitions of material terms, abbreviations, methodologies, and metrics included in the RER.

CFTC Regulation 1.11(f)

CFTC Regulation 1.11(f) requires an annual review of the RMP to be performed by either:
  • internal audit staff that are independent of the business unit; or
  • a qualified third-party audit service that reports findings to staff that are independent of the business unit.
This annual review should:
  • Indicate who performed it.
  • Analyze the FCM's adherence to the RMP.
  • Analyze the RMP's effectiveness.
  • Provide necessary recommendations for RMP modifications.

CFTC Regulation 1.11(g)

CFTC Regulation 1.11(g) requires each FCM to distribute its RMP to all relevant supervisory personnel and keep records of its distribution.
To ensure compliance with this requirement, the advisory suggests that FCMs also:
  • Describe in the RMP the procedures for distributing and tracking the distribution of copies of the RMP.
  • Identify in the RMP the personnel or department responsible for the maintenance and distribution of the RMP.