In May 2020, the Commodity Futures Trading Commission's Division of Enforcement issued updated guidance—the first since 1994—outlining factors it will consider in recommending civil monetary penalties in enforcement actions. To help FIA members understand the significance of this guidance, Allison Lurton, FIA's general counsel, conducted a live interview with James McDonald, the CFTC's head of enforcement, and asked him to describe the purpose for the guidance and its impact on market participants. The following article is excerpted and lightly edited from that interview.
The full recording of this interview with the CFTC's James McDonald is available on the FIA website here.
Q: Before we dive into this current guidance update, I note that you also have issued guidance on other enforcement priorities, such as the guidance on self-reporting and the guidance on the Foreign Corrupt Practices Act. Are all of these part of a guidance set that people should be paying attention to as a way to understand the Commission's priorities?
A: That's correct. All of our guidance will be reproduced in the enforcement manual. So to the extent that you're looking for a single place to turn, to look at all the applicable public statements that have come out of the division, then the enforcement manual is the place you can look.
When we announced the enforcement manual a little more than a year ago, I said the goal is that we would continue to build it out. And that as we continued to refine our own practices and procedures and policies, and as we continued to make good on our promise to get out as much information to market participants as we can and to be as transparent as possible, there would be additional things that come out that we build into the enforcement manual.
I think that may well be the case for the penalty guidance also, particularly as we get a little time and experience with it. If we think either the staff or the public would benefit from further context or further detail, we may well issue additional guidance that would then be incorporated into this penalty guidance.
Q: So this is a living document that will grow over time?
A: It's important that this is a set of principles and factors, so we don't want to turn it into something that balloons to the point where it's not useful. To the extent that there are points in here that over the next couple years we realize there is some lack of clarity or some uncertainty, then we’ll want to reduce the uncertainty as much as possible, and that could result in additional guidance.
Q: How does the new guidance on penalties interact with the Commission's prior 1994 policy statement on civil monetary penalties?
A: The intention here is for the two documents to work together. The division guidance is not supplanting the Commission's 1994 policy statement. But the Commission hadn't updated that policy statement and the Division of Enforcement hadn't offered any guidance for more than 25 years. So this is intended as a supplement. It's a little more detailed, it's a little more granular, and it incorporates some of the lessons learned from our own enforcement actions as we've now gotten about a decade into Dodd-Frank.
Q: Other agencies have put out clear formulas in establishing penalties in consultation with market participants. Did you consider putting out something more akin to a penalty computation formula, or did you consider a public consultation process?
A: We considered a variety of different things, but ultimately we thought that putting out the general guidelines and the factors and considerations that we take into account was the best approach for a few reasons.
One, we're a principles-based regulator. And I think it would be at odds with that for us to put out some rote, highly prescriptive, formulaic document. I should add that the Commission had the opportunity to do that in the 1994 policy statement and they elected not to do it. They elected to focus on guiding principles in part based on the same principles-based commitment I just described.
Second, we cover an incredibly wide variety of market activity. Our market participants are very different across our jurisdiction, and our enforcement investigations and activities cover a wide variety of conduct. I wanted to make sure that any guidance that we offer staff wasn't overly prescriptive and allowed them to take into account potential differences in the variety of different things that fall under our jurisdiction.
So the goal of this document is not that you plug in a formula and it spits out a number, but that it will serve as a framework both internally and in our discussions with market participants and outside counsel and the business community so we are all talking about the same things and that we're all focusing on the same things. Of course, there may be areas where we disagree, but at least those disagreements are arrived at or come about under the same framework with everybody thinking really hard about the same factors.
Q: How has the CFTC's Division of Enforcement evolved to coordinate with other domestic agencies like the Department of Justice as well as international regulators?
A: The short answer is "a lot." It's a real priority for us, to make sure that we're properly coordinated with the domestic enforcement agencies and the international ones. With the Department of Justice in particular, I've said pretty consistently over the past three-plus years that deterrence is central to the way we think about enforcement in our markets. We recognize that as much as we talk about deterrence in our own civil enforcement actions, there's no substitute for, or no greater deterrence than, the threat of a criminal prosecution or potentially time in jail in the appropriate case. The Department of Justice has a role to play in that, and our view is that it's important that we be coordinating with them and that we all be on the same page. Consistent with this approach, deterrence serves as an overarching principle [that] the factors in the penalty guidance seek to advance.
The same is true with respect to the other domestic regulators. I think you've seen increased coordination between the civil regulatory agencies as well. The relationship between the CFTC and the SEC [Securities and Exchange Commission] may for example be at an all-time high right now. Just one data point to think about: think about the digital asset space where you have a lot of people spending a lot of time thinking really hard about difficult questions. Is something a security, is something a commodity, can something morph from a security to a commodity, how can we think about whether something is a security or commodity? Right now in Washington D.C. and in the government, it sometimes may seem like you can't get anybody to agree on anything, yet there hasn't been a single instance where the SEC and the CFTC have taken different views on an issue involving this rapidly moving space. That stands as a real credit to agency leadership. I'm not just talking about enforcement, I'm talking about the chairman level and the Commission level to have that kind of coordination. It is a real priority of ours domestically.
And internationally, it's just as necessary. Our markets are increasingly reflecting the interconnected nature of the world in which we live, as if anybody needed to be reminded of that now during the COVID pandemic. When bad actors engage in unlawful conduct, they don't stop at the jurisdictional border. They don't say, "I have to stop here, I'm getting into the UK and I'd have to deal with the FCA [Financial Conduct Authority] and otherwise I just would have to deal with the US regulators." In fact, if there wasn't coordination you would actually incentivize cross-market misconduct if bad actors knew it would be more difficult to detect them if they crossed international borders. So I think it's just a necessity that we continue to increase our coordination with international regulators.
Q: Focusing specifically on your coordination with the Justice Department, do you consider a DOJ action when considering civil penalties?
A: Yes, we do. One of the factors in the penalty guidance is the consideration of the total mix of remedies and monetary relief to be imposed on the respondent not just in our enforcement action, but also in parallel cases involving criminal authorities, for example including incarceration, and other regulatory entities or self-regulatory organizations.
We and DOJ are part of the same United States government and we should be taking into account what other components of the United States government, or the self-regulatory community who are working with the governmental authorities, are doing. We all have different missions and mandates and jurisdictions, so we're not all jointly marching together. But we should be moving in parallel, and we should be making sure that what we're doing is consistent with what the other regulators are doing, to the extent that it's consistent with our own missions and mandates. I think it's fair for market participants to expect, particularly as our markets become more interconnected, that there be a base level of consistency in the way that those regulations play out.
Q: For a company or individual that has become the focus of an investigation, historically the agency has tried to make the penalties make sense across different case sets. Do you still anticipate the highest penalties for egregious offenses like fraud and manipulation?
A: That's a really good question because it's a hard one. My answer on that is a little unsatisfying in that it depends. As a general matter, all else equal, if you've got everything else the same in one case that involves fraud and manipulation and the other case has something else that doesn't involve fraud or manipulation, yes it's fair to say the penalty would be higher for the case that involves fraud or manipulation. But that's not to say that every fraud or manipulation case would have a higher penalty than every case that doesn't involve fraud or manipulation.
There are lots of ways, for example, that market integrity can be put at risk without fraud or manipulation. If you look at the factors that we take into account, those factors that would lead a fraud or manipulation penalty to be substantially higher are included and are certainly ones that would be driving part of the analysis. But if there were, looking at the gravity of the violation, factors in a non-fraud case, if there were significant efforts to conceal the violation, where there was some significant harm to market integrity or risk of harm to market integrity, or where we knew that the violations were known up the chain of command and that nothing was done about it or to remedy it, then all of a sudden you start to have some factors that make you think, well, Ok, this is pretty significant in terms of the gravity of the violation.
Q: Do you think it is possible for no penalty at all to be assessed under the right circumstances around a violation? Is that something you can envision?
A: Yes, it is a possibility. We had one case in the last year or so in which based on a self-report, cooperation, and remediation, we issued a public declination letter to the entity and we charged the individual. And so that is a possibility.
We've been pretty clear in our various guidances on self-reporting that this would be true as to a civil monetary penalty, but even if there is a self-report and the civil monetary penalty were to be zero, we would still require full disgorgement and remediation. You can't engage in some kind of conduct to make $10 million and self-report it to the regulator and keep the $10 million. You've got to give that back and make any victims whole. But yes, it is a possibility that based on self-reporting, cooperation, and remediation there could be a zero CMP. But I expect it to be rare.
Q: What if firms conduct their own internal investigations into an issue? Would CFTC staff get involved?
A: That's another really good question and a timely one, considering Judge McMahon's decision about a year ago in the Connolly and Black cases that dealt with these issues.
[Editor's note: In May 2019, Chief Judge Colleen McMahon of the US District Court for the Southern District of New York issued a ruling in United States v. Connolly holding that the Justice Department, the CFTC and other government agencies had effectively outsourced their investigation of potential Libor manipulation at an investment bank to the bank and its external counsel, raising the question of whether evidence collected as a result of an internal investigation could be excluded.]
Our cooperation guidance notes that a company's internal investigation and any useful facts that are gathered from that investigation and are shared with enforcement can be considered in determining cooperation credit. But at all points, the decision whether to conduct an internal investigation and how to conduct it―those are questions for the company.
We want to make sure that we are not in any way directing the company to serve as part of our enforcement effort. There are Fifth Amendment issues, which are the ones that Judge McMahon focused on in the Connolly and Black cases, but even beyond that there are other issues that can arise if we're actually directing companies to conduct their internal investigations. We're pretty careful not to instruct companies as to what specifically they need to do, whether it's to do an internal investigation in the first instance or not to do an internal investigation, or to speak to this person and ask them these questions or don't ever speak to this person.
There are instances where an internal investigation is happening and we're conducting our own investigation, and we may seek to de-conflict. So we may say, here are the three people who we'd like to talk to in the very near term, and then we may ask the company to stage their investigation to make sure that there's coordination, so we're not both asking to talk to the people at the same time or on the same day. But we're careful not to direct companies in a way that would risk making them an arm of the enforcement team, which would present a whole host of issues.
Q: Is there also cooperation credit given to a firm that self-reports to a self-regulatory organization, even without a robust dialogue directly with the CFTC?
A: This is an area where we've drawn a pretty bright line. The self-report has to be to us. If you self-report to an SRO, you should expect that we're going to be working together and you should expect that we're going to be moving in parallel. But we are different entities. And to self-report to an SRO is not the same as a self-report to us.
Now, if you self-report to the SRO and then fully cooperate with the SRO and fully cooperate with us once we get involved, then you're going to get cooperation credit. I'm not sure that I would advise as a strategy to report to the SRO and not report to the CFTC because I think we're going to find out about it anyway, and why not report to us at the same time and make sure that you get the self-reporting credit.
Q: Stepping back from the discussion on penalty guidance, can you talk about the general trends in cases that you're seeing, and in particular, whether you're seeing increased attention on failures to supervise?
A: In general, the trends that we're seeing are the same as the trends that we outlined in our last couple annual reports at the end of the fiscal year. I expect that our annual report at the end of this fiscal year will reflect many of the same trends and the same priorities. I think that is in general a good thing -- you don't want an enforcement program that is shifting priorities drastically year-over-year. You want consistency in the enforcement program. We all know that enforcement matters take time, and you can't have an effective program if you're constantly whipping back and forth between different priorities or chasing potentially new or different trends.
That said, the biggest takeaway might be how active our docket is. We've got a lot of significant investigations under way and a lot of significant ongoing litigations, as well as significant enforcement actions that we've recently filed. For an agency like ours, when you look at the number of staff we have and you look at how hard they're working, I think that is really one of the big takeaways―just how active our docket is. That’s really a testament to the hard work and commitment of our enforcement staff.
One trend in the past several years is that we’ve brought more cases involving manipulation, spoofing and trade-related misconduct. Another is the way we're using data, and I think this ties into the increase in the manipulation and trading practice cases. We have significantly advanced our ability to ingest, use and analyze data, and to use this ability both in bringing actions and getting leads that would lead to additional investigative steps that would produce additional enforcement actions. Yet another trend is the increase in parallel activity with the Department of Justice, and increased coordination with other regulators, which we’ve discussed. And a final trend might be the continued growth of our whistleblower office. We're less than a decade into the whistleblower office and you’ve seen consistent growth over that time. I think that's going to continue to be a growing part of our program.
You also asked about supervision. I think another trend you’re seeing in our actions is a continued and increased emphasis on compliance and remediation. If the whole point here is to try and prevent misconduct from happening in the first place, well, one way to do it is to make sure that at the end of an enforcement action or at the end of the process, we know the issue has actually been fixed, and we know that the company has remedied any issues within its own compliance program, and that it has all the tools set up to conduct its own monitoring in the first instance.
Specifically as to our activity in supervision cases, I don't know whether the percentage of cases that involve supervision has increased. I just don't have the percentages in front of me. But I will say that failure to supervise is not just added onto trading violations cases. It's a separate charge that we're thinking separately about, and we're conducting a separate inquiry. The question we're asking is, what supervisory duty did the registrant have that it didn't satisfy. Staff knows that when we're talking about this, the question I will always come back with is, what exactly was the duty that the registrant was required to carry out. It's only where one of those duties has been breached that we're bringing a failure to supervise case.
There are a number of pretty significant trade violation cases that we've brought over the past couple years that didn't include supervision. Merrill Lynch is one. Morgan Stanley is one. HSBC is one. Those were all spoofing cases, but in each of them we brought the spoofing case but not the supervision case. I just don't know right now about the percentages but I would resist the idea that every trade violation case has a supervision violation. It's something we're thinking about separately.
Q: In your time at the CFTC, have you actually seen a deterrent effect where there has been a reduction in bad behaviors?
A: I hope so. It's a little difficult to tell where I sit because I am typically involved only when things have gone wrong. But we have seen an uptick in self-reports. We've seen specific areas of improvement in compliance programs and remediation. I'm not sure that I'm in a spot where I can say the market is X percent better or these corners of the market are Y percent better, but I will say anecdotally we have seen positive turns at specific companies and specific entities and market participants. We've seen it in some of the specific ways that they've tried to instill a real culture of compliance and some of the ways they've structured their business and in the personnel they've brought in. They've really showed a commitment to making sure they get it right.