NFA Amends Guidance on Information Systems Security Programs and Proposes New Guidance on Internal Controls Systems for CPOs

NFA Amends Guidance on Information Systems Security Programs and Proposes New Guidance on Internal Controls Systems for CPOs


By: David S. Mitchell, William J. Breslin, Scott I. Golden

By letter dated December 4, 2018, the National Futures Association (“NFA”) submitted to the Commodity Futures Trading Commission (“CFTC”) proposed amendments to its interpretive notice NFA Compliance Rules 2-9, 2-36 and 2-49: Information Systems Security Programs (the “Amendments”).  Shortly afterward, on December 10, 2018, NFA submitted to the CFTC a proposed interpretive notice entitled NFA Compliance Rule 2-9: CPO Internal Controls Systems (the “Interpretive Notice”).  Together, the Amendments and the Interpretive Notice would impose certain new requirements and provide clarification for NFA members in relation to their information systems security programs (“ISSPs”), as well as new requirements for CPO members to establish internal controls systems designed to deter fraudulent activity.  The Amendments will become effective on April 1, 2019.  The Interpretive Notice is also expected to become effective on April 1, 2019.

Additional Information
publications-detail.inc