CFTC announces new enforcement guidance
On October 17, 2023, CFTC Director of Enforcement Ian McGinley signaled a more aggressive approach by the agency in new enforcement guidance addressing penalties, admissions, the imposition of monitors, and the use of consultants. Statements by Chair Benham and Commissioner Goldsmith Romero make it clear that at least some commissioners are supportive of this new direction, which is critical, as all enforcement actions and settlements must be approved at the commission level.
On October 17, 2023, during a speech sponsored by NYU Law School’s Program on Corporate Compliance and Enforcement, Commodity Futures Trading Commission (CFTC) Director of Enforcement Ian McGinley sought to “dispel [the] myth” that the Commodity Futures Trading Commission (CFTC) was “friendly” when it comes to enforcement. Director McGinley cited to the CFTC’s “incredible return on investment” when comparing the amount of penalties recovered through enforcements against the CFTC’s overall budget, as well as the Enforcement Division’s harsher approach in recent actions. Specifically, Director McGinley pointed to increased penalties, the imposition of independent compliance monitors and consultants, and the requirement that resolving companies admit to allegations of wrongdoing in certain circumstances (as compared to neither admitting nor denying the allegations), all three of which are the focus of the new guidance. The new guidance signals a more aggressive approach by the CFTC moving forward, but also provides some insights into how companies can put themselves in a better position to avoid the harshest outcomes. As an initial matter, and as always, we continue to believe that increased transparency by regulators and other government officials as to their enforcement policies is a positive step, and at least in that respect, Director McGinley’s remarks are a positive development.
The new guidance
Although the new guidance cites to existing enforcement criteria for determining the appropriate penalty amount, it warns that the CFTC is “recalibrating how it is assessing proposed [penalties] to…achieve general and specific deterrence, which may result in the Division recommending higher penalties in resolutions than may have been imposed in similar cases previously.” According to the guidance, “[i]f penalties are not sufficiently high, entities may choose to continue to behave unlawfully, viewing penalties as a cost of doing business.” On the flip side, the guidance asserts that imposing higher penalties will “empower compliance professionals at entities to make the business case to senior management for the resources they need to do their jobs effectively,” while at the same time encouraging companies to cooperate with the CFTC’s investigations because cooperation can reduce the size of the ultimate penalty.
The CFTC highlighted that going forward, the Commission will consider whether the company is a “recidivist,” citing to similar recent guidance from the U.S. Department of Justice (DOJ). The guidance defines recidivism as “repeated violations of law by the same person or institution,” and stressed that this would be an aggravating factor that would weigh in favor of a higher penalty and the imposition of a compliance monitor or consultant. Director McGinley did recognize that the determination of recidivism in a regulated area, such as the commodities markets, is “complex” due to increased “touch points” with regulators. Accordingly, and consistent with DOJ’s recent guidance, the CFTC will consider the following factors in determining the impact of a company’s prior misconduct on the ultimate outcome in a given case:
- The overlapping nature of the prior and current enforcement actions, including whether they involve the same types of violations and result from the same root cause;
- The amount of time between violations, with more recent prior misconduct weighing more heavily in favor of a harsher resolution;
- Whether overlapping management was involved in both the prior and current violations;
- The pervasiveness of the new misconduct that persists over time, as compared to de minimis misconduct that is quickly identified and remediated; and
- Whether the company engaged in “robust” and “effective” remediation following the prior misconduct.
While the CFTC’s penalty authority is broad and is governed by statute, the Staff has substantial discretion in setting the penalty and penalties have been large and increasing in recent years.
The new guidance also signaled an increase in the imposition of independent compliance monitors and consultants. The guidance distinguishes between monitors and consultants, explaining that:
Monitors: According to the guidance, a monitor will likely be imposed “where the pervasiveness and/or severity of the misconduct and/or the absence of effective controls is such that the Division lacks confidence that the entity will remediate its misconduct without the assistance of a neutral third party and oversight.” Monitors must be approved by the CFTC and will be responsible for testing the company’s policies, procedures, and controls, making recommendations, and testing the company’s implementation of the recommendations and compliance enhancements. The monitor will provide reports to the CFTC and will ultimately be required to certify as to the company’s completion of remediation. The company will need to explain to the CFTC why it has not adopted any particular recommendation of a monitor.
Consultants: A consultant, on the other hand, will be imposed in circumstances where the CFTC is persuaded that the company needs assistance from a neutral third party to “advise” on its remediation but “can otherwise remediate its misconduct without oversight.” A consultant will perform a similar substantive role as a monitor, but will not be required to (1) be approved by the CFTC, (2) provide reports to the CFTC, or (3) certify as to the company’s remediation, though the company itself will be required to provide reports to the CFTC on its implementation of compliance enhancements and will need to certify to the completion of remediation.
Finally, the guidance notes that “respondents should no longer assume that no-admit, no-deny resolutions are the default,” and outlines the following factors that weigh in favor of a requirement that a company admit to allegations of misconduct:
- Whether the respondent is entering into a parallel criminal resolution where the respondent admits—through a guilty plea or otherwise—the underlying misconduct;
- Whether the evidence uncovered during the investigation conclusively establishes the misconduct (for example, where the respondent admitted to the misconduct in testimony or documentary evidence);
- Whether the company is seeking cooperation credit (because admitting the underlying misconduct is a factor the Division may consider when assessing the extent of a company’s cooperation); and
- Whether the offense is a strict liability offense in clear violation of the law.
Conversely, the guidance provides as factors counseling against the requirement of admissions whether there is a “realistic risk of criminal exposure uniquely arising from the act of admitting the misconduct” that could “jeopardize the [company’s] ability to legitimately defend against the criminal case,” and whether there is a legitimate factual dispute where the Division is persuaded it faces significant litigation risk establishing the fact at trial.
For reference, the U.S. Securities and Exchange Commission (SEC) began seeking admissions in 2013 with the stated goal of heightening public accountability and acceptance of responsibility. The use of admissions has fluctuated under different administrations, but they are generally used in a small percentage of cases. In October 2021, the SEC announced its plan to require admissions in certain matters, revitalizing and adopting many of the factors considered under its 2013 approach.
The clear import of Director McGinley’s speech and the new guidance is that the CFTC intends to take a harsher approach to enforcement more broadly. There appears to be little focus on the “carrot” and an emphasis instead on the “stick.” As with any new guidance, it will of course be important to see how it plays out in practice, as resolutions will provide insights into how companies can achieve more favorable results.
For now, however, the guidance emphasizes the importance of a strong compliance program when time comes to advocate for a reduced penalty and either no or a limited scope monitor or compliance consultant. Given that many companies will face repeated scrutiny due to the highly technical and regulated nature of this area, thoroughly remediating prior misconduct and demonstrating to the CFTC that the company has an effective compliance program will be significant factors in determining the outcome of an investigation, including whether the company will be treated as a recidivist.
Also of note, the criteria for determining whether to require a company to admit misconduct appears to focus on the impact the admissions would have on the company as well as the difficulty the CFTC would have in meeting its burden of proof at trial, rather than on the nature and scope of the misconduct and its corresponding impact. As a result, companies facing scrutiny by the CFTC should also examine closely the collateral consequences of admissions, and evaluate whether they can argue that admitting to misconduct would pose a risk of criminal exposure, and whether there are questions of fact or law that create litigation risk were the CFTC to proceed to trial.