All organization category members of the National Futures Association will be required to adopt and enforce written policies regarding cybersecurity by March 1, 2016. This follows the recent approval of NFA’s Interpretive Notice on Information Systems Security Programs by the Commodity Futures Trading Commission. The relevant membership categories include futures commission merchants, forex dealer members, swap dealers, major swap participants, introducing brokers, commodity trading advisors and commodity pool operators. Although NFA makes clear that its “policy is not to establish specific technology requirements,” it will require all relevant members to have supervisory procedures that are “reasonably designed to diligently supervise the risks of unauthorized access to or attack of their information technology systems, and to respond appropriately should unauthorized access or attack occur.” NFA expects, however, that firms’ supervisory systems will likely be different from one another “given the differences in the type, size and complexity of [m]embers’ businesses.”