On November 4, 2016, the Commodity Futures Trading Commission (CFTC) approved a supplemental proposal (Supplemental Proposal) to amend a previously proposed regulation known as Regulation Automated Trading (Reg AT).1 The Supplemental Proposal makes certain limited but key modifications to proposed Reg AT. While we expect further revisions to proposed Reg AT to follow the change of administrations in January 2017, the opportunity to consider and comment on the current proposal will be important to the ongoing evolution and ultimate form of this ground-breaking regulation.

The Supplemental Proposal aims to set conditions for the CFTC to request algorithmic trading source code; to reduce the number of persons potentially subject to Reg AT's registration requirement and associated duties; to limit potential overlap in market participants' responsibilities for pre-trade risk controls; to establish a means by which so-called "AT Persons" using third-party-developed algorithmic trading systems can meet their regulatory requirements; and to refine the proposed reporting obligations of AT Persons.

Initial Proposal, Comments and Roundtable

Proposed Reg AT broadly seeks to address algorithmic commodities trading, which began as a market practice when commodity futures and options exchanges transitioned from open-outcry "pits" to various electronic platforms. It seeks to do so principally by:

  1. requiring the registration of entities engaged in algorithmic trading of commodity interests2 using direct electronic access to a designated contract market (DCM);3 and
  2. standardizing pre-trade risk controls and adopting trade reporting and other transparency measures, as well as other safeguards to protect market participants.

The proposed regulation would impose responsibilities on three types of market participants: algorithmic traders and other commodity trading principals using direct electronic access to DCMs (primarily those registered with the CFTC as "AT Persons" as described below); futures commission merchants (FCMs) and DCMs.

Reg AT as initially proposed in November 2015 generated robust commentary4 from market participants, which was one of the factors that led the CFTC to hold a June 2016 roundtable focused on certain issues raised by the proposal and to invite additional comments on those issues. The additional issues raised at the roundtable included:

  • the definitions of "AT Person" and "Direct Electronic Access";
  • the appropriate entities on which to impose pre-trade risk controls;
  • the CFTC's ability to obtain proprietary source code from market participants; and
  • compliance with Reg AT by AT Persons that use third-party algorithms or systems.

Collection of Proprietary Source Code: Proposed Regulation 1.84

By far, the most controversial aspect of proposed Reg AT was how the CFTC proposed to deal with proprietary source code5 used in electronic commodity trading. Reg AT as originally proposed would have required each AT Person to keep records of its source code in a repository and to make that code available to CFTC staff upon request. This proposal led to widespread protest that valuable proprietary information would be too easily obtained by the CFTC staff and thereby made vulnerable to inadvertent disclosure and theft, for example, by hacking of the source code repository or of computer systems of either parties having access to the repository, or the CFTC itself.

The Supplemental Proposal removes the proposed requirement that source code be maintained in a repository. Moreover, the CFTC staff would only be able to require disclosure of confidential source code with approval from the Commission itself through issuance of either a subpoena or a "special call."

During the CFTC's open meeting to approve the Supplemental Proposal, CFTC Commissioners expressed divergent opinions with regard to the provisions for collecting source code. Chairman Massad, who voted in favor of the Supplemental Proposal, explained that the special call procedure would simply enable the CFTC to collect the same type of data from algorithmic traders as it can already review from "traders at human speed." On the other hand, in voting against issuance of the Supplemental Proposal, Commissioner Giancarlo expressed concern that collecting source code information through the special call procedure, rather then by subpoena, would be tantamount to an unconstitutional taking of property without due process of law and that other governmental agencies (and non-U.S. governmental authorities) would follow the CFTC's lead in this regard. These concerns have added importance now that Commissioner Giancarlo is reported to be a leading contender to replace Chairman Massad as chairman of the CFTC in 2017. The proposed compromise over Reg AT's source code collection provisions is unlikely to calm industry concerns and may be the provision most likely to face further substantial revision following the change in administration in 2017.

The Volume Threshold for Qualifying as an AT Person and Definitions of Direct Electronic Access and Electronic Trading: Proposed Regulations 1.3(x), 1.3(xxxx) and 1.3(yyyy)

Reg AT seeks to impose regulatory responsibilities on each AT Person. As originally proposed, the term "AT Person" would include certain existing CFTC registrants (i.e., FCMs, floor brokers, swap dealers, major swap participants, commodity pool operators, commodity trading advisors and introducing brokers) that are engaged in algorithmic trading of commodity interests, as well as persons not otherwise registered with the CFTC who are engaged in algorithmic trading via direct electronic access. This second group would be required to register with the CFTC as floor traders—so-called "New Floor Traders" under the Supplemental Proposal.

The Supplemental Proposal adds a quantitative trading threshold to the criteria for registration as a floor trader and regulation as an AT Person. This so-called "Volume Threshold" would exclude from CFTC floor trader registration and associated duties those traders who trade in an aggregate average daily volume, across all products and all DCMs, of less than 20,000 contracts over any six-month period from January 1 through June 30 or from July 1 through December 31 in any year. Under the Supplemental Proposal, algorithmic traders that are already registered with the CFTC also would be considered AT Persons only if they met the Volume Threshold test.

In determining whether a trader exceeds the Volume Threshold, the trader must aggregate contracts conducted by all entities controlled by the trader.6 The Supplemental Proposal contains an anti-evasion provision intended to prevent persons from trading through multiple vehicles in an effort to avoid having to register as and becoming subject to the duties of an AT Person. This provision could result in difficult distinctions needing to be made between the legitimate and illegitimate use of multiple vehicles. In addition, persons who do not exceed the Volume Threshold for two consecutive
semi-annual periods would no longer be considered AT Persons and could withdraw from registration as floor traders if they registered as such solely because of their above threshold trading under the Supplemental Proposal.

The Supplemental Proposal also sets out a new, broader definition of "direct electronic access." Under the Supplemental Proposal, the only orders not included in the definition are those electronically transmitted to a DCM by an FCM, where the FCM has received the order from an unaffiliated natural person by means of oral or written communication. Importantly, the term "electronic trading," as defined in the Supplemental Proposal would capture a broader category of trading than "algorithmic trading" and thus a broader category of trading would be covered by the requirement for pre-trade risk controls under the Supplemental Proposal.7

While the CFTC originally estimated that there would be approximately 420 AT Persons, including 100 New Floor Traders, the CFTC estimates in the Supplemental Proposal that the Volume Threshold will reduce the number of potential AT Persons to 120 – 70 current registrants and 50 New Floor Trader registrants.

Reg AT's Risk Control Framework: Proposed Regulations 1.80, 1.82 and 40.20

In its original Reg AT proposal, the CFTC sought to impose certain pre-trade risk controls with respect to algorithmic trading by AT Persons, clearing FCMs and DCMs. These controls were intended to mitigate the risk of unusual trading events or market disruptions. A number of commenters argued that requiring three levels of controls would be both redundant and costly, and expressed divergent opinions on where responsibilities for various aspects of pre-trade controls should be imposed.

In response, the Supplemental Proposal would require that pre-trade risk and other controls be implemented at only two levels, and shifts responsibility at the FCM level from the clearing FCM to the executing FCM. Under the Supplemental Proposal, AT Persons would be required to adopt and implement pre-trade risk controls "reasonably designed" to mitigate potential risks, but they may delegate this responsibility to an executing FCM with the FCM's consent. In addition, executing FCMs would be required to adopt and implement pre-trade risk controls with respect to all electronic trading not originating from AT Persons. Under the Supplemental Proposal, DCMs would be required to adopt and implement pre-trade risk controls with respect to all electronic trading.

Under the Supplemental Proposal, pre-trade risk controls would also be required to be set at a level of granularity appropriate to the AT Person, executing FCM or DCM. The CFTC explained that "appropriate" means such level or levels of granularity as are technologically feasible and reasonably effective at preventing and reducing the potential risk of a trading disruption.

The Supplemental Proposal importantly leaves undefined (but explicitly subject to further consideration by the CFTC) the terms "Algorithmic Trading," "Algorithmic Trading Compliance Issue," "Algorithmic Trading Disruption" and "Algorithmic Trading Event."

Use of Third-Party Algorithms: Proposed Regulation 1.85

After Reg AT was proposed, the issue of how an AT Person could meet its regulatory obligations when it was using third-party systems in connection with its automated trading arose and was addressed in various comment letters. This topic was also discussed at the CFTC's June 2016 roundtable. The Supplemental Proposal aims to reduce the burden on AT Persons that utilize third-party systems or components in complying with Reg AT. Under the Supplemental Proposal, an AT Person that does not have the necessary knowledge and information about its systems to verify compliance with certain of the pre-trade risk controls, development and testing requirements and source code production requirements of Reg AT because the AT Person uses third-party systems or components may obtain a certification from the third party attesting to the system's or component's compliance with Reg AT. To be permitted to rely on a certification from a third party, an AT Person would be required to conduct due diligence to determine reasonably the accuracy and sufficiency of the certification. Under the Supplemental Proposal, due diligence would be permitted to take many forms and although the CFTC has made certain suggestions (e.g., inspecting the third-party provider and gaining an understanding of best practices), it does not require one form over another. The AT Person would be liable for failure to comply with Reg AT, even where the AT Person has obtained a certificate from a third-party provider.

Questions left unanswered by the CFTC include whether it will be satisfied with the due diligence that can be performed by an AT Person who may not fully understand the technology being provided by a third-party provider, whether all AT Persons will be required to obtain that level of expertise, and how far the third-party provider will be expected to go in revealing its proprietary information to AT Persons that use its system or components in connection with the satisfaction of the due diligence requirement.

Annual Certification, Instead of Reporting by AT Persons: Proposed Regulation 40.22

Under Reg AT as originally proposed, FCMs and AT Persons would have been required to file annual reports with a DCM regarding their risk control frameworks. Many commentators said this requirement was unnecessary and extremely burdensome to both the filers and the reviewing DCMs. The Supplemental Proposal removes this requirement. Instead, AT Persons and executing FCMs would be required to certify compliance with Reg AT to a DCM annually. The Supplemental Proposal also requires DCMs to create a framework for periodically reviewing and evaluating AT Persons' and executing FCMs' compliance with Reg AT, and for requiring AT Person and executing FCMs to maintain books and records and to report to DCMs as needed in support of such review and evaluation.

Next Steps

Comments on the Supplemental Proposal are due no later than 60 days after the Supplemental Proposal is published in the Federal Register. The CFTC has indicated that it is seeking comment only on the provisions of Reg AT addressed by the Supplemental Proposal. It is critical for all market participants to understand and consider their comfort with the regulatory and compliance requirements that the Supplemental Proposal, as well as the remaining provisions of Reg AT as originally proposed, will impose on trading entities using algorithmic and other electronic trading technologies. With the coming change in administration and the resulting change in the leadership of the CFTC, as well as to take account of issues explicitly left open in the Supplemental Proposal to further CFTC consideration, it is inevitable that Reg AT will be further revised before it is ultimately promulgated.