X-Change Financial Access LLC, a futures commission merchant registered with the Commodity Futures Trading Commission and a member of the National Futures Association, agreed to withdraw its FCM registration and operate solely as an introducing broker, to settle charges brought by the NFA that it failed to maintain an adequate risk management program, in violation of the applicable CFTC rule. (Click here to access CFTC Rule 1.11 and here to access NFA Rule 2-26, which incorporates CFTC Rule 1.11 by reference.) According to NFA, beginning in April 2013, NFA recommended to XFA that it enhance its risk monitoring of its customers to anticipate its potential exposure in the event of an extreme market move. From then through 2015, claimed NFA, the firm proposed various measures to improve its risk monitoring as well as adopted procedures to better protect itself from higher-risk accounts. However, according to NFA, the firm never uniformly implemented or consistently followed its proposed or written procedures. Following this failure, in August 2015, XFA had large margin calls that exceeded the firm’s segregated funds, and necessitated the firm to obtain loans and capital infusions from its principals. The NFA claimed that George Stafford, the firm’s chief compliance officer and risk manager “indicated that XFA was not monitoring” three accounts that accounted for a significant portion of the large margin calls. The three accounts currently owe $1.1 million to XFA. To resolve this matter, XFA also agreed to pay a fine to NFA of US $75,000. NFA additionally charged Peter Scheffler, XFA’s co-CEO and Mr. Stafford in connection with this matter; however, they did not incur any personal sanctions as part of the settlement.
Compliance Weeds: Under the applicable Commodity Futures Trading Commission regulation, a futures commission merchant that carries customer accounts must implement, maintain and enforce risk management policies and procedures designed (not just reasonably designed) to monitor and manage the risks associated with its business. Among other things, the risk program of an impacted FCM must address certain elements: identification of risks that the FCM routinely confronts, including risks posed by affiliates, and risk tolerance limits; periodic risk exposure reports; and certain specific risks—segregation risk, operational risk and capital risk. There must be a risk management unit reporting directly to senior management “with specific authority; qualified personnel; and financial, operational and other resources to carry out the FCM’s risk management program.” The risk management unit must provide senior management and the FCM’s governing body with a quarterly written report describing all applicable risk exposures; recommended or completed changes to the risk program; and incomplete implementation of previously recommended changes. These reports must also be issued “immediately upon detection of any material change” in the FCM’s risk exposure. All risk exposure reports must be provided to the CFTC within five business days of giving such reports to senior management. Finally, risk tolerance levels must also be reviewed and approved quarterly by senior management and annually by the FCM’s governing body.