In a recent speech, CFTC Chair Tim Massad laid out the agency’s priorities. Massad highlighted the CFTC’s work to finish the remaining rulemakings required by Dodd-Frank, including those related on position limits. The CFTC originally issued final position limit rules in October 2011, but the rules were vacated following a challenge brought by the International Swaps and Derivatives Association and SIFMA that the CFTC had not made a finding that the limits were “necessary” as required by the Commodities and Exchange Act. In lieu of appealing the decision, the CFTC proposed new rules in November 2013. Massad highlighted the “substantial public input” on the re-proposal and noted that the CFTC “appreciate[s] the importance and complexity of these issues, and we intend to take the time necessary to get it right.” He noted that the CFTC “will have more to say about issues related to position limits in the coming months.”
Massad suggested that the recent increase in electronic trading has brought many benefits, but also has raised “important policy questions, and it has fundamentally changed how we execute our responsibilities.” He worried about the possibility for fat-finger errors wreaking havoc on markets, the fairness to non-algorithmic traders, and the effect on liquidity. He suggested that the CFTC would likely issue this fall “some additional proposals to make sure there are adequate risk controls at all levels, and to minimize the chance that algorithmic trading can cause disruptions or result in unfairness.”
Next, Massad turned to the importance of strengthening the resiliency of financial markets to cyberattacks and failures of technology. He suggested that “the interconnectedness of our financial institutions and markets means that a failure in one institution can have significant repercussions throughout the system.” To address these issues, Massad highlighted existing regulations and examinations, as well as a new proposal likely to be issued in the fall to make sure that infrastructure providers “are doing adequate evaluation of these risks and testing of their own cybersecurity and operational risk protections.”