On May 20, 2024, National Futures Association (“NFA”) released Notice to Members I-24-10. Within the notice NFA advanced a significant change to how all Members must file certain filings with the regulator. The change will create a great deal of frustration and inefficiency throughout the industry.

What is this change?

NFA Compliance Rule 2-52 sets forth specific requirements regarding who at the firm must review and submit the firm’s Annual Member Questionnaire and any updates thereto. Historically Commodity Futures Trading Commission (“CFTC”) Registrants could designate a Security Manager to navigate NFA’s Online Registration System (“ORS”) and make certain filings. Security Managers are not required to be registered associated persons (“APs”) nor are they required to be listed firm Principals. Individuals established as a Security Manager have historically been permitted to file a wide range of reports, notices, and responses with NFA.

Starting October 15, 2024, to ensure that the individual reviewing and submitting a firm’s NFA Member Questionnaire is sufficiently knowledgeable about a Member’s business operations, NFA is adjusting Compliance Rule 2-52 to require that:

  • For Members solely registered as a swap dealer (“SD”), an individual that is a principal review and submit the Questionnaire; and
  • For Futures Commission Merchants (“FCM”), Introducing Brokers (“IB”), Commodity Pool Operator (“CPO”), and Commodity Trading Advisor (“CTA”) registrants, an individual that is both a registered associated person (AP) and a listed principal to review and submit the Questionnaire.

How Filings Are Made in Practice

It has been common practice for registrants to name whomever they see best fit as a Security Manager. This has allowed smaller to medium sized businesses to outsource this role to legal counsel, certified public accountants, or professional consulting firms like Turnkey Trading Partners. For larger firms it has allowed for entire departments to be put in place whereby individuals can update and maintain a firm’s ORS profile accordingly. NFA’s effort to require an AP/Principal to file annual member questionnaire updates is misguided and highly inefficient in this regard.

Larger organizations (think major banks and financial institutions) do not have individuals at the firm who can be knowledgeable about all areas of the business. Smaller organizations, due to cost and scale constraints, are often forced to outsource operational, accounting, legal, and compliance functions and can’t practically be knowledgeable in all areas. Under current rules and regulations, firm AP/Principals are ultimately responsible for a registrant’s activities. Should these individuals inappropriately identify a Security Manager they can and already are being held responsible for filing inaccuracies. This change will leave many firms clueless about how to navigate NFA’s archaic Online Registration System and struggling to timely file routine information with the regulator.

The Impact on Your Firm

In preparation for the October 15, 2024, effective date, NFA is encouraging Members to identify the AP and/or principal who will review and submit Questionnaires on the firm’s behalf. Although NFA has stated anyone who is knowledgeable about the firm’s operations may continue to answer questions on the Questionnaire, an AP and/or principal must review and submit the Questionnaire. This is where the nightmare begins.

Named individuals responsible for submitting the Questionnaire must be properly set up as Security Managers. NFA is stating that sometime later this summer a new filing access permission will be added to ORS. These individuals are going to be required to be given this filing access permission to validate their AP/Principal status. For some firms this will be the first time the named AP/Principal will have ever spent time navigating NFA’s ORS system. These individuals will have no understanding of NFA’s labyrinth of menus and poorly designed user interfaces. They will have no experience using NFA’s often broken multi-factor authentication system which requires email or text pin verification to access. Worse they will likely have incomplete knowledge about the information being input into the questionnaire – which is the whole point of the exercise in the first place.


A large number of NFA member firms work with third party service providers (“TPSP”) to assist with NFA system activities. Legal counsel, certified public accountants, and professional consulting firms must be vetted according to required NFA TPSP vendor management policies. AP/Principals are already responsible for registrant activities under existing rules and regulations. Firms working with a third party to utilize ORS should be prepared to be incredibly frustrated. To continue working with these service providers as Security Managers an extra step must be implemented when filing annual questionnaire information with NFA.

After the service provider assists with the input of all required company information, they will be required to logout of the NFA system. They then will have to contact their client, notify the appropriate Security Manager the filing is prepared, and indicate that this individual must submit the filing in a timely fashion. That individual will then have to navigate NFA’s multi-factor authentication process, identify where in the NFA system the filing was set up, review the filing, and ultimately make the submission. For many senior executives and small business owners this extra step will be a relatively significant change.