Jan 18, 2019 In December of 2018, the National Futures Association (“NFA”) released an interpretive notice under Compliance Rule 2-9 titled: Commodity Pool Operator (“CPO”) Internal Controls Systems. Among other things, the notice requires Commodity Futures Trading Commission (“CFTC”) registered Commodity Pool Operators (“CPO”) to implement adequate internal controls systems. Although there has always been an expectation that CPOs would have such systems in place, this NFA notice makes it an official requirement. For the benefit of Fund Managers, Turnkey Trading Partners has summarized the new requirements below. CPO Internal Controls Systems Required NFA now requires fund managers to implement internal controls systems as well as written policies and procedures detailing those systems. Internal control systems must be designed to deter fraudulent activity by employees, management, and third parties. They also must address the safety of customer funds and provide a reasonable assurance that the books and records of commodity pools are both current and accurate. The goals of the new obligations are obvious. Firstly, to protect customer assets by deterring fraud. Secondly, to create a strong framework of compliance at CPOs related to the handling and recording of fund assets, while ensuring that the financial reports of listed funds are accurate. Many fund managers likely had internal control in place prior to this notice, however the adequacy of such systems should be evaluated against NFAs guidance and formalized requirements. Minimum Considerations According to NFA’s notice, adequate internal control systems must include at least the following: Written policies and procedures must be created explaining the internal controls framework and supervisory system at a firm. These policies must be reasonably designed to ensure operations remain in compliance with applicable NFA rules and CFTC regulations. NFA has also suggested that management consider harmonizing and closely integrating the company’s Information Systems Security Program (“ISSP”) with its internal controls supervisory programs where both reasonable and applicable. Incorporate mechanisms designed to ensure that no employee can circumvent the internal controls systems in place. An escalation policy also needs to be created for employees to report to senior management any attempt to improperly override such systems. The escalation policy, at a minimum, must address whether and when to report such malfeasance to applicable authorities, including regulators like NFA. The policy should also include disciplinary considerations for those that do not follow the internal controls program or do not adhere to the escalation policy. Record keeping considerations; CPOs must maintain records that support the implementation and effectiveness of internal controls, reviews of such controls, and information regarding identified deficiencies. Separation of duties; to the extent possible, individuals at the firm who directly handle pool funds, trade execution, financial records and reporting, and/or trade risk management should be different from the supervisors of these areas. In instances where this is not possible, automated controls or other sufficient processes should be adopted to deter malfeasance. Areas in which separation of duties must be considered would be: Tasks related to the handling and recording of both fund and company transactions should be assigned to different employees. Alternatively, appropriate automated controls should be put in place to create checks and balances related to the handling and recording of both company and customer assets. Operational functions related to custody of pool assets should be separate from financial reporting and trading functions. Pool cash activity (subscriptions, transfers, redemptions etc.) should require different people be responsible for initiating a transaction, approving the transaction, recording the transaction, and reconciling the activity with outside third-party documentation. A specific internal controls risk assessment program and process for evaluating the program must be established. This program must include, at a minimum, means to identify, control, and monitor the efficacy of a firm’s overall internal controls systems. The firm should periodically review the overall internal controls systems for reasonableness and document the review process. The minimum components of the risk assessment program are included below. Risk Assessment of Internal Controls Systems According to NFA’s notice, the following areas must be evaluated with respect to a CPOs internal controls risk assessment program within the firm’s policies and procedures: Pool subscriptions, redemptions and transfers Verification that pool investments are properly titled and not commingled Reconciliations performed periodically between pool’s GL, banks, and third-party depositories Authorization of redemptions: must verify requests have been made by participant, that adequate funds are available, that proper NAV has been calculated, that adequate funds can be released, and ensure timely payment to participant has been made. Verification that transactions do not violate NFA rule 2-45 (prohibition of loans between pool, CPO, it’s various registrants, and affiliates) Risk Management and Investment and Valuation of Pool Funds Firm principals must play a direct role in assessing and monitoring risk Approval of investments – are positions authorized and consistent with strategy? Verification that the CPO is valuing investments according to its policies. Complete initial and ongoing due diligence of counterparties and third-party depositories (reputation, trading strategy, past performance, regulatory actions etc.) Ongoing monitoring of risk associated with investments held at third parties including market and credit risk Ongoing monitoring of pool liquidity – redemption requests, margin calls, other financial obligations Use of Administrators and other Third Parties Each CPO must perform adequate due diligence of its third-party administrator Initial and ongoing due diligence on the administrator – cost, reputation, expertise, timeliness of work and attention to detail, responsiveness, work history, technological tools, income tax expertise, cyber security system. Documentation must be maintained. CPO should consider whether keeping its own independent records (shadow accounting) is necessary as a control against its administrator’s work. If no shadow accounting is utilized, then CPOs should ensure financial records match administrator records on a regular basis. Consider periodic reconciliation of internal records with records of banks, carrying brokers and other third parties to ensure accuracy. Next Steps Many member fund managers had internal control systems in place prior to NFA’s notice. These systems now must be formalized, and meet the criteria set forth by NFA in writing. When evaluating existing control systems, it is important to remember that adequate controls should be tailored to each firm’s unique business. That means controls and systems may vary depending on the size and complexity of firm operations. For those funds regulated in other jurisdictions with similar requirements, it’s entirely possible current company obligations may be sufficient. It is critical however, that fund managers take inventory of existing systems and ensure they are adequate relative to NFA’s new obligations. Should your firm require assistance with this new regulatory requirement, contact a compliance consulting firm such as Turnkey Trading Partners today. About Turnkey Trading Partners Turnkey Trading Partners provides customized support to the brokerage and trading industry. We can assist Commodity Trading Advisors (“CTA”), Commodity Pool Operators (“CPO”), Introducing Brokers (“IB”), and Futures Commission Merchant’s (“FCM”) working within the alternative investments space. We can also assist Registered Investment Advisors (“RIAs”) and Broker Dealers (“BDs”) within the traditional equities marketplace. Our team is well versed in both operational and regulatory matters relating to commodity futures, equities, bonds, options, swaps, forex, cash and physical trading, as well as several other specialized OTC financial markets transaction types. Our central office is downtown Chicago, the alternatives trading capital of, and one of the biggest equity markets in the United States. We also have an office located in Ft. Lauderdale, Florida one of the fastest growing trading communities in the country. Contact us today via phone at (312) 324-0040 or email email@example.com.