FCM, FDM and IB Members: Educational resources, common deficiencies and other important regulatory information

On an ongoing basis, each NFA Member is required to update its Member Questionnaire in the event of a material change to its operations. For example, if a Member begins doing business or begins soliciting for digital asset products, the Member must immediately update its Member Questionnaire. Every firm should carefully review the Member Questionnaire to ensure it accurately reflects current business operations. This will ensure that NFA's BASIC system displays correct information about the firm's business activities and that the firm receives all applicable notices relating to its reporting requirements in a timely manner. Members should also review the Member Questionnaire templates, which include all possible and available questions in the filing.

NFA Members must annually review their operations using NFA's Self-Examination Questionnaire. This questionnaire is designed to aid Members in recognizing potential problem areas and to alert them to procedures that need to be revised or strengthened. Common deficiencies in this area include failing to review the questionnaire on an annual basis and failing to maintain evidence that a review was conducted. NFA also encounters firms with deficient policies and procedures, indicating an inadequate review of the Self-Examination Questionnaire. Thorough questionnaire completion and review ensure firms are alerted to deficient policies and procedures that should be updated to comply with NFA Rules.

FCM, FDM and IB Members must have written supervisory policies and procedures to address the manner, frequency and results of monitoring written and oral communications. Such supervision includes, when required¹, maintaining a record of all oral and written communications provided or received concerning quotes, solicitations, bids, offers, instructions, trading and prices that lead to the execution of a transaction in a commodity interest and related cash or forward transaction, whether communicated by telephone, voicemail, facsimile, instant messaging, chat rooms, electronic mail, mobile device or other digital or electronic media. Common deficiencies in this area include firms not maintaining all required communications, failing to identify brokers using unapproved and unrecorded communication methods and permitting unregistered individuals to act as associated persons.

¹ An IB that has generated over the preceding three years more than $5 million in aggregate gross revenues from its activities as an IB is required to maintain certain oral and written communications.

Members that outsource regulatory functions must adopt and implement a written supervisory framework over those functions to mitigate outsourcing-related risks pursuant to Interpretive Notice 9079. The supervisory framework must address activities the firm will undertake with respect to initial risk assessment, onboarding due diligence, ongoing monitoring, termination and recordkeeping. Appendix E of the Self-Examination Questionnaire includes several questions intended to help Members understand these requirements. Firms must also maintain records demonstrating that they have addressed the items outlined in the Interpretive Notice and are following their procedures.

FCM, FDM and IB Members must adopt a written information systems security program (ISSP) pursuant to  Interpretive Notice 9070 to address the risk of unauthorized access to or attack of their information technology systems and to establish an appropriate response should unauthorized attacks occur. Members are also required to notify NFA of certain cybersecurity incidents related to their commodity interest activities via NFA's Cyber Notice Filing System. One common deficiency in this area is failure to provide cybersecurity training to employees upon hiring and annually thereafter.

Members that fail to establish and implement an ISSP may be subject to disciplinary action.

In the event that an FCM, FDM or IB changes the independent CPA engaged to audit the firm's financial statements, the firm must file notice with NFA via EasyFile or WinJammer^TM pursuant to CFTC Regulation 1.16(g) no more than 15 days after the CPA's resignation or dismissal by the firm.

If an FCM, FDM or IB requests an extension to file its annual certified statement, the extension must be filed with NFA via EasyFile or WinJammer^TM.

FCMs and IBs that are also SEC registered broker-dealers are required to submit SLAs and any corresponding amendments to NFA when they are submitted to the firm's designated examining authority (i.e., FINRA), pursuant to CFTC Regulation 1.17.

If a Member fails to have at least one principal that is registered as an associated person, NFA shall deem that Member's failure to be a request to withdraw from NFA membership pursuant to NFA Bylaw 301.