Amendments to the Swap Data Access Provisions of Part 49 and Certain Other Matters, 27410-27441 [2018-12377]
Download as PDF
<![CDATA[
27410
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
COMMODITY FUTURES TRADING
COMMISSION
17 CFR Part 49
RIN Number 3038–AE44
Amendments to the Swap Data Access
Provisions of Part 49 and Certain Other
Matters
Commodity Futures Trading
Commission.
ACTION: Final rule.
AGENCY:
Pursuant to Title VII of the
Dodd-Frank Wall Street Reform and
Consumer Protection Act of 2010
(‘‘Dodd-Frank Act’’), as amended by the
Fixing America’s Surface Transportation
Act of 2015 (‘‘FAST Act’’), the
Commodity Futures Trading
Commission (‘‘Commission’’ or
‘‘CFTC’’) is amending the Commission’s
regulations relating to access to swap
data held by swap data repositories
(‘‘SDRs’’). The amendments implement
pertinent provisions of the FAST Act
and make associated changes to the
Commission’s regulations governing the
grant of access to swap data to certain
foreign and domestic authorities by
SDRs, as well as changes to certain other
regulations unrelated to such access.
DATES: The effective date for this final
rule is August 13, 2018. For compliance
dates, see SUPPLEMENTARY INFORMATION.
FOR FURTHER INFORMATION CONTACT:
Daniel Bucsa, Deputy Director, Division
of Market Oversight—Data and
Reporting Branch (‘‘DMO–DAR’’), (202)
418–5435, dbucsa@cftc.gov; David E.
Aron, Special Counsel, DMO–DAR,
(202) 418–6621, daron@cftc.gov; Owen
J. Kopon, Special Counsel, DMO–DAR,
(202) 418–5360, okopon@cftc.gov; or
Stephen Kane, Research Economist,
Office of the Chief Economist, (202)
418–5911, skane@cftc.gov, Commodity
Futures Trading Commission, Three
Lafayette Centre, 1151 21st Street NW,
Washington, DC 20581.
SUPPLEMENTARY INFORMATION: The
compliance date for an SDR to comply
with its obligation under
§ 49.17(d)(5)(iii) of the Commission’s
regulations 1 to provide access to swap
data requested by an Appropriate
Domestic Regulator (as defined in
§ 49.17(b)(1)) (‘‘ADR’’) or Appropriate
Foreign Regulator (as defined in
§ 49.17(b)(2)) (‘‘AFR’’) is, as discussed
further below, the earlier of (1) the
earliest date, after such SDR receives
from such ADR or AFR the
confidentiality arrangement required by
pmangrum on DSK30RV082PROD with RULES3
SUMMARY:
1 17 CFR 49.17(d)(5)(iii). All Commission
regulations cited herein are set forth in Title 17 of
the Code of Federal Regulations.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
§ 49.18(a), that such SDR, exercising
commercially reasonable efforts in light
of its obligations under the Act 2 and the
Commission’s regulations, is able to
provide such access to the ADR or AFR
and (2) 180 days after the SDR receives
from such ADR or AFR the
confidentiality arrangement required by
§ 49.18(a). The compliance date for all
other regulations amended, added or
revised by this final rule is August 13,
2018.
Table of Contents
I. Background and Introduction
A. Statutory Background: The Dodd-Frank
Act
B. Regulatory History: The Part 49 Rules
and the Commission’s Interpretative
Statement
1. Access to SDR Swap Data
2. Indemnification Requirement
C. FAST Act Amendments to CEA Section
21
D. CEA Section 8 and the Confidentiality
Provisions of CEA Section 21
E. High-Level Summary of Revisions to
Part 49
F. Rescission of Interpretative Statement
II. Discussion
A. Definitions: Amendments to § 49.2
B. Domestic and Foreign Regulators With
Regulatory Responsibility Over SDRs:
Amendments to § 49.17(d)(2) and (3)
1. Current Rules
2. Proposed Amendments
3. Comments Received
4. Final Rules
C. Appropriateness Determination for
Foreign Regulators and Non-Enumerated
Domestic Regulators: Amendments to
§ 49.17(b) and New § 49.17(h)
1. Current Rule
2. Proposed Amendments: Determination
Order Process
3. Proposed Amendments: Factors
Considered in Issuing a Determination
Order
a. Scope of Jurisdiction
b. Robust Confidentiality Safeguards
c. Swap Data Sharing Considerations
4. Proposed Amendments: Other Matters
Regarding the Determination Order
Process
5. Final Rules
D. Amendments to § 49.17(d)(4): SDR
Notice and Verification Obligations
1. Proposed Amendments
2. Final Rules
a. § 49.17(d)(4)(i)
i. Notices of Initial Access Requests and
Requests Outside the Scope of
Jurisdiction
ii. Recordkeeping
iii. Aggregated Data
b. § 49.17(d)(4)(ii)
c. § 49.17(d)(4)(iii)
i. Scope of an ADR’s or AFR’s Jurisdiction
ii. Changes to an ADR’s or AFR’s Scope of
Jurisdiction
iii. Written Notices
d. § 49.17(d)(4)(iv)
E. New § 49.17(i): Delegation of Authority
27
PO 00000
U.S.C. 1 et seq.
Frm 00002
Fmt 4701
Sfmt 4700
F. CEA Section 21(d) Confidentiality
Agreements: Amendments to § 49.18
1. Current Rule
2. Proposed Amendments to § 49.18(a):
Confidentiality Arrangement Required
Prior to Disclosure of Swap Data
3. Proposed Amendments to § 49.18(b):
Required Elements of the Confidentiality
Arrangement
4. Proposed Removal of § 49.18(c): ADRs
and AFRs With Regulatory
Responsibility Over an SDR
5. Proposed New § 49.18(c) and (d): Failure
To Fulfill the Terms of a Confidentiality
Arrangement
6. Proposed New § 49.18(e): Delegation of
Authority
7. Conforming Changes
8. Comments Received
9. Final Rule
G. Other Changes
1. Proposed Rule Changes
2. Final Rule Changes
III. Request for Comment
IV. Compliance Date
V. Related Matters
A. Regulatory Flexibility Act
B. Paperwork Reduction Act
1. Summary of the Requirements
2. Collection of Information
C. Cost-Benefit Considerations
1. Introduction
2. Benefits
a. Background
b. High-Level Benefits
c. More Specific Benefits
i. MOUs
ii. Duty for SDRs To Notify the
Commission of Swap Data Requests
From ADRs and AFRs
iii. Form of Electronic Notification by SDRs
to the Commission
iv. Clarification of SDR Recordkeeping
Obligations
v. Limitation, Suspension or Revocation of
an ADR’s or AFR’s Swap Data Access
vi. Confidentiality Arrangements
vii. Means of Access
3. Costs
a. Background
b. High-Level Costs
c. ADRs’ and AFRs’ Costs
i. Determination Order Applications
ii. Confidentiality Arrangements
iii. Data Security
iv. Onward Sharing
v. Means of Access
d. SDRs’ Costs
i. Providing New Access Generally
ii. Providing Notice to the Commission
iii. Verifying That a Swap Data Request is
Within an ADR’s/AFR’s Scope of
Jurisdiction
iv. Means of Access
v. Recordkeeping
4. Response to Comments
5. Alternatives Considered
6. Consideration of CEA Section 15(a)
Factors
a. Protection of Market Participants and the
Public
b. Efficiency, Competitiveness, and
Financial Integrity of Futures Markets
c. Price Discovery
d. Sound Risk Management Practices
e. Other Public Interest Considerations
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
D. Antitrust Considerations
I. Background and Introduction
pmangrum on DSK30RV082PROD with RULES3
A. Statutory Background: The DoddFrank Act
Title VII of the Dodd-Frank Act 3
amended the Commodity Exchange Act
(‘‘CEA’’) to establish a comprehensive
new regulatory framework for swaps
including, in new CEA section 21,
requirements addressing the registration
and regulation of SDRs.4 CEA section 21
imposes on SDRs, among other duties
and responsibilities, the duty to
maintain the privacy of all swap
transaction information received from a
swap dealer, counterparty, or any other
registered entity.5 CEA section 21(c)(7)
directs SDRs to make swap data
available on a confidential basis
pursuant to section 8 of the CEA, upon
request, and after notifying the
Commission of the request,6 to certain
enumerated domestic authorities and
any other person (which may include
certain types of foreign authorities) that
the Commission determines to be
appropriate (each such enumerated and
Commission-determined entity, a
‘‘21(c)(7) entity’’).7
As originally enacted, CEA sections
21(d)(1) and (2), respectively, mandated
that, prior to receipt of any requested
data or information from an SDR, a
21(c)(7) entity agree in writing to abide
by the confidentiality requirements
described in CEA section 8 and,
separately, to indemnify the SDR and
the Commission for any expenses
arising from litigation relating to the
information provided under section 8.8
Congress’s repeal of the CEA section
3 See Dodd-Frank Wall Street Reform and
Consumer Protection Act, Public Law 111–203, 124
Stat. 1376 (2010), available at https://www.cftc.gov/
LawRegulation/OTCDERIVATIVES/index.htm. Title
VII of the Dodd-Frank Act may be cited as the Wall
Street Transparency and Accountability Act of
2010.
4 See Dodd-Frank Act section 728 (adding new
CEA section 21, 7 U.S.C. 24(a), to establish a
registration requirement and regulatory regime for
SDRs).
5 7 U.S.C. 24a(c)(6).
6 CEA section 8, 7 U.S.C. 12, describes
circumstances under which public disclosure of
information in the Commission’s possession is
permitted and prohibited. As discussed more fully
below, the principles underlying CEA section 8(e),
in particular, are fundamental to CEA sections
21(c)(7) and (d) and to the access standards and
confidentiality provisions adopted in this release.
7 See 7 U.S.C. 24a(c)(7). See also Commission,
Final Rulemaking: Swap Data Recordkeeping and
Reporting Requirements, 77 FR 2136, Jan. 13, 2012
(‘‘Data Final Rules’’). The Data Final Rules set forth,
among others, regulations governing SDR data
collection and swap data reporting responsibilities
under part 45 of the Commission’s regulations.
8 7 U.S.C. 24a(d). As noted above, the
indemnification requirement was stricken from
CEA section 21(d) by the FAST Act. See Public Law
114–94, section 86001(b)(2).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
21(d)(2) indemnification requirement in
the FAST Act 9 in December 2015
prompted this rulemaking.10
B. Regulatory History: The Part 49 Rules
and the Commission’s Interpretative
Statement
1. Access to SDR Swap Data
In 2011, the Commission adopted
rules implementing the requirements for
SDRs in CEA section 21.11 The
Commission implemented the SDR
swap data access provisions of CEA
sections 21(c)(7) and (d) by establishing
processes to allow two categories of
entities to gain access to SDR swap data.
The Commission defined one category,
ADRs, in § 49.17(b)(1) of the
Commission’s regulations as domestic
authorities enumerated in CEA section
21(c)(7)(A)–(D) 12 and certain other
persons determined by the Commission
to be appropriate recipients of such
swap data pursuant to CEA section
21(c)(7)(E).13
The Commission defined the other
category, AFRs,14 in § 49.17(b)(2) as
9 FAST Act, Public Law 114–94, 129 Stat. 1312
(Dec. 4, 2015).
10 FAST Act section 86002(b)(2) struck subsection
(d) of CEA section 21 and inserted a new provision
in in its place that stated that before the swap data
repository may share information with any entity
listed in section (c)(7), the swap data repository
shall receive a written agreement from each entity
stating that the entity shall abide by the
confidentiality requirements described in section 8
of the CEA relating to the information on swap
transactions that is provided.
11 Swap Data Repositories: Registration
Standards, Duties and Core Principles; 76 FR 54538
(Sept. 1, 2011) (‘‘SDR Final Rules’’); see also Swap
Data Repositories: Registration Standards, Duties
and Core Principles, 75 FR 80898 (Dec. 23, 2010)
(the proposed SDR Final Rules) (‘‘SDR NPRM’’).
12 The domestic authorities enumerated in CEA
section 21(c)(7) are: (A) Each appropriate prudential
regulator; (B) the Financial Stability Oversight
Council (‘‘FSOC’’); (C) the Securities and Exchange
Commission (‘‘SEC’’); and (D) the Department of
Justice. The term ‘‘prudential regulator’’ is defined
in CEA section 1a(39) (7 U.S.C. 1a(39)).
13 In addition to CEA section 21(c)(7) enumerating
certain domestic authorities to which an SDR must
grant swap data access, CEA section 21(c)(7)(E), as
amended by the FAST Act, identifies as an eligible
recipient of such access as any other person that the
Commission determines to be appropriate,
including foreign financial supervisors (including
foreign futures authorities); foreign central banks;
foreign ministries; and other foreign authorities. 7
U.S.C. 24a(c)(7)(E). Pursuant to this authority, in
§§ 49.17(b)(1)(v) and (vi), the Commission
identified any Federal Reserve Bank and the Office
of Financial Research (‘‘OFR’’), respectively, as
ADRs. The Commission also defined as an
‘‘Appropriate Domestic Regulator’’ each prudential
regulator identified in CEA section 1(a)(39), with
respect to requests related to any such regulator’s
statutory authority, without limitation to the
activities listed for each regulator in CEA section
1(a)(39). See § 49.17(b)(1)(ii). The Commission
further reserved the discretion, in § 49.17(b)(1)(vii),
to recognize any other person the Commission
deems appropriate to be an ADR.
14 The Commission established the category of
AFRs pursuant to CEA section 21(c)(7)(E), which,
PO 00000
Frm 00003
Fmt 4701
Sfmt 4700
27411
‘‘Foreign Regulators’’ 15 with existing
memoranda of understanding (‘‘MOUs’’)
or similar types of information sharing
arrangements with the Commission, but
did not identify any specific persons as
AFRs in the SDR Final Rules. The SDR
Final Rules also defined the term AFR
to include a Foreign Regulator without
an existing MOU with the Commission,
as determined by the Commission on a
case-by-case basis. Such a Foreign
Regulator was required to file with the
Commission an application providing
sufficient facts and procedures to permit
the Commission to analyze whether the
Foreign Regulator employed appropriate
confidentiality procedures, and to
satisfy the Commission that any SDR
swap data or information accessed by
the Foreign Regulator would be
disclosed only as permitted by section
8(e) of the CEA.16
An ADR or AFR seeking access to
SDR swap data is required by current
§ 49.17(d)(1) to file an access request
with the SDR certifying that it is acting
within the scope of its jurisdiction and
is required by current § 49.17(d)(6) to
execute a ‘‘Confidentiality and
Indemnification Agreement’’ with the
SDR.17
2. Indemnification Requirement
In the preamble to the SDR Final
Rules, the Commission acknowledged
commenters’ concerns that compliance
with the statutory and regulatory
requirements to indemnify the
Commission, and the SDR providing
access to swap data, for any expenses
arising from litigation relating to the
information provided under section 8 of
the CEA, would be difficult for certain
domestic and foreign regulators, due to
various home country laws and other
regulations prohibiting such
arrangements.18 The Commission
expressed its intent to continue to work
to provide regulators sufficient access to
SDR data. In this regard, the
Commission outlined the circumstances
under which it believed the
indemnification provisions of CEA
among other things, includes a list of the types of
foreign entities that the Commission may determine
to be appropriate recipients of swap data obtained
by an SDR.
15 The term ‘‘Foreign Regulator’’ is defined in
current § 49.2(a)(5) to mean a foreign futures
authority as defined in CEA section 1(a)(26), foreign
financial supervisors, foreign central banks and
foreign ministries.
16 17 CFR 49.17(b)(2)(i)(B).
17 Current § 49.18(b) requires an SDR to receive
such a Confidentiality and Indemnification
Agreement from an ADR or AFR prior to releasing
swap data to the ADR or AFR.
18 See SDR Final Rules at 54554. The Commission
notes that, to date, no 21(c)(7) entity has entered
into a confidentiality or indemnification agreement
pursuant to CEA section 21(d) or the part 49 rules.
E:\FR\FM\12JNR3.SGM
12JNR3
27412
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
section 21(d) and § 49.18 would not
apply. The Commission explained that,
under the part 49 rules, ADRs with
concurrent regulatory jurisdiction over
SDRs may in some circumstances obtain
access to swap data reported to and
maintained by those SDRs without
regard to the notice and indemnification
requirements of CEA sections 21(c)(7)
and (d).19 With respect to foreign
regulatory authorities, the Commission
determined in the SDR Final Rules that
swap data reported to and maintained
by an SDR may be accessed by an AFR
without the execution of a
confidentiality and indemnification
agreement when the AFR has
supervisory authority over a
Commission-registered SDR that is also
registered with the AFR pursuant to
foreign law and/or regulation.
Since concerns about the scope of the
indemnification requirement persisted,
the Commission issued an interpretative
statement designed to provide guidance
and greater clarity to interested
members of the public and foreign
regulators with respect to the scope and
application of CEA section 21(d) and the
part 49 rules.20 The Interpretative
Statement clarified that a foreign
regulatory authority’s access to swap
data held in a CFTC-registered SDR
would not be subject to the
confidentiality and indemnification
provisions of CEA section 21(d) or the
part 49 regulations if (i) the registered
SDR is also registered in, or recognized
or otherwise authorized by, the foreign
authority’s regulatory regime and (ii) the
data sought to be accessed by the foreign
authority has been reported to the
registered SDR pursuant to such foreign
regulatory regime.21
C. FAST Act Amendments to CEA
Section 21
Congress responded to regulators’
access concerns by including in the
FAST Act a repeal of the
indemnification requirement in CEA
section 21(d)(2).22 The confidentiality
pmangrum on DSK30RV082PROD with RULES3
19 See
SDR Final Rules at 54554, n163.
Accordingly, pursuant to the Commission’s Part 49
rules, these provisions did not apply to an ADR that
has regulatory jurisdiction over an SDR registered
with the ADR pursuant to a separate statutory
authority and also registered with the Commission,
if the ADR executes an MOU or similar information
sharing arrangement with the Commission and the
Commission, consistent with CEA section
21(c)(4)(A), designates the ADR to receive direct
electronic access. See 17 CFR 49.17(d)(2).
20 See Swap Data Repositories: Interpretative
Statement Regarding the Confidentiality and
Indemnification Provisions of the Commodity
Exchange Act, 77 FR 65177 (Oct. 25, 2012)
(‘‘Interpretative Statement’’).
21 Interpretative Statement at 65181.
22 Title LXXXVI (‘‘Repeal of Indemnification
Requirements’’) of the FAST Act amends the CEA
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
requirement in CEA section 21(d)(1) was
retained in amended CEA section
21(d).23
The FAST Act also modified CEA
section 21(c)(7)(A) by clarifying that
SDRs must make available the ‘‘swap’’
data they obtain to 21(c)(7) entities, and
added to CEA section 21(c)(7)(E)’s nonexclusive list of persons that the
Commission may determine to be
appropriate recipients of SDR swap data
the new category ‘‘other foreign
authorities.’’ 24
D. CEA Section 8 and the
Confidentiality Provisions of CEA
Section 21
CEA section 8 governs the
Commission’s treatment of nonpublic
information in its possession in a
number of circumstances. CEA section
8(e) permits the Commission to furnish
to the specified types of domestic or
foreign entities—upon their request and
acting within the scope of their
jurisdiction—any information in its
possession obtained in connection with
the administration of the Act.25 CEA
section 8(e) specifies, with respect to
federal U.S. entities, that any
information furnished thereunder shall
not be disclosed by the entity except in
an action or proceeding under the laws
of the United States to which the entity,
the Commission or the United States is
a party. CEA section 8(e) further
specifies, with respect to the specified
types of foreign entities, that the
Commission shall not furnish
information thereunder unless the
Commission is satisfied that the
information will not be disclosed by the
entity except in connection with an
adjudicatory action or proceeding to
which the entity is a party brought
by repealing the indemnification requirements
added by the Dodd-Frank Act for regulatory
authorities to obtain access to swap data because
foreign regulators and regulatory entities have
indicated concerns regarding the indemnification
requirements of the Dodd-Frank Act. The title
removes such requirements so data can be shared
with foreign authorities. The title would still
require the regulatory agencies requesting the
information to agree to certain confidentiality
requirements prior to receiving the data. FAST Act:
Conference Report to Accompany H.R. 22, Dec. 1,
2015 at 486–87. The repeal applied as well to the
analogous provision in the Securities Exchange Act
of 1934, 15 U.S.C. 78m(n)(5).
23 As noted above, FAST Act section 86002(b)(2)
struck subsection (d) of CEA section 21 and inserted
a new provision in its place that stated that before
the swap data repository may share information
with any entity listed in section (c)(7), the swap
data repository shall receive a written agreement
from each entity stating that the entity shall abide
by the confidentiality requirements described in
section 8 of the CEA relating to the information on
swap transactions that is provided.
24 See FAST Act section 86001(b)(1).
25 7 U.S.C. 12(e).
PO 00000
Frm 00004
Fmt 4701
Sfmt 4700
under the laws to which such entity is
subject.
CEA sections 21(c)(7) and 21(d)
incorporate CEA section 8 in
establishing the disclosure restrictions
and confidentiality standards that apply
to SDRs when providing swap data to
regulators. The Commission interprets
these provisions as requiring
consistency with the principles
underlying CEA section 8(e) and
therefore being fundamental to the
access standards and confidentiality
provisions adopted in this release. In
adopting revised §§ 49.17 and 49.18, the
Commission is mindful of these
foundational principles: Where
information is sought to be accessed, the
information must relate to the scope of
the requesting entity’s jurisdiction; and
information provided by the SDR shall
not be further disclosed except in
limited, defined circumstances.
E. High-Level Summary of Revisions to
Part 49
Pursuant to its authority under the
Act,26 the Commission proposed
amendments in January 2017 to §§ 49.2,
49.9, 49.17, 49.18, and 49.22 to (i)
implement the statutory changes
mandated by the FAST Act
amendments; (ii) make certain
conforming and clarifying changes
related to such implementation; (iii)
revise the process by which
appropriateness is determined for
purposes of access to SDR swap data;
(iv) clarify the standards in connection
with the Commission’s appropriateness
determinations; and (v) establish the
form and substance of the written
agreement mandated by CEA section
21(d), as amended.27 In formulating the
proposed amendments, the Commission
endeavored to achieve the goals of
effective and consistent global
regulation of swaps 28 while adhering to
the mandate of CEA sections 21(c)(7)
and (d) that swap data be made
available to a limited universe of
26 See, e.g., CEA section 21(f)(4) (Additional
duties developed by Commission), 7 U.S.C.
24a(f)(4). The Commission is also authorized by
CEA section 8a(5), 7 U.S.C. 12a(5), to make such
rules and regulations as, in the judgment of the
Commission, are reasonably necessary to effectuate
any of the provisions or to accomplish any of the
purposes of the CEA.
27 See Proposed Amendments To Swap Data
Access Provisions and Certain Other Matters, 82 FR
8369 (Jan. 25, 2017) (‘‘NPRM’’).
28 Section 752(a) of the Dodd-Frank Act directs
the CFTC, the SEC and the prudential regulators, as
appropriate, to consult and coordinate with foreign
regulatory authorities in this regard and provides
that these entities may agree to such informationsharing arrangements as may be deemed necessary
or appropriate in the public interest or for the
protection of investors, swap counterparties, and
security-based swap counterparties.
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
regulators on a confidential basis
pursuant to CEA section 8. As explained
in Section II below, the Commission is
generally adopting, with certain
modifications, the rules and rule
amendments as proposed.
F. Rescission of Interpretative Statement
The Commission has determined to
rescind the Interpretative Statement.
References to the indemnification
requirement in the Interpretative
Statement are no longer necessary, as
the FAST Act repealed the
indemnification requirement in CEA
section 21(d). Additionally, the
modifications to § 49.17(d)(3) that are
adopted by the Commission in this
release are not inconsistent with the
clarifications provided in the
Interpretative Statement.
II. Discussion
A. Definitions: Amendments to § 49.2
As originally adopted, § 49.2(a)(5)
defined the term ‘‘Foreign Regulator’’ to
include a foreign futures authority as
defined in CEA section 1a(26), foreign
financial supervisors, foreign central
banks and foreign ministries.29 The
FAST Act amendments to the CEA
added to section 21(c)(7)(E) a new
category of entity—‘‘other foreign
authorities’’—that the Commission may
deem appropriate to obtain access to
SDR swap data. The Commission
proposed in the NPRM a corresponding
amendment to the definition of ‘‘Foreign
Regulator’’ in § 49.2(a)(5) to conform
this definition to amended CEA section
21(c)(7)(E). The Commission received
no comments on that proposed
amendment. Thus, for the foregoing
reasons, the Commission is adopting the
amendment as proposed.
B. Domestic and Foreign Regulators
With Regulatory Responsibility Over
SDRs: Amendments to § 49.17(d)(2) and
(3)
pmangrum on DSK30RV082PROD with RULES3
1. Current Rules
Commission regulation 49.17(d)(2)
currently provides that an ADR with
regulatory jurisdiction over an SDR that
is registered with the ADR pursuant to
a separate statutory authority and that is
also registered with the Commission
does not need to apply to the SDR for
29 17 CFR 49.2(a)(5). CEA Section 1a(26) defines
a ‘‘foreign futures authority’’ as any foreign
government, or any department, agency,
governmental body, or regulatory organization
empowered by a foreign government to administer
or enforce a law, rule, or regulation as it relates to
a futures or options matter, or any department or
agency of a political subdivision of a foreign
government empowered to administer or enforce a
law, rule, or regulation as it relates to a futures or
options matter.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
access to swap data and execute a
confidentiality and indemnification
agreement, as required by §§ 49.17(d)
and 49.18(b), as long as the following
conditions are met: (i) The ADR
executes an MOU or similar information
sharing arrangement with the
Commission; and (ii) the Commission,
consistent with CEA section 21(c)(4)(A),
designates the ADR to receive direct
electronic access. The Commission
provided in the SDR Final Rules that
these ADRs may be provided access to
the swap data reported and maintained
by SDRs without being subject to the
notice and indemnification provisions
of CEA sections 21(c)(7) and (d).30
Commission regulation 49.17(d)(3)
currently provides that an AFR with
supervisory authority over an SDR
registered with it pursuant to foreign
law and/or regulation that is also
registered with the Commission is not
subject to the requirements of § 49.17(d)
and § 49.18(b). As described in the SDR
Final Rules and the Interpretative
Statement, the Commission believes that
swap data reported to, and maintained,
by an SDR may be appropriately
accessed by an AFR without the
execution of a confidentiality and
indemnification agreement when the
AFR is acting in a regulatory capacity
with respect to an SDR that is also
registered with the AFR, and the swap
data was reported to such SDR pursuant
to such AFR’s regulatory regime.
2. Proposed Amendments
With respect to domestic regulators
with regulatory jurisdiction over an
SDR, the Commission proposed in the
NPRM to remove: (1) The reference to
‘‘Appropriate Domestic Regulator’’ in
§ 49.17(d)(2) and replace it with the
term ‘‘domestic regulator’’ to clarify that
all domestic regulators, and not just
ADRs, would fall under § 49.17(d)(2); (2)
§ 49.17(d)(2)(i) (information sharing
arrangement condition); and (3)
§ 49.17(d)(2)(ii) (direct electronic access
condition). Based on its experience with
SDR swap data access, the Commission
believed an additional refinement of
these rules was necessary in order to
promote greater efficiency and
cooperation among domestic regulators.
Accordingly, the Commission proposed
that a domestic regulator that has
regulatory responsibility over an SDR
registered with it pursuant to a separate
statutory authority should be able to
access SDR data reported to such SDR
pursuant to such separate statutory
authority irrespective of whether such
domestic regulator has executed an
MOU or similar information sharing
30 See
PO 00000
SDR Final Rules at 54554.
Frm 00005
Fmt 4701
Sfmt 4700
27413
arrangement with the Commission or
been designated to receive direct
electronic access by the Commission.31
In connection with foreign regulatory
authorities that have supervisory
authority over an SDR, the Commission
proposed in the NPRM to (i) replace the
reference to ‘‘Appropriate Foreign
Regulator’’ in § 49.17(d)(3) with the term
‘‘Foreign Regulator,’’ as defined in
§ 49.2, to clarify that all Foreign
Regulators, not only those that have
been determined ‘‘appropriate’’ by the
Commission, would fall under
§ 49.17(d)(3); and (ii) add qualifying
language to § 49.17(d)(3) so that
§ 49.17(d)(3) applies not only to SDRs
that are ‘‘registered’’ with the Foreign
Regulator but also to those SDRs that are
‘‘recognized or otherwise authorized’’
by the Foreign Regulator, where the
swap data being accessed has been
reported to the SDR pursuant to the
Foreign Regulator’s regulatory regime.32
3. Comments Received
The Commission received one
comment, from Chicago Mercantile
Exchange Inc. (‘‘CME’’), DTCC Data
Repository (U.S.) LLC (‘‘DDR’’), and ICE
Trade Vault, LLC (‘‘ICETV’’ and,
collectively with CME and DDR, the
‘‘SDR Commenters’’), on its proposed
modifications to § 49.17(d)(2) and (3).33
The SDR Commenters supported the
Commission’s proposed modifications
to § 49.17(d)(2) and (3) stating that
recognizing the separate jurisdictional
authority of another domestic regulator
or foreign regulator would further
appropriate information sharing
necessary for regulatory oversight and
global systemic risk mitigation
purposes.34
4. Final Rules
After considering the comments it
received with respect to its proposed
amendments to § 49.17(d)(2) and (3),
and for the reason stated above in
section II.B.2., the Commission
continues to believe that swap data
31 The Commission’s proposal for domestic
regulators was consistent with the principle
previously set forth in the Interpretative Statement
with respect to the application of the confidentiality
and indemnification provisions of the CEA to
foreign regulators. In particular, the Commission
stated that a foreign regulator’s access to data from
a registered SDR that is also registered, recognized,
or otherwise authorized in a foreign jurisdiction’s
regulatory regime, where the data to be accessed has
been reported pursuant to that other regulatory
regime, will be dictated by that jurisdiction’s
regulatory regime and not by the CEA or
Commission regulations. See Interpretative
Statement at 65181.
32 Id.
33 Joint Comment Letter submitted by CME, DDR,
and ICETV at 2 (March 27, 2017) (‘‘SDR Letter’’).
34 Id.
E:\FR\FM\12JNR3.SGM
12JNR3
27414
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
reported to, and maintained by, an SDR
may be appropriately accessed by a
domestic regulator or Foreign Regulator
without the execution of a
confidentiality and indemnification
agreement (1) when the regulator is
acting in a regulatory or supervisory
capacity with respect to an SDR that is
also registered with, or recognized or
otherwise authorized by, the regulator
and (2) with respect to swap data
reported to such SDR pursuant to such
regulator’s regulatory regime. The
Commission, accordingly, is adopting
the amendments to § 49.17(d)(2) and (3)
as proposed.
C. Appropriateness Determination for
Foreign Regulators and NonEnumerated Domestic Regulators:
Amendments to § 49.17(b) and New
§ 49.17(h)
pmangrum on DSK30RV082PROD with RULES3
1. Current Rule
CEA section 21(c)(7) specifies U.S.
entities to which swap data must be
released by an SDR, provided certain
prerequisites are satisfied. Because
Congress has determined that access to
SDR swap data by these entities is
appropriate when the prerequisites are
satisfied, no appropriateness
determination by the Commission is
necessary. These U.S. entities, along
with any others the Commission
determines to be appropriate pursuant
to CEA section 21(c)(7)(E), are identified
in § 49.17(b)(1) as ADRs. The current
part 49 rules do not include a process
for how the Commission would
determine a domestic regulator to be
‘‘appropriate’’ within the meaning of
CEA section 21(c)(7)(E).
Under current § 49.17(b)(2)(i), in order
for a Foreign Regulator that does not
have a current MOU with the
Commission to be determined to be an
AFR,35 it must file with the Commission
an application in the form and manner
specified by the Commission.36 Current
§ 49.17(b)(2)(i)(B) requires that the
application provide sufficient facts and
procedures to permit the Commission to
analyze whether the Foreign Regulator’s
confidentiality procedures are
appropriate and to satisfy the
Commission that information provided
by an SDR will be disclosed by the
Foreign Regulator only as permitted by
CEA section 8(e).
35 No specific Foreign Regulators are enumerated
in CEA section 21(c)(7) or specifically identified as
AFRs in § 49.17(b)(2).
36 To date, the Commission has not specified a
form and manner for the application referenced in
current § 49.17(b)(2)(i)(A).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
2. Proposed Amendments:
Determination Order Process
The Commission proposed to
eliminate the current filing
requirements set forth in current
§ 49.17(b)(2)(i) and establish new filing
requirements in proposed new
§ 49.17(h) that would apply to both
Foreign Regulators and domestic
regulators. The Commission also
proposed to include, in § 49.17(h), CEAsection-8-related confidentiality
considerations and the ability for the
Commission to revisit or reassess
appropriateness determinations. As
proposed, new § 49.17(h) would apply
to each Foreign Regulator regardless of
whether there was a current MOU or
similar information sharing arrangement
in place between such Foreign Regulator
and the Commission, and to any
domestic regulator other than an ADR
enumerated in § 49.17(b)(1)(i) through
(vi) (‘‘Enumerated ADR’’).
Proposed § 49.17(h)(3) specified two
threshold requirements for a finding of
appropriateness: (i) The requesting
entity has in place appropriate
safeguards to maintain the
confidentiality of swap data received
from an SDR; and (ii) such entity is
acting within the scope of its
jurisdiction in seeking access to swap
data maintained by an SDR. Because the
Commission stated that these
requirements are necessary, but may or
may not be sufficient to support an
appropriateness determination, the
Commission proposed to evaluate each
filing on a case-by-case basis with
reference to these and other factors that
the Commission may find germane to its
determination. The Commission
proposed that, were it to find, based on
information submitted to it, that an
entity’s access to SDR swap data was
appropriate, the Commission would
issue an order confirming the entity’s
status as an ADR or AFR and setting
forth any conditions or limitations on
access consistent with the relevant
statutory and regulatory requirements (a
‘‘Determination Order’’).
The Commission also proposed in
§ 49.17(h)(4) to be able to revisit,
reassess, limit, suspend or revoke a
previously issued Determination Order.
That proposal was based on the
Commission’s belief that it is necessary
to reserve the authority to revisit an
appropriateness determination, and
potentially take one of the foregoing
remedial actions, in order to be able to
address situations that may arise
subsequent to the determination, such
as where an AFR or ADR violates the
terms of a Determination Order or fails
to keep SDR swap data confidential.
PO 00000
Frm 00006
Fmt 4701
Sfmt 4700
3. Proposed Amendments: Factors
Considered in Issuing a Determination
Order
a. Scope of Jurisdiction
CEA section 21(c)(7) directs SDRs to
provide swap data to regulators on a
confidential basis pursuant to section
8.37 The Commission interprets this
provision to require consistency with
the CEA section 8(e) mandate that
information be furnished, on a
confidential basis, only to other
regulators acting within the scope of
their jurisdiction. Accordingly, the
Commission believes that an
appropriateness determination must be
informed by reference to a regulator’s
jurisdiction.
In this regard, the Commission
proposed to add new § 49.17(h)(2),
which would require an applicant
seeking a Determination Order to
provide the Commission sufficient
information to permit the Commission
to analyze whether the applicant is
acting within the scope of its
jurisdiction in seeking access to swap
data maintained by an SDR. As part of
this information, the Commission stated
that it expected that an applicant would
explain the relationship between its
jurisdiction and its request for access to
swap data maintained by SDRs,
including an explanation of the
applicant’s need for swap data to carry
out its regulatory mandate, legal
authority or responsibility.38
The Commission proposed in new
§ 49.17(h)(3) that the Commission
would not issue a Determination Order
unless it were satisfied that an applicant
was acting within the scope of its
jurisdiction in seeking access to SDR
swap data. The Commission also stated
in the NPRM that it expected that each
Determination Order would further
require, as a condition of the
appropriateness determination set forth
therein, that a regulator that received a
Determination Order promptly notify
the Commission, and each SDR from
which it received swap data, of any
change to its jurisdiction that would
relate to the swap data access
requested.39 Proposed § 49.17(d)(4)(iii)
enabled the Commission to direct SDRs
to limit, suspend or revoke an ADR’s or
AFR’s SDR swap data access to reflect
the new scope of its jurisdiction, and
required the SDRs to so limit, suspend
37 7
U.S.C. 24(c)(7).
Commission expects that the applicant
would provide a description of its scope of
jurisdiction as part of these explanations.
39 The form of confidentiality arrangement set
forth in proposed Appendix B to part 49
(‘‘Confidentiality Arrangement Form’’) also would
have required such notices.
38 The
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
or revoke such access in response to
such Commission direction. The
Commission expected that limiting
access in this manner would reduce the
risk of unauthorized or unnecessary
disclosures because each appropriate
regulator would have access to swap
data only to the extent necessary to
fulfill its amended jurisdictional
mandate or regulatory responsibility.
pmangrum on DSK30RV082PROD with RULES3
b. Robust Confidentiality Safeguards
CEA section 21(c)(7) requires that
SDRs make swap data available on a
confidential basis pursuant to CEA
section 8. Proposed § 49.17(h)(2)
accordingly would require that an
applicant for a Determination Order
submit to the Commission information
sufficient to permit the Commission to
analyze whether the applicant employs
appropriate confidentiality safeguards to
ensure that swap data the applicant
receives from an SDR would not be
disclosed other than as permitted by the
confidentiality arrangement required by
proposed § 49.18(a). The Commission
anticipated that this analysis would
involve the Commission considering
whether the applicant’s confidentiality
protocols, system safeguards and
security compliance procedures could
be expected to ensure the
confidentiality of the swap data, and
whether the applicant had in place
protections sufficient to prevent
unauthorized intrusions into the
systems that maintain the swap data. In
this regard, the Commission stated in
the NPRM that it would also expect to
consider the applicant’s processes for
limiting internal access to swap data to
those persons with a need to know, as
well as how the swap data would be
stored and whether the swap data
would be segregated from other
information.
The Commission stated in the NPRM
its view that the confidentiality
protections set forth in proposed
§ 49.17(h)(2) strike an appropriate
tradeoff between realizing the benefits
of data access by regulators,40 and
protecting confidential information in
accordance with the dictates of CEA
section 8(e), which, as described above,
is incorporated into the access
provisions of CEA sections 21(c)(7) and
(d). In the NPRM, the Commission
stated that it would consider these
factors essential to a determination of
appropriateness.
40 See CEA section 21(c)(7); see also Section
752(a) of the Dodd-Frank Act (recognizing the goal
of effective and consistent global regulation of
swaps).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
c. Swap Data Sharing Considerations
The Commission stated in the NPRM
that other considerations not proposed
to be codified may also contribute to the
Commission’s appropriateness analysis.
Although the Commission proposed to
eliminate the current regulatory
provision conferring AFR status on a
Foreign Regulator with an existing MOU
or other similar type of information
sharing arrangement executed with the
Commission,41 it nonetheless stated in
the NPRM its continued belief that the
existence of such an arrangement fosters
a cooperative relationship and
encourages the development of shared
understandings related to regulatory
responsibilities. The Commission added
in the NPRM that, although not
dispositive, indications of a strong
cooperative relationship with another
authority, as established by the
existence of such an arrangement and
the Commission’s experience working
with such authority in finalizing and
administering the arrangement, would
likely be a factor supporting an
appropriateness determination. The
Commission also stated in the NPRM
that a failure to cooperate fully or to
comply with the terms of an existing or
prior arrangement might be expected to
weigh against an appropriateness
determination.
Similarly, when assessing
appropriateness, the Commission
expected to consider whether it receives
access to swap data maintained by trade
repositories subject to the applicant’s
jurisdiction. The Commission stated in
the NPRM that it is mindful of the
Dodd-Frank Act’s encouragement of
coordination and cooperation with
foreign regulatory authorities.42 The
Commission also stated in the NPRM its
belief that increased data access by
regulators has the potential to provide
the Commission and other authorities
with more complete information with
which to monitor risk exposures and
should be expected to promote global
market stability through enhanced
regulatory transparency. Accordingly,
the Commission stated in the NPRM, it
would view the following favorably in
considering appropriateness: (i)
Commission access to swap data
maintained by trade repositories in a
foreign regulator’s jurisdiction; (ii) an
arrangement to assist the Commission in
obtaining data from other jurisdictions;
and (iii) a history of assistance from a
foreign regulator.
41 17
CFR 49.17(b)(2).
also Dodd-Frank Act section 752
(recognizing the goal of effective and consistent
global regulation of swaps).
42 See
PO 00000
Frm 00007
Fmt 4701
Sfmt 4700
27415
4. Proposed Amendments: Other
Matters Regarding the Determination
Order Process
The Commission stated in the NPRM
its preliminary belief that the
Determination Order process and factors
discussed above offer a reasonable
approach to providing requesting
entities access to SDR swap data based
on clearly articulated factors and any
additional considerations or
circumstances the Commission may
deem relevant on a case-by-case basis.
The Commission added that both the
required factors and the additional
considerations support the mandates of
CEA sections 8, 21(c)(7) and 21(d) and
are consistent with the express intent of
Congress that the Commission
coordinate and cooperate with foreign
regulatory authorities on matters related
to the regulation of swaps. Through the
issuance of Determination Orders, the
Commission expected to be able to
impose appropriate conditions or
restrictions on an entity’s access to SDR
swap data such that the entity’s access
would be linked to its jurisdictional
scope. Pursuant to proposed
§ 49.17(h)(3), the Commission could, in
its discretion, issue a Determination
Order of limited duration. The
Commission stated in the NPRM that it
would expect SDRs to take into account
any conditions or restrictions contained
in a Determination Order when
providing access to swap data to an
ADR or AFR.
The Commission further believed it
appropriate to make the process and
factors proposed in § 49.17(h) applicable
to any domestic entities that are not
enumerated as ADRs in § 49.17(b)(1)(i)
through (vi), as scope of jurisdiction and
confidentiality considerations are
equally applicable to U.S. entities, and
drafted proposed § 49.17(h) accordingly.
5. Final Rules
After considering the comments
received in the SDR Letter, and for the
reasons stated in the NPRM, stated
above in sections II.C.2.–4. and stated in
this section, the Commission is adopting
amendments to § 49.17(b) and new
§ 49.17(h) as proposed.
The Commission requested comment
on all aspects of proposed § 49.17(h),
particularly on whether the proposed
regulatory and other factors are
sufficient to determine whether access
to SDR swap data is appropriate. The
Commission received one comment in
response, from the SDR Commenters.
The SDR Commenters expressed
support for the § 49.17(h)
appropriateness determination process
proposed in the NPRM with respect to
E:\FR\FM\12JNR3.SGM
12JNR3
27416
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
Foreign Regulators and non-enumerated
domestic regulators, including the
requirement that such regulators file an
application with the Commission to be
determined to be appropriate recipients
of SDR swap data. The SDR
Commenters added that they ‘‘believe
that a[n] MOU or other information
sharing arrangement alone, by [its]
nature, ha[s] the potential for imprecise
language and bespoke arrangements that
would not provide sufficient indication
of a regulator’s ‘appropriateness.’ ’’ 43
The SDR Commenters also suggested
that the Commission revise proposed
§ 49.17(h)(4), which provides that the
Commission reserves the right to revisit,
reassess, limit, suspend or revoke any
appropriateness determination with
respect to an ADR or AFR, consistent
with the CEA, to require the
Commission to provide a written notice
to SDRs of such action to ensure that all
SDRs are aware of any changes in status
with respect to an appropriateness
determination.44 The Commission
agrees with the substance of the
‘‘written notice’’ comment but believes
that this suggestion should be
incorporated elsewhere in the
Commission’s regulations. Specifically,
because proposed § 49.17(h)(4) merely
addresses the Commission’s right to
revisit, reassess, limit, suspend or
revoke any appropriateness
determination, whereas proposed
§ 49.17(d)(5) required an SDR to take
such action as directed by the
Commission,45 the Commission believes
that proposed § 49.17(d)(5), rather than
proposed § 49.17(h)(4), should be
amended in response to the ‘‘written
notice’’ comment.46 Accordingly, the
Commission is adopting § 49.17(d)(5) as
proposed but with a modification to
require that any Commission direction
to an SDR specified therein be in
writing.
Accordingly, for the reasons stated in
the NPRM, stated above in sections
II.C.2.–4. and stated in this section, the
Commission is adopting amendments to
43 SDR
Letter at 3.
Letter at 7.
45 As proposed, § 49.17(d)(5) did not require that
the Commission direct the SDR in writing to take
any of such actions.
46 Proposed § 49.17(h)(4) stated that the
Commission reserves the right, in connection with
any appropriateness determination with respect to
an Appropriate Domestic Regulator or Appropriate
Foreign Regulator, to revisit, reassess, limit,
suspend or revoke such determination consistent
with the Act. Proposed § 49.17(d)(5) stated that an
SDR shall, as directed by the Commission, limit,
suspend or revoke such access should the
Commission limit, suspend or revoke the
appropriateness determination for such ADR or
AFR or otherwise direct the SDR to limit, suspend
or revoke such access.
pmangrum on DSK30RV082PROD with RULES3
44 SDR
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
§ 49.17(b) and new § 49.17(h) as
proposed.
D. Amendments to § 49.17(d)(4): SDR
Notice and Verification Obligations
1. Proposed Amendments
CEA section 21(c)(7) requires each
SDR to notify the Commission of a swap
data request received from an ADR or
AFR.47 Currently, this statutory
requirement is implemented in
§ 49.17(d)(4)(i), which provides that an
SDR must promptly notify the
Commission regarding ‘‘any’’ request
received by an ADR or AFR to gain
access to swap data maintained by the
SDR.
To reduce the burden on SDRs and
provide greater operational efficiency
consistent with the intent of CEA
section 21(c)(7), the Commission
proposed to amend the SDR notification
requirement in current § 49.17(d)(4)(i) to
require an SDR to notify the
Commission (i) at the time that it
receives the first request for access to
swap data from a particular ADR or AFR
and (ii) at any time that a swap data
request from an ADR or AFR does not
comport with the scope of the ADR’s or
AFR’s jurisdiction, as described in the
confidentiality arrangement required by
proposed § 49.18(a). As proposed, the
amendment provided that, upon
receiving either such request for data by
a particular ADR or AFR, the SDR
would be required to provide prompt
electronic notification to the
Commission of the request, in a format
specified by the Secretary of the
Commission, pursuant to proposed
§ 49.17(d)(4)(ii). The SDR would be
required to keep such notification and
related requests confidential consistent
with the requirements of CEA sections
21(c)(6) and (7) and related regulatory
requirements set forth in §§ 49.16 and
49.17.
The Commission stated in the NPRM
its belief that the proposed approach to
SDR notification supports the
Commission’s need to be aware of who
is able to access SDR swap data and
what data has been accessed, while
eliminating potentially costly, unwieldy
and inefficient notice of every swap data
request. Under the proposal, the
Commission would be notified that a
particular ADR or AFR has requested
access to SDR swap data and would be
able to examine SDR records of the
ADR’s or AFR’s individual swap data
requests, and the swap data provided, as
the Commission deemed necessary.48
47 See
CEA section 21(c)(7), 7 U.S.C. 24a(c)(7).
Commission stated in the NPRM that,
consistent with the current recordkeeping
requirements for SDRs in § 45.2(f), SDRs are
48 The
PO 00000
Frm 00008
Fmt 4701
Sfmt 4700
The Commission also proposed to
amend § 49.17(d)(4) by adding new
paragraph (iii) to require each SDR that
receives a request for access to its swap
data from an ADR or AFR to determine,
prior to providing such access, that the
request is consistent with the scope of
the ADR’s or AFR’s jurisdiction, as
described in the confidentiality
arrangement required by proposed
§ 49.18(a).49 This verification would
need to incorporate any subsequent
changes to such scope of jurisdiction.
The Commission also proposed to
require an ADR or AFR that has
executed a confidentiality arrangement
with the Commission pursuant to
§ 49.18(a) and provided such
confidentiality arrangement to one or
more SDRs to notify the Commission
and each such SDR of any change to
such ADR’s or AFR’s scope of
jurisdiction as described in such
confidentiality arrangement.
Additionally, the proposal enabled the
Commission to direct an SDR to
suspend, limit, or revoke access to swap
data maintained by such SDR based on
any such change to an ADR’s or AFR’s
scope of jurisdiction, and required that,
if so directed, such SDR must suspend,
limit, or revoke such access.
Proposed § 49.17(d)(4)(iv) required
SDR verification only once with respect
to a request for ongoing or recurring
access to particular data. Additionally,
if there was a change in the request, the
ADR or AFR would be obligated to make
a new determination pursuant to
proposed § 49.17(d)(4)(iii). The
Commission recognized that the
proposed requirement would impose a
burden on SDRs but noted that SDRs are
obliged by CEA section 21(c)(7) to
provide access ‘‘pursuant to section 8’’
of the CEA, which, as discussed above,
the Commission interprets as requiring
a jurisdictional nexus to the information
requested, consistent with CEA section
8(e). The Commission stated that it
believed that, in such circumstances,
SDRs must take a role in ensuring
required to maintain records of all information
related to the initial and all subsequent requests for
swap data from ADRs and AFRs. The Commission
stated that appropriate records would include, at a
minimum, the identity of the ADR or AFR accessing
the swap data, the date, time and substance of the
request for access, confirmation that the request is
consistent with the scope of the regulator’s
jurisdiction, and copies of all swap data provided
by the SDR in connection with the request for
access. The Commission added that, pursuant to
§ 1.31, SDRs are required to maintain such records
for a period of no less than five years after the date
of such request and must provide this information
to the Commission upon request.
49 The scope of jurisdiction would have been
described in Exhibit A to the form of confidentiality
arrangement set forth in proposed Appendix B to
part 49.
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
compliance with those statutory
restrictions of CEA section 21(c)(7).
2. Final Rules
The Commission received several
comments from the SDR Commenters on
the proposed amendments to
§ 49.17(d)(4). For the reasons stated
above in section II.D.1. and stated in
this section II.D.2., the Commission is
adopting § 49.17(d)(4)(i) through (iv) as
proposed, with one exception.
Specifically, the Commission is
adopting § 49.17(d)(4)(iii) with one
modification suggested by the SDR
Commenters, as discussed below in
section II.D.2.c.iii. In response to the
SDR Commenters’ comments, the
Commission is also clarifying the
guidance provided in the NPRM on
Federal Register page 8,381, as
discussed below in section II.D.2.a.ii.
a. § 49.17(d)(4)(i)
pmangrum on DSK30RV082PROD with RULES3
i. Notices of Initial Access Requests and
Requests Outside the Scope of
Jurisdiction
The SDR Commenters supported the
proposed amendment to the notification
provisions in current § 49.17(d)(4)(i) to
require SDRs to notify the Commission
only of an initial ADR or AFR request
for access to swap data (rather than
every request for swap data), stating that
this would reduce reporting burdens
and increase operational efficiencies.
However, the SDR Commenters stated
that ‘‘subsection § 49.17(d)(4)(i) and (iii)
should be modified to remove the
requirement that an SDR determine
whether swap data to which the ADR or
AFR seeks access is within the thencurrent scope of such ADR’s or AFR’s
jurisdiction.’’ 50 The SDR Commenters
claimed that they ‘‘are not the
appropriate entities to determine the
scope of a regulator’s jurisdiction’’
because ‘‘[t]hey do not possess the
means to do so correctly with current
data fields’’ 51 and that the scope of
jurisdiction determination ‘‘must rest
solely with the Commission.’’ 52
Accordingly, the SDR Commenters
insisted that their responsibilities ‘‘must
be limited to providing access to the
ADRs and AFRs in accordance with the
specific, appended jurisdictional
information clearly set forth in the
documents describing the
confidentiality arrangements negotiated
50 SDR Letter at 4. Proposed § 49.17(d)(4)(i) states
that a registered SDR shall notify the Commission
promptly after receiving any request that does not
comport with the scope of the ADR’s or AFR’s
jurisdiction, as described and appended to the
confidentiality arrangement required by proposed
§ 49.18(a).
51 SDR Letter at 3.
52 SDR Letter at 2.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
by the Commission pursuant to
§ 49.18.(a).’’ 53
The Commission declines to modify
§ 49.17(d)(4)(i) to provide that an SDR
does not need to determine whether
swap data to which an ADR or AFR
seeks access is within the then-current
scope of such ADR’s or AFR’s
jurisdiction. As noted above, SDRs are
obliged by CEA section 21(c)(7) to
provide access ‘‘pursuant to section 8’’
of the CEA, which the Commission
interprets as requiring a jurisdictional
nexus to the information requested,
consistent with CEA section 8(e).
However, for the reasons discussed
below in response to the SDR
Commenters’ comments on proposed
§ 49.17(d)(4)(iii) in relation to
determining whether an ADR’s or AFR’s
request for swap data is within the
scope of its jurisdiction, the
Commission expects SDRs’ role in
applying § 49.17(d)(4)(i) to be
straightforward. As discussed below, the
Commission will ensure that each ADR
and AFR seeking swap data access
provides each SDR from which it seeks
such access a description, appended to
the confidentiality arrangement required
by proposed § 49.18(a), of the ADR’s or
AFR’s scope of jurisdiction in a form
that will lend itself to SDRs being
readily able to determine whether a
particular data request falls within the
described scope of jurisdiction. As the
Commission will have previously
reviewed the described scope of
jurisdiction before it is provided to an
SDR as part of the confidentiality
arrangement required by proposed
§ 49.18(a), the SDR’s role in ensuring
that ADRs’ and AFRs’ swap data access
is limited to swap data within the thencurrent scope of such ADR’s or AFR’s
jurisdiction would be limited to
appropriately circumscribing the scope
of the swap data to which an ADR or
AFR obtains access to match the ADR’s
or AFR’s scope of jurisdiction, as
described in the appendix to the
confidentiality arrangement required by
§ 49.18(a), and notifying the
Commission if the SDR determines that
a particular data request does not
comport with the described scope of
jurisdiction.
Finally, § 49.17(d)(4)(i) requires an
SDR to notify the Commission of initial
requests for data by an ADR or AFR and
of requests for data that do not comport
with the scope of jurisdiction of an ADR
or AFR. These notifications are required
to be provided, pursuant to
§ 49.17(d)(4)(ii), in the format specified
by the Secretary of the Commission. In
response to a request from the SDR
53 SDR
PO 00000
Letter at 4.
Frm 00009
Fmt 4701
Sfmt 4700
27417
Commenters to specify that format, the
Secretary of the Commission is now
specifying that these notices should be
provided to Commission staff at the
email address dmodataandreporting@
cftc.gov.
ii. Recordkeeping
Proposed § 49.17(d)(4)(i) required
each SDR to maintain records, pursuant
to § 49.12,54 of the details of an ADR’s
or AFR’s initial request for SDR swap
data access and of all subsequent
requests by such ADR or AFR for such
access. In the NPRM, the Commission
explained that an SDR’s obligation to
maintain records of all information
related to the initial and all subsequent
requests by an ADR or AFR for swap
data access, pursuant to proposed
§ 49.17(d)(4)(i) and existing § 45.2(f),
would require the retention of records
that included, at a minimum, the
identity of the ADR or AFR accessing
the swap data, the date, time and
substance of the request for access,
confirmation that the request is
consistent with the scope of the
regulator’s jurisdiction, and copies of all
data reports and other aggregation of
data provided in connection with the
request for access.55
The SDR Commenters stated that ‘‘the
proposed requirement for SDRs to
maintain copies of data reports and
other aggregation of data provided in
connection with the request [f]or access
should be amended to avoid imposing
unnecessary costs.’’ 56 The SDR
Commenters also requested that
‘‘additional detail as to what constitutes
the ‘details of such initial request and of
all subsequent requests’ be included in
the rule itself rather than merely
mentioned in the preamble.’’ 57 The SDR
Commenters characterized the
recordkeeping requirements of proposed
§ 49.17(d)(4)(i) as requiring that SDRs
maintain data reports as financially
burdensome, challenging to implement,
and potentially decreasing information
security, because the requirements
could require an SDR ‘‘to propagate a
given data set more than once.’’ 58
As an alternative to maintaining such
reports, the SDR Commenters suggested
that they create pre-formatted data
54 Commission Regulation 49.12(a) requires SDRs
to maintain their records in accordance with the
requirements of part 45 of the Commission’s
regulations regarding the swap data required to be
reported to SDRs. Commission Regulation 45.2(f)
requires each SDR to keep complete records of all
SDR-related business activities.
55 NPRM at 8375, n.42; see also, NPRM at 8381
(Paperwork Reduction Act discussion of
recordkeeping burdens).
56 SDR Letter at 6.
57 SDR Letter at 5–6.
58 SDR Letter at 6.
E:\FR\FM\12JNR3.SGM
12JNR3
27418
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
reports and make them available for
download by ADRs and AFRs ‘‘so that
the record of access to such reports
[would] be easily identifiable, in lieu of
maintaining logs of queries and query
conditions . . . .’’ 59 The SDR
Commenters added that, if the
Commission adopted their alternative,
‘‘the parameters of the reports and the
logic which is used to populate the
reports is all that should have to be
maintained.’’ 60 The SDR Commenters
contended that the Commission should
require only ‘‘the saving of metadata
around reports rather than the actual
reports[.]’’ 61
After the NPRM was published in the
Federal Register, Commission staff
discussed the SDR Commenters’
recordkeeping concerns, as set out in
the SDR Letter, with the SDRs.62 Based
on those discussions, the Commission
understands that the SDR Commenters
plan to provide swap data access to
ADRs and AFRs in one of two ways: (1)
Via pre-formatted reports that the SDR
Commenters would make available for
download by ADRs and AFRs or send to
ADRs and AFRs, in each case on a
regular basis; or (2) via a Web-based
portal through which ADRs and AFRs
could conduct customized searches of
swap data.63 In those discussions, the
SDR Commenters explained that they
would not consider it unduly
burdensome to maintain records of the
pre-formatted reports (if they provide
ADRs and AFRs access to swap data via
pre-formatted reports) or records of both
the parameters of the permitted access
and the queries (if they provide such
access via Web portal).
In response to the SDR Letter, and for
the reasons explained by the SDR
Commenters and described in this
section, the Commission confirms that,
as represented by the SDRs and
consistent with the reasoning discussed
in the NPRM,64 either of these means of
providing swap data access to ADRs and
AFRs would be acceptable. The
59 Id.
60 Id.
pmangrum on DSK30RV082PROD with RULES3
61 Id.
62 Brief summaries of those ex parte
communications are available on the Commission’s
website at https://comments.cftc.gov/
PublicComments/CommentList.aspx?id=1777.
63 The swap data provided in the pre-formatted
reports or through the Web-based portals would be
limited to swap data within the particular ADR’s or
AFR’s scope of jurisdiction, as described in the
confidentiality arrangement required by § 49.18(a).
64 See, e.g., NPRM at 8385 (stating that the
Commission is proposing not to specify a particular
means of ADRs and AFRs accessing swap data) and
8386 (stating that the Commission expects that
SDRs would choose the lowest cost means of access
consistent with their statutory obligation to provide
ADRs and AFRs access to swap data and other
constraints).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
Commission also confirms that SDRs
may satisfy their recordkeeping duties
under § 49.17(d)(4)(i) by maintaining
records of, as applicable: (1) Their preformatted swap data reports; or (2)(a)
the parameters of Web portal swap data
access and (b) queries run by ADRs and
AFRs using such access.
iii. Aggregated Data
The SDR Commenters also expressed
concerns that the Commission’s
statement that proposed § 49.17(d)(4)(i)
and existing § 42.5 would require
retention of copies of all other
aggregation of data provided in
connection with the request for access
was intended to impose a requirement
to provide aggregated data to ADRs or
AFRs. To address that concern, the SDR
Commenters asked the Commission to
specify that SDRs would not be required
to provide ADRs or AFRs with
aggregated data and that SDRs are
required to provide only raw swap
transaction data, in the form of, for
example, pre-formatted reports or via
Web-based portal access.65
In response to the foregoing comment,
and for the reasons explained by the
SDR Commenters and described in this
section, the Commission clarifies that
SDRs are required to provide ADRs and
AFRs only raw swap transaction data in
the form in which SDRs maintain such
data. The Commission further clarifies
that SDRs are not required to aggregate
or manipulate raw swap transaction
data to provide it to ADRs or AFRs in
customized formats or reports requested
thereby. Through its consultations with
certain ADRs as required by section
712(a)(1) of the Dodd-Frank Act,66 the
Commission understands that those
ADRs enumerated in § 49.17(b)(1)(i)
through (vi) that are interested in
accessing SDR swap data are capable of
receiving such data and manipulating
and analyzing such data using their own
systems.
After considering the comments on
proposed § 49.17(d)(4)(i), for the reasons
described above, the Commission is
adopting the amendments to
§ 49.17(d)(4)(i) as proposed.
b. § 49.17(d)(4)(ii)
The Commission proposed only
minor, clarifying changes to
§ 49.17(d)(4)(ii) and did not receive any
SDR Letter at 6.
712(a)(1) of the Dodd-Frank Act
provides that before commencing any rulemaking or
issuing an order regarding swap data repositories,
the Commission shall consult and coordinate to the
extent possible with the Securities and Exchange
Commission and the prudential regulators for the
purposes of assuring regulatory consistency and
comparability.
comments thereon. The Commission is
adopting the amendments to
§ 49.17(d)(4)(ii) as proposed.
c. § 49.17(d)(4)(iii)
i. Scope of an ADR’s or AFR’s
Jurisdiction
The SDR Commenters commented
that ‘‘the determination as to scope of
jurisdiction must rest solely with the
Commission’’ 67 because ‘‘[t]he SDRs do
not have, and are not required to have[,]
information sufficient to determine
whether requested swap data is within
the ADR[’s] or AFR[’]s scope of
jurisdiction.’’ 68 The SDR Commenters
contended that, if the Commission
wants the SDRs to play a role in
determining whether swap data is
subject to the jurisdiction of any
particular ADR or AFR, the Commission
would need to ‘‘amend the current Part
43 and Part 45 fields to provide the
SDRs with the basis to make these
determinations.’’ 69 The SDR
Commenters added that they ‘‘should
not be expected to make interpretations
about jurisdictional questions from
ambiguous data points.’’ 70
On this point, the SDR Commenters
explained that ‘‘[t]he current Part 43 and
Part 45 data fields do not yield
information that would allow an SDR to
identify trades that fall within an
ADR[’s] or AFR’s jurisdiction
definitively.’’ 71 They recommended
that ADRs and AFRs ‘‘should be
required to provide a[ ] . . . list of Part[ ]
43 and 45 data fields (e.g., legal entity
identifiers (‘‘LEIs’’) of the reporting
counterparty and non-reporting
party[and] the unique product identifier
(‘‘UPI’’)) and parameters for such data
fields’’ 72 that would clearly indicate to
the SDRs which swaps fall within an
ADR’s or AFR’s jurisdiction. The SDR
Commenters contended that such a list
of Part 43 and 45 data fields is necessary
because ‘‘no Part 43 or 45 data fields
. . . by themselves identify swaps that
fall within an ADR[’s] or AFR’s
jurisdiction.’’ 73
The SDR Commenters contended that
the benefits of their proposed approach
would include ensuring that SDRs grant
access in a consistent manner and that
the security controls established by an
SDR according to Part 43 or 45
parameters would prevent access to
swap data outside the scope of an ADR’s
or AFR’s jurisdiction. The SDR
65 See
66 Section
PO 00000
Frm 00010
Fmt 4701
Sfmt 4700
67 SDR
Letter at 2.
at 3.
69 Id. at 4.
70 Id.
71 Id.
72 Id.
73 Id.
68 Id.
E:\FR\FM\12JNR3.SGM
12JNR3
pmangrum on DSK30RV082PROD with RULES3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
Commenters recommended the
following changes to the proposed
regulations to effectuate their proposed
approach:
• Removing proposed
§ 49.17(d)(4)(iv) completely;
• removing the requirement in
proposed § 49.17(d)(4)(i) and (iii) that an
SDR determine whether swap data to
which an ADR or AFR seeks access is
within the then-current scope of such
ADR’s or AFR’s jurisdiction;
• replacing the ‘‘negative
requirement’’ not to provide access
unless such a determination has been
made with a ‘‘positive requirement’’ to
provide access that comports with the
jurisdictional determination made by
the Commission, which determination
is clearly spelled out in the
confidentiality arrangement;
• modifying paragraph
§ 49.17(d)(4)(iii) to state that any
requested change in an ADR’s or AFR’s
scope of jurisdiction, as described in the
confidentiality arrangement required by
proposed § 49.18(a), should be agreed to
between the Commission and the ADR
or AFR and the information appended
to the confidentiality arrangement
should be amended accordingly and
provided to the SDRs for
implementation; and
• revising the description of Exhibit
A in the confidentiality arrangement to
state that the ‘‘description of scope of
jurisdiction’’ must include a list of part
43 and part 45 fields and specific
parameters.74
After considering the SDR
Commenters’ comments and consulting
with certain ADRs as required by
section 712(a)(1) of the Dodd-Frank Act,
the Commission agrees with the SDR
Commenters that SDRs should not be
responsible for determining the scope of
an ADR’s or AFR’s jurisdiction, for the
reasons explained by the SDR
Commenters and described in this
section. The Commission believes,
however, that SDRs should be
responsible for limiting ADRs’ and
AFRs’ access to swap data to those swap
data within ADRs’ and AFRs’ thencurrent scopes of jurisdiction, as
described in the appendix to the
confidentiality arrangement required by
§ 49.18(a). As noted above, SDRs are
obligated by CEA section 21(c)(7) to
provide access ‘‘pursuant to section 8’’
of the CEA, which the Commission
interprets as requiring a jurisdictional
nexus to the information requested,
consistent with CEA section 8(e).
For the swap data sharing goal of CEA
section 21(c)(7) to be achieved, an
ADR’s or AFR’s description of its scope
74 Id.
at 4 and 5.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
of jurisdiction must allow the SDRs to
establish objective parameters for
determining whether a particular data
request falls within such scope of
jurisdiction, without undue obstacles.
The Commission believes that a system
requiring legal analysis by the SDRs (a
possible result, depending on how
ADRs and AFRs describe their scopes of
jurisdiction) for each ADR/AFR swap
data request is impractical at best and
could lead to very slow data access and
disparate results across SDRs.
Consequently, the Commission supports
the spirit of the SDR Commenters’
proposal that relevant Part 43/45 data
fields could be used to assist in
clarifying an ADR’s or AFR’s scope of
jurisdiction, for purposes of SDR swap
data access.75
The Commission intends to review
each ADR’s and AFR’s description of its
scope of jurisdiction and ensure that
such descriptions are presented in the
confidentiality arrangement in a form
SDRs can readily adapt to SDRdeveloped swap data reports and/or
search parameters. The Commission
also interprets CEA section 21(c)(7) as
imposing on SDRs the duty to limit
ADRs’ and AFRs’ access to swap data to
those swap data within ADRs’ and
AFRs’ scope of jurisdiction. The
description of an ADR’s or AFR’s scope
of jurisdiction will be appended to the
confidentiality arrangement that is
executed between the ADR or AFR and
the Commission and provided to SDRs.
An SDR’s duty with respect to this
description of the ADR’s or AFR’s scope
of jurisdiction is to ensure that the swap
data provided to the ADR or AFR is
limited to those records that fall within
the description appended to the
confidentiality arrangement. For
example, if the description is based on
a list of LEIs representing entities that
a particular ADR regulates, then the
SDR’s duty would be to provide all
swap data associated with the fields in
which those LEIs appear (e.g., the fields
associated with counterparty
identifiers), as those fields are set forth
in the description provided by the ADR.
As the SDR Commenters acknowledged
in discussions with Commission staff,
this would make fulfilling their
obligations under CEA section 21(c)(7)
and § 49.17(d)(4), as proposed,
straightforward to apply.
The Commission anticipates that, as a
practical matter, ADRs and AFRs
generally will describe their thencurrent scopes of jurisdiction, as
75 The SDR Commenters’ approach, by permitting
automation, could expedite swap data access. The
SDR Commenters’ approach could also eliminate
the potential for inconsistent determinations by
different SDRs.
PO 00000
Frm 00011
Fmt 4701
Sfmt 4700
27419
appended to the confidentiality
arrangement required by § 49.18(a), in
terms of LEIs and possibly also UPIs or
other product identifiers. Although
there may be some limitations of using
LEIs and product identifiers (e.g., in
limited instances where blank or
incorrect data entries remain in LEI
fields, LEIs are masked in a number of
cases to reflect certain other
jurisdictions’ privacy law limits on
disclosure, and the Commission has yet
to designate a UPI and product
classification system), the Commission
believes these data elements represent
the most useful method of describing
ADRs’ and AFRs’ scopes of
jurisdiction.76
It also is possible that an ADR or AFR
will be able to convey its scope of
jurisdiction without using part 43 or
part 45 data fields in a way that SDRs
will be able to easily apply. The SDR
Letter itself acknowledged the
possibility that other part 43 or part 45
data fields may be relevant in describing
ADRs’ and AFRs’ scopes of
jurisdiction.77 For example, it is
conceivable that an ADR’s scope of
jurisdiction may include all swap data
maintained at SDRs (though the
Commission does not anticipate that
this will be the case with respect to
most ADRs). In such case, it would not
be necessary to use part 43, part 45 or
any other swap data fields to delineate
the scope of an ADR’s or AFR’s
jurisdiction. For the foregoing reasons,
the Commission declines to specifically
require the use of part 43 or part 45 data
fields to describe an ADR’s or AFR’s
scope of jurisdiction.
The Commission also declines to act
on the SDR Commenters’ request to
delete proposed § 49.17(d)(4)(iv), which
provides that SDRs need only make a
jurisdictional determination with
respect to an ADR’s or AFR’s swap data
access request once for a recurring
request and once each time the
parameters of the access requests
change. The SDR Commenters
expressed support in the SDR Letter for
that single determination concept and
appear to have requested the deletion of
76 In addition, if the scope of an ADR’s or AFR’s
jurisdiction supports receiving all swap data with
respect to entities over which an ADR or AFR
exercises oversight, the ADR or AFR may not need
to use product identifiers at all—it may be able to
use LEIs alone to describe the scope of its
jurisdiction.
77 For example, the SDR Letter noted that ‘‘an
indication of whether a swap is a mixed swap’’
could constitute a part 43 or 45 data field that
‘‘determine[s] . . . which swaps fall within an ADR
or AFR’s jurisdiction.’’ SDR Letter at 4. Also, in ex
parte communications following the publication of
the NPRM, the SDR Commenters acknowledged that
other fields could potentially be relevant as well.
E:\FR\FM\12JNR3.SGM
12JNR3
27420
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
proposed § 49.17(d)(4)(iv) because it
would impose a jurisdictional
determination requirement on SDRs. As
explained above, however, the
requirement for an SDR to ensure that
a data access request is within the thencurrent scope of an ADR’s or AFR’s
jurisdiction, as described in an
appendix to the confidentiality
arrangement required by § 49.18(a), is
required by statute and should impose
a minimal burden on SDRs.
For the reasons described below in
section II.D.2.c.ii., the Commission
declines to modify proposed
§ 49.17(d)(4)(iii) to state that any change
in an ADR’s or AFR’s swap data access
based on a change in its scope of
jurisdiction should be agreed to between
the Commission and the ADR or AFR,
and the jurisdictional description
appended to the confidentiality
arrangement should be amended
accordingly and provided to the SDRs
for implementation.
ii. Changes to an ADR’s or AFR’s Scope
of Jurisdiction
The SDR Commenters stated that the
Commission should amend
§ 49.17(d)(4)(iii) to require that the
Commission and an ADR or AFR agree
to any change to the SDR swap data that
an ADR or AFR may access based on a
change in the ADR’s or AFR’s scope of
jurisdiction, which should then be
reflected in an updated confidentiality
arrangement provided to the SDRs.78
The Commission believes
§ 49.17(d)(4)(iii), as proposed, addresses
the SDR Commenters’ comment. The
first sentence states that an SDR shall
not grant an ADR or AFR access to swap
data maintained by the SDR unless the
SDR has determined that the swap data
to which the ADR or AFR seeks access
is within the then-current scope of such
ADR’s or AFR’s jurisdiction, as
described and appended to the
confidentiality arrangement required by
§ 49.18(a). Accordingly, once an SDR
receives that jurisdictional description,
it can rely on that description until it
either receives a new jurisdictional
description or is directed by the
Commission to suspend, limit, or revoke
an ADR’s or AFR’s swap data access.
The second sentence of
§ 49.17(d)(4)(iii), as proposed, requires
that each ADR or AFR that has executed
a confidentiality arrangement with the
Commission pursuant to § 49.18(a) and
provided it to one or more SDRs shall
notify the Commission and each such
SDR of any change to such ADR’s or
AFR’s scope of jurisdiction, as described
in such confidentiality arrangement.
78 See
SDR Letter at 4.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
This puts the burden on each ADR and
AFR to inform the Commission, and
each SDR from which an ADR and AFR
receives swap data, of changes to such
ADR’s or AFR’s jurisdiction.79 The
Commission would review any such
changes, which the Commission expects
will be in the form of an updated
jurisdictional description and, unless
the Commission found an error or other
issue in the updated jurisdictional
description, expects to advise the
relevant ADR or AFR that it could
provide the relevant SDRs the updated
scope of jurisdiction description.
If the ADR’s or AFR’s scope of
jurisdiction were to become more
narrow, the Commission could use its
authority pursuant to the third sentence
of proposed § 49.17(d)(4)(iii) to direct
the relevant SDRs to suspend, limit, or
revoke access to swap data maintained
by such SDR based on any such change
to such ADR’s or AFR’s scope of
jurisdiction, in which case such SDR
shall so suspend, limit, or revoke such
access. If the ADR’s or AFR’s scope of
jurisdiction were to expand, as a
practical matter, the ADR or AFR could
not obtain swap data relevant to such
expanded jurisdiction until the SDRs
could update the parameters of their
means of providing access accordingly,
which the Commission would expect
them to do no later than the earlier of
(1) the earliest date such SDR,
exercising commercially reasonable
efforts in light of its obligations under
the CEA and the Commission’s
regulations, is able to update the
parameters of swap data access to match
the ADR’s or AFR’s new scope of
jurisdiction and (2) 180 days after the
SDR receives those new parameters.
iii. Written Notices
The SDR Commenters contended that
‘‘[p]roposed § 49.17(d)(4)(iii) should
specify that any request by the
Commission to the SDR to suspend,
limit, or revoke access to swap data
should be provided in writing.’’ 80 The
Commission agrees that such an
important action should be provided in
writing to avoid misunderstandings and
to provide a record on which SDRs can
79 The Commission expects each ADR and AFR to
also notify (in writing) the Commission and each
SDR from which the ADR or AFR receives swap
data of proposed changes to the ADR’s or AFR’s
jurisdiction. With such advance notice, the
Commission would seek to consider the
implications, if any, of such changes, if finalized as
proposed, for the scope of SDR swap data to which
the ADR or AFR could have access. With suitable
advance notice from the ADR or AFR, the SDRs
could implement such changes contemporaneously
with the time an ADR’s or AFR’s scope of
jurisdiction changes.
80 SDR Letter at 7.
PO 00000
Frm 00012
Fmt 4701
Sfmt 4700
rely. Accordingly, § 49.17(d)(4)(iii), as
adopted, provides that an SDR is
required to suspend, limit, or revoke an
ADR’s or AFR’s access to the swap data
maintained by such SDR only if the
Commission communicates such
instruction to the SDR in writing.
d. § 49.17(d)(4)(iv)
The Commission proposed in
§ 49.17(d)(4)(iv) that an SDR need not
make the scope of jurisdiction
determination required pursuant to
proposed § 49.17(d)(4)(iii) more than
once with respect to a recurring swap
data request but that, if such request
changed, the SDR would have to make
a new determination pursuant to
§ 49.17(d)(4)(iii). The SDR Commenters
requested that the Commission remove
proposed § 49.17(d)(4)(iv), but the
Commission understands this request to
have been rooted in the SDR
Commenters’ concern that SDRs are not
well suited to make a jurisdictional
determination with respect to an ADR’s
or AFR’s request for swap data, as
discussed above in section II.D.4.c.i. For
the reasons discussed therein, the
Commission considers those concerns
otherwise addressed and is adopting
§ 49.17(d)(4)(iv) as proposed.81
E. New § 49.17(i): Delegation of
Authority
In the interest of expedience and
efficiency in determining
appropriateness of access by ADRs and
AFRs, the Commission proposed (1) to
delegate all functions reserved to the
Commission in § 49.17 to the Director of
the Division of Market Oversight
(‘‘DMO’’) and to such members of the
Commission’s staff acting under his or
her direction as he or she may designate
from time to time and (2) that the DMO
Director could submit any such
delegated matter to the Commission for
its consideration and that nothing
prevents the Commission from
exercising the delegated authority. The
Commission received no comments in
response to proposed § 49.17(i) and is
adopting it as proposed.
F. CEA Section 21(d) Confidentiality
Agreements: Amendments to § 49.18
CEA section 21(d), as amended by the
FAST Act, requires that, prior to
providing swap data to a 21(c)(7) entity,
an SDR shall receive a written
agreement from each entity stating that
the entity shall abide by the
81 As discussed above, the Commission is not
mandating that SDRs perform an analysis of an
ADR’s or AFR’s scope of jurisdiction. Instead, the
Commission is obligating SDRs to apply the scope
of jurisdiction as defined in the confidentiality
arrangement required by § 49.18(a).
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
confidentiality requirements described
in CEA section 8 relating to the
information on swap transactions that is
provided.82 As originally adopted, the
part 49 rules required that such
confidentiality agreements be executed
between the SDR and the 21(c)(7)
entity.83 The Commission proposed in
the NPRM to modify its part 49 rules to
add a new § 49.18(a) requiring that a
confidentiality arrangement be executed
by and between the ADR or AFR and the
Commission.84 Once the ADR or AFR
and the Commission have executed a
confidentiality arrangement, the ADR or
AFR may present the executed
document to any SDR from which it
requests access to swap data in
satisfaction of CEA section 21(d).
Based on its experience with SDRs
and swap data access since the adoption
of part 49 in 2011, and on further
consideration of the relationship
between CEA sections 21 and 8, the
Commission believed this change was
consistent with the statutory framework
established by Congress in CEA sections
21(d) and 21(c)(7) and more directly
conforms to the confidentiality mandate
of CEA section 8. The Commission
stated its belief that this change would
promote regulatory efficiency and
reduce costs to SDRs, ADRs and AFRs
while ensuring the confidentiality of
SDR swap data.
To further promote regulatory
efficiency, the Commission proposed a
Confidentiality Arrangement Form for
use by ADRs and AFRs. The
Commission expects its use by ADRs
and AFRs to significantly reduce the
need for these entities to negotiate
separate, SDR-specific confidentiality
arrangements with the Commission. The
Confidentiality Arrangement Form also
will benefit the Commission by allowing
it to use a single form of confidentiality
arrangement rather than a different
version for each ADR and AFR. This
Confidentiality Arrangement Form also
will eliminate the costs and potential
inefficiencies for the SDRs that are
inherent in requiring each SDR to
negotiate confidentiality arrangements
with a potentially large number of ADRs
and AFRs. Similarly, the Confidentiality
Arrangement Form will also eliminate
costs and inefficiencies for ADRs and
82 See CEA section 21(d). 7 U.S.C. 24a(d), as
amended by the FAST Act.
83 See §§ 49.17(d)(6) and 49.18(b), as in effect
prior to this adopting release.
84 The Commission notes that the SEC has
implemented a similar approach with respect to the
execution of the required agreement. See Access to
Data Obtained by Security-Based Swap Data
Repositories, 81 FR 60585 at 60591 and 60608
(Sept. 2, 2016) (SEC rule 13n–4(b)(10), 17 CFR
240.13n–4(b)(10), and associated preamble text)
(‘‘SEC Indemnification Rule’’).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
AFRs that would be incurred if each
ADR and AFR has to negotiate and
execute a unique confidentiality
arrangement with each SDR. Finally, the
Commission believes that widespread
use of the Confidentiality Arrangement
Form will facilitate timely access to SDR
swap data by ADRs and AFRs by
reducing or eliminating instances in
which the Commission and its staff
need to devote time and resources to
developing and reviewing
individualized confidentiality
arrangements.
1. Current Rule
The Commission adopted § 49.18 to
implement CEA sections 21(d)(1) and
(2) as originally enacted. Accordingly,
the current rule obligates SDRs to
execute a ‘‘Confidentiality and
Indemnification Agreement’’ before
providing SDR swap data to an ADR or
AFR. In the FAST Act, Congress
repealed the indemnification
requirement in CEA section 21(d)(2),
and the Commission proposed in the
NPRM certain conforming amendments
to § 49.18 to remove references to
indemnification.
Separately, the Commission proposed
in the NPRM to amend § 49.18 to
modify the substantive requirements of
the confidentiality arrangement and the
parties to the confidentiality
arrangement, to establish conditions for
restricting or revoking access to SDR
swap data, and to clarify the
confidentiality obligations of ADRs and
AFRs with regulatory responsibility
over an SDR.
2. Proposed Amendments to § 49.18(a):
Confidentiality Arrangement Required
Prior to Disclosure of Swap Data
The Commission proposed to remove
existing § 49.18(a) 85 and add a new
§ 49.18(a) requiring that an SDR, before
providing access to swap data
maintained by the SDR to an ADR or
AFR, receive a confidentiality
arrangement executed by the
Commission and the ADR or AFR that,
at a minimum, contains all elements
described in § 49.18(b), as amended.
3. Proposed Amendments to § 49.18(b):
Required Elements of the
Confidentiality Arrangement
The Commission proposed to amend
§ 49.18(b) 86 to include a requirement
85 Existing § 49.18(a) describes the purpose of
§ 49.18.
86 Existing § 49.18(b) requires an SDR to receive
a confidentiality agreement from a 21(c)(7) entity
before granting the 21(c)(7) entity access to swap
data maintained by the SDR. As discussed above,
the Commission proposes to address in § 49.18(a),
as adopted herein, the confidentiality agreement
condition to swap data access.
PO 00000
Frm 00013
Fmt 4701
Sfmt 4700
27421
that the confidentiality arrangement
required pursuant to § 49.18(a) shall, at
a minimum, include all elements
included in the Confidentiality
Arrangement Form. As proposed,
paragraph 5 of the Confidentiality
Arrangement Form required an ADR or
AFR to undertake that it will be acting
within the scope of its jurisdiction each
time it requests swap data from an SDR,
and to promptly notify the Commission
and each relevant SDR if the scope of
the ADR’s or AFR’s jurisdiction
changes. As proposed, paragraph 5 of
the Confidentiality Arrangement Form
also required ADRs and AFRs to employ
procedures to maintain the
confidentiality of swap data received
from an SDR and any information and
analyses derived therefrom (the swap
data and such information are referred
to collectively in the Confidentiality
Arrangement Form as the ‘‘Confidential
Information’’).
As proposed, paragraph 6 of the
Confidentiality Arrangement Form
required ADR and AFR signatories to
employ the following safeguards to
maintain the confidentiality of the
Confidential Information:
• To the maximum extent practicable,
maintain Confidential Information
received from SDRs separately from
other data and information; 87
• protect such Confidential
Information from misappropriation and
misuse; 88
87 Without limitation, ADRs and AFRs seeking
useful guidance for Confidential Information
segregation can look to the data segregation
standards contained in the National Institute of
Standards and Technology (‘‘NIST’’) Special
Publication 800–53, Revision 4, Security and
Privacy Controls for Federal Information Systems
and Organizations (April 2013) (‘‘NIST Document’’),
available at https://nvlpubs.nist.gov/nistpubs/
SpecialPublications/NIST.SP.800-53r4.pdf. The
NIST Document also references international
security standards in Appendix H (International
Information Security Standards). See also the
Federal Information Security Management Act of
2002, as amended (‘‘FISMA’’), 44 U.S.C. 3541. As
the Commission has previously noted in a different
context, FISMA ‘‘is a source of cybersecurity best
practices and also establishes legal requirements for
federal government agencies . . . .’’ System
Safeguards Testing Requirements, 80 FR 80139,
80142 Dec. 23, 2015) (‘‘Registered Entity Cyber
NPRM’’). The Commission adopted final rules
based on the Registered Entity Cyber NPRM. See
System Safeguards Testing Requirements, 81 FR
64271 (Sept. 19, 2016) (‘‘Final Registered Entity
Cyber Rules’’).
88 This should include cybersecurity measures.
As the Commission detailed in a different context
in the Final Registered Entity Cyber Rules, ‘‘cyber
threats to the financial sector continue to expand.’’
See id. at 64272. See also System Safeguards
Testing Requirements for Derivatives Clearing
Organizations, 80 FR 80113, 80114–80115 (Dec. 23,
2015) (describing escalating and evolving
cybersecurity threats); Registered Entity Cyber
NPRM at 80140–80141 (describing, inter alia, the
then-current cybersecurity threat environment).
E:\FR\FM\12JNR3.SGM
12JNR3
27422
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
• ensure that only ADR or AFR
personnel with a need to access
particular Confidential Information to
perform their job functions related to
such Confidential Information have
access thereto and that such access is
permitted only to the extent necessary
to perform such job functions; 89
• prevent the disclosure of aggregated
Confidential Information, unless
sufficiently aggregated and anonymized
to prevent identification, through
disaggregation or otherwise, of a market
participant’s business transactions,
trade data, market positions, customers
or counterparties; 90
• prohibit the use of Confidential
Information by ADR or AFR personnel
for any improper purpose; and
89 One basic principle of data security is that only
those with a need to access data to perform their
work should be granted access to such data. See,
e.g., Framework for Improving Critical
Infrastructure Cybersecurity at 23 (Feb. 12, 2014),
available at https://www.nist.gov/cyberframework/
upload/cybersecurity-framework-021214.pdf
(characterizing the ‘‘Protect’’ element of a core
cybersecurity framework as one where ‘‘[a]ccess to
assets and associated facilities is limited to
authorized users, processes, or devices, and to
authorized activities and transactions.’’).
90 The Commission understands that ADRs and
AFRs may want to use aggregated and anonymized
information derived from SDR swap data in
analyses that may be made public. Cf. U.S. GOV’T
ACCOUNTABILITY OFFICE, GAO–16–175,
FINANCIAL REGULATION: COMPLEX AND
FRAGMENTED STRUCTURE COULD BE
STREAMLINED TO IMPROVE EFFECTIVENESS
71–75 (2016) (‘‘GAO Report’’), available at https://
www.gao.gov/assets/680/675400.pdf (discussing the
OFR’s Financial Stability Monitor and related
confidentiality issues and protections surrounding
sharing aggregated and disaggregated information
provided by other agencies). The Commission
believes that, when properly aggregated and
anonymized, information derived from SDR swap
data generally can be disclosed without violating
the requirement in CEA section 21(d) that a
recipient of swap data agree, with respect to the
information on swap transactions that is provided
by an SDR, to abide by the confidentiality
requirements described in CEA section 8. Cf.
§ 49.16(c) (providing that subject to Section 8 of the
Act, SDRs may disclose aggregated swap data on a
voluntary basis or as requested in the form and
manner prescribed by the Commission); SDR Final
Rules at 54551 (providing that the Commission
believes that it is permissible under the Dodd-Frank
Act and part 49 of the Commission’s regulations for
an SDR to disclose, for non-commercial purposes,
data on an aggregated basis such that the disclosed
data reasonably cannot be attributed to individual
transactions or market participants.). In certain
cases, however, even aggregated information may
enable a reader to determine a market participant’s
business transactions, trade secrets (e.g., algorithms)
or positions. Thus, the Confidentiality Arrangement
Form requires ADRs and AFRs to implement
safeguards designed to appropriately limit the use
of information that has been aggregated from SDR
swap data and to disclose aggregated information
only if it is sufficiently anonymized to prevent the
identification, through disaggregation or otherwise,
of a market participant’s business transactions,
trade data, market positions, customers or
counterparties. ADRs and AFRs can look to
§ 43.4(d)(1) and (4) and (g) for guidance on
anonymization principles.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
• include a process for monitoring
compliance with the confidentiality
safeguards described in the
Confidentiality Arrangement Form and
for promptly notifying the CFTC and
each relevant SDR of any violation of
the safeguards or failure to fulfill the
terms of the confidentiality
arrangement.
As proposed, paragraph 7 of the
Confidentiality Arrangement Form also
precluded, with limited exceptions,
ADRs and AFRs from disclosing any
Confidential Information, via onward
sharing 91 or otherwise. One exception
was for aggregated Confidential
Information that is anonymized to
prevent identification (through
disaggregation or otherwise) of a market
participant’s business transactions,
trade data, market positions, customers
or counterparties. The other exception
was described in proposed paragraphs
8.a through 8.c., as described below.
As proposed, paragraphs 8.a through
8.c. of the Confidentiality Arrangement
Form required specified federal, state or
local U.S. ADRs and specified foreign
AFRs to undertake that they will not
disclose Confidential Information
except in specified actions, adjudicatory
actions or proceedings under relevant
law.
As proposed, paragraph 9 of the
Confidentiality Arrangement Form
contained certain provisions requiring
ADRs and AFRs to notify the
Commission, and take certain protective
actions, prior to disclosing Confidential
Information in circumstances where an
ADR or AFR receives a legally
enforceable demand to disclose
Confidential Information.
As proposed, paragraph 11 of the
Confidentiality Arrangement Form
required ADRs and AFRs accessing
swap data from SDRs to comply with all
applicable security-related requirements
imposed by an SDR in connection with
access to such swap data, as such
requirements may be revised from time
to time. Because, subject to specified
conditions, CEA sections 21(c)(7) and
21(d) require SDRs to provide ADRs and
AFRs access to swap data, the
Commission expects that SDRs will not
impose security-related access
requirements beyond those that are
necessary to ensure the privacy and
confidentiality of SDR swap data. The
Commission further expects that SDRs’
security-related access requirements for
ADRs and AFRs would be akin, if not
identical, to the requirements SDRs
91 The Commission interprets the restrictions on
disclosure contained in CEA section 8 that are
incorporated in CEA sections 21(c)(7) and 21(d) as
prohibiting an ADR or AFR from onward sharing
swap data it obtains from an SDR.
PO 00000
Frm 00014
Fmt 4701
Sfmt 4700
impose on others (e.g., the Commission,
reporting counterparties) to whom SDRs
provide swap data access.
To further protect the confidentiality
of SDR swap data, paragraph 12 of the
Confidentiality Arrangement Form, as
proposed, required ADR and AFR
signatories to promptly destroy all
Confidential Information for which they
no longer have a need or which no
longer falls within their scope of
jurisdiction.92 The Commission stated
in the proposal that, although it may be
the case that ADRs or AFRs will use
some or all Confidential Information in
perpetuity, if they no longer have a need
for Confidential Information, they
should destroy such Confidential
Information to prevent its misuse.
Similarly, the Commission stated in the
proposal that if an SDR inadvertently
provides to an ADR or AFR swap data
outside the scope of the ADR’s or AFR’s
jurisdiction, such swap data also should
be destroyed immediately after the ADR
or AFR discovers that such swap data is
outside the scope of its jurisdiction. The
Commission clarifies here that, although
it is adopting paragraph 12 of the
Confidentiality Arrangement Form as
proposed, if a recordkeeping obligation
that is legally binding on an ADR or
AFR would prohibit destroying swap
data, the ADR or AFR would not need
to destroy swap data in contravention of
such prohibition.
The proposed rule required that a
confidentiality arrangement include an
exhibit (Exhibit A) describing the scope
of jurisdiction of the ADR or AFR
signatory. If such signatory is not an
Enumerated ADR, the ADR or AFR
would attach the Commission
Determination Order described in
§ 49.17(h) as Exhibit A to the
confidentiality arrangement.93 If such
signatory is an Enumerated ADR, it
would attach, as Exhibit A to the
confidentiality arrangement, a detailed
description of its scope of jurisdiction as
it relates to the swap data maintained by
SDRs that the Enumerated ADR would
seek to access. The description
appended as Exhibit A to the
confidentiality arrangement would be
used by SDRs to verify that each
particular swap data request is within
the scope of the requesting entity’s
jurisdiction.
While the Confidentiality
Arrangement Form, as proposed, would
92 Paragraph 12 of the Confidentiality
Arrangement Form, as proposed, also required ADR
and AFR signatories to certify to the CFTC, upon
request, that they have destroyed such swap data.
93 As noted above, the Commission expects that
the applicant would provide a description of its
scope of jurisdiction as part of the Determination
Order process.
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
require ADRs and AFRs to make certain
undertakings before being granted
access to SDR swap data, it afforded
ADRs and AFRs the discretion to
determine how to comply with those
obligations with respect to swap data
received from an SDR. Additionally, the
Commission stated that to the extent the
proposed rule did not address a relevant
confidentiality issue that arose after an
ADR or AFR commenced accessing
swap data, the Commission expected
affected ADRs and AFRs to take
appropriate measures to safeguard
affected swap data and advise the
Commission of such issue promptly so
that the Commission may consider
appropriate action.
pmangrum on DSK30RV082PROD with RULES3
4. Proposed Removal of § 49.18(c): ADRs
and AFRs With Regulatory
Responsibility Over an SDR
The Commission proposed removing
current § 49.18(c), which provides that
the indemnification and confidentiality
requirements established in § 49.18(b)
do not apply to certain ADRs and AFRs
with regulatory responsibility over an
SDR, but requires such regulators to
comply with CEA section 8 and any
other relevant statutory confidentiality
authorities. As noted above in section
II.B. relating to § 49.17(d)(2) and (3), the
Commission believed that those
domestic regulators and Foreign
Regulators that have regulatory
responsibility over an SDR should be
able to access swap data reported to
such SDR pursuant to such other
regulator’s regulatory regime, without
the limitations set out in current
§ 49.18(c). Therefore, the Commission
submitted in the NPRM that § 49.18(c) is
not appropriate. In addition, the
Commission noted that § 49.17(d)(2) and
(3) already provided that the
confidentiality and indemnification
requirements of § 49.18(b) do not apply
to these domestic regulators and Foreign
Regulators with regulatory
responsibility over SDRs. However, the
Commission stated that insofar as such
a regulator sought swap data that was
not reported to the SDR pursuant to that
regulator’s regulatory regime, the
exclusions set forth within
§§ 49.17(d)(2) and (3) would not apply.
The Commission accordingly proposed
to eliminate § 49.18(c).
5. Proposed New § 49.18(c) and (d):
Failure to Fulfill the Terms of a
Confidentiality Arrangement
The Commission proposed new
§ 49.18(c) to require SDRs to
immediately report to the Commission
any known failure to fulfill the terms of
a confidentiality arrangement that they
receive pursuant to § 49.18(a). The
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
Commission also proposed new
§ 49.18(d), which authorizes the
Commission to direct an SDR to limit,
suspend or revoke an ADR’s or AFR’s
access to swap data, if the Commission
determines that the ADR or AFR has
failed to fulfill the terms of its
confidentiality arrangement with the
Commission.94
6. Proposed New § 49.18(e): Delegation
of Authority
The Commission proposed to add
new § 49.18(e)(1) to delegate to the DMO
Director, and to such Commission staff
acting under his or her direction as he
or she may designate from time to time,
all functions reserved to the
Commission in § 49.18. Proposed
49.18(e)(2) reserved to the DMO Director
the authority to submit to the
Commission for its consideration any
matter that has been delegated under
§ 49.18(e)(1). Proposed § 49.18(e)(3)
expressly permitted the Commission, at
its election, to exercise the authority
delegated under § 49.18(e)(1).
This delegation is intended to
conserve Commission resources and
increase the effectiveness and efficiency
of the Commission’s oversight and
supervision of SDR swap data access.
The Commission anticipates that the
delegation of authority will help
facilitate timely access to SDR swap
data by ADRs and AFRs consistent with
the requirements set forth in part 49 of
the Commission’s regulations. However,
the DMO Director may submit matters to
the Commission for its consideration, as
he or she deems appropriate.
7. Conforming Changes
As a result of the FAST Act
Amendments, the Commission
proposed conforming changes to
§ 49.17(d)(6) to delete references to an
Indemnification Agreement. As a result
of the amendments to § 49.18, and in
particular, § 49.18(a), the Commission
proposed conforming changes to
§ 49.22(d)(4) relating to chief
compliance officer compliance
responsibilities and duties so that the
appropriate rule provision reflecting the
confidentiality arrangement is
referenced.
94 Proposed § 49.18(d) provided that the
Commission may, if an ADR or AFR fails to fulfill
the terms of a confidentiality arrangement described
in § 49.18(a), direct each registered SDR to limit,
suspend or revoke such ADR’s or AFR’s access to
swap data held by such SDR. Similarly, proposed
§ 49.17(d)(5) required an SDR, as directed by the
Commission, to limit, suspend or revoke an ADR’s
or AFR’s swap data access should the Commission
limit, suspend or revoke the appropriateness
determination for such ADR or AFR or otherwise
direct the SDR to limit, suspend or revoke such
access.
PO 00000
Frm 00015
Fmt 4701
Sfmt 4700
27423
8. Comments Received
The Commission received comments
related to proposed § 49.18 from the
SDR Commenters. The SDR
Commenters supported the
Commission’s proposed transfer of
responsibility for the execution of the
confidentiality arrangement with the
ADRs and AFRs from the SDRs to the
Commission. The SDR Commenters
advised that such transfer will
significantly reduce regulatory costs and
inefficiencies for the SDRs.95 The SDR
Commenters also supported the use of a
confidentiality arrangement form. The
SDR Commenters stated that use of such
a form would promote consistency and
further reduce regulatory burdens.96
In response to the Commission’s
proposal to remove previously adopted
§ 49.18(c), which, in part, applied the
conditions of CEA section 8 to those
ADRs and AFRs with regulatory
responsibility over an SDR, the SDR
Commenters agreed with the
Commission that it is not appropriate to
require a domestic regulator or Foreign
Regulator to comply with CEA section 8
where such domestic regulator or
Foreign Regulator has regulatory
responsibility over an SDR and seeks
access to SDR data that was reported
pursuant to the regulator’s supervisory
authority.97 Accordingly, the SDR
Commenters supported the
Commission’s proposal to remove
§ 49.18(c) as previously adopted.
Proposed § 49.18(a) and (d) both
contemplated notifications being sent to
the SDRs. Proposed § 49.18(a) required
an SDR that received a notice that an
ADR’s or AFR’s confidentiality
arrangement was no longer in effect to
no longer provide swap data access to
such ADR or AFR. Proposed § 49.18(d)
stated that the Commission may, if an
ADR or AFR fails to fulfill the terms of
a confidentiality arrangement described
in § 49.18(a), direct each registered SDR
to limit, suspend or revoke such ADR’s
or AFR’s access to swap data held by
such SDR. The SDR Commenters
recommended that the Commission
modify proposed § 49.18(a) and (d) to
specify that the notifications
contemplated in these provisions be in
writing.
9. Final Rule
After consideration of the comments
that it received, and for the reasons set
forth in sections II.F.1. through II.F.8.
above and in this section the
Commission is adopting § 49.18 with
modifications. First, as discussed above,
95 See
SDR Letter at 3.
id.
97 See SDR Letter at 2–3.
96 See
E:\FR\FM\12JNR3.SGM
12JNR3
27424
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
the Commission is accepting the SDR
Commenters’ comments that the
notifications contemplated in proposed
§ 49.18(a) and (d) should be provided in
writing and is adopting revised
§ 49.18(a) and (d) to reflect that change.
The Commission is also modifying
proposed § 49.18(a) to promote the use
of the Confidentiality Arrangement
Form set forth in Appendix B.
Specifically, as adopted, § 49.18(a)
provides that, prior to providing an ADR
or AFR access to any requested swap
data, an SDR shall receive therefrom an
executed confidentiality arrangement,
between the Commission and the ADR
or AFR, in the form set out in Appendix
B to this part 49. The Commission may,
in its discretion, however, agree to
execute an alternate confidentiality
arrangement with an ADR or AFR if the
confidentiality arrangement is
consistent with the requirements set
forth in § 49.18(a).98 The Commission
believes that widespread use of the
Confidentiality Arrangement Form will
facilitate timely access to SDR swap
data by ADRs and AFRs by reducing or
eliminating instances in which the
Commission and its staff need to devote
time and resources to developing and
reviewing individualized confidentiality
arrangements. The Commission
therefore believes that this modification
will increase the potential benefits and
cost savings associated with use of the
Confidentiality Arrangement Form
while still providing ADRs and AFRs
the flexibility to use an alternate
arrangement if necessary, in
consultation with the Commission.
The Commission is adopting all other
modifications to § 49.18 as proposed in
the NPRM.
pmangrum on DSK30RV082PROD with RULES3
G. Other Changes
1. Proposed Rule Changes
In addition to those changes
discussed throughout this release, the
Commission proposed other changes to
part 49, including a number of
ministerial changes. The Commission
proposed to amend § 49.9(a)(9) to
change the reference therein from
‘‘certain appropriate domestic regulators
and foreign regulators’’ to ‘‘Appropriate
Domestic Regulators and Appropriate
Foreign Regulators’’ to make clear that
an SDR is required to provide access to
swap data, pursuant to § 49.17, only to
ADRs and AFRs. The Commission
proposed to make a number of other
changes to part 49 to more consistently
refer to the defined term ‘‘swap data.’’
The Commission proposed to modify:
98 The
Commission is also making similar
clarifying modifications to proposed §§ 49.17(d)(6)
and 49.17(h)(3).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
The references in existing §§ 49.9(a)(9)
and 49.17(b)(2)(i) to ‘‘swap data or
information’’; the reference in existing
§ 49.17(d)(4)(i) to ‘‘swaps transaction
data’’; and the reference in existing
§ 49.17(d)(6) to ‘‘requested data,’’ to be,
in each case, references to ‘‘swap data,’’
as that term is defined in § 49.2(a)(15).
The Commission proposed these
changes to eliminate confusion and to
conform part 49 to the FAST Act’s
amendment of CEA section 21(c)(7) to
refer to ‘‘swap data.’’
The Commission also proposed to
replace the reference in § 49.17(a) to
‘‘swaps data’’ with a reference to ‘‘swap
data’’ and to replace the reference in
§ 49.17(a) to ‘‘Regulation’’ with a
reference to ‘‘§ 49.17’’ to match the
format of the reference in § 49.17(b). The
Commission did not intend to effect any
substantive changes with these
proposed amendments.
The Commission proposed to change
the references to ‘‘swap transaction
data’’ in §§ 49.17(c)(2) and 49.17(c)(3) to
‘‘swap data’’ as defined in § 49.2(a)(15).
The Commission also proposed to
change the references to ‘‘data’’ in
§ 49.17(d)(5) and (6), (e) introductory
text, and (e)(1) to ‘‘swap data’’ in order
to clarify the Commission’s intent to
refer to ‘‘swap data’’ within the meaning
of § 49.2(a)(15). For the same reason, the
Commission also proposed to add
‘‘swap data and’’ before ‘‘information’’
in § 49.17(e)(2) to conform it to
§ 49.17(e)(1), as proposed to be
amended.99 The Commission also
proposed to add the term ‘‘and
information’’ after the term ‘‘swap data’’
in the second sentence of § 49.17(e) so
that such sentence is consistent with the
first sentence of § 49.17(e), which
permits access by third party service
providers to both swap data and
information maintained by a registered
SDR, subject to certain conditions.
In § 49.17(f)(2), the Commission
proposed to change both references to
‘‘data and information’’ to ‘‘swap data
and information’’ in order to clarify, in
each case, that the intended reference is
to ‘‘swap data’’ as defined in
§ 49.2(a)(15).
In addition to those changes related to
references to ‘‘swap data,’’ the
99 Although § 49.17(e) uses the terms ‘‘data’’ and
‘‘swap data’’ interchangeably, the Commission
intended those paragraphs to reference the
definition of ‘‘swap data’’ and, consequently,
believes that these amendments do not represent a
change to the Commission’s original intent in
promulgating § 49.17(e). However, the term ‘‘swap
data’’ is narrower than the term ‘‘data’’.
Consequently, changing ‘‘data’’ to ‘‘swap data’’
arguably would narrow the scope of the
confidentiality procedures and ‘‘Confidentiality
Agreement’’ required, respectively, by § 49.17(e)(1)
and (2).
PO 00000
Frm 00016
Fmt 4701
Sfmt 4700
Commission also proposed to amend
§ 49.17(b)(1)(vii) to change the
references to any other person the
Commission deems appropriate to any
other person the Commission
determines to be appropriate pursuant
to the process set forth in § 49.17(h) to
match the language in CEA section
21(c)(7).
Commission regulation 49.17(f)(1)
currently states that access of swap data
maintained by the registered swap data
repository to market participants is
generally prohibited. The Commission
proposed to amend § 49.17(f)(1) to state
that access by market participants to
swap data maintained by the registered
swap data repository is prohibited other
than as set forth in § 49.17(f)(2) in order
to clarify its meaning. The Commission
did not intend this to be a substantive
change to § 49.17(f)(1).
Finally, the Commission proposed
several minor clarifying changes to
§ 49.18(b).100 These changes include:
Replacing ‘‘the swap data’’ with ‘‘swap
data’’; replacing the ‘‘with any
Appropriate Domestic Regulator or
Appropriate Foreign Regulator’’
reference with ‘‘to any Appropriate
Domestic Regulator or Appropriate
Foreign Regulator’’; and adding ‘‘each’’
before ‘‘as defined in § 49.17(b)’’ to
reflect that both ‘‘Appropriate Domestic
Regulator’’ and ‘‘Appropriate Foreign
Regulator’’ are defined terms in
§ 49.17(b).
2. Final Rule Changes
The Commission received comment
on only two of the proposed changes
described in this section II.G. For the
reasons set forth above in section II.G.1.
and in this section, with one exception
(i.e., § 49.17(e)), the Commission is
adopting the changes described in this
section II.G. as proposed. The comments
and the Commission’s responses are
described below.
The SDR Commenters generally
supported the proposed changes to part
49 to more consistently refer to the
defined term ‘‘swap data,’’ stating their
belief that the consistency ‘‘will
promote clarity as to the data to which
ADRs and AFRs may be granted
access[.]’’ 101 However, the SDR
Commenters also noted that the term
‘‘swap data’’ is defined under
§ 49.2(a)(15) as ‘‘specific data elements
and information set forth in part 45 of
this chapter that is required to be
reported by a reporting entity to a
registered swap data repository.’’ 102 The
100 These proposed changes appear in proposed
§ 49.18(b).
101 SDR Letter at 8.
102 Id.
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
SDR Commenters asked the Commission
to confirm that SDRs may provide ADRs
and AFRs with Part 43 data in addition
to Part 45 data and characterized this
clarification as important because ‘‘the
SDRs use a combined message for Parts
43 and 45 reporting, making separation
of Part 43 data from Part 45 data
exceedingly difficult.’’ 103
In response to this comment, the
Commission confirms that SDRs may
provide ADRs and AFRs with Part 43
data in addition to Part 45 data. The
Commission observes that most data
reported pursuant to Part 43 is publicly
disseminated and that, to the extent
certain data is not publicly
disseminated, such data is reported in
equal or greater detail pursuant to part
45.
The SDR Commenters also noted that,
‘‘[u]nder § 49.17(e), the Commission
proposes to amend ‘data and
information’ to ‘swap data and
information[ ]’’ and commented that, in
their view, the more appropriate term
‘‘to ensure a third-party Service
Provider may have access to all
necessary data and information’’ is
‘‘swap data and SDR Information’’ (as
SDR Information is defined in § 49.2).104
In response to this comment, the
Commission is adopting § 49.17(e) as
the SDR Commenters recommended
amending it, in part because this change
does not change the intent or scope of
what is required or what was proposed
in the NPRM.
In addition to these final rule changes,
the Commission is adopting three
ministerial changes to the proposed rule
text, each for greater clarity, and one
ministerial change to the existing rule
text, also for greater clarity. First, the
Commission is changing the phrase ‘‘as
directed by the Commission’’ in
proposed § 49.17(d)(5) to ‘‘if directed by
the Commission’’. Second, the
Commission is changing the phrase ‘‘as
described and appended to the
confidentiality arrangement required by
§ 49.18(a)’’ to ‘‘as described in the
appendix to the confidentiality
arrangement required by § 49.18(a)’’ in
both proposed § 49.17(d)(4)(i) and
(iii).105
Third, the Commission is adding
bracketed text at the end of Appendix B
to part 49 (describing Exhibit A to the
Confidentiality Arrangement Form) in
103 Id.
104 Id.
105 These changes are to clarify that the scope of
an ADR’s or AFR’s jurisdiction, which is the subject
of the quoted text, is to be described in the
appendix to the confidentiality arrangement
required by § 49.18(a) rather than in the
confidentiality arrangement itself. The language as
proposed was somewhat unclear in that regard.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
response to the SDR Commenters
comment discussed in section II.D.2.c.i.
This additional bracketed text provides
that in both cases, the description of the
scope of jurisdiction must include
elements allowing SDRs to establish,
without undue obstacles, objective
parameters for determining whether a
particular Swap Data request falls
within such scope of jurisdiction. Such
elements could include LEIs of all
jurisdictional entities and could also
include UPIs of all jurisdictional
products or, if no CFTC-approved UPI
and product classification system is yet
available, the internal product identifier
or product description used by an SDR
from which Swap Data is to be sought.
Fourth, the Commission is amending
existing § 49.17(d)(1), which the
Commission had not proposed to amend
to provide a brief overview in one
paragraph to those persons seeking to
obtain swap data access from SDRs,
both ADRs and AFRs and those seeking
to become ADRs or AFRs, of the
requirements to obtain such access and
to alert such persons to exceptions to
the otherwise applicable requirements.
The Commission is also adopting these
changes to § 49.17(d)(1) to provide the
aforementioned persons citations to the
regulations relevant to obtaining SDR
swap data access and to relevant
exceptions to those regulations. These
changes provide that except as set forth
in § 49.17(d)(2) or (3), a person who is
not an Appropriate Domestic Regulator
or an Appropriate Foreign Regulator and
who seeks to gain access to the swap
data maintained by a swap data
repository is required to first become an
Appropriate Domestic Regulator or
Appropriate Foreign Regulator through
the process set forth in § 49.17.
Additionally, these changes provide that
Appropriate Domestic Regulators and
Appropriate Foreign Regulators seeking
to gain access to the swap data
maintained by a swap data repository
are required to comply with
§ 49.17(d)(6) prior to receiving such
access and, if applicable after receiving
such access, comply with the
notification requirement in
§ 49.17(d)(4)(iii) applicable to
Appropriate Domestic Regulators and
Appropriate Foreign Regulators.
III. Request for Comment
In addition to the specific questions
set forth throughout the NPRM, the
Commission requested comment on all
aspects of the proposal and on several
specific questions set forth in section III
of the NPRM. The Commission received
some responsive comments, which it
has summarized and responded to in
the relevant sections of this adopting
PO 00000
Frm 00017
Fmt 4701
Sfmt 4700
27425
release, and two comments that were
not responsive.106
IV. Compliance Date
The Commission received one
comment related to the compliance date
of the final rules. The SDR Commenters
suggested that the Commission work
with the SDRs to set an appropriately
mutually agreeable timeframe for the
compliance date.107 Commission staff
subsequently engaged in multiple
discussions with the SDR Commenters
regarding the compliance date. The
Commission, as set out below, is
adopting a two part compliance date for
the final rules adopted herein. The
compliance date for the final rules will
be 60 days after publication in the
Federal Register, except for the
compliance date for an SDR to comply
with its obligation under
§ 49.17(d)(5)(iii) of the Commission’s
regulations to provide access to swap
data requested by an ADR or AFR. The
compliance date for an SDR to comply
with its obligation under
§ 49.17(d)(5)(iii) of the Commission’s
regulations is the earlier of (1) the
earliest date, after such SDR receives
from such ADR or AFR the
confidentiality arrangement required by
§ 49.18(a), that such SDR, exercising
commercially reasonable efforts in light
of its obligations under the CEA and the
Commission’s regulations, is able to
provide such access to the ADR or AFR
and (2) 180 days after the SDR receives
from such ADR or AFR the
confidentiality arrangement required by
§ 49.18(a).
V. Related Matters
A. Regulatory Flexibility Act
The Regulatory Flexibility Act
(‘‘RFA’’) requires federal agencies, in
promulgating rules, to consider the
impact of those rules on small
entities.108 The rules adopted herein
will have a direct effect on the
operations of SDRs and certain domestic
regulators and foreign regulators seeking
106 In addition, the SDR Commenters commented
on several issues relating to current § 49.17(f)(2)
that were unrelated to the non-substantive change
that the Commission proposed to make to
§ 49.17(f)(2). Because the SDR Commenters’
comments on § 49.17(f)(2) were unrelated to the
proposed changes to § 49.17(f)(2), they are beyond
the scope of the NPRM and not a logical outgrowth
of this rulemaking, as a result of which the
Commission declines to address them here, in
accordance with the Administrative Procedure Act.
All comments received in response to the
Commission’s request for comment are available at
https://comments.cftc.gov/PublicComments/
CommentList.aspx?id=1777.
107 See SDR Letter at 9.
108 See 5 U.S.C. 601 et seq.
E:\FR\FM\12JNR3.SGM
12JNR3
27426
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
access to swap data reported to, and
maintained by, SDRs.
The Commission has previously
established certain definitions of ‘‘small
entities’’ to be used by the Commission
in evaluating the impact of its rules on
small entities in accordance with the
RFA.109 The Commission has previously
determined that SDRs are not small
entities for purposes of the RFA.110
For purposes of the RFA, the
definition of ‘‘small entity’’
encompasses ‘‘small governmental
jurisdictions,’’ which in relevant part
means governments of locales with a
population of less than fifty
thousand.111 Although the Commission
anticipates that the final rules adopted
herein may be expected to have an
economic impact on various
governmental entities that access data
pursuant to the Dodd-Frank Act’s data
access provisions (i.e., ADRs and AFRs),
the Commission does not anticipate that
any of those governmental entities
would be small governmental
jurisdictions: The Commission believes
that the universe of ADRs and AFRs will
likely be limited to U.S. federal
regulators and equivalent national, or
state or provincial, foreign authorities,
given that swap regulation does not
occur at a local level globally, in the
Commission’s experience. As a result,
the Commission does not believe that
the final rules will have a significant
economic impact on a substantial
number of small entities. Therefore, the
Chairman, on behalf of the Commission,
pursuant to 5 U.S.C. 605(b), hereby
certifies that the final rules will not
have a significant economic impact on
a substantial number of small entities.
pmangrum on DSK30RV082PROD with RULES3
B. Paperwork Reduction Act
The amendments to part 49 result in
new ‘‘collection of information’’
requirements within the meaning of the
Paperwork Reduction Act of 1995
(‘‘PRA’’).112 An agency may not conduct
or sponsor, and a person is not required
to respond to, a collection of
information unless it displays a
currently valid Office of Management
and Budget (‘‘OMB’’) control number.
The OMB control number for the
information collection associated with
part 49 is 3038–0086 (the ‘‘Information
Collection’’).113 The Commission is
109 See Policy Statement and Establishment of
‘‘Small Entities’’ for purposes of the Regulatory
Flexibility Act, 47 FR 18618, 18618–21 (Apr. 30,
1982).
110 See Part 49 Adopting Release at 54575 and
Notice of Proposed Rulemaking: Swap Data
Repositories, 75 FR 80898, 80926 (Dec. 23, 2010).
111 5 U.S.C. 601(5), (6).
112 44 U.S.C. 3501 et seq.
113 The most recent revision to OMB Control
Number 3038–0086 was approved November 30,
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
revising the Information Collection
because the rule amendments herein
will impose information collection
requirements that require approval from
OMB under the PRA. The Commission
is therefore submitting this final rule to
OMB for review in accordance with 44
U.S.C. 3507(d) and 5 CFR 1320.11.
1. Summary of the Requirements
The modifications to part 49 require
SDRs to make swap data available to
requesting entities (i.e., ADRs and
AFRs) if certain conditions are satisfied.
These conditions include the requesting
entity executing a confidentiality
arrangement with the Commission and
providing it to each SDR from which it
seeks swap data and, in some cases,
receiving an order from the Commission
(which requesting entities must apply
for, including certain specified types of
information in support) determining
that it is an appropriate entity to receive
SDR swap data. The modifications
further require each ADR and AFR to
notify the Commission, and each SDR
from which an ADR or AFR has
received swap data, of any change to the
scope of such ADR’s or AFR’s
jurisdiction, as described in the
confidentiality arrangement.
The modifications also require SDRs
to report to the Commission: (1) Each
initial request from an ADR or AFR for
access to swap data; (2) all ADR or AFR
requests for swap data that do not
comport with the described scope of the
ADR’s or AFR’s jurisdiction that is
appended to the confidentiality
arrangement; and (3) failures to fulfill
the terms of confidentiality
arrangements. The modifications
additionally require each SDR to
maintain records of each initial, and all
subsequent, requests from an ADR or
AFR for access to swap data.
2. Collection of Information
Currently, the Information Collection
sets out burden estimates relating to a
broad range of SDR obligations
associated with registration
requirements, reporting requirements,
recordkeeping requirements, and
disclosure requirements. Where the
information collection associated with
those obligations is modified by this
rule, the Commission is revising the
Information Collection accordingly. To
the extent this rule introduces new
information collections that were not
previously incorporated into the
Information Collection, the Commission
is revising the Information Collection to
2015 and is available at https://www.reginfo.gov/
public/do/
PRAOMBHistory?ombControlNumber=3038-0086.
PO 00000
Frm 00018
Fmt 4701
Sfmt 4700
account for the new information
collections. Finally, many of the
information collections discussed in the
Information Collection are not
implicated or modified by the
Commission’s revisions to part 49 in
this release. The Commission, therefore,
is not revising the estimated burdens
associated with such information
collections. New or revised information
collections contained in these revisions
to part 49 will affect SDRs as well as
entities that request access to SDR swap
data pursuant to part 49, as revised.
As discussed above, the modifications
to part 49 set out in this release are
intended to provide a process by which
other regulatory authorities may obtain
access to SDR swap data. The
information collections associated with
this process are intended to ensure that
SDR swap data is accessed only by
appropriate entities and that the
confidentiality of any accessed SDR
swap data is adequately protected. The
ultimate result of this process is
intended to provide other regulatory
authorities with information to assist
with the oversight of the global swaps
market and market participants.
ADR/AFRs. As discussed throughout
this release, certain conditions must be
satisfied before a requesting entity is
permitted to access SDR swap data.
These conditions may implicate various
PRA collections and burdens as
discussed below.
Pursuant to § 49.18(a), every
requesting entity seeking access to SDR
swap data must execute a
confidentiality arrangement with the
Commission prior to receiving access.
This requirement applies to both those
entities that are Enumerated ADRs, and
those entities, whether foreign or
domestic, that require a determination
from the Commission that they are
appropriate entities to receive access to
SDR swap data. The Commission
believes the use of the Confidentiality
Arrangement Form, or a similar form, if
permitted by the Commission, will
provide an efficient means to satisfy the
requirements of § 49.18(a).
In addition to executing a
confidentiality arrangement, requesting
entities that are not Enumerated ADRs
will be required to seek a Determination
Order from the Commission to obtain
access to SDR swap data. The
Commission is requiring that an
Enumerated ADR attach to the
confidentiality arrangement a detailed
description of its scope of jurisdiction,
as it relates to the swap data maintained
by SDRs that the Enumerated ADR seeks
to access.
The Commission, for PRA purposes,
continues to believe that it is reasonable
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
to assume that 300 total entities will
seek access to SDR swap data. This
estimate is based on the Commission’s
experience in receiving data requests
from other regulators and its experience
in coordinating and cooperating with
other regulators.114 For PRA purposes,
the Commission assumes there are four
SDRs, which is the number of SDRs that
are currently provisionally registered
with the Commission. As the
confidentiality arrangement required by
§ 49.18(a) will be between the ADR or
AFR and the Commission, and will
address swap data access from all SDRs,
an ADR or AFR will need to execute
only a single confidentiality
arrangement for all SDRs from which it
seeks swap data, rather than a separate
confidentiality arrangement for each
SDR. Accordingly, the Commission
estimates, for PRA purposes, that the
total number of confidentiality
arrangements that will be executed
under the amended part 49 rules is 300.
Although the Commission may, in its
discretion, execute a confidentiality
arrangement with one or more ADRs/
AFRs that is not in the form of the
Confidentiality Arrangement Form,
§ 49.18(b) requires that such alternative
confidentiality arrangement include all
elements of in the Confidentiality
Arrangement Form. Consequently, the
Commission is estimating the burden on
ADRs and AFRs of negotiating the
confidentiality arrangement required by
§ 49.18(a) based on its estimate of the
burden involved for an ADR or AFR to
put in place the Confidentiality
Arrangement Form. The Commission
estimates that the review and execution
of each confidentiality arrangement by
an ADR or AFR will take approximately
40 hours, for a total burden of 12,000
hours. The burden estimates associated
with entering into the confidentiality
arrangement required by § 49.18(a) are
addressed in the revised Information
Collection.
Any requesting entity, other than an
Enumerated ADR, that seeks access to
SDR swap data must be determined by
the Commission to be an appropriate
recipient of such access. For
Enumerated ADRs, there is no burden
114 The Commission continues to estimate that up
to approximately 30 authorities in the United States
may seek to access swap data from SDRs. In the
context of potential AFRs, the Commission believes
that most requests will come from authorities in
G20 countries, each of which will have no more,
and likely fewer, than 30 authorities that may
request swap data from SDRs. In addition, certain
authorities from outside the G20 also may request
swap data from SDRs. Accounting for all of these
entities, the Commission estimates that there likely
will be a total of no more than 300 relevant
domestic and foreign authorities that may request
swap data from SDRs.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
associated with seeking to be
determined appropriate by the
Commission because Enumerated ADRs
have already been determined by
Congress in CEA section 21(c)(7), or by
the Commission through its adoption of
§ 49.17(b)(1), to be appropriate
recipients of SDR swap data access.
Those entities that are not Enumerated
ADRs and that seek SDR swap data
access will be required to receive a
Determination Order prior to receiving
access to SDR swap data. The process
for obtaining such a Determination
Order is set out in general terms in
§ 49.17(h) and requires the requesting
entity to prepare and submit an
application to the Commission. The
preparation and submission of this
application constitutes an information
collection under the PRA.
As discussed above, the Commission
believes that for PRA purposes it is
reasonable to assume that 300 domestic
and foreign entities will seek access to
SDR swap data. Very few of these
entities have already been specifically
identified by Congress in CEA section
21(c)(7), or by the Commission through
its adoption of § 49.17(b)(1), as
appropriate recipients of SDR swap data
access. The Commission estimates, for
PRA purposes, that each entity seeking
a Determination Order would expend
100 hours in connection with filing the
necessary application with the
Commission, for a total initial burden of
no more than 30,000 hours (calculated
as the product of 300 domestic and
foreign entities seeking access to SDR
swap data and 100 hours per
application). This estimate considers the
relevant information that would be
required to be provided in such an
application, including information
regarding the entity’s scope of
jurisdiction, confidentiality safeguards,
as well as any other information the
Commission deems relevant to its
determination. This burden estimate is
included in the Commission’s revisions
to the Information Collection.
Swap Data Repositories. As discussed
throughout this release, SDRs are
required to provide access to SDR swap
data to ADRs and AFRs, provided
certain conditions are met. This
requirement may implicate PRA
collections and burdens, some of which
are already addressed in the existing
Information Collection, and some of
which constitute new collections, as
discussed below. Currently, the burden
on SDRs of making data available to
ADRs and AFRs is accounted for in the
Information Collection, as this is an
existing obligation under existing
§ 49.17(d). However, the rules set out in
this release clarify and modify the
PO 00000
Frm 00019
Fmt 4701
Sfmt 4700
27427
requirements imposed on SDRs in
providing access to SDR swap data to
ADRs and AFRs. Consequently, the
Commission is revising the Information
Collection to account for these
clarifications and modifications.
The Commission expects SDRs to
incur burdens and costs associated with
setting up access to SDR swap data that
is consistent with an ADR’s or AFR’s
scope of jurisdiction, as described in the
appendix to the confidentiality
arrangement required by § 49.18(a). The
Commission expects that each
confidentiality arrangement will
identify, either directly or through an
attached Determination Order, the scope
of access that is appropriate for a given
requesting entity. The Commission
expects SDRs to use these limitations to
program their systems to reflect the
scope of the ADR’s or AFR’s access to
SDR swap data. These limits set out in
the confidentiality arrangement are
expected to reduce the burdens on SDRs
of assessing whether a particular SDR
swap data request falls within the scope
of an ADR’s or AFR’s jurisdiction.
The Commission received one
comment estimating the burden on
SDRs associated with setting up access
restrictions to match an ADR’s or AFR’s
scope of jurisdiction.115 CME estimated
that its initial set up costs would be
between 400 and 950 hours for all ADRs
and AFRs in the aggregate.116 The
Commission believes it is reasonable to
accept CME’s estimate of 950 hours, as
CME is an SDR and, as such, is familiar
with the costs required for setting up
such access restrictions.117
Consequently, for PRA purposes, the
Commission estimates that all SDRs in
the aggregate would incur a total burden
of 3,800 hours (i.e., the product of 4
SDRs and 950 hours of time) associated
with setting up access for all ADRs and
AFRs. The burdens associated with
these permissioning requirements are
115 See
SDR Letter at 5, n.10.
SDR Letter stated that ‘‘CME believes the
initial set up cost will be between of 400 and 950
hours.’’ Id. In subsequent communications, CME
clarified that this estimate is for all ADRs and AFRs
in the aggregate. The other SDRs did not opine on
the Commission’s estimate of 26 hours.
117 The Commission, in its proposal, estimated
that the burden on an SDR associated with setting
up access restrictions to match a requesting entity’s
scope of jurisdiction will include 20 hours of
programmer analyst time, five hours of senior
programming time, and one hour of attorney time,
for a total of 26 hours. The Commission notes that
the SEC also estimated a set up time of 26 hours
in its similar rulemaking. See Access to Data
Obtained by Security-Based Swap Data
Repositories, 81 FR 60585 at 60594 (Sept. 2, 2016)
(SEC rule 13n–4(b)(9) and (10), 17 CFR 240.13n–
4(b)(9) and (10).
116 The
E:\FR\FM\12JNR3.SGM
12JNR3
pmangrum on DSK30RV082PROD with RULES3
27428
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
addressed in the revised Information
Collection.
SDRs will also be required to provide
electronic notice to the Commission of
the first request for access to swap data
from a particular ADR or AFR, and
promptly after receiving any request
that does not comport with the scope of
the ADR’s or AFR’s jurisdiction, as
described in the appendix to the
confidentiality arrangement required by
§ 49.18(a). In addition to notifying the
Commission of the foregoing, the
Commission is requiring, in
§ 49.17(d)(4)(i), SDRs to maintain
records of the details of the initial and
all subsequent requests for swap data
from an ADR or AFR. The SDR shall
maintain this information for a period of
no less than five years after the date of
such request and shall provide this
information to the Commission upon
request, pursuant to § 1.31.
Currently, the Information Collection
estimates burdens associated with the
various registration, reporting,
recordkeeping, and disclosure
requirements to which SDRs are subject.
The reporting and recordkeeping
requirements relating to ADR and AFR
data requests constitute an information
collection for PRA purposes and require
the Commission to revise the reporting
and recordkeeping burden estimates
contained in the Information Collection.
The reporting and recordkeeping
requirements in this release may
potentially impact each SDR.
SDRs already have the ability to
communicate electronically with the
Commission and are subject to
significant recordkeeping requirements
pursuant to §§ 45.2(f) and 49.12.
Therefore, the requirements adopted
herein should not result in SDRs having
to incur initial costs to implement
systems to notify the Commission when
an ADR or AFR submits a data request
for the first time that are in excess of
what is already accounted for in the
Information Collection.
The Commission estimates that each
SDR would incur an annual burden of
480 hours associated with the
requirement to maintain records of the
details of the initial and all subsequent
requests for data from an ADR or AFR,
for a total of 1,920 hours annually (i.e.,
the product of four SDRs and 480
hours). Although the Commission
provided an estimate of 280 hours in the
NPRM, CME commented that 480 hours
was more likely.
The Commission received one
comment related to setup costs
associated with its proposed
recordkeeping requirements.118 The
118 See
SDR Letter at 7, n.15.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
SDR Letter provided estimates for
recordkeeping set up costs. CME
subsequently provided updated
estimates of these setup costs, which
CME now estimates would be
approximately 1,100–1,440 hours. The
Commission believes it is reasonable to
accept CME’s estimate of 1,440 hours, as
CME is an SDR and, as such, is familiar
with the setup costs associated with
SDR recordkeeping requirements.
Therefore, the Commission estimates
that initially each SDR may incur a
burden of 1,440 hours associated with
these recordkeeping requirements, for a
total of 5,760 hours (i.e., the product of
four SDRs and 1,440 hours). However,
as discussed in this release, the
recordkeeping requirements adopted
herein may result in lower costs to the
SDRs than estimated here, as the
Commission is not requiring SDRs to
keep records of all copies of swap data
provided in response to data requests, as
it had proposed in the NPRM.119 The
burdens associated with the notification
requirements adopted herein are
addressed in the revised Information
Collection.
Finally, the current Information
Collection accounts for the costs to
SDRs of executing a ‘‘Confidentiality
and Indemnification Agreement’’ with
each requesting ADR and AFR. Under
the Commission’s final rule adopted
herein, the SDR is no longer required to
execute such an agreement with ADRs
or AFRs. The confidentiality
arrangements will be between each
requesting ADR or AFR and the
Commission. Accordingly, the total
burden to SDRs, as currently reflected in
the Information Collection, is reduced
by the cost to execute such agreements.
The reduction in burden associated with
this change in the confidentiality
arrangement requirement is addressed
in the revised Information Collection.
C. Cost-Benefit Considerations
1. Introduction
As discussed in Section I above
(‘‘Background and Introduction’’), the
Commission is amending Part 49 to (i)
implement the statutory changes
mandated by the FAST Act
amendments; (ii) make certain
conforming and clarifying changes
related to such implementation; (iii)
revise the process by which a regulator
is determined appropriate to receive
access to SDR swap data; (iv) clarify the
standards in connection with the
119 Moreover, SDRs are already subject to
extensive recordkeeping obligations under existing
Commission rules, so SDRs may be able to reduce
their costs by making use of existing recordkeeping
resources to some extent.
PO 00000
Frm 00020
Fmt 4701
Sfmt 4700
Commission’s appropriateness
determinations; and (v) establish the
form and substance of the written
agreement mandated by CEA section
21(d), as amended.
In the sections that follow, the
Commission discusses the costs and
benefits associated with the final rule
and reasonable alternatives considered.
Comments from commenters addressing
the associated costs and benefits of the
rule are addressed in the appropriate
sections. Wherever possible, the
Commission has considered the costs
and benefits of the final rule in
quantitative terms. Given, however, that
SDRs do not yet have a history of
providing swap data to other regulators,
and the final rule does not dictate the
means by which SDRs may provide
such swap data access in the future, the
availability to the Commission of
relevant or useful quantitative terms to
assess the potential costs and benefits of
the final rule is limited. Accordingly,
where a quantitative discussion is not
feasible, the Commission has considered
the costs and benefits of this rulemaking
in qualitative terms.
The baseline against which the costs
and benefits of this final rule are being
compared is the existing status quo for
SDR swap data access under CEA
section 21, as amended by the FAST
Act, taken together with the swap data
access requirements in the current Part
49 rules. As a general matter, the
Commission recognizes that there are
inherent costs and benefits to domestic
and foreign regulators having access to
SDR swap data. As discussed above, the
Commission expects that access to SDR
data by ADRs and AFRs will not only
assist those regulators in fulfilling their
own supervisory and regulatory
functions but facilitate greater
cooperation and collaboration among
regulators across jurisdictions,
promoting effective and consistent
oversight of the global swaps market. At
the same time, however, opening access
to SDR data to other regulators may
increase opportunities for unauthorized
or unnecessary data disclosures, which
could negatively impact swap market
participants. Congress took into account
these costs and benefits associated with
broader SDR data access in adopting
and amending CEA section 21, which
supports access to swap data by
appropriate regulators provided that,
consistent with CEA section 8, the data
accessed falls within their scope of
jurisdiction and the data is provided on
a confidential basis. In formulating the
amendments to Part 49 that make up
this final rule, the Commission has been
mindful of the tradeoff between these
dual objectives embodied in the
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
mandate of CEA sections 21(c)(7) and
(d), endeavoring to reduce the costs to
regulators of obtaining, and to SDRs of
providing, access to swap data, while
also establishing sufficient processes
and conditions to ensure that data
access is appropriately scoped and
confidentiality is maintained.120
2. Benefits
pmangrum on DSK30RV082PROD with RULES3
a. Background
In the fall of 2008, a series of large
financial institution failures triggered a
financial and economic crisis that
threatened global financial markets. As
a result of these failures, the government
intervened to ensure the stability of the
U.S. financial system. These failures
revealed the vulnerability of the U.S.
financial system and economy to
widespread systemic risk resulting from,
among other things, poor risk
management practices of financial firms
and the lack of supervisory oversight—
specifically data concerning over-thecounter (‘‘OTC’’) derivatives activity—
for a financial institution as a whole.
The financial crisis also illustrated the
significant risks that an uncleared, OTC
derivatives market can pose to the
financial system. Swap markets were
opaque, and financial institutions were
significantly interconnected through
counterparty credit risk. This exposed
the financial system to contagion
through spreading defaults and losses.
For example, concerned with the size of
AIG’s credit default swap exposure, the
Federal government infused $180
billion of taxpayer money into AIG in
order to prevent AIG’s failure, which the
Federal government was concerned may
have led to cascading defaults by AIG
creditors and counterparties and other
creditors and counterparties indirectly
exposed to AIG through credit and swap
transactions. The legislative response to
the Great Recession, the Dodd-Frank
Act, stipulated that data representing
OTC derivatives, in general, be reported
to SDRs in order to cultivate robust
oversight of financial entities and
identify risks to the liquidity, stability,
120 In support of its goal to reduce costs, the final
rule is harmonized in many respects with the
corollary SEC Indemnification Rule implementing
changes to its security-based swap data access rules
following adoption of the FAST Act. This
rulemaking also is in accord with two recent
recommendations issued by the U.S. Department of
the Treasury (‘‘Treasury’’) in a recent report in
which Treasury recommended greater
harmonization between the CFTC and the SEC and
stated that greater coordination is required among
the CFTC, SEC and prudential regulators. See A
Financial System That Creates Economic
Opportunities[:] Capital Markets (Oct. 6, 2017)
(‘‘Report’’) at 9, available at https://
www.treasury.gov/press-center/press-releases/
Documents/A-Financial-System-Capital-MarketsFINAL-FINAL.pdf.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
and functioning of the financial
system.121 The Commission anticipates
that access by ADRs and AFRs to swap
data reported to SDRs, in combination
with future sharing with the
Commission of swap data reported to
trade repositories in other jurisdictions,
in part as a result of this rulemaking,
will facilitate greater inter-agency
cooperation, collaboration on matters
concerning systemic risk, and
identification and mitigation of future
financial crises.
b. High-Level Benefits
At a high level, this rulemaking is
expected to assist other regulators in
performing their supervisory and
regulatory functions by providing them,
for the first time, access to SDR swap
data, which would help regulators better
understand the risks their regulated
entities are assuming and the impact of
such risks on the broader markets.
These supervisory and regulatory
functions may include: Monitoring and
mitigating systemic risk; ensuring
financial stability; registration and
oversight of financial market
infrastructures, trading venues and/or
market participants; central bank
activities; prudential supervision;
restructuring or resolution of
infrastructures and firms; and regulation
of cash markets, in some of which swap
counterparties are active.122 Regulators
may also be able to increase the benefits
of receiving SDR swap data by
discussing the results of their analyses,
subject to the conditions and limitations
of the confidentiality arrangement
required by § 49.18(a), including
restrictions on onward sharing. The
Commission believes regulatory
coordination is beneficial.
Access to SDR swap data may also
facilitate collaboration among the
Commission, ADRs and AFRs in
comparing the results of their respective
SDR swap data analyses. Providing
regulators access to SDR swap data
should also facilitate cooperation among
market and prudential regulators, which
sometimes view data in isolation, given
121 See section 4r of the CEA, 7 U.S.C. 6r, added
to the CEA by section 729 of the Dodd-Frank Act.
122 See generally Data Final Rules at 2136–2137
(observing that Dodd-Frank was enacted to reduce
systemic risk, increase transparency, and promote
market integrity within the financial system by,
among other things creating rigorous recordkeeping
and data reporting regimes with respect to swaps);
Margin Requirements for Uncleared Swaps for
Swap Dealers and Major Swap Participants—CrossBorder Application of the Margin Requirements 81
FR 34817, 34819 (May 31, 2016) (observing that as
the 2008 financial crisis illustrated, complex
financial and operational relationships
demonstrated how the transfer of risk associated
with swaps is not always transparent and can be
difficult to fully assess.).
PO 00000
Frm 00021
Fmt 4701
Sfmt 4700
27429
their different responsibilities, regulated
entities, missions, and—as it relates to
this rule making—data sets. In
particular, such access may improve
early warning systems that might
ultimately reduce the probability or
severity of a crisis, or both. The benefits
of regulatory collaboration and broader
access to swap data are likely to persist,
if not expand, over time as regulators
gain experience working together, while
the burden required for establishing
access to swap data includes an upfront
commitment of time and money that is
likely to diminish over time (although
some increased operating costs resulting
from this rulemaking will remain).
The Commission believes that the
implementation of this rulemaking
represents a critical element of effective
financial market oversight by providing
access to SDR data to ADRs and AFRs.
The Commission acknowledges that
performing systemic risk analysis is
very difficult as a result of the
fragmented regulatory structure that
exists both domestically and
internationally. The financial markets
are global in nature and contain
correlated instruments dispersed across
different regulatory authorities and
jurisdictions. Regulating such markets
utilizing only the data and information
available through one particular
regulator’s regime is suboptimal. For
instance, when conducting oversight of
treasury futures and interest rate swap
markets, it is not sufficient to only
assess the available futures and swaps
data at the Commission’s disposal.
Oversight of activity in those markets
and associated risk also requires trading
activity and position information
regarding treasury bonds, repurchase
agreements and reverse repurchase
agreements. Similarly, regulating the
credit and equity asset classes would
benefit from information concerning
related cash market activity in equity
securities, corporate bonds, derivatives
(on broad and narrow CDS and equity
indexes, single-name CDS and equities,
and bespoke transactions),
securitizations, repurchase agreements
and securities lending. The same
applies to conducting comprehensive
risk analysis and oversight of other asset
classes. Similarly, in regulating swap
dealers, the Commission would benefit
from obtaining visibility into their
positions in other jurisdictions to form
a complete picture of their risk profiles.
The Commission may face challenges
in analyzing overall market,
counterparty, or systemic risk accurately
with only the data at its disposal via
recordkeeping and reporting pursuant to
the CEA and the Commission’s
regulations promulgated thereunder.
E:\FR\FM\12JNR3.SGM
12JNR3
27430
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
Prudential, bank, and market regulators
likely face similar challenges in
assessing the overall market,
understanding patterns and flows, and
identifying concerning trends based
solely on data available pursuant to
their own individual regulatory regimes.
These limitations presumably impact
similarly situated regulators across the
global financial system.
In light of the issues flowing from
incomplete data, the Commission
expects this rule to generate substantial
benefits by fostering a regulatory
environment that supports broader data
access across the regulatory community
and expands the accessibility of SDR
swap data to other regulators, thereby
supporting holistic oversight and data
driven policy making at the regulatory
level. The probability of successfully
overseeing the prevailing market
structure of the financial system and
preventing another crisis increases as
more ADRs and AFRs access SDR swap
data and incorporate it into their
existing analysis and workflows.
Although this rule only provides other
regulators access to swap data
maintained at SDRs regulated by the
Commission, the Commission expects
the rulemaking to encourage similar
access by the Commission to swap data
maintained at trade repositories
regulated by other authorities, which
would increase the benefits of the rule
discussed above accordingly.
pmangrum on DSK30RV082PROD with RULES3
c. More Specific Benefits
i. MOUs
Under current § 49.17(b)(2), the
existence of a current MOU or similar
type of information sharing arrangement
with the Commission automatically
qualifies a Foreign Regulator as an AFR.
The Commission is amending
§ 49.17(b)(2) to require all ‘‘Foreign
Regulators’’ who wish to receive swap
data from SDRs to file an application
with the Commission to be Commissiondetermined ‘‘Appropriate Foreign
Regulators’’ and requires the
Commission to issue an order finding
each Foreign Regulator to be an
‘‘appropriate’’ recipient of SDR swap
data. The Commission believes that this
modification will ensure that Foreign
Regulators are acting within the scope of
their jurisdiction, consistent with CEA
sections 21(c)(7) and 8(e) and should
reduce the risk of unauthorized
disclosure, misappropriation or misuse
of swap data. The SDR Commenters also
commented that an MOU or other
information sharing agreement alone
potentially could have imprecise
language and bespoke arrangements that
would not provide sufficient indication
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
of a regulator’s appropriateness.123 By
requiring use of the Confidentiality
Arrangement Form or permitting an
alternative arrangement with the same
elements, the Commission is
establishing confidentiality safeguards
that are tailored to the provision of swap
data by an SDR to an ADR or an AFR.
In addition, as the Commission stated in
the NPRM and in the preamble above in
sections II.B.4. and 5., it can take into
account additional considerations or
circumstances it may deem relevant on
a case-by-case basis in making an
appropriateness determination. This can
benefit the appropriateness
determination process by permitting the
Commission to consider factors such as
those identified by the SDR
Commenters.
ii. Duty for SDRs To Notify the
Commission of Swap Data Requests
From ADRs and AFRs
Current § 49.17(d)(4)(i) requires an
SDR to promptly notify the Commission
regarding any request from an ADR or
AFR for access to swap data. The
Commission is amending current
§ 49.17(d)(4)(i) to require such notices
only promptly after the SDR receives an
initial request for access to swap data
from a particular ADR or AFR and
promptly after receiving a request from
an ADR or AFR that does not comport
with the scope of the ADR’s or AFR’s
jurisdiction, as described in the
appendix to the confidentiality
arrangement required by § 49.18(a). The
Commission expects this to benefit
SDRs by significantly reducing the
number of notices and the associated
costs. The change might also benefit
ADRs and AFRs by expediting the time
it takes for them to get access to SDR
swap data.
iii. Form of Electronic Notification by
SDRs to the Commission
Current § 49.17(d)(4)(ii) requires an
SDR to notify the Commission,
electronically in a format specified by
the Secretary of the Commission, of any
request from an ADR or AFR for access
to swap data. The Commission is
specifying the format in the adopting
release. This will benefit SDRs by
providing clarity and specificity as to
the particular means of notice required
such that they can develop such means
of notice expeditiously so that SDRs can
provide such notices soon after they
receive requests for SDR swap data from
ADRs and AFRs. This, in turn, might
benefit ADRs and AFRs by expediting
their access to such swap data.
123 SDR
PO 00000
Letter at 3.
Frm 00022
Fmt 4701
Sfmt 4700
iv. Clarification of SDR Recordkeeping
Obligations
In the NPRM, the Commission
explained that an SDR’s obligation to
maintain records of all information
related to the initial and all subsequent
requests by an ADR or AFR for swap
data access would require retaining
records including, among other things,
copies of all data reports and other
aggregation of data provided in
connection with the request for
access.124 The SDR Commenters stated
that that proposed requirement ‘‘should
be amended to avoid imposing
unnecessary costs.’’ 125 The SDR
Commenters characterized that
proposed recordkeeping requirement as
burdensome, challenging to implement,
and potentially decreasing information
security, because the requirements
could require an SDR ‘‘to propagate a
given data set more than once.’’ 126
As an alternative to maintaining such
reports, the SDR Commenters offered to
create pre-formatted data reports, which
they would make available for
download by ADRs and AFRs ‘‘so that
the record of access to such reports
[would] be easily identifiable, in lieu of
maintaining logs of queries and query
conditions . . . .’’127 The SDR
Commenters added that, if the
Commission adopted their alternative,
‘‘the parameters of the reports and the
logic which is used to populate the
reports is all that should have to be
maintained.’’ 128 The SDR Commenters
contended that the Commission should
require only ‘‘the saving of metadata
around reports rather than the actual
reports[.]’’ 129
As discussed above in section
II.D.2.ii., the SDR Commenters
explained in discussions with staff that
they plan to provide swap data access
to ADRs and AFRs in one of two ways:
(1) Via pre-formatted reports that the
SDR Commenters would make available
for download by ADRs and AFRs or
send to ADRs and AFRs, in each case on
a regular basis; or (2) via a Web-based
portal through which ADRs and AFRs
could conduct customized searches of
swap data.130 In those discussions, the
124 NPRM at 8375, n.42; see also, NPRM at 8381
(Paperwork Reduction Act discussion of
recordkeeping burdens).
125 SDR Letter at 6.
126 See id.
127 Id.
128 Id.
129 Id.
130 The swap data provided in the pre-formatted
reports or through the Web-based portals would be
limited to swap data within the particular ADR’s or
AFR’s scope of jurisdiction, as described in the
appendix to the confidentiality arrangement
required by § 49.18(a).
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
SDR Commenters explained that they
would not consider it unduly
burdensome to maintain records in
those formats.
As discussed above in section
II.D.2.ii., the Commission is confirming
that SDRs may satisfy their
recordkeeping duties under
§ 49.17(d)(4)(i) by maintaining records
of, as applicable: (1) Their pre-formatted
swap data reports; or (2)(a) the
parameters of Web portal swap data
access and (b) queries run by ADRs and
AFRs using such access. This
confirmation should lower costs to the
SDRs by decreasing financial costs
thereto, making recordkeeping simpler
and decreasing cybersecurity risks, as
the SDR Commenters noted.
v. Limitation, Suspension or Revocation
of an ADR’s or AFR’s Swap Data Access
The Commission is requiring, in
§ 49.17(d)(4)(iii), an SDR to limit,
suspend, or revoke an ADR’s or AFR’s
swap data access if the ADR’s or AFR’s
scope of jurisdiction changes and the
Commission directs the SDR to limit,
suspend, or revoke the ADR’s or AFR’s
swap data access.131 Similarly,
§ 49.17(d)(5) requires an SDR to limit,
suspend, or revoke an ADR’s or AFR’s
swap data access if the Commission
limits, suspends or revokes the ADR’s or
AFR’s appropriateness determination or
otherwise directs the SDR, in writing, to
limit, suspend, or revoke the ADR’s or
AFR’s swap data access. Although these
sections will impose costs on both SDRs
(which will be required to build into
their systems a means of limiting,
suspending, or revoking an ADR’s or
AFR’s swap data access; this could be as
simple as, for example, requiring a user
name and password to obtain swap data
access and deactivating such login
credentials) and ADRs and AFRs (which
may temporarily or permanently lose
access to some or all SDR swap data),
the Commission believes this is an
unavoidable and appropriate corollary
of the requirement in CEA section
21(c)(7) that ADRs’ and AFRs’ SDR
swap data access be on a confidential
basis pursuant to CEA section 8,’’
which, as discussed throughout this
release, requires, among other things,
that the swap data provided be within
the scope of an ADR’s or AFR’s
jurisdiction. Although CEA section
21(c)(7) also directs SDRs to provide
ADRs and AFRs SDR swap data access,
such access is subject to the foregoing
131 The Commission also is reserving the right, in
new § 49.17(h)(4), to revisit, reassess, limit, suspend
or revoke a Determination Order. The costs and
benefits to ADRs, AFRs and SDRs are similar to the
costs and benefits thereto discussed in this section
with respect to § 49.17(d)(4)(iii) and (d)(5).
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
conditions, among others. Therefore,
§ 49.17(d)(4)(iii) and (d)(5) will benefit
market participants by keeping their
swap data confidential, as intended by
Congress, if an ADR’s or AFR’s
jurisdiction changes such that it is no
longer entitled to such swap data or if
other factors lead the Commission to
limit, suspend, or revoke an ADR’s or
AFR’s swap data access to ensure that
confidentiality is maintained. The ‘‘in
writing’’ requirement of § 49.17(d)(5)
will benefit SDRs by ensuring that all
SDRs are aware of any changes in status
with respect to an appropriateness
determination, as the SDR Commenters
requested.132
vi. Confidentiality Arrangements
Current §§ 49.17(d)(6) and 49.18(b)
require the confidentiality agreement
required by CEA section 21(d) to be
entered into between an ADR or AFR
seeking SDR swap data access and each
SDR from which the ADR or AFR seeks
such access. The Commission is
amending those rules to require that
such confidentiality arrangements be
entered into between an ADR or AFR, as
one party, and the Commission, rather
than an SDR, as the other party. This
will benefit SDRs by shifting from SDRs
to the Commission the costs of
negotiating confidentiality arrangements
with an estimated 300 133 ADRs and
AFRs. This will also benefit ADRs and
AFRs by enabling them to negotiate a
single confidentiality arrangement with
the CFTC to access swap data from each
SDR rather than a separate agreement
with each of the SDRs from which they
would seek swap data.
The Commission also is requiring the
use of the Confidentiality Arrangement
Form, unless the Commission waives
this requirement. The Commission
expects this to benefit ADRs and AFRs
by allowing them to avoid expending
resources coming up with their own
confidentiality arrangement forms and
avoid the uncertainty of not knowing
what provisions the Commission would
accept, reject or negotiate. The
Commission expects this to benefit
SDRs as well in that most, if not all,
confidentiality arrangements will be the
same, making them easier to incorporate
into their policies and procedures and
build swap data access around. Overall,
the Commission believes that this rule
will increase the potential benefits and
cost savings associated with use of the
Confidentiality Arrangement Form
while still providing ADRs and AFRs
the flexibility to use an alternate
132 See
discussion at section II.C.5., supra.
among other sections, section V.B.2.
133 See,
PO 00000
Frm 00023
Fmt 4701
Sfmt 4700
27431
arrangement if necessary, in
consultation with the Commission.
vii. Means of Access
The Commission is not requiring
SDRs to provide access to swap data to
ADRs and AFRs through a specific
technological means. Each SDR operates
with different legacy systems and
infrastructure, preferred data formats
and delivery methods, and unique
change management processes. The
Commission prescribing a specific
means of access for the swap data could
subject different SDRs to greater/lesser
costs, thereby disadvantaging one/some
over other(s). Presumably, SDRs will
choose the least costly means of access,
all else being equal, as a result of the
flexibility provided by the Commission.
Thus, the flexibility afforded SDRs to
choose the means of access through
which they provide swap data access to
ADRs and AFRs will benefit SDRs.
More ADRs and AFRs accessing SDR
swap data (as a result of the removal of
the statutory and regulatory
indemnification requirements that ADRs
and AFRs refused to submit to) also has
the potential to improve the quality of
swap data. For instance, ADRs and
AFRs might assert their authority over
the entities that they regulate to require
or encourage them to submit better and/
or more data. If swap data quality
improves, ADRs and AFRs can make
better-informed supervisory decisions to
reduce risks. Although the Commission
is not mandating the use of LEIs to
delineate an ADR’s or AFR’s scope of
jurisdiction for purposes of SDR swap
data access, the Commission anticipates
the use of LEIs to that end. If ADRs and
AFRs do use LEIs for that purpose, the
Commission believes that it will be
relatively straightforward for SDRs to
provide ADRs and AFRs access to
appropriate swap data, relative to
alternatives such as ADRs and AFRs
providing legal memoranda describing
the scope of their jurisdictions, which
SDRs would then need to parse and
translate into field descriptions, which
is how SDR swap data are organized.
Similarly, although the Commission is
not mandating the use of UPIs (or if no
CFTC-approved UPI and product
classification system is yet available, the
internal product identifier or product
description used by the SDR) to
delineate an ADR’s or AFR’s scope of
jurisdiction, the Commission anticipates
the potential use of UPIs to that end. If
ADRs and AFRs do use UPIs for that
purpose, the Commission believes that
it will be relatively easier for SDRs to
provide ADRs and AFRs access to
appropriate swap data, relative to the
E:\FR\FM\12JNR3.SGM
12JNR3
27432
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
alternative of not using a UPI to describe
the scope of their jurisdictions.
3. Costs
a. Background
The Commission recognizes that there
are different types of costs associated
with this rulemaking. In the NPRM, the
Commission stated that:
[o]ne cost is the potential harm to market
participants and the public if swap data is
misused—for example, inappropriately
disclosed by ADRs and AFRs. Or, another
harmful scenario might involve
misappropriated data where hackers pilfer
swap data from ADRs and AFRs to learn the
positions of market participants so that the
hackers, or other interested parties who may
even pay for such information, scam the
market. Such bad actors might be able to
anticipate such market participants’ trades
and trade in front of them, raising swap
trading costs to market participants, thereby
reducing their profits.134 If the
aforementioned scenario occurred frequently
enough this might induce swap dealers to
widen their spreads, making hedging more
expensive. In turn, this might lead to suboptimal business and investment strategies,
as parties would be less willing to participate
in swap markets, because it would be more
costly. Further, the scenario posed could
cause market participants to be concerned
that their business strategies might be tipped
to their competitors, because with stolen
data, somebody might be able to infer their
strategies from knowing their swap positions
and how these positions change in response
to relevant economic events.135 Such
concerns could lead some market
participants to withdraw to some extent from
swap markets, reducing liquidity and
potentially inducing them to use less
effective hedging instruments or trading
strategies in other markets.136
pmangrum on DSK30RV082PROD with RULES3
It is difficult to discern the likelihood
of this misuse occurring, rendering it
difficult to quantify related costs, for at
least four reasons. First, data breaches
can have different causes, from not
upgrading to the most current software,
to software glitches, to successful cyber
attacks and improper procedures and
protocols. Thus, it is difficult to develop
a homogenous sample to use to analyze
data breaches and what might
reasonably be done to mitigate them
134 See, e.g., Registered Entity Cyber proposed
rulemaking at 80141 (observing that ‘‘there has . . .
been a rise in attacks by . . . hacktivists . . . aimed
at . . . [, among other things,] theft of data or
intellectual property. . . . ’’); id. at 80189
(Concurring Statement of then-Commissioner
Bowen) (stating that ‘‘our firms are facing an
unrelenting onslaught of attacks from hackers with
a number of motives ranging from petty fraud to
international cyberwarfare.’’).
135 While the same risks of misuse and
misappropriation exist with respect to swap data
maintained at SDRs, SDRs are regulated, and
subject to sanctions, by the Commission, whereas
ADRs and AFRs are not.
136 NPRM at 82 FR 8384.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
(i.e., reduce the probability of their
occurrence as well as their severity
when they do occur). Furthermore, the
Commission does not have access to
such data even if they do exist. Second,
data storage and dissemination
technology is constantly changing. This
may result in the manner in which data
breaches occur changing over time in
ways that are difficult to anticipate, as
various parties adapt to new technology.
Third, it is problematic to assess in
advance the severity of a data breach
because the severity is dependent on the
particulars of a given breach that cannot
be easily anticipated. Fourth, it would
be difficult, ex ante, to link data misuse
to related profits and harms from
specific transactions.
b. High-Level Costs
At a high level regarding costs to
ADRs and AFRs, the less access to SDR
swap data granted to ADRs and AFRs,
the less such swap data would help in
performing ADRs’ and AFRs’
supervisory and other regulatory
functions. Similarly, the more
impediments to swap data access, the
longer it would take ADRs and AFRs to
use, or the less use ADRs and AFRs
could make of, such swap data. It is not
mandatory for ADRs and AFRs to ask for
access to SDR swap data, however.
Thus, ADRs and AFRs can reduce their
costs by not asking for swap data or by
limiting the swap data they seek and/or
the frequency with which they seek
it.137 The Commission expects ADRs
and AFRs will seek access to SDR swap
data when they believe that the benefits
associated with the access are worth
incurring the costs associated with
obtaining such access.
c. ADRs’ and AFRs’ Costs
The Commission is imposing several
new obligations on Foreign Regulators
and certain domestic regulators that will
trigger costs for such regulators.
i. Determination Order Applications
Currently, § 49.17(b)(2) defines
Foreign Regulators with either an MOU
or a similar information sharing
agreement in place with the
Commission as ‘‘Appropriate Foreign
Regulators.’’ As amended, however,
§ 49.17(b)(2) replaces such automatic
AFR status with a requirement that
Foreign Regulators be determined by the
Commission to be AFRs before such
Foreign Regulators can obtain swap data
137 The Commission acknowledges, however, that
it is in the best interest of ADRs and AFRs, as
Congress recognized in passing the FAST Act, for
the process and parameters established by this
rulemaking to be utilized and swap data to be made
accessible to ADRs and AFRs.
PO 00000
Frm 00024
Fmt 4701
Sfmt 4700
from SDRs. This change will impose
costs on each Foreign Regulator with an
MOU, or similar information sharing
agreement, seeking AFR status. The
obligation for Foreign Regulators, and
domestic regulators that are not
enumerated in § 49.17(b)(1)(i) through
(vi), to apply for a Determination Order
conferring AFR or ADR status in order
for such Foreign Regulators and
unenumerated domestic regulators to be
eligible to receive access to SDR swap
data will, at a minimum, require such
applicants to draft an application. Some
applicants for ADR and AFR status may
choose to retain outside counsel or
another third party to draft the
application, thereby incurring related
costs; others might use their own staff.
There also may be additional costs
associated with the complexity of the
application, because applicants for ADR
and AFR status will have to explain
their jurisdiction and link it to their
requests for access to SDR swap data.138
While applicants will need to expend
resources developing their
‘‘appropriateness’’ applications, the
Commission expects that the
requirements and guidance it has
provided in this release should reduce
such expenditures to a certain extent.
Nonetheless, the level of such
expenditures will depend on the
particulars of a given applicant.
The Commission estimates that each
requesting entity would on average
expend 100 hours in connection with
filing an application to receive a
Determination Order. This estimate
considers the relevant information that
would be required to be provided in
such an application, including
information regarding the entity’s scope
of jurisdiction, confidentiality
safeguards, as well as any other
information relevant for the
Commission’s determination. The
Commission monetizes the 30,000
burden hours by multiplying by a wage
rate of $85 139 or approximately $2.56
million.
ii. Confidentiality Arrangements
The requirement in § 49.18(a) that
SDRs receive an executed
138 Pursuant to § 49.17(h), applicants will have to
describe to the Commission the scope of their
jurisdiction so that that description can be provided
to SDRs so that SDRs will know the contours of the
swap data access they can provide to applicants.
139 The wage rate used here is a composite
(blended) wage rate by averaging the mean annual
salaries of an Assistant/Associate General Counsel,
an Assistant Compliance Director, and a
Programmer (Senior) as published in the 2013
SIFMA Report and dividing that figure by 1,800
annual working hours and multiplying by 1.3 to
account for the overhead for a government
employee to arrive at the hourly rate of
approximately $85.
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
confidentiality arrangement from an
ADR or AFR before the SDR can provide
the ADR or AFR swap data is based on
a corresponding requirement set forth in
CEA section 21(d) and will impose costs
on ADRs and AFRs. CEA section 21(d)
does not specify any details of the
required written agreement other than
that it must state that the ADR or AFR
shall abide by CEA section 8’s
confidentiality requirements. The
Commission, however, is adopting, in
Appendix B to part 49, a Confidentiality
Arrangement Form providing for ADRs
and AFRs to implement a number of
safeguards to effectuate the
confidentiality protections mandated by
CEA section 21(c)(7). The
Confidentiality Arrangement Form can
be expected to limit ADRs’ and AFRs’
flexibility to use confidentiality
arrangements more tailored to their
specific needs, but this is offset to some
extent by corresponding benefits
discussed above in section V.C.3.vi. and
by the fact that the Commission retained
the discretion to negotiate changes to
the Confidentiality Arrangement Form.
pmangrum on DSK30RV082PROD with RULES3
iii. Data Security
Section 6 of the Confidentiality
Arrangement Form contains a number of
undertakings designed to prevent
unauthorized disclosure of swap data.
Given that ADRs and AFRs already
likely have existing data security
policies, procedures and safeguards, the
Commission continues to believe that
the costs of developing safeguards in
response to such undertakings would
likely be only a incremental addition to
their existing data security costs, and
the other costs of complying with these
burdens, such as the costs to develop
policies, procedures and safeguards, are
within the scope of ADRs’ and AFRs’
expertise (and thus would likely not
require ADRs or AFRs to retain outside
experts to develop).140 Given that ADRs
and AFRs can elect not to seek access
to swap data from SDRs and that ADRs
and AFRs who do seek such access have
some control over the scope and
frequency of the swap data they seek
and the manner in which they seek to
analyze such swap data, ADRs and
AFRs themselves can influence to some
degree the costs they impose on
themselves by seeking access to swap
data from SDRs.
140 The Commission continues to believe that
ADRs and AFRs would likely have established
safeguards to protect sensitive data other than swap
data and that such safeguards could be adapted to
address the requirements of the confidentiality
arrangement.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
27433
iv. Onward Sharing
d. SDRs’ Costs
Section 7 of the Confidentiality
Arrangement Form would prohibit
ADRs and AFRs from onward sharing
Confidential Information with other
parties, with limited exceptions. This
could impose some costs in that ADRs
and AFRs would not be able to freely
share swap data among themselves,
which could reduce the utility of the
swap data to ADRs and AFRs, possibly
reducing the effectiveness thereof.
However, because CEA section 21(c)(7)
requires that SDRs share swap data with
ADRs and AFRs on a confidential basis
pursuant to CEA section 8,’’ and CEA
section 8(e) also prohibits onward
sharing, the onward sharing prohibition
in section 7 of the Confidentiality
Arrangement Form is required by the
CEA.
i. Providing New Access Generally
For SDRs, providing swap data access
to so many potential ADRs and AFRs
may be expensive. For example, SDRs
may be forced to purchase new servers,
hire new system administrators to
oversee the new swap data/system usage
and troubleshoot related problems that
may arise. Maintaining new records
pursuant to new recordkeeping
requirements also could require more
resources. The requirement for an SDR
not to provide swap data to an ADR or
AFR unless the SDR has determined
that the swap data is within the thencurrent scope of the ADR’s or AFR’s
jurisdiction, as described in the
appendix to the confidentiality
arrangement required by § 49.18(a), may
cause SDRs to elect to create new
methods for parsing swap data to
comply with the requirement to so limit
swap data access. Further, if the SDRs
send data to ADRs and AFRs, then they
will incur costs to transmit the data.
These costs include the cost of
expanding their capacity to disseminate
data as well as the cost to parse existing
data to verify that it is within the thencurrent scope of the ADR’s or AFR’s
jurisdiction, as described in the
appendix to the confidentiality
arrangement required by § 49.18(a).
v. Means of Access
In addition, the fact that the
Commission is electing not to specify a
particular means of ADRs and AFRs
accessing swap data could result in
SDRs providing a means of access other
than a means preferred by ADRs and
AFRs. This might impose additional
costs on ADRs and AFRs relative to the
potentially lesser costs of their preferred
means of access.
The Commission prescribing a
particular means of access could result
in costs to either ADRs/AFRs or SDRs.
Specifically, costs borne by ADRs/AFRs
might be shifted to SDRs or vice versa
as a particular means of access changes.
The Commission chooses to not force all
SDRs to use a single means of providing
access, thus requiring some or all SDRs
to alter their systems, since it is not
possible to distinguish a single means of
access that would be preferable to all
ADRs, AFRs and SDRs. Because of these
uncertainties, the Commission is unable
to quantify these costs but is able to
identify such costs qualitatively. The
Commission recognizes that allowing
SDRs to choose the means by which
they provide swap data access may
impose costs of adapting to a particular
means of access on ADRs and AFRs.
However, given the large number of
ADRs and AFRs who may seek SDR
swap data access and the large potential
variation in their preferred means of
access, and given the limited number of
SDRs and potential means of access, the
Commission believes that ADRs and
AFRs, in general, can more easily bear
the burden of adapting to SDRs’ choices
of means of access than vice versa.
PO 00000
Frm 00025
Fmt 4701
Sfmt 4700
ii. Providing Notice to the Commission
Current § 49.17(d)(4)(i) requires SDRs
to notify the Commission of any request
for access to swap data from a particular
ADR or AFR. The Commission’s
amendments would reduce that burden
by permitting SDRs to notify the
Commission only of the first such
request by each ADR or AFR and of any
request that does not comport with the
scope of the ADR’s or AFR’s
jurisdiction, as described in the
appendix to the confidentiality
arrangement required by § 49.18(a). The
obligation to notify the Commission of
various other actions also will increase
SDRs’ costs, although to the extent that
such notice obligations are not triggered,
such cost increases would be tempered
accordingly. Nevertheless, SDRs
presumably would need to incur some
costs to develop policies and
procedures, and build out systems, to
monitor potential events that would
trigger the new notice requirements.
iii. Verifying That a Swap Data Request
Is Within an ADR’s/AFR’s Scope of
Jurisdiction
Other SDR costs will include those
related to SDRs determining that each
access request by an ADR or AFR is
within the scope of the ADR’s or AFR’s
E:\FR\FM\12JNR3.SGM
12JNR3
27434
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
jurisdiction, as required by
§ 49.17(d)(4)(iii). This will require SDRs
to expend resources to ensure that they
do not improperly disclose swap data to
an ADR or AFR. However, the
Commission believes these costs will be
mitigated substantially in at least two
ways. First, § 49.17(d)(4)(iv) provides
that an SDR must make the scope of
jurisdiction determination only once
with respect to a recurring swap data
request, thus ensuring no duplication of
effort.141 Second, § 49.17(d)(4)(iii)
provides that the only source an SDR
must consult in determining an ADR’s
or AFR’s scope of jurisdiction is the
appendix to the confidentiality
arrangement required by § 49.18(a). To
the extent ADRs and AFRs provide lists
of LEIs, and possibly also UPIs of swaps,
within the scope of ADRs’ and AFRs’
jurisdiction, which the Commission
continues to expect that they will, this
would limit the resources SDRs must
expend to verify whether swap data
access requests are within the scope of
an ADR’s or AFR’s jurisdiction.142 No
legal analysis would be required on an
SDR’s part, greatly reducing potential
costs. SDRs’ costs would come from
ensuring that the access they provide
ADRs and AFRs to swap data via SDRs’
systems is no greater than or less than
the swap data to which ADRs and AFRs
are entitled based on the scope of the
ADRs’ or AFRs’ jurisdiction, as
described in the appendix to the
confidentiality agreement required by
§ 49.18(a).
The Commission believes that the use
of LEIs, and potentially UPIs, to
effectively determine which SDR swap
data should be provided to ADRs/AFRs
is a reasonable option, although it has
some relatively minor drawbacks
unrelated to the amendments in this
final rule (e.g., some blank or incorrect
data entries remain in LEI fields, LEIs
are masked in a number of cases to
reflect certain other jurisdictions’
privacy law limits on disclosure, and
the Commission has yet to designate a
UPI and product classification system,
and SDRs each have developed their
own separate pre-UPI product
identifiers in the interim). Despite those
drawbacks, the Commission believes
LEIs and pre-UPI product identifiers
141 However, if the request changes, each affected
SDR must make a new determination. The
Commission believes this is unavoidable due to
requirement in CEA section 21(c)(7) that swap data
be provided by SDRs to ADRs and AFRs on a
confidential basis pursuant to section 8, and that
any related costs flow from this statutory
requirement.
142 This assumes that ADRs and AFRs choose to
develop such lists, which the Commission
continues to anticipate that they would.
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
may be useful in describing ADRs’ and
AFRs’ scopes of jurisdiction.143
The Commission acknowledges that
lists of LEIs of ADRs’ and AFRs’
regulated entities and lists of UPIs or
other product identifiers of swaps
within ADRs’ and AFRs’ jurisdiction
may have to be updated from time to
time as regulated entities move in and
out of ADRs’ and AFRs’ jurisdiction,
ADRs’ and AFRs’ jurisdiction expands
or contracts, swaps evolve, and new
types of swaps are introduced. In these
cases, for example, an ADR or AFR
likely would have to modify
periodically the list of LEIs and UPIs or
product identifiers it gives to SDRs,
imposing some costs on SDRs as they
incorporate such changes (and imposing
some costs on ADRs and AFRs to
monitor their LEI and UPI or product
identifier lists and update SDRs and the
Commission periodically regarding any
changes).
The Commission continues to believe
that the rule would further mitigate the
costs to SDRs by permitting them to
verify that a data access request falls
within the scope of an ADR’s or AFR’s
jurisdiction just once for a recurring
request the details of which do not
change. SDRs might incur additional
costs, however, if the scope of an ADR’s
or AFR’s jurisdiction, or other factors
discussed in the prior paragraph,
change. Such additional costs include
some fraction of the costs, discussed
above, of verifying that an ADR’s or
AFR’s swap data access request falls
within the scope of the ADR’s or AFR’s
jurisdiction. Additionally, ADRs and
AFRs would incur some costs to notify
the Commission of changes in
jurisdiction.
iv. Means of Access
The Commission is not requiring
SDRs to use a particular means of
providing access to swap data to ADRs
and AFRs. The Commission is not
specifying a means of access because the
Commission has allowed SDRs to build
their systems as they saw fit and does
not want to impose undue costs by
requiring SDRs to all grant access via a
specific means, which could impose
greater costs on certain SDRs based on
how they chose to build their systems.
The Commission notes that SDRs
already provide the Commission and the
National Futures Association (‘‘NFA’’)
with swap data access. Given that SDRs
143 In addition, if the scope of an ADR’s or AFR’s
jurisdiction supports receiving all swap data with
respect to entities over which an ADR or AFR
exercises oversight, the ADR or AFR may not need
to use product identifiers at all—it may be able to
use LEIs alone to describe the scope of its
jurisdiction.
PO 00000
Frm 00026
Fmt 4701
Sfmt 4700
have already incurred many fixed costs
in granting access to the Commission
and NFA, in providing ADRs and AFRs
access, the SDRs may benefit from
economies of scale, reducing SDRs’
costs. The rule would also mitigate
SDRs’ costs by permitting them to
choose the means by which they will
provide access to swap data to ADRs
and AFRs. The Commission expects that
SDRs would choose the lowest cost
means of access consistent with their
statutory obligation to provide ADRs
and AFRs access to swap data and other
constraints. The Commission continues
to believe that it cannot forecast what
these costs are because they depend on
particulars of each SDR that the
Commission still does not know.
Further, the Commission anticipates
that many of these particulars will
change over time as various parties
adapt to technological changes.
However, the Commission has estimated
costs where it can, based in part on
comments it received in the SDR Letter,
as discussed below.
v. Recordkeeping
The Commission is amending current
§ 49.17(d)(4)(i) to require SDRs to
maintain records of the details of the
initial, and all subsequent, requests for
access to swap data from an ADR or
AFR. Each SDR would have to maintain
this information for the same period
required for other SDR records. The
Commission anticipates that such costs
will be relatively small and anticipates
using such data to, for example, monitor
ADRs’ and AFRs’ access requests from
time to time to ensure that they remain
within the scope of their jurisdiction
and, relatedly, to ensure that SDRs have
been monitoring this access issue.
4. Response to Comments
The Commission requested comments
on all aspects of the NPRM and further
requested that commenters provide any
data or other information that would be
useful in the estimation of the
quantifiable costs and benefits of this
rulemaking. The Commission received
substantive comments from the SDR
Commenters on the Commission’s PRA
burden hour estimates provided in the
NPRM. Those comments are
incorporated in the Commission’s cost
estimates for the burdens on SDRs,
ADRs, and AFRs.
The Commission is requiring, in
§ 49.17(d)(4)(iii), that an SDR not
provide an ADR or AFR access to swap
data, unless the SDR has determined
that the swap data is within the thencurrent scope of the ADR’s or AFR’s
jurisdiction, as described in the
appendix to the confidentiality
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
arrangement required by § 49.18(a). The
Commission received one comment
estimating the burden on SDRs
associated with setting up access
restrictions to match an ADR’s or AFR’s
described scope of jurisdiction.144 In the
SDR Letter, CME estimated the initial
setup cost to be between 400 and 950
hours for all ADRs and AFRs in the
aggregate. The Commission believes it is
reasonable to accept CME’s estimate of
950 hours, as CME is an SDR and, as
such, is familiar with the costs required
for setting up such access restrictions.
Consequently, for PRA and CBC
purposes, the Commission estimates
that SDRs would incur a total burden of
3,800 hours (i.e., the product of 950
hours of time and four SDRs) associated
with setting up SDR swap data access
for all ADRs and AFRs. The
Commission monetizes these burden
hours at an hourly wage rate of $329 145
yielding a cost of approximately
$1,250,200.
As noted in the PRA discussion
above, the Commission estimates that
each SDR would incur an annual
burden of 480 hours associated with the
requirement to maintain records of the
details of the initial and all subsequent
requests for data from an ADR or AFR,
for a total of 1,920 hours annually (i.e.,
the product of four SDRs and 480
hours). The Commission received one
comment related to setup costs
associated with its proposed
recordkeeping requirements.146 The
SDR Letter provided estimates for
recordkeeping setup costs. CME
subsequently provided updated
estimates of the setup costs, which CME
now estimates would be approximately
1,100–1,440 hours. The Commission
believes it is reasonable to accept CME’s
estimate of 1,440 hours, as CME is an
SDR and, as such, is familiar with the
setup costs associated with SDR
recordkeeping requirements. Therefore,
the Commission estimates that initially
each SDR may incur a burden of 1,440
hours associated with these
recordkeeping requirements, for a total
144 See
SDR Letter at 5, n.10.
hourly wage rate used to estimate the
costs associated with these requirements is $329,
which is a weighted average of salaries and bonuses
across different professions from the SIFMA Report
on Management & Professional Earnings in the
Securities Industry 2013, modified to account for an
1800-hour work-year and multiplied by 5.35 to
account for overhead and other benefits. The
Commission-estimated appropriate wage rate is a
weighted national average of salary and bonuses for
professionals with the following titles (and their
relative weight): ‘‘programmer (senior)’’ (10%
weight); ‘‘programmer’’ (30%); ‘‘compliance advisor
(intermediate)’’ (20%); ‘‘compliance attorney’’
(30%), and ‘‘assistant/associate general counsel’’
(10%).
146 See SDR Letter at 7, n.15.
pmangrum on DSK30RV082PROD with RULES3
145 The
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
of 5,760 hours (i.e., the product of four
SDRs and 1,440 hours). The
Commission monetizes these burden
hours by using a wage rate of $329
yielding a cost of $1,895,040. However,
as discussed in this release, the
recordkeeping requirements adopted
herein may result in lower costs to the
SDRs than estimated here, as the
Commission is not requiring SDRs to
keep records of all data reports provided
in response to data requests, as it had
proposed in the NPRM.
5. Alternatives Considered
As one alternative to comprehensive
swap data safeguards, the Commission
instead could have chosen to merely
delete the indemnification references in
its regulations. While that approach
could have avoided imposing on ADRs,
AFRs, and SDRs many of the costs
related to protection of confidentiality
discussed herein, it would have
dramatically increased the risk of
imposing on market participants and the
public the costs discussed above in the
first paragraph of section IV.C.4. and
below in section IV.C.7.a.–c., which the
Commission continues to believe is
inconsistent with the historical
importance Congress and the
Commission have placed on protecting
information covered by CEA section 8.
Consequently, the Commission has
determined to take the selected
approach.
The Commission also considered and
rejected the idea of specifying a means
of ADRs and AFRs accessing swap data.
The Commission rejected this as being
too prescriptive, given that the
Commission previously permitted SDRs
the discretion to build their systems as
they saw fit and for the other reasons
discussed above in the means of access
discussion.
The Commission also considered
prohibiting SDRs from continuing to
provide ADRs and AFRs swap data
access during the period commencing
with a contraction in an ADR’s or AFR’s
scope of jurisdiction and considered
reducing the time SDRs are permitted to
update their systems to reflect the new
jurisdiction. While the Commission
retains the authority to do so, as stated
above, it expects ADRs and AFRs will
notify the Commission upon learning of
a potential jurisdictional restriction. The
Commission expects that, with such
advance notice, SDRs can be more
prepared to adjust their systems
accordingly shortly after an ADR’s or
AFR’s jurisdiction is limited. The
Commission prefers to retain the
discretion to address these situations,
which it expects to be rare, case-by-case.
PO 00000
Frm 00027
Fmt 4701
Sfmt 4700
27435
6. Consideration of CEA Section 15(a)
Factors
CEA section 15(a) requires the
Commission to consider the costs and
benefits of its actions before
promulgating a regulation under the
CEA or issuing certain orders. CEA
section 15(a) further specifies that the
costs and benefits shall be evaluated in
light of the following five broad areas of
market and public concern: (1)
Protection of market participants and
the public; (2) efficiency,
competitiveness, and financial integrity
of futures markets; (3) price discovery;
(4) sound risk management practices;
and (5) other public interest
considerations. The Commission
considers the costs and benefits
resulting from its discretionary
determinations with respect to the CEA
section 15(a) factors.
a. Protection of Market Participants and
the Public
The Commission believes that the
final rules will equip ADRs and AFRs to
better understand the risks that are
undertaken by their regulated entities,
and thus be better positioned to take
appropriate action as needed, because
they will be able to better understand
their regulatees’ swap transactions by
virtue of having access to SDR swap
data.
The Commission is adopting a
number of safeguards to prevent market
participants’ swap data maintained at
SDRs from being misappropriated or
misused as a result of ADR and AFR
access to such swap data. The
safeguards include: Modifying the
requirements for being an AFR; a
requirement that the Commission issue
a Determination Order for
unenumerated authorities to obtain SDR
swap data access; requiring authorities
applying for a Determination Order to
demonstrate that they are acting within
the scope of their jurisdiction in seeking
access to SDR swap data; imposing on
ADRs and AFRs seeking access to swap
data maintained by SDRs a number of
required confidentiality safeguards;
barring onward sharing of swap data;
imposing on SDRs certain
recordkeeping and reporting
requirements; and ensuring the
Commission’s ability to revoke an
ADR’s or AFR’s swap data access.
b. Efficiency, Competitiveness, and
Financial Integrity of Futures Markets
The Commission continues to believe
that there will be little effect on
efficiency, competiveness, and financial
integrity of futures markets if swap data
is properly protected from being
E:\FR\FM\12JNR3.SGM
12JNR3
27436
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
misappropriated or misused. While the
Commission believes that the final rules
adopted herein will properly protect
swap data from being misappropriated
or misused, the possibility of such
misconduct cannot be eliminated
entirely. If such misappropriation or
misuse occurs, the efficiency and
competitiveness of markets might be
affected.
c. Price Discovery
The Commission continues to believe
that price discovery would not be
affected by this rulemaking, provided
that swap data is properly protected.
However, the Commission notes that
there might be some indirect effects on
price discovery if the swap data
protection safeguards in this rulemaking
are ineffective. If such protections prove
ineffective, market participants may be
less willing to execute swaps, as their
identities, strategies, and/or positions
may be revealed. Ineffective data
safeguards might harm price discovery
if bid/ask spread widens as a result. If
so, observed prices might become more
volatile because they would oscillate
between a wider bid/ask spread.
d. Sound Risk Management Practices
Access to SDR swap data will help
ADRs and AFRs to better understand the
risks posed by their regulated entities.
With access to such swap data, ADRs
and AFRs can more comprehensively
supervise entities that engage in swap
trading and better understand their
exposure to losses. Allowing more ADRs
and AFRs to access SDR swap data may
improve SDR data, too. This
improvement might occur by facilitating
research and analysis that ultimately
leads to better risk management by
market participants. This can occur
through ADR/AFR research directed at
improving the risk management
techniques through, for instance, better
metrics, instruments, and hedging
techniques. Further, swaps data
reporting may also be improved by
ADRs and AFRs asserting their authority
over their regulated entities to
encourage or compel them to improve
their swap data reporting and risk
management.
pmangrum on DSK30RV082PROD with RULES3
e. Other Public Interest Considerations
The Commission finds that the
ministerial changes to § 49.17(d)(1)
discussed above in section II.G.2. may
benefit ADRs, AFRs and those persons
seeking to become ADRs and AFRs by
providing, in one place, a brief overview
of all of the requirements applicable to
such persons obtaining access to SDR
swap data and the circumstances in
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
which such requirements are not
applicable.
The Commission also finds that the
ministerial changes that it is adopting to
the bracketed text at the end of
Appendix B to part 49 (describing
Exhibit A to the Confidentiality
Arrangement Form), drawn from section
II.D.2.c.i. of the preamble, may benefit
ADRs and AFRs by also including in
part 49 of the Commission regulations
the instructions and guidance provided
in the preamble as to how to describe
their scopes of jurisdiction in practical
terms SDRs can implement. As with the
Commission’s ministerial changes to
§ 49.17(d)(1), such simplification should
make obtaining SDR swap data
modestly less burdensome and costly
for ADRs and AFRs by reducing their
staff time needed to go through the
process.
The Commission is also making
changes to §§ 49.17(d)(6) and 49.18(a) to
promote the use of the Confidentiality
Arrangement Form set forth in
Appendix B, providing that the ability
of an ADR or AFR to execute a
confidentiality arrangement that is not
in the form set forth in Appendix B to
this part 49 is at the discretion of the
Commission. To the extent that this
clarification results in more ADRs and
AFRs executing the Confidentiality
Arrangement Form, the Commission
expects that this could result in modest
savings for ADRs and AFRs. The
Commission also expects that using the
Confidentiality Arrangement Form will
save staff time in the negotiation and
execution of alternative arrangements.
Other than the foregoing, the
Commission has not found any other
public interest considerations to be
implicated by this rulemaking.
D. Antitrust Considerations
CEA section 15(b) requires the
Commission to take into consideration
the public interest to be protected by the
antitrust laws and endeavor to take the
least anticompetitive means of
achieving the objectives of the CEA, in
issuing any order or adopting any
Commission rule or regulation.
The Commission does not anticipate
that the amendments to part 49 that it
is adopting today will result in
anticompetitive behavior because,
among other things, the Commission is
allowing SDRs to determine which
means of access they will use to provide
ADRs and AFRs swap data access (thus,
allowing SDRs to ‘‘compete’’ on that
basis). However, in the NPRM the
Commission encouraged comments
from the public on any aspect of the
proposal that may have had the
potential to be inconsistent with the
PO 00000
Frm 00028
Fmt 4701
Sfmt 4700
antitrust laws or be anticompetitive in
nature.
The Commission received no
antitrust-related comments.
Consequently, the Commission
continues to not anticipate that the
amendments to part 49 that it is
adopting today will result in
anticompetitive behavior.
List of Subjects in 17 CFR Part 49
Swap data repositories; Registration
and regulatory requirements; Access to
swap data; Confidentiality; Commodity
Exchange Act section 8.
For the reasons stated in the
preamble, the Commodity Futures
Trading Commission amends 17 CFR
part 49 as set forth below:
PART 49—SWAP DATA
REPOSITORIES
1. The authority citation for part 49 is
revised to read as follows:
■
Authority: 7 U.S.C. 12a, and 24a, unless
otherwise noted.
2. In § 49.2, revise paragraph (a)(5) to
read as follows:
■
§ 49.2
Definitions.
(a) * * *
(5) Foreign Regulator. The term
‘‘foreign regulator’’ means a foreign
futures authority as defined in Section
1a(26) of the Act, foreign financial
supervisors, foreign central banks,
foreign ministries and other foreign
authorities.
*
*
*
*
*
■ 3. In § 49.9, revise paragraph (a)(9) to
read as follows:
§ 49.9 Duties of registered swap data
repositories.
(a) * * *
(9) Upon request of Appropriate
Domestic Regulators and Appropriate
Foreign Regulators, provide access to
swap data held and maintained by the
swap data repository, as prescribed in
§ 49.17;
*
*
*
*
*
■ 4. In § 49.17:
■ a. Revise paragraphs (a), (b)(1)(vii),
(b)(2), and (c)(2);
■ b. Revise the first sentence of
paragraph (c)(2) and the first sentence of
paragraph (c)(3);
■ c. Revise paragraphs (d)(1) through
(3), (d)(4)(i) through (iv), and (d)(5) and
(6), (e) and (f); and
■ d. Add paragraphs (h) and (i).
The revisions and addtions read as
follows:
§ 49.17
Access to SDR data.
(a) Purpose. This section provides a
procedure by which the Commission,
E:\FR\FM\12JNR3.SGM
12JNR3
pmangrum on DSK30RV082PROD with RULES3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
other domestic regulators and foreign
regulators may obtain access to the swap
data held and maintained by registered
swap data repositories. Except as
specifically set forth in this section, the
Commission’s duties and obligations
regarding the confidentiality of business
transactions or market positions of any
person and trade secrets or names of
customers identified in Section 8 of the
Act are not affected.
(b) * * *
(1) * * *
(vii) Any other person the
Commission determines to be
appropriate pursuant to the process set
forth in paragraph (h) of this section.
(2) Appropriate Foreign Regulator.
The term ‘‘Appropriate Foreign
Regulator’’ shall mean those Foreign
Regulators the Commission determines
to be appropriate pursuant to the
process set forth in paragraph (h) of this
section.
*
*
*
*
*
(c) * * *
(2) Monitoring tools. A registered
swap data repository is required to
provide the Commission with proper
tools for the monitoring, screening and
analyzing of swap data, including, but
not limited to, Web-based services,
services that provide automated transfer
of data to Commission systems, various
software and access to the staff of the
swap data repository and/or third-party
service providers or agents familiar with
the operations of the registered swap
data repository, which can provide
assistance to the Commission regarding
data structure and content. * * *
(3) Authorized users. The swap data
provided to the Commission by a
registered swap data repository shall be
accessible only by authorized
users. * * *
(d) Other Regulators—(1) General
Procedure for Gaining Access to
Registered Swap Data Repository Data.
Except as set forth in paragraph (d)(2) or
(3) of this section—
(i) A person who is not an
Appropriate Domestic Regulator or an
Appropriate Foreign Regulator and who
seeks to gain access to the swap data
maintained by a swap data repository is
required to first become an Appropriate
Domestic Regulator or Appropriate
Foreign Regulator through the process
set forth in paragraph (h) of this section,
and
(ii) Appropriate Domestic Regulators
and Appropriate Foreign Regulators
seeking to gain access to the swap data
maintained by a swap data repository
are required to apply for access by filing
a request for access with the registered
swap data repository and certifying that
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
it is acting within the scope of its
jurisdiction, comply with paragraph
(d)(6) of this section prior to receiving
such access and, if applicable after
receiving such access, comply with the
notification requirement in paragraph
(d)(4)(iii) of this section applicable to
Appropriate Domestic Regulators and
Appropriate Foreign Regulators.
(2) Domestic regulator with regulatory
responsibility over a swap data
repository. When a swap data repository
that is registered with the Commission
pursuant to this chapter is also
registered with a domestic regulator
pursuant to a separate statutory
authority, and such domestic regulator
seeks access to swap data that has been
reported to such swap data repository
pursuant to the domestic regulator’s
regulatory regime, such access is not
subject to the requirements of sections
21(c)(7) or 21(d) of the Act, this
paragraph (d) or § 49.18.
(3) Foreign Regulator with regulatory
responsibility over a swap data
repository. When a swap data repository
that is registered with the Commission
pursuant to this chapter is also
registered with, or recognized or
otherwise authorized by, a Foreign
Regulator that has supervisory authority
over such swap data repository pursuant
to foreign law and/or regulation, and
such Foreign Regulator seeks access to
swap data that has been reported to
such swap data repository pursuant to
the Foreign Regulator’s regulatory
regime, such access is not subject to the
requirements of sections 21(c)(7) or
21(d) of the Act, this paragraph (d) or
§ 49.18.
(4) * * *
(i) A registered swap data repository
shall notify the Commission promptly
after receiving an initial request from an
Appropriate Domestic Regulator or
Appropriate Foreign Regulator to gain
access to swap data maintained by such
swap data repository and promptly after
receiving any request that does not
comport with the scope of the
Appropriate Domestic Regulator’s or
Appropriate Foreign Regulator’s
jurisdiction, as described and appended
to the confidentiality arrangement
required by § 49.18(a). Each registered
swap data repository shall maintain
records thereafter, pursuant to § 49.12,
of the details of such initial request and
of all subsequent requests by such
Appropriate Domestic Regulator or
Appropriate Foreign Regulator for such
access.
(ii) The registered swap data
repository shall notify the Commission
electronically, in a format specified by
the Secretary of the Commission, of the
PO 00000
Frm 00029
Fmt 4701
Sfmt 4700
27437
receipt of a request specified in
paragraph (d)(4)(i) of this section.
(iii) The registered swap data
repository shall not provide an
Appropriate Domestic Regulator or
Appropriate Foreign Regulator access to
swap data maintained by the swap data
repository unless the swap data
repository has determined that the swap
data to which the Appropriate Domestic
Regulator or Appropriate Foreign
Regulator seeks access is within the
then-current scope of such Appropriate
Domestic Regulator’s or Appropriate
Foreign Regulator’s jurisdiction, as
described and appended to the
confidentiality arrangement required by
§ 49.18(a). An Appropriate Domestic
Regulator or Appropriate Foreign
Regulator that has executed a
confidentiality arrangement with the
Commission pursuant to § 49.18(a) and
provided such confidentiality
arrangement to one or more swap data
repositories shall notify the Commission
and each such swap data repository of
any change to such Appropriate
Domestic Regulator’s or Appropriate
Foreign Regulator’s scope of jurisdiction
as described in such confidentiality
arrangement. The Commission may
direct a swap data repository to
suspend, limit, or revoke access to swap
data maintained by such swap data
repository based on any such change to
such Appropriate Domestic Regulator’s
or Appropriate Foreign Regulator’s
scope of jurisdiction, and, if so directed
in writing, such swap data repository
shall so suspend, limit, or revoke such
access.
(iv) The registered swap data
repository need not make the
determination required pursuant to
paragraph (d)(4)(iii) of this section more
than once with respect to a recurring
swap data request. If such request
changes, the swap data repository must
make a new determination pursuant to
paragraph (d)(4)(iii) of this section.
(5) Timing; Limitation, Suspension or
Revocation of Swap Data Access. Once
a registered swap data repository has—
(i) Notified the Commission, pursuant
to paragraphs (d)(4)(i) and (ii) of this
section, of an initial request for swap
data access by an Appropriate Domestic
Regulator or Appropriate Foreign
Regulator, as applicable, that was
submitted pursuant to paragraph (d)(1)
of this section,
(ii) Received from such Appropriate
Domestic Regulator or Appropriate
Foreign Regulator a confidentiality
arrangement executed by the
Commission and such Appropriate
Domestic Regulator or Appropriate
Foreign Regulator as required by
§ 49.18(a), and
E:\FR\FM\12JNR3.SGM
12JNR3
pmangrum on DSK30RV082PROD with RULES3
27438
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
(iii) Satisfied its obligations under
paragraph (d)(4)(iii) of this section, such
swap data repository shall provide
access to the requested swap data;
provided, however, that such swap data
repository shall, if directed by the
Commission in writing, limit, suspend
or revoke such access should the
Commission limit, suspend or revoke
the appropriateness determination for
such Appropriate Domestic Regulator or
Appropriate Foreign Regulator or
otherwise direct the swap data
repository, in writing, to limit, suspend
or revoke such access.
(6) Confidentiality Arrangement.
Consistent with § 49.18(a), the
Appropriate Domestic Regulator or
Appropriate Foreign Regulator shall,
prior to receiving access to any
requested swap data, execute the form
of confidentiality arrangement set out in
Appendix B of this part with the
Commission; provided, however, that
the Commission may, in its discretion,
agree to execute a confidentiality
arrangement with an Appropriate
Domestic Regulator or Appropriate
Foreign Regulator that is not in the form
set forth in Appendix B of this part, if
the confidentiality arrangement is
consistent with the requirements set
forth in § 49.18(b).
(e) Third-party service providers to a
registered swap data repository. Access
to the swap data and SDR Information
maintained by a registered swap data
repository may be necessary for certain
third parties that provide various
technology and data-related services to
a registered swap data repository. Thirdparty access to the swap data and SDR
Information maintained by a swap data
repository is permissible subject to the
following conditions:
(1) Both the registered swap data
repository and the third party service
provider shall have strict confidentiality
procedures that protect swap data and
SDR Information from improper
disclosure.
(2) Prior to a registered swap data
repository granting access to swap data
or SDR Information to a third-party
service provider, the third-party service
provider and the registered swap data
repository shall execute a
confidentiality agreement setting forth
minimum confidentiality procedures
and permissible uses of the swap data
and SDR Information maintained by the
swap data repository that are equivalent
to the privacy procedures for swap data
repositories outlined in § 49.16.
(f) Access by market participants—(1)
General. Access by market participants
to swap data maintained by the
registered swap data repository is
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
prohibited other than as set forth in
paragraph (f)(2) of this section.
(2) Exception. Swap data and
information related to a particular swap
that is maintained by the registered
swap data repository may be accessed
by either counterparty to that particular
swap. However, the swap data and
information maintained by the
registered swap data repository that may
be accessed by either counterparty to a
particular swap shall not include the
identity or the legal entity identifier (as
such term is used in part 45 of this
chapter) of the other counterparty to the
swap, or the other counterparty’s
clearing member for the swap, if the
swap is executed anonymously on a
swap execution facility or designated
contract market, and cleared in
accordance with Commission
regulations in §§ 1.74, 23.610, and
37.12(b)(7) of this chapter.
*
*
*
*
*
(h) Appropriateness determination
process. (1) Each person seeking an
appropriateness determination pursuant
to this paragraph shall file an
application with the Commission.
(2) Each applicant seeking an
appropriateness determination shall
provide sufficient detail in its
application to permit the Commission to
analyze whether the applicant is acting
within the scope of its jurisdiction in
seeking access to swap data maintained
by a registered swap data repository,
and whether the applicant employs
appropriate confidentiality safeguards to
ensure that any swap data such
applicant receives from a registered
swap data repository will not, except as
allowed for in the form of
confidentiality arrangement set forth in
Appendix B to this part 49, be
disclosed.
(3) If the Commission determines that
an applicant pursuant to this paragraph
is, conditionally or unconditionally,
appropriate for purposes of CEA section
21(c)(7), the Commission shall issue an
order setting forth its appropriateness
determination. The Commission shall
not determine that an applicant
pursuant to this paragraph is
appropriate unless the Commission is
satisfied that—
(i) The applicant employs appropriate
confidentiality safeguards to ensure that
any swap data such applicant receives
from a registered swap data repository
will not be disclosed, except as allowed
for in the form of confidentiality
arrangement set forth in Appendix B to
this part 49 or, in the Commission’s
discretion as set forth in paragraph
(d)(6) of this section, in a different form,
provided that such confidentiality
PO 00000
Frm 00030
Fmt 4701
Sfmt 4700
arrangement contains the elements
required in § 49.18(b), and
(ii) Such applicant is acting within
the scope of its jurisdiction in seeking
access to swap data from a registered
swap data repository.
(4) The Commission reserves the
right, in connection with any
appropriateness determination with
respect to an Appropriate Domestic
Regulator or Appropriate Foreign
Regulator, to revisit, reassess, limit,
suspend or revoke such determination
consistent with the Act.
(i) Delegation of Authority Relating to
Certain matters in this section. (1) The
Commission hereby delegates, until
such time as the Commission orders
otherwise, the following functions to the
Director of the Division of Market
Oversight and to such members of the
Commission’s staff acting under his or
her direction as he or she may designate
from time to time: All functions
reserved to the Commission in this
section.
(2) The Director of the Division of
Market Oversight may submit any
matter which has been delegated under
paragraph (i)(1) of this section to the
Commission for its consideration.
(3) Nothing in this section may
prohibit the Commission, at its election,
from exercising the authority delegated
under paragraph (i)(1) of this section.
■
5. Revise § 49.18 to read as follows:
§ 49.18
Confidentiality arrangement.
(a) Confidentiality arrangement
required prior to disclosure of swap data
by a registered swap data repository to
an Appropriate Domestic Regulator or
Appropriate Foreign Regulator. Prior to
a registered swap data repository
providing access to swap data to any
Appropriate Domestic Regulator or
Appropriate Foreign Regulator, each as
defined in § 49.17(b), the swap data
repository shall receive from such
Appropriate Domestic Regulator or
Appropriate Foreign Regulator,
pursuant to Section 21(d) of the Act, an
executed confidentiality arrangement
between the Commission and the
Appropriate Domestic Regulator or
Appropriate Foreign Regulator, as
applicable, in the form set forth in
Appendix B to this part 49 or, in the
Commission’s discretion as set forth in
§ 49.17(d)(6), in a different form,
provided that such confidentiality
arrangement contains the elements
required in paragraph (b) of this section.
Such confidentiality arrangement must
include, either as Exhibit A to the form
set forth in Appendix B of this part or
similarly appended, a description of the
Appropriate Domestic Regulator’s or
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
CFTC Regulation 49.17(d)(6). This
Arrangement does not apply to information
that is [reported to a registered SDR pursuant
to [ABC]’s regulatory regime where the SDR
also is registered with [ABC] pursuant to
separate statutory authority, even if such
information also is reported pursuant to the
Act and CFTC regulations][reported to a
registered SDR pursuant to [ABC]’s
regulatory regime where the SDR also is
registered with, or recognized or otherwise
authorized by, [ABC], which has supervisory
authority over the repository pursuant to
foreign law and/or regulation, even if such
information also is reported pursuant to the
Act and CFTC regulations.] 1
3. This Arrangement is not intended to
limit or condition the discretion of an
Authority in any way in the discharge of its
regulatory responsibilities or to prejudice the
individual responsibilities or autonomy of
any Authority.
Article One: General Provisions
1. ABC is permitted to request and receive
swap data directly from a registered SDR
(‘‘Swap Data’’) on the terms and subject to
the conditions of this Arrangement.
2. This Arrangement is entered into to
fulfill the requirements under Section 21(d)
of the Commodity Exchange Act (‘‘Act’’) and
CFTC Regulation 49.18. Upon receipt by a
registered SDR, this Arrangement will satisfy
the requirement for a written agreement
pursuant to Section 21(d) of the Act and
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
1 The first bracketed phrase will be used for
ADRs; the second will be used for AFRs. The
inapplicable phrase will be deleted.
PO 00000
Frm 00031
Fmt 4701
Sfmt 4700
from exercising the authority delegated
under paragraph (e)(1) of this section.
6. In § 49.22, revise paragraph (d)(4) to
read as follows:
■
§ 49.22
Chief compliance officer.
*
*
*
*
*
(d) * * *
(4) Taking reasonable steps to ensure
compliance with the Act and
Commission regulations relating to
agreements, contracts, or transactions,
and with Commission regulations under
Section 21 of the Act, including
confidentiality arrangements received
by the chief compliance officer’s
registered swap depository pursuant to
§ 49.18(a);
*
*
*
*
*
7. Add appendix B to part 49 to read
as follows:
■
Appendix B to Part 49—Confidentiality
Arrangement for Appropriate Domestic
Regulators and Appropriate Foreign
Regulators To Obtain Access To Swap
Data Maintained by Registered Swap
Data Respositories Pursuant to
§§ 49.17(d)(6) and 49.18(a)
4. This Arrangement does not alter the
terms and conditions of any existing
arrangements.
Article Two: Confidentiality of Swap Data
5. ABC will be acting within the scope of
its jurisdiction in requesting Swap Data and
employs procedures to maintain the
confidentiality of Swap Data and any
information and analyses derived therefrom
(collectively, the ‘‘Confidential
Information’’). ABC undertakes to notify the
CFTC and each relevant SDR promptly of any
change to ABC’s scope of jurisdiction.
6. ABC undertakes to treat Confidential
Information as confidential and will employ
safeguards that:
a. To the maximum extent practicable,
identify the Confidential Information and
maintain it separately from other data and
information;
b. Protect the Confidential Information
from misappropriation and misuse;
c. Ensure that only authorized ABC
personnel with a need to access particular
Confidential Information to perform their job
E:\FR\FM\12JNR3.SGM
12JNR3
ER12JN18.000</GPH>
Domestic Regulator or Appropriate
Foreign Regulator fails to fulfill the
terms of a confidentiality arrangement
described in paragraph (a) of this
section, direct, in writing, each
registered swap data repository to limit,
suspend or revoke such Appropriate
Domestic Regulator’s or Appropriate
Foreign Regulator’s access to swap data
held by such swap data repository.
(e) Delegation of authority relating to
certain matters in this section. (1) The
Commission hereby delegates, until
such time as the Commission orders
otherwise, the following functions to the
Director of the Division of Market
Oversight and to such members of the
Commission’s staff acting under his or
her direction as he or she may designate
from time to time: All functions
reserved to the Commission in this
section.
(2) The Director of the Division of
Market Oversight may submit any
matter which has been delegated under
paragraph (e)(1) of this section to the
Commission for its consideration.
(3) Nothing in this section may
prohibit the Commission, at its election,
The U.S. Commodity Futures Trading
Commission (‘‘CFTC’’) and the [name of
foreign/domestic regulator (‘‘ABC’’)] (each an
‘‘Authority’’ and collectively the
‘‘Authorities’’) have entered into this
Confidentiality Arrangement
(‘‘Arrangement’’) in connection with
[whichever is applicable] [CFTC Regulation
49.17(b)(1)[(i)–(vi)]/the determination order
issued by the CFTC to [ABC] (‘‘Order’’)] and
any request for swap data by [ABC] to any
swap data repository (‘‘SDR’’) registered with
the CFTC.
pmangrum on DSK30RV082PROD with RULES3
Appropriate Foreign Regulator’s
jurisdiction. Once a registered swap
data repository is notified, in writing,
that a confidentiality arrangement
received from an Appropriate Domestic
Regulator or Appropriate Foreign
Regulator no longer is in effect, the
swap data repository shall not provide
access to swap data to such Appropriate
Domestic Regulator or Appropriate
Foreign Regulator.
(b) Elements of confidentiality
arrangement. The confidentiality
arrangement required pursuant to
paragraph (a) of this section shall, at a
minimum, include all elements
included in the form of confidentiality
arrangement set forth in appendix B of
this part.
(c) Reporting failures to fulfill the
terms of a confidentiality arrangement.
A registered swap data repository shall
immediately report to the Commission
any known failure to fulfill the terms of
a confidentiality arrangement that it
receives pursuant to paragraph (a) of
this section.
(d) Failures to fulfill the terms of the
confidentiality arrangement. The
Commission may, if an Appropriate
27439
pmangrum on DSK30RV082PROD with RULES3
27440
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
functions related to such Confidential
Information have access thereto, and that
such access is permitted only to the extent
necessary to perform their job functions
related to such particular Confidential
Information;
d. Prevent the disclosure of aggregated
Confidential Information; provided, however,
that ABC is permitted to disclose any
sufficiently aggregated Confidential
Information that is anonymized to prevent
identification, through disaggregation or
otherwise, of a market participant’s business
transactions, trade data, market positions,
customers or counterparties;
e. Prohibit use of the Confidential
Information by ABC personnel for any
improper purpose, including in connection
with trading for their personal benefit or for
the benefit of others or with respect to any
commercial or business purpose; and
f. Include a process for monitoring
compliance with the confidentiality
safeguards described herein and for promptly
notifying the CFTC, and each SDR from
which ABC has received Swap Data, of any
violation of such safeguards or failure to
fulfill the terms of this Arrangement.
7. Except as provided in Paragraphs 6.d.
and 8, ABC will not onward share or
otherwise disclose any Confidential
Information.
8. ABC undertakes that:
a. If a department, central bank, or agency
of the Government of the United States, it
will not disclose Confidential Information
except in an action or proceeding under the
laws of the United States to which it, the
CFTC, or the United States is a party;
b. If a department or agency of a State or
political subdivision thereof, it will not
disclose Confidential Information except in
connection with an adjudicatory action or
proceeding brought under the Act or the laws
of [name of either the State or the State and
political subdivision] to which it is a party;
or
c. If a foreign futures authority or a
department, central bank, ministry, or agency
of a foreign government or subdivision
thereof, or any other Foreign Regulator, as
defined in Commission Regulation 49.2(a)(5),
it will not disclose Confidential Information
except in connection with an adjudicatory
action or proceeding brought under the laws
of [name of country, political subdivision, or
(if a supranational organization)
supranational lawmaking body] to which it
is a party.
9. Prior to complying with any legally
enforceable demand for Confidential
Information, ABC will notify the CFTC of
such demand in writing, assert all available
appropriate legal exemptions or privileges
with respect to such Confidential
Information, and use its best efforts to protect
the confidentiality of the Confidential
Information.
10. ABC acknowledges that, if it does not
fulfill the terms of this Arrangement, the
CFTC may direct any registered SDR to
suspend or revoke ABC’s access to Swap
Data.
11. ABC will comply with all applicable
security-related requirements imposed by an
SDR in connection with access to Swap Data
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
maintained by the SDR, as such requirements
may be revised from time to time.
12. ABC will promptly destroy all
Confidential Information for which it no
longer has a need or which no longer falls
within the scope of its jurisdiction, and will
certify to the CFTC, upon request, that ABC
has destroyed such Confidential Information.
Article Three: Administrative Provisions
13. This Arrangement may be amended
with the written consent of the Authorities.
14. The text of this Arrangement will be
executed in English, and may be made
available to the public.
15. On the date this Arrangement is signed
by the Authorities, it will become effective
and may be provided to any registered SDR
that holds and maintains Swap Data that falls
within the scope of ABC’s jurisdiction.
16. This Arrangement will expire 30 days
after any Authority gives written notice to the
other Authority of its intention to terminate
the Arrangement. In the event of termination
of this Arrangement, Confidential
Information will continue to remain
confidential and will continue to be covered
by this Arrangement.
This Arrangement is executed in duplicate,
this lll day of lll.
lllllllllllllllllllll
[name of Chairman]
Chairman
U.S. Commodity Futures Trading
Commission
lllllllllllllllllllll
[name of signatory]
[title]
[name of foreign/domestic regulator]
[Exhibit A: Description of Scope of
Jurisdiction. If ABC is not enumerated in
Commission Regulations 49.17(b)(1)(i)–(vi), it
must attach the Determination Order
received from the Commission pursuant to
Commission Regulation 49.17(h). If ABC is
enumerated in Commission Regulations
49.17(b)(1)(i)–(vi), it must attach a
sufficiently detailed description of the scope
of ABC’s jurisdiction as it relates to Swap
Data maintained by SDRs. In both cases, the
description of the scope of jurisdiction must
include elements allowing SDRs to establish,
without undue obstacles, objective
parameters for determining whether a
particular Swap Data request falls within
such scope of jurisdiction. Such elements
could include LEIs of all jurisdictional
entities and could also include UPIs of all
jurisdictional products or, if no CFTCapproved UPI and product classification
system is yet available, the internal product
identifier or product description used by an
SDR from which Swap Data is to be sought.]
Issued in Washington, DC, on June 5, 2018,
by the Commission.
Robert Sidman,
Deputy Secretary of the Commission.
Note: The following appendicies will not
appear in the Code of Federal Regulations.
PO 00000
Frm 00032
Fmt 4701
Sfmt 4700
Appendicies to Amendments to the
Swap Data Access Provisions of Part 49
and Certain Other Matters—
Commission Voting Summary,
Chairman’s Statement, and
Commissioner’s Statement
Appendix 1—Commission Voting
Summary
On this matter, Chairman Giancarlo and
Commissioners Quintenz and Behnam voted
in the affirmative. No Commissioner voted in
the negative.
Appendix 2—Statement of Chairman
J. Christopher Giancarlo
Eight years ago, Congress included in the
Dodd-Frank Act a requirement that foreign
and domestic regulators indemnify SDRs and
the Commission for any expenses arising
from litigation relating to the information
provided by SDRs. Foreign and domestic
regulators were unable or unwilling to
provide this indemnification hindering the
ability to share swaps data. The
indemnification requirement also hindered
the ability of foreign and domestic regulators
to access SDR data to assess risks their
regulated entities are assuming, and the
impact of such risks on the broader markets.
I am pleased that Congress has since
amended the Dodd-Frank Act to take out the
indemnification requirement. We therefore
can change our regulations accordingly,
which we propose to do today.
In addition to the removal of the
indemnification requirement, the final rule
adds a category of ‘‘other regulators’’ that the
Commission may deem to be appropriate to
receive access to SDR swap data.
The final rule sets out the process by
which appropriateness is determined for
those entities that are not already specifically
enumerated. This process is a change to
current Commission regulations, as it would
apply to any such entity, including domestic
regulators not enumerated in Commission
regulations and foreign regulators.
The statute also now requires a SDR to
receive a written agreement from each
requesting entity stating that the entity shall
abide by the confidentiality requirements
described in the CEA prior to sharing
information with the requesting entity.
Commission regulations currently require the
SDR and the requesting regulator to execute
a confidentiality agreement, but do not
provide a form or details of such an
agreement.
The final rule modifies the current
Commission regulations by providing a form
of confidentiality arrangement, as Appendix
B to part 49, and by requiring the
confidentiality arrangement to be between
the requesting regulator and the Commission.
The Commission expects that this will
benefit SDRs in that most, if not all,
confidentiality arrangements will be exactly
the same, and the Commission will be in the
place of entering into the confidentiality
agreements with regulators.
We received comments from the affected
CFTC-registered SDRs on the proposed rule
that I believe that we have sufficiently
addressed. The final regulations provide
E:\FR\FM\12JNR3.SGM
12JNR3
Federal Register / Vol. 83, No. 113 / Tuesday, June 12, 2018 / Rules and Regulations
pmangrum on DSK30RV082PROD with RULES3
long-awaited clarity to the official sector
regarding the CFTC’s requirements to
determine access to, and safeguard the
confidentiality of, transactional information
reported to SDRs.
In my experience as a Commissioner and
Chairman of the CFTC, I have found, as have
other foreign and domestic regulators, that
conducting oversight of global derivatives
markets can be difficult as a result of the
current fragmented financial regulatory
structure. In this regard, I expect that the
final rule will enable authorities to enhance
their oversight of derivatives markets across
product and asset classes by marrying up the
trading and position data they receive from
regulated entities with the data sets obtained
directly from SDRs. In so doing, I believe we
have made significant progress towards
cross-border data sharing and enhancing
transparency in the global swaps market.
Because today’s swaps markets are global
in scope, utilizing the data and information
available in only one jurisdiction does not
provide a complete picture of cross border
trading activity and systemic risk. To that
end, I expect that CFTC staff will seek to
facilitate access to SDR data for authorities
with which we have a history of regulatory
assistance and that similarly seek to facilitate
CFTC access to data maintained by trade
repositories in their jurisdiction. Such data
sharing represents an opportunity for greater
cooperation among market and prudential
regulators, as well as among foreign and
domestic regulators, providing more effective
financial market oversight, expanding data
driven policymaking, and improving early
warning systems to reduce the probability or
severity of a financial crisis.
These regulations will have a direct
positive impact on the operational readiness
VerDate Sep<11>2014
14:59 Jun 11, 2018
Jkt 244001
27441
of the official sector, providing authorities
with critical information to make sound nearterm and long-term policy and oversight
decisions.
I am particularly pleased that this rule
represents a final step in eliminating a major
legal impediment to sharing swaps market
data with overseas regulators. The DoddFrank Act’s original insistence on an
indemnification requirement may have been
well-intentioned to protect the safety of data
held in SDRs, but Congress wisely
determined that any such benefit is
outweighed by the greater public interest of
allowing international regulators to share and
access information to carry out the regulatory
and supervisory functions necessary to
protect the global financial markets.
It is essential that policymakers in other
jurisdictions make determinations similar to
these before us today concerning current
legal barriers to information sharing. Even a
law, like the new EU General Data Protection
Regulation (GDPR), which has laudable
objectives, must not be applied in ways that
hinder the sharing and access of information
between European and U.S. regulators for
regulatory and supervisory purposes. Such a
result could have dangerous implications for
our global markets. I hope today’s action by
the CFTC will encourage international
regulators and policymakers to take
affirmative steps to address other existing
legal barriers to information sharing and
access.
would like to thank the staff in our Division
of Market Oversight for their work to amend
Part 49 of the Commission’s Regulations to
implement provisions of the Fixing
America’s Surface Transportation Act of 2015
(Fast Act) 1.
The Fast Act amended provisions of Title
VII of the Dodd-Frank Wall Street Reform
and Consumer Protection Act of 2010 (DoddFrank Act) 2 that proved unworkable. Most
significantly, the Fast Act repealed the DoddFrank Act’s requirement that to obtain data
from swap data repositories (SDR) registered
with the CFTC, domestic and foreign
authorities must indemnify the CFTC and
SDRs from any claims arising from a SDR’s
production of information to those
authorities. Foreign regulators unfamiliar
with the U.S. tort law concept of
‘‘indemnification’’ that is inconsistent with
their traditions and legal structures, have
opted against requesting any information
from SDRs. Domestic regulators have also
opted against requesting information from
SDRs because of the indemnification
requirement. Removing the indemnification
requirement will facilitate the sharing of SDR
information with domestic and foreign
authorities and better enable regulators in the
United States and abroad to monitor risk
across the global financial system.
Appendix 3—Supporting Statement of
Commissioner Brian D. Quintenz
BILLING CODE 6351–01–P
I support today’s final rule addressing
indemnification and amendments to the
swap data access provisions of Part 49. I
PO 00000
Frm 00033
Fmt 4701
Sfmt 9990
[FR Doc. 2018–12377 Filed 6–11–18; 8:45 am]
1 Public
2 Public
Law 114–94, 129 Stat 1312 (Dec. 4, 2015).
Law 111–203, 124 Stat 1376 (July 21,
2010).
E:\FR\FM\12JNR3.SGM
12JNR3
]]>Agencies
[Federal Register Volume 83, Number 113 (Tuesday, June 12, 2018)]
[Rules and Regulations]
[Pages 27410-27441]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-12377]
[[Page 27409]]
Vol. 83
Tuesday,
No. 113
June 12, 2018
Part III
Commodity Futures Trading Commission
-----------------------------------------------------------------------
17 CFR Part 49
Amendments to the Swap Data Access Provisions of Part 49 and Certain
Other Matters; Final Rule
��Federal Register / Vol. 83 , No. 113 / Tuesday, June 12, 2018 / Rules
and Regulations��
[[Page 27410]]
-----------------------------------------------------------------------
COMMODITY FUTURES TRADING COMMISSION
17 CFR Part 49
RIN Number 3038-AE44
Amendments to the Swap Data Access Provisions of Part 49 and
Certain Other Matters
AGENCY: Commodity Futures Trading Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: Pursuant to Title VII of the Dodd-Frank Wall Street Reform and
Consumer Protection Act of 2010 (``Dodd-Frank Act''), as amended by the
Fixing America's Surface Transportation Act of 2015 (``FAST Act''), the
Commodity Futures Trading Commission (``Commission'' or ``CFTC'') is
amending the Commission's regulations relating to access to swap data
held by swap data repositories (``SDRs''). The amendments implement
pertinent provisions of the FAST Act and make associated changes to the
Commission's regulations governing the grant of access to swap data to
certain foreign and domestic authorities by SDRs, as well as changes to
certain other regulations unrelated to such access.
DATES: The effective date for this final rule is August 13, 2018. For
compliance dates, see SUPPLEMENTARY INFORMATION.
FOR FURTHER INFORMATION CONTACT: Daniel Bucsa, Deputy Director,
Division of Market Oversight--Data and Reporting Branch (``DMO-DAR''),
(202) 418-5435, [email protected]; David E. Aron, Special Counsel, DMO-
DAR, (202) 418-6621, [email protected]; Owen J. Kopon, Special Counsel,
DMO-DAR, (202) 418-5360, [email protected]; or Stephen Kane, Research
Economist, Office of the Chief Economist, (202) 418-5911,
[email protected], Commodity Futures Trading Commission, Three Lafayette
Centre, 1151 21st Street NW, Washington, DC 20581.
SUPPLEMENTARY INFORMATION: The compliance date for an SDR to comply
with its obligation under Sec. 49.17(d)(5)(iii) of the Commission's
regulations \1\ to provide access to swap data requested by an
Appropriate Domestic Regulator (as defined in Sec. 49.17(b)(1))
(``ADR'') or Appropriate Foreign Regulator (as defined in Sec.
49.17(b)(2)) (``AFR'') is, as discussed further below, the earlier of
(1) the earliest date, after such SDR receives from such ADR or AFR the
confidentiality arrangement required by Sec. 49.18(a), that such SDR,
exercising commercially reasonable efforts in light of its obligations
under the Act \2\ and the Commission's regulations, is able to provide
such access to the ADR or AFR and (2) 180 days after the SDR receives
from such ADR or AFR the confidentiality arrangement required by Sec.
49.18(a). The compliance date for all other regulations amended, added
or revised by this final rule is August 13, 2018.
---------------------------------------------------------------------------
\1\ 17 CFR 49.17(d)(5)(iii). All Commission regulations cited
herein are set forth in Title 17 of the Code of Federal Regulations.
\2\ 7 U.S.C. 1 et seq.
---------------------------------------------------------------------------
Table of Contents
I. Background and Introduction
A. Statutory Background: The Dodd-Frank Act
B. Regulatory History: The Part 49 Rules and the Commission's
Interpretative Statement
1. Access to SDR Swap Data
2. Indemnification Requirement
C. FAST Act Amendments to CEA Section 21
D. CEA Section 8 and the Confidentiality Provisions of CEA
Section 21
E. High-Level Summary of Revisions to Part 49
F. Rescission of Interpretative Statement
II. Discussion
A. Definitions: Amendments to Sec. 49.2
B. Domestic and Foreign Regulators With Regulatory
Responsibility Over SDRs: Amendments to Sec. 49.17(d)(2) and (3)
1. Current Rules
2. Proposed Amendments
3. Comments Received
4. Final Rules
C. Appropriateness Determination for Foreign Regulators and Non-
Enumerated Domestic Regulators: Amendments to Sec. 49.17(b) and New
Sec. 49.17(h)
1. Current Rule
2. Proposed Amendments: Determination Order Process
3. Proposed Amendments: Factors Considered in Issuing a
Determination Order
a. Scope of Jurisdiction
b. Robust Confidentiality Safeguards
c. Swap Data Sharing Considerations
4. Proposed Amendments: Other Matters Regarding the
Determination Order Process
5. Final Rules
D. Amendments to Sec. 49.17(d)(4): SDR Notice and Verification
Obligations
1. Proposed Amendments
2. Final Rules
a. Sec. 49.17(d)(4)(i)
i. Notices of Initial Access Requests and Requests Outside the
Scope of Jurisdiction
ii. Recordkeeping
iii. Aggregated Data
b. Sec. 49.17(d)(4)(ii)
c. Sec. 49.17(d)(4)(iii)
i. Scope of an ADR's or AFR's Jurisdiction
ii. Changes to an ADR's or AFR's Scope of Jurisdiction
iii. Written Notices
d. Sec. 49.17(d)(4)(iv)
E. New Sec. 49.17(i): Delegation of Authority
F. CEA Section 21(d) Confidentiality Agreements: Amendments to
Sec. 49.18
1. Current Rule
2. Proposed Amendments to Sec. 49.18(a): Confidentiality
Arrangement Required Prior to Disclosure of Swap Data
3. Proposed Amendments to Sec. 49.18(b): Required Elements of
the Confidentiality Arrangement
4. Proposed Removal of Sec. 49.18(c): ADRs and AFRs With
Regulatory Responsibility Over an SDR
5. Proposed New Sec. 49.18(c) and (d): Failure To Fulfill the
Terms of a Confidentiality Arrangement
6. Proposed New Sec. 49.18(e): Delegation of Authority
7. Conforming Changes
8. Comments Received
9. Final Rule
G. Other Changes
1. Proposed Rule Changes
2. Final Rule Changes
III. Request for Comment
IV. Compliance Date
V. Related Matters
A. Regulatory Flexibility Act
B. Paperwork Reduction Act
1. Summary of the Requirements
2. Collection of Information
C. Cost-Benefit Considerations
1. Introduction
2. Benefits
a. Background
b. High-Level Benefits
c. More Specific Benefits
i. MOUs
ii. Duty for SDRs To Notify the Commission of Swap Data Requests
From ADRs and AFRs
iii. Form of Electronic Notification by SDRs to the Commission
iv. Clarification of SDR Recordkeeping Obligations
v. Limitation, Suspension or Revocation of an ADR's or AFR's
Swap Data Access
vi. Confidentiality Arrangements
vii. Means of Access
3. Costs
a. Background
b. High-Level Costs
c. ADRs' and AFRs' Costs
i. Determination Order Applications
ii. Confidentiality Arrangements
iii. Data Security
iv. Onward Sharing
v. Means of Access
d. SDRs' Costs
i. Providing New Access Generally
ii. Providing Notice to the Commission
iii. Verifying That a Swap Data Request is Within an ADR's/AFR's
Scope of Jurisdiction
iv. Means of Access
v. Recordkeeping
4. Response to Comments
5. Alternatives Considered
6. Consideration of CEA Section 15(a) Factors
a. Protection of Market Participants and the Public
b. Efficiency, Competitiveness, and Financial Integrity of
Futures Markets
c. Price Discovery
d. Sound Risk Management Practices
e. Other Public Interest Considerations
[[Page 27411]]
D. Antitrust Considerations
I. Background and Introduction
A. Statutory Background: The Dodd-Frank Act
Title VII of the Dodd-Frank Act \3\ amended the Commodity Exchange
Act (``CEA'') to establish a comprehensive new regulatory framework for
swaps including, in new CEA section 21, requirements addressing the
registration and regulation of SDRs.\4\ CEA section 21 imposes on SDRs,
among other duties and responsibilities, the duty to maintain the
privacy of all swap transaction information received from a swap
dealer, counterparty, or any other registered entity.\5\ CEA section
21(c)(7) directs SDRs to make swap data available on a confidential
basis pursuant to section 8 of the CEA, upon request, and after
notifying the Commission of the request,\6\ to certain enumerated
domestic authorities and any other person (which may include certain
types of foreign authorities) that the Commission determines to be
appropriate (each such enumerated and Commission-determined entity, a
``21(c)(7) entity'').\7\
---------------------------------------------------------------------------
\3\ See Dodd-Frank Wall Street Reform and Consumer Protection
Act, Public Law 111-203, 124 Stat. 1376 (2010), available at https://www.cftc.gov/LawRegulation/OTCDERIVATIVES/index.htm. Title VII of
the Dodd-Frank Act may be cited as the Wall Street Transparency and
Accountability Act of 2010.
\4\ See Dodd-Frank Act section 728 (adding new CEA section 21, 7
U.S.C. 24(a), to establish a registration requirement and regulatory
regime for SDRs).
\5\ 7 U.S.C. 24a(c)(6).
\6\ CEA section 8, 7 U.S.C. 12, describes circumstances under
which public disclosure of information in the Commission's
possession is permitted and prohibited. As discussed more fully
below, the principles underlying CEA section 8(e), in particular,
are fundamental to CEA sections 21(c)(7) and (d) and to the access
standards and confidentiality provisions adopted in this release.
\7\ See 7 U.S.C. 24a(c)(7). See also Commission, Final
Rulemaking: Swap Data Recordkeeping and Reporting Requirements, 77
FR 2136, Jan. 13, 2012 (``Data Final Rules''). The Data Final Rules
set forth, among others, regulations governing SDR data collection
and swap data reporting responsibilities under part 45 of the
Commission's regulations.
---------------------------------------------------------------------------
As originally enacted, CEA sections 21(d)(1) and (2), respectively,
mandated that, prior to receipt of any requested data or information
from an SDR, a 21(c)(7) entity agree in writing to abide by the
confidentiality requirements described in CEA section 8 and,
separately, to indemnify the SDR and the Commission for any expenses
arising from litigation relating to the information provided under
section 8.\8\ Congress's repeal of the CEA section 21(d)(2)
indemnification requirement in the FAST Act \9\ in December 2015
prompted this rulemaking.\10\
---------------------------------------------------------------------------
\8\ 7 U.S.C. 24a(d). As noted above, the indemnification
requirement was stricken from CEA section 21(d) by the FAST Act. See
Public Law 114-94, section 86001(b)(2).
\9\ FAST Act, Public Law 114-94, 129 Stat. 1312 (Dec. 4, 2015).
\10\ FAST Act section 86002(b)(2) struck subsection (d) of CEA
section 21 and inserted a new provision in in its place that stated
that before the swap data repository may share information with any
entity listed in section (c)(7), the swap data repository shall
receive a written agreement from each entity stating that the entity
shall abide by the confidentiality requirements described in section
8 of the CEA relating to the information on swap transactions that
is provided.
---------------------------------------------------------------------------
B. Regulatory History: The Part 49 Rules and the Commission's
Interpretative Statement
1. Access to SDR Swap Data
In 2011, the Commission adopted rules implementing the requirements
for SDRs in CEA section 21.\11\ The Commission implemented the SDR swap
data access provisions of CEA sections 21(c)(7) and (d) by establishing
processes to allow two categories of entities to gain access to SDR
swap data. The Commission defined one category, ADRs, in Sec.
49.17(b)(1) of the Commission's regulations as domestic authorities
enumerated in CEA section 21(c)(7)(A)-(D) \12\ and certain other
persons determined by the Commission to be appropriate recipients of
such swap data pursuant to CEA section 21(c)(7)(E).\13\
---------------------------------------------------------------------------
\11\ Swap Data Repositories: Registration Standards, Duties and
Core Principles; 76 FR 54538 (Sept. 1, 2011) (``SDR Final Rules'');
see also Swap Data Repositories: Registration Standards, Duties and
Core Principles, 75 FR 80898 (Dec. 23, 2010) (the proposed SDR Final
Rules) (``SDR NPRM'').
\12\ The domestic authorities enumerated in CEA section 21(c)(7)
are: (A) Each appropriate prudential regulator; (B) the Financial
Stability Oversight Council (``FSOC''); (C) the Securities and
Exchange Commission (``SEC''); and (D) the Department of Justice.
The term ``prudential regulator'' is defined in CEA section 1a(39)
(7 U.S.C. 1a(39)).
\13\ In addition to CEA section 21(c)(7) enumerating certain
domestic authorities to which an SDR must grant swap data access,
CEA section 21(c)(7)(E), as amended by the FAST Act, identifies as
an eligible recipient of such access as any other person that the
Commission determines to be appropriate, including foreign financial
supervisors (including foreign futures authorities); foreign central
banks; foreign ministries; and other foreign authorities. 7 U.S.C.
24a(c)(7)(E). Pursuant to this authority, in Sec. Sec.
49.17(b)(1)(v) and (vi), the Commission identified any Federal
Reserve Bank and the Office of Financial Research (``OFR''),
respectively, as ADRs. The Commission also defined as an
``Appropriate Domestic Regulator'' each prudential regulator
identified in CEA section 1(a)(39), with respect to requests related
to any such regulator's statutory authority, without limitation to
the activities listed for each regulator in CEA section 1(a)(39).
See Sec. 49.17(b)(1)(ii). The Commission further reserved the
discretion, in Sec. 49.17(b)(1)(vii), to recognize any other person
the Commission deems appropriate to be an ADR.
---------------------------------------------------------------------------
The Commission defined the other category, AFRs,\14\ in Sec.
49.17(b)(2) as ``Foreign Regulators'' \15\ with existing memoranda of
understanding (``MOUs'') or similar types of information sharing
arrangements with the Commission, but did not identify any specific
persons as AFRs in the SDR Final Rules. The SDR Final Rules also
defined the term AFR to include a Foreign Regulator without an existing
MOU with the Commission, as determined by the Commission on a case-by-
case basis. Such a Foreign Regulator was required to file with the
Commission an application providing sufficient facts and procedures to
permit the Commission to analyze whether the Foreign Regulator employed
appropriate confidentiality procedures, and to satisfy the Commission
that any SDR swap data or information accessed by the Foreign Regulator
would be disclosed only as permitted by section 8(e) of the CEA.\16\
---------------------------------------------------------------------------
\14\ The Commission established the category of AFRs pursuant to
CEA section 21(c)(7)(E), which, among other things, includes a list
of the types of foreign entities that the Commission may determine
to be appropriate recipients of swap data obtained by an SDR.
\15\ The term ``Foreign Regulator'' is defined in current Sec.
49.2(a)(5) to mean a foreign futures authority as defined in CEA
section 1(a)(26), foreign financial supervisors, foreign central
banks and foreign ministries.
\16\ 17 CFR 49.17(b)(2)(i)(B).
---------------------------------------------------------------------------
An ADR or AFR seeking access to SDR swap data is required by
current Sec. 49.17(d)(1) to file an access request with the SDR
certifying that it is acting within the scope of its jurisdiction and
is required by current Sec. 49.17(d)(6) to execute a ``Confidentiality
and Indemnification Agreement'' with the SDR.\17\
---------------------------------------------------------------------------
\17\ Current Sec. 49.18(b) requires an SDR to receive such a
Confidentiality and Indemnification Agreement from an ADR or AFR
prior to releasing swap data to the ADR or AFR.
---------------------------------------------------------------------------
2. Indemnification Requirement
In the preamble to the SDR Final Rules, the Commission acknowledged
commenters' concerns that compliance with the statutory and regulatory
requirements to indemnify the Commission, and the SDR providing access
to swap data, for any expenses arising from litigation relating to the
information provided under section 8 of the CEA, would be difficult for
certain domestic and foreign regulators, due to various home country
laws and other regulations prohibiting such arrangements.\18\ The
Commission expressed its intent to continue to work to provide
regulators sufficient access to SDR data. In this regard, the
Commission outlined the circumstances under which it believed the
indemnification provisions of CEA
[[Page 27412]]
section 21(d) and Sec. 49.18 would not apply. The Commission explained
that, under the part 49 rules, ADRs with concurrent regulatory
jurisdiction over SDRs may in some circumstances obtain access to swap
data reported to and maintained by those SDRs without regard to the
notice and indemnification requirements of CEA sections 21(c)(7) and
(d).\19\ With respect to foreign regulatory authorities, the Commission
determined in the SDR Final Rules that swap data reported to and
maintained by an SDR may be accessed by an AFR without the execution of
a confidentiality and indemnification agreement when the AFR has
supervisory authority over a Commission-registered SDR that is also
registered with the AFR pursuant to foreign law and/or regulation.
---------------------------------------------------------------------------
\18\ See SDR Final Rules at 54554. The Commission notes that, to
date, no 21(c)(7) entity has entered into a confidentiality or
indemnification agreement pursuant to CEA section 21(d) or the part
49 rules.
\19\ See SDR Final Rules at 54554, n163. Accordingly, pursuant
to the Commission's Part 49 rules, these provisions did not apply to
an ADR that has regulatory jurisdiction over an SDR registered with
the ADR pursuant to a separate statutory authority and also
registered with the Commission, if the ADR executes an MOU or
similar information sharing arrangement with the Commission and the
Commission, consistent with CEA section 21(c)(4)(A), designates the
ADR to receive direct electronic access. See 17 CFR 49.17(d)(2).
---------------------------------------------------------------------------
Since concerns about the scope of the indemnification requirement
persisted, the Commission issued an interpretative statement designed
to provide guidance and greater clarity to interested members of the
public and foreign regulators with respect to the scope and application
of CEA section 21(d) and the part 49 rules.\20\ The Interpretative
Statement clarified that a foreign regulatory authority's access to
swap data held in a CFTC-registered SDR would not be subject to the
confidentiality and indemnification provisions of CEA section 21(d) or
the part 49 regulations if (i) the registered SDR is also registered
in, or recognized or otherwise authorized by, the foreign authority's
regulatory regime and (ii) the data sought to be accessed by the
foreign authority has been reported to the registered SDR pursuant to
such foreign regulatory regime.\21\
---------------------------------------------------------------------------
\20\ See Swap Data Repositories: Interpretative Statement
Regarding the Confidentiality and Indemnification Provisions of the
Commodity Exchange Act, 77 FR 65177 (Oct. 25, 2012)
(``Interpretative Statement'').
\21\ Interpretative Statement at 65181.
---------------------------------------------------------------------------
C. FAST Act Amendments to CEA Section 21
Congress responded to regulators' access concerns by including in
the FAST Act a repeal of the indemnification requirement in CEA section
21(d)(2).\22\ The confidentiality requirement in CEA section 21(d)(1)
was retained in amended CEA section 21(d).\23\
---------------------------------------------------------------------------
\22\ Title LXXXVI (``Repeal of Indemnification Requirements'')
of the FAST Act amends the CEA by repealing the indemnification
requirements added by the Dodd-Frank Act for regulatory authorities
to obtain access to swap data because foreign regulators and
regulatory entities have indicated concerns regarding the
indemnification requirements of the Dodd-Frank Act. The title
removes such requirements so data can be shared with foreign
authorities. The title would still require the regulatory agencies
requesting the information to agree to certain confidentiality
requirements prior to receiving the data. FAST Act: Conference
Report to Accompany H.R. 22, Dec. 1, 2015 at 486-87. The repeal
applied as well to the analogous provision in the Securities
Exchange Act of 1934, 15 U.S.C. 78m(n)(5).
\23\ As noted above, FAST Act section 86002(b)(2) struck
subsection (d) of CEA section 21 and inserted a new provision in its
place that stated that before the swap data repository may share
information with any entity listed in section (c)(7), the swap data
repository shall receive a written agreement from each entity
stating that the entity shall abide by the confidentiality
requirements described in section 8 of the CEA relating to the
information on swap transactions that is provided.
---------------------------------------------------------------------------
The FAST Act also modified CEA section 21(c)(7)(A) by clarifying
that SDRs must make available the ``swap'' data they obtain to 21(c)(7)
entities, and added to CEA section 21(c)(7)(E)'s non-exclusive list of
persons that the Commission may determine to be appropriate recipients
of SDR swap data the new category ``other foreign authorities.'' \24\
---------------------------------------------------------------------------
\24\ See FAST Act section 86001(b)(1).
---------------------------------------------------------------------------
D. CEA Section 8 and the Confidentiality Provisions of CEA Section 21
CEA section 8 governs the Commission's treatment of nonpublic
information in its possession in a number of circumstances. CEA section
8(e) permits the Commission to furnish to the specified types of
domestic or foreign entities--upon their request and acting within the
scope of their jurisdiction--any information in its possession obtained
in connection with the administration of the Act.\25\ CEA section 8(e)
specifies, with respect to federal U.S. entities, that any information
furnished thereunder shall not be disclosed by the entity except in an
action or proceeding under the laws of the United States to which the
entity, the Commission or the United States is a party. CEA section
8(e) further specifies, with respect to the specified types of foreign
entities, that the Commission shall not furnish information thereunder
unless the Commission is satisfied that the information will not be
disclosed by the entity except in connection with an adjudicatory
action or proceeding to which the entity is a party brought under the
laws to which such entity is subject.
---------------------------------------------------------------------------
\25\ 7 U.S.C. 12(e).
---------------------------------------------------------------------------
CEA sections 21(c)(7) and 21(d) incorporate CEA section 8 in
establishing the disclosure restrictions and confidentiality standards
that apply to SDRs when providing swap data to regulators. The
Commission interprets these provisions as requiring consistency with
the principles underlying CEA section 8(e) and therefore being
fundamental to the access standards and confidentiality provisions
adopted in this release. In adopting revised Sec. Sec. 49.17 and
49.18, the Commission is mindful of these foundational principles:
Where information is sought to be accessed, the information must relate
to the scope of the requesting entity's jurisdiction; and information
provided by the SDR shall not be further disclosed except in limited,
defined circumstances.
E. High-Level Summary of Revisions to Part 49
Pursuant to its authority under the Act,\26\ the Commission
proposed amendments in January 2017 to Sec. Sec. 49.2, 49.9, 49.17,
49.18, and 49.22 to (i) implement the statutory changes mandated by the
FAST Act amendments; (ii) make certain conforming and clarifying
changes related to such implementation; (iii) revise the process by
which appropriateness is determined for purposes of access to SDR swap
data; (iv) clarify the standards in connection with the Commission's
appropriateness determinations; and (v) establish the form and
substance of the written agreement mandated by CEA section 21(d), as
amended.\27\ In formulating the proposed amendments, the Commission
endeavored to achieve the goals of effective and consistent global
regulation of swaps \28\ while adhering to the mandate of CEA sections
21(c)(7) and (d) that swap data be made available to a limited universe
of
[[Page 27413]]
regulators on a confidential basis pursuant to CEA section 8. As
explained in Section II below, the Commission is generally adopting,
with certain modifications, the rules and rule amendments as proposed.
---------------------------------------------------------------------------
\26\ See, e.g., CEA section 21(f)(4) (Additional duties
developed by Commission), 7 U.S.C. 24a(f)(4). The Commission is also
authorized by CEA section 8a(5), 7 U.S.C. 12a(5), to make such rules
and regulations as, in the judgment of the Commission, are
reasonably necessary to effectuate any of the provisions or to
accomplish any of the purposes of the CEA.
\27\ See Proposed Amendments To Swap Data Access Provisions and
Certain Other Matters, 82 FR 8369 (Jan. 25, 2017) (``NPRM'').
\28\ Section 752(a) of the Dodd-Frank Act directs the CFTC, the
SEC and the prudential regulators, as appropriate, to consult and
coordinate with foreign regulatory authorities in this regard and
provides that these entities may agree to such information-sharing
arrangements as may be deemed necessary or appropriate in the public
interest or for the protection of investors, swap counterparties,
and security-based swap counterparties.
---------------------------------------------------------------------------
F. Rescission of Interpretative Statement
The Commission has determined to rescind the Interpretative
Statement. References to the indemnification requirement in the
Interpretative Statement are no longer necessary, as the FAST Act
repealed the indemnification requirement in CEA section 21(d).
Additionally, the modifications to Sec. 49.17(d)(3) that are adopted
by the Commission in this release are not inconsistent with the
clarifications provided in the Interpretative Statement.
II. Discussion
A. Definitions: Amendments to Sec. 49.2
As originally adopted, Sec. 49.2(a)(5) defined the term ``Foreign
Regulator'' to include a foreign futures authority as defined in CEA
section 1a(26), foreign financial supervisors, foreign central banks
and foreign ministries.\29\ The FAST Act amendments to the CEA added to
section 21(c)(7)(E) a new category of entity--``other foreign
authorities''--that the Commission may deem appropriate to obtain
access to SDR swap data. The Commission proposed in the NPRM a
corresponding amendment to the definition of ``Foreign Regulator'' in
Sec. 49.2(a)(5) to conform this definition to amended CEA section
21(c)(7)(E). The Commission received no comments on that proposed
amendment. Thus, for the foregoing reasons, the Commission is adopting
the amendment as proposed.
---------------------------------------------------------------------------
\29\ 17 CFR 49.2(a)(5). CEA Section 1a(26) defines a ``foreign
futures authority'' as any foreign government, or any department,
agency, governmental body, or regulatory organization empowered by a
foreign government to administer or enforce a law, rule, or
regulation as it relates to a futures or options matter, or any
department or agency of a political subdivision of a foreign
government empowered to administer or enforce a law, rule, or
regulation as it relates to a futures or options matter.
---------------------------------------------------------------------------
B. Domestic and Foreign Regulators With Regulatory Responsibility Over
SDRs: Amendments to Sec. 49.17(d)(2) and (3)
1. Current Rules
Commission regulation 49.17(d)(2) currently provides that an ADR
with regulatory jurisdiction over an SDR that is registered with the
ADR pursuant to a separate statutory authority and that is also
registered with the Commission does not need to apply to the SDR for
access to swap data and execute a confidentiality and indemnification
agreement, as required by Sec. Sec. 49.17(d) and 49.18(b), as long as
the following conditions are met: (i) The ADR executes an MOU or
similar information sharing arrangement with the Commission; and (ii)
the Commission, consistent with CEA section 21(c)(4)(A), designates the
ADR to receive direct electronic access. The Commission provided in the
SDR Final Rules that these ADRs may be provided access to the swap data
reported and maintained by SDRs without being subject to the notice and
indemnification provisions of CEA sections 21(c)(7) and (d).\30\
---------------------------------------------------------------------------
\30\ See SDR Final Rules at 54554.
---------------------------------------------------------------------------
Commission regulation 49.17(d)(3) currently provides that an AFR
with supervisory authority over an SDR registered with it pursuant to
foreign law and/or regulation that is also registered with the
Commission is not subject to the requirements of Sec. 49.17(d) and
Sec. 49.18(b). As described in the SDR Final Rules and the
Interpretative Statement, the Commission believes that swap data
reported to, and maintained, by an SDR may be appropriately accessed by
an AFR without the execution of a confidentiality and indemnification
agreement when the AFR is acting in a regulatory capacity with respect
to an SDR that is also registered with the AFR, and the swap data was
reported to such SDR pursuant to such AFR's regulatory regime.
2. Proposed Amendments
With respect to domestic regulators with regulatory jurisdiction
over an SDR, the Commission proposed in the NPRM to remove: (1) The
reference to ``Appropriate Domestic Regulator'' in Sec. 49.17(d)(2)
and replace it with the term ``domestic regulator'' to clarify that all
domestic regulators, and not just ADRs, would fall under Sec.
49.17(d)(2); (2) Sec. 49.17(d)(2)(i) (information sharing arrangement
condition); and (3) Sec. 49.17(d)(2)(ii) (direct electronic access
condition). Based on its experience with SDR swap data access, the
Commission believed an additional refinement of these rules was
necessary in order to promote greater efficiency and cooperation among
domestic regulators. Accordingly, the Commission proposed that a
domestic regulator that has regulatory responsibility over an SDR
registered with it pursuant to a separate statutory authority should be
able to access SDR data reported to such SDR pursuant to such separate
statutory authority irrespective of whether such domestic regulator has
executed an MOU or similar information sharing arrangement with the
Commission or been designated to receive direct electronic access by
the Commission.\31\
---------------------------------------------------------------------------
\31\ The Commission's proposal for domestic regulators was
consistent with the principle previously set forth in the
Interpretative Statement with respect to the application of the
confidentiality and indemnification provisions of the CEA to foreign
regulators. In particular, the Commission stated that a foreign
regulator's access to data from a registered SDR that is also
registered, recognized, or otherwise authorized in a foreign
jurisdiction's regulatory regime, where the data to be accessed has
been reported pursuant to that other regulatory regime, will be
dictated by that jurisdiction's regulatory regime and not by the CEA
or Commission regulations. See Interpretative Statement at 65181.
---------------------------------------------------------------------------
In connection with foreign regulatory authorities that have
supervisory authority over an SDR, the Commission proposed in the NPRM
to (i) replace the reference to ``Appropriate Foreign Regulator'' in
Sec. 49.17(d)(3) with the term ``Foreign Regulator,'' as defined in
Sec. 49.2, to clarify that all Foreign Regulators, not only those that
have been determined ``appropriate'' by the Commission, would fall
under Sec. 49.17(d)(3); and (ii) add qualifying language to Sec.
49.17(d)(3) so that Sec. 49.17(d)(3) applies not only to SDRs that are
``registered'' with the Foreign Regulator but also to those SDRs that
are ``recognized or otherwise authorized'' by the Foreign Regulator,
where the swap data being accessed has been reported to the SDR
pursuant to the Foreign Regulator's regulatory regime.\32\
---------------------------------------------------------------------------
\32\ Id.
---------------------------------------------------------------------------
3. Comments Received
The Commission received one comment, from Chicago Mercantile
Exchange Inc. (``CME''), DTCC Data Repository (U.S.) LLC (``DDR''), and
ICE Trade Vault, LLC (``ICETV'' and, collectively with CME and DDR, the
``SDR Commenters''), on its proposed modifications to Sec. 49.17(d)(2)
and (3).\33\ The SDR Commenters supported the Commission's proposed
modifications to Sec. 49.17(d)(2) and (3) stating that recognizing the
separate jurisdictional authority of another domestic regulator or
foreign regulator would further appropriate information sharing
necessary for regulatory oversight and global systemic risk mitigation
purposes.\34\
---------------------------------------------------------------------------
\33\ Joint Comment Letter submitted by CME, DDR, and ICETV at 2
(March 27, 2017) (``SDR Letter'').
\34\ Id.
---------------------------------------------------------------------------
4. Final Rules
After considering the comments it received with respect to its
proposed amendments to Sec. 49.17(d)(2) and (3), and for the reason
stated above in section II.B.2., the Commission continues to believe
that swap data
[[Page 27414]]
reported to, and maintained by, an SDR may be appropriately accessed by
a domestic regulator or Foreign Regulator without the execution of a
confidentiality and indemnification agreement (1) when the regulator is
acting in a regulatory or supervisory capacity with respect to an SDR
that is also registered with, or recognized or otherwise authorized by,
the regulator and (2) with respect to swap data reported to such SDR
pursuant to such regulator's regulatory regime. The Commission,
accordingly, is adopting the amendments to Sec. 49.17(d)(2) and (3) as
proposed.
C. Appropriateness Determination for Foreign Regulators and Non-
Enumerated Domestic Regulators: Amendments to Sec. 49.17(b) and New
Sec. 49.17(h)
1. Current Rule
CEA section 21(c)(7) specifies U.S. entities to which swap data
must be released by an SDR, provided certain prerequisites are
satisfied. Because Congress has determined that access to SDR swap data
by these entities is appropriate when the prerequisites are satisfied,
no appropriateness determination by the Commission is necessary. These
U.S. entities, along with any others the Commission determines to be
appropriate pursuant to CEA section 21(c)(7)(E), are identified in
Sec. 49.17(b)(1) as ADRs. The current part 49 rules do not include a
process for how the Commission would determine a domestic regulator to
be ``appropriate'' within the meaning of CEA section 21(c)(7)(E).
Under current Sec. 49.17(b)(2)(i), in order for a Foreign
Regulator that does not have a current MOU with the Commission to be
determined to be an AFR,\35\ it must file with the Commission an
application in the form and manner specified by the Commission.\36\
Current Sec. 49.17(b)(2)(i)(B) requires that the application provide
sufficient facts and procedures to permit the Commission to analyze
whether the Foreign Regulator's confidentiality procedures are
appropriate and to satisfy the Commission that information provided by
an SDR will be disclosed by the Foreign Regulator only as permitted by
CEA section 8(e).
---------------------------------------------------------------------------
\35\ No specific Foreign Regulators are enumerated in CEA
section 21(c)(7) or specifically identified as AFRs in Sec.
49.17(b)(2).
\36\ To date, the Commission has not specified a form and manner
for the application referenced in current Sec. 49.17(b)(2)(i)(A).
---------------------------------------------------------------------------
2. Proposed Amendments: Determination Order Process
The Commission proposed to eliminate the current filing
requirements set forth in current Sec. 49.17(b)(2)(i) and establish
new filing requirements in proposed new Sec. 49.17(h) that would apply
to both Foreign Regulators and domestic regulators. The Commission also
proposed to include, in Sec. 49.17(h), CEA-section-8-related
confidentiality considerations and the ability for the Commission to
revisit or reassess appropriateness determinations. As proposed, new
Sec. 49.17(h) would apply to each Foreign Regulator regardless of
whether there was a current MOU or similar information sharing
arrangement in place between such Foreign Regulator and the Commission,
and to any domestic regulator other than an ADR enumerated in Sec.
49.17(b)(1)(i) through (vi) (``Enumerated ADR'').
Proposed Sec. 49.17(h)(3) specified two threshold requirements for
a finding of appropriateness: (i) The requesting entity has in place
appropriate safeguards to maintain the confidentiality of swap data
received from an SDR; and (ii) such entity is acting within the scope
of its jurisdiction in seeking access to swap data maintained by an
SDR. Because the Commission stated that these requirements are
necessary, but may or may not be sufficient to support an
appropriateness determination, the Commission proposed to evaluate each
filing on a case-by-case basis with reference to these and other
factors that the Commission may find germane to its determination. The
Commission proposed that, were it to find, based on information
submitted to it, that an entity's access to SDR swap data was
appropriate, the Commission would issue an order confirming the
entity's status as an ADR or AFR and setting forth any conditions or
limitations on access consistent with the relevant statutory and
regulatory requirements (a ``Determination Order'').
The Commission also proposed in Sec. 49.17(h)(4) to be able to
revisit, reassess, limit, suspend or revoke a previously issued
Determination Order. That proposal was based on the Commission's belief
that it is necessary to reserve the authority to revisit an
appropriateness determination, and potentially take one of the
foregoing remedial actions, in order to be able to address situations
that may arise subsequent to the determination, such as where an AFR or
ADR violates the terms of a Determination Order or fails to keep SDR
swap data confidential.
3. Proposed Amendments: Factors Considered in Issuing a Determination
Order
a. Scope of Jurisdiction
CEA section 21(c)(7) directs SDRs to provide swap data to
regulators on a confidential basis pursuant to section 8.\37\ The
Commission interprets this provision to require consistency with the
CEA section 8(e) mandate that information be furnished, on a
confidential basis, only to other regulators acting within the scope of
their jurisdiction. Accordingly, the Commission believes that an
appropriateness determination must be informed by reference to a
regulator's jurisdiction.
---------------------------------------------------------------------------
\37\ 7 U.S.C. 24(c)(7).
---------------------------------------------------------------------------
In this regard, the Commission proposed to add new Sec.
49.17(h)(2), which would require an applicant seeking a Determination
Order to provide the Commission sufficient information to permit the
Commission to analyze whether the applicant is acting within the scope
of its jurisdiction in seeking access to swap data maintained by an
SDR. As part of this information, the Commission stated that it
expected that an applicant would explain the relationship between its
jurisdiction and its request for access to swap data maintained by
SDRs, including an explanation of the applicant's need for swap data to
carry out its regulatory mandate, legal authority or
responsibility.\38\
---------------------------------------------------------------------------
\38\ The Commission expects that the applicant would provide a
description of its scope of jurisdiction as part of these
explanations.
---------------------------------------------------------------------------
The Commission proposed in new Sec. 49.17(h)(3) that the
Commission would not issue a Determination Order unless it were
satisfied that an applicant was acting within the scope of its
jurisdiction in seeking access to SDR swap data. The Commission also
stated in the NPRM that it expected that each Determination Order would
further require, as a condition of the appropriateness determination
set forth therein, that a regulator that received a Determination Order
promptly notify the Commission, and each SDR from which it received
swap data, of any change to its jurisdiction that would relate to the
swap data access requested.\39\ Proposed Sec. 49.17(d)(4)(iii) enabled
the Commission to direct SDRs to limit, suspend or revoke an ADR's or
AFR's SDR swap data access to reflect the new scope of its
jurisdiction, and required the SDRs to so limit, suspend
[[Page 27415]]
or revoke such access in response to such Commission direction. The
Commission expected that limiting access in this manner would reduce
the risk of unauthorized or unnecessary disclosures because each
appropriate regulator would have access to swap data only to the extent
necessary to fulfill its amended jurisdictional mandate or regulatory
responsibility.
---------------------------------------------------------------------------
\39\ The form of confidentiality arrangement set forth in
proposed Appendix B to part 49 (``Confidentiality Arrangement
Form'') also would have required such notices.
---------------------------------------------------------------------------
b. Robust Confidentiality Safeguards
CEA section 21(c)(7) requires that SDRs make swap data available on
a confidential basis pursuant to CEA section 8. Proposed Sec.
49.17(h)(2) accordingly would require that an applicant for a
Determination Order submit to the Commission information sufficient to
permit the Commission to analyze whether the applicant employs
appropriate confidentiality safeguards to ensure that swap data the
applicant receives from an SDR would not be disclosed other than as
permitted by the confidentiality arrangement required by proposed Sec.
49.18(a). The Commission anticipated that this analysis would involve
the Commission considering whether the applicant's confidentiality
protocols, system safeguards and security compliance procedures could
be expected to ensure the confidentiality of the swap data, and whether
the applicant had in place protections sufficient to prevent
unauthorized intrusions into the systems that maintain the swap data.
In this regard, the Commission stated in the NPRM that it would also
expect to consider the applicant's processes for limiting internal
access to swap data to those persons with a need to know, as well as
how the swap data would be stored and whether the swap data would be
segregated from other information.
The Commission stated in the NPRM its view that the confidentiality
protections set forth in proposed Sec. 49.17(h)(2) strike an
appropriate tradeoff between realizing the benefits of data access by
regulators,\40\ and protecting confidential information in accordance
with the dictates of CEA section 8(e), which, as described above, is
incorporated into the access provisions of CEA sections 21(c)(7) and
(d). In the NPRM, the Commission stated that it would consider these
factors essential to a determination of appropriateness.
---------------------------------------------------------------------------
\40\ See CEA section 21(c)(7); see also Section 752(a) of the
Dodd-Frank Act (recognizing the goal of effective and consistent
global regulation of swaps).
---------------------------------------------------------------------------
c. Swap Data Sharing Considerations
The Commission stated in the NPRM that other considerations not
proposed to be codified may also contribute to the Commission's
appropriateness analysis. Although the Commission proposed to eliminate
the current regulatory provision conferring AFR status on a Foreign
Regulator with an existing MOU or other similar type of information
sharing arrangement executed with the Commission,\41\ it nonetheless
stated in the NPRM its continued belief that the existence of such an
arrangement fosters a cooperative relationship and encourages the
development of shared understandings related to regulatory
responsibilities. The Commission added in the NPRM that, although not
dispositive, indications of a strong cooperative relationship with
another authority, as established by the existence of such an
arrangement and the Commission's experience working with such authority
in finalizing and administering the arrangement, would likely be a
factor supporting an appropriateness determination. The Commission also
stated in the NPRM that a failure to cooperate fully or to comply with
the terms of an existing or prior arrangement might be expected to
weigh against an appropriateness determination.
---------------------------------------------------------------------------
\41\ 17 CFR 49.17(b)(2).
---------------------------------------------------------------------------
Similarly, when assessing appropriateness, the Commission expected
to consider whether it receives access to swap data maintained by trade
repositories subject to the applicant's jurisdiction. The Commission
stated in the NPRM that it is mindful of the Dodd-Frank Act's
encouragement of coordination and cooperation with foreign regulatory
authorities.\42\ The Commission also stated in the NPRM its belief that
increased data access by regulators has the potential to provide the
Commission and other authorities with more complete information with
which to monitor risk exposures and should be expected to promote
global market stability through enhanced regulatory transparency.
Accordingly, the Commission stated in the NPRM, it would view the
following favorably in considering appropriateness: (i) Commission
access to swap data maintained by trade repositories in a foreign
regulator's jurisdiction; (ii) an arrangement to assist the Commission
in obtaining data from other jurisdictions; and (iii) a history of
assistance from a foreign regulator.
---------------------------------------------------------------------------
\42\ See also Dodd-Frank Act section 752 (recognizing the goal
of effective and consistent global regulation of swaps).
---------------------------------------------------------------------------
4. Proposed Amendments: Other Matters Regarding the Determination Order
Process
The Commission stated in the NPRM its preliminary belief that the
Determination Order process and factors discussed above offer a
reasonable approach to providing requesting entities access to SDR swap
data based on clearly articulated factors and any additional
considerations or circumstances the Commission may deem relevant on a
case-by-case basis. The Commission added that both the required factors
and the additional considerations support the mandates of CEA sections
8, 21(c)(7) and 21(d) and are consistent with the express intent of
Congress that the Commission coordinate and cooperate with foreign
regulatory authorities on matters related to the regulation of swaps.
Through the issuance of Determination Orders, the Commission expected
to be able to impose appropriate conditions or restrictions on an
entity's access to SDR swap data such that the entity's access would be
linked to its jurisdictional scope. Pursuant to proposed Sec.
49.17(h)(3), the Commission could, in its discretion, issue a
Determination Order of limited duration. The Commission stated in the
NPRM that it would expect SDRs to take into account any conditions or
restrictions contained in a Determination Order when providing access
to swap data to an ADR or AFR.
The Commission further believed it appropriate to make the process
and factors proposed in Sec. 49.17(h) applicable to any domestic
entities that are not enumerated as ADRs in Sec. 49.17(b)(1)(i)
through (vi), as scope of jurisdiction and confidentiality
considerations are equally applicable to U.S. entities, and drafted
proposed Sec. 49.17(h) accordingly.
5. Final Rules
After considering the comments received in the SDR Letter, and for
the reasons stated in the NPRM, stated above in sections II.C.2.-4. and
stated in this section, the Commission is adopting amendments to Sec.
49.17(b) and new Sec. 49.17(h) as proposed.
The Commission requested comment on all aspects of proposed Sec.
49.17(h), particularly on whether the proposed regulatory and other
factors are sufficient to determine whether access to SDR swap data is
appropriate. The Commission received one comment in response, from the
SDR Commenters. The SDR Commenters expressed support for the Sec.
49.17(h) appropriateness determination process proposed in the NPRM
with respect to
[[Page 27416]]
Foreign Regulators and non-enumerated domestic regulators, including
the requirement that such regulators file an application with the
Commission to be determined to be appropriate recipients of SDR swap
data. The SDR Commenters added that they ``believe that a[n] MOU or
other information sharing arrangement alone, by [its] nature, ha[s] the
potential for imprecise language and bespoke arrangements that would
not provide sufficient indication of a regulator's `appropriateness.'
'' \43\
---------------------------------------------------------------------------
\43\ SDR Letter at 3.
---------------------------------------------------------------------------
The SDR Commenters also suggested that the Commission revise
proposed Sec. 49.17(h)(4), which provides that the Commission reserves
the right to revisit, reassess, limit, suspend or revoke any
appropriateness determination with respect to an ADR or AFR, consistent
with the CEA, to require the Commission to provide a written notice to
SDRs of such action to ensure that all SDRs are aware of any changes in
status with respect to an appropriateness determination.\44\ The
Commission agrees with the substance of the ``written notice'' comment
but believes that this suggestion should be incorporated elsewhere in
the Commission's regulations. Specifically, because proposed Sec.
49.17(h)(4) merely addresses the Commission's right to revisit,
reassess, limit, suspend or revoke any appropriateness determination,
whereas proposed Sec. 49.17(d)(5) required an SDR to take such action
as directed by the Commission,\45\ the Commission believes that
proposed Sec. 49.17(d)(5), rather than proposed Sec. 49.17(h)(4),
should be amended in response to the ``written notice'' comment.\46\
Accordingly, the Commission is adopting Sec. 49.17(d)(5) as proposed
but with a modification to require that any Commission direction to an
SDR specified therein be in writing.
---------------------------------------------------------------------------
\44\ SDR Letter at 7.
\45\ As proposed, Sec. 49.17(d)(5) did not require that the
Commission direct the SDR in writing to take any of such actions.
\46\ Proposed Sec. 49.17(h)(4) stated that the Commission
reserves the right, in connection with any appropriateness
determination with respect to an Appropriate Domestic Regulator or
Appropriate Foreign Regulator, to revisit, reassess, limit, suspend
or revoke such determination consistent with the Act. Proposed Sec.
49.17(d)(5) stated that an SDR shall, as directed by the Commission,
limit, suspend or revoke such access should the Commission limit,
suspend or revoke the appropriateness determination for such ADR or
AFR or otherwise direct the SDR to limit, suspend or revoke such
access.
---------------------------------------------------------------------------
Accordingly, for the reasons stated in the NPRM, stated above in
sections II.C.2.-4. and stated in this section, the Commission is
adopting amendments to Sec. 49.17(b) and new Sec. 49.17(h) as
proposed.
D. Amendments to Sec. 49.17(d)(4): SDR Notice and Verification
Obligations
1. Proposed Amendments
CEA section 21(c)(7) requires each SDR to notify the Commission of
a swap data request received from an ADR or AFR.\47\ Currently, this
statutory requirement is implemented in Sec. 49.17(d)(4)(i), which
provides that an SDR must promptly notify the Commission regarding
``any'' request received by an ADR or AFR to gain access to swap data
maintained by the SDR.
---------------------------------------------------------------------------
\47\ See CEA section 21(c)(7), 7 U.S.C. 24a(c)(7).
---------------------------------------------------------------------------
To reduce the burden on SDRs and provide greater operational
efficiency consistent with the intent of CEA section 21(c)(7), the
Commission proposed to amend the SDR notification requirement in
current Sec. 49.17(d)(4)(i) to require an SDR to notify the Commission
(i) at the time that it receives the first request for access to swap
data from a particular ADR or AFR and (ii) at any time that a swap data
request from an ADR or AFR does not comport with the scope of the ADR's
or AFR's jurisdiction, as described in the confidentiality arrangement
required by proposed Sec. 49.18(a). As proposed, the amendment
provided that, upon receiving either such request for data by a
particular ADR or AFR, the SDR would be required to provide prompt
electronic notification to the Commission of the request, in a format
specified by the Secretary of the Commission, pursuant to proposed
Sec. 49.17(d)(4)(ii). The SDR would be required to keep such
notification and related requests confidential consistent with the
requirements of CEA sections 21(c)(6) and (7) and related regulatory
requirements set forth in Sec. Sec. 49.16 and 49.17.
The Commission stated in the NPRM its belief that the proposed
approach to SDR notification supports the Commission's need to be aware
of who is able to access SDR swap data and what data has been accessed,
while eliminating potentially costly, unwieldy and inefficient notice
of every swap data request. Under the proposal, the Commission would be
notified that a particular ADR or AFR has requested access to SDR swap
data and would be able to examine SDR records of the ADR's or AFR's
individual swap data requests, and the swap data provided, as the
Commission deemed necessary.\48\
---------------------------------------------------------------------------
\48\ The Commission stated in the NPRM that, consistent with the
current recordkeeping requirements for SDRs in Sec. 45.2(f), SDRs
are required to maintain records of all information related to the
initial and all subsequent requests for swap data from ADRs and
AFRs. The Commission stated that appropriate records would include,
at a minimum, the identity of the ADR or AFR accessing the swap
data, the date, time and substance of the request for access,
confirmation that the request is consistent with the scope of the
regulator's jurisdiction, and copies of all swap data provided by
the SDR in connection with the request for access. The Commission
added that, pursuant to Sec. 1.31, SDRs are required to maintain
such records for a period of no less than five years after the date
of such request and must provide this information to the Commission
upon request.
---------------------------------------------------------------------------
The Commission also proposed to amend Sec. 49.17(d)(4) by adding
new paragraph (iii) to require each SDR that receives a request for
access to its swap data from an ADR or AFR to determine, prior to
providing such access, that the request is consistent with the scope of
the ADR's or AFR's jurisdiction, as described in the confidentiality
arrangement required by proposed Sec. 49.18(a).\49\ This verification
would need to incorporate any subsequent changes to such scope of
jurisdiction.
---------------------------------------------------------------------------
\49\ The scope of jurisdiction would have been described in
Exhibit A to the form of confidentiality arrangement set forth in
proposed Appendix B to part 49.
---------------------------------------------------------------------------
The Commission also proposed to require an ADR or AFR that has
executed a confidentiality arrangement with the Commission pursuant to
Sec. 49.18(a) and provided such confidentiality arrangement to one or
more SDRs to notify the Commission and each such SDR of any change to
such ADR's or AFR's scope of jurisdiction as described in such
confidentiality arrangement. Additionally, the proposal enabled the
Commission to direct an SDR to suspend, limit, or revoke access to swap
data maintained by such SDR based on any such change to an ADR's or
AFR's scope of jurisdiction, and required that, if so directed, such
SDR must suspend, limit, or revoke such access.
Proposed Sec. 49.17(d)(4)(iv) required SDR verification only once
with respect to a request for ongoing or recurring access to particular
data. Additionally, if there was a change in the request, the ADR or
AFR would be obligated to make a new determination pursuant to proposed
Sec. 49.17(d)(4)(iii). The Commission recognized that the proposed
requirement would impose a burden on SDRs but noted that SDRs are
obliged by CEA section 21(c)(7) to provide access ``pursuant to section
8'' of the CEA, which, as discussed above, the Commission interprets as
requiring a jurisdictional nexus to the information requested,
consistent with CEA section 8(e). The Commission stated that it
believed that, in such circumstances, SDRs must take a role in ensuring
[[Page 27417]]
compliance with those statutory restrictions of CEA section 21(c)(7).
2. Final Rules
The Commission received several comments from the SDR Commenters on
the proposed amendments to Sec. 49.17(d)(4). For the reasons stated
above in section II.D.1. and stated in this section II.D.2., the
Commission is adopting Sec. 49.17(d)(4)(i) through (iv) as proposed,
with one exception. Specifically, the Commission is adopting Sec.
49.17(d)(4)(iii) with one modification suggested by the SDR Commenters,
as discussed below in section II.D.2.c.iii. In response to the SDR
Commenters' comments, the Commission is also clarifying the guidance
provided in the NPRM on Federal Register page 8,381, as discussed below
in section II.D.2.a.ii.
a. Sec. 49.17(d)(4)(i)
i. Notices of Initial Access Requests and Requests Outside the Scope of
Jurisdiction
The SDR Commenters supported the proposed amendment to the
notification provisions in current Sec. 49.17(d)(4)(i) to require SDRs
to notify the Commission only of an initial ADR or AFR request for
access to swap data (rather than every request for swap data), stating
that this would reduce reporting burdens and increase operational
efficiencies. However, the SDR Commenters stated that ``subsection
Sec. 49.17(d)(4)(i) and (iii) should be modified to remove the
requirement that an SDR determine whether swap data to which the ADR or
AFR seeks access is within the then-current scope of such ADR's or
AFR's jurisdiction.'' \50\ The SDR Commenters claimed that they ``are
not the appropriate entities to determine the scope of a regulator's
jurisdiction'' because ``[t]hey do not possess the means to do so
correctly with current data fields'' \51\ and that the scope of
jurisdiction determination ``must rest solely with the Commission.''
\52\ Accordingly, the SDR Commenters insisted that their
responsibilities ``must be limited to providing access to the ADRs and
AFRs in accordance with the specific, appended jurisdictional
information clearly set forth in the documents describing the
confidentiality arrangements negotiated by the Commission pursuant to
Sec. 49.18.(a).'' \53\
---------------------------------------------------------------------------
\50\ SDR Letter at 4. Proposed Sec. 49.17(d)(4)(i) states that
a registered SDR shall notify the Commission promptly after
receiving any request that does not comport with the scope of the
ADR's or AFR's jurisdiction, as described and appended to the
confidentiality arrangement required by proposed Sec. 49.18(a).
\51\ SDR Letter at 3.
\52\ SDR Letter at 2.
\53\ SDR Letter at 4.
---------------------------------------------------------------------------
The Commission declines to modify Sec. 49.17(d)(4)(i) to provide
that an SDR does not need to determine whether swap data to which an
ADR or AFR seeks access is within the then-current scope of such ADR's
or AFR's jurisdiction. As noted above, SDRs are obliged by CEA section
21(c)(7) to provide access ``pursuant to section 8'' of the CEA, which
the Commission interprets as requiring a jurisdictional nexus to the
information requested, consistent with CEA section 8(e). However, for
the reasons discussed below in response to the SDR Commenters' comments
on proposed Sec. 49.17(d)(4)(iii) in relation to determining whether
an ADR's or AFR's request for swap data is within the scope of its
jurisdiction, the Commission expects SDRs' role in applying Sec.
49.17(d)(4)(i) to be straightforward. As discussed below, the
Commission will ensure that each ADR and AFR seeking swap data access
provides each SDR from which it seeks such access a description,
appended to the confidentiality arrangement required by proposed Sec.
49.18(a), of the ADR's or AFR's scope of jurisdiction in a form that
will lend itself to SDRs being readily able to determine whether a
particular data request falls within the described scope of
jurisdiction. As the Commission will have previously reviewed the
described scope of jurisdiction before it is provided to an SDR as part
of the confidentiality arrangement required by proposed Sec. 49.18(a),
the SDR's role in ensuring that ADRs' and AFRs' swap data access is
limited to swap data within the then-current scope of such ADR's or
AFR's jurisdiction would be limited to appropriately circumscribing the
scope of the swap data to which an ADR or AFR obtains access to match
the ADR's or AFR's scope of jurisdiction, as described in the appendix
to the confidentiality arrangement required by Sec. 49.18(a), and
notifying the Commission if the SDR determines that a particular data
request does not comport with the described scope of jurisdiction.
Finally, Sec. 49.17(d)(4)(i) requires an SDR to notify the
Commission of initial requests for data by an ADR or AFR and of
requests for data that do not comport with the scope of jurisdiction of
an ADR or AFR. These notifications are required to be provided,
pursuant to Sec. 49.17(d)(4)(ii), in the format specified by the
Secretary of the Commission. In response to a request from the SDR
Commenters to specify that format, the Secretary of the Commission is
now specifying that these notices should be provided to Commission
staff at the email address [email protected].
ii. Recordkeeping
Proposed Sec. 49.17(d)(4)(i) required each SDR to maintain
records, pursuant to Sec. 49.12,\54\ of the details of an ADR's or
AFR's initial request for SDR swap data access and of all subsequent
requests by such ADR or AFR for such access. In the NPRM, the
Commission explained that an SDR's obligation to maintain records of
all information related to the initial and all subsequent requests by
an ADR or AFR for swap data access, pursuant to proposed Sec.
49.17(d)(4)(i) and existing Sec. 45.2(f), would require the retention
of records that included, at a minimum, the identity of the ADR or AFR
accessing the swap data, the date, time and substance of the request
for access, confirmation that the request is consistent with the scope
of the regulator's jurisdiction, and copies of all data reports and
other aggregation of data provided in connection with the request for
access.\55\
---------------------------------------------------------------------------
\54\ Commission Regulation 49.12(a) requires SDRs to maintain
their records in accordance with the requirements of part 45 of the
Commission's regulations regarding the swap data required to be
reported to SDRs. Commission Regulation 45.2(f) requires each SDR to
keep complete records of all SDR-related business activities.
\55\ NPRM at 8375, n.42; see also, NPRM at 8381 (Paperwork
Reduction Act discussion of recordkeeping burdens).
---------------------------------------------------------------------------
The SDR Commenters stated that ``the proposed requirement for SDRs
to maintain copies of data reports and other aggregation of data
provided in connection with the request [f]or access should be amended
to avoid imposing unnecessary costs.'' \56\ The SDR Commenters also
requested that ``additional detail as to what constitutes the `details
of such initial request and of all subsequent requests' be included in
the rule itself rather than merely mentioned in the preamble.'' \57\
The SDR Commenters characterized the recordkeeping requirements of
proposed Sec. 49.17(d)(4)(i) as requiring that SDRs maintain data
reports as financially burdensome, challenging to implement, and
potentially decreasing information security, because the requirements
could require an SDR ``to propagate a given data set more than once.''
\58\
---------------------------------------------------------------------------
\56\ SDR Letter at 6.
\57\ SDR Letter at 5-6.
\58\ SDR Letter at 6.
---------------------------------------------------------------------------
As an alternative to maintaining such reports, the SDR Commenters
suggested that they create pre-formatted data
[[Page 27418]]
reports and make them available for download by ADRs and AFRs ``so that
the record of access to such reports [would] be easily identifiable, in
lieu of maintaining logs of queries and query conditions . . . .'' \59\
The SDR Commenters added that, if the Commission adopted their
alternative, ``the parameters of the reports and the logic which is
used to populate the reports is all that should have to be
maintained.'' \60\ The SDR Commenters contended that the Commission
should require only ``the saving of metadata around reports rather than
the actual reports[.]'' \61\
---------------------------------------------------------------------------
\59\ Id.
\60\ Id.
\61\ Id.
---------------------------------------------------------------------------
After the NPRM was published in the Federal Register, Commission
staff discussed the SDR Commenters' recordkeeping concerns, as set out
in the SDR Letter, with the SDRs.\62\ Based on those discussions, the
Commission understands that the SDR Commenters plan to provide swap
data access to ADRs and AFRs in one of two ways: (1) Via pre-formatted
reports that the SDR Commenters would make available for download by
ADRs and AFRs or send to ADRs and AFRs, in each case on a regular
basis; or (2) via a Web-based portal through which ADRs and AFRs could
conduct customized searches of swap data.\63\ In those discussions, the
SDR Commenters explained that they would not consider it unduly
burdensome to maintain records of the pre-formatted reports (if they
provide ADRs and AFRs access to swap data via pre-formatted reports) or
records of both the parameters of the permitted access and the queries
(if they provide such access via Web portal).
---------------------------------------------------------------------------
\62\ Brief summaries of those ex parte communications are
available on the Commission's website at https://comments.cftc.gov/PublicComments/CommentList.aspx?id=1777.
\63\ The swap data provided in the pre-formatted reports or
through the Web-based portals would be limited to swap data within
the particular ADR's or AFR's scope of jurisdiction, as described in
the confidentiality arrangement required by Sec. 49.18(a).
---------------------------------------------------------------------------
In response to the SDR Letter, and for the reasons explained by the
SDR Commenters and described in this section, the Commission confirms
that, as represented by the SDRs and consistent with the reasoning
discussed in the NPRM,\64\ either of these means of providing swap data
access to ADRs and AFRs would be acceptable. The Commission also
confirms that SDRs may satisfy their recordkeeping duties under Sec.
49.17(d)(4)(i) by maintaining records of, as applicable: (1) Their pre-
formatted swap data reports; or (2)(a) the parameters of Web portal
swap data access and (b) queries run by ADRs and AFRs using such
access.
---------------------------------------------------------------------------
\64\ See, e.g., NPRM at 8385 (stating that the Commission is
proposing not to specify a particular means of ADRs and AFRs
accessing swap data) and 8386 (stating that the Commission expects
that SDRs would choose the lowest cost means of access consistent
with their statutory obligation to provide ADRs and AFRs access to
swap data and other constraints).
---------------------------------------------------------------------------
iii. Aggregated Data
The SDR Commenters also expressed concerns that the Commission's
statement that proposed Sec. 49.17(d)(4)(i) and existing Sec. 42.5
would require retention of copies of all other aggregation of data
provided in connection with the request for access was intended to
impose a requirement to provide aggregated data to ADRs or AFRs. To
address that concern, the SDR Commenters asked the Commission to
specify that SDRs would not be required to provide ADRs or AFRs with
aggregated data and that SDRs are required to provide only raw swap
transaction data, in the form of, for example, pre-formatted reports or
via Web-based portal access.\65\
---------------------------------------------------------------------------
\65\ See SDR Letter at 6.
---------------------------------------------------------------------------
In response to the foregoing comment, and for the reasons explained
by the SDR Commenters and described in this section, the Commission
clarifies that SDRs are required to provide ADRs and AFRs only raw swap
transaction data in the form in which SDRs maintain such data. The
Commission further clarifies that SDRs are not required to aggregate or
manipulate raw swap transaction data to provide it to ADRs or AFRs in
customized formats or reports requested thereby. Through its
consultations with certain ADRs as required by section 712(a)(1) of the
Dodd-Frank Act,\66\ the Commission understands that those ADRs
enumerated in Sec. 49.17(b)(1)(i) through (vi) that are interested in
accessing SDR swap data are capable of receiving such data and
manipulating and analyzing such data using their own systems.
---------------------------------------------------------------------------
\66\ Section 712(a)(1) of the Dodd-Frank Act provides that
before commencing any rulemaking or issuing an order regarding swap
data repositories, the Commission shall consult and coordinate to
the extent possible with the Securities and Exchange Commission and
the prudential regulators for the purposes of assuring regulatory
consistency and comparability.
---------------------------------------------------------------------------
After considering the comments on proposed Sec. 49.17(d)(4)(i),
for the reasons described above, the Commission is adopting the
amendments to Sec. 49.17(d)(4)(i) as proposed.
b. Sec. 49.17(d)(4)(ii)
The Commission proposed only minor, clarifying changes to Sec.
49.17(d)(4)(ii) and did not receive any comments thereon. The
Commission is adopting the amendments to Sec. 49.17(d)(4)(ii) as
proposed.
c. Sec. 49.17(d)(4)(iii)
i. Scope of an ADR's or AFR's Jurisdiction
The SDR Commenters commented that ``the determination as to scope
of jurisdiction must rest solely with the Commission'' \67\ because
``[t]he SDRs do not have, and are not required to have[,] information
sufficient to determine whether requested swap data is within the
ADR['s] or AFR[']s scope of jurisdiction.'' \68\ The SDR Commenters
contended that, if the Commission wants the SDRs to play a role in
determining whether swap data is subject to the jurisdiction of any
particular ADR or AFR, the Commission would need to ``amend the current
Part 43 and Part 45 fields to provide the SDRs with the basis to make
these determinations.'' \69\ The SDR Commenters added that they
``should not be expected to make interpretations about jurisdictional
questions from ambiguous data points.'' \70\
---------------------------------------------------------------------------
\67\ SDR Letter at 2.
\68\ Id. at 3.
\69\ Id. at 4.
\70\ Id.
---------------------------------------------------------------------------
On this point, the SDR Commenters explained that ``[t]he current
Part 43 and Part 45 data fields do not yield information that would
allow an SDR to identify trades that fall within an ADR['s] or AFR's
jurisdiction definitively.'' \71\ They recommended that ADRs and AFRs
``should be required to provide a[ ] . . . list of Part[ ] 43 and 45
data fields (e.g., legal entity identifiers (``LEIs'') of the reporting
counterparty and non-reporting party[and] the unique product identifier
(``UPI'')) and parameters for such data fields'' \72\ that would
clearly indicate to the SDRs which swaps fall within an ADR's or AFR's
jurisdiction. The SDR Commenters contended that such a list of Part 43
and 45 data fields is necessary because ``no Part 43 or 45 data fields
. . . by themselves identify swaps that fall within an ADR['s] or AFR's
jurisdiction.'' \73\
---------------------------------------------------------------------------
\71\ Id.
\72\ Id.
\73\ Id.
---------------------------------------------------------------------------
The SDR Commenters contended that the benefits of their proposed
approach would include ensuring that SDRs grant access in a consistent
manner and that the security controls established by an SDR according
to Part 43 or 45 parameters would prevent access to swap data outside
the scope of an ADR's or AFR's jurisdiction. The SDR
[[Page 27419]]
Commenters recommended the following changes to the proposed
regulations to effectuate their proposed approach:
Removing proposed Sec. 49.17(d)(4)(iv) completely;
removing the requirement in proposed Sec. 49.17(d)(4)(i)
and (iii) that an SDR determine whether swap data to which an ADR or
AFR seeks access is within the then-current scope of such ADR's or
AFR's jurisdiction;
replacing the ``negative requirement'' not to provide
access unless such a determination has been made with a ``positive
requirement'' to provide access that comports with the jurisdictional
determination made by the Commission, which determination is clearly
spelled out in the confidentiality arrangement;
modifying paragraph Sec. 49.17(d)(4)(iii) to state that
any requested change in an ADR's or AFR's scope of jurisdiction, as
described in the confidentiality arrangement required by proposed Sec.
49.18(a), should be agreed to between the Commission and the ADR or AFR
and the information appended to the confidentiality arrangement should
be amended accordingly and provided to the SDRs for implementation; and
revising the description of Exhibit A in the
confidentiality arrangement to state that the ``description of scope of
jurisdiction'' must include a list of part 43 and part 45 fields and
specific parameters.\74\
---------------------------------------------------------------------------
\74\ Id. at 4 and 5.
---------------------------------------------------------------------------
After considering the SDR Commenters' comments and consulting with
certain ADRs as required by section 712(a)(1) of the Dodd-Frank Act,
the Commission agrees with the SDR Commenters that SDRs should not be
responsible for determining the scope of an ADR's or AFR's
jurisdiction, for the reasons explained by the SDR Commenters and
described in this section. The Commission believes, however, that SDRs
should be responsible for limiting ADRs' and AFRs' access to swap data
to those swap data within ADRs' and AFRs' then-current scopes of
jurisdiction, as described in the appendix to the confidentiality
arrangement required by Sec. 49.18(a). As noted above, SDRs are
obligated by CEA section 21(c)(7) to provide access ``pursuant to
section 8'' of the CEA, which the Commission interprets as requiring a
jurisdictional nexus to the information requested, consistent with CEA
section 8(e).
For the swap data sharing goal of CEA section 21(c)(7) to be
achieved, an ADR's or AFR's description of its scope of jurisdiction
must allow the SDRs to establish objective parameters for determining
whether a particular data request falls within such scope of
jurisdiction, without undue obstacles. The Commission believes that a
system requiring legal analysis by the SDRs (a possible result,
depending on how ADRs and AFRs describe their scopes of jurisdiction)
for each ADR/AFR swap data request is impractical at best and could
lead to very slow data access and disparate results across SDRs.
Consequently, the Commission supports the spirit of the SDR Commenters'
proposal that relevant Part 43/45 data fields could be used to assist
in clarifying an ADR's or AFR's scope of jurisdiction, for purposes of
SDR swap data access.\75\
---------------------------------------------------------------------------
\75\ The SDR Commenters' approach, by permitting automation,
could expedite swap data access. The SDR Commenters' approach could
also eliminate the potential for inconsistent determinations by
different SDRs.
---------------------------------------------------------------------------
The Commission intends to review each ADR's and AFR's description
of its scope of jurisdiction and ensure that such descriptions are
presented in the confidentiality arrangement in a form SDRs can readily
adapt to SDR-developed swap data reports and/or search parameters. The
Commission also interprets CEA section 21(c)(7) as imposing on SDRs the
duty to limit ADRs' and AFRs' access to swap data to those swap data
within ADRs' and AFRs' scope of jurisdiction. The description of an
ADR's or AFR's scope of jurisdiction will be appended to the
confidentiality arrangement that is executed between the ADR or AFR and
the Commission and provided to SDRs. An SDR's duty with respect to this
description of the ADR's or AFR's scope of jurisdiction is to ensure
that the swap data provided to the ADR or AFR is limited to those
records that fall within the description appended to the
confidentiality arrangement. For example, if the description is based
on a list of LEIs representing entities that a particular ADR
regulates, then the SDR's duty would be to provide all swap data
associated with the fields in which those LEIs appear (e.g., the fields
associated with counterparty identifiers), as those fields are set
forth in the description provided by the ADR. As the SDR Commenters
acknowledged in discussions with Commission staff, this would make
fulfilling their obligations under CEA section 21(c)(7) and Sec.
49.17(d)(4), as proposed, straightforward to apply.
The Commission anticipates that, as a practical matter, ADRs and
AFRs generally will describe their then-current scopes of jurisdiction,
as appended to the confidentiality arrangement required by Sec.
49.18(a), in terms of LEIs and possibly also UPIs or other product
identifiers. Although there may be some limitations of using LEIs and
product identifiers (e.g., in limited instances where blank or
incorrect data entries remain in LEI fields, LEIs are masked in a
number of cases to reflect certain other jurisdictions' privacy law
limits on disclosure, and the Commission has yet to designate a UPI and
product classification system), the Commission believes these data
elements represent the most useful method of describing ADRs' and AFRs'
scopes of jurisdiction.\76\
---------------------------------------------------------------------------
\76\ In addition, if the scope of an ADR's or AFR's jurisdiction
supports receiving all swap data with respect to entities over which
an ADR or AFR exercises oversight, the ADR or AFR may not need to
use product identifiers at all--it may be able to use LEIs alone to
describe the scope of its jurisdiction.
---------------------------------------------------------------------------
It also is possible that an ADR or AFR will be able to convey its
scope of jurisdiction without using part 43 or part 45 data fields in a
way that SDRs will be able to easily apply. The SDR Letter itself
acknowledged the possibility that other part 43 or part 45 data fields
may be relevant in describing ADRs' and AFRs' scopes of
jurisdiction.\77\ For example, it is conceivable that an ADR's scope of
jurisdiction may include all swap data maintained at SDRs (though the
Commission does not anticipate that this will be the case with respect
to most ADRs). In such case, it would not be necessary to use part 43,
part 45 or any other swap data fields to delineate the scope of an
ADR's or AFR's jurisdiction. For the foregoing reasons, the Commission
declines to specifically require the use of part 43 or part 45 data
fields to describe an ADR's or AFR's scope of jurisdiction.
---------------------------------------------------------------------------
\77\ For example, the SDR Letter noted that ``an indication of
whether a swap is a mixed swap'' could constitute a part 43 or 45
data field that ``determine[s] . . . which swaps fall within an ADR
or AFR's jurisdiction.'' SDR Letter at 4. Also, in ex parte
communications following the publication of the NPRM, the SDR
Commenters acknowledged that other fields could potentially be
relevant as well.
---------------------------------------------------------------------------
The Commission also declines to act on the SDR Commenters' request
to delete proposed Sec. 49.17(d)(4)(iv), which provides that SDRs need
only make a jurisdictional determination with respect to an ADR's or
AFR's swap data access request once for a recurring request and once
each time the parameters of the access requests change. The SDR
Commenters expressed support in the SDR Letter for that single
determination concept and appear to have requested the deletion of
[[Page 27420]]
proposed Sec. 49.17(d)(4)(iv) because it would impose a jurisdictional
determination requirement on SDRs. As explained above, however, the
requirement for an SDR to ensure that a data access request is within
the then-current scope of an ADR's or AFR's jurisdiction, as described
in an appendix to the confidentiality arrangement required by Sec.
49.18(a), is required by statute and should impose a minimal burden on
SDRs.
For the reasons described below in section II.D.2.c.ii., the
Commission declines to modify proposed Sec. 49.17(d)(4)(iii) to state
that any change in an ADR's or AFR's swap data access based on a change
in its scope of jurisdiction should be agreed to between the Commission
and the ADR or AFR, and the jurisdictional description appended to the
confidentiality arrangement should be amended accordingly and provided
to the SDRs for implementation.
ii. Changes to an ADR's or AFR's Scope of Jurisdiction
The SDR Commenters stated that the Commission should amend Sec.
49.17(d)(4)(iii) to require that the Commission and an ADR or AFR agree
to any change to the SDR swap data that an ADR or AFR may access based
on a change in the ADR's or AFR's scope of jurisdiction, which should
then be reflected in an updated confidentiality arrangement provided to
the SDRs.\78\
---------------------------------------------------------------------------
\78\ See SDR Letter at 4.
---------------------------------------------------------------------------
The Commission believes Sec. 49.17(d)(4)(iii), as proposed,
addresses the SDR Commenters' comment. The first sentence states that
an SDR shall not grant an ADR or AFR access to swap data maintained by
the SDR unless the SDR has determined that the swap data to which the
ADR or AFR seeks access is within the then-current scope of such ADR's
or AFR's jurisdiction, as described and appended to the confidentiality
arrangement required by Sec. 49.18(a). Accordingly, once an SDR
receives that jurisdictional description, it can rely on that
description until it either receives a new jurisdictional description
or is directed by the Commission to suspend, limit, or revoke an ADR's
or AFR's swap data access.
The second sentence of Sec. 49.17(d)(4)(iii), as proposed,
requires that each ADR or AFR that has executed a confidentiality
arrangement with the Commission pursuant to Sec. 49.18(a) and provided
it to one or more SDRs shall notify the Commission and each such SDR of
any change to such ADR's or AFR's scope of jurisdiction, as described
in such confidentiality arrangement. This puts the burden on each ADR
and AFR to inform the Commission, and each SDR from which an ADR and
AFR receives swap data, of changes to such ADR's or AFR's
jurisdiction.\79\ The Commission would review any such changes, which
the Commission expects will be in the form of an updated jurisdictional
description and, unless the Commission found an error or other issue in
the updated jurisdictional description, expects to advise the relevant
ADR or AFR that it could provide the relevant SDRs the updated scope of
jurisdiction description.
---------------------------------------------------------------------------
\79\ The Commission expects each ADR and AFR to also notify (in
writing) the Commission and each SDR from which the ADR or AFR
receives swap data of proposed changes to the ADR's or AFR's
jurisdiction. With such advance notice, the Commission would seek to
consider the implications, if any, of such changes, if finalized as
proposed, for the scope of SDR swap data to which the ADR or AFR
could have access. With suitable advance notice from the ADR or AFR,
the SDRs could implement such changes contemporaneously with the
time an ADR's or AFR's scope of jurisdiction changes.
---------------------------------------------------------------------------
If the ADR's or AFR's scope of jurisdiction were to become more
narrow, the Commission could use its authority pursuant to the third
sentence of proposed Sec. 49.17(d)(4)(iii) to direct the relevant SDRs
to suspend, limit, or revoke access to swap data maintained by such SDR
based on any such change to such ADR's or AFR's scope of jurisdiction,
in which case such SDR shall so suspend, limit, or revoke such access.
If the ADR's or AFR's scope of jurisdiction were to expand, as a
practical matter, the ADR or AFR could not obtain swap data relevant to
such expanded jurisdiction until the SDRs could update the parameters
of their means of providing access accordingly, which the Commission
would expect them to do no later than the earlier of (1) the earliest
date such SDR, exercising commercially reasonable efforts in light of
its obligations under the CEA and the Commission's regulations, is able
to update the parameters of swap data access to match the ADR's or
AFR's new scope of jurisdiction and (2) 180 days after the SDR receives
those new parameters.
iii. Written Notices
The SDR Commenters contended that ``[p]roposed Sec.
49.17(d)(4)(iii) should specify that any request by the Commission to
the SDR to suspend, limit, or revoke access to swap data should be
provided in writing.'' \80\ The Commission agrees that such an
important action should be provided in writing to avoid
misunderstandings and to provide a record on which SDRs can rely.
Accordingly, Sec. 49.17(d)(4)(iii), as adopted, provides that an SDR
is required to suspend, limit, or revoke an ADR's or AFR's access to
the swap data maintained by such SDR only if the Commission
communicates such instruction to the SDR in writing.
---------------------------------------------------------------------------
\80\ SDR Letter at 7.
---------------------------------------------------------------------------
d. Sec. 49.17(d)(4)(iv)
The Commission proposed in Sec. 49.17(d)(4)(iv) that an SDR need
not make the scope of jurisdiction determination required pursuant to
proposed Sec. 49.17(d)(4)(iii) more than once with respect to a
recurring swap data request but that, if such request changed, the SDR
would have to make a new determination pursuant to Sec.
49.17(d)(4)(iii). The SDR Commenters requested that the Commission
remove proposed Sec. 49.17(d)(4)(iv), but the Commission understands
this request to have been rooted in the SDR Commenters' concern that
SDRs are not well suited to make a jurisdictional determination with
respect to an ADR's or AFR's request for swap data, as discussed above
in section II.D.4.c.i. For the reasons discussed therein, the
Commission considers those concerns otherwise addressed and is adopting
Sec. 49.17(d)(4)(iv) as proposed.\81\
---------------------------------------------------------------------------
\81\ As discussed above, the Commission is not mandating that
SDRs perform an analysis of an ADR's or AFR's scope of jurisdiction.
Instead, the Commission is obligating SDRs to apply the scope of
jurisdiction as defined in the confidentiality arrangement required
by Sec. 49.18(a).
---------------------------------------------------------------------------
E. New Sec. 49.17(i): Delegation of Authority
In the interest of expedience and efficiency in determining
appropriateness of access by ADRs and AFRs, the Commission proposed (1)
to delegate all functions reserved to the Commission in Sec. 49.17 to
the Director of the Division of Market Oversight (``DMO'') and to such
members of the Commission's staff acting under his or her direction as
he or she may designate from time to time and (2) that the DMO Director
could submit any such delegated matter to the Commission for its
consideration and that nothing prevents the Commission from exercising
the delegated authority. The Commission received no comments in
response to proposed Sec. 49.17(i) and is adopting it as proposed.
F. CEA Section 21(d) Confidentiality Agreements: Amendments to Sec.
49.18
CEA section 21(d), as amended by the FAST Act, requires that, prior
to providing swap data to a 21(c)(7) entity, an SDR shall receive a
written agreement from each entity stating that the entity shall abide
by the
[[Page 27421]]
confidentiality requirements described in CEA section 8 relating to the
information on swap transactions that is provided.\82\ As originally
adopted, the part 49 rules required that such confidentiality
agreements be executed between the SDR and the 21(c)(7) entity.\83\ The
Commission proposed in the NPRM to modify its part 49 rules to add a
new Sec. 49.18(a) requiring that a confidentiality arrangement be
executed by and between the ADR or AFR and the Commission.\84\ Once the
ADR or AFR and the Commission have executed a confidentiality
arrangement, the ADR or AFR may present the executed document to any
SDR from which it requests access to swap data in satisfaction of CEA
section 21(d).
---------------------------------------------------------------------------
\82\ See CEA section 21(d). 7 U.S.C. 24a(d), as amended by the
FAST Act.
\83\ See Sec. Sec. 49.17(d)(6) and 49.18(b), as in effect prior
to this adopting release.
\84\ The Commission notes that the SEC has implemented a similar
approach with respect to the execution of the required agreement.
See Access to Data Obtained by Security-Based Swap Data
Repositories, 81 FR 60585 at 60591 and 60608 (Sept. 2, 2016) (SEC
rule 13n-4(b)(10), 17 CFR 240.13n-4(b)(10), and associated preamble
text) (``SEC Indemnification Rule'').
---------------------------------------------------------------------------
Based on its experience with SDRs and swap data access since the
adoption of part 49 in 2011, and on further consideration of the
relationship between CEA sections 21 and 8, the Commission believed
this change was consistent with the statutory framework established by
Congress in CEA sections 21(d) and 21(c)(7) and more directly conforms
to the confidentiality mandate of CEA section 8. The Commission stated
its belief that this change would promote regulatory efficiency and
reduce costs to SDRs, ADRs and AFRs while ensuring the confidentiality
of SDR swap data.
To further promote regulatory efficiency, the Commission proposed a
Confidentiality Arrangement Form for use by ADRs and AFRs. The
Commission expects its use by ADRs and AFRs to significantly reduce the
need for these entities to negotiate separate, SDR-specific
confidentiality arrangements with the Commission. The Confidentiality
Arrangement Form also will benefit the Commission by allowing it to use
a single form of confidentiality arrangement rather than a different
version for each ADR and AFR. This Confidentiality Arrangement Form
also will eliminate the costs and potential inefficiencies for the SDRs
that are inherent in requiring each SDR to negotiate confidentiality
arrangements with a potentially large number of ADRs and AFRs.
Similarly, the Confidentiality Arrangement Form will also eliminate
costs and inefficiencies for ADRs and AFRs that would be incurred if
each ADR and AFR has to negotiate and execute a unique confidentiality
arrangement with each SDR. Finally, the Commission believes that
widespread use of the Confidentiality Arrangement Form will facilitate
timely access to SDR swap data by ADRs and AFRs by reducing or
eliminating instances in which the Commission and its staff need to
devote time and resources to developing and reviewing individualized
confidentiality arrangements.
1. Current Rule
The Commission adopted Sec. 49.18 to implement CEA sections
21(d)(1) and (2) as originally enacted. Accordingly, the current rule
obligates SDRs to execute a ``Confidentiality and Indemnification
Agreement'' before providing SDR swap data to an ADR or AFR. In the
FAST Act, Congress repealed the indemnification requirement in CEA
section 21(d)(2), and the Commission proposed in the NPRM certain
conforming amendments to Sec. 49.18 to remove references to
indemnification.
Separately, the Commission proposed in the NPRM to amend Sec.
49.18 to modify the substantive requirements of the confidentiality
arrangement and the parties to the confidentiality arrangement, to
establish conditions for restricting or revoking access to SDR swap
data, and to clarify the confidentiality obligations of ADRs and AFRs
with regulatory responsibility over an SDR.
2. Proposed Amendments to Sec. 49.18(a): Confidentiality Arrangement
Required Prior to Disclosure of Swap Data
The Commission proposed to remove existing Sec. 49.18(a) \85\ and
add a new Sec. 49.18(a) requiring that an SDR, before providing access
to swap data maintained by the SDR to an ADR or AFR, receive a
confidentiality arrangement executed by the Commission and the ADR or
AFR that, at a minimum, contains all elements described in Sec.
49.18(b), as amended.
---------------------------------------------------------------------------
\85\ Existing Sec. 49.18(a) describes the purpose of Sec.
49.18.
---------------------------------------------------------------------------
3. Proposed Amendments to Sec. 49.18(b): Required Elements of the
Confidentiality Arrangement
The Commission proposed to amend Sec. 49.18(b) \86\ to include a
requirement that the confidentiality arrangement required pursuant to
Sec. 49.18(a) shall, at a minimum, include all elements included in
the Confidentiality Arrangement Form. As proposed, paragraph 5 of the
Confidentiality Arrangement Form required an ADR or AFR to undertake
that it will be acting within the scope of its jurisdiction each time
it requests swap data from an SDR, and to promptly notify the
Commission and each relevant SDR if the scope of the ADR's or AFR's
jurisdiction changes. As proposed, paragraph 5 of the Confidentiality
Arrangement Form also required ADRs and AFRs to employ procedures to
maintain the confidentiality of swap data received from an SDR and any
information and analyses derived therefrom (the swap data and such
information are referred to collectively in the Confidentiality
Arrangement Form as the ``Confidential Information'').
---------------------------------------------------------------------------
\86\ Existing Sec. 49.18(b) requires an SDR to receive a
confidentiality agreement from a 21(c)(7) entity before granting the
21(c)(7) entity access to swap data maintained by the SDR. As
discussed above, the Commission proposes to address in Sec.
49.18(a), as adopted herein, the confidentiality agreement condition
to swap data access.
---------------------------------------------------------------------------
As proposed, paragraph 6 of the Confidentiality Arrangement Form
required ADR and AFR signatories to employ the following safeguards to
maintain the confidentiality of the Confidential Information:
To the maximum extent practicable, maintain Confidential
Information received from SDRs separately from other data and
information; \87\
---------------------------------------------------------------------------
\87\ Without limitation, ADRs and AFRs seeking useful guidance
for Confidential Information segregation can look to the data
segregation standards contained in the National Institute of
Standards and Technology (``NIST'') Special Publication 800-53,
Revision 4, Security and Privacy Controls for Federal Information
Systems and Organizations (April 2013) (``NIST Document''),
available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf. The NIST Document also references
international security standards in Appendix H (International
Information Security Standards). See also the Federal Information
Security Management Act of 2002, as amended (``FISMA''), 44 U.S.C.
3541. As the Commission has previously noted in a different context,
FISMA ``is a source of cybersecurity best practices and also
establishes legal requirements for federal government agencies . . .
.'' System Safeguards Testing Requirements, 80 FR 80139, 80142 Dec.
23, 2015) (``Registered Entity Cyber NPRM''). The Commission adopted
final rules based on the Registered Entity Cyber NPRM. See System
Safeguards Testing Requirements, 81 FR 64271 (Sept. 19, 2016)
(``Final Registered Entity Cyber Rules'').
---------------------------------------------------------------------------
protect such Confidential Information from
misappropriation and misuse; \88\
---------------------------------------------------------------------------
\88\ This should include cybersecurity measures. As the
Commission detailed in a different context in the Final Registered
Entity Cyber Rules, ``cyber threats to the financial sector continue
to expand.'' See id. at 64272. See also System Safeguards Testing
Requirements for Derivatives Clearing Organizations, 80 FR 80113,
80114-80115 (Dec. 23, 2015) (describing escalating and evolving
cybersecurity threats); Registered Entity Cyber NPRM at 80140-80141
(describing, inter alia, the then-current cybersecurity threat
environment).
---------------------------------------------------------------------------
[[Page 27422]]
ensure that only ADR or AFR personnel with a need to
access particular Confidential Information to perform their job
functions related to such Confidential Information have access thereto
and that such access is permitted only to the extent necessary to
perform such job functions; \89\
---------------------------------------------------------------------------
\89\ One basic principle of data security is that only those
with a need to access data to perform their work should be granted
access to such data. See, e.g., Framework for Improving Critical
Infrastructure Cybersecurity at 23 (Feb. 12, 2014), available at
https://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf (characterizing the ``Protect'' element of a core
cybersecurity framework as one where ``[a]ccess to assets and
associated facilities is limited to authorized users, processes, or
devices, and to authorized activities and transactions.'').
---------------------------------------------------------------------------
prevent the disclosure of aggregated Confidential
Information, unless sufficiently aggregated and anonymized to prevent
identification, through disaggregation or otherwise, of a market
participant's business transactions, trade data, market positions,
customers or counterparties; \90\
---------------------------------------------------------------------------
\90\ The Commission understands that ADRs and AFRs may want to
use aggregated and anonymized information derived from SDR swap data
in analyses that may be made public. Cf. U.S. GOV'T ACCOUNTABILITY
OFFICE, GAO-16-175, FINANCIAL REGULATION: COMPLEX AND FRAGMENTED
STRUCTURE COULD BE STREAMLINED TO IMPROVE EFFECTIVENESS 71-75 (2016)
(``GAO Report''), available at https://www.gao.gov/assets/680/675400.pdf (discussing the OFR's Financial Stability Monitor and
related confidentiality issues and protections surrounding sharing
aggregated and disaggregated information provided by other
agencies). The Commission believes that, when properly aggregated
and anonymized, information derived from SDR swap data generally can
be disclosed without violating the requirement in CEA section 21(d)
that a recipient of swap data agree, with respect to the information
on swap transactions that is provided by an SDR, to abide by the
confidentiality requirements described in CEA section 8. Cf. Sec.
49.16(c) (providing that subject to Section 8 of the Act, SDRs may
disclose aggregated swap data on a voluntary basis or as requested
in the form and manner prescribed by the Commission); SDR Final
Rules at 54551 (providing that the Commission believes that it is
permissible under the Dodd-Frank Act and part 49 of the Commission's
regulations for an SDR to disclose, for non-commercial purposes,
data on an aggregated basis such that the disclosed data reasonably
cannot be attributed to individual transactions or market
participants.). In certain cases, however, even aggregated
information may enable a reader to determine a market participant's
business transactions, trade secrets (e.g., algorithms) or
positions. Thus, the Confidentiality Arrangement Form requires ADRs
and AFRs to implement safeguards designed to appropriately limit the
use of information that has been aggregated from SDR swap data and
to disclose aggregated information only if it is sufficiently
anonymized to prevent the identification, through disaggregation or
otherwise, of a market participant's business transactions, trade
data, market positions, customers or counterparties. ADRs and AFRs
can look to Sec. 43.4(d)(1) and (4) and (g) for guidance on
anonymization principles.
---------------------------------------------------------------------------
prohibit the use of Confidential Information by ADR or AFR
personnel for any improper purpose; and
include a process for monitoring compliance with the
confidentiality safeguards described in the Confidentiality Arrangement
Form and for promptly notifying the CFTC and each relevant SDR of any
violation of the safeguards or failure to fulfill the terms of the
confidentiality arrangement.
As proposed, paragraph 7 of the Confidentiality Arrangement Form
also precluded, with limited exceptions, ADRs and AFRs from disclosing
any Confidential Information, via onward sharing \91\ or otherwise. One
exception was for aggregated Confidential Information that is
anonymized to prevent identification (through disaggregation or
otherwise) of a market participant's business transactions, trade data,
market positions, customers or counterparties. The other exception was
described in proposed paragraphs 8.a through 8.c., as described below.
---------------------------------------------------------------------------
\91\ The Commission interprets the restrictions on disclosure
contained in CEA section 8 that are incorporated in CEA sections
21(c)(7) and 21(d) as prohibiting an ADR or AFR from onward sharing
swap data it obtains from an SDR.
---------------------------------------------------------------------------
As proposed, paragraphs 8.a through 8.c. of the Confidentiality
Arrangement Form required specified federal, state or local U.S. ADRs
and specified foreign AFRs to undertake that they will not disclose
Confidential Information except in specified actions, adjudicatory
actions or proceedings under relevant law.
As proposed, paragraph 9 of the Confidentiality Arrangement Form
contained certain provisions requiring ADRs and AFRs to notify the
Commission, and take certain protective actions, prior to disclosing
Confidential Information in circumstances where an ADR or AFR receives
a legally enforceable demand to disclose Confidential Information.
As proposed, paragraph 11 of the Confidentiality Arrangement Form
required ADRs and AFRs accessing swap data from SDRs to comply with all
applicable security-related requirements imposed by an SDR in
connection with access to such swap data, as such requirements may be
revised from time to time. Because, subject to specified conditions,
CEA sections 21(c)(7) and 21(d) require SDRs to provide ADRs and AFRs
access to swap data, the Commission expects that SDRs will not impose
security-related access requirements beyond those that are necessary to
ensure the privacy and confidentiality of SDR swap data. The Commission
further expects that SDRs' security-related access requirements for
ADRs and AFRs would be akin, if not identical, to the requirements SDRs
impose on others (e.g., the Commission, reporting counterparties) to
whom SDRs provide swap data access.
To further protect the confidentiality of SDR swap data, paragraph
12 of the Confidentiality Arrangement Form, as proposed, required ADR
and AFR signatories to promptly destroy all Confidential Information
for which they no longer have a need or which no longer falls within
their scope of jurisdiction.\92\ The Commission stated in the proposal
that, although it may be the case that ADRs or AFRs will use some or
all Confidential Information in perpetuity, if they no longer have a
need for Confidential Information, they should destroy such
Confidential Information to prevent its misuse. Similarly, the
Commission stated in the proposal that if an SDR inadvertently provides
to an ADR or AFR swap data outside the scope of the ADR's or AFR's
jurisdiction, such swap data also should be destroyed immediately after
the ADR or AFR discovers that such swap data is outside the scope of
its jurisdiction. The Commission clarifies here that, although it is
adopting paragraph 12 of the Confidentiality Arrangement Form as
proposed, if a recordkeeping obligation that is legally binding on an
ADR or AFR would prohibit destroying swap data, the ADR or AFR would
not need to destroy swap data in contravention of such prohibition.
---------------------------------------------------------------------------
\92\ Paragraph 12 of the Confidentiality Arrangement Form, as
proposed, also required ADR and AFR signatories to certify to the
CFTC, upon request, that they have destroyed such swap data.
---------------------------------------------------------------------------
The proposed rule required that a confidentiality arrangement
include an exhibit (Exhibit A) describing the scope of jurisdiction of
the ADR or AFR signatory. If such signatory is not an Enumerated ADR,
the ADR or AFR would attach the Commission Determination Order
described in Sec. 49.17(h) as Exhibit A to the confidentiality
arrangement.\93\ If such signatory is an Enumerated ADR, it would
attach, as Exhibit A to the confidentiality arrangement, a detailed
description of its scope of jurisdiction as it relates to the swap data
maintained by SDRs that the Enumerated ADR would seek to access. The
description appended as Exhibit A to the confidentiality arrangement
would be used by SDRs to verify that each particular swap data request
is within the scope of the requesting entity's jurisdiction.
---------------------------------------------------------------------------
\93\ As noted above, the Commission expects that the applicant
would provide a description of its scope of jurisdiction as part of
the Determination Order process.
---------------------------------------------------------------------------
While the Confidentiality Arrangement Form, as proposed, would
[[Page 27423]]
require ADRs and AFRs to make certain undertakings before being granted
access to SDR swap data, it afforded ADRs and AFRs the discretion to
determine how to comply with those obligations with respect to swap
data received from an SDR. Additionally, the Commission stated that to
the extent the proposed rule did not address a relevant confidentiality
issue that arose after an ADR or AFR commenced accessing swap data, the
Commission expected affected ADRs and AFRs to take appropriate measures
to safeguard affected swap data and advise the Commission of such issue
promptly so that the Commission may consider appropriate action.
4. Proposed Removal of Sec. 49.18(c): ADRs and AFRs With Regulatory
Responsibility Over an SDR
The Commission proposed removing current Sec. 49.18(c), which
provides that the indemnification and confidentiality requirements
established in Sec. 49.18(b) do not apply to certain ADRs and AFRs
with regulatory responsibility over an SDR, but requires such
regulators to comply with CEA section 8 and any other relevant
statutory confidentiality authorities. As noted above in section II.B.
relating to Sec. 49.17(d)(2) and (3), the Commission believed that
those domestic regulators and Foreign Regulators that have regulatory
responsibility over an SDR should be able to access swap data reported
to such SDR pursuant to such other regulator's regulatory regime,
without the limitations set out in current Sec. 49.18(c). Therefore,
the Commission submitted in the NPRM that Sec. 49.18(c) is not
appropriate. In addition, the Commission noted that Sec. 49.17(d)(2)
and (3) already provided that the confidentiality and indemnification
requirements of Sec. 49.18(b) do not apply to these domestic
regulators and Foreign Regulators with regulatory responsibility over
SDRs. However, the Commission stated that insofar as such a regulator
sought swap data that was not reported to the SDR pursuant to that
regulator's regulatory regime, the exclusions set forth within
Sec. Sec. 49.17(d)(2) and (3) would not apply. The Commission
accordingly proposed to eliminate Sec. 49.18(c).
5. Proposed New Sec. 49.18(c) and (d): Failure to Fulfill the Terms of
a Confidentiality Arrangement
The Commission proposed new Sec. 49.18(c) to require SDRs to
immediately report to the Commission any known failure to fulfill the
terms of a confidentiality arrangement that they receive pursuant to
Sec. 49.18(a). The Commission also proposed new Sec. 49.18(d), which
authorizes the Commission to direct an SDR to limit, suspend or revoke
an ADR's or AFR's access to swap data, if the Commission determines
that the ADR or AFR has failed to fulfill the terms of its
confidentiality arrangement with the Commission.\94\
---------------------------------------------------------------------------
\94\ Proposed Sec. 49.18(d) provided that the Commission may,
if an ADR or AFR fails to fulfill the terms of a confidentiality
arrangement described in Sec. 49.18(a), direct each registered SDR
to limit, suspend or revoke such ADR's or AFR's access to swap data
held by such SDR. Similarly, proposed Sec. 49.17(d)(5) required an
SDR, as directed by the Commission, to limit, suspend or revoke an
ADR's or AFR's swap data access should the Commission limit, suspend
or revoke the appropriateness determination for such ADR or AFR or
otherwise direct the SDR to limit, suspend or revoke such access.
---------------------------------------------------------------------------
6. Proposed New Sec. 49.18(e): Delegation of Authority
The Commission proposed to add new Sec. 49.18(e)(1) to delegate to
the DMO Director, and to such Commission staff acting under his or her
direction as he or she may designate from time to time, all functions
reserved to the Commission in Sec. 49.18. Proposed 49.18(e)(2)
reserved to the DMO Director the authority to submit to the Commission
for its consideration any matter that has been delegated under Sec.
49.18(e)(1). Proposed Sec. 49.18(e)(3) expressly permitted the
Commission, at its election, to exercise the authority delegated under
Sec. 49.18(e)(1).
This delegation is intended to conserve Commission resources and
increase the effectiveness and efficiency of the Commission's oversight
and supervision of SDR swap data access. The Commission anticipates
that the delegation of authority will help facilitate timely access to
SDR swap data by ADRs and AFRs consistent with the requirements set
forth in part 49 of the Commission's regulations. However, the DMO
Director may submit matters to the Commission for its consideration, as
he or she deems appropriate.
7. Conforming Changes
As a result of the FAST Act Amendments, the Commission proposed
conforming changes to Sec. 49.17(d)(6) to delete references to an
Indemnification Agreement. As a result of the amendments to Sec.
49.18, and in particular, Sec. 49.18(a), the Commission proposed
conforming changes to Sec. 49.22(d)(4) relating to chief compliance
officer compliance responsibilities and duties so that the appropriate
rule provision reflecting the confidentiality arrangement is
referenced.
8. Comments Received
The Commission received comments related to proposed Sec. 49.18
from the SDR Commenters. The SDR Commenters supported the Commission's
proposed transfer of responsibility for the execution of the
confidentiality arrangement with the ADRs and AFRs from the SDRs to the
Commission. The SDR Commenters advised that such transfer will
significantly reduce regulatory costs and inefficiencies for the
SDRs.\95\ The SDR Commenters also supported the use of a
confidentiality arrangement form. The SDR Commenters stated that use of
such a form would promote consistency and further reduce regulatory
burdens.\96\
---------------------------------------------------------------------------
\95\ See SDR Letter at 3.
\96\ See id.
---------------------------------------------------------------------------
In response to the Commission's proposal to remove previously
adopted Sec. 49.18(c), which, in part, applied the conditions of CEA
section 8 to those ADRs and AFRs with regulatory responsibility over an
SDR, the SDR Commenters agreed with the Commission that it is not
appropriate to require a domestic regulator or Foreign Regulator to
comply with CEA section 8 where such domestic regulator or Foreign
Regulator has regulatory responsibility over an SDR and seeks access to
SDR data that was reported pursuant to the regulator's supervisory
authority.\97\ Accordingly, the SDR Commenters supported the
Commission's proposal to remove Sec. 49.18(c) as previously adopted.
---------------------------------------------------------------------------
\97\ See SDR Letter at 2-3.
---------------------------------------------------------------------------
Proposed Sec. 49.18(a) and (d) both contemplated notifications
being sent to the SDRs. Proposed Sec. 49.18(a) required an SDR that
received a notice that an ADR's or AFR's confidentiality arrangement
was no longer in effect to no longer provide swap data access to such
ADR or AFR. Proposed Sec. 49.18(d) stated that the Commission may, if
an ADR or AFR fails to fulfill the terms of a confidentiality
arrangement described in Sec. 49.18(a), direct each registered SDR to
limit, suspend or revoke such ADR's or AFR's access to swap data held
by such SDR. The SDR Commenters recommended that the Commission modify
proposed Sec. 49.18(a) and (d) to specify that the notifications
contemplated in these provisions be in writing.
9. Final Rule
After consideration of the comments that it received, and for the
reasons set forth in sections II.F.1. through II.F.8. above and in this
section the Commission is adopting Sec. 49.18 with modifications.
First, as discussed above,
[[Page 27424]]
the Commission is accepting the SDR Commenters' comments that the
notifications contemplated in proposed Sec. 49.18(a) and (d) should be
provided in writing and is adopting revised Sec. 49.18(a) and (d) to
reflect that change.
The Commission is also modifying proposed Sec. 49.18(a) to promote
the use of the Confidentiality Arrangement Form set forth in Appendix
B. Specifically, as adopted, Sec. 49.18(a) provides that, prior to
providing an ADR or AFR access to any requested swap data, an SDR shall
receive therefrom an executed confidentiality arrangement, between the
Commission and the ADR or AFR, in the form set out in Appendix B to
this part 49. The Commission may, in its discretion, however, agree to
execute an alternate confidentiality arrangement with an ADR or AFR if
the confidentiality arrangement is consistent with the requirements set
forth in Sec. 49.18(a).\98\ The Commission believes that widespread
use of the Confidentiality Arrangement Form will facilitate timely
access to SDR swap data by ADRs and AFRs by reducing or eliminating
instances in which the Commission and its staff need to devote time and
resources to developing and reviewing individualized confidentiality
arrangements. The Commission therefore believes that this modification
will increase the potential benefits and cost savings associated with
use of the Confidentiality Arrangement Form while still providing ADRs
and AFRs the flexibility to use an alternate arrangement if necessary,
in consultation with the Commission.
---------------------------------------------------------------------------
\98\ The Commission is also making similar clarifying
modifications to proposed Sec. Sec. 49.17(d)(6) and 49.17(h)(3).
---------------------------------------------------------------------------
The Commission is adopting all other modifications to Sec. 49.18
as proposed in the NPRM.
G. Other Changes
1. Proposed Rule Changes
In addition to those changes discussed throughout this release, the
Commission proposed other changes to part 49, including a number of
ministerial changes. The Commission proposed to amend Sec. 49.9(a)(9)
to change the reference therein from ``certain appropriate domestic
regulators and foreign regulators'' to ``Appropriate Domestic
Regulators and Appropriate Foreign Regulators'' to make clear that an
SDR is required to provide access to swap data, pursuant to Sec.
49.17, only to ADRs and AFRs. The Commission proposed to make a number
of other changes to part 49 to more consistently refer to the defined
term ``swap data.'' The Commission proposed to modify: The references
in existing Sec. Sec. 49.9(a)(9) and 49.17(b)(2)(i) to ``swap data or
information''; the reference in existing Sec. 49.17(d)(4)(i) to
``swaps transaction data''; and the reference in existing Sec.
49.17(d)(6) to ``requested data,'' to be, in each case, references to
``swap data,'' as that term is defined in Sec. 49.2(a)(15). The
Commission proposed these changes to eliminate confusion and to conform
part 49 to the FAST Act's amendment of CEA section 21(c)(7) to refer to
``swap data.''
The Commission also proposed to replace the reference in Sec.
49.17(a) to ``swaps data'' with a reference to ``swap data'' and to
replace the reference in Sec. 49.17(a) to ``Regulation'' with a
reference to ``Sec. 49.17'' to match the format of the reference in
Sec. 49.17(b). The Commission did not intend to effect any substantive
changes with these proposed amendments.
The Commission proposed to change the references to ``swap
transaction data'' in Sec. Sec. 49.17(c)(2) and 49.17(c)(3) to ``swap
data'' as defined in Sec. 49.2(a)(15). The Commission also proposed to
change the references to ``data'' in Sec. 49.17(d)(5) and (6), (e)
introductory text, and (e)(1) to ``swap data'' in order to clarify the
Commission's intent to refer to ``swap data'' within the meaning of
Sec. 49.2(a)(15). For the same reason, the Commission also proposed to
add ``swap data and'' before ``information'' in Sec. 49.17(e)(2) to
conform it to Sec. 49.17(e)(1), as proposed to be amended.\99\ The
Commission also proposed to add the term ``and information'' after the
term ``swap data'' in the second sentence of Sec. 49.17(e) so that
such sentence is consistent with the first sentence of Sec. 49.17(e),
which permits access by third party service providers to both swap data
and information maintained by a registered SDR, subject to certain
conditions.
---------------------------------------------------------------------------
\99\ Although Sec. 49.17(e) uses the terms ``data'' and ``swap
data'' interchangeably, the Commission intended those paragraphs to
reference the definition of ``swap data'' and, consequently,
believes that these amendments do not represent a change to the
Commission's original intent in promulgating Sec. 49.17(e).
However, the term ``swap data'' is narrower than the term ``data''.
Consequently, changing ``data'' to ``swap data'' arguably would
narrow the scope of the confidentiality procedures and
``Confidentiality Agreement'' required, respectively, by Sec.
49.17(e)(1) and (2).
---------------------------------------------------------------------------
In Sec. 49.17(f)(2), the Commission proposed to change both
references to ``data and information'' to ``swap data and information''
in order to clarify, in each case, that the intended reference is to
``swap data'' as defined in Sec. 49.2(a)(15).
In addition to those changes related to references to ``swap
data,'' the Commission also proposed to amend Sec. 49.17(b)(1)(vii) to
change the references to any other person the Commission deems
appropriate to any other person the Commission determines to be
appropriate pursuant to the process set forth in Sec. 49.17(h) to
match the language in CEA section 21(c)(7).
Commission regulation 49.17(f)(1) currently states that access of
swap data maintained by the registered swap data repository to market
participants is generally prohibited. The Commission proposed to amend
Sec. 49.17(f)(1) to state that access by market participants to swap
data maintained by the registered swap data repository is prohibited
other than as set forth in Sec. 49.17(f)(2) in order to clarify its
meaning. The Commission did not intend this to be a substantive change
to Sec. 49.17(f)(1).
Finally, the Commission proposed several minor clarifying changes
to Sec. 49.18(b).\100\ These changes include: Replacing ``the swap
data'' with ``swap data''; replacing the ``with any Appropriate
Domestic Regulator or Appropriate Foreign Regulator'' reference with
``to any Appropriate Domestic Regulator or Appropriate Foreign
Regulator''; and adding ``each'' before ``as defined in Sec.
49.17(b)'' to reflect that both ``Appropriate Domestic Regulator'' and
``Appropriate Foreign Regulator'' are defined terms in Sec. 49.17(b).
---------------------------------------------------------------------------
\100\ These proposed changes appear in proposed Sec. 49.18(b).
---------------------------------------------------------------------------
2. Final Rule Changes
The Commission received comment on only two of the proposed changes
described in this section II.G. For the reasons set forth above in
section II.G.1. and in this section, with one exception (i.e., Sec.
49.17(e)), the Commission is adopting the changes described in this
section II.G. as proposed. The comments and the Commission's responses
are described below.
The SDR Commenters generally supported the proposed changes to part
49 to more consistently refer to the defined term ``swap data,''
stating their belief that the consistency ``will promote clarity as to
the data to which ADRs and AFRs may be granted access[.]'' \101\
However, the SDR Commenters also noted that the term ``swap data'' is
defined under Sec. 49.2(a)(15) as ``specific data elements and
information set forth in part 45 of this chapter that is required to be
reported by a reporting entity to a registered swap data repository.''
\102\ The
[[Page 27425]]
SDR Commenters asked the Commission to confirm that SDRs may provide
ADRs and AFRs with Part 43 data in addition to Part 45 data and
characterized this clarification as important because ``the SDRs use a
combined message for Parts 43 and 45 reporting, making separation of
Part 43 data from Part 45 data exceedingly difficult.'' \103\
---------------------------------------------------------------------------
\101\ SDR Letter at 8.
\102\ Id.
\103\ Id.
---------------------------------------------------------------------------
In response to this comment, the Commission confirms that SDRs may
provide ADRs and AFRs with Part 43 data in addition to Part 45 data.
The Commission observes that most data reported pursuant to Part 43 is
publicly disseminated and that, to the extent certain data is not
publicly disseminated, such data is reported in equal or greater detail
pursuant to part 45.
The SDR Commenters also noted that, ``[u]nder Sec. 49.17(e), the
Commission proposes to amend `data and information' to `swap data and
information[ ]'' and commented that, in their view, the more
appropriate term ``to ensure a third-party Service Provider may have
access to all necessary data and information'' is ``swap data and SDR
Information'' (as SDR Information is defined in Sec. 49.2).\104\ In
response to this comment, the Commission is adopting Sec. 49.17(e) as
the SDR Commenters recommended amending it, in part because this change
does not change the intent or scope of what is required or what was
proposed in the NPRM.
---------------------------------------------------------------------------
\104\ Id.
---------------------------------------------------------------------------
In addition to these final rule changes, the Commission is adopting
three ministerial changes to the proposed rule text, each for greater
clarity, and one ministerial change to the existing rule text, also for
greater clarity. First, the Commission is changing the phrase ``as
directed by the Commission'' in proposed Sec. 49.17(d)(5) to ``if
directed by the Commission''. Second, the Commission is changing the
phrase ``as described and appended to the confidentiality arrangement
required by Sec. 49.18(a)'' to ``as described in the appendix to the
confidentiality arrangement required by Sec. 49.18(a)'' in both
proposed Sec. 49.17(d)(4)(i) and (iii).\105\
---------------------------------------------------------------------------
\105\ These changes are to clarify that the scope of an ADR's or
AFR's jurisdiction, which is the subject of the quoted text, is to
be described in the appendix to the confidentiality arrangement
required by Sec. 49.18(a) rather than in the confidentiality
arrangement itself. The language as proposed was somewhat unclear in
that regard.
---------------------------------------------------------------------------
Third, the Commission is adding bracketed text at the end of
Appendix B to part 49 (describing Exhibit A to the Confidentiality
Arrangement Form) in response to the SDR Commenters comment discussed
in section II.D.2.c.i. This additional bracketed text provides that in
both cases, the description of the scope of jurisdiction must include
elements allowing SDRs to establish, without undue obstacles, objective
parameters for determining whether a particular Swap Data request falls
within such scope of jurisdiction. Such elements could include LEIs of
all jurisdictional entities and could also include UPIs of all
jurisdictional products or, if no CFTC-approved UPI and product
classification system is yet available, the internal product identifier
or product description used by an SDR from which Swap Data is to be
sought.
Fourth, the Commission is amending existing Sec. 49.17(d)(1),
which the Commission had not proposed to amend to provide a brief
overview in one paragraph to those persons seeking to obtain swap data
access from SDRs, both ADRs and AFRs and those seeking to become ADRs
or AFRs, of the requirements to obtain such access and to alert such
persons to exceptions to the otherwise applicable requirements. The
Commission is also adopting these changes to Sec. 49.17(d)(1) to
provide the aforementioned persons citations to the regulations
relevant to obtaining SDR swap data access and to relevant exceptions
to those regulations. These changes provide that except as set forth in
Sec. 49.17(d)(2) or (3), a person who is not an Appropriate Domestic
Regulator or an Appropriate Foreign Regulator and who seeks to gain
access to the swap data maintained by a swap data repository is
required to first become an Appropriate Domestic Regulator or
Appropriate Foreign Regulator through the process set forth in Sec.
49.17. Additionally, these changes provide that Appropriate Domestic
Regulators and Appropriate Foreign Regulators seeking to gain access to
the swap data maintained by a swap data repository are required to
comply with Sec. 49.17(d)(6) prior to receiving such access and, if
applicable after receiving such access, comply with the notification
requirement in Sec. 49.17(d)(4)(iii) applicable to Appropriate
Domestic Regulators and Appropriate Foreign Regulators.
III. Request for Comment
In addition to the specific questions set forth throughout the
NPRM, the Commission requested comment on all aspects of the proposal
and on several specific questions set forth in section III of the NPRM.
The Commission received some responsive comments, which it has
summarized and responded to in the relevant sections of this adopting
release, and two comments that were not responsive.\106\
---------------------------------------------------------------------------
\106\ In addition, the SDR Commenters commented on several
issues relating to current Sec. 49.17(f)(2) that were unrelated to
the non-substantive change that the Commission proposed to make to
Sec. 49.17(f)(2). Because the SDR Commenters' comments on Sec.
49.17(f)(2) were unrelated to the proposed changes to Sec.
49.17(f)(2), they are beyond the scope of the NPRM and not a logical
outgrowth of this rulemaking, as a result of which the Commission
declines to address them here, in accordance with the Administrative
Procedure Act. All comments received in response to the Commission's
request for comment are available at https://comments.cftc.gov/PublicComments/CommentList.aspx?id=1777.
---------------------------------------------------------------------------
IV. Compliance Date
The Commission received one comment related to the compliance date
of the final rules. The SDR Commenters suggested that the Commission
work with the SDRs to set an appropriately mutually agreeable timeframe
for the compliance date.\107\ Commission staff subsequently engaged in
multiple discussions with the SDR Commenters regarding the compliance
date. The Commission, as set out below, is adopting a two part
compliance date for the final rules adopted herein. The compliance date
for the final rules will be 60 days after publication in the Federal
Register, except for the compliance date for an SDR to comply with its
obligation under Sec. 49.17(d)(5)(iii) of the Commission's regulations
to provide access to swap data requested by an ADR or AFR. The
compliance date for an SDR to comply with its obligation under Sec.
49.17(d)(5)(iii) of the Commission's regulations is the earlier of (1)
the earliest date, after such SDR receives from such ADR or AFR the
confidentiality arrangement required by Sec. 49.18(a), that such SDR,
exercising commercially reasonable efforts in light of its obligations
under the CEA and the Commission's regulations, is able to provide such
access to the ADR or AFR and (2) 180 days after the SDR receives from
such ADR or AFR the confidentiality arrangement required by Sec.
49.18(a).
---------------------------------------------------------------------------
\107\ See SDR Letter at 9.
---------------------------------------------------------------------------
V. Related Matters
A. Regulatory Flexibility Act
The Regulatory Flexibility Act (``RFA'') requires federal agencies,
in promulgating rules, to consider the impact of those rules on small
entities.\108\ The rules adopted herein will have a direct effect on
the operations of SDRs and certain domestic regulators and foreign
regulators seeking
[[Page 27426]]
access to swap data reported to, and maintained by, SDRs.
---------------------------------------------------------------------------
\108\ See 5 U.S.C. 601 et seq.
---------------------------------------------------------------------------
The Commission has previously established certain definitions of
``small entities'' to be used by the Commission in evaluating the
impact of its rules on small entities in accordance with the RFA.\109\
The Commission has previously determined that SDRs are not small
entities for purposes of the RFA.\110\
---------------------------------------------------------------------------
\109\ See Policy Statement and Establishment of ``Small
Entities'' for purposes of the Regulatory Flexibility Act, 47 FR
18618, 18618-21 (Apr. 30, 1982).
\110\ See Part 49 Adopting Release at 54575 and Notice of
Proposed Rulemaking: Swap Data Repositories, 75 FR 80898, 80926
(Dec. 23, 2010).
---------------------------------------------------------------------------
For purposes of the RFA, the definition of ``small entity''
encompasses ``small governmental jurisdictions,'' which in relevant
part means governments of locales with a population of less than fifty
thousand.\111\ Although the Commission anticipates that the final rules
adopted herein may be expected to have an economic impact on various
governmental entities that access data pursuant to the Dodd-Frank Act's
data access provisions (i.e., ADRs and AFRs), the Commission does not
anticipate that any of those governmental entities would be small
governmental jurisdictions: The Commission believes that the universe
of ADRs and AFRs will likely be limited to U.S. federal regulators and
equivalent national, or state or provincial, foreign authorities, given
that swap regulation does not occur at a local level globally, in the
Commission's experience. As a result, the Commission does not believe
that the final rules will have a significant economic impact on a
substantial number of small entities. Therefore, the Chairman, on
behalf of the Commission, pursuant to 5 U.S.C. 605(b), hereby certifies
that the final rules will not have a significant economic impact on a
substantial number of small entities.
---------------------------------------------------------------------------
\111\ 5 U.S.C. 601(5), (6).
---------------------------------------------------------------------------
B. Paperwork Reduction Act
The amendments to part 49 result in new ``collection of
information'' requirements within the meaning of the Paperwork
Reduction Act of 1995 (``PRA'').\112\ An agency may not conduct or
sponsor, and a person is not required to respond to, a collection of
information unless it displays a currently valid Office of Management
and Budget (``OMB'') control number. The OMB control number for the
information collection associated with part 49 is 3038-0086 (the
``Information Collection'').\113\ The Commission is revising the
Information Collection because the rule amendments herein will impose
information collection requirements that require approval from OMB
under the PRA. The Commission is therefore submitting this final rule
to OMB for review in accordance with 44 U.S.C. 3507(d) and 5 CFR
1320.11.
---------------------------------------------------------------------------
\112\ 44 U.S.C. 3501 et seq.
\113\ The most recent revision to OMB Control Number 3038-0086
was approved November 30, 2015 and is available at https://www.reginfo.gov/public/do/PRAOMBHistory?ombControlNumber=3038-0086.
---------------------------------------------------------------------------
1. Summary of the Requirements
The modifications to part 49 require SDRs to make swap data
available to requesting entities (i.e., ADRs and AFRs) if certain
conditions are satisfied. These conditions include the requesting
entity executing a confidentiality arrangement with the Commission and
providing it to each SDR from which it seeks swap data and, in some
cases, receiving an order from the Commission (which requesting
entities must apply for, including certain specified types of
information in support) determining that it is an appropriate entity to
receive SDR swap data. The modifications further require each ADR and
AFR to notify the Commission, and each SDR from which an ADR or AFR has
received swap data, of any change to the scope of such ADR's or AFR's
jurisdiction, as described in the confidentiality arrangement.
The modifications also require SDRs to report to the Commission:
(1) Each initial request from an ADR or AFR for access to swap data;
(2) all ADR or AFR requests for swap data that do not comport with the
described scope of the ADR's or AFR's jurisdiction that is appended to
the confidentiality arrangement; and (3) failures to fulfill the terms
of confidentiality arrangements. The modifications additionally require
each SDR to maintain records of each initial, and all subsequent,
requests from an ADR or AFR for access to swap data.
2. Collection of Information
Currently, the Information Collection sets out burden estimates
relating to a broad range of SDR obligations associated with
registration requirements, reporting requirements, recordkeeping
requirements, and disclosure requirements. Where the information
collection associated with those obligations is modified by this rule,
the Commission is revising the Information Collection accordingly. To
the extent this rule introduces new information collections that were
not previously incorporated into the Information Collection, the
Commission is revising the Information Collection to account for the
new information collections. Finally, many of the information
collections discussed in the Information Collection are not implicated
or modified by the Commission's revisions to part 49 in this release.
The Commission, therefore, is not revising the estimated burdens
associated with such information collections. New or revised
information collections contained in these revisions to part 49 will
affect SDRs as well as entities that request access to SDR swap data
pursuant to part 49, as revised.
As discussed above, the modifications to part 49 set out in this
release are intended to provide a process by which other regulatory
authorities may obtain access to SDR swap data. The information
collections associated with this process are intended to ensure that
SDR swap data is accessed only by appropriate entities and that the
confidentiality of any accessed SDR swap data is adequately protected.
The ultimate result of this process is intended to provide other
regulatory authorities with information to assist with the oversight of
the global swaps market and market participants.
ADR/AFRs. As discussed throughout this release, certain conditions
must be satisfied before a requesting entity is permitted to access SDR
swap data. These conditions may implicate various PRA collections and
burdens as discussed below.
Pursuant to Sec. 49.18(a), every requesting entity seeking access
to SDR swap data must execute a confidentiality arrangement with the
Commission prior to receiving access. This requirement applies to both
those entities that are Enumerated ADRs, and those entities, whether
foreign or domestic, that require a determination from the Commission
that they are appropriate entities to receive access to SDR swap data.
The Commission believes the use of the Confidentiality Arrangement
Form, or a similar form, if permitted by the Commission, will provide
an efficient means to satisfy the requirements of Sec. 49.18(a).
In addition to executing a confidentiality arrangement, requesting
entities that are not Enumerated ADRs will be required to seek a
Determination Order from the Commission to obtain access to SDR swap
data. The Commission is requiring that an Enumerated ADR attach to the
confidentiality arrangement a detailed description of its scope of
jurisdiction, as it relates to the swap data maintained by SDRs that
the Enumerated ADR seeks to access.
The Commission, for PRA purposes, continues to believe that it is
reasonable
[[Page 27427]]
to assume that 300 total entities will seek access to SDR swap data.
This estimate is based on the Commission's experience in receiving data
requests from other regulators and its experience in coordinating and
cooperating with other regulators.\114\ For PRA purposes, the
Commission assumes there are four SDRs, which is the number of SDRs
that are currently provisionally registered with the Commission. As the
confidentiality arrangement required by Sec. 49.18(a) will be between
the ADR or AFR and the Commission, and will address swap data access
from all SDRs, an ADR or AFR will need to execute only a single
confidentiality arrangement for all SDRs from which it seeks swap data,
rather than a separate confidentiality arrangement for each SDR.
Accordingly, the Commission estimates, for PRA purposes, that the total
number of confidentiality arrangements that will be executed under the
amended part 49 rules is 300.
---------------------------------------------------------------------------
\114\ The Commission continues to estimate that up to
approximately 30 authorities in the United States may seek to access
swap data from SDRs. In the context of potential AFRs, the
Commission believes that most requests will come from authorities in
G20 countries, each of which will have no more, and likely fewer,
than 30 authorities that may request swap data from SDRs. In
addition, certain authorities from outside the G20 also may request
swap data from SDRs. Accounting for all of these entities, the
Commission estimates that there likely will be a total of no more
than 300 relevant domestic and foreign authorities that may request
swap data from SDRs.
---------------------------------------------------------------------------
Although the Commission may, in its discretion, execute a
confidentiality arrangement with one or more ADRs/AFRs that is not in
the form of the Confidentiality Arrangement Form, Sec. 49.18(b)
requires that such alternative confidentiality arrangement include all
elements of in the Confidentiality Arrangement Form. Consequently, the
Commission is estimating the burden on ADRs and AFRs of negotiating the
confidentiality arrangement required by Sec. 49.18(a) based on its
estimate of the burden involved for an ADR or AFR to put in place the
Confidentiality Arrangement Form. The Commission estimates that the
review and execution of each confidentiality arrangement by an ADR or
AFR will take approximately 40 hours, for a total burden of 12,000
hours. The burden estimates associated with entering into the
confidentiality arrangement required by Sec. 49.18(a) are addressed in
the revised Information Collection.
Any requesting entity, other than an Enumerated ADR, that seeks
access to SDR swap data must be determined by the Commission to be an
appropriate recipient of such access. For Enumerated ADRs, there is no
burden associated with seeking to be determined appropriate by the
Commission because Enumerated ADRs have already been determined by
Congress in CEA section 21(c)(7), or by the Commission through its
adoption of Sec. 49.17(b)(1), to be appropriate recipients of SDR swap
data access. Those entities that are not Enumerated ADRs and that seek
SDR swap data access will be required to receive a Determination Order
prior to receiving access to SDR swap data. The process for obtaining
such a Determination Order is set out in general terms in Sec.
49.17(h) and requires the requesting entity to prepare and submit an
application to the Commission. The preparation and submission of this
application constitutes an information collection under the PRA.
As discussed above, the Commission believes that for PRA purposes
it is reasonable to assume that 300 domestic and foreign entities will
seek access to SDR swap data. Very few of these entities have already
been specifically identified by Congress in CEA section 21(c)(7), or by
the Commission through its adoption of Sec. 49.17(b)(1), as
appropriate recipients of SDR swap data access. The Commission
estimates, for PRA purposes, that each entity seeking a Determination
Order would expend 100 hours in connection with filing the necessary
application with the Commission, for a total initial burden of no more
than 30,000 hours (calculated as the product of 300 domestic and
foreign entities seeking access to SDR swap data and 100 hours per
application). This estimate considers the relevant information that
would be required to be provided in such an application, including
information regarding the entity's scope of jurisdiction,
confidentiality safeguards, as well as any other information the
Commission deems relevant to its determination. This burden estimate is
included in the Commission's revisions to the Information Collection.
Swap Data Repositories. As discussed throughout this release, SDRs
are required to provide access to SDR swap data to ADRs and AFRs,
provided certain conditions are met. This requirement may implicate PRA
collections and burdens, some of which are already addressed in the
existing Information Collection, and some of which constitute new
collections, as discussed below. Currently, the burden on SDRs of
making data available to ADRs and AFRs is accounted for in the
Information Collection, as this is an existing obligation under
existing Sec. 49.17(d). However, the rules set out in this release
clarify and modify the requirements imposed on SDRs in providing access
to SDR swap data to ADRs and AFRs. Consequently, the Commission is
revising the Information Collection to account for these clarifications
and modifications.
The Commission expects SDRs to incur burdens and costs associated
with setting up access to SDR swap data that is consistent with an
ADR's or AFR's scope of jurisdiction, as described in the appendix to
the confidentiality arrangement required by Sec. 49.18(a). The
Commission expects that each confidentiality arrangement will identify,
either directly or through an attached Determination Order, the scope
of access that is appropriate for a given requesting entity. The
Commission expects SDRs to use these limitations to program their
systems to reflect the scope of the ADR's or AFR's access to SDR swap
data. These limits set out in the confidentiality arrangement are
expected to reduce the burdens on SDRs of assessing whether a
particular SDR swap data request falls within the scope of an ADR's or
AFR's jurisdiction.
The Commission received one comment estimating the burden on SDRs
associated with setting up access restrictions to match an ADR's or
AFR's scope of jurisdiction.\115\ CME estimated that its initial set up
costs would be between 400 and 950 hours for all ADRs and AFRs in the
aggregate.\116\ The Commission believes it is reasonable to accept
CME's estimate of 950 hours, as CME is an SDR and, as such, is familiar
with the costs required for setting up such access restrictions.\117\
Consequently, for PRA purposes, the Commission estimates that all SDRs
in the aggregate would incur a total burden of 3,800 hours (i.e., the
product of 4 SDRs and 950 hours of time) associated with setting up
access for all ADRs and AFRs. The burdens associated with these
permissioning requirements are
[[Page 27428]]
addressed in the revised Information Collection.
---------------------------------------------------------------------------
\115\ See SDR Letter at 5, n.10.
\116\ The SDR Letter stated that ``CME believes the initial set
up cost will be between of 400 and 950 hours.'' Id. In subsequent
communications, CME clarified that this estimate is for all ADRs and
AFRs in the aggregate. The other SDRs did not opine on the
Commission's estimate of 26 hours.
\117\ The Commission, in its proposal, estimated that the burden
on an SDR associated with setting up access restrictions to match a
requesting entity's scope of jurisdiction will include 20 hours of
programmer analyst time, five hours of senior programming time, and
one hour of attorney time, for a total of 26 hours. The Commission
notes that the SEC also estimated a set up time of 26 hours in its
similar rulemaking. See Access to Data Obtained by Security-Based
Swap Data Repositories, 81 FR 60585 at 60594 (Sept. 2, 2016) (SEC
rule 13n-4(b)(9) and (10), 17 CFR 240.13n-4(b)(9) and (10).
---------------------------------------------------------------------------
SDRs will also be required to provide electronic notice to the
Commission of the first request for access to swap data from a
particular ADR or AFR, and promptly after receiving any request that
does not comport with the scope of the ADR's or AFR's jurisdiction, as
described in the appendix to the confidentiality arrangement required
by Sec. 49.18(a). In addition to notifying the Commission of the
foregoing, the Commission is requiring, in Sec. 49.17(d)(4)(i), SDRs
to maintain records of the details of the initial and all subsequent
requests for swap data from an ADR or AFR. The SDR shall maintain this
information for a period of no less than five years after the date of
such request and shall provide this information to the Commission upon
request, pursuant to Sec. 1.31.
Currently, the Information Collection estimates burdens associated
with the various registration, reporting, recordkeeping, and disclosure
requirements to which SDRs are subject. The reporting and recordkeeping
requirements relating to ADR and AFR data requests constitute an
information collection for PRA purposes and require the Commission to
revise the reporting and recordkeeping burden estimates contained in
the Information Collection. The reporting and recordkeeping
requirements in this release may potentially impact each SDR.
SDRs already have the ability to communicate electronically with
the Commission and are subject to significant recordkeeping
requirements pursuant to Sec. Sec. 45.2(f) and 49.12. Therefore, the
requirements adopted herein should not result in SDRs having to incur
initial costs to implement systems to notify the Commission when an ADR
or AFR submits a data request for the first time that are in excess of
what is already accounted for in the Information Collection.
The Commission estimates that each SDR would incur an annual burden
of 480 hours associated with the requirement to maintain records of the
details of the initial and all subsequent requests for data from an ADR
or AFR, for a total of 1,920 hours annually (i.e., the product of four
SDRs and 480 hours). Although the Commission provided an estimate of
280 hours in the NPRM, CME commented that 480 hours was more likely.
The Commission received one comment related to setup costs
associated with its proposed recordkeeping requirements.\118\ The SDR
Letter provided estimates for recordkeeping set up costs. CME
subsequently provided updated estimates of these setup costs, which CME
now estimates would be approximately 1,100-1,440 hours. The Commission
believes it is reasonable to accept CME's estimate of 1,440 hours, as
CME is an SDR and, as such, is familiar with the setup costs associated
with SDR recordkeeping requirements. Therefore, the Commission
estimates that initially each SDR may incur a burden of 1,440 hours
associated with these recordkeeping requirements, for a total of 5,760
hours (i.e., the product of four SDRs and 1,440 hours). However, as
discussed in this release, the recordkeeping requirements adopted
herein may result in lower costs to the SDRs than estimated here, as
the Commission is not requiring SDRs to keep records of all copies of
swap data provided in response to data requests, as it had proposed in
the NPRM.\119\ The burdens associated with the notification
requirements adopted herein are addressed in the revised Information
Collection.
---------------------------------------------------------------------------
\118\ See SDR Letter at 7, n.15.
\119\ Moreover, SDRs are already subject to extensive
recordkeeping obligations under existing Commission rules, so SDRs
may be able to reduce their costs by making use of existing
recordkeeping resources to some extent.
---------------------------------------------------------------------------
Finally, the current Information Collection accounts for the costs
to SDRs of executing a ``Confidentiality and Indemnification
Agreement'' with each requesting ADR and AFR. Under the Commission's
final rule adopted herein, the SDR is no longer required to execute
such an agreement with ADRs or AFRs. The confidentiality arrangements
will be between each requesting ADR or AFR and the Commission.
Accordingly, the total burden to SDRs, as currently reflected in the
Information Collection, is reduced by the cost to execute such
agreements. The reduction in burden associated with this change in the
confidentiality arrangement requirement is addressed in the revised
Information Collection.
C. Cost-Benefit Considerations
1. Introduction
As discussed in Section I above (``Background and Introduction''),
the Commission is amending Part 49 to (i) implement the statutory
changes mandated by the FAST Act amendments; (ii) make certain
conforming and clarifying changes related to such implementation; (iii)
revise the process by which a regulator is determined appropriate to
receive access to SDR swap data; (iv) clarify the standards in
connection with the Commission's appropriateness determinations; and
(v) establish the form and substance of the written agreement mandated
by CEA section 21(d), as amended.
In the sections that follow, the Commission discusses the costs and
benefits associated with the final rule and reasonable alternatives
considered. Comments from commenters addressing the associated costs
and benefits of the rule are addressed in the appropriate sections.
Wherever possible, the Commission has considered the costs and benefits
of the final rule in quantitative terms. Given, however, that SDRs do
not yet have a history of providing swap data to other regulators, and
the final rule does not dictate the means by which SDRs may provide
such swap data access in the future, the availability to the Commission
of relevant or useful quantitative terms to assess the potential costs
and benefits of the final rule is limited. Accordingly, where a
quantitative discussion is not feasible, the Commission has considered
the costs and benefits of this rulemaking in qualitative terms.
The baseline against which the costs and benefits of this final
rule are being compared is the existing status quo for SDR swap data
access under CEA section 21, as amended by the FAST Act, taken together
with the swap data access requirements in the current Part 49 rules. As
a general matter, the Commission recognizes that there are inherent
costs and benefits to domestic and foreign regulators having access to
SDR swap data. As discussed above, the Commission expects that access
to SDR data by ADRs and AFRs will not only assist those regulators in
fulfilling their own supervisory and regulatory functions but
facilitate greater cooperation and collaboration among regulators
across jurisdictions, promoting effective and consistent oversight of
the global swaps market. At the same time, however, opening access to
SDR data to other regulators may increase opportunities for
unauthorized or unnecessary data disclosures, which could negatively
impact swap market participants. Congress took into account these costs
and benefits associated with broader SDR data access in adopting and
amending CEA section 21, which supports access to swap data by
appropriate regulators provided that, consistent with CEA section 8,
the data accessed falls within their scope of jurisdiction and the data
is provided on a confidential basis. In formulating the amendments to
Part 49 that make up this final rule, the Commission has been mindful
of the tradeoff between these dual objectives embodied in the
[[Page 27429]]
mandate of CEA sections 21(c)(7) and (d), endeavoring to reduce the
costs to regulators of obtaining, and to SDRs of providing, access to
swap data, while also establishing sufficient processes and conditions
to ensure that data access is appropriately scoped and confidentiality
is maintained.\120\
---------------------------------------------------------------------------
\120\ In support of its goal to reduce costs, the final rule is
harmonized in many respects with the corollary SEC Indemnification
Rule implementing changes to its security-based swap data access
rules following adoption of the FAST Act. This rulemaking also is in
accord with two recent recommendations issued by the U.S. Department
of the Treasury (``Treasury'') in a recent report in which Treasury
recommended greater harmonization between the CFTC and the SEC and
stated that greater coordination is required among the CFTC, SEC and
prudential regulators. See A Financial System That Creates Economic
Opportunities[:] Capital Markets (Oct. 6, 2017) (``Report'') at 9,
available at https://www.treasury.gov/press-center/press-releases/Documents/A-Financial-System-Capital-Markets-FINAL-FINAL.pdf.
---------------------------------------------------------------------------
2. Benefits
a. Background
In the fall of 2008, a series of large financial institution
failures triggered a financial and economic crisis that threatened
global financial markets. As a result of these failures, the government
intervened to ensure the stability of the U.S. financial system. These
failures revealed the vulnerability of the U.S. financial system and
economy to widespread systemic risk resulting from, among other things,
poor risk management practices of financial firms and the lack of
supervisory oversight--specifically data concerning over-the-counter
(``OTC'') derivatives activity--for a financial institution as a whole.
The financial crisis also illustrated the significant risks that an
uncleared, OTC derivatives market can pose to the financial system.
Swap markets were opaque, and financial institutions were significantly
interconnected through counterparty credit risk. This exposed the
financial system to contagion through spreading defaults and losses.
For example, concerned with the size of AIG's credit default swap
exposure, the Federal government infused $180 billion of taxpayer money
into AIG in order to prevent AIG's failure, which the Federal
government was concerned may have led to cascading defaults by AIG
creditors and counterparties and other creditors and counterparties
indirectly exposed to AIG through credit and swap transactions. The
legislative response to the Great Recession, the Dodd-Frank Act,
stipulated that data representing OTC derivatives, in general, be
reported to SDRs in order to cultivate robust oversight of financial
entities and identify risks to the liquidity, stability, and
functioning of the financial system.\121\ The Commission anticipates
that access by ADRs and AFRs to swap data reported to SDRs, in
combination with future sharing with the Commission of swap data
reported to trade repositories in other jurisdictions, in part as a
result of this rulemaking, will facilitate greater inter-agency
cooperation, collaboration on matters concerning systemic risk, and
identification and mitigation of future financial crises.
---------------------------------------------------------------------------
\121\ See section 4r of the CEA, 7 U.S.C. 6r, added to the CEA
by section 729 of the Dodd-Frank Act.
---------------------------------------------------------------------------
b. High-Level Benefits
At a high level, this rulemaking is expected to assist other
regulators in performing their supervisory and regulatory functions by
providing them, for the first time, access to SDR swap data, which
would help regulators better understand the risks their regulated
entities are assuming and the impact of such risks on the broader
markets. These supervisory and regulatory functions may include:
Monitoring and mitigating systemic risk; ensuring financial stability;
registration and oversight of financial market infrastructures, trading
venues and/or market participants; central bank activities; prudential
supervision; restructuring or resolution of infrastructures and firms;
and regulation of cash markets, in some of which swap counterparties
are active.\122\ Regulators may also be able to increase the benefits
of receiving SDR swap data by discussing the results of their analyses,
subject to the conditions and limitations of the confidentiality
arrangement required by Sec. 49.18(a), including restrictions on
onward sharing. The Commission believes regulatory coordination is
beneficial.
---------------------------------------------------------------------------
\122\ See generally Data Final Rules at 2136-2137 (observing
that Dodd-Frank was enacted to reduce systemic risk, increase
transparency, and promote market integrity within the financial
system by, among other things creating rigorous recordkeeping and
data reporting regimes with respect to swaps); Margin Requirements
for Uncleared Swaps for Swap Dealers and Major Swap Participants--
Cross-Border Application of the Margin Requirements 81 FR 34817,
34819 (May 31, 2016) (observing that as the 2008 financial crisis
illustrated, complex financial and operational relationships
demonstrated how the transfer of risk associated with swaps is not
always transparent and can be difficult to fully assess.).
---------------------------------------------------------------------------
Access to SDR swap data may also facilitate collaboration among the
Commission, ADRs and AFRs in comparing the results of their respective
SDR swap data analyses. Providing regulators access to SDR swap data
should also facilitate cooperation among market and prudential
regulators, which sometimes view data in isolation, given their
different responsibilities, regulated entities, missions, and--as it
relates to this rule making--data sets. In particular, such access may
improve early warning systems that might ultimately reduce the
probability or severity of a crisis, or both. The benefits of
regulatory collaboration and broader access to swap data are likely to
persist, if not expand, over time as regulators gain experience working
together, while the burden required for establishing access to swap
data includes an upfront commitment of time and money that is likely to
diminish over time (although some increased operating costs resulting
from this rulemaking will remain).
The Commission believes that the implementation of this rulemaking
represents a critical element of effective financial market oversight
by providing access to SDR data to ADRs and AFRs. The Commission
acknowledges that performing systemic risk analysis is very difficult
as a result of the fragmented regulatory structure that exists both
domestically and internationally. The financial markets are global in
nature and contain correlated instruments dispersed across different
regulatory authorities and jurisdictions. Regulating such markets
utilizing only the data and information available through one
particular regulator's regime is suboptimal. For instance, when
conducting oversight of treasury futures and interest rate swap
markets, it is not sufficient to only assess the available futures and
swaps data at the Commission's disposal. Oversight of activity in those
markets and associated risk also requires trading activity and position
information regarding treasury bonds, repurchase agreements and reverse
repurchase agreements. Similarly, regulating the credit and equity
asset classes would benefit from information concerning related cash
market activity in equity securities, corporate bonds, derivatives (on
broad and narrow CDS and equity indexes, single-name CDS and equities,
and bespoke transactions), securitizations, repurchase agreements and
securities lending. The same applies to conducting comprehensive risk
analysis and oversight of other asset classes. Similarly, in regulating
swap dealers, the Commission would benefit from obtaining visibility
into their positions in other jurisdictions to form a complete picture
of their risk profiles.
The Commission may face challenges in analyzing overall market,
counterparty, or systemic risk accurately with only the data at its
disposal via recordkeeping and reporting pursuant to the CEA and the
Commission's regulations promulgated thereunder.
[[Page 27430]]
Prudential, bank, and market regulators likely face similar challenges
in assessing the overall market, understanding patterns and flows, and
identifying concerning trends based solely on data available pursuant
to their own individual regulatory regimes. These limitations
presumably impact similarly situated regulators across the global
financial system.
In light of the issues flowing from incomplete data, the Commission
expects this rule to generate substantial benefits by fostering a
regulatory environment that supports broader data access across the
regulatory community and expands the accessibility of SDR swap data to
other regulators, thereby supporting holistic oversight and data driven
policy making at the regulatory level. The probability of successfully
overseeing the prevailing market structure of the financial system and
preventing another crisis increases as more ADRs and AFRs access SDR
swap data and incorporate it into their existing analysis and
workflows. Although this rule only provides other regulators access to
swap data maintained at SDRs regulated by the Commission, the
Commission expects the rulemaking to encourage similar access by the
Commission to swap data maintained at trade repositories regulated by
other authorities, which would increase the benefits of the rule
discussed above accordingly.
c. More Specific Benefits
i. MOUs
Under current Sec. 49.17(b)(2), the existence of a current MOU or
similar type of information sharing arrangement with the Commission
automatically qualifies a Foreign Regulator as an AFR. The Commission
is amending Sec. 49.17(b)(2) to require all ``Foreign Regulators'' who
wish to receive swap data from SDRs to file an application with the
Commission to be Commission-determined ``Appropriate Foreign
Regulators'' and requires the Commission to issue an order finding each
Foreign Regulator to be an ``appropriate'' recipient of SDR swap data.
The Commission believes that this modification will ensure that Foreign
Regulators are acting within the scope of their jurisdiction,
consistent with CEA sections 21(c)(7) and 8(e) and should reduce the
risk of unauthorized disclosure, misappropriation or misuse of swap
data. The SDR Commenters also commented that an MOU or other
information sharing agreement alone potentially could have imprecise
language and bespoke arrangements that would not provide sufficient
indication of a regulator's appropriateness.\123\ By requiring use of
the Confidentiality Arrangement Form or permitting an alternative
arrangement with the same elements, the Commission is establishing
confidentiality safeguards that are tailored to the provision of swap
data by an SDR to an ADR or an AFR. In addition, as the Commission
stated in the NPRM and in the preamble above in sections II.B.4. and
5., it can take into account additional considerations or circumstances
it may deem relevant on a case-by-case basis in making an
appropriateness determination. This can benefit the appropriateness
determination process by permitting the Commission to consider factors
such as those identified by the SDR Commenters.
---------------------------------------------------------------------------
\123\ SDR Letter at 3.
---------------------------------------------------------------------------
ii. Duty for SDRs To Notify the Commission of Swap Data Requests From
ADRs and AFRs
Current Sec. 49.17(d)(4)(i) requires an SDR to promptly notify the
Commission regarding any request from an ADR or AFR for access to swap
data. The Commission is amending current Sec. 49.17(d)(4)(i) to
require such notices only promptly after the SDR receives an initial
request for access to swap data from a particular ADR or AFR and
promptly after receiving a request from an ADR or AFR that does not
comport with the scope of the ADR's or AFR's jurisdiction, as described
in the appendix to the confidentiality arrangement required by Sec.
49.18(a). The Commission expects this to benefit SDRs by significantly
reducing the number of notices and the associated costs. The change
might also benefit ADRs and AFRs by expediting the time it takes for
them to get access to SDR swap data.
iii. Form of Electronic Notification by SDRs to the Commission
Current Sec. 49.17(d)(4)(ii) requires an SDR to notify the
Commission, electronically in a format specified by the Secretary of
the Commission, of any request from an ADR or AFR for access to swap
data. The Commission is specifying the format in the adopting release.
This will benefit SDRs by providing clarity and specificity as to the
particular means of notice required such that they can develop such
means of notice expeditiously so that SDRs can provide such notices
soon after they receive requests for SDR swap data from ADRs and AFRs.
This, in turn, might benefit ADRs and AFRs by expediting their access
to such swap data.
iv. Clarification of SDR Recordkeeping Obligations
In the NPRM, the Commission explained that an SDR's obligation to
maintain records of all information related to the initial and all
subsequent requests by an ADR or AFR for swap data access would require
retaining records including, among other things, copies of all data
reports and other aggregation of data provided in connection with the
request for access.\124\ The SDR Commenters stated that that proposed
requirement ``should be amended to avoid imposing unnecessary costs.''
\125\ The SDR Commenters characterized that proposed recordkeeping
requirement as burdensome, challenging to implement, and potentially
decreasing information security, because the requirements could require
an SDR ``to propagate a given data set more than once.'' \126\
---------------------------------------------------------------------------
\124\ NPRM at 8375, n.42; see also, NPRM at 8381 (Paperwork
Reduction Act discussion of recordkeeping burdens).
\125\ SDR Letter at 6.
\126\ See id.
---------------------------------------------------------------------------
As an alternative to maintaining such reports, the SDR Commenters
offered to create pre-formatted data reports, which they would make
available for download by ADRs and AFRs ``so that the record of access
to such reports [would] be easily identifiable, in lieu of maintaining
logs of queries and query conditions . . . .''\127\ The SDR Commenters
added that, if the Commission adopted their alternative, ``the
parameters of the reports and the logic which is used to populate the
reports is all that should have to be maintained.'' \128\ The SDR
Commenters contended that the Commission should require only ``the
saving of metadata around reports rather than the actual reports[.]''
\129\
---------------------------------------------------------------------------
\127\ Id.
\128\ Id.
\129\ Id.
---------------------------------------------------------------------------
As discussed above in section II.D.2.ii., the SDR Commenters
explained in discussions with staff that they plan to provide swap data
access to ADRs and AFRs in one of two ways: (1) Via pre-formatted
reports that the SDR Commenters would make available for download by
ADRs and AFRs or send to ADRs and AFRs, in each case on a regular
basis; or (2) via a Web-based portal through which ADRs and AFRs could
conduct customized searches of swap data.\130\ In those discussions,
the
[[Page 27431]]
SDR Commenters explained that they would not consider it unduly
burdensome to maintain records in those formats.
---------------------------------------------------------------------------
\130\ The swap data provided in the pre-formatted reports or
through the Web-based portals would be limited to swap data within
the particular ADR's or AFR's scope of jurisdiction, as described in
the appendix to the confidentiality arrangement required by Sec.
49.18(a).
---------------------------------------------------------------------------
As discussed above in section II.D.2.ii., the Commission is
confirming that SDRs may satisfy their recordkeeping duties under Sec.
49.17(d)(4)(i) by maintaining records of, as applicable: (1) Their pre-
formatted swap data reports; or (2)(a) the parameters of Web portal
swap data access and (b) queries run by ADRs and AFRs using such
access. This confirmation should lower costs to the SDRs by decreasing
financial costs thereto, making recordkeeping simpler and decreasing
cybersecurity risks, as the SDR Commenters noted.
v. Limitation, Suspension or Revocation of an ADR's or AFR's Swap Data
Access
The Commission is requiring, in Sec. 49.17(d)(4)(iii), an SDR to
limit, suspend, or revoke an ADR's or AFR's swap data access if the
ADR's or AFR's scope of jurisdiction changes and the Commission directs
the SDR to limit, suspend, or revoke the ADR's or AFR's swap data
access.\131\ Similarly, Sec. 49.17(d)(5) requires an SDR to limit,
suspend, or revoke an ADR's or AFR's swap data access if the Commission
limits, suspends or revokes the ADR's or AFR's appropriateness
determination or otherwise directs the SDR, in writing, to limit,
suspend, or revoke the ADR's or AFR's swap data access. Although these
sections will impose costs on both SDRs (which will be required to
build into their systems a means of limiting, suspending, or revoking
an ADR's or AFR's swap data access; this could be as simple as, for
example, requiring a user name and password to obtain swap data access
and deactivating such login credentials) and ADRs and AFRs (which may
temporarily or permanently lose access to some or all SDR swap data),
the Commission believes this is an unavoidable and appropriate
corollary of the requirement in CEA section 21(c)(7) that ADRs' and
AFRs' SDR swap data access be on a confidential basis pursuant to CEA
section 8,'' which, as discussed throughout this release, requires,
among other things, that the swap data provided be within the scope of
an ADR's or AFR's jurisdiction. Although CEA section 21(c)(7) also
directs SDRs to provide ADRs and AFRs SDR swap data access, such access
is subject to the foregoing conditions, among others. Therefore, Sec.
49.17(d)(4)(iii) and (d)(5) will benefit market participants by keeping
their swap data confidential, as intended by Congress, if an ADR's or
AFR's jurisdiction changes such that it is no longer entitled to such
swap data or if other factors lead the Commission to limit, suspend, or
revoke an ADR's or AFR's swap data access to ensure that
confidentiality is maintained. The ``in writing'' requirement of Sec.
49.17(d)(5) will benefit SDRs by ensuring that all SDRs are aware of
any changes in status with respect to an appropriateness determination,
as the SDR Commenters requested.\132\
---------------------------------------------------------------------------
\131\ The Commission also is reserving the right, in new Sec.
49.17(h)(4), to revisit, reassess, limit, suspend or revoke a
Determination Order. The costs and benefits to ADRs, AFRs and SDRs
are similar to the costs and benefits thereto discussed in this
section with respect to Sec. 49.17(d)(4)(iii) and (d)(5).
\132\ See discussion at section II.C.5., supra.
---------------------------------------------------------------------------
vi. Confidentiality Arrangements
Current Sec. Sec. 49.17(d)(6) and 49.18(b) require the
confidentiality agreement required by CEA section 21(d) to be entered
into between an ADR or AFR seeking SDR swap data access and each SDR
from which the ADR or AFR seeks such access. The Commission is amending
those rules to require that such confidentiality arrangements be
entered into between an ADR or AFR, as one party, and the Commission,
rather than an SDR, as the other party. This will benefit SDRs by
shifting from SDRs to the Commission the costs of negotiating
confidentiality arrangements with an estimated 300 \133\ ADRs and AFRs.
This will also benefit ADRs and AFRs by enabling them to negotiate a
single confidentiality arrangement with the CFTC to access swap data
from each SDR rather than a separate agreement with each of the SDRs
from which they would seek swap data.
---------------------------------------------------------------------------
\133\ See, among other sections, section V.B.2.
---------------------------------------------------------------------------
The Commission also is requiring the use of the Confidentiality
Arrangement Form, unless the Commission waives this requirement. The
Commission expects this to benefit ADRs and AFRs by allowing them to
avoid expending resources coming up with their own confidentiality
arrangement forms and avoid the uncertainty of not knowing what
provisions the Commission would accept, reject or negotiate. The
Commission expects this to benefit SDRs as well in that most, if not
all, confidentiality arrangements will be the same, making them easier
to incorporate into their policies and procedures and build swap data
access around. Overall, the Commission believes that this rule will
increase the potential benefits and cost savings associated with use of
the Confidentiality Arrangement Form while still providing ADRs and
AFRs the flexibility to use an alternate arrangement if necessary, in
consultation with the Commission.
vii. Means of Access
The Commission is not requiring SDRs to provide access to swap data
to ADRs and AFRs through a specific technological means. Each SDR
operates with different legacy systems and infrastructure, preferred
data formats and delivery methods, and unique change management
processes. The Commission prescribing a specific means of access for
the swap data could subject different SDRs to greater/lesser costs,
thereby disadvantaging one/some over other(s). Presumably, SDRs will
choose the least costly means of access, all else being equal, as a
result of the flexibility provided by the Commission. Thus, the
flexibility afforded SDRs to choose the means of access through which
they provide swap data access to ADRs and AFRs will benefit SDRs.
More ADRs and AFRs accessing SDR swap data (as a result of the
removal of the statutory and regulatory indemnification requirements
that ADRs and AFRs refused to submit to) also has the potential to
improve the quality of swap data. For instance, ADRs and AFRs might
assert their authority over the entities that they regulate to require
or encourage them to submit better and/or more data. If swap data
quality improves, ADRs and AFRs can make better-informed supervisory
decisions to reduce risks. Although the Commission is not mandating the
use of LEIs to delineate an ADR's or AFR's scope of jurisdiction for
purposes of SDR swap data access, the Commission anticipates the use of
LEIs to that end. If ADRs and AFRs do use LEIs for that purpose, the
Commission believes that it will be relatively straightforward for SDRs
to provide ADRs and AFRs access to appropriate swap data, relative to
alternatives such as ADRs and AFRs providing legal memoranda describing
the scope of their jurisdictions, which SDRs would then need to parse
and translate into field descriptions, which is how SDR swap data are
organized. Similarly, although the Commission is not mandating the use
of UPIs (or if no CFTC-approved UPI and product classification system
is yet available, the internal product identifier or product
description used by the SDR) to delineate an ADR's or AFR's scope of
jurisdiction, the Commission anticipates the potential use of UPIs to
that end. If ADRs and AFRs do use UPIs for that purpose, the Commission
believes that it will be relatively easier for SDRs to provide ADRs and
AFRs access to appropriate swap data, relative to the
[[Page 27432]]
alternative of not using a UPI to describe the scope of their
jurisdictions.
3. Costs
a. Background
The Commission recognizes that there are different types of costs
associated with this rulemaking. In the NPRM, the Commission stated
that:
[o]ne cost is the potential harm to market participants and the
public if swap data is misused--for example, inappropriately
disclosed by ADRs and AFRs. Or, another harmful scenario might
involve misappropriated data where hackers pilfer swap data from
ADRs and AFRs to learn the positions of market participants so that
the hackers, or other interested parties who may even pay for such
information, scam the market. Such bad actors might be able to
anticipate such market participants' trades and trade in front of
them, raising swap trading costs to market participants, thereby
reducing their profits.\134\ If the aforementioned scenario occurred
frequently enough this might induce swap dealers to widen their
spreads, making hedging more expensive. In turn, this might lead to
sub-optimal business and investment strategies, as parties would be
less willing to participate in swap markets, because it would be
more costly. Further, the scenario posed could cause market
participants to be concerned that their business strategies might be
tipped to their competitors, because with stolen data, somebody
might be able to infer their strategies from knowing their swap
positions and how these positions change in response to relevant
economic events.\135\ Such concerns could lead some market
participants to withdraw to some extent from swap markets, reducing
liquidity and potentially inducing them to use less effective
hedging instruments or trading strategies in other markets.\136\
---------------------------------------------------------------------------
\134\ See, e.g., Registered Entity Cyber proposed rulemaking at
80141 (observing that ``there has . . . been a rise in attacks by .
. . hacktivists . . . aimed at . . . [, among other things,] theft
of data or intellectual property. . . . ''); id. at 80189
(Concurring Statement of then-Commissioner Bowen) (stating that
``our firms are facing an unrelenting onslaught of attacks from
hackers with a number of motives ranging from petty fraud to
international cyberwarfare.'').
\135\ While the same risks of misuse and misappropriation exist
with respect to swap data maintained at SDRs, SDRs are regulated,
and subject to sanctions, by the Commission, whereas ADRs and AFRs
are not.
\136\ NPRM at 82 FR 8384.
It is difficult to discern the likelihood of this misuse occurring,
rendering it difficult to quantify related costs, for at least four
reasons. First, data breaches can have different causes, from not
upgrading to the most current software, to software glitches, to
successful cyber attacks and improper procedures and protocols. Thus,
it is difficult to develop a homogenous sample to use to analyze data
breaches and what might reasonably be done to mitigate them (i.e.,
reduce the probability of their occurrence as well as their severity
when they do occur). Furthermore, the Commission does not have access
to such data even if they do exist. Second, data storage and
dissemination technology is constantly changing. This may result in the
manner in which data breaches occur changing over time in ways that are
difficult to anticipate, as various parties adapt to new technology.
Third, it is problematic to assess in advance the severity of a data
breach because the severity is dependent on the particulars of a given
breach that cannot be easily anticipated. Fourth, it would be
difficult, ex ante, to link data misuse to related profits and harms
from specific transactions.
b. High-Level Costs
At a high level regarding costs to ADRs and AFRs, the less access
to SDR swap data granted to ADRs and AFRs, the less such swap data
would help in performing ADRs' and AFRs' supervisory and other
regulatory functions. Similarly, the more impediments to swap data
access, the longer it would take ADRs and AFRs to use, or the less use
ADRs and AFRs could make of, such swap data. It is not mandatory for
ADRs and AFRs to ask for access to SDR swap data, however. Thus, ADRs
and AFRs can reduce their costs by not asking for swap data or by
limiting the swap data they seek and/or the frequency with which they
seek it.\137\ The Commission expects ADRs and AFRs will seek access to
SDR swap data when they believe that the benefits associated with the
access are worth incurring the costs associated with obtaining such
access.
---------------------------------------------------------------------------
\137\ The Commission acknowledges, however, that it is in the
best interest of ADRs and AFRs, as Congress recognized in passing
the FAST Act, for the process and parameters established by this
rulemaking to be utilized and swap data to be made accessible to
ADRs and AFRs.
---------------------------------------------------------------------------
c. ADRs' and AFRs' Costs
The Commission is imposing several new obligations on Foreign
Regulators and certain domestic regulators that will trigger costs for
such regulators.
i. Determination Order Applications
Currently, Sec. 49.17(b)(2) defines Foreign Regulators with either
an MOU or a similar information sharing agreement in place with the
Commission as ``Appropriate Foreign Regulators.'' As amended, however,
Sec. 49.17(b)(2) replaces such automatic AFR status with a requirement
that Foreign Regulators be determined by the Commission to be AFRs
before such Foreign Regulators can obtain swap data from SDRs. This
change will impose costs on each Foreign Regulator with an MOU, or
similar information sharing agreement, seeking AFR status. The
obligation for Foreign Regulators, and domestic regulators that are not
enumerated in Sec. 49.17(b)(1)(i) through (vi), to apply for a
Determination Order conferring AFR or ADR status in order for such
Foreign Regulators and unenumerated domestic regulators to be eligible
to receive access to SDR swap data will, at a minimum, require such
applicants to draft an application. Some applicants for ADR and AFR
status may choose to retain outside counsel or another third party to
draft the application, thereby incurring related costs; others might
use their own staff. There also may be additional costs associated with
the complexity of the application, because applicants for ADR and AFR
status will have to explain their jurisdiction and link it to their
requests for access to SDR swap data.\138\ While applicants will need
to expend resources developing their ``appropriateness'' applications,
the Commission expects that the requirements and guidance it has
provided in this release should reduce such expenditures to a certain
extent. Nonetheless, the level of such expenditures will depend on the
particulars of a given applicant.
---------------------------------------------------------------------------
\138\ Pursuant to Sec. 49.17(h), applicants will have to
describe to the Commission the scope of their jurisdiction so that
that description can be provided to SDRs so that SDRs will know the
contours of the swap data access they can provide to applicants.
---------------------------------------------------------------------------
The Commission estimates that each requesting entity would on
average expend 100 hours in connection with filing an application to
receive a Determination Order. This estimate considers the relevant
information that would be required to be provided in such an
application, including information regarding the entity's scope of
jurisdiction, confidentiality safeguards, as well as any other
information relevant for the Commission's determination. The Commission
monetizes the 30,000 burden hours by multiplying by a wage rate of $85
\139\ or approximately $2.56 million.
---------------------------------------------------------------------------
\139\ The wage rate used here is a composite (blended) wage rate
by averaging the mean annual salaries of an Assistant/Associate
General Counsel, an Assistant Compliance Director, and a Programmer
(Senior) as published in the 2013 SIFMA Report and dividing that
figure by 1,800 annual working hours and multiplying by 1.3 to
account for the overhead for a government employee to arrive at the
hourly rate of approximately $85.
---------------------------------------------------------------------------
ii. Confidentiality Arrangements
The requirement in Sec. 49.18(a) that SDRs receive an executed
[[Page 27433]]
confidentiality arrangement from an ADR or AFR before the SDR can
provide the ADR or AFR swap data is based on a corresponding
requirement set forth in CEA section 21(d) and will impose costs on
ADRs and AFRs. CEA section 21(d) does not specify any details of the
required written agreement other than that it must state that the ADR
or AFR shall abide by CEA section 8's confidentiality requirements. The
Commission, however, is adopting, in Appendix B to part 49, a
Confidentiality Arrangement Form providing for ADRs and AFRs to
implement a number of safeguards to effectuate the confidentiality
protections mandated by CEA section 21(c)(7). The Confidentiality
Arrangement Form can be expected to limit ADRs' and AFRs' flexibility
to use confidentiality arrangements more tailored to their specific
needs, but this is offset to some extent by corresponding benefits
discussed above in section V.C.3.vi. and by the fact that the
Commission retained the discretion to negotiate changes to the
Confidentiality Arrangement Form.
iii. Data Security
Section 6 of the Confidentiality Arrangement Form contains a number
of undertakings designed to prevent unauthorized disclosure of swap
data. Given that ADRs and AFRs already likely have existing data
security policies, procedures and safeguards, the Commission continues
to believe that the costs of developing safeguards in response to such
undertakings would likely be only a incremental addition to their
existing data security costs, and the other costs of complying with
these burdens, such as the costs to develop policies, procedures and
safeguards, are within the scope of ADRs' and AFRs' expertise (and thus
would likely not require ADRs or AFRs to retain outside experts to
develop).\140\ Given that ADRs and AFRs can elect not to seek access to
swap data from SDRs and that ADRs and AFRs who do seek such access have
some control over the scope and frequency of the swap data they seek
and the manner in which they seek to analyze such swap data, ADRs and
AFRs themselves can influence to some degree the costs they impose on
themselves by seeking access to swap data from SDRs.
---------------------------------------------------------------------------
\140\ The Commission continues to believe that ADRs and AFRs
would likely have established safeguards to protect sensitive data
other than swap data and that such safeguards could be adapted to
address the requirements of the confidentiality arrangement.
---------------------------------------------------------------------------
iv. Onward Sharing
Section 7 of the Confidentiality Arrangement Form would prohibit
ADRs and AFRs from onward sharing Confidential Information with other
parties, with limited exceptions. This could impose some costs in that
ADRs and AFRs would not be able to freely share swap data among
themselves, which could reduce the utility of the swap data to ADRs and
AFRs, possibly reducing the effectiveness thereof. However, because CEA
section 21(c)(7) requires that SDRs share swap data with ADRs and AFRs
on a confidential basis pursuant to CEA section 8,'' and CEA section
8(e) also prohibits onward sharing, the onward sharing prohibition in
section 7 of the Confidentiality Arrangement Form is required by the
CEA.
v. Means of Access
In addition, the fact that the Commission is electing not to
specify a particular means of ADRs and AFRs accessing swap data could
result in SDRs providing a means of access other than a means preferred
by ADRs and AFRs. This might impose additional costs on ADRs and AFRs
relative to the potentially lesser costs of their preferred means of
access.
The Commission prescribing a particular means of access could
result in costs to either ADRs/AFRs or SDRs. Specifically, costs borne
by ADRs/AFRs might be shifted to SDRs or vice versa as a particular
means of access changes. The Commission chooses to not force all SDRs
to use a single means of providing access, thus requiring some or all
SDRs to alter their systems, since it is not possible to distinguish a
single means of access that would be preferable to all ADRs, AFRs and
SDRs. Because of these uncertainties, the Commission is unable to
quantify these costs but is able to identify such costs qualitatively.
The Commission recognizes that allowing SDRs to choose the means by
which they provide swap data access may impose costs of adapting to a
particular means of access on ADRs and AFRs. However, given the large
number of ADRs and AFRs who may seek SDR swap data access and the large
potential variation in their preferred means of access, and given the
limited number of SDRs and potential means of access, the Commission
believes that ADRs and AFRs, in general, can more easily bear the
burden of adapting to SDRs' choices of means of access than vice versa.
d. SDRs' Costs
i. Providing New Access Generally
For SDRs, providing swap data access to so many potential ADRs and
AFRs may be expensive. For example, SDRs may be forced to purchase new
servers, hire new system administrators to oversee the new swap data/
system usage and troubleshoot related problems that may arise.
Maintaining new records pursuant to new recordkeeping requirements also
could require more resources. The requirement for an SDR not to provide
swap data to an ADR or AFR unless the SDR has determined that the swap
data is within the then-current scope of the ADR's or AFR's
jurisdiction, as described in the appendix to the confidentiality
arrangement required by Sec. 49.18(a), may cause SDRs to elect to
create new methods for parsing swap data to comply with the requirement
to so limit swap data access. Further, if the SDRs send data to ADRs
and AFRs, then they will incur costs to transmit the data. These costs
include the cost of expanding their capacity to disseminate data as
well as the cost to parse existing data to verify that it is within the
then-current scope of the ADR's or AFR's jurisdiction, as described in
the appendix to the confidentiality arrangement required by Sec.
49.18(a).
ii. Providing Notice to the Commission
Current Sec. 49.17(d)(4)(i) requires SDRs to notify the Commission
of any request for access to swap data from a particular ADR or AFR.
The Commission's amendments would reduce that burden by permitting SDRs
to notify the Commission only of the first such request by each ADR or
AFR and of any request that does not comport with the scope of the
ADR's or AFR's jurisdiction, as described in the appendix to the
confidentiality arrangement required by Sec. 49.18(a). The obligation
to notify the Commission of various other actions also will increase
SDRs' costs, although to the extent that such notice obligations are
not triggered, such cost increases would be tempered accordingly.
Nevertheless, SDRs presumably would need to incur some costs to develop
policies and procedures, and build out systems, to monitor potential
events that would trigger the new notice requirements.
iii. Verifying That a Swap Data Request Is Within an ADR's/AFR's Scope
of Jurisdiction
Other SDR costs will include those related to SDRs determining that
each access request by an ADR or AFR is within the scope of the ADR's
or AFR's
[[Page 27434]]
jurisdiction, as required by Sec. 49.17(d)(4)(iii). This will require
SDRs to expend resources to ensure that they do not improperly disclose
swap data to an ADR or AFR. However, the Commission believes these
costs will be mitigated substantially in at least two ways. First,
Sec. 49.17(d)(4)(iv) provides that an SDR must make the scope of
jurisdiction determination only once with respect to a recurring swap
data request, thus ensuring no duplication of effort.\141\ Second,
Sec. 49.17(d)(4)(iii) provides that the only source an SDR must
consult in determining an ADR's or AFR's scope of jurisdiction is the
appendix to the confidentiality arrangement required by Sec. 49.18(a).
To the extent ADRs and AFRs provide lists of LEIs, and possibly also
UPIs of swaps, within the scope of ADRs' and AFRs' jurisdiction, which
the Commission continues to expect that they will, this would limit the
resources SDRs must expend to verify whether swap data access requests
are within the scope of an ADR's or AFR's jurisdiction.\142\ No legal
analysis would be required on an SDR's part, greatly reducing potential
costs. SDRs' costs would come from ensuring that the access they
provide ADRs and AFRs to swap data via SDRs' systems is no greater than
or less than the swap data to which ADRs and AFRs are entitled based on
the scope of the ADRs' or AFRs' jurisdiction, as described in the
appendix to the confidentiality agreement required by Sec. 49.18(a).
---------------------------------------------------------------------------
\141\ However, if the request changes, each affected SDR must
make a new determination. The Commission believes this is
unavoidable due to requirement in CEA section 21(c)(7) that swap
data be provided by SDRs to ADRs and AFRs on a confidential basis
pursuant to section 8, and that any related costs flow from this
statutory requirement.
\142\ This assumes that ADRs and AFRs choose to develop such
lists, which the Commission continues to anticipate that they would.
---------------------------------------------------------------------------
The Commission believes that the use of LEIs, and potentially UPIs,
to effectively determine which SDR swap data should be provided to
ADRs/AFRs is a reasonable option, although it has some relatively minor
drawbacks unrelated to the amendments in this final rule (e.g., some
blank or incorrect data entries remain in LEI fields, LEIs are masked
in a number of cases to reflect certain other jurisdictions' privacy
law limits on disclosure, and the Commission has yet to designate a UPI
and product classification system, and SDRs each have developed their
own separate pre-UPI product identifiers in the interim). Despite those
drawbacks, the Commission believes LEIs and pre-UPI product identifiers
may be useful in describing ADRs' and AFRs' scopes of
jurisdiction.\143\
---------------------------------------------------------------------------
\143\ In addition, if the scope of an ADR's or AFR's
jurisdiction supports receiving all swap data with respect to
entities over which an ADR or AFR exercises oversight, the ADR or
AFR may not need to use product identifiers at all--it may be able
to use LEIs alone to describe the scope of its jurisdiction.
---------------------------------------------------------------------------
The Commission acknowledges that lists of LEIs of ADRs' and AFRs'
regulated entities and lists of UPIs or other product identifiers of
swaps within ADRs' and AFRs' jurisdiction may have to be updated from
time to time as regulated entities move in and out of ADRs' and AFRs'
jurisdiction, ADRs' and AFRs' jurisdiction expands or contracts, swaps
evolve, and new types of swaps are introduced. In these cases, for
example, an ADR or AFR likely would have to modify periodically the
list of LEIs and UPIs or product identifiers it gives to SDRs, imposing
some costs on SDRs as they incorporate such changes (and imposing some
costs on ADRs and AFRs to monitor their LEI and UPI or product
identifier lists and update SDRs and the Commission periodically
regarding any changes).
The Commission continues to believe that the rule would further
mitigate the costs to SDRs by permitting them to verify that a data
access request falls within the scope of an ADR's or AFR's jurisdiction
just once for a recurring request the details of which do not change.
SDRs might incur additional costs, however, if the scope of an ADR's or
AFR's jurisdiction, or other factors discussed in the prior paragraph,
change. Such additional costs include some fraction of the costs,
discussed above, of verifying that an ADR's or AFR's swap data access
request falls within the scope of the ADR's or AFR's jurisdiction.
Additionally, ADRs and AFRs would incur some costs to notify the
Commission of changes in jurisdiction.
iv. Means of Access
The Commission is not requiring SDRs to use a particular means of
providing access to swap data to ADRs and AFRs. The Commission is not
specifying a means of access because the Commission has allowed SDRs to
build their systems as they saw fit and does not want to impose undue
costs by requiring SDRs to all grant access via a specific means, which
could impose greater costs on certain SDRs based on how they chose to
build their systems.
The Commission notes that SDRs already provide the Commission and
the National Futures Association (``NFA'') with swap data access. Given
that SDRs have already incurred many fixed costs in granting access to
the Commission and NFA, in providing ADRs and AFRs access, the SDRs may
benefit from economies of scale, reducing SDRs' costs. The rule would
also mitigate SDRs' costs by permitting them to choose the means by
which they will provide access to swap data to ADRs and AFRs. The
Commission expects that SDRs would choose the lowest cost means of
access consistent with their statutory obligation to provide ADRs and
AFRs access to swap data and other constraints. The Commission
continues to believe that it cannot forecast what these costs are
because they depend on particulars of each SDR that the Commission
still does not know. Further, the Commission anticipates that many of
these particulars will change over time as various parties adapt to
technological changes. However, the Commission has estimated costs
where it can, based in part on comments it received in the SDR Letter,
as discussed below.
v. Recordkeeping
The Commission is amending current Sec. 49.17(d)(4)(i) to require
SDRs to maintain records of the details of the initial, and all
subsequent, requests for access to swap data from an ADR or AFR. Each
SDR would have to maintain this information for the same period
required for other SDR records. The Commission anticipates that such
costs will be relatively small and anticipates using such data to, for
example, monitor ADRs' and AFRs' access requests from time to time to
ensure that they remain within the scope of their jurisdiction and,
relatedly, to ensure that SDRs have been monitoring this access issue.
4. Response to Comments
The Commission requested comments on all aspects of the NPRM and
further requested that commenters provide any data or other information
that would be useful in the estimation of the quantifiable costs and
benefits of this rulemaking. The Commission received substantive
comments from the SDR Commenters on the Commission's PRA burden hour
estimates provided in the NPRM. Those comments are incorporated in the
Commission's cost estimates for the burdens on SDRs, ADRs, and AFRs.
The Commission is requiring, in Sec. 49.17(d)(4)(iii), that an SDR
not provide an ADR or AFR access to swap data, unless the SDR has
determined that the swap data is within the then-current scope of the
ADR's or AFR's jurisdiction, as described in the appendix to the
confidentiality
[[Page 27435]]
arrangement required by Sec. 49.18(a). The Commission received one
comment estimating the burden on SDRs associated with setting up access
restrictions to match an ADR's or AFR's described scope of
jurisdiction.\144\ In the SDR Letter, CME estimated the initial setup
cost to be between 400 and 950 hours for all ADRs and AFRs in the
aggregate. The Commission believes it is reasonable to accept CME's
estimate of 950 hours, as CME is an SDR and, as such, is familiar with
the costs required for setting up such access restrictions.
Consequently, for PRA and CBC purposes, the Commission estimates that
SDRs would incur a total burden of 3,800 hours (i.e., the product of
950 hours of time and four SDRs) associated with setting up SDR swap
data access for all ADRs and AFRs. The Commission monetizes these
burden hours at an hourly wage rate of $329 \145\ yielding a cost of
approximately $1,250,200.
---------------------------------------------------------------------------
\144\ See SDR Letter at 5, n.10.
\145\ The hourly wage rate used to estimate the costs associated
with these requirements is $329, which is a weighted average of
salaries and bonuses across different professions from the SIFMA
Report on Management & Professional Earnings in the Securities
Industry 2013, modified to account for an 1800-hour work-year and
multiplied by 5.35 to account for overhead and other benefits. The
Commission-estimated appropriate wage rate is a weighted national
average of salary and bonuses for professionals with the following
titles (and their relative weight): ``programmer (senior)'' (10%
weight); ``programmer'' (30%); ``compliance advisor (intermediate)''
(20%); ``compliance attorney'' (30%), and ``assistant/associate
general counsel'' (10%).
---------------------------------------------------------------------------
As noted in the PRA discussion above, the Commission estimates that
each SDR would incur an annual burden of 480 hours associated with the
requirement to maintain records of the details of the initial and all
subsequent requests for data from an ADR or AFR, for a total of 1,920
hours annually (i.e., the product of four SDRs and 480 hours). The
Commission received one comment related to setup costs associated with
its proposed recordkeeping requirements.\146\ The SDR Letter provided
estimates for recordkeeping setup costs. CME subsequently provided
updated estimates of the setup costs, which CME now estimates would be
approximately 1,100-1,440 hours. The Commission believes it is
reasonable to accept CME's estimate of 1,440 hours, as CME is an SDR
and, as such, is familiar with the setup costs associated with SDR
recordkeeping requirements. Therefore, the Commission estimates that
initially each SDR may incur a burden of 1,440 hours associated with
these recordkeeping requirements, for a total of 5,760 hours (i.e., the
product of four SDRs and 1,440 hours). The Commission monetizes these
burden hours by using a wage rate of $329 yielding a cost of
$1,895,040. However, as discussed in this release, the recordkeeping
requirements adopted herein may result in lower costs to the SDRs than
estimated here, as the Commission is not requiring SDRs to keep records
of all data reports provided in response to data requests, as it had
proposed in the NPRM.
---------------------------------------------------------------------------
\146\ See SDR Letter at 7, n.15.
---------------------------------------------------------------------------
5. Alternatives Considered
As one alternative to comprehensive swap data safeguards, the
Commission instead could have chosen to merely delete the
indemnification references in its regulations. While that approach
could have avoided imposing on ADRs, AFRs, and SDRs many of the costs
related to protection of confidentiality discussed herein, it would
have dramatically increased the risk of imposing on market participants
and the public the costs discussed above in the first paragraph of
section IV.C.4. and below in section IV.C.7.a.-c., which the Commission
continues to believe is inconsistent with the historical importance
Congress and the Commission have placed on protecting information
covered by CEA section 8. Consequently, the Commission has determined
to take the selected approach.
The Commission also considered and rejected the idea of specifying
a means of ADRs and AFRs accessing swap data. The Commission rejected
this as being too prescriptive, given that the Commission previously
permitted SDRs the discretion to build their systems as they saw fit
and for the other reasons discussed above in the means of access
discussion.
The Commission also considered prohibiting SDRs from continuing to
provide ADRs and AFRs swap data access during the period commencing
with a contraction in an ADR's or AFR's scope of jurisdiction and
considered reducing the time SDRs are permitted to update their systems
to reflect the new jurisdiction. While the Commission retains the
authority to do so, as stated above, it expects ADRs and AFRs will
notify the Commission upon learning of a potential jurisdictional
restriction. The Commission expects that, with such advance notice,
SDRs can be more prepared to adjust their systems accordingly shortly
after an ADR's or AFR's jurisdiction is limited. The Commission prefers
to retain the discretion to address these situations, which it expects
to be rare, case-by-case.
6. Consideration of CEA Section 15(a) Factors
CEA section 15(a) requires the Commission to consider the costs and
benefits of its actions before promulgating a regulation under the CEA
or issuing certain orders. CEA section 15(a) further specifies that the
costs and benefits shall be evaluated in light of the following five
broad areas of market and public concern: (1) Protection of market
participants and the public; (2) efficiency, competitiveness, and
financial integrity of futures markets; (3) price discovery; (4) sound
risk management practices; and (5) other public interest
considerations. The Commission considers the costs and benefits
resulting from its discretionary determinations with respect to the CEA
section 15(a) factors.
a. Protection of Market Participants and the Public
The Commission believes that the final rules will equip ADRs and
AFRs to better understand the risks that are undertaken by their
regulated entities, and thus be better positioned to take appropriate
action as needed, because they will be able to better understand their
regulatees' swap transactions by virtue of having access to SDR swap
data.
The Commission is adopting a number of safeguards to prevent market
participants' swap data maintained at SDRs from being misappropriated
or misused as a result of ADR and AFR access to such swap data. The
safeguards include: Modifying the requirements for being an AFR; a
requirement that the Commission issue a Determination Order for
unenumerated authorities to obtain SDR swap data access; requiring
authorities applying for a Determination Order to demonstrate that they
are acting within the scope of their jurisdiction in seeking access to
SDR swap data; imposing on ADRs and AFRs seeking access to swap data
maintained by SDRs a number of required confidentiality safeguards;
barring onward sharing of swap data; imposing on SDRs certain
recordkeeping and reporting requirements; and ensuring the Commission's
ability to revoke an ADR's or AFR's swap data access.
b. Efficiency, Competitiveness, and Financial Integrity of Futures
Markets
The Commission continues to believe that there will be little
effect on efficiency, competiveness, and financial integrity of futures
markets if swap data is properly protected from being
[[Page 27436]]
misappropriated or misused. While the Commission believes that the
final rules adopted herein will properly protect swap data from being
misappropriated or misused, the possibility of such misconduct cannot
be eliminated entirely. If such misappropriation or misuse occurs, the
efficiency and competitiveness of markets might be affected.
c. Price Discovery
The Commission continues to believe that price discovery would not
be affected by this rulemaking, provided that swap data is properly
protected. However, the Commission notes that there might be some
indirect effects on price discovery if the swap data protection
safeguards in this rulemaking are ineffective. If such protections
prove ineffective, market participants may be less willing to execute
swaps, as their identities, strategies, and/or positions may be
revealed. Ineffective data safeguards might harm price discovery if
bid/ask spread widens as a result. If so, observed prices might become
more volatile because they would oscillate between a wider bid/ask
spread.
d. Sound Risk Management Practices
Access to SDR swap data will help ADRs and AFRs to better
understand the risks posed by their regulated entities. With access to
such swap data, ADRs and AFRs can more comprehensively supervise
entities that engage in swap trading and better understand their
exposure to losses. Allowing more ADRs and AFRs to access SDR swap data
may improve SDR data, too. This improvement might occur by facilitating
research and analysis that ultimately leads to better risk management
by market participants. This can occur through ADR/AFR research
directed at improving the risk management techniques through, for
instance, better metrics, instruments, and hedging techniques. Further,
swaps data reporting may also be improved by ADRs and AFRs asserting
their authority over their regulated entities to encourage or compel
them to improve their swap data reporting and risk management.
e. Other Public Interest Considerations
The Commission finds that the ministerial changes to Sec.
49.17(d)(1) discussed above in section II.G.2. may benefit ADRs, AFRs
and those persons seeking to become ADRs and AFRs by providing, in one
place, a brief overview of all of the requirements applicable to such
persons obtaining access to SDR swap data and the circumstances in
which such requirements are not applicable.
The Commission also finds that the ministerial changes that it is
adopting to the bracketed text at the end of Appendix B to part 49
(describing Exhibit A to the Confidentiality Arrangement Form), drawn
from section II.D.2.c.i. of the preamble, may benefit ADRs and AFRs by
also including in part 49 of the Commission regulations the
instructions and guidance provided in the preamble as to how to
describe their scopes of jurisdiction in practical terms SDRs can
implement. As with the Commission's ministerial changes to Sec.
49.17(d)(1), such simplification should make obtaining SDR swap data
modestly less burdensome and costly for ADRs and AFRs by reducing their
staff time needed to go through the process.
The Commission is also making changes to Sec. Sec. 49.17(d)(6) and
49.18(a) to promote the use of the Confidentiality Arrangement Form set
forth in Appendix B, providing that the ability of an ADR or AFR to
execute a confidentiality arrangement that is not in the form set forth
in Appendix B to this part 49 is at the discretion of the Commission.
To the extent that this clarification results in more ADRs and AFRs
executing the Confidentiality Arrangement Form, the Commission expects
that this could result in modest savings for ADRs and AFRs. The
Commission also expects that using the Confidentiality Arrangement Form
will save staff time in the negotiation and execution of alternative
arrangements.
Other than the foregoing, the Commission has not found any other
public interest considerations to be implicated by this rulemaking.
D. Antitrust Considerations
CEA section 15(b) requires the Commission to take into
consideration the public interest to be protected by the antitrust laws
and endeavor to take the least anticompetitive means of achieving the
objectives of the CEA, in issuing any order or adopting any Commission
rule or regulation.
The Commission does not anticipate that the amendments to part 49
that it is adopting today will result in anticompetitive behavior
because, among other things, the Commission is allowing SDRs to
determine which means of access they will use to provide ADRs and AFRs
swap data access (thus, allowing SDRs to ``compete'' on that basis).
However, in the NPRM the Commission encouraged comments from the public
on any aspect of the proposal that may have had the potential to be
inconsistent with the antitrust laws or be anticompetitive in nature.
The Commission received no antitrust-related comments.
Consequently, the Commission continues to not anticipate that the
amendments to part 49 that it is adopting today will result in
anticompetitive behavior.
List of Subjects in 17 CFR Part 49
Swap data repositories; Registration and regulatory requirements;
Access to swap data; Confidentiality; Commodity Exchange Act section 8.
For the reasons stated in the preamble, the Commodity Futures
Trading Commission amends 17 CFR part 49 as set forth below:
PART 49--SWAP DATA REPOSITORIES
0
1. The authority citation for part 49 is revised to read as follows:
Authority: 7 U.S.C. 12a, and 24a, unless otherwise noted.
0
2. In Sec. 49.2, revise paragraph (a)(5) to read as follows:
Sec. 49.2 Definitions.
(a) * * *
(5) Foreign Regulator. The term ``foreign regulator'' means a
foreign futures authority as defined in Section 1a(26) of the Act,
foreign financial supervisors, foreign central banks, foreign
ministries and other foreign authorities.
* * * * *
0
3. In Sec. 49.9, revise paragraph (a)(9) to read as follows:
Sec. 49.9 Duties of registered swap data repositories.
(a) * * *
(9) Upon request of Appropriate Domestic Regulators and Appropriate
Foreign Regulators, provide access to swap data held and maintained by
the swap data repository, as prescribed in Sec. 49.17;
* * * * *
0
4. In Sec. 49.17:
0
a. Revise paragraphs (a), (b)(1)(vii), (b)(2), and (c)(2);
0
b. Revise the first sentence of paragraph (c)(2) and the first sentence
of paragraph (c)(3);
0
c. Revise paragraphs (d)(1) through (3), (d)(4)(i) through (iv), and
(d)(5) and (6), (e) and (f); and
0
d. Add paragraphs (h) and (i).
The revisions and addtions read as follows:
Sec. 49.17 Access to SDR data.
(a) Purpose. This section provides a procedure by which the
Commission,
[[Page 27437]]
other domestic regulators and foreign regulators may obtain access to
the swap data held and maintained by registered swap data repositories.
Except as specifically set forth in this section, the Commission's
duties and obligations regarding the confidentiality of business
transactions or market positions of any person and trade secrets or
names of customers identified in Section 8 of the Act are not affected.
(b) * * *
(1) * * *
(vii) Any other person the Commission determines to be appropriate
pursuant to the process set forth in paragraph (h) of this section.
(2) Appropriate Foreign Regulator. The term ``Appropriate Foreign
Regulator'' shall mean those Foreign Regulators the Commission
determines to be appropriate pursuant to the process set forth in
paragraph (h) of this section.
* * * * *
(c) * * *
(2) Monitoring tools. A registered swap data repository is required
to provide the Commission with proper tools for the monitoring,
screening and analyzing of swap data, including, but not limited to,
Web-based services, services that provide automated transfer of data to
Commission systems, various software and access to the staff of the
swap data repository and/or third-party service providers or agents
familiar with the operations of the registered swap data repository,
which can provide assistance to the Commission regarding data structure
and content. * * *
(3) Authorized users. The swap data provided to the Commission by a
registered swap data repository shall be accessible only by authorized
users. * * *
(d) Other Regulators--(1) General Procedure for Gaining Access to
Registered Swap Data Repository Data. Except as set forth in paragraph
(d)(2) or (3) of this section--
(i) A person who is not an Appropriate Domestic Regulator or an
Appropriate Foreign Regulator and who seeks to gain access to the swap
data maintained by a swap data repository is required to first become
an Appropriate Domestic Regulator or Appropriate Foreign Regulator
through the process set forth in paragraph (h) of this section, and
(ii) Appropriate Domestic Regulators and Appropriate Foreign
Regulators seeking to gain access to the swap data maintained by a swap
data repository are required to apply for access by filing a request
for access with the registered swap data repository and certifying that
it is acting within the scope of its jurisdiction, comply with
paragraph (d)(6) of this section prior to receiving such access and, if
applicable after receiving such access, comply with the notification
requirement in paragraph (d)(4)(iii) of this section applicable to
Appropriate Domestic Regulators and Appropriate Foreign Regulators.
(2) Domestic regulator with regulatory responsibility over a swap
data repository. When a swap data repository that is registered with
the Commission pursuant to this chapter is also registered with a
domestic regulator pursuant to a separate statutory authority, and such
domestic regulator seeks access to swap data that has been reported to
such swap data repository pursuant to the domestic regulator's
regulatory regime, such access is not subject to the requirements of
sections 21(c)(7) or 21(d) of the Act, this paragraph (d) or Sec.
49.18.
(3) Foreign Regulator with regulatory responsibility over a swap
data repository. When a swap data repository that is registered with
the Commission pursuant to this chapter is also registered with, or
recognized or otherwise authorized by, a Foreign Regulator that has
supervisory authority over such swap data repository pursuant to
foreign law and/or regulation, and such Foreign Regulator seeks access
to swap data that has been reported to such swap data repository
pursuant to the Foreign Regulator's regulatory regime, such access is
not subject to the requirements of sections 21(c)(7) or 21(d) of the
Act, this paragraph (d) or Sec. 49.18.
(4) * * *
(i) A registered swap data repository shall notify the Commission
promptly after receiving an initial request from an Appropriate
Domestic Regulator or Appropriate Foreign Regulator to gain access to
swap data maintained by such swap data repository and promptly after
receiving any request that does not comport with the scope of the
Appropriate Domestic Regulator's or Appropriate Foreign Regulator's
jurisdiction, as described and appended to the confidentiality
arrangement required by Sec. 49.18(a). Each registered swap data
repository shall maintain records thereafter, pursuant to Sec. 49.12,
of the details of such initial request and of all subsequent requests
by such Appropriate Domestic Regulator or Appropriate Foreign Regulator
for such access.
(ii) The registered swap data repository shall notify the
Commission electronically, in a format specified by the Secretary of
the Commission, of the receipt of a request specified in paragraph
(d)(4)(i) of this section.
(iii) The registered swap data repository shall not provide an
Appropriate Domestic Regulator or Appropriate Foreign Regulator access
to swap data maintained by the swap data repository unless the swap
data repository has determined that the swap data to which the
Appropriate Domestic Regulator or Appropriate Foreign Regulator seeks
access is within the then-current scope of such Appropriate Domestic
Regulator's or Appropriate Foreign Regulator's jurisdiction, as
described and appended to the confidentiality arrangement required by
Sec. 49.18(a). An Appropriate Domestic Regulator or Appropriate
Foreign Regulator that has executed a confidentiality arrangement with
the Commission pursuant to Sec. 49.18(a) and provided such
confidentiality arrangement to one or more swap data repositories shall
notify the Commission and each such swap data repository of any change
to such Appropriate Domestic Regulator's or Appropriate Foreign
Regulator's scope of jurisdiction as described in such confidentiality
arrangement. The Commission may direct a swap data repository to
suspend, limit, or revoke access to swap data maintained by such swap
data repository based on any such change to such Appropriate Domestic
Regulator's or Appropriate Foreign Regulator's scope of jurisdiction,
and, if so directed in writing, such swap data repository shall so
suspend, limit, or revoke such access.
(iv) The registered swap data repository need not make the
determination required pursuant to paragraph (d)(4)(iii) of this
section more than once with respect to a recurring swap data request.
If such request changes, the swap data repository must make a new
determination pursuant to paragraph (d)(4)(iii) of this section.
(5) Timing; Limitation, Suspension or Revocation of Swap Data
Access. Once a registered swap data repository has--
(i) Notified the Commission, pursuant to paragraphs (d)(4)(i) and
(ii) of this section, of an initial request for swap data access by an
Appropriate Domestic Regulator or Appropriate Foreign Regulator, as
applicable, that was submitted pursuant to paragraph (d)(1) of this
section,
(ii) Received from such Appropriate Domestic Regulator or
Appropriate Foreign Regulator a confidentiality arrangement executed by
the Commission and such Appropriate Domestic Regulator or Appropriate
Foreign Regulator as required by Sec. 49.18(a), and
[[Page 27438]]
(iii) Satisfied its obligations under paragraph (d)(4)(iii) of this
section, such swap data repository shall provide access to the
requested swap data; provided, however, that such swap data repository
shall, if directed by the Commission in writing, limit, suspend or
revoke such access should the Commission limit, suspend or revoke the
appropriateness determination for such Appropriate Domestic Regulator
or Appropriate Foreign Regulator or otherwise direct the swap data
repository, in writing, to limit, suspend or revoke such access.
(6) Confidentiality Arrangement. Consistent with Sec. 49.18(a),
the Appropriate Domestic Regulator or Appropriate Foreign Regulator
shall, prior to receiving access to any requested swap data, execute
the form of confidentiality arrangement set out in Appendix B of this
part with the Commission; provided, however, that the Commission may,
in its discretion, agree to execute a confidentiality arrangement with
an Appropriate Domestic Regulator or Appropriate Foreign Regulator that
is not in the form set forth in Appendix B of this part, if the
confidentiality arrangement is consistent with the requirements set
forth in Sec. 49.18(b).
(e) Third-party service providers to a registered swap data
repository. Access to the swap data and SDR Information maintained by a
registered swap data repository may be necessary for certain third
parties that provide various technology and data-related services to a
registered swap data repository. Third-party access to the swap data
and SDR Information maintained by a swap data repository is permissible
subject to the following conditions:
(1) Both the registered swap data repository and the third party
service provider shall have strict confidentiality procedures that
protect swap data and SDR Information from improper disclosure.
(2) Prior to a registered swap data repository granting access to
swap data or SDR Information to a third-party service provider, the
third-party service provider and the registered swap data repository
shall execute a confidentiality agreement setting forth minimum
confidentiality procedures and permissible uses of the swap data and
SDR Information maintained by the swap data repository that are
equivalent to the privacy procedures for swap data repositories
outlined in Sec. 49.16.
(f) Access by market participants--(1) General. Access by market
participants to swap data maintained by the registered swap data
repository is prohibited other than as set forth in paragraph (f)(2) of
this section.
(2) Exception. Swap data and information related to a particular
swap that is maintained by the registered swap data repository may be
accessed by either counterparty to that particular swap. However, the
swap data and information maintained by the registered swap data
repository that may be accessed by either counterparty to a particular
swap shall not include the identity or the legal entity identifier (as
such term is used in part 45 of this chapter) of the other counterparty
to the swap, or the other counterparty's clearing member for the swap,
if the swap is executed anonymously on a swap execution facility or
designated contract market, and cleared in accordance with Commission
regulations in Sec. Sec. 1.74, 23.610, and 37.12(b)(7) of this
chapter.
* * * * *
(h) Appropriateness determination process. (1) Each person seeking
an appropriateness determination pursuant to this paragraph shall file
an application with the Commission.
(2) Each applicant seeking an appropriateness determination shall
provide sufficient detail in its application to permit the Commission
to analyze whether the applicant is acting within the scope of its
jurisdiction in seeking access to swap data maintained by a registered
swap data repository, and whether the applicant employs appropriate
confidentiality safeguards to ensure that any swap data such applicant
receives from a registered swap data repository will not, except as
allowed for in the form of confidentiality arrangement set forth in
Appendix B to this part 49, be disclosed.
(3) If the Commission determines that an applicant pursuant to this
paragraph is, conditionally or unconditionally, appropriate for
purposes of CEA section 21(c)(7), the Commission shall issue an order
setting forth its appropriateness determination. The Commission shall
not determine that an applicant pursuant to this paragraph is
appropriate unless the Commission is satisfied that--
(i) The applicant employs appropriate confidentiality safeguards to
ensure that any swap data such applicant receives from a registered
swap data repository will not be disclosed, except as allowed for in
the form of confidentiality arrangement set forth in Appendix B to this
part 49 or, in the Commission's discretion as set forth in paragraph
(d)(6) of this section, in a different form, provided that such
confidentiality arrangement contains the elements required in Sec.
49.18(b), and
(ii) Such applicant is acting within the scope of its jurisdiction
in seeking access to swap data from a registered swap data repository.
(4) The Commission reserves the right, in connection with any
appropriateness determination with respect to an Appropriate Domestic
Regulator or Appropriate Foreign Regulator, to revisit, reassess,
limit, suspend or revoke such determination consistent with the Act.
(i) Delegation of Authority Relating to Certain matters in this
section. (1) The Commission hereby delegates, until such time as the
Commission orders otherwise, the following functions to the Director of
the Division of Market Oversight and to such members of the
Commission's staff acting under his or her direction as he or she may
designate from time to time: All functions reserved to the Commission
in this section.
(2) The Director of the Division of Market Oversight may submit any
matter which has been delegated under paragraph (i)(1) of this section
to the Commission for its consideration.
(3) Nothing in this section may prohibit the Commission, at its
election, from exercising the authority delegated under paragraph
(i)(1) of this section.
0
5. Revise Sec. 49.18 to read as follows:
Sec. 49.18 Confidentiality arrangement.
(a) Confidentiality arrangement required prior to disclosure of
swap data by a registered swap data repository to an Appropriate
Domestic Regulator or Appropriate Foreign Regulator. Prior to a
registered swap data repository providing access to swap data to any
Appropriate Domestic Regulator or Appropriate Foreign Regulator, each
as defined in Sec. 49.17(b), the swap data repository shall receive
from such Appropriate Domestic Regulator or Appropriate Foreign
Regulator, pursuant to Section 21(d) of the Act, an executed
confidentiality arrangement between the Commission and the Appropriate
Domestic Regulator or Appropriate Foreign Regulator, as applicable, in
the form set forth in Appendix B to this part 49 or, in the
Commission's discretion as set forth in Sec. 49.17(d)(6), in a
different form, provided that such confidentiality arrangement contains
the elements required in paragraph (b) of this section. Such
confidentiality arrangement must include, either as Exhibit A to the
form set forth in Appendix B of this part or similarly appended, a
description of the Appropriate Domestic Regulator's or
[[Page 27439]]
Appropriate Foreign Regulator's jurisdiction. Once a registered swap
data repository is notified, in writing, that a confidentiality
arrangement received from an Appropriate Domestic Regulator or
Appropriate Foreign Regulator no longer is in effect, the swap data
repository shall not provide access to swap data to such Appropriate
Domestic Regulator or Appropriate Foreign Regulator.
(b) Elements of confidentiality arrangement. The confidentiality
arrangement required pursuant to paragraph (a) of this section shall,
at a minimum, include all elements included in the form of
confidentiality arrangement set forth in appendix B of this part.
(c) Reporting failures to fulfill the terms of a confidentiality
arrangement. A registered swap data repository shall immediately report
to the Commission any known failure to fulfill the terms of a
confidentiality arrangement that it receives pursuant to paragraph (a)
of this section.
(d) Failures to fulfill the terms of the confidentiality
arrangement. The Commission may, if an Appropriate Domestic Regulator
or Appropriate Foreign Regulator fails to fulfill the terms of a
confidentiality arrangement described in paragraph (a) of this section,
direct, in writing, each registered swap data repository to limit,
suspend or revoke such Appropriate Domestic Regulator's or Appropriate
Foreign Regulator's access to swap data held by such swap data
repository.
(e) Delegation of authority relating to certain matters in this
section. (1) The Commission hereby delegates, until such time as the
Commission orders otherwise, the following functions to the Director of
the Division of Market Oversight and to such members of the
Commission's staff acting under his or her direction as he or she may
designate from time to time: All functions reserved to the Commission
in this section.
(2) The Director of the Division of Market Oversight may submit any
matter which has been delegated under paragraph (e)(1) of this section
to the Commission for its consideration.
(3) Nothing in this section may prohibit the Commission, at its
election, from exercising the authority delegated under paragraph
(e)(1) of this section.
0
6. In Sec. 49.22, revise paragraph (d)(4) to read as follows:
Sec. 49.22 Chief compliance officer.
* * * * *
(d) * * *
(4) Taking reasonable steps to ensure compliance with the Act and
Commission regulations relating to agreements, contracts, or
transactions, and with Commission regulations under Section 21 of the
Act, including confidentiality arrangements received by the chief
compliance officer's registered swap depository pursuant to Sec.
49.18(a);
* * * * *
0
7. Add appendix B to part 49 to read as follows:
Appendix B to Part 49--Confidentiality Arrangement for Appropriate
Domestic Regulators and Appropriate Foreign Regulators To Obtain Access
To Swap Data Maintained by Registered Swap Data Respositories Pursuant
to Sec. Sec. 49.17(d)(6) and 49.18(a)
[GRAPHIC] [TIFF OMITTED] TR12JN18.000
The U.S. Commodity Futures Trading Commission (``CFTC'') and the
[name of foreign/domestic regulator (``ABC'')] (each an
``Authority'' and collectively the ``Authorities'') have entered
into this Confidentiality Arrangement (``Arrangement'') in
connection with [whichever is applicable] [CFTC Regulation
49.17(b)(1)[(i)-(vi)]/the determination order issued by the CFTC to
[ABC] (``Order'')] and any request for swap data by [ABC] to any
swap data repository (``SDR'') registered with the CFTC.
Article One: General Provisions
1. ABC is permitted to request and receive swap data directly
from a registered SDR (``Swap Data'') on the terms and subject to
the conditions of this Arrangement.
2. This Arrangement is entered into to fulfill the requirements
under Section 21(d) of the Commodity Exchange Act (``Act'') and CFTC
Regulation 49.18. Upon receipt by a registered SDR, this Arrangement
will satisfy the requirement for a written agreement pursuant to
Section 21(d) of the Act and CFTC Regulation 49.17(d)(6). This
Arrangement does not apply to information that is [reported to a
registered SDR pursuant to [ABC]'s regulatory regime where the SDR
also is registered with [ABC] pursuant to separate statutory
authority, even if such information also is reported pursuant to the
Act and CFTC regulations][reported to a registered SDR pursuant to
[ABC]'s regulatory regime where the SDR also is registered with, or
recognized or otherwise authorized by, [ABC], which has supervisory
authority over the repository pursuant to foreign law and/or
regulation, even if such information also is reported pursuant to
the Act and CFTC regulations.] \1\
---------------------------------------------------------------------------
\1\ The first bracketed phrase will be used for ADRs; the second
will be used for AFRs. The inapplicable phrase will be deleted.
---------------------------------------------------------------------------
3. This Arrangement is not intended to limit or condition the
discretion of an Authority in any way in the discharge of its
regulatory responsibilities or to prejudice the individual
responsibilities or autonomy of any Authority.
4. This Arrangement does not alter the terms and conditions of
any existing arrangements.
Article Two: Confidentiality of Swap Data
5. ABC will be acting within the scope of its jurisdiction in
requesting Swap Data and employs procedures to maintain the
confidentiality of Swap Data and any information and analyses
derived therefrom (collectively, the ``Confidential Information'').
ABC undertakes to notify the CFTC and each relevant SDR promptly of
any change to ABC's scope of jurisdiction.
6. ABC undertakes to treat Confidential Information as
confidential and will employ safeguards that:
a. To the maximum extent practicable, identify the Confidential
Information and maintain it separately from other data and
information;
b. Protect the Confidential Information from misappropriation
and misuse;
c. Ensure that only authorized ABC personnel with a need to
access particular Confidential Information to perform their job
[[Page 27440]]
functions related to such Confidential Information have access
thereto, and that such access is permitted only to the extent
necessary to perform their job functions related to such particular
Confidential Information;
d. Prevent the disclosure of aggregated Confidential
Information; provided, however, that ABC is permitted to disclose
any sufficiently aggregated Confidential Information that is
anonymized to prevent identification, through disaggregation or
otherwise, of a market participant's business transactions, trade
data, market positions, customers or counterparties;
e. Prohibit use of the Confidential Information by ABC personnel
for any improper purpose, including in connection with trading for
their personal benefit or for the benefit of others or with respect
to any commercial or business purpose; and
f. Include a process for monitoring compliance with the
confidentiality safeguards described herein and for promptly
notifying the CFTC, and each SDR from which ABC has received Swap
Data, of any violation of such safeguards or failure to fulfill the
terms of this Arrangement.
7. Except as provided in Paragraphs 6.d. and 8, ABC will not
onward share or otherwise disclose any Confidential Information.
8. ABC undertakes that:
a. If a department, central bank, or agency of the Government of
the United States, it will not disclose Confidential Information
except in an action or proceeding under the laws of the United
States to which it, the CFTC, or the United States is a party;
b. If a department or agency of a State or political subdivision
thereof, it will not disclose Confidential Information except in
connection with an adjudicatory action or proceeding brought under
the Act or the laws of [name of either the State or the State and
political subdivision] to which it is a party; or
c. If a foreign futures authority or a department, central bank,
ministry, or agency of a foreign government or subdivision thereof,
or any other Foreign Regulator, as defined in Commission Regulation
49.2(a)(5), it will not disclose Confidential Information except in
connection with an adjudicatory action or proceeding brought under
the laws of [name of country, political subdivision, or (if a
supranational organization) supranational lawmaking body] to which
it is a party.
9. Prior to complying with any legally enforceable demand for
Confidential Information, ABC will notify the CFTC of such demand in
writing, assert all available appropriate legal exemptions or
privileges with respect to such Confidential Information, and use
its best efforts to protect the confidentiality of the Confidential
Information.
10. ABC acknowledges that, if it does not fulfill the terms of
this Arrangement, the CFTC may direct any registered SDR to suspend
or revoke ABC's access to Swap Data.
11. ABC will comply with all applicable security-related
requirements imposed by an SDR in connection with access to Swap
Data maintained by the SDR, as such requirements may be revised from
time to time.
12. ABC will promptly destroy all Confidential Information for
which it no longer has a need or which no longer falls within the
scope of its jurisdiction, and will certify to the CFTC, upon
request, that ABC has destroyed such Confidential Information.
Article Three: Administrative Provisions
13. This Arrangement may be amended with the written consent of
the Authorities.
14. The text of this Arrangement will be executed in English,
and may be made available to the public.
15. On the date this Arrangement is signed by the Authorities,
it will become effective and may be provided to any registered SDR
that holds and maintains Swap Data that falls within the scope of
ABC's jurisdiction.
16. This Arrangement will expire 30 days after any Authority
gives written notice to the other Authority of its intention to
terminate the Arrangement. In the event of termination of this
Arrangement, Confidential Information will continue to remain
confidential and will continue to be covered by this Arrangement.
This Arrangement is executed in duplicate, this ___ day of ___.
-----------------------------------------------------------------------
[name of Chairman]
Chairman
U.S. Commodity Futures Trading Commission
-----------------------------------------------------------------------
[name of signatory]
[title]
[name of foreign/domestic regulator]
[Exhibit A: Description of Scope of Jurisdiction. If ABC is not
enumerated in Commission Regulations 49.17(b)(1)(i)-(vi), it must
attach the Determination Order received from the Commission pursuant
to Commission Regulation 49.17(h). If ABC is enumerated in
Commission Regulations 49.17(b)(1)(i)-(vi), it must attach a
sufficiently detailed description of the scope of ABC's jurisdiction
as it relates to Swap Data maintained by SDRs. In both cases, the
description of the scope of jurisdiction must include elements
allowing SDRs to establish, without undue obstacles, objective
parameters for determining whether a particular Swap Data request
falls within such scope of jurisdiction. Such elements could include
LEIs of all jurisdictional entities and could also include UPIs of
all jurisdictional products or, if no CFTC-approved UPI and product
classification system is yet available, the internal product
identifier or product description used by an SDR from which Swap
Data is to be sought.]
Issued in Washington, DC, on June 5, 2018, by the Commission.
Robert Sidman,
Deputy Secretary of the Commission.
Note: The following appendicies will not appear in the Code of
Federal Regulations.
Appendicies to Amendments to the Swap Data Access Provisions of Part 49
and Certain Other Matters--Commission Voting Summary, Chairman's
Statement, and Commissioner's Statement
Appendix 1--Commission Voting Summary
On this matter, Chairman Giancarlo and Commissioners Quintenz
and Behnam voted in the affirmative. No Commissioner voted in the
negative.
Appendix 2--Statement of Chairman J. Christopher Giancarlo
Eight years ago, Congress included in the Dodd-Frank Act a
requirement that foreign and domestic regulators indemnify SDRs and
the Commission for any expenses arising from litigation relating to
the information provided by SDRs. Foreign and domestic regulators
were unable or unwilling to provide this indemnification hindering
the ability to share swaps data. The indemnification requirement
also hindered the ability of foreign and domestic regulators to
access SDR data to assess risks their regulated entities are
assuming, and the impact of such risks on the broader markets.
I am pleased that Congress has since amended the Dodd-Frank Act
to take out the indemnification requirement. We therefore can change
our regulations accordingly, which we propose to do today.
In addition to the removal of the indemnification requirement,
the final rule adds a category of ``other regulators'' that the
Commission may deem to be appropriate to receive access to SDR swap
data.
The final rule sets out the process by which appropriateness is
determined for those entities that are not already specifically
enumerated. This process is a change to current Commission
regulations, as it would apply to any such entity, including
domestic regulators not enumerated in Commission regulations and
foreign regulators.
The statute also now requires a SDR to receive a written
agreement from each requesting entity stating that the entity shall
abide by the confidentiality requirements described in the CEA prior
to sharing information with the requesting entity. Commission
regulations currently require the SDR and the requesting regulator
to execute a confidentiality agreement, but do not provide a form or
details of such an agreement.
The final rule modifies the current Commission regulations by
providing a form of confidentiality arrangement, as Appendix B to
part 49, and by requiring the confidentiality arrangement to be
between the requesting regulator and the Commission. The Commission
expects that this will benefit SDRs in that most, if not all,
confidentiality arrangements will be exactly the same, and the
Commission will be in the place of entering into the confidentiality
agreements with regulators.
We received comments from the affected CFTC-registered SDRs on
the proposed rule that I believe that we have sufficiently
addressed. The final regulations provide
[[Page 27441]]
long-awaited clarity to the official sector regarding the CFTC's
requirements to determine access to, and safeguard the
confidentiality of, transactional information reported to SDRs.
In my experience as a Commissioner and Chairman of the CFTC, I
have found, as have other foreign and domestic regulators, that
conducting oversight of global derivatives markets can be difficult
as a result of the current fragmented financial regulatory
structure. In this regard, I expect that the final rule will enable
authorities to enhance their oversight of derivatives markets across
product and asset classes by marrying up the trading and position
data they receive from regulated entities with the data sets
obtained directly from SDRs. In so doing, I believe we have made
significant progress towards cross-border data sharing and enhancing
transparency in the global swaps market.
Because today's swaps markets are global in scope, utilizing the
data and information available in only one jurisdiction does not
provide a complete picture of cross border trading activity and
systemic risk. To that end, I expect that CFTC staff will seek to
facilitate access to SDR data for authorities with which we have a
history of regulatory assistance and that similarly seek to
facilitate CFTC access to data maintained by trade repositories in
their jurisdiction. Such data sharing represents an opportunity for
greater cooperation among market and prudential regulators, as well
as among foreign and domestic regulators, providing more effective
financial market oversight, expanding data driven policymaking, and
improving early warning systems to reduce the probability or
severity of a financial crisis.
These regulations will have a direct positive impact on the
operational readiness of the official sector, providing authorities
with critical information to make sound near-term and long-term
policy and oversight decisions.
I am particularly pleased that this rule represents a final step
in eliminating a major legal impediment to sharing swaps market data
with overseas regulators. The Dodd-Frank Act's original insistence
on an indemnification requirement may have been well-intentioned to
protect the safety of data held in SDRs, but Congress wisely
determined that any such benefit is outweighed by the greater public
interest of allowing international regulators to share and access
information to carry out the regulatory and supervisory functions
necessary to protect the global financial markets.
It is essential that policymakers in other jurisdictions make
determinations similar to these before us today concerning current
legal barriers to information sharing. Even a law, like the new EU
General Data Protection Regulation (GDPR), which has laudable
objectives, must not be applied in ways that hinder the sharing and
access of information between European and U.S. regulators for
regulatory and supervisory purposes. Such a result could have
dangerous implications for our global markets. I hope today's action
by the CFTC will encourage international regulators and policymakers
to take affirmative steps to address other existing legal barriers
to information sharing and access.
Appendix 3--Supporting Statement of Commissioner Brian D. Quintenz
I support today's final rule addressing indemnification and
amendments to the swap data access provisions of Part 49. I would
like to thank the staff in our Division of Market Oversight for
their work to amend Part 49 of the Commission's Regulations to
implement provisions of the Fixing America's Surface Transportation
Act of 2015 (Fast Act) \1\.
---------------------------------------------------------------------------
\1\ Public Law 114-94, 129 Stat 1312 (Dec. 4, 2015).
---------------------------------------------------------------------------
The Fast Act amended provisions of Title VII of the Dodd-Frank
Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank
Act) \2\ that proved unworkable. Most significantly, the Fast Act
repealed the Dodd-Frank Act's requirement that to obtain data from
swap data repositories (SDR) registered with the CFTC, domestic and
foreign authorities must indemnify the CFTC and SDRs from any claims
arising from a SDR's production of information to those authorities.
Foreign regulators unfamiliar with the U.S. tort law concept of
``indemnification'' that is inconsistent with their traditions and
legal structures, have opted against requesting any information from
SDRs. Domestic regulators have also opted against requesting
information from SDRs because of the indemnification requirement.
Removing the indemnification requirement will facilitate the sharing
of SDR information with domestic and foreign authorities and better
enable regulators in the United States and abroad to monitor risk
across the global financial system.
---------------------------------------------------------------------------
\2\ Public Law 111-203, 124 Stat 1376 (July 21, 2010).
[FR Doc. 2018-12377 Filed 6-11-18; 8:45 am]
BILLING CODE 6351-01-P
