The NFA adopted an Interpretive Notice (the "Notice") requiring commodity pool operator ("CPO") to implement an internal controls framework designed to protect customer funds and to ensure the books and records are accurate. The effective date is April 1, 2019.
As previously covered, the Interpretive Notice requires that CPOs have:
- a robust control environment, including by implementing written policies to comply with applicable NFA and CFTC requirements;
- written internal control policies that should (i) explain the firm's internal controls, (ii) subject all personnel, including senior management, to internal control procedures, (iii) include escalation procedures for reporting individuals seeking to circumvent internal control procedures and (iv) include procedures describing the circumstances in which matters should be reported to regulators;
- procedures reasonably designed to prevent individuals from being in the position to conceal errors or fraud; and
- a risk assessment to identify a CPO's most significant risks, with the implementation of controls that address those risks.
NFA emphasized the last two items above - separation of duties and risk assessment - as constituting "key components" of any internal controls system.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.