In July, the CFTC issued a Staff Advisory on Chief Compliance Officer (CCO) Reporting Lines. The letter was addressed to swap dealers, major swap participants, and future commission merchants. However, the major points of this letter ring true for any regulated entity with a CCO.
The Commodity Exchange Act (CEA) regulations regarding the role of the CCO are very similar to SEC regulations. The purpose of these requirements is to ensure the independence of the CCO from the very functions he/she oversees from a compliance perspective. An independent CCO is deemed more likely to:
- Question business line decisions
- Speak out on non-compliance issues to the board and senior management
- Have the ability to create a culture of compliance
The CFTC has seen an increase in the number of member firms inquiring about additional lines of reporting for the CCO and how multiple supervisory lines meet the independence requirements. In the letter, the CFTC recognizes that multiple reporting lines can create a conflict of interest for the CCO and potentially undermine his/her independence.
However, the devil is in the details. The structure of the supervisory line is most important in determining the quality of the CCO’s independence. There are specific areas of consideration for a firm when deciding upon additional supervisory lines, such as:
- Does the CCO still have direct access to the board or senior management?
- Is any additional supervisor high enough up in the firm hierarchy to provide independence from the business risks overseen by compliance?
- Does the additional supervisor have the knowledge of compliance matters to provide proper supervision?
The letter gave some examples of both functional and dysfunctional multiple reporting lines for CCOs. For example, a CCO that reported to the head of swap trading would be inappropriate in the obvious conflict that relationship would present.
Importantly, the CFTC noted how combining the role of CCO with General Counsel or having the CCO report through to the legal department has its own level of risk for the firm. Closely held relationships between compliance and legal can cause serious conflicts regarding the maintenance of attorney-client-privilege, the work-product doctrine, and other legal protections otherwise afforded a firm. In order to avoid this type of conflict, a firm must very clearly define its segregation of compliance and non-compliance (legal) functions performed and/or supervised.
This last point is extremely important in today’s environment where compliance and legal teams are often closely intertwined. Based upon this new guidance, it’s time for firms to re-evaluate their CCO reporting lines.