CFTC Division of Enforcement, FY 2023: A Year in Review and Looking Ahead

On November 7, 2023, the Division of Enforcement ("Division") of the United States Commodity Futures Trading Commission ("CFTC") released its annual report of the results of its enforcement efforts,[1] announcing that it had filed 96 enforcement actions for Fiscal Year 2023. The Division's results include a record-setting number of digital asset cases, in addition to actions alleging manipulation, spoofing, fraud, and other violations, which resulted in over $4.3 billion in civil monetary penalties, restitution, and disgorgement. This figure is nearly double the amount of restitution, disgorgement, and penalties from the CFTC's Fiscal Year 2022 enforcement results. This article highlights the trends and certain exemplative cases brought by the CFTC in FY 2023 and looks forward to what might be ahead for FY 2024.

Manipulation and Spoofing

Cases alleging manipulation and spoofing continued in Fiscal Year 2023. The Division announced five separate actions that allege manipulation or spoofing, which is fewer than in recent years. Two are discussed here:

CFTC v. HSBC Bank USA N.A., No. 23-26 (CFTC, consent order filed May 12, 2023)

The CFTC order charged HSBC with manipulative and deceptive trading related to swaps with bond issuers, spoofing, and supervision and mobile device recordkeeping failures at various times during approximately an eight-year period. The order found that on multiple occasions between March 2012 and 2015, traders at HSBC engaged in manipulative and deceptive trading of interest rate swaps, basis swaps, and swap spreads in connection with interest rate swaps that HSBC entered into with bond issuers (issuer swaps). The issuer swaps were priced in part based on prices displayed on pricing screens controlled by interdealer broker firms. HSBC traders intentionally traded at the broker firms controlling the relevant screens during telephonic pricing calls during which the bond issuances and the related issuer swaps were priced. HSBC traders structured their trading intentionally to move prices for the relevant swaps on these screens. HSBC was ordered to pay a $45 million civil monetary penalty, to cease and desist from further violations of the CEA, and to engage in specified remedial undertakings.

CFTC v. Logista Advisors LLC and Andrew Serotta, No. 1:23-cv-07485 (N.D. Ill., complaint filed Sep. 7, 2023)

The CFTC alleged that Serotta and Logista (the commodity trading advisor ("CTA")/commodity pool operator ("CPO") he operated) engaged in spoofing from approximately January through April 2020. According to the complaint, Serotta was alleged to have placed hundreds of large calendar spread orders for crude oil and natural gas futures that he intended to cancel before execution (spoof orders), while placing orders on the opposite side of the same futures markets (genuine orders). By placing the spoof orders, Serotta allegedly deceived other traders about supply and demand, misleading market participants about the likely direction of the commodity's price, which made Serotta's genuine orders appear more attractive to market participants and allowed Serotta to execute his genuine orders in larger quantities and at better prices than he would have without the spoof orders. The complaint further alleged that by this conduct, Serotta and Logista failed to diligently supervise trading at the fund Logista operated and violated the terms of a 2017 CFTC order that had found a supervision failure stemming from prior instances of spoofing at Logista and required certain undertakings on the part of Logista.

Fraud

Leading the way for enforcement actions were fraud-related cases, which amounted to 59 filed actions. A significant portion of the fraud cases brought by the CFTC involved digital assets. Three are discussed here:

CFTC v. Rashawn Russell, No. 1:23-cv-02691 (E.D.N.Y., complaint filed April 11, 2023)

The complaint charges Russell with fraudulently soliciting retail investors to invest in a digital asset trading fund and with misappropriating at least $1 million in investor assets. In its continuing litigation against Russell, the CFTC seeks restitution, disgorgement, civil monetary penalties, permanent trading and registration bans, and a permanent injunction. The defendant previously pled guilty to participating in a scheme to defraud clients of the fund in a criminal action also pending in the Eastern District of New York.

CFTC v. David Carmona et al., No. 2:23-cv-04015 (C.D. Cal., complaint filed May 24, 2023)

The complaint charges the defendants with fraudulently soliciting hundreds of thousands of dollars from more than 170 individuals in the U.S. and other countries to contribute to an investment fund (Icomtech). Icomtech's purported purpose was to trade bitcoin and other digital asset commodities on behalf of investors. Icomtech did not engage in the trading that it promised, and defendants allegedly misappropriated customer funds. The complaint alleges the defendants' fraud and misappropriation scheme predominately targeted Spanish-speaking communities. In its continuing litigation against the defendants, the CFTC seeks restitution, disgorgement, civil monetary penalties, permanent trading and registration bans, and a permanent injunction.

CFTC v. Celsius Network, LLC and Alexander Mashinsky, No. 1:23-cv-6008 (S.D.N.Y., complaint filed July 13, 2023)

The CFTC alleges that from 2018 to June 2022, Mashinsky and Celsius engaged in a scheme to defraud hundreds of thousands of customers by mispresenting the safety and profitability of its digital asset-based finance platform, through multiple sources, including social media, the Celsius website, and publicly available videos, that falsely touted high profits and security to induce customers to deposit their digital assets commodities with the platform. Based on these representations, customers deposited approximately $20 billion with Celsius. However, instead of engaging in "safe" investments, Mashinsky and Celsius engaged in increasingly risky trading strategies when they were unable to make interest payments due to customers.

The CFTC further alleged that in order to generate income to pay its customers the promised interest rates, customers' digital asset commodities were pooled and deployed by Celsius as loans to institutional and retail customers and for other revenue-generating activities, including futures trading. For this trading, Celsius operated the Celsius Pool but was not registered as a CPO. The complaint also alleged that Mashinsky did not register as an associated person ("AP") of a CPO, despite soliciting members of the general public to contribute to the Celsius Pool. The CFTC and Celsius agreed to resolve the complaint against the company by agreeing to a permanent injunction prohibiting future violations of the CEA. The DOJ, SEC, and FTC also brought separate actions against Celsius and Mashinsky.

Supervision

The CFTC has placed a continued emphasis on the role of registrants' supervisory obligations to detect and prevent disruptive trading, as well as to maintain the integrity of the futures market, as seen in the number of supervision cases that were brought this past year.

In re Advantage Futures LLC, No. 23-45 (CFTC, consent order filed Sep. 20, 2023)

On September 20, 2023, the CFTC issued an order simultaneously filing and settling charges against Advantage Futures LLC, a registered futures commission merchant ("FCM") based in Chicago, Illinois, for failing to diligently supervise the handling of commodity interest accounts, which resulted in incomplete and inadequate oversight of its surveillance of customers' trading activity for disruptive trading over a four-year period. The order found that Advantage's failures caused over 12.8 million cleared contracts to not be processed or surveilled between July 2018 and June 2022. This represented nearly 1.5% of customer trading volume during that four-year period. The order requires Advantage to pay a $395,000 civil monetary penalty and to cease and desist from any further violations of its supervisory requirements, as charged.

CFTC v. Options Clearing Corporation, No. 23-06 (CFTC, consent order filed February 16, 2023)

The CFTC order found that from October 2019 through May 17, 2021, OCC failed to comply with Derivatives Clearing Organization ("DCO") Core Principles to establish, implement, maintain and enforce certain policies and procedures reasonably designed to manage its operational risks. The order found OCC failed to identify the plausible sources of operational risks and did not mitigate their impact through the use of appropriate systems, policies, procedures, and controls. Specifically, OCC implemented an add-on charge to address the impact of certain transaction-based costs. However, it failed to incorporate and account for this charge in its stress testing and other risk management methodologies, in violation of DCO Core Principles. OCC agreed to pay a $5 million penalty for violations of the CEA and CFTC regulations and be subject to remedial undertakings. The SEC also charged OCC for failing to establish and enforce policies and procedures involving financial risk management, operational requirements, information-systems security, and for changing policies on core risk management issues without first obtaining approval from the SEC.

CFTC v. Coquest Inc., No. 3:21-cv-02599-S (N.D. Tex., consent order filed March 8, 2023)

The CFTC order resolves an October 20, 2021, lawsuit, finding the defendants liable for misappropriating the block trade order information of Coquest's brokerage customers without their knowledge or consent. Coquest, Weinmann, Buttonwood, and Weva were found to have defrauded Coquest customers and to have failed to diligently supervise trading in customer commodity interest accounts. The order requires the defendants to disgorge $496,021 in illicit profits and pay an additional $2.5 million civil monetary penalty. The order also imposes six-month trading and registration bans on Weinmann and bars Weinmann and Coquest from brokering block trades on behalf of others for two years. Additionally, the order permanently enjoins the defendants from engaging in further violations of the CEA and CFTC regulations.

CFTC v. BBL Commodities, No. 23-08 (CFTC, consent order filed March 28, 2023)

The CFTC order finds that BBL failed to establish and implement an adequate supervisory system to detect whether its employees were engaging in disruptive trading and to deter its employees from such conduct. The CFTC order requires BBL to pay a $400,000 civil monetary penalty and to cease and desist from further supervision violations, as charged.

CFTC v. HSBC Bank USA N.A., No. 23-27 (CFTC, consent order filed May 12, 2023)

The CFTC order found that HSBC Affiliates for a period of years failed to stop their employees, including those at senior levels, from communicating both internally and externally using unapproved communication methods, including messages sent via personal text and other applications. The HSBC Affiliates were required to keep certain of these written communications because they related to the HSBC Affiliates' businesses as CFTC registrants. These written communications generally were not maintained and preserved by the HSBC Affiliates, and the HSBC Affiliates generally would not have been able to furnish them promptly to the CFTC when requested. The order further found the widespread use of unapproved communication methods violated HSBC's own policies and procedures, which generally prohibited business-related communication taking place via unapproved methods. Further, some of the very same supervisory personnel responsible for ensuring compliance with the firms' policies and procedures themselves used non-approved methods of communication to engage in business-related communications, in violation of firm policy. To settle the charges, HSBC agreed to pay a $30 million civil monetary penalty and undertake other remedial efforts.

Swap Dealer Business Conduct Standards and Reporting

The Division also continued its focus on ensuring compliance with the business conduct standards for swap dealers and major swap participants and obtained significant sanctions for rule violations this past fiscal year.

For example, two financial institutions settled charges with the CFTC for failing to diligently supervise swaps reporting and failing to comply with swaps reporting obligations to swaps reporting. Their reporting deficiencies during the period occurred for various reasons and included both underreporting and misreporting in a manner inconsistent with Commission rules. The reporting failures were caused by errors that principally involved swap allocations in (normally) post-trade events where an agent allocates a portion of an executed swap to clients who are the actual counterparties to the original transaction. The orders also found the financial institutions did not provide adequate supervision to ensure they timely complied with their swap dealer data activity and reporting obligations pursuant to the CEA and CFTC regulations. The settlements imposed civil monetary penalties of $15,000,000 and $8,000,000 respectively.

In another matter, the CFTC found another New York-based, provisionally registered swap dealer violated the swap dealer business conduct standards in the CEA and CFTC regulations due to its failure to make adequate disclosures to customers in connection with certain foreign exchange forward transactions. That firm was ordered to cease and desist from further violations of these standards, pay $1,847,182.90 in restitution, and pay a $5 million civil monetary penalty.

Decentralized Finance (DeFi)

In addition to targeting major centralized crypto platforms, the CFTC has unleashed its enforcement authority on developers of decentralized finance ("DeFi") protocols. DeFi platforms allow users to trade crypto assets, borrow, and lend without centralized intermediaries through automated smart contracts. While advocates argue that DeFi democratizes finance, regulators contend that the technologies enable illegal activities.

For example, in September 2023, the CFTC brought charges against three DeFi developers for allegedly offering illegal derivatives trading through their DeFi protocols.

In re Opyn, Inc., No. 23-40 (CFTC, consent order filed Sep. 7, 2023)

In re Deridex, Inc., No. 23-42 (CFTC, consent order filed Sep. 7, 2023)

In re ZeroEx, Inc., No. 23-41 (CFTC, consent order filed Sep. 7, 2023)

The CFTC charged DeFi operators Opyn, Inc., and Deridex, Inc., with failing to register as swap execution facilities ("SEFs") or designated contract markets ("DCMs"). The CFTC also charged these entities with failure to register as an FCM and failure to adopt know your customer ("KYC") procedures and a customer identification program ("CIP") required by the Bank Secrecy Act. Opyn and Deridex were also charged with illegally offering leveraged and margined retail commodity transactions in digital assets. In orders against both Opyn and Deridex, the CFTC concluded that the companies engaged in these activities in connection with DeFi protocols that functioned similarly to trading platforms, and which purported to offer users the ability to engage in transactions in a decentralized environment.

The CFTC alleged that ZeroEx developed and deployed a blockchain-based digital asset protocol (the 0x Protocol) and a front-end application called Matcha that offered users the ability to trade digital assets through use of various blockchains. Among the digital assets permitted to trade on Matcha were multiple tokens, developed and issued by a third-party unaffiliated with ZeroEx, that provided traders leveraged exposure to digital assets such as ether and bitcoin. The CFTC found that these leveraged tokens are leveraged or margined retail commodity transactions and therefore can be offered only on a registered exchange in accordance with the CEA and CFTC regulations.

The orders required that Opyn, Deridex, and ZeroEx pay civil monetary penalties of $250,000, $100,000 and $200,000, respectively, and cease and desist from violating the CEA and CFTC regulations, as charged.

Trade Practice Violations

This past fiscal year, the CFTC also continued investigations of trade practice violations. Two are discussed below:

In re Challenger Life Company Limited, No. 23-29 (CFTC, consent order filed Jun. 29, 2023)

On June 29, 2023, the CFTC issued an order filing and simultaneously settling charges against Australian-based Challenger Life Company Limited for exceeding both the federal and exchange spot month speculative position limits for Platinum futures contracts traded on the New York Mercantile Exchange (NYMEX).

The order found that as of the close of business on March 30, 2022, Challenger Life held a net long futures position of 874 contracts in the NYMEX April 2022 Platinum futures contract, a position that exceeded the federal spot month speculative position limit of 500 contracts. The order further found that as of March 31, 2022, and May 9, 2022, Challenger Life exceeded the exchange's 500-contract delivery limit for the April 2022 and May 2022 Platinum futures contracts. The order requires Challenger Life to pay a $150,000 civil monetary penalty and to cease and desist from further violations of the CEA and CFTC Regulations, as charged.

In re Jie "Elaine" Yu, No. 23-46 (CFTC, filed Sep. 22, 2023)

On September 22, 2023, the CFTC issued an order simultaneously filing and settling charges against Jie "Elaine" Yu of Irvine, California, for engaging in a fictitious sales scheme. The order finds that in October and November 2021, Yu engaged in a series of illegal transactions on the Chicago Mercantile Exchange ("CME") involving 33 non-competitive, fictitious sales of 410 futures contracts. According to the CFTC, through this illegal scheme, Yu transferred at least $159,000 to her cousin (identified as "Trader A") in Shanghai, China. The order states Yu and Trader A worked in tandem and synchronized their fictitious sales by communicating in real time about their bids and offers. The order also found that Yu intentionally entered orders during periods of low overall trading volume with the express purpose of finding and matching Trader A's opposite orders on CME's Globex platform. The order further found that the trading activity in which Yu intentionally engaged lacked both price competition and market risk and was conducted for the sole purpose of passing funds to Trader A's account, in violation of the fictitious sales provisions of the CEA and CFTC regulations.

Recordkeeping

The CFTC's recordkeeping requirements are designed to ensure the safety and integrity of the U.S. derivatives markets and protect customers and market participants. This past fiscal year, the CFTC issued orders simultaneously filing and settling charges against swap dealers and FCM affiliates of 11 financial institutions. In many of those orders, the CFTC found that for a period of years, these swap dealers and/or FCMs failed to stop their employees, including those at senior levels, from communicating both internally and externally using unapproved communication methods, including messages sent via personal text or other applications. The firms were required to keep certain of these written communications because they related to the firms' business as CFTC registrants. Each order further found that the widespread use of unapproved communication methods violated the swap dealers' and/or FCMs' internal policies and procedures, which generally prohibited business-related communication taking place via unapproved methods.

For example, the CFTC found that one such financial institution failed to record the phone lines of a trading and sales desk for 20 calendar days in January and February 2014, after its recording hardware malfunctioned following a software patch, in violation of the recordkeeping requirements.

The registrants in each of these cases agreed to cease and desist from further violations of recordkeeping and supervision requirements and to engage in specified remedial undertakings.

What's Ahead for FY 2024

Looking ahead to FY 2024, it is apparent that the CFTC will take a tougher stance resolving matters, especially with regard to recidivists, and will focus on cybersecurity and the carbon markets, in addition to its usual slate of matters.

On October 17, 2023, the CFTC released an Enforcement Advisory on penalties, requiring monitors and consultants, and requiring admissions in enforcement proceedings, giving enforcement staff guidance on future enforcement resolution recommendations to the Commission. Topics include:

• Deterring Misconduct Through Appropriate Penalties: The Division is recalibrating how it assesses proposed CMPs to ensure the CMPs are at the level necessary to achieve general and specific deterrence. This may result in the Division recommending higher penalties in resolutions than may have been imposed in similar cases previously. The Advisory also notes the Division will consider recidivism as an aggravating factor in determining appropriate penalties to recommend to the Commission and details several of the factors the Division will consider in determining whether a person or entity is a recidivist.
• Monitors and Consultants – Ensuring Remediation to Reduce Likelihood of Future Misconduct: The Division notes that in cases where it lacks confidence that an entity will remediate misconduct on its own, it will require the resolving entity to engage a third-party approved by the Division to assist in remediation. This will include Monitors—third parties engaged to make recommendations, test those recommendations, and report on the results of their work to the Division—and Consultants, third parties to advise the entities regarding compliance enhancements. Going forward, the Division anticipates recommending to the Commission that a Monitor be imposed in cases involving the most significant and/or pervasive compliance and control failures that reflect a lack of sufficient commitment to effective compliance, and a Consultant will be recommended in serious but less severe cases.
• Admissions – Achieving Accountability and Deterrence: Companies and individuals under investigation should no longer assume no-admit, no-deny resolutions are the default. Rather, in each case, the Division will discuss with respondents or defendants whether admissions are appropriate. The advisory describes various factors relevant to the determination of whether admissions are appropriate. See CFTC Enforcement Advisory on Penalties, Monitors and Admissions, Release No. 8808-23.

In addition, on June 29, 2023, the CFTC announced it would establish two new task forces, the Cybersecurity and Emerging Technologies Task Force and the Environmental Fraud Task Force.

• Cybersecurity and Emerging Technologies Task Force was created to address issues in cybersecurity and emerging technologies including ensuring registrants have sufficient cybersecurity controls as well as controls for the protection of customer information and system safeguards more broadly; prosecuting hacks/exploits/and account intrusions performed for the purpose of manipulating commodities markets; prosecuting technology-enabled thefts of material non-public information; exploring the role that emerging technologies such as artificial intelligence and machine learning may play in violations of the CEA and CFTC regulations; and ensuring that registrants adequately supervise their use of emerging technologies.
• Enviornmental Fraud Task Force was created to address fraud and other misconduct not only in regulated derivatives markets but also in relevant spot markets (such as voluntary carbon credit markets) relating to purported efforts to address climate change and other environmental risks. The task force will examine, among other things, fraud with respect to the purported environmental benefits of purchased carbon credits, as well as registrants' material misrepresentations regarding ESG products or strategies. See CFTC Division of Enforcement Creates Two New Task Forces, CFTC Release No. 8736-23.

On June 20, 2023, the CFTC Whistleblower Office issued an alert notifying the public on how to identify and report potential CEA violations connected to fraud or manipulation in the carbon markets, such as manipulation and wash trading in carbon market futures contracts, ghost or illusory credits listed on carbon market registries, double counting or other fraud related to carbon credits, fraudulent statements relating to the material terms of the carbon credit, and manipulation of tokenized carbon markets.

Conclusion

The Division's enforcement activity will continue to run full steam ahead into the upcoming fiscal year. The agency has placed an emphasis on increased penalties, admissions, and monitorships, especially for recidivists, so market participants would benefit by being proactive and remediating any issues immediately. As always, the Division maintains that meaningful engagement with the Division at early stages will benefit potential enforcement targets. Additionally, compliance personnel should ensure that their surveillance systems, compliance policies and procedures, and adequate safeguards are in place and ensure that any deficiencies are remediated upon detection. Looking ahead to FY 2024, higher penalties and monitorships are likely on the horizon in addition to enforcement matters focusing on cybersecurity, AI, and the carbon markets.