Overview
On September 4, 2025, the Commodity Futures Trading Commission (CFTC) issued orders filing and settling compliance-related violations against ten registrants, including swap dealers (SDs), futures commission merchants (FCMs), and a commodity pool operator (CPO) and an introducing broker (IB).1 The six orders (Orders) follow the CFTC's self-proclaimed "enforcement sprint," in which eligible firms were encouraged to submit remediation plans and settlement offers to resolve compliance violations that did not involve fraud, customer harm, or market abuse.
The first settlements entered into with CFTC registrants this year, the Orders indicate the types of compliance-related violations the agency may pursue over the next three years outside of fraud or customer or market harm type cases. The Orders evidence the agency's implementation of the division of enforcement's recent advisories, including the February advisory on self-reporting, cooperation, and remediation (the "Advisory").2 The current CFTC is applying significant fine-reducing credit for cooperation and self-reporting, including for satisfying mandatory disclosure obligations. The settling of these charges indicates that technical compliance violations may still result in enforcement proceedings being taken against registrants under new CFTC leadership. Specifically, registrants should note that the Orders included off-channel communication and trade reporting charges, and additional charges and scrutiny of supervisory compliance and surveillance programs.
Below is a brief analysis of each category of enforcement matter.
Supervision and Other Violations Related to Systems Errors
The CFTC issued two orders involving supervision violations, including: (1) one against a non-US financial services group, including their registered SD, FCMs, commodity pool operator, and commodity trading advisor for a failure to diligently supervise; and (2) one against Citigroup, a registered FCM and SD, for filing inaccurate large trader reports, regulatory records violations stemming from capital reporting obligations, and a failure to supervise.
The enforcement action against the non-US group finds supervisory deficiencies associated with its trade surveillance programs across multiple asset classes, including trading activity on three separate ICE trading venues.3 The CFTC found that the firm deployed an ineffective automated third-party surveillance program which generated a large amount of "unproductive and false alerts" and whose data storage limitations resulted in the removal of unreviewed trade data. These gaps persisted for several years, although the ineffective surveillance tool may have only been responsible for a small portion of the firm's overall derivatives trading activity. In addition, trade data from ICE trading venues was not reviewed by the firm as it was not received into its third-party surveillance tool.
The non-US financial services group was found to have violated both registrant supervisory regulations, Section 4s(h)(1)(B) of the Commodity Exchange Act (CEA) and Regulations 166.3 and 23.602(a), without an accompanying substantive rule violation.
Separately, the CFTC alleged that, for a period of about seven years commencing with a programming logic error in 2015, Citi submitted inaccurate Part 17 large trader reports. Specifically, the programming logic error was purported to have caused netting issues with respect to accounts under common control or ownership. Subsequently, a third-party vendor system licensed to the firm was alleged to have experienced a records failure that resulted in additional large trader report inaccuracies over a ten-week period in 2023. The nature of the alleged error was technological as a system's feature designed to accommodate large volume records supposedly failed to deploy, corrupting certain data. In addition, three Citi employees were alleged to have concealed the fact that Citi's daily excess net capital had fallen to a level mandating CFTC notification. The settlement notes that Citi terminated one of these employees. Citi agreed to an order for, without admitting or denying to committing, violations of Section 4g(a) of the CEA, and CFTC Regulations 17.00(a)(1), 1.31(c), and 166.3.
Citigroup received "exemplary" self-reporting and cooperation credit.4 Applying the Advisory's 55% reduction to the statutory fine calculation, Citigroup was ultimately ordered to pay a $1.5 million civil monetary penalty. Conversely, the non-US entity did not receive recognition for self-reporting or cooperation, and did not receive any mitigation credit, despite the firm's representations regarding remediation efforts and self-disclosing certain compliance gaps to the Commission. The order resulted in a civil monetary penalty of $5 million.5
Recordkeeping and Supervision Violations Related to Offline Communications
The CFTC issued three orders finding recordkeeping, off-channel communications, and supervisory violations, which included the following respondents: (1) a non-US SD; (2) Banco Santander, including its non-US SD and its FCM; and (3) BNYM, including its SD and introducing broker.
Each settlement involved employee usage of unapproved communication methods, including personal text messages, WhatsApp, and email. Each registrant failed to keep required records in violation of Sections 4s(f)(1)(B), 4s(g)(1), and 4g of the CEA and implementing regulations, and also failed to diligently supervise their business. The proscribed conduct occurred over periods ranging from four to five years for each respondent.
Each registrant was recognized for exemplary cooperation, though not for self-reporting. They each nevertheless received "the maximum cooperation mitigation credit toward the full monetary penalty appropriate for these violations."6 Each corporate enterprise received identical civil monetary penalties in the amount of $500,000, with one respondent agreeing to remedial undertakings in the form of an internal audit. The fine amounts are significantly less than comparable off-channel communication cases imposed on SD, FCM and IB registrants under the previous Administration.
For example, the Behnam-led CFTC brought and settled an action against one introducing broker for off-channel communication and supervision failures over an approximate period of five years.7 Receiving no mitigation credit, the firm was ordered to pay $2 million in penalties, or about four times the amount ordered to be paid by the BNYM introducing broker. On a single day in the prior administration's sweep related to off-channel communications, the CFTC settled actions against 11 financial institutions with fines totaling over $710 million. Penalties ranged from $6 million to up to $100M, with Bank of America affiliates ordered to pay $100 million for violations occurring over a nearly eight-year period.8
Swap Data Reporting Violations
The CFTC brought and settled a swap reporting action against the US Bank SD.9 Over approximately an 18-month period, U.S. Bank acted as a reporting counterparty and reported inaccurate valuation data with respect to FX and interest rate swap transactions. The inaccurate valuation data impacted approximately 80,000 unique FX swaps and 10,000 unique interest rate swaps, resulting in regulatory violations of CFTC Rules 45.3(b), 45.3, and 45.13(a).10
The firm filed swap data error correction notification (SDECN) forms within seven days of self-identifying its FX and IRS reporting errors, as required under Regulation 45.14. The respondent also separately notified both the CFTC's Market Participants Division and Enforcement of the errors, and provided both with additional details, including written reports and information about remediation efforts. The SD also included the FX reporting error in its 2023 Annual CCO Report, which under the Advisory is a valid method of self-reporting for purposes of the mitigation credit matrix. Enforcement recognized exemplary self-reports and cooperation, resulting in the SD receiving the maximum mitigation credit of 55% from the statutory calculation.11 The resulting civil monetary penalty was $325,000, one of the lowest ever received for a swaps reporting violation.
Takeaways
The Orders are the only ones to result from the CFTC's enforcement sprint efforts. Importantly, the Orders will help market participants assess the true impact of the Advisory's application to future enforcement actions. The Orders are the first compliance-related violations brought against registrants by Acting Chairman Pham and were issued immediately after the departure of the agency's sole Democratic vote, Commissioner Kristin Johnson.
The Orders generally evidence reduced fine amounts for CEA and CFTC regulatory violations that do not involve fraud or customer or market harm, reflecting earlier commitments by CFTC leadership.12 The actions suggest the CFTC will reduce civil monetary penalties via the statutory fine calculation itself (which requires a "per-violation" charge), as well as through the expanded availability of, and increased reductions afforded by, mitigation credit. All but one of the Order’s respondents received the maximum mitigation credit of 55% based on exemplary cooperation and, in two cases, self-reporting.13 This helped produce substantially lower penalties across supervision, swaps reporting, recordkeeping and other compliance violations.
Further, mandatory notification requirements will not preclude a respondent from claiming and receiving self-reporting credit, which must be "voluntary" per the Advisory.14 In the U.S. Bank Order, the firm disclosed its FX valuation reporting error in its SD CCO Report as otherwise mandated under CFTC Rule 3.3, which it submitted only two weeks after self-identifying the error. Separately, the firm submitted a SDECN form to the Commission reporting both FX and interest rate swap valuation reporting errors, as mandated under CFTC Rule 45.14. While the firm made other voluntary reports to Commission staff with respect to its swap reporting errors, the CFTC discusses these mandatory disclosures in a section entitled "USB's Exemplary Self-Reporting and Exemplary Cooperation", suggesting the mandatory disclosures were considered in maximizing the firm's CMP reduction. The Advisory had listed the SD CCO Report as a means to obtain self-reporting credit but had not expressly mentioned SDECN submissions under CFTC Rules 45.14 (and 43.3(e)).
In addition, the Order’s civil monetary penalties were lower even when comparing the Respondents' "full" penalty amounts (i.e., statutory basis calculations) to fine amounts imposed for comparable violations in previous Administrations. The Commission’s position on reducing fine amounts was expected as it promised a renewed focus on fraudulent activity and announced policy to steer compliance violations to its operating divisions in its advisory on referrals to Enforcement ("April Advisory").15
The Orders also convey the CFTC’s interest in creating predictability with respect to compliance-related fine amounts. For example, the three off-channel communications cases resulted in identical civil monetary penalties of $500,000 for SD, FCM and IB registrants. Off-channel settlements reached under the previous administration generally showed significant variation in the penalty amounts issued to registrants. As discussed above, fines could range from $2 million to upwards of $100 million. Reduced fine amounts for off-channel communications were foreshadowed in then-Commissioner Pham's dissent from previous orders.16 Then-Commissioner Pham had noted that, in three CFTC off-channel communications cases brought against IBs, two firms had de-registered with the CFTC, and questioned whether, when faced with CFTC actions and high civil monetary penalties, firms would choose not to participate in the market.
Finally, the Orders should be used by registrants to assess the likelihood with which the CFTC will pursue compliance-related violations. In its April Advisory, the CFTC communicated that it would only refer a "material" supervision or non-compliance issue to Enforcement, focusing on weaknesses of a supervisory system, controls or program, concealment by management of willful misconduct, and an inability to remediate non-compliance issues in a timely manner. All the settlements, except the U.S. Bank Order, involved compliance violations which persisted for at least four years.
We note, however, that the Orders may not provide a dispositive assessment as to whether similar cases or proceedings will be pursued outside of the Enforcement Sprint. Notably, firms then "under investigation, subject to enforcement action, or engaged in Enforcement inquiries involving a material violation" were encouraged to present settlement offers to the Commission in an effort to reduce Enforcement's workload and refocus the agency on its renewed agenda.17 For example, the Orders involving off-channel violations note that "no customer or market harm is known to have occurred," which may suggest that – outside of the Enforcement Sprint and the CFTC's advertised settlement initiative – off-channel disclosures made to Operating Divisions would not be referred to Enforcement, where the aforementioned criteria (and customer or market harm) is absent from the facts at hand.
CFTC registrants who are aware of compliance-related deficiencies should closely weigh the above factors in deciding how to address the legal risks stemming from such deficiencies, including self-reporting. This should involve a close review of the mitigation credit matrix regime under the Advisory, consideration of the reduced likelihood of enforcement referral as discussed in the April Advisory as balanced against actions taken in the Orders, and the tracking (and timely completion) of remediation plans. Perhaps most importantly, firms should consider how the Orders' respondents qualified for exemplary cooperation. To the extent that firms are weighing compliance risk and whether they might qualify for mitigation credit under the Advisory, our team at Steptoe is happy to help.
Going forward, registrants should continue to disclose non-compliance matters as mandated in annual CCO reports and should submit SDECN forms for trade reporting errors as otherwise required under existing regulation, allowing the firm to claim self-reporting credit - if needed - for satisfying regulatory compliance obligations. Reduced and more predictable fine amounts, coupled with the April Advisory’s guidance regarding the Commission’s limited referral policy for compliance violations, should continue to help registrants and market participants better assess self-reporting outcomes where considering disclosure to the CFTC.
1 Commodity Futures Trading Comm’n, Press Release: Acting Chairman Pham Announces Successful Completion of Enforcement Sprint (Sept. 4, 2025), https://www.cftc.gov/PressRoom/PressReleases/9114-25.
2 Commodity Futures Trading Comm’n, Press Release: CFTC Releases Enforcement Advisory on Self-Reporting, Cooperation, and Remediation (Feb. 25, 2025), https://www.cftc.gov/PressRoom/PressReleases/9054-25.
3 Commodity Futures Trading Comm’n, Press Release: Acting Chairman Pham Announces Successful Completion of Enforcement Sprint (Sept. 4, 2025), https://www.cftc.gov/PressRoom/PressReleases/9114-25.
4 See In re Citigroup Global Markets, Inc., CFTC No. 25-02 at 2 (Sept. 4, 2025), https://www.cftc.gov/media/12611/enfcitigrouporder090425/download.
5 Commodity Futures Trading Comm’n, Press Release: Acting Chairman Pham Announces Successful Completion of Enforcement Sprint (Sept. 4, 2025), https://www.cftc.gov/PressRoom/PressReleases/9114-25.
7 See Commodity Futures Trading Comm’n, Press Release: CFTC Orders TD Bank and Cowen to Pay Civil Monetary Penalties for Recordkeeping and Supervision Failures for Firm-Wide Use of Unapproved Communication Methods (Aug. 14, 2024), https://www.cftc.gov/PressRoom/PressReleases/8943-24/.
8 See Commodity Futures Trading Comm’n, Press Release: CFTC Orders 11 Financial Institutions to Pay Over $710 Million for Recordkeeping and Supervision Failures for Widespread Use of Unapproved Communication Methods (Sep. 27, 2022), https://www.cftc.gov/PressRoom/PressReleases/8599-22/.
9 Commodity Futures Trading Comm'n, Press Release: Acting Chairman Pham Announces Successful Completion of Enforcement Sprint (Sept. 4, 2025), https://www.cftc.gov/PressRoom/PressReleases/9114-25.
10 Because the submission of valuation data is only required pursuant to Part 45 of CFTC Regulation, cited violations did not implicate real-time reporting (Part 43) obligations.
11 See in re US Nat'l Ass'n, CFTC No. 25-06 (Sept. 4, 2025), https://www.cftc.gov/media/12626/enfusbankorder090425/download.
12 See Commodity Futures Trading Comm’n, Press Release: CFTC Division of Enforcement to Refocus on Fraud and Helping Victims, Stop Regulation by Enforcement (Feb. 4, 2025), https://www.cftc.gov/PressRoom/PressReleases/9044-25.
13 Under the Advisory's mitigation credit matrix, remediation falls under the consideration of an entity's cooperation.
14 Commodity Futures Trading Comm’n, Enforcement Advisory: Advisory on Self-Reporting, Cooperation, and Remediation at 2 (Feb. 25, 2025), https://www.cftc.gov/media/11821/EnfAdv_Resolutions022525/download.
15 See Enforcement Advisory: Advisory on Referrals to the Division of Enforcement, CFTC Letter No. 25-13 at 2-3 (Apr. 17, 2025), https://www.cftc.gov/csl/25-13/download.
16 Commodity Futures Trading Comm'n, Press Release: Dissenting Statement of Commissioner Caroline D. Pham on Off-Channel Communications Matter (Aug. 14, 2024), https://www.cftc.gov/PressRoom/SpeechesTestimony/phamstatement081424.
17 Commodity Futures Trading Comm’n, Press Release: Keynote Address by Acting Chairman Caroline D. Pham, FIA BOCA50 (Mar. 11, 2025), https://www.cftc.gov/PressRoom/SpeechesTestimony/opapham13.
