CFTC's latest personal-liability warning: CCO charged with false statements

NEW YORK (Thomson Reuters Regulatory Intelligence) - The risk of being held personally liable is a serious concern of top executives at financial services firms, especially chief compliance officers.

Businessmen cast their shadows as they walk in Tokyo's Marunouchi business district June 23, 2009.

Despite massive fines related to the financial crisis against approximately 50 different firms totaling more than $200 billion, there was a noticeable absence of prosecutions of individuals. But as the post-crisis political and public outcry to hold individuals accountable grew louder, personal liability risk, and the numbers of enforcement cases involving personal liability have steadily increased. Regulators are now regularly “naming names” in enforcement actions and holding individuals accountable.

An enforcement settlement last week by the U.S. Commodity Futures Trading Commission (CFTC) involving a chief compliance officer (CCO) once again signaled that senior executives such as CCOs are now undoubtedly being held accountable when circumstances warrant.

Below is an overview of the CFTC case, a review of the personal liability landscape for CCOs, and factors determining whether regulators incorporate the personal liability component into enforcement actions.


The CFTC announced a settlement on September 12 with Rafael Marconato{here}, a CCO of the registered commodity pool operator and commodity trading advisor, Phy Capital Investments LLC, formerly known as Phynance Capital Management LLC, based in Brazil.

According to the CFTC order, after the National Futures Association (NFA) began examining the firm, Marconato made false statements to the self-regulatory organization for the U.S. derivatives industry, by denying the existence of the firm’s commodity pool. Instead, he claimed the firm had no customers. Marconato also attempted to mislead the NFA to believe the commodity pool he had been soliciting for was a company that invested in software and sent the NFA a false document repeating that claim, the CFTC said.

The CFTC also said that Marconato sold part of his interest in the firm’s commodity pool to an existing pool participant for $125,000 without disclosing he was selling part of his own interest.

The CFTC alleged that firm “issued statements to pool participants showing profits of as much as 49.05% from February 2016 through November 2017; however, the CEO and the trading firm actually conducted no trading with pool participants’ money and instead misappropriated participants’ funds for their own benefit.” Marconato also made false statements to NFA to assist the firm’s CEO, Fabio Bretas de Freitas, and otherwise engaged in certain actions that operated as a fraud on pool participants.

According to the order, the firm and Bretas de Freitas misappropriated client funds, and lied to the NFA to conceal the fraud. In May 2019, the CFTC filed an enforcement action{here} against Bretas de Freitas and the firm in the U.S. District Court for the Southern District of New York.

“The CFTC expects registrants to take their duties seriously and will take action against those who engage in fraud or make false statements,” said CFTC Director of Enforcement James McDonald.

Marconato was ordered to pay $150,000 for engaging in fraudulent acts and making false statements to a self-regulatory organization. The penalty comprised $125,000 in restitution and a $25,000 civil penalty. The financial penalties recognized “Marconato’s substantial cooperation” with the CFTC, the agency stated.

In addition to the financial penalties, Marconato was permanently prohibited from trading commodity interests for himself or others, soliciting or accepting funds from others for the purpose of trading commodity interests, and from registering with the CFTC.

The CFTC said that Marconato is also required to cooperate in the CFTC’s ongoing litigation against other parties.


The CFTCs decision to personally charge the CCO almost certainly involved two key allegations: that Marconato misled the regulator and participated in the alleged fraud.

Perhaps one of the most noteworthy CFTC cases detailing its stance on personal liability was announced last fall when a trader at German banking giant Deutsche Bank received a lifetime bar and $350,000 fine related to charges of internally mismarking values of swap positions. However, regulators gave the bank a pass and even went as far as to praise their cooperation and self-reporting of the illicit acts{here}.

That move by the CFTC delivered several strong messages simultaneously. Any attempt at manipulation or fraud, regardless of investor harm, will result in individuals being held personally accountable. More importantly for compliance departments, firms that step forward and self-report such wrongdoing can earn concessions from the regulator and possibly receive a complete waiver of any penalties.

The CFTC detailed factors{here} in its decision to not bring an action against the bank.

It cited the bank’s: (1) timely, voluntary self-disclosure of the matters, (2) full cooperation in the matter, including providing all known relevant facts about the individuals involved in or responsible for the misconduct and (3) remediation efforts directed at strengthening and enhancing the bank’s swap valuation process.

James McDonald, director of enforcement at the CFTC, said at the time, “Today, we also recognize once again the concrete benefits of self-reporting, cooperating, and remediating.”

According to the CFTC, the bank self-reported the issue in mid-July 2017 and provided timely updates on its own internal investigation. It responded to requests for information, disclosed information proactively, and attributed facts to specific sources. Deutsche Bank also immediately placed the trader on administrative leave while it conducted its investigation. The trader was terminated in September 2017.

Like the CFTC, the U.S. Securities and Exchange Commission (SEC) has also included personal liability in cases where warranted in recent years.

A speech on CCO liability by the SEC's former enforcement director, Andrew Ceresney{here}, before he left the agency in 2016 serves as a commonsense guide that that agency's enforcement division seems to be continuing to follow.

Ceresney categorized enforcement actions brought against CCOs into three broad categories:

- Cases against CCOs who are affirmatively involved in misconduct that is unrelated to their compliance function.

- Cases against CCOs who engage in efforts to obstruct or mislead agency staff.

- Cases where the CCO has exhibited a wholesale failure to carry out responsibilities.

This third category, failure to carry out responsibilities – raised concerns in the industry and it has left many to question whether it might be a slippery slope for CCOs.


In 2013 the SEC published answers to frequently asked questions (FAQs) related to personal liability at broker-dealers. An important factor involving personal liability is the supervisory nature of one’s job. The SEC provided a list of considerations to establish whether a person is a supervisor, including:

- Has the person clearly been given, or otherwise assumed, supervisory authority or responsibility for particular business activities or situations?

- Do the firm’s policies and procedures, or other documents identify the person as responsible for supervising, or for overseeing, one or more business persons or activities?

- Did the person have the power to affect another’s conduct?

- Did the person have the ability to hire, reward, or punish that person?

- Did the person otherwise have authority and responsibility such that he or she could have prevented the violation from continuing, even if he or she did not have the power to fire, demote, or reduce the pay of the person in question?

Senior management including compliance, legal, and human resources must coordinate to be sure that they have documented clear lines of supervision. They must also develop a clear job description and a clear mission statement particularly for the compliance group but also for every employee and the entire organization.

The CCO should not have supervisory responsibilities over business-line activities but should review compliance policies and procedures and designate the appropriate person to have supervisory responsibilities over the relevant business functions of the firm.

CCOs should carefully document every step taken and persons consulted in investigating and remedying any possible illegal activities. Documentation is critical when showing regulators how compliance handled a situation and why.

CCOs must not delegate any certification or report being submitted to a state or federal governmental or regulatory authority by them on behalf of their organizations.

Although they should seek help in getting the information needed to make the attestation, CCOs should be reluctant to sign any document unless they have carefully reviewed and fully understand its contents and have taken the requisite steps to confirm its accuracy.

CCOs need to be anticipatory in carrying out the functions assigned to them in their firm’s compliance policies and procedures. The regulators will be wary of a compliance program that looks great on paper but is not being followed in practice. If the compliance team has a program in place, documented evidence must be supplied to show it is being followed, tested and updated regularly.

CCOs should demand an organizational structure that provides a direct line of communication with all top executive officers or board directors. CCOs should ensure they have sufficient skilled resources at their disposal to evidence their actual compliance with it. The best advice for employees to avoid charges of personal liability is to create and maintain a personal file of evidence to demonstrate both firm-wide and individual compliance with all regulatory expectations.

This evidence of understanding of the rules, the firm’s business practices, and detailed accounts of regular inspections of activities, can demonstrate an active and vigilant compliance program and culture. A lack of documentation is often what leads to penalties against compliance personnel.

The use of attestations to establish a personal commitment to compliant behavior by supervisors is valuable evidence to present to regulators. The emphasis that chief compliance officers (CCOs) and other senior executives place on the compliance culture at the firm should be supported by records showing how the business is communicating its policies and compliance expectations.

*To read more by the Thomson Reuters Regulatory Intelligence team click here:

(Todd Ehret is a Senior Regulatory Intelligence Expert for Thomson Reuters in New York.)

This article was produced by Thomson Reuters Regulatory Intelligence - - and initially posted on Sept. 19. Regulatory Intelligence provides a single source for regulatory news, analysis, rules and developments, with global coverage of more than 400 regulators and exchanges. Follow Regulatory Intelligence compliance news on Twitter: @thomsonreuters