Pages: 1 2 3 4 5 6 7 >>

08/02/2016

Permalink 10:43:00 am, by Dana Comolli Email , 839 words   English (US)
Categories: Futures Trading, Compliance, CTA Operations

Why Compliance is the New Black

Earlier this year, the NFA implemented rules that CTAs, CPOs and others must have in place a cyber security and compliance plan that provide a detailed outline on the firm’s daily behavior in following the rules, as well as a step-by-step disaster recovery plan.

Although the regulator isn’t calling in these plans, it will check them during an audit, and if you aren’t prepared, you’ll be in violation. Compliance has been upped largely due to Dodd-Frank rules, but also because the NFA and exchanges are under increased scrutiny by the CFTC.

That said, there are key areas of compliance across all regulators that need to be part of the game plan for a firm’s daily operations. Here are important aspects to include in your plan:

  1. Know your vendor and customer:  NFA Bylaw 1101 “prohibits NFA Members from doing business with most non-members that are required to be registered with the CFTC as an FCM, IB, CPO, or CTA.”  Basically, you must do business with your own. It’s up to the CTA to make sure clients, business associates, and brokers are all registered or exempted. The NFA requires you to be able to show not only the process your personnel takes to check out the potential vendor, and that means checking them through BASIC, you need to keep all the documentation on had to show your research.

    You can roll the dice and assume vendors are members, but that’s not good business. For example, let’s say you know three friends, traders, who pooled their money to invest in your CTA. First, you must make sure the key person is a qualified investor, but you also must make sure if they are a pool, all investors are qualified, and you must retain documentation confirming the fact.  In other words, if they are representing themselves as a pool or FCM, they must be registered with the NFA.  For more details on 1101, go to: https://www.nfa.futures.org/NFA-faqs/compliance-faqs/bylaw-1101/index.HTML

  2. Make sure from a CTA standpoint, your automated systems allocating trade orders are “equitable and fair.” This should be checked quarterly.

  3. Related to #2, make sure that all accounts within a program have substantially the same performance and that performance is what your marketing materials state for the program.  If different accounts have substantially different performance, the regulators may take the stand that you actually have more than one program.

  4. Not only must a CTA know who he’s dealing with on multiple levels, he needs to know what his vendors are doing, especially FCMs. One compliance expert says a CTA needs to be on top of not only filled orders, but the source data as well.  FCMs don’t necessarily hold the old back up files of trade audits (and if they do, some charge for it), and if an exchange comes asking for it, a CTA must be able to put his hands on records and source data that can build an audit trail or trading activity, and be able to produce it in a short amount of time.

  5. Sometimes slip-ups can happen due to changing regulations but often they happen due to bad communications between an FCM and client. For example, those who trade metals might be using exchange for physicals (EFPs), which are executed thru the FCM to get a futures equivalent position. In some cases, block trade rules come into play, meaning there are minimum lot sizes to a trade. The CTA must understand the rules when dealing with an executing brokers so he doesn’t unintentionally break any. 

    As an example,  if a CTA is doing a gold trade, but the executing broker could only get a partial fill, thus it’s not a block trade but an EFP, but the CTA doesn’t know this and if the FCM doesn’t do the paper work – and sometimes they don’t – the CTA is in trouble. Be on top of those trades; in the past, it used to just be a venal sin: one of not knowing. Today it’s a mortal sin, says one expert, stating that CTAs must follow up on trades.

  6. Allocation of expenses between the manager and funds, and between funds has been the focus many recent examinations and common issues have included charging expenses that are not fully disclosed to investors and charging one client an expense where another does not pay the same expense.  Examiners have been aggressively drilling down on expense allocations even when the amounts are minimal.

While NFA audits have not been as frequent during the past few years due to the recent influx of new members, the NFA has recently reached what they consider appropriate staffing levels and you should expect audit frequencies to return to normal.  It’s time to make sure you are dressed appropriately for the party.


Dana M. Comolli is president of DMAXX (dmaxx.com), a back office software design firm for alternative investment managers. TheBooks software is designed for the trader, and is built to do price, position and order management, reconciliation, trade accounting, performance reporting, risk and data management and act as a gateway to a wide variety of execution platforms. You can reach Dana at: dana@dmaxx.com

06/13/2016

Permalink 09:28:00 am, by Dana Comolli Email , 1160 words   English (US)
Categories: Accounting, Futures Trading, Backoffice, Marketing, Compliance, CTA Operations

The Big Question: How to select an FCM?

With the shrinking number of FCMs, it might seem a CTA has little choice, or in some cases, too many. Either way, you need to know the questions to ask, and if you’re not happy with the answers, move on.

When a commodity trading advisor first hangs out their shingle, the punch list is long and many items are of equal importance: infrastructure, back office software and compliance being the most common. But of course you’ll need a broker to execute and clear your trades. No doubt you already have the one you used while on your own, but as you grow your business, your brokerage needs will change, not only due to your trading and capital, but to satisfy your client’s needs as well. Here is a list of what CTAs, software vendors and brokers say you should discuss with prospective FCMs:

The Basics

  1. Yes, size does matter. Although you may like the idea of having a Goldman Sachs or JP Morgan as your FCM, the truth is your options might be limited by your size. Especially as the number of brokers has dropped from almost 180 in 2007 to 72 today, many of these, especially bank-owned FCMs, will be out of your league. Size may be a main issue: CTAs with less that $100 million may not get a chance with a large bank FCM. But what is also important is how valuable (active) you are as a customer. As banks have to deal with constricting balance sheet capital due to Basel III, they have off loaded customers who don’t meet their ROI needs. If you have $100 million AUM but trade only a limited number of lots a month, you won’t make the cut. This isn’t necessarily a bad thing as many CTAs have been shifted to smaller non-bank FCMs. Although a large balance sheet might be nice, so is not dealing with a bureaucracy. 

    The reverse is also true. As you grow, a smaller FCM may no longer be able to accommodate your capital and trading needs. No matter what your size, it’s always smart these days to have relationships with multiple FCMs; to wit, the cautionary tales of customers who had all their money with MF Global or PFG.

  2. Ask for a list of exchange memberships. It may seem a firm with more memberships is pricier, but if you trade globally and decide to go with a downstream broker, that firm will have to use another FCM to access those exchanges and you or your clients will be charged in the end. Also find out if the firm has a 24-hour CTA/Institutional desk. Even if you won’t normally need it, it’s nice to know it’s there in case of an emergency.

    Related to this are give up trades. Make sure your broker does or accepts them. Some brokers may be a perfect fit when you are trading as an individual, but a firm that won’t do or take give ups will complicate your growing CTA business.

  3. Does the FCM permit net margining across all accounts? This means if you bring on a client who has multiple accounts with multiple CTAs, you want the FCM to be able to ‘net’ the margin across all those accounts and not require each CTA to be margined separately. This is not only across CTAs, but also across various fund accounts, and similar to net margining at an exchange, allows better use of collateral for your customer. 

    Also, make sure the FCM isn’t “margin padding” your account, that is insisting on much higher (3x-4x) margin needs than exchanges require. Although all FCMs request more margin than is required (in the interest rate glory days this was an income stream for FCMs), it shouldn’t be exorbitant. One CTA says a large bank FCM was requiring 3-4 times margin as a way to get rid of business that didn’t have a strong ROI. This may be an extreme case, but keep an eye on what they are charging, and be diligent after setting up an account that the broker doesn’t change the rules, and if they do, find out why. Also, find out  - due to balance sheet issues for bank FCMs - if they charge for “excess funds” held at the FCM.

  4. Cap intro? In the “old” days many FCMS would make sure their asset allocation clients mingled with CTAs, but this is more rare today. Sure there are firms that have people who work to raise funds, but may only introduce them to CTAs they feel worthy. Think of FCMs like asset allocation targets: they have standards and just because you are a client doesn’t mean they will send clients your way. Some firms do have platforms (e.g., RJO’s Oasis) that allow asset allocators to review and invest in CTAs.

More Details

  1. Find out the format and how end of day allocation files are handled.  Most FCMs will request that allocation files be sent to them at the end of each day although some want them at the end of each session or even after each trade.  Many are flexible with respect to symbology and price format, but not all are.  Also, just because you provide data files of your allocations, it does not mean those are not being manually keyed into another system by the FCMs staff; you should check to be sure that the files are being handled in an automated fashion otherwise clearing errors are sure to arise.

  2. Online account viewing platforms and ability to provide trade prices (both actual fill and APS prices) at regular intervals during the day as well as at the end of the day.  Many firms don’t provide anything more than and end of day feed that summarizes all the trades done during the day. Ideally, the feed would be automatically generated and provided in the format and use the delivery method (sFTP, eMail, etc) that works best for you.

  3. Ask about which trading platforms are supported, such as Trading Technologies, CQG, TradeStation, Cunningham, etc.  Make sure your FCM supports your trading platform, as not all FCMs are equipped to handle all platforms.

Finally, you should always check with the National Futures Association (www.nfa.futures.org) website to see if any actions have been brought against an FCM. Also, the CFTC site carries monthly financial info on all FCMs (http://www.cftc.gov/MarketReports/FinancialDataforFCMs/index.htm).  That can provide you an overview before getting into the details when interviewing the FCM.

Remember, just as you are diligent about the rest of your business, your FCM/broker partnerships are lifelines that need to be reviewed often and analyzed on a regular basis. After all, “know your customer” goes both ways in all vendor relationships.

________________________

Dana M. Comolli is president of DMAXX (dmaxx.com), a back office software design firm for alternative investment managers. TheBooks software is designed for the trader, and is built to do price, position and order management, reconciliation, trade accounting, performance reporting, risk and data management and act as a gateway to a wide variety of execution platforms. You can reach Dana at: dana@dmaxx.com

04/19/2016

Permalink 01:10:00 pm, by Dana Comolli Email , 978 words   English (US)
Categories: Disaster Recovery, Backoffice, Cyber Security

4 cyber security keys for CTAs

More than a buzzword, cyber security is core to how your systems are set up, what information passes through your business and how you plan to recover from a disaster. Here’s what you need to know.

Today, cyber security is a necessary worry and cost of doing business for everyone in the trading community, especially commodity trading advisors. The NFA’s new requirement that every member must have a cyber security plan in place is merely a formality for what a CTA should already have as part of its business set up. And today’s cyber security is not only a mechanism for dealing with viruses, phishing, and other forms of computer system intrusion. In reality, the concept of cyber security is something much broader; something that addresses how you ensure that your computing and information resources are protected from failure or compromise, and if that happens, how you plan to recover from that event.

One way to determine your exposure is to think of your computing and information systems in terms of the “surface area” they present to users and external entities. In a typical CTA, this would include email sending and receiving, web browsing, file transfers using FTP, user access to workstations and servers, remote backup providers, and cloud data and/or computing resource providers. Each of these must be both reliable and secure if a firm is to operate successfully.

Virtually all firms have anti-virus software installed on their workstations; you should since it comes for free with the Windows operating system. This may not be the case for all the servers within a firm as these generally require specific versions of the anti-virus software. Yet it is critical that they be protected as well because these systems are often the repository for files and data accessed by multiple workstations.

When it comes to cyber security, where organizations typically stumble is in other areas: intrusion detection and reporting, securing information “in transit,” securing information on mobile devices (laptops, tablets, cell phones), and access and recovery strategies when using cloud-based storage and computing platforms. Let’s look at each of these:

1) Intrusion detection and reporting are systems that monitor access to your computing resources and generate alarms when suspicious access is detected. For example, these could be triggered by a certain number of failed logon attempts, logon attempts using well know usernames, or access attempts from untrusted networks.

2) Securing information in transit involves either encrypting all files and messages sent via email and FTP or using end-to-end secure communication channels. In practice, encrypting the actual information sent is a more prudent solution as end-to-end encrypted email is rarely available and using encrypted versions of FTP still leaves the information at the destination in an unencrypted state.

3) Securing information on mobile devices (laptops, tablets, and cell phones) is more than simply having a password to access the device. The latest dust-up between the DOJ and Apple shows that it is possible to access a password-protected device without compromising the data. The information on the device also must be encrypted as losing physical control of a mobile device is possible. Also, as a “60 Minutes” investigation revealed recently, hacking into smart phone voice and data isn’t difficult, and that could be catastrophic for a CTA. (see transcript of that program: http://www.cbsnews.com/news/60-minutes-hacking-your-phone/)

4) Access and recovery strategies. Many organizations treat cloud-based storage and computing resources as if they are somehow immune from failure. While major vendors such as Amazon, Google, Rackspace, and Microsoft have impressive uptime statistics, their annual downtimes still are measured in hours. Virtual machines within these environments must be secured the same way as those on your premises, but access to these systems is limited by their uptime and your ability to access them (yours and their internet connections.)

When looking at recovery from a failure or other incident, the typical solution will be some type of disaster recovery (DR) system that replicates the systems required to operate the organization. These can be cost-effectively implemented in a cloud environment as there are billing models that only charge for the time the virtual machines are running. For a DR environment, that need only be the time it takes to snapshot data to the backup environment (typically a once-per-day event). For those whose primary environment is cloud-based, it’s a bad idea to have your DR in the same vendor’s cloud because your primary and backup would be exposed to downtime at the same time. Follow the industry adage and diversify to other vendors.

In addition to recovering from hard system or environment failures, the ability to quickly recover lost or otherwise corrupted files must be another aspect of a firm’s cyber security plan. While there is no substitute for a robust, daily backup strategy, using products that replicate and version files into the cloud (Dropbox, SecuriSync, and others) can provide rapid access to compromised files from non-compromised systems. (Note: The issue here is that files are replicated as they are changed, so if a file gets corrupted, such as with a virus, that corrupted file will be replicated. These services must keep track of versions so you can retrieve the pre-corrupted versions of the file.)

Effective cyber security is critical to the ongoing health and well-being of a CTA and should be approached with the same (or greater) vigor as any other aspect of a firm’s procedures. Get started with a thorough review of the surface area of your systems and follow up with protection and recovery plans for each potential failure.

________________________

Dana M. Comolli is president of DMAXX (dmaxx.com), a back office software design firm for alternative investment managers. TheBooks software is designed for the trader, and is built to do price, position and order management, reconciliation, trade accounting, performance reporting, risk and data management and act as a gateway to a wide variety of execution platforms. You can reach Dana at: dana@dmaxx.com

1 2 3 4 5 6 7 >>

August 2016
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
The official blog for users and others interested in TheBooks®

Search

XML Feeds

powered by b2evolution free blog software