On November 12, 2013, the Commodity Futures Trading Commission (CFTC) announced that it had imposed fines totaling $1.4 billion on five major international banks in connection with the alleged manipulation of foreign exchange benchmark rates. In each case, the CFTC asserted that individual traders within the banks had colluded to move benchmark foreign exchange rates, such as the US dollar/euro rate, in directions that benefited them.

The CFTC did not claim that any of the banks had engaged in systematic manipulation. However, the CFTC noted that the banks were responsible for the actions of their employees. To ensure that employees acted in a manner consistent with the law, the CFTC identified four main compliance steps that financial institutions must take:

  1. Risk assessment. Anyone engaging in trading activities should conduct a risk assessment to identify exactly how trading activities could violate the applicable laws. Of course, the risk assessment presupposes that you have accurately identified the relevant legal obligations, including, complying with the statute prohibiting the manipulation of commodity prices.
  2. Policies and procedures. There should be policies in place that identify the compliance requirements for your activities, and making clear that you demand 100% compliance. Policies should spell things out— do not assume that currency traders, for example, know that they cannot collude to manipulate benchmarks. To implement policies, you also need to create procedures that detail how activities such as currency trading should (or should not) be conducted. The CFTC stressed the need for “concrete and specific guidance” in both policies and procedures.
  3. Internal controls. Internal controls are necessary to minimize or mitigate identified risks In the case of the benchmark rate investigations, the CFTC noted the need for controls to prevent traders from colluding with other banks to manipulate rates. Among others, the orders require the banks to strengthen transaction monitoring and communications surveillance programs for foreign exchange trading activities.
  4. A Culture of Compliance. Compliance begins at the top. The measures described above will be most effective if your organization has a culture that prizes compliance. Again, you should not assume that people always know what they can and cannot do. Training is necessary to ensure that employees are fully aware of what constitutes acceptable behavior, and that they understand the relevant policies, procedures, and controls.

Most banks and other financial institutions have a variety of compliance systems to address regulatory requirements such as currency manipulation, money laundering, export controls, and sanctions compliance. The CFTC’s actions highlight the need to extend this approach to all of the bank’s regulatory obligations, especially in activities like trading, including trading bonds, equities, or commodities, where actions by individual employees could cause the organization to violate the law.