On August 29, 2023, the Commodity Futures Trading Commission ("CFTC") filed an Order settling charges against Goldman Sachs & Co. Goldman Sachs to Pay $5.5 Million for Recordkeeping Violations and Violating a Prior Commission Order (CFTC Release)
The CFTC Order
/download found that Goldman Sachs had violated the cease-and-desist provision of a prior order and committed recordkeeping violations in connection with its failure to properly record and retain certain audio files. Note that this is a second bit of a rotten apple -- Goldman was already under a C&D per an earlier order. Accordingly, the CFTC required that Goldman Sachs pay a $5.5 million civil monetary penalty and ease and desist from further violations of the recordkeeping provisions of the Commodity Exchange Act and CFTC regulations. As alleged in part in the CFTC Release:
In November 2019, the CFTC entered an order that found Goldman failed to record the phone lines of a trading and sales desk for 20 calendar days in January and February 2014, after its recording hardware malfunctioned following a software patch. The CFTC ordered Goldman to pay a $1 million civil monetary penalty and to cease and desist from further violations of CFTC recordkeeping provisions.
The order entered today finds that, following the issuance of the November 2019 order, Goldman had additional recordkeeping failures, in violation of the cease-and-desist provision of the earlier order. Specifically, Goldman used a vendor service to record calls made on mobile devices. Beginning in March 2020, increased use of the vendor’s recording service during the pandemic led to increased failures in the vendor’s hardware. As a result, Goldman failed to fully record and retain thousands of mobile device calls. Goldman discovered the issue when investigating reports of poor call quality from employees using the recording service. An interim fix was implemented in May 2020, and the vendor’s hardware was replaced with an alternative system in September 2020.
Separately, beginning in March 2020, Goldman began using software from another vendor that was designed to replicate the experience of a hard-wired trading turret—a specialized phone setup used to facilitate trading—via a computer. In late May 2020, Goldman discovered a software issue where the system sometimes failed to properly record audio. As a result, Goldman failed to fully record and retain thousands of calls. After implementing an interim fix, a permanent fix in the form of a software update was completed in June 2022.
Bill Singer's Comment
Yet another regulator pulls its punches when it comes to one of the Big Boys. As if a smaller firm or individual would have gotten off as lightly as Goldman in response to a regulator's finding that "Goldman violated the cease-and-desist provision of a prior order." $5 million in fines probably is less than what Goldman spends on toilet paper each day. Odd, isn't it, that the CFTC headline fails to resort to the term "Recidivist"? Interesting as to how that title is so easily attached to other miscreants in our markets but not so much when it comes to the major players.
CFTC Commissioner Caroline Pham dissented from this Order https://www.cftc.gov/PressRoom/SpeechesTestimony/phamstatement082923b based upon her concerns that the unprecedented impact of Covid placed impediments in the path of effective compliance; and, in part, she opined that:
I respectfully dissent from the order and settlement in the administrative proceeding In re Goldman Sachs & Co. LLC, because I believe that this enforcement action is fundamentally unfair, unjust, and does not best serve the public interest. Based on my review of the record, I believe that this enforcement action is wrong—we are not doing the right thing here on vendor issues arising out of the unprecedented move to remote work because of the COVID-19 pandemic, and I cannot support it.
Regulation by enforcement has a darker counterpart. This order and settlement reflects the Commission’s disturbing trend of “examination by enforcement”—where the Division of Enforcement imposes a disproportionately high civil monetary penalty for one-off, non-material operational or technical issues with no misconduct, harm to clients, or financial losses, and that every other major regulatory authority addresses through an examination program conducted by supervisory staff (i.e., examiners).
By taking this approach, the CFTC is an outlier amongst U.S. and non-U.S. regulators. It does not best serve the Commission’s mandate to provide oversight of market participants, and it does not meaningfully contribute to market integrity. Examination by enforcement is inherently ad hoc, not applied consistently across market participants, and does not provide a horizontal view to inform the Commission of potential systemic risk.
Ummm . . . okay . . . sure, I can see Commissioner Pham's point. Sort of. To some extent. It would be foolish to diminish Covid's negative impacted upon the industry's ability to maintain compliance oversight. In fact, as the pandemic unfolded, I was among the most strident voices urging the regulatory community to better factor in the challenges forced upon the industry's men and women. For example, during the first year of the pandemic, I published FINRA Proposes OHO And NAC Hearings Via ZOOM (BrokeAndBroker.com Blog / September 3, 2020),in which I noted in part that:
I am disappointed with the lack of zealous advocacy from FINRA's Board of Governors and from other traditional industry advocates. Way back in April 2020, when COVID's shadow was first falling across our lives, FINRA Small Firm Governor Stephen Kohn noted his concerns about the rush by the self-regulatory-organization to use ZOOM in lieu of in-person interviews/hearings. Guest Blog: Riddle Of The FINRA Sphinx By Stephen Kohn (BrokeAndBroker.com Blog / April 22, 2020)
http://www.brokeandbroker.com/5183/guest-blog-stephen-kohn/. As Kohn so aptly noted in part:
Why the draconian insistence to bully respondents to part with what few rights they have in this regulatory process for fear of further rule violations?
We all know that there are local, state, and federal directives against non-essential public transport and in favor of social distancing if not "lock downs." It seems ill-advised, if not illegal, for witnesses to travel to their lawyers' offices, or for the lawyer to travel to a witness's home, as FINRA itself has noted: https://www.finra.org/rules-guidance/key-topics/covid-19/shelter-in-place.
I was also told that they were only pushing ahead with "serious violations." Coronavirus, has brought the world to its knees, not making any distinction of race, religion, political affiliation, anything, yet to the Regulators, it's business as usual, unempathetic, forging ahead, leaving a path of destruction in their wake. Does that not trump (no pun intended) Due Process in this instance?
So, in an attempt to move Due Process along, to "help" complainants and respondents comply, it seems the medium of choice is Zoom. I can't imagine being called to any video interview or hearing, where the fate of my business and career is examined without my attorney and me being at the same table as our accusers. How am I supposed to obtain legal counsel if my attorney and me can't even meet at his office and review documents together or prepare for my testimony?
Small Firm Governor Kohn was recently defeated in a three-way race. His valuable voice will now be lost. The silence from his compatriots on the Board is deafening.
Among the more cynical aspects of FINRA's proposal is that it doesn't line up with the regulator's own sensibilities, as first noted on its COVID-19 Guidance webpage during the onset of the pandemic:
Impact on FINRA Events & Conferences
The health and well-being of our employees and stakeholders is a top priority for FINRA. Therefore, FINRA is canceling or postponing several of our upcoming events.
Isn't that thoughtful! Out of concern for its employees' "health and well-being," FINRA cancelled or postponed a whole host of typically nonsensical events that often amount to little more than an excuse for a junket. Where is the same concern when it comes to cancelling or postponing OHO/NAC hearings out of concern for the health and well-being of the industry's men and women? Perhaps that's just not a top priority for the industry's regulator.
My urging the regulatory community to afford reasonable consideration to the operational stresses caused by Covid did not abate during the pandemic, as demonstrated by this recent post: "FINRA Fines And Suspends Rep For Borrowing From Friend During Covid Pandemic" (BrokeAndBroker.com Blog / May 18, 2023)
https://www.brokeandbroker.com/7037/finra-sproul-awc-borrowing/. In my May 18th blog, I noted in part that:
For those of you who may have forgotten, around March 2020, Covid was first declared a pandemic. Some six months AFTER the June/July 2021 dates when Sproul borrowed money from his friend (who was also a customer), FINRA published "Retrospective Rule Review Report / Business Continuity Planning and Lessons From the COVID-19 Pandemic (FINRA Regulatory Notice 21-44 / December 23, 2021)
In FINRA's December 2021 Regulatory Notice, the regulator acknowledged that the "COVID-19 pandemic, beginning in early 2020, caused unprecedented regulatory and operational impacts on member firms and other market participants, as well as regulators."
Sproul's alleged misconduct occurred in June and July 2021. Missing from the Sproul AWC is any reference to the extant Covid pandemic in June/July 2021. You know, that same pandemic that FINRA lamented about in its December 2021 Regulatory Notice as having an "unprecedented regulatory and operational" impact on its "member firms and other market participants, as well as regulators."
What I find both interesting and troubling is that the above-quote from the FINRA December 2021 Regulatory Notice didn't make any pointed reference to the plight of the industry's associated and registered persons who worked at the member firms. That telling omission summons up a whole host of issues as to FINRA's mind-set when it comes to the industry's financial professionals versus the industry's employer-member-firms. For FINRA, the industry's financial professionals -- the men and women who do the daily work -- are often an after-thought; or, as in the case of the quoted passage from Regulatory Notice 21-44, not even so much as a thought. That bias informs far too much of FINRA's regulatory agenda and often manifests itself in disparate treatment between misconduct by member firms versus by associated/registered persons.
When Commissioner Pham questions the CFTC's actions against Goldman Sachs, I respect -- even if grudgingly -- her concerns. Without question, she is right when she admonishes the regulatory community about the compromises forced upon the industry in response to the unique challenges presented by Covid. Many Compliance Departments made it up as they went along during the pandemic -- and in many firms, there just weren't enough living-and-breathing humans showing up to the office as the scourge ran rampant. As we often do during emergencies, we did the best we could under the circumstances.
Even given my above tip of the hat to Commissioner Pham, I still struggle with affording much sympathy to Goldman Sachs because it is a conglomerate that is afforded far too much consideration in contrast to the lack of empathy afforded to smaller industry participants -- as I noted in the opening paragraph of this very Comment:
[A]s if a smaller firm or individual would have gotten off as lightly as Goldman in response to a regulator's finding that "Goldman violated the cease-and-desist provision of a prior order." $5 million in fines probably is less than what Goldman spends on toilet paper each day.
Although I appreciate Commissioner Pham's dissent, I welcome and celebrate the Dissent of CFTC Commissioner Kristin N. Johnson that I reprint in all its eloquence below:
Statement of Commissioner Kristin N. Johnson Regarding Effectively Calibrating CFTC Civil Money Penalties to Deter Repeated Compliance Failures
August 29, 2023
Today the Commodity Futures Trading Commission (the Commission or CFTC) announced and resolved charges against Goldman Sachs & Co. LLC (Goldman) for (i) failing to create and keep audio recordings related to its business as a swap dealer, as required under the Commodity Exchange Act (CEA) and existing CFTC regulations, and (ii) thus, violating a 2019 Commission cease-and-desist order for the same failure under the same statutory and regulatory provisions.
The CFTC Division of Enforcement (DOE) advances the Commission’s purpose to ensure market participants’ compliance with existing statutory and regulatory obligations. The exceptional efforts of the CFTC DOE in this matter reinforce this longstanding commitment.
It is concerning, however, that all too often the Commission finds that a few central market participants (firms that strongly influence industry best practices) repeatedly violate well-established legal requirements. These concerns become particularly acute when coupled with a market participant’s failure to self-report known violations.
The recordkeeping requirements for swap dealers at the center of this resolution are not newly adopted, nor were they recently implemented. The Commission adopted these internal business conduct standards more than a decade ago, and compounding implementation or compliance violations should be met with compounding penalties.
History with Audio Recordkeeping Failures
Since March 2020 (and perhaps even earlier), two of Goldman’s audio recording systems provided by third-party vendors failed to record calls made using company-issued mobile devices as well as a computer software-based soft turret system. Flaws in the third-party systems resulted in the loss of thousands of calls concerning Goldman’s swap dealer business, communications that the CEA and CFTC regulations require Goldman and other swap dealers to record and maintain. The non-compliance continued for at least seven months before it was satisfactorily resolved, and Goldman did not self-report. In resolution of this matter, the Commission today imposes a civil monetary penalty of $5,500,000.
This is not the first time the Commission has resolved claims related to a failure to maintain audio recordings with this firm. As noted above, in 2012, the Commission adopted the swap dealer recordkeeping requirements. Several years later, Goldman was unable to produce to the CFTC DOE, in the course of an unrelated investigation into Goldman’s conduct, audio recordings from dates in 2014.
A malfunction during a system upgrade related to a third-party vendor service may have led to the errors that prevented effective recording and maintenance of trading information for twenty calendar days. Goldman had learned of the failure of its audio recording systems well prior to the DOE’s investigative requests but had not self-reported its non-compliance to the CFTC.
In November 2019, the CFTC ordered Goldman to pay $1 million for the audio recordkeeping failures and to cease and desist from violating the swap dealer recordkeeping requirements. A mere four months after the 2019 Commission action was resolved, Goldman once again found itself in violation of the same audio recordkeeping requirements.
The Purpose of Recordkeeping Requirements
Goldman is an established player in the derivatives market and has engaged in derivatives activities of significant size and importance for decades. In addition to its swap dealer registration, Goldman registered with the Commission in 1979 as a futures commission merchant and subsequently as a commodity trading advisor and commodity pool operator. Goldman is no stranger to operating in a highly regulated derivatives market.
The recordkeeping requirements at issue, specifically relating to daily trading records, serve a critical purpose by ensuring that pre-execution trade information that leads to the execution of a swap is available to the Commission and relevant self-regulatory organizations to conduct a comprehensive and accurate trade reconstruction for the swap and assess whether a swap dealer is complying with the CFTC’s swap dealer requirements, including those designed to protect customers. These missing records materially impede the Commission’s ability to effectively execute its mission to monitor swap dealers, protect swap customers, and preserve the integrity of the swaps market in connection with communications leading up to the execution of swaps. The Commission is deprived of a critical regulatory tool to identify the existence, nature, and extent of any wrongdoing that might have occurred during Goldman’s pre-execution communications with customers regarding the execution of swaps during the relevant time.
The Goals of General and Specific Deterrence
When we find that—notwithstanding fines or penalties—market participants repeatedly engage in material violations of the same Commission regulations based on the same or substantially similar behavior, we must examine the effectiveness of our resolution methodology. Civil monetary penalties are one of the most important levers employed by the Commission to enforce the CEA and CFTC regulations in accordance with the Commission’s mission.
These penalties serve the purpose of general and specific deterrence, in other words they serve to put the market and the specific registrant on notice that the Commission intends to enforce the CEA and CFTC regulations vigorously and punish violators substantially. The Commission’s penalties must be rightly calibrated to deter repeat offenders and to prevent anyone from perceiving penalties as the cost of doing business.
The resolution announced today—a $5.5 million penalty—represents less than one half of one percent of the net income that The Goldman Sachs Group, Inc., of which Goldman is a material subsidiary, reported solely for the second quarter of 2023. Put differently, the civil monetary penalty imposed today is quite literally less than the profit Goldman can earn by the end of the day today.
While I acknowledge that challenges related to contracting with third-party vendors are at the center of this resolution, it is incumbent upon our registrants—particularly in light of the increasing dependence on critical third-and fourth-party service providers for technology and cyber resilience related services—to take steps to remain prepared and ensure compliance. In light of the increasing reliance across business lines on technological platforms, products, and services, our registrants must maintain well-developed continuity plans to ensure that there are no gaps in their compliance with CFTC regulations and that they are prepared to use alternative means of compliance, particularly in the event of third- or fourth-party service providers’ failures.
Dependence on Third- and Fourth-Party Service Providers Is Not a Defense
In times of market-wide distress, the Commission grants appropriate relief. In such moments, market participants must be prepared to deploy alternative means of compliance as set out in the staff’s industry-wide no-action relief.
Reliance on third- and fourth-party service providers is not a defense for regulatory violations and offers no absolution for repeat failures to comply with statutory and regulatory obligations, including those that are fundamental to the effective execution of the Commission’s mission.
I want to commend the formidable work of Division of Enforcement staff members Devin Cain, Alejandra de Urioste, R. Stephen Painter, Jr., David MacGregor, Lenel Hickson, Jr., and Manal M. Sultan in pursuing this important case.
 7 U.S.C. § 6s(f)(1)(C), 17 C.F.R. §§ 1.31(b)(2), 23.202(a)(1), (b)(1).
 CFTC Orders Goldman Sachs to Pay $1 Million for Recordkeeping Violations, Nov. 26, 2019, https://www.cftc.gov/PressRoom/PressReleases/8086-19.
 See, e.g., Statement of Commissioner Kristin N. Johnson Regarding CFTC Orders Against HSBC for Fraudulent and Manipulative Swaps Trading and Spoofing, and for Recordkeeping and Supervision Failures, May 12, 2023, https://www.cftc.gov/PressRoom/SpeechesTestimony/johnsonstatement051223 (calling for increased penalties in offline communications cases).
 Goldman Sachs Reports 2023 Second Quarter Earnings Per Common Share of $3.08 and Annualized Return on Common Equity of 4.0%, July 19, 2023 (announcing $1.22 billion in net income for the second quarter of 2023), https://www.goldmansachs.com/media-relations/press-releases/2023/2023-07-19-q2-results.html.
 For example, following the onset of the COVID-19 (coronavirus) pandemic, the Division of Swap Dealer and Intermediary Oversight (DSIO) (currently known as the Market Participants Division) granted time-limited, conditional no-action relief for failure to comply with the requirements to record oral communications, provided a written record regarding the content of the oral communication was created and maintained and the registrant took affirmative steps to collect the written record, “including, without limitation, handwritten notes or other contemporaneous or subsequently created transcripts or summaries.” Letter No. 20-06 (Mar. 17, 2020) (granting temporary relief), which was extended by CFTC Letters No. 20-19 (June 9, 2020) and No. 20-26 (Sept. 11, 2020). The relief expired on January 15, 2021.
DCCir says SEC's Denial of Grayscale's Bitcoin Fund "Arbitrary and Capricious"
Grayscale Investments, LLC, Petitioner, v. Securities and Exchange Commission, Respondent (Opinion, United States Court of Appeals for the District of Columbia Circuit, NO. 22-1142)
Qakbot Malware Disrupted in International Cyber Takedown / Qakbot Malware Infected More Than 700,000 Victim Computers, Facilitated Ransomware Deployments, and Caused Hundreds of Millions of Dollars in Damage (DOJ Release)
SEC Charges Plug Power for Financial Reporting, Accounting, and Controls Violations / Company to pay an additional springing penalty if it fails to remediate continuing controls deficiencies (SEC Release)