New SEC, CFTC pact could accelerate existing data-sharing practices
An increasingly cozy relationship between the Securities and Exchange Commission and the Commodity Futures Trading Commission was formalized last week with the signing of what the agencies called a “historic” memorandum of understanding. From a technology perspective, it’s a pact that experts believe will hasten a data-sharing journey they’ve been on for quite some time.
The 14-page MOU, which the independent financial regulatory agencies said will “support innovation while upholding market integrity and investor and customer protection,” has dozens of references to data. That includes a section on the proper procedures for the sharing, storing and protecting of data, guided by federal IT standards and best practices from NIST.
David Bottom, the SEC’s former chief information officer, said in an interview with FedScoop that the agreement suggests agency data chiefs will “continue to take a more central role” in defining data taxonomies. That could be a crucial point given the agencies’ move toward a so-called golden record of data.
“I think it accelerates what’s been in practice before,” said Bottom, who left the SEC last November after nearly six years with the agency. “If you read the MOU, it certainly contemplates non-public information being received by either the SEC or the CFTC, and shared between the two.”
Bottom, now the CISO for Consulting Services Group, said he doesn’t think the new agreement will “shake everything up,” especially given previous MOUs reached by the regulators in 2004, 2008 and 2018. For example, there’s “always been overlap” between the agencies on swaps and “a partnership” on examinations. Because of those dynamics, information-sharing has always occurred — a point the MOU acknowledges.
A key difference in this arrangement, Bottom believes, is the emphasis on non-public information. The MOU clearly “recognizes where the SEC and CFTC are in terms of applying their regulatory frameworks and legislative responsibilities to crypto and emerging technologies,” he said.
JR Drabick, a former SEC enforcement attorney and federal prosecutor, had a similar read on the MOU with regard to data, predicting “more automated, institutional sharing of data as opposed to … one-off access, request-based data-sharing.” On the agreement’s calls for enhanced cooperation on enforcement matters, Drabick believes it’s a natural step from SEC Chair Paul Atkins’ push to “pull back on the enforcement-by-regulation approach.”
“There’s a real opportunity there for collaboration, harmonization that could have a big difference in terms of how crypto is actually on-the-ground regulated, and [how] fraud in the crypto markets is enforced,” said Drabick, now a partner in Ropes & Gray’s litigation & enforcement practice.
The Trump administration’s attitudes toward crypto regulation have differed greatly from those of the Biden administration. Drabick said a note in the MOU on its intent to provide “regulatory clarity and certainty built on technology-neutral regulations” may be a “subtle rebuke” to former Chair Gary Gensler’s tenure leading the SEC — a term derided by digital asset leaders as decidedly anti-crypto.
“If you look at the current commissioners’ public comments,” Drabick said, they’re saying that their job “isn’t to pick the winners and losers. ‘Our job isn’t to pick the technologies. It’s to provide an appropriate playing field,’ and I think that’s what [the technology-neutral comment is] getting at.”
Overall, the MOU has an “aspirational … let’s not step on each other’s toes” feel to it, Drabick said. John Hunt, a partner at Sullivan & Worcester who represents asset managers and has dealt with the CFTC and SEC on legal matters for decades, echoed those sentiments, noting that the MOU “hardly says anything.”
The agreement, he continued, may reflect the Trump administration’s “general impatience” with Congress on crypto regulation; though the GENIUS Act was signed into law last summer, the CLARITY Act is still in flux. Hunt believes the MOU also serves as a “shot across the bow to Gary Gensler” — who also chaired the CFTC during the Obama administration — “and his whole approach to regulation.”
The “technology-neutral” mention, meanwhile, may be a move to ensure “shares on blockchain are not treated differently from shares as they’re currently trading,” noting that Europe’s Markets in Crypto-Assets Regulation “faces the same issue.”
“They don’t want to favor one type of technology over another,” Hunt said, “rather than focusing on, ‘well, we want to move everybody to blockchain.’ … I think the idea is to be more agnostic.”
The SEC and CFTC will work in the months ahead to implement pieces of the MOU, including “a fit-for-purpose regulatory framework for crypto assets and other emerging technologies.” Much of that work should be basic; Bottom said that in terms of data interoperability, the agencies are already using “the same playbook” for things like swaps.
On the IT and security side, Bottom said it’ll be important for agency staffers to “take into account the cyber risks” as the SEC and CFTC adopt emerging technologies. And when it comes to implementing joint regulations from the Financial Data Transparency Act, the CDO offices will need to have discussions around taxonomies and labels — particularly labels for non-public information.
“This is just more of an incentive to implement the same taxonomies and rules of the road as we go forward,” Bottom said. “It’s really going to be the rule-makings that drive the technology investments at … both agencies.”
