CFTC Charges CME Over Client Data Breaches
WASHINGTON -- The top U.S. derivatives regulator on Thursday sought to fine the CME Group Inc and ban two former employees for life for leaking client data in a crackdown on the world's largest futures exchange.
The pair - William Byrnes and Christopher Curtin - had disclosed information about trading and customers to a commodity broker on frequent occasions over a period of 2-1/2 years, the Commodity Futures Trading Commission (CFTC) said. In its civil complaint filed in the Southern District of New York, the CFTC charged their former employer, the CME's energy platform NYMEX. It quoted a CME official as agreeing that the breach had been "a humongous deal".
"Maintaining the confidentiality of the type of non-public information that Byrnes and Curtin disclosed is the "lifeblood" of an Exchange such as CME NYMEX," the CFTC's complaint quoted a senior official at NYMEX as saying.
Curtin and Byrnes - who at one point was put in charge of training employees on confidentiality policies - had given a broker access to details of trades, the identity of the parties and prices paid, the CFTC said. The charge is all the more striking because the CME itself is an important supervisor in the U.S. self-regulatory system. It had come under scrutiny in the past 18 months because it was a primary regulator of futures brokerage MF Global, which collapsed in late 2011.
The CFTC oversees both the futures and the swaps markets at arm's length and its chairman, Gary Gensler, has said the system of self-regulation is not strong enough.
The CME said that it had terminated the employees when it learned of the breaches of procedure, and that the leaks were not used - and could not have been used - for insider trading, and no customer suffered a financial loss.
"The CFTC court action announced today is disappointing because it relates to incidents that CME Group has already addressed and handled appropriately," the CME said. It said the CFTC was seeking fines against NYMEX only because of the former employees' improper activities.
BRING YOUR CELL PHONE
Historically, U.S. market regulators have not aggressively pursued enforcement actions against exchanges. But in recent years, they have begun to crack down harder.
"Those who run exchanges and profit from trading need to be responsible custodians of information and their employees' actions related to sensitive data," CFTC Commissioner Bart Chilton said in an emailed statement.
The CME had reviewed Byrnes's phone calls and emails from just one day after someone complained because he thought that someone called "Billy" - Byrnes's nick-name - had disclosed secret information to others. But the CME did not question Byrnes, who then continued the leaks until there was a second complaint from a market party, and Byrnes was fired. The CME had in the meantime promoted him to teach employees on confidentiality policies.
The broker - identified only as "broker X" - treated Byrnes to meals, drinks and entertainment on multiple occasions, speaking to him only on his mobile phone.
"Bring your cell phone tomorrow. We missed out on some massive trades on Friday and some stuff happened today ... Bring your phone tomorrow we definitely want to know," Broker X was quoted as saying in the complaint.
Christopher Curtin, one of the two employees named in the CFTC enforcement action now works for ELX Futures, LP, a New York-based electronic futures exchange formed by a group of banks, brokers and trading firms in 2007. When reached by telephone, he identified himself as the person in the CFTC complaint, but declined to comment. Attempts to reach Byrnes, whose LinkedIn profile has not been updated since he left NYMEX, were not immediately successful.
(Additional reporting by Jeanine Prezioso in New York, Editing by Gerald E. McCormick, Richard Chang and Bob Burgdorfer)
Copyright 2010 by Reuters. All rights reserved.