Public Statements & Remarks

Opening Remarks of Commissioner Kristin N. Johnson at FIA L&C Panel: Futureproofing Financial Markets: AI and Derivatives Markets

April 25, 2024

Introduction 

Good morning. Thank you very much to the Futures Industry Association, President and Chief Executive Officer Walt Lukken, and Yvette Valdez for the generous invitation for me to join you this morning. I delivered my very first keynote address as a Commissioner at the FIA IDX conference in London in June of 2022 and my first public appearance as a Commissioner was here at FIA L&C. Commissioner Summer Mersinger and I shared details of the road to serving as a CFTC Commissioner.

During my tenure as a Commissioner, conversations among global regulators, market participants, customers, and investors have reached a fever pitch. Innovations such as generative AI have the power and the potential to alter many aspects of our markets and lives. These innovations offer exciting hope for more effective disease screening, more accurate and timely disease diagnosis and mapping, and exceptional potential to solve complex questions that have posed challenges in math, science, and medicine for centuries. At the same time, without appropriate guardrails that ensure responsible adoption of AI, the risks of integrating this technology may outweigh the benefits in some contexts.

For the last several years, I have advanced international dialogue regarding the best approach for addressing the significance of AI in our markets. In a series of speeches over the last few months, I have publicly advocated as a Commissioner for the Commission to consider three specific interventions.

First, to ensure unequivocal commitment as an independent federal regulator to our obligation to supervise markets and ensure the effectiveness of the rule of law, I have advocated for heightened penalties for the use of AI to engage in fraud or market manipulation. Policing derivatives markets is one of the cornerstones of the CFTC’s mission. We must adapt our surveillance technologies and enforcement penalties to keep pace with the rapidly evolving innovation that characterizes global financial markets.

Second, the CFTC should adopt a principles-based regulatory framework for addressing the increasing prevalence of AI in our markets. In January of this year, the CFTC launched initiatives to begin to better understand the use cases for AI in our markets, including by issuing a Request for Comment (RFC) to the market. The RFC is an excellent beginning and we anticipate receiving critical information regarding the uses and potential uses of AI in our markets. We should not, however, rest on our laurels. Our first step as a Commission is simply that – a first step.

Two weeks ago, the Market Risk Advisory Committee that I sponsor met and announced that the Future of Finance Subcommittee would proceed with developing several specific, targeted initiatives to support the CFTC, but also to enable the Commission to come into compliance with the October 30, 2023 Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence.

The Executive Order calls for transparency in the integration of AI. To achieve this goal, we must survey markets to successfully achieve a full understanding of the integration of AI models in our markets and to effectively address threats to critical infrastructure resources in our markets.

Finally, I have called for an inter-agency task force to consider the adoption of parallel, harmonized safeguards that will focus on ensuring the stability and integrity of our markets.

As recent reports by international standard setting bodies indicate, automation and complex algorithms have existed “for many years but recent, significant advances in the ability of such tools to handle complex tasks and to expand their capabilities without explicit human instruction may deeply impact how our markets operate and how we supervise our markets. [1]

Considering each of these suggestions in turn may be useful.

Evolving Markets and Existing Regulatory Authority

For years, traders in CFTC-regulated markets have deployed algorithm and AI-based tools, and we expect their use to only increase in scope and sophistication going forward.

At present, AI is being used in CFTC markets in a number of different ways:[2]

  • Trading (e.g., market intelligence, robo-advisory, sentiment analysis, algorithmic trading, smart routing, and transactions)
  • Risk Management (e.g., margin and capital requirements, trade monitoring, fraud detection)
  • Risk Assessments and Hedging
  • Resource Optimization (e.g., energy and computer power)
  • RegTech – Applications that enhance or improve compliance and oversight activities (e.g., surveillance, reporting)
  • Compliance (e.g., identity and customer validation, anti-money laundering, regulatory reporting)
  • Books and Records (e.g., automated trade histories from voice or text)
  • Data Processing and Analytics
  • Cybersecurity and Resilience
  • Customer Service

Proactively addressing AI’s use in CFTC-regulated markets will likely involve a combination of applying existing regulations and developing new rules tailored to these new technologies. Many areas of our market, such as risk management, that integrate AI models may be subject to existing regulation. Consequently, AI models are already subject to regulation. We must ensure that existing regulation is fit for purpose, effectively addresses risks, and aligns with existing compliance obligations.

Existing governance requirements can also help facilitate effective oversight of AI applications. CFTC regulations, for example, introduce important governance obligations for registered market participants. Designated Clearing Organizations must establish a Risk Management Committee “comprised of clearing members and customers of clearing members on matters that could materially affect the risk profile of the DCO” and Risk Management Working Groups composed of market participants.[3] Enhanced risk management oversight and governance best practices will play an important role in managing the development and implementation of this new technology.

(En)Visioning A New Regulatory Framework

In my keynote remarks at a recent event hosted by New York University, I have noted that it is important for the CFTC to develop a principles-based regulatory framework that takes into account the integration of AI in our markets. Some of the critical questions that the framework may address include:

  • Promoting the explainability of AI models. Many AI models are “black-box” models, meaning that it may be difficult, and in some cases impossible, to explain their decision-making processes. Accordingly, FSOC, IOSCO, the FSB, and FINRA have all emphasized the importance of addressing the explainability challenge. As FINRA put it, [i]ncorporating explainability [is] a key consideration in the model risk management process for AI-based applications.”[4]
  • The need for data controls. Data quality, security and privacy are central concerns for regulators as market participants adopt AI models. A recent FSOC report notes, “data controls like data quality, suitability, security, privacy, and timeliness are vital to sound AI use.” [5] Similarly, FINRA calls for “data governance efforts” including: “data review for potential bias,” “data source verification,” “data integration,” “data security,” and “data quality benchmarks and metrics.”[6]
  • Implementing measures to address bias. In 2019, I testified before Congress and voiced my concerns that AI models trained on incomplete or inaccurate data may engender biased results. FSOC has similarly noted that “specific requirements to prevent discrimination or bias that apply to tools, models, or processes used in consumer compliance also apply to AI. This is an important consideration because without proper design, testing, and controls, AI can lead to disparate outcomes, which may cause direct consumer harm and/or raise consumer compliance risks.”[7]
  • A focus on the governance of AI models. We also need clear governance frameworks with documented lines of accountability as well as testing and monitoring for effectiveness. For example, FSOC “recommends monitoring the rapid developments in AI, including generative AI, to ensure that oversight structures keep up with or stay ahead of emerging risks to the financial system while facilitating efficiency and innovation.”[8]
  • Testing and monitoring output. Protecting against bias, promoting explainability, and implementing governance strategies are only possible where models are properly tested and monitored. FSOC notes the responsibility of financial institutions to “monitor the quality and applicability of AI’s output” – and the ability of regulators to “help to ensure that they do so.”[9] 

Proposed Interventions

Based on years of critical thinking and dialogue regarding these issues, I am advocating for the following interventions.

Interagency Task Force

I have the privilege of serving as the CFTC’s executive representative of the Administrative Conference of the United States. Serving alongside executives across federally regulated markets, I have the opportunity to see the benefit of convening regulators and our interagency dialogue. In my previous role, I supported the development of several of the earliest, most comprehensive and groundbreaking reports on AI.

Consequently, I am advocating for the Commission to lead in creating a financial markets interagency task force focused on information sharing and composed of market and prudential regulators including the CFTC, SEC, Federal Reserve System, OCC, CFPB, FDIC, FHFA, and NCUA. The task force would support the AI Safety Institute, housed in the National Institute of Standards and Technology, in developing guidelines, tools, benchmarks, and best practices for the use and regulation of AI in the financial services industry. It may also provide recommendations to the AI Safety Institute as well as evaluate proposals coming out of the Institute.

Combatting AI-enabled Market Manipulation and Fraud

As I mentioned at the start, we also need to take action to combat AI-enabled manipulation and fraud in CFTC-regulated markets. Before we get to that however, a basic overview of the relevant statutory and regulatory structure is in order.

Prior to Dodd-Frank, the CFTC charged manipulation under Sections 6(c) and 9(a) of the Commodity Exchange Act (CEA).[10] Section 6(c) “authorize[d] the CFTC to bring an action ‘[i]f the Commission has reason to believe that any person ... has manipulated or attempted to manipulate the market price of any commodity.’ 7 U.S.C. § 9 (2006). Section 9(a)(2) similarly prohibit[ed] any person from “manipulat[ing] or attempt[ing] to manipulate the price of any commodity ... on or subject to the rules of any registered entity.”[11] To prevail on such claims, the CFTC had to show: “(1) Defendants possessed an ability to influence market prices; (2) an artificial price existed; (3) Defendants caused the artificial prices; and (4) Defendants specifically intended to cause the artificial price.”[12]

The Dodd-Frank Act, enacted in 2010, included new statutory provisions addressing manipulation in CFTC-regulated markets. Section 6 of the CEA, as amended by Dodd-Frank, makes it:

unlawful for any person, directly or indirectly, to use or employ, or attempt to use or employ, in connection with any swap, or a contract of sale of any commodity in interstate commerce, or for future delivery on or subject to the rules of any registered entity, any manipulative or deceptive device or contrivance, in contravention of such rules and regulations as the Commission shall promulgate by not later than 1 year after the date of enactment of the Dodd-Frank Act.[13]

Guided by similarities between the language in the relevant statutes, the Commission enacted an implementing rule “modeled on SEC Rule 10b–5,” which targets fraud in securities markets.[14] For our purposes, I want to focus on one key aspect of the statutory provisions and regulation—that a party engaging in the prohibited activities must have a culpable state of mind, known as scienter.

Under Regulation 180.1, the level of scienter required to plead a cause of action for manipulation is “intentionally or recklessly.” 17 C.F.R. § 180.1(a). In its notice of final rule making regarding Regulation 180.1, the CFTC stated that “a showing of recklessness is, at a minimum, necessary to prove the scienter element of final Rule 180.1. Consistent with long-standing precedent under the commodities and securities laws, the Commission defines recklessness as an act or omission that ‘departs so far from the standards of ordinary care that it is very difficult to believe the actor was not aware of what he or she was doing.’’’ Final Rule, 76 Fed. Reg. at 41,404.[15]

Courts have accepted both “direct evidence of intent” as well as “circumstantial evidence showing intent” to meet Rule 180.1’s scienter element.[16]

The scienter requirement raises interesting questions in the context of algorithm and AI-based trading. Attributing a “mental state” in the context of fraud or manipulation perpetrated using AI may create new challenges for enforcement.

As Michael Barr and Michael Wellman and their co-authors explain, “[t]he problem with scienter flows from manipulation law’s emphasis on intent but an autonomously developing algorithm’s lack of any mental state attributable directly to a designer.”[17]

Most of us here likely remember the 2010 “Flash Crash” in which,  within minutes on a trading day, “major equity indices in both the futures and securities markets . . . suddenly plummeted . . . 5–6%” and then rebounded.[18] In 2015, Department of Justice and CFTC investigations revealed that a rogue London-based futures trader—Navinder Singh Sarao—had manipulated the E-Mini S&P 500 by using an algorithm to flood the Chicago Mercantile Exchange (CME) with sell orders.[19] In entering a Consent Order, under which Sarao admitted to spoofing and manipulation in violation of the CEA, the court noted that Sarao’s communications with programmers “demonstrated an intent to use the programs to place orders (1) with no intention of executing those orders; and (2) with an intention to affect E-mini S&P market prices.”[20] These communications included design requests to “make [the program] workable in terms of me moving the market like we discussed” and an email indicating that “when [Sarao] was ‘short,’ he wanted to ‘spoof [the market] down.’”[21]

This example illustrates risk management and enforcement concerns that may arise if an algorithm is intentionally designed or deployed order to engage in prohibited conduct.

Two weeks ago, the Future of Finance Subcommittee of the Market Risk Advisory Committee (MRAC) and the MRAC, which I sponsor, voted to approve and adopted a working plan for advancing the Commission’s oversight of market integration of AI.

MRAC-Led AI Interventions

Among other forthcoming proposals, the MRAC Subcommittee will examine the possibility of:

  •  A Survey on the Use of AI in CFTC-regulated Markets. The Subcommittee believes that it may be useful for the Commission to conduct a survey of CFTC registrants’ use of AI in CFTC-regulated markets, including possibly integrating the survey in the examinations and other oversight and monitoring tools of the Commission. The survey would be designed to inform the Commission and its staff on how different types of AI are being integrated and details regarding relevant risks and risk mitigation.[22]
  • Recommendations on New Guidance, Advisories or Rulemaking. The Subcommittee may advance a recommendation that the staff should consider new guidance, advisories or formal rulemaking, based on how CFTC market participants are using AI to conduct regulated activities and any gaps identified in existing regulations and guidance. Areas of focus may include, without limitation, framing the risk of AI models; robust monitoring and testing of AI models, including to address cybersecurity, data controls, bias, privacy, and output consistency; and oversight and of AI models.

We will work to improve and refine the working plan in the coming months, and I look forward to what the Future of Finance Subcommittee will produce. 

As I mentioned earlier, in January, the Commission issued an RFC on the use of artificial intelligence in CFTC-regulated markets. FIA, CME and ICE recently provided a joint response to the RFC, which noted that “this request for comment should be the first amongst many steps that Staff and the CFTC take to better understand any potential, risks, and use cases for AI.”[23]

I have proposed a specific next step, encouraging greater visibility and transparency regarding our registrants’ use of AI by expanding our annual systems examination questionnaire to incorporate questions that directly inquire about the adoption of AI and related risks. An expansion of our annual systems examination questionnaire is an appropriate next step to advance our understanding.

Conclusion 

Thank you so much for allowing me to share these remarks on AI today. I look forward to our discussion. 


[1] Fin. Stability Bd., Artificial Intelligence and Machine Learning in Financial Services Market Developments and Financial Stability Implications at 3 (Nov. 1, 2017), https://www.fsb.org/wp-content/uploads/P011117.pdf.

[2] LabCFTC, A Primer on Artificial Intelligence in Financial Markets (Oct. 24, 2019), https://www.cftc.gov/media/2846/LabCFTC_PrimerArtificialIntelligence102119/download.

[3] 88 F.R. 44675.

[4] The Financial Industry regulatory Authority (FINRA), Report on Artificial Intelligence (AI) in the Securities Industry, June 2020, https://www.finra.org/sites/default/files/2020-06/ai-report-061020.pdf.

[5] Financial Stability Oversight Council, 2023 Annual Report (Dec. 14, 2023), https://home.treasury.gov/system/files/261/FSOC2023AnnualReport.pdf.

[6] FINRA, Report on Artificial Intelligence (AI) in the Securities Industry, supra.

[7] Financial Stability Oversight Council, 2023 Annual Report, supra.

[8] Id.

[9] Id.

[10] 75 F.R. 67657 at 67658.

[11] United States Commodity Futures Trading Comm'n v. Wilson, No. 13 CIV. 7884 (RJS), 2018 WL 6322024, at *12 (S.D.N.Y. Nov. 30, 2018) (citing pre-Dodd Frank statute).

[12] Id.

[13] 75 F.R. 67657.

[14] 75 F.R. 67657 at 67658.

[15] U.S. Commodity Futures Trading Comm'n v. Kraft Foods Grp., Inc., 153 F. Supp. 3d 996, 1014 (N.D. Ill. 2015)

[16] Id. at 1015.

[17] Michael Barr, et al., The Coming Failure of Manipulation Law?, (Draft) at 7, Barr et al_Reinforcement Learning, Algorithms, & Manipulation Law_rev 2021 10 19_7 pm.pdf (columbia.edu).

[18] U.S. Securities & Exchange Comm’n & U.S. Commodity Futures Trading Comm’n, Findings Regarding the Market Events of May 6, 2010: Report of the Staffs of the CFTC and SEC to the Joint Advisory Committee on Emerging Regulatory Issues 1 (Sept. 30, 2010), https://www.sec.gov/news/studies/2010/marketevents-report.pdf.

[19] CFTC Release No. 7156-15, CFTC Charges U.K. Resident Navinder Singh Sarao and His Company Nav Sarao Futures Limited PLC with Price Manipulation and Spoofing (Apr. 21, 2015), http://www.cftc.gov/PressRoom/PressReleases/pr7156-15.

[20] U.S. Commodity Futures Trading Comm'n v. Nav Sarao Futures Ltd. PLC, No. 15-CV-3398, 2016 WL 8257513, at *5 (N.D. Ill. Nov. 14, 2016).

[21] Id.

[22] For citations supporting this discussion, see Statement of Commissioner Johnson at the Market Risk Advisory Committee Meeting, CCP Resilience, AI and Risk Management Implications, Market Structure Reforms, and Climate Related Market Risks, April 9, 2024 available at https://www.cftc.gov/PressRoom/SpeechesTestimony/johnsonstatement040924#_ftn34.

[23] FIA, CME, ICE, Response to Request for Comment on the Use of Artificial Intelligence in CFTC-Regulated Markets (Apr. 24, 2024).

-CFTC-