82 FR 8369 - Proposed Amendments To Swap Data Access Provisions and Certain Other Matters

COMMODITY FUTURES TRADING COMMISSION

Federal Register Volume 82, Issue 15 (January 25, 2017)

Pursuant to Title VII of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (``Dodd-Frank Act''), as amended by the Fixing America's Surface Transportation Act of 2015 (``FAST Act''), the Commodity Futures Trading Commission (``Commission'' or ``CFTC'') is proposing amendments the Commission's regulations relating to access to swap data held by Swap Data Repositories. The proposed amendments would implement pertinent provisions of the FAST Act and make associated changes to the Commission's regulations governing the grant of access to swap data to certain foreign and domestic authorities by Swap Data Repositories and to certain other regulations unrelated to such access.

[Federal Register Volume 82, Number 15 (Wednesday, January 25, 2017)]
[Proposed Rules]
[Pages 8369-8391]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2017-01287]


=======================================================================
-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION

17 CFR Part 49

RIN 3038-AE44


Proposed Amendments To Swap Data Access Provisions and Certain 
Other Matters

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: Pursuant to Title VII of the Dodd-Frank Wall Street Reform and 
Consumer Protection Act of 2010 (``Dodd-Frank Act''), as amended by the 
Fixing America's Surface Transportation Act of 2015 (``FAST Act''), the 
Commodity Futures Trading Commission (``Commission'' or ``CFTC'') is 
proposing amendments the Commission's regulations relating to access to 
swap data held by Swap Data Repositories. The proposed amendments would 
implement pertinent provisions of the FAST Act and make associated 
changes to the Commission's regulations governing the grant of access 
to swap data to certain foreign and domestic authorities by Swap Data 
Repositories and to certain other regulations unrelated to such access.

DATES: Comments must be received on or before March 27, 2017.

ADDRESSES: You may submit comments, identified by RIN 3038-AE44, by any 
of the following methods:
     CFTC Web site: https://comments.cftc.gov. Follow the 
instructions for submitting comments through the Comments Online 
process on the Web site.
     Mail: Christopher Kirkpatrick, Secretary of the 
Commission, Commodity Futures Trading Commission, Three Lafayette 
Centre, 1155 21st Street NW., Washington, DC 20581.
     Hand Delivery/Courier: Same as Mail, above.
     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
    Please submit your comments using only one method.
    All comments must be submitted in English, or if not, accompanied 
by an English translation. Comments will be posted as received to 
www.cftc.gov. You should submit only information that you wish to make 
available publicly. If you wish the Commission to consider information 
that you believe is exempt from disclosure under the Freedom of 
Information Act (``FOIA''), a petition for confidential treatment of 
the exempt information may be submitted according to the procedures 
established in Sec.  145.9 of the Commission's regulations.\1\
---------------------------------------------------------------------------

    \1\ 17 CFR 145.9. All Commission regulations cited herein are 
set forth in chapter I of Title 17 of the Code of Federal 
Regulations.
---------------------------------------------------------------------------

    The Commission reserves the right, but shall have no obligation, to 
review, pre-screen, filter, redact, refuse or remove any or all of your 
submission from www.cftc.gov that it may deem to be inappropriate for 
publication, such as obscene language. All submissions that have been 
redacted or removed that contain comments on the merits of the 
rulemaking will be retained in the public comment file and will be 
considered as required under the Administrative Procedure Act and other 
applicable laws, and may be accessible under the FOIA.

FOR FURTHER INFORMATION CONTACT: Daniel Bucsa, Deputy Director, 
Division of Market Oversight--Data and Reporting Branch, (202) 418-
5435, [email protected]; Jeffrey P. Burns, Assistant General Counsel, 
Office of the General Counsel, (202) 418-5101, [email protected]; David 
E. Aron, Special Counsel, Division of Market Oversight--Data and 
Reporting Branch, (202) 418-6621, [email protected]; or Owen J. Kopon, 
Special Counsel, Division of Market Oversight--Data and Reporting 
Branch, (202) 418-5360, [email protected], Commodity Futures Trading 
Commission, Three Lafayette Centre, 1151 21st Street NW., Washington, 
DC 20581.

SUPPLEMENTARY INFORMATION: 

Table of Contents

I. Background and Introduction
    A. Statutory Background: The Dodd-Frank Act
    B. Regulatory History: The Part 49 Rules and the Commission's 
2012 Interpretative Statement
    1. Access to SDR Swap Data
    2. The Regulatory Indemnification Requirement
    C. FAST Act Amendments to CEA Section 21
    D. CEA Section 8 Informs the Confidentiality Provisions of CEA 
Section 21
    E. Summary of Proposed Revisions to Part 49
    F. Rescission of 2012 Interpretative Statement
II. Discussion
    A. Definitions: Proposed Amendments to Sec.  49.2
    B. Domestic and Foreign Regulators With Regulatory 
Responsibility Over SDRs: Proposed Amendments to Sec.  49.17(d)(2) 
and (3)
    1. The Current Rule
    2. Proposed Amendments
    3. Request for Comment
    C. Appropriateness Determination for Foreign Regulators and Non-
Enumerated Domestic Regulators: Proposed Sec.  49.17(h) and Proposed 
Amendments to Sec.  49.17(b)
    1. The Current Rule
    2. The Proposed Amendments
    3. The Factors Required for a Determination Order
    a. Scope of Jurisdiction
    b. Robust Confidentiality Safeguards
    c. Additional Considerations
    d. Other Matters Regarding the Determination Order Process
    e. Request for Comment
    4. Proposed Amendments to Sec.  49.17(d)(4)--SDR Notice and 
Verification Obligations
    5. Proposed New Sec.  49.17(i)--Delegation of Authority
    6. Request for Comment
    D. CEA Section 21(d) Confidentiality Agreements: Proposed 
Amendments to Sec.  49.18
    1. Current Sec.  49.18
    2. Proposed Amendments to Sec.  49.18(a)--Confidentiality 
Arrangement Required Prior to Disclosure of Swap Data
    3. Proposed Amendments to Sec.  49.18(b)--Required Elements of 
the Confidentiality Arrangement
    4. Removal of Sec.  49.18(c)--ADRs and AFRs With Regulatory 
Responsibility Over an SDR
    5. Failure To Fulfill the Terms of a Confidentiality 
Arrangement: Proposed Sec.  49.18(c) and (d)
    6. Proposed Sec.  49.18(e)--Delegation of Authority
    7. Conforming Changes
    8. Request for Comment
    E. Other Changes
III. Request for Comment
IV. Related Matters
    A. Regulatory Flexibility Act
    B. Paperwork Reduction Act
    1. Summary of the Proposed Requirements
    2. Collection of Information
    3. Request for Comments on Collection
    C. Cost-Benefit Considerations
    D. Antitrust Considerations

I. Background and Introduction

A. Statutory Background: The Dodd-Frank Act

    Title VII of the Dodd-Frank Act \2\ amended the Commodity Exchange 
Act (``CEA'' or the ``Act'') \3\ to establish a

[[Page 8370]]

comprehensive new regulatory framework for swaps including, in new CEA 
section 21, the registration and regulation of Swap Data Repositories 
(``SDRs'').\4\ CEA section 21 imposes on SDRs, among other duties and 
responsibilities, the duty to maintain the privacy of all swap 
transaction information received from a swap dealer, counterparty, or 
any other registered entity.\5\ CEA section 21(c)(7) directs SDRs to 
make swap data available ``on a confidential basis pursuant to section 
8 [of the CEA]'' \6\ to certain enumerated domestic authorities and any 
other person the Commission determines to be appropriate, which may 
include certain types of foreign authorities.\7\ Entities that are 
eligible to receive access to swap data from an SDR pursuant to CEA 
section 21(c)(7) are referred to herein, collectively, as the 
``21(c)(7) entities'').
---------------------------------------------------------------------------

    \2\ See Dodd-Frank Wall Street Reform and Consumer Protection 
Act, Public Law 111-203, 124 Stat. 1376 (2010), available at http://www.cftc.gov/LawRegulation/OTCDERIVATIVES/index.htm. Title VII of 
the Dodd-Frank Act, which amended the Commodity Exchange Act 
(``CEA'' or the ``Act''), may be cited as the Wall Street 
Transparency and Accountability Act of 2010.
    \3\ 7 U.S.C. 1 et seq.
    \4\ See Dodd-Frank Act section 728 (adding new CEA section 21, 7 
U.S.C. 24(a), to establish a registration requirement and regulatory 
regime for SDRs).
    \5\ 7 U.S.C. 24a(c)(6).
    \6\ As is discussed more fully below, CEA section 8 describes 
circumstances under which public disclosure of information in the 
Commission's possession is permitted and prohibited. As is 
particularly relevant here, CEA section 8(e) permits the Commission 
to disclose information in its possession and obtained in connection 
with the administration of the CEA, upon request, to Federal 
departments and agencies acting within the scope of their 
jurisdiction but prohibits such recipients from disclosing such 
information except in an action or proceeding under the laws of the 
United States to which the recipient, the Commission or the United 
States is a party. CEA section 8(e) further permits the Commission 
to disclose information in its possession obtained in connection 
with administration of the CEA, upon request, to any foreign futures 
authority, department, central bank and ministries, or agency of a 
foreign government or political subdivision thereof, acting within 
the scope of its jurisdiction, subject to the condition that the 
Commission is satisfied that the information will not be disclosed 
by such recipient other than in connection with an adjudicatory 
action or proceeding to which the foreign futures authority, 
department, central bank and ministries, or the foreign government 
or political subdivision or agency thereof is a party, and which is 
brought under the laws of the foreign government or its political 
subdivision, See 7 U.S.C. 12(e).
    \7\ See 7 U.S.C. 24a(c)(7). See also Commission, Final 
Rulemaking: Swap Data Recordkeeping and Reporting Requirements, 77 
FR 2136, Jan. 13, 2012 (``Data Final Rules''). The Data Final Rules 
set forth, among others, regulations governing SDR data collection 
and reporting responsibilities under part 45 of the Commission's 
regulations.
---------------------------------------------------------------------------

    As originally enacted, CEA sections 21(d)(1) and (2) of the Act 
mandated that, prior to receipt of any requested data or information 
from an SDR, a 21(c)(7) entity agree in writing to abide by the 
confidentiality requirements described in CEA section 8 and, 
separately, to indemnify the SDR and the Commission for ``any expenses 
arising from litigation relating to the information provided under 
section 8.'' \8\ Congress's repeal of the CEA section 21(d)(2) 
indemnification requirement in the FAST Act in December 2015 gave rise 
to the amendments proposed in this release.
---------------------------------------------------------------------------

    \8\ 7 U.S.C. 24a(d). As noted above, the indemnification 
requirement was stricken from CEA section 21(d) by the FAST Act. See 
Public Law 114-94, section 86001(b)(2).
---------------------------------------------------------------------------

B. Regulatory History: The Part 49 Rules and the Commission's 2012 
Interpretative Statement

1. Access to SDR Swap Data
    In 2011, the Commission adopted rules implementing CEA section 21's 
requirements for SDRs.\9\ The Commission implemented the SDR swap data 
access provisions of CEA sections 21(c)(7) and (d) by establishing 
processes by which various categories of entities could gain access to 
SDR swap data. The domestic entities enumerated in CEA section 
21(c)(7)(A)-(D),\10\ and certain others deemed by the Commission to be 
appropriate recipients of such swap data pursuant to CEA section 
21(c)(7)(E),\11\ were defined in Sec.  49.17(b)(1) of the Commission's 
regulations as ``Appropriate Domestic Regulators'' (``ADRs'').\12\
---------------------------------------------------------------------------

    \9\ Swap Data Repositories: Registration Standards, Duties and 
Core Principles; 76 FR 54538 (Sept. 1, 2011) (``SDR Final Rules''); 
see also Swap Data Repositories: Registration Standards, Duties and 
Core Principles, 75 FR 80898 (Dec. 23, 2010) (the proposed SDR Final 
Rules) (``SDR NPRM'').
    \10\ The domestic regulators enumerated in CEA section 
21(c)(7)(A)-(D) are: (A) Each appropriate prudential regulator; (B) 
the Financial Stability Oversight Council (``FSOC''); (C) the 
Securities and Exchange Commission (``SEC''); and (D) the Department 
of Justice. The term ``prudential regulator'' is defined in CEA 
section 1a(39).
    \11\ In addition to enumerating certain domestic entities to 
which an SDR must grant swap data access, CEA section 21(c)(7)(E) 
identifies as an eligible recipient of such access ``any other 
person that the Commission determines to be appropriate, including--
foreign financial supervisors (including foreign futures 
authorities); foreign central banks; foreign ministries; and other 
foreign authorities[.]'' 7 U.S.C. 24a(c)(7)(E). Pursuant to this 
authority, in rules 49.17(b)(1)(v) and (vi), the Commission 
identified any Federal Reserve Bank and the Office of Financial 
Research (``OFR''), respectively, as ``Appropriate Domestic 
Regulators.'' The Commission also defined as an ``Appropriate 
Domestic Regulator'' each prudential regulator identified in CEA 
section 1(a)(39), with respect to requests related to any such 
regulator's statutory authority. See Sec.  49.17(b)(1)(ii). The 
Commission further reserved the discretion, in Sec.  
49.17(b)(1)(vii), to recognize ``[a]ny other person the Commission 
deems appropriate'' to be an ``Appropriate Domestic Regulator.''
    \12\ Pursuant to Sec.  49.17(d)(2), ADRs with regulatory 
jurisdiction over an SDR are not required to apply for access to SDR 
data or to execute a confidentiality and indemnification agreement 
if the regulator executes an information sharing arrangement with 
the Commission and the Commission designates the regulator to 
receive direct electronic access to SDR data pursuant to CEA section 
21(c)(4). See also Sec.  49.18(c).
---------------------------------------------------------------------------

    The term ``Appropriate Foreign Regulator'' (``AFR'') \13\ was 
defined in Sec.  49.17(b)(2) as a ``Foreign Regulator'' \14\ with an 
existing memorandum of understanding (``MOU'') or similar type of 
arrangement with the Commission; no AFRs were specifically identified 
in the rule. The term ``Appropriate Foreign Regulator'' was also 
defined to include a Foreign Regulator without an existing MOU with the 
Commission, as determined by the Commission on a case-by-case basis. 
Such a Foreign Regulator was required to file with the Commission an 
application providing sufficient facts and procedures to permit the 
Commission to analyze whether the Foreign Regulator employs appropriate 
confidentiality procedures, and to satisfy the Commission that any SDR 
data accessed by the Foreign Regulator would be disclosed ``only as 
permitted by [s]ection 8(e)'' of the CEA.\15\
---------------------------------------------------------------------------

    \13\ The Commission established the category of AFRs pursuant to 
CEA section 21(c)(7)(E), which, among other things, includes a list 
of the types of foreign entities that the Commission may determine 
to be appropriate recipients of such swap data access.
    \14\ The term ``Foreign Regulator'' is defined in Sec.  
49.2(a)(5) to mean a foreign futures authority as defined in CEA 
section 1(a)(26), foreign financial supervisors, foreign central 
banks and foreign ministries.
    \15\ 17 CFR 49.17(b)(2)(i)(B).
---------------------------------------------------------------------------

    An ADR or AFR seeking access to SDR data is required by current 
Sec.  49.17(d)(1) to file an access request with the SDR certifying 
that it is acting within the scope of its jurisdiction and is required 
by current Sec.  49.17(d)(6) to execute a ``Confidentiality and 
Indemnification Agreement'' with the SDR.\16\
---------------------------------------------------------------------------

    \16\ Current Sec.  49.18(b) requires an SDR to receive such a 
Confidentiality and Indemnification Agreement from an ADR or AFR 
prior to releasing swap data to the ADR or AFR.
---------------------------------------------------------------------------

2. The Regulatory Indemnification Requirement
    In the preamble to the SDR Final Rules, the Commission acknowledged 
commenters' concerns that compliance with the statutory and regulatory 
indemnification requirements would be difficult for certain domestic 
and foreign regulators due to various home country laws and other 
regulations prohibiting such arrangements,\17\ and expressed its intent 
to continue to work to provide regulators sufficient access to SDR 
data. In this regard, the Commission outlined the circumstances under 
which it believed the indemnification provision of CEA section 21(d) 
and Sec.  49.18 would

[[Page 8371]]

not apply. The Commission explained that, under the part 49 rules, 
certain Appropriate Domestic Regulators may in some circumstances 
obtain access to swap data reported and maintained by SDRs without 
regard to the notice and indemnification requirements of CEA sections 
21(c)(7) and (d).\18\ With respect to foreign regulatory authorities, 
the Commission determined in the SDR Final Rules that swap data 
reported to and maintained by an SDR may be accessed by an AFR without 
the execution of a confidentiality and indemnification agreement when 
the AFR has supervisory authority over a Commission-registered SDR that 
is also registered with the AFR pursuant to foreign law and/or 
regulation.
---------------------------------------------------------------------------

    \17\ See SDR Final Rules at 54554. The Commission notes that, 
prior to passage of the FAST Act on December 4, 2015, no 21(c)(7) 
entity had entered into a confidentiality or indemnification 
agreement pursuant to CEA section 21(d) or the part 49 rules.
    \18\ It was, in the Commission's view, appropriate to permit 
access to the swap data maintained by SDRs to Appropriate Domestic 
Regulators that have concurrent regulatory jurisdiction over such 
SDRs, without the application of the notice and indemnification 
provisions of CEA sections 21(c)(7) and (d). See SDR Final Rules at 
54554, n163. Accordingly, pursuant to the Commission's Part 49 
rules, these provisions did not apply to an Appropriate Domestic 
Regulator that has regulatory jurisdiction over an SDR registered 
with it pursuant to a separate statutory authority that is also 
registered with the Commission, if the Appropriate Domestic 
Regulator executes an MOU or similar information sharing arrangement 
with the Commission and the Commission, consistent with CEA section 
21(c)(4)(A), designates the Appropriate Domestic Regulator to 
receive direct electronic access. See 17 CFR 49.17(d)(2).
---------------------------------------------------------------------------

    Concerns about the scope of the indemnification provision 
persisted, and in October 2012 the Commission issued an Interpretative 
Statement, which was designed to provide guidance and greater clarity 
to interested members of the public and foreign regulators with respect 
to the scope and application of CEA section 21(d) and the part 49 
rules.\19\ The Interpretative Statement clarified that a foreign 
regulatory authority's access to swap data held in a CFTC-registered 
SDR would not be subject to the confidentiality and indemnification 
provisions of CEA section 21(d) or the part 49 regulations if (i) the 
registered SDR is also registered in, or recognized or otherwise 
authorized by, the foreign authority's regulatory regime; and (ii) the 
data sought to be accessed by the foreign authority has been reported 
to the registered SDR pursuant to such foreign regulatory regime.\20\
---------------------------------------------------------------------------

    \19\ See Swap Data Repositories: Interpretative Statement 
Regarding the Confidentiality and Indemnification Provisions of the 
Commodity Exchange Act, 77 FR 65177 (Oct. 25, 2012) 
(``Interpretative Statement'').
    \20\ Interpretative Statement at 65181.
---------------------------------------------------------------------------

C. FAST Act Amendments to CEA Section 21

    Congress responded to the regulators' access concerns by including 
in the FAST Act a repeal of CEA section 21(d)(2)'s indemnification 
requirement.\21\ The confidentiality requirement in CEA section 
21(d)(1) was retained in CEA section 21(d), as amended.\22\
---------------------------------------------------------------------------

    \21\ Title LXXXVI (``Repeal of Indemnification Requirements'') 
of the FAST Act amends the CEA by:
    repeal[ing] the indemnification requirements added by the Dodd-
Frank Wall Street Reform and Consumer Protection Act for regulatory 
authorities to obtain access to swap data. Foreign regulators and 
regulatory entities have indicated concerns regarding the 
indemnification requirements of Dodd-Frank. The title removes such 
requirements so data can be shared with foreign authorities. The 
title would still require the regulatory agencies requesting the 
information to agree to certain confidentiality requirements prior 
to receiving the data.
    FAST Act: Conference Report to Accompany H.R. 22, Dec. 1, 2015 
at 486-87. The repeal applied as well to the analogous provision in 
the Securities Exchange Act of 1934, 15 U.S.C. 78m(n)(5).
    \22\ The legislation struck subsection (d) of CEA section 21 and 
inserted in its place a provision entitled, ``Confidentiality 
Agreement,'' that states that before a swap data repository may 
share information with any entity described in subsection (c)(7), 
the swap data repository shall receive a written agreement from each 
entity stating that the entity shall abide by the confidentiality 
requirements described in section 8 of the CEA relating to the 
information on swap transactions that is provided. See FAST Act, 
Public Law 114-94, 129 Stat. 1312 (Dec. 4, 2015).
---------------------------------------------------------------------------

    The FAST Act also modified CEA section 21(c)(7)(A) by specifying 
that ``swap'' data--as opposed to ``all'' data--must be provided to 
21(c)(7) entities, and added to CEA section 21(c)(7)(E)'s non-exclusive 
list of persons that the Commission may determine to be appropriate 
recipients of SDR swap data the new category ``other foreign 
authorities.''

D. CEA Section 8 Informs the Confidentiality Provisions of CEA Section 
21

    CEA section 8 governs the Commission's treatment of nonpublic 
information in its possession in a number of circumstances, and its 
disclosure restrictions and confidentiality standards expressly inform 
the access provisions of CEA sections 21(c)(7) and 21(d). As relevant 
here, CEA section 8(e) permits the Commission to furnish to the 
specified types of domestic or foreign entities--upon their request and 
acting within the scope of their jurisdiction--any information in its 
possession obtained in connection with the administration of the 
Act.\23\ CEA section 8(e) specifies, with respect to U.S. entities, 
that any information furnished thereunder shall not be disclosed except 
in an action or proceeding under the laws of the United States to which 
the entity, the Commission or the United States is a party. CEA section 
8(e) further specifies, with respect to the specified types of foreign 
entities, that the Commission shall not furnish information thereunder 
unless the Commission is satisfied that the information will not be 
disclosed by the entity except in connection with an adjudicatory 
action or proceeding to which the entity is a party brought under the 
laws to which such entity is subject.
---------------------------------------------------------------------------

    \23\ 7 U.S.C. 12(e).
---------------------------------------------------------------------------

    The principles underlying CEA section 8(e) are also fundamental to 
CEA sections 21(c)(7) and (d) and to the access standards and 
confidentiality provisions proposed in this release. In proposing 
clearer and more robust access and confidentiality standards in 
Sec. Sec.  49.17 and 49.18, the Commission is mindful of these 
foundational principles: Where information is sought to be accessed, 
the information must relate to the scope of the requesting entity's 
jurisdiction or authority; and information provided by the SDR shall 
not be further disclosed except in limited, defined circumstances.

E. Summary of Proposed Revisions to Part 49

    Pursuant to its authority under the Act,\24\ the Commission is 
proposing amendments to Sec. Sec.  49.2, 49.9, 49.17, 49.18, and 49.22 
to (i) implement the statutory changes mandated by the FAST Act 
Amendments; (ii) make certain conforming and clarifying changes related 
to such implementation; (iii) revise the process by which 
appropriateness is determined for purposes of access to SDR swap data 
and clarify the standards in connection with the Commission's 
appropriateness determinations; and (iv) establish the form and 
substance of the written agreement mandated by CEA section 21(d), as 
amended. In formulating the following proposed amendments, the 
Commission has endeavored to balance the goal of effective and 
consistent global regulation of swaps \25\ with the mandate of CEA 
sections 21(c)(7) and (d) that swap data be made available to a limited 
universe of regulators on a

[[Page 8372]]

confidential basis pursuant to CEA section 8. The proposed rules and 
rule amendments would, if adopted:
---------------------------------------------------------------------------

    \24\ See, e.g., CEA section 21(f)(4) (Additional duties 
developed by Commission), 7 U.S.C. 24a(f)(4). The Commission is also 
authorized by CEA section 8a(5), 7 U.S.C. 12a(5), to make such rules 
and regulations as, in the judgment of the Commission, are 
reasonably necessary to effectuate any of the provisions or to 
accomplish any of the purposes of the Act.
    \25\ Section 752 of the Dodd-Frank Act directs the CFTC, the SEC 
and the prudential regulators, as appropriate, to consult and 
coordinate with foreign regulatory authorities in this regard and 
provides that these entities may agree to such information-sharing 
arrangements as may be deemed necessary or appropriate in the public 
interest or for the protection of investors, swap counterparties, 
and security-based swap counterparties.
---------------------------------------------------------------------------

     Add ``other foreign authorities'' to the foreign 
regulators identified in Sec.  49.2(a)(5), consistent with the FAST 
Act's amendment to CEA section 21(c)(7)(E) to include this category 
among the entities that the Commission may deem appropriate to access 
SDR swap data;
     Amend Sec.  49.9 to make clarifying changes;
     Amend Sec.  49.17 to, among other things: (i) Delete all 
references to the indemnification requirement and/or indemnification 
agreement; (ii) establish a process and clarify the standards for 
determining whether certain entities not enumerated in Sec.  
49.17(b)(1)(i)-(vi) are appropriate to directly access swap data from 
an SDR; (iii) revise the SDR notification requirement so that SDRs 
notify the Commission only for each initial request for swap data by 
ADRs and AFRs and any subsequent request at variance with the ADR's or 
AFR's scope of jurisdiction; (iv) specify that the information 
available to ADRs and AFRs is ``swap data''--as distinguished from 
``data,'' to reflect the corresponding FAST Act amendment to CEA 
section 21; and (v) add a delegation of authority provision so that 
Commission staff is able to efficiently administer certain functions 
related to SDR swap data access;
     Amend Sec.  49.18 to, among other things: (i) Delete all 
references to the indemnification requirement and/or indemnification 
agreement; (ii) require that SDRs receive, prior to providing SDR swap 
data access to an ADR or AFR, a written confidentiality arrangement 
between the Commission and such ADR or AFR; (iii) specify the required 
elements of such written confidentiality arrangement; (iv) require SDRs 
to notify the Commission of any known failures to fulfill the terms of 
a confidentiality arrangement required by Sec.  49.18(a); (v) inform 
ADRs, AFRs and SDRs that the Commission may direct an SDR to limit, 
suspend or revoke an ADR's or AFR's access to swap data held by an SDR 
if such ADR or AFR has failed to fulfill the terms of a confidentiality 
arrangement required by Sec.  49.18(a); and (vi) add a delegation of 
authority provision so that Commission staff is able to efficiently 
administer certain functions related to SDR swap data access; and
     Amend Sec.  49.22(d)(4) to omit a reference to 
indemnification in order to conform to the corresponding FAST Act 
amendment to the CEA.

F. Rescission of 2012 Interpretative Statement

    The Commission has determined to rescind its 2012 Interpretative 
Statement. References to the indemnification requirement in the 
Interpretative Statement are no longer relevant as the indemnification 
requirement in CEA section 21(d) has been repealed by the FAST Act. 
Additionally, the modifications to Sec.  49.17(d)(3) that are proposed 
here are consistent with the clarifications provided in the 
Interpretative Statement.

II. Discussion

A. Definitions: Proposed Amendments to Sec.  49.2

    As originally adopted, Sec.  49.2(a)(5) defined the term ``foreign 
regulator'' to include a foreign futures authority as defined in CEA 
section 1a(26), foreign financial supervisors, foreign central banks 
and foreign ministries.\26\ The FAST Act amendments to the CEA added to 
subsection 21(c)(7)(E) a new category of entity--``other foreign 
authorities''--that the Commission may deem appropriate to obtain 
access to SDR swap data. The Commission proposes a corresponding 
amendment to the definition of ``foreign regulator'' in Sec.  
49.2(a)(5) to conform this definition to amended subsection 
21(c)(7)(E).
---------------------------------------------------------------------------

    \26\ 17 CFR 49.2(a)(5). CEA Section 1a(26) defines ``foreign 
futures authority'' as any foreign government, or any department, 
agency, governmental body, or regulatory organization empowered by a 
foreign government to administer or enforce a law, rule, or 
regulation as it relates to a futures or options matter, or any 
department or agency of a political subdivision of a foreign 
government empowered to administer or enforce a law, rule, or 
regulation as it relates to a futures or options matter. Section 
723(a)(2) of the Dodd-Frank Act added section 2(d) to the CEA to 
provide that enumerated provisions, including CEA section 1a, apply 
to swaps.
---------------------------------------------------------------------------

B. Domestic and Foreign Regulators With Regulatory Responsibility ) 
Over SDRs: Proposed Amendments to Sec.  49.17(d)(2) and (3)

1. The Current Rule
    Commission regulation 49.17(d)(2) of the Commission's regulations 
currently provides that an ADR with regulatory jurisdiction over an SDR 
registered with it pursuant to a separate statutory authority that is 
also registered with the Commission is not subject to the requirements 
of Sec.  49.17(d) (application and notice provisions) and Sec.  
49.18(b) (confidentiality and indemnification agreement) as long as the 
following conditions are met: (i) The ADR executes an MOU or similar 
information sharing arrangement with the Commission; and (ii) the 
Commission, consistent with CEA section 21(c)(4)(A), designates the ADR 
to receive direct electronic access. As described in the SDR Final 
Rules, the Commission provided that these ADRs may be provided access 
to the swap data reported and maintained by SDRs without being subject 
to the notice and indemnification provisions of CEA sections 21(c)(7) 
and (d).\27\
---------------------------------------------------------------------------

    \27\ See SDR Final Rules at 54554.
---------------------------------------------------------------------------

    Commission regulation 49.17(d)(3) of the Commission's regulations 
currently provides that an AFR with supervisory authority over an SDR 
registered with it pursuant to foreign law and/or regulation that is 
also registered with the Commission is not subject to the requirements 
of Sec.  49.17(d) (application and notice provisions) and Sec.  
49.18(b) (confidentiality and indemnification agreement). As described 
in the SDR Final Rules and Interpretative Statement, the Commission 
believes that confidential swap data reported to, and maintained, by an 
SDR may be appropriately accessed by an AFR without the execution of a 
confidentiality and indemnification agreement when the AFR is acting in 
a regulatory capacity with respect to an SDR that is also registered 
with the AFR and with respect to data reported to such SDR pursuant to 
such AFR's regulatory regime.\28\
---------------------------------------------------------------------------

    \28\ Id. See also Interpretative Statement at 65181; section 752 
of the Dodd-Frank Act.
---------------------------------------------------------------------------

2. Proposed Amendments
    With respect to domestic regulators with regulatory jurisdiction 
over an SDR, the Commission proposes to remove: (1) The reference to 
``Appropriate Domestic Regulator'' in Sec.  49.17(d)(2) and replace it 
with the term ``domestic regulator'' to clarify that all domestic 
regulators and not just ADRs would fall under Sec.  49.17(d)(2); (2) 
subparagraph (i) to Sec.  49.17(d)(2) (the information sharing 
arrangement condition) and (3) subparagraph (ii) to Sec.  49.17(d)(2) 
(the direct electronic access condition). Although the Commission in 
the original part 49 rules adopted the information sharing and direct 
electronic access conditions so that ADRs would not be subject to the 
then-existing confidentiality and indemnification requirements, the 
Commission through experience with SDR swap data access believes an 
additional refinement of these rules is necessary in order to promote 
greater efficiency and cooperation among domestic regulators. 
Accordingly, the Commission submits that a domestic regulator that has 
regulatory jurisdiction

[[Page 8373]]

over an SDR registered with it pursuant to a separate statutory 
authority should be able to access SDR data reported to such SDR 
pursuant to such separate statutory authority irrespective of whether 
such domestic regulator has executed an MOU or similar information 
sharing arrangement with the Commission or been designated to receive 
direct electronic access by the Commission.\29\
---------------------------------------------------------------------------

    \29\ The Commission's proposal is consistent with the principle 
previously set forth in its Interpretative Statement relating to the 
confidentiality and indemnification provisions of the CEA. In 
particular, the Commission stated ``that a foreign regulator's 
access to data from a registered SDR that is also registered, 
recognized, or otherwise authorized in a foreign jurisdiction's 
regulatory regime, where the data to be accessed has been reported 
pursuant to that [other] regulatory regime, [such access] will be 
dictated by that jurisdiction's regulatory regime and not by the CEA 
or Commission regulations.'' See Interpretative Statement at 65181.
---------------------------------------------------------------------------

    In connection with foreign regulatory authorities that have 
supervisory authority over an SDR, the Commission proposes to (i) 
remove the reference to ``Appropriate Foreign Regulator'' in Sec.  
49.17(d)(3) and replace it with the term ``Foreign Regulator'' as 
defined in Sec.  49.2 to clarify that all Foreign Regulators, not only 
those that have been determined ``appropriate'' by the Commission would 
fall under Sec.  49.17(d)(3); and (ii) add qualifying language to Sec.  
49.17(d)(3) so that Sec.  49.17(d)(3) applies not only to SDRs that are 
``registered'' with the Foreign Regulator but also to those SDRs that 
are ``registered, recognized, or otherwise authorized'' by a foreign 
jurisdiction's regulatory regime, and where such swap data has been 
reported to the SDR pursuant to the Foreign Regulator's regulatory 
regime.\30\
---------------------------------------------------------------------------

    \30\ Id.
---------------------------------------------------------------------------

    As it was when adopting the SDR Final Rules, the Commission is 
mindful of the need to protect the confidentiality of swap data when 
such data is provided to another regulator. Under the proposal, the 
Commission believes that the proposed changes to Sec.  49.17(d)(3) 
strike the appropriate balance in providing access to swap data 
consistent with the confidentiality protections set forth in the 
CEA.\31\
---------------------------------------------------------------------------

    \31\ See CEA section 21(c)(7); see also section 752 of the Dodd-
Frank Act.
---------------------------------------------------------------------------

3. Request for Comment
    The Commission requests comment on all aspects of amendments to 
Sec.  49.17(d)(2) and (3).

C. Appropriateness Determination for Foreign Regulators and Non-
enumerated Domestic Regulators: Proposed Sec.  49.17(h) and Proposed 
Amendments to Sec.  49.17(b)

1. The Current Rule
    CEA section 21(c)(7) specifies U.S. entities to which swap data 
must be released by an SDR, provided certain prerequisites are 
satisfied. Because Congress has determined that access to SDR swap data 
by these entities is appropriate when the prerequisites are satisfied, 
no further access consideration by the Commission is necessary. These 
U.S. entities, along with others determined to be appropriate by the 
Commission pursuant to CEA section 21(c)(7)(E), are identified in Sec.  
49.17(b)(1) as ``Appropriate Domestic Regulators.'' The term 
``Appropriate Domestic Regulator'' is also defined to include ``any 
other person the Commission deems appropriate.'' The current part 49 
rules do not include a process for determining that a U.S. entity not 
specifically enumerated in Sec.  49.17(b)(1) is an ``Appropriate 
Domestic Regulator.''
    Under current Sec.  49.17(b)(2)(i), in order for a Foreign 
Regulator \32\ that does not have a current MOU with the Commission to 
be determined to be an ``Appropriate Foreign Regulator,'' \33\ it must 
file with the Commission an application in the form and manner 
specified by the Commission.\34\ The application must provide 
sufficient facts and procedures to permit the Commission to analyze 
whether the Foreign Regulator's confidentiality procedures are 
appropriate and to satisfy the Commission that information provided by 
an SDR will not be disclosed by the Foreign Regulator except as 
permitted by CEA section 8(e).
---------------------------------------------------------------------------

    \32\ The term ``Foreign Regulator'' is defined in Sec.  
49.2(a)(5) to mean a foreign futures authority as defined in CEA 
section 1(a)(26), foreign financial supervisors, foreign central 
banks and foreign ministries.
    \33\ No Foreign Regulators are enumerated in CEA section 
21(c)(7) or specifically identified as Appropriate Foreign 
Regulators in Sec.  49.17(b)(2).
    \34\ To date the Commission has not specified a form and manner 
for the application referenced in current Sec.  49.17(b)(2)(i)(A).
---------------------------------------------------------------------------

2. The Proposed Amendments
    The Commission proposes to eliminate the current filing 
requirements set forth in current Sec.  49.17(b)(2)(i) and establish 
new filing requirements in proposed Sec.  49.17(h). The Commission also 
proposes to include in Sec.  49.17(h), CEA section 8-related 
confidentiality considerations and the ability for the Commission to 
revisit or reassess appropriateness determinations. The filing 
requirements proposed in new Sec.  49.17(h) would apply to all foreign 
regulators regardless of whether a current MOU or similar arrangement 
with the Commission exists, and to any domestic regulator that is not 
an ADR enumerated in Sec.  49.17(b)(1)(i)-(vi) (``Enumerated ADR''). 
Proposed Sec.  49.17(h)(3) would specify two threshold requirements for 
a finding of appropriateness: (i) The requesting entity has in place 
appropriate safeguards to maintain the confidentiality of such swap 
data; and (ii) such entity is acting within the scope of its 
jurisdiction in seeking access to swap data maintained by an SDR. These 
requirements are necessary but may or may not be sufficient to support 
an appropriateness determination: The Commission proposes to evaluate 
each filing on a case-by-case basis with reference to these and other 
factors that the Commission may find germane to its determination. If 
the Commission finds on the basis of information submitted that access 
to SDR swap data is appropriate, the Commission would issue an order 
confirming the regulator's status as an ADR or AFR and setting forth 
any conditions or limitations on access consistent with the relevant 
statutory and regulatory requirements (the proposed ``Determination 
Order''). The Commission is also proposing, through Sec.  49.17(h)(4), 
to be able to revisit, reassess, limit, suspend or revoke a previously 
issued Determination Order. The Commission believes it is necessary to 
be able to revisit an appropriateness determination, and potentially 
take one of the foregoing remedial actions, in order to be able to 
address situations that may arise subsequent to the determination, such 
as where an AFR or ADR violates the term of a Determination Order or 
fails to properly keep SDR swap data confidential.
3. The Factors Required for a Determination Order
a. Scope of Jurisdiction
    CEA section 21(c)(7) directs SDRs to provide swap data to 
regulators ``on a confidential basis pursuant to section 8.'' \35\ The 
Commission interprets this provision to require consistency with CEA 
section 8(e)'s mandate that information may be furnished, on a 
confidential basis, only to other regulators acting within the scope of 
their jurisdiction. Accordingly, the Commission believes that an 
appropriateness determination must be

[[Page 8374]]

informed by reference to the regulator's jurisdiction and to the 
entity's legitimate regulatory or legal interest in the swap data to be 
sought.
---------------------------------------------------------------------------

    \35\ 7 U.S.C. 24(c)(7).
---------------------------------------------------------------------------

    In this regard, the Commission proposes to add to part 49 new Sec.  
49.17(h)(2), which would require an applicant seeking a Determination 
Order to provide the Commission sufficient information to permit the 
Commission to conclude that the applicant would be acting within the 
scope of its jurisdiction in seeking access to swap data maintained by 
an SDR. As part of this information, the Commission expects that an 
applicant would explain the relationship between its jurisdiction and 
its request for access to swap data maintained by SDRs, including an 
explanation of the applicant's need for particular swap data to carry 
out its regulatory mandate, legal authority or responsibility.
    The Commission proposes in new Sec.  49.17(h)(3) to specify that 
the Commission will not issue a Determination Order unless it is 
satisfied that the regulator is acting within the scope of its 
jurisdiction in seeking access to SDR swap data, and that any grant of 
access will be limited to swap data appropriate to the entity's 
regulatory mandate or legal authority. Each Determination Order would 
further require, as a condition of the appropriateness determination 
set forth therein, that a regulator that has received a Determination 
Order promptly notify the Commission, and each SDR from which it has 
received swap data, of any change to its jurisdiction that would relate 
to the swap data access requested.\36\ As described in proposed Sec.  
49.17(d)(5), the Commission would be able to direct SDRs to limit, 
suspend or revoke the scope of an ADR's or AFR's SDR swap data access 
to reflect the new scope of its jurisdiction.\37\ The Commission 
expects that this proposed limitation on access will reduce the risk of 
unauthorized or unnecessary disclosures because each appropriate 
regulator will have access to swap data only to the extent necessary to 
fulfill its jurisdictional mandate or regulatory responsibility.
---------------------------------------------------------------------------

    \36\ The form of confidentiality arrangement set forth in 
proposed Appendix B to part 49 also would require such notices.
    \37\ As is relevant here, proposed Sec.  49.17(d)(5) would 
require that each SDR ``shall, as directed by the Commission, limit, 
suspend or revoke . . . such access should the Commission . . . 
direct the [SDR] to limit, suspend or revoke such access.''
---------------------------------------------------------------------------

b. Robust Confidentiality Safeguards
    CEA section 21(c)(7) is explicit in requiring that SDRs make swap 
data available on a confidential basis pursuant to CEA section 8. 
Proposed Sec.  49.17(h)(2) accordingly would require that the applicant 
submit to the Commission information sufficient to permit a 
determination that the applicant employs adequate confidentiality 
safeguards to ensure that swap data the applicant receives from an SDR 
will not be disclosed other than as permitted by the confidentiality 
arrangement required by Sec.  49.18(a). The Commission anticipates that 
this would involve the Commission considering whether the applicant's 
confidentiality protocols, system safeguards and security compliance 
procedures can be expected to ensure the confidentiality of the swap 
data, and that the applicant has in place protections sufficient to 
prevent unauthorized intrusions into the systems that maintain the swap 
data. In this regard, the Commission would also expect to consider the 
applicant's processes for limiting internal access to swap data to 
those persons with a need to know, as well as how the swap data will be 
stored and whether the swap data will be segregated from other 
information.
    It is the Commission's view that reliance on these factors strikes 
an appropriate balance between realizing the benefits of data access by 
regulators \38\ and the obligation to protect confidential information 
in accordance with the dictates of CEA section 8(e), as incorporated by 
reference in CEA section 21(c)(7) and (d) through those sections' 
incorporation of CEA section 8. The Commission considers these factors 
essential to a determination of appropriateness. Other considerations, 
while not proposed to be codified in these proposed rules, may also 
contribute to the Commission's appropriateness analysis.
---------------------------------------------------------------------------

    \38\ See CEA section 21(c)(7); see also Section 752 of the Dodd-
Frank Act (recognizing the goal of effective and consistent global 
regulation of swaps).
---------------------------------------------------------------------------

c. Additional Considerations
    Although the Commission proposes to eliminate the current 
regulatory provision conferring AFR status on a foreign regulator with 
``an existing [MOU] or other similar type of information sharing 
arrangement executed with the Commission . . ., '' \39\ it nonetheless 
continues to believe that the existence of such an arrangement fosters 
a cooperative relationship and encourages the development of shared 
understandings related to regulatory responsibilities. Although not 
dispositive, indications of a strong cooperative relationship with 
another authority, as established by the existence of such an 
arrangement and the Commission's experience working with such authority 
in finalizing and administering the arrangement, would likely be a 
factor supporting an appropriateness determination. Also, a failure to 
cooperate fully or to comply with the terms of an existing or prior 
arrangement might be expected to weigh against an appropriateness 
determination.
---------------------------------------------------------------------------

    \39\ 17 CFR 49.17(b)(2).
---------------------------------------------------------------------------

    Similarly, when assessing appropriateness, the Commission expects 
to consider whether it receives access to swap data maintained by trade 
repositories in that regulator's jurisdiction. The Commission is 
mindful of the Dodd-Frank Act's encouragement of coordination and 
cooperation with foreign regulatory authorities.\40\ The Commission 
believes that increased data access by regulators has the potential to 
provide the Commission and other authorities with more complete 
information with which to monitor risk exposures and should be expected 
to promote global market stability through enhanced regulatory 
transparency. Accordingly, Commission access to swap data maintained by 
trade repositories in such other regulator's jurisdiction, an 
arrangement prospectively to assist the Commission in obtaining data 
from other jurisdictions, and a history of assistance from a foreign 
regulator, would be viewed favorably by the Commission in considering 
appropriateness.
---------------------------------------------------------------------------

    \40\ See Dodd-Frank Act section 752, supra.
---------------------------------------------------------------------------

d. Other Matters Regarding the Determination Order Process
    The Commission preliminarily believes that the Determination Order 
process and factors discussed above offer a reasonable approach to 
providing requesting entities access to SDR swap data based on clearly 
articulated factors and any additional considerations or circumstances 
the Commission may deem relevant on a case-by-case basis. Both the 
required factors and the additional considerations support the mandate 
of CEA sections 8, 21(c)(7) and 21(d) and are consistent with the 
express intent of Congress that the Commission coordinate and cooperate 
with foreign regulatory authorities on matters related to the 
regulation of swaps. Through the issuance of Determination Orders, the 
Commission will be able to impose appropriate conditions or 
restrictions on an entity's access to SDR swap data such that the 
entity's access is linked to its jurisdictional scope. Pursuant to 
proposed Sec.  49.17(h)(4), the Commission

[[Page 8375]]

may also, in its discretion, issue a Determination Order of limited 
duration, and may otherwise limit, suspend or revoke such an order if 
the entity fails to comply with its terms or the terms of the statutory 
confidentiality arrangements. The Commission would expect SDRs to take 
into account any conditions or restrictions contained in a 
Determination Order when providing access to swap data to an ADR or 
AFR.
    The Commission further believes it is appropriate to make the 
process and factors proposed in Sec.  49.17(h) applicable to any 
domestic entities that are not enumerated as ADRs in Sec.  
49.17(b)(1)(i)-(vi), as scope of jurisdiction and confidentiality 
considerations are equally applicable to U.S. entities, and has drafted 
proposed Sec.  49.17(h) accordingly.
e. Request for Comment
    The Commission requests comment on all aspects of proposed Sec.  
49.17(h), particularly on whether the proposed regulatory and other 
factors are sufficient to determine whether access to SDR swap data is 
appropriate.
4. Proposed Amendments to Sec.  49.17(d)(4)--SDR Notice and 
Verification Obligations
    CEA section 21(c)(7) requires each SDR to notify the Commission of 
a swap data request received from an ADR or AFR.\41\ Currently, this 
statutory requirement is implemented in Sec.  49.17(d)(4)(i), which 
provides that an SDR must promptly notify the Commission regarding 
``any'' request received by an ADR or AFR to gain access to swap data 
maintained by the SDR.
---------------------------------------------------------------------------

    \41\ See CEA section 21(c)(7), 7 U.S.C. 24a(c)(7).
---------------------------------------------------------------------------

    To reduce the burden on SDRs and provide greater operational 
efficiency consistent with the intent of CEA section 21(c)(7), the 
Commission is proposing to amend the SDR notification requirement in 
current Sec.  49.17(d)(4)(i) to require an SDR to notify the Commission 
(i) at the time that it receives the first request for swap data from a 
particular ADR or AFR and (ii) at any time that a request does not 
comport with the scope of the ADR's or AFR's jurisdiction, as described 
in the confidentiality arrangement required by proposed Sec.  49.18(a). 
The proposed amendment would make the notification applicable only to 
the initial request for swap data and any subsequent request at 
variance with the ADR's or AFR's scope of jurisdiction: On receiving 
either such request for data by a particular ADR or AFR, the SDR would 
be required to provide prompt electronic notification to the Commission 
of the request, in a format specified by the Secretary of the 
Commission, pursuant to proposed Sec.  49.17(d)(4)(ii). The SDR would 
be required to keep such notification and related requests confidential 
consistent with the requirements of CEA sections 21(c)(6) and (7) and 
related regulatory requirements set forth in Sec. Sec.  49.16 and 
49.17.
    The Commission believes that the proposed approach to SDR 
notification supports the Commission's need to be aware of who is able 
to access SDR swap data and what data has been accessed, while 
eliminating potentially costly, unwieldy and inefficient notice of 
every swap data request. Under the proposal, the Commission would be 
notified that a particular ADR or AFR has requested access to SDR swap 
data and will be able to examine records of the ADR's or AFR's 
individual swap data requests, and the swap data provided, as it deems 
necessary.\42\
---------------------------------------------------------------------------

    \42\ Consistent with the current recordkeeping requirements for 
SDRs in Sec.  45.2(f), SDRs are required to maintain records of all 
information related to the initial and all subsequent requests for 
swap data from ADRs/AFRs. Appropriate records would include, at a 
minimum, the identity of the ADR/AFR accessing the swap data; the 
date, time and substance of the request for access; confirmation 
that the request is consistent with the scope of the regulator's 
jurisdiction; and copies of all swap data provided in connection 
with the request for access. Pursuant to CEA section 1.31, SDRs are 
required to maintain such records for a period of no less than five 
years after the date of such request and must provide this 
information to the Commission upon request.
---------------------------------------------------------------------------

    The Commission also proposes to amend Sec.  49.17(d)(4) by adding 
new subsection (iii) to require each SDR that receives a request for 
access to its swap data from an ADR or AFR to verify, prior to 
providing such access, that the request is consistent with the scope of 
the ADR's or AFR's jurisdiction, as described in the confidentiality 
arrangement required by proposed Sec.  49.18(a).\43\ This verification 
would need to incorporate any subsequent changes thereto. The 
Commission is also proposing to require an ADR or AFR that has executed 
a confidentiality arrangement with the Commission pursuant to Sec.  
49.18(a) and provided such confidentiality arrangement to one or more 
SDRs to notify the Commission and each such SDR of any change to such 
ADR's or AFR's scope of jurisdiction as described in such 
confidentiality arrangement. Additionally, the proposal would enable 
the Commission to direct a SDR to suspend, limit, or revoke access to 
swap data maintained by such SDR based on any such change to such ADR's 
or AFR's scope of jurisdiction, and that, if so directed, such SDR 
shall so suspend, limit, or revoke such access.
---------------------------------------------------------------------------

    \43\ The scope of jurisdiction would be described in Exhibit A 
to the form of confidentiality arrangement set forth in proposed 
Appendix B to part 49.
---------------------------------------------------------------------------

    As proposed, Sec.  49.17(d)(4)(iv) would require SDR verification 
only once with respect to a request for ongoing or recurring access to 
particular data, provided that there has not been a change in the scope 
of the regulator's jurisdiction (in which case an SDR would need to 
verify anew that the swap data requested is within the scope of the 
requesting ADR's or AFR's jurisdiction). The Commission recognizes that 
the proposed requirement imposes a burden on SDRs; however, it notes 
that SDRs are obliged by CEA section 21(c)(7) to provide access 
``pursuant to section 8'' of the CEA, which requires a jurisdictional 
nexus to the information requested. In these circumstances, the 
Commission believes SDRs must take a role in ensuring compliance with 
these statutory restrictions.
5. Proposed New Sec.  49.17(i)--Delegation of Authority
    In the interests of expedience and efficiency in determining 
appropriateness of access by regulators, the Commission proposes to 
delegate all functions reserved to the Commission in Sec.  49.17 to the 
Director of the Division of Market Oversight and to such members of the 
Commission's staff acting under his or her direction as he or she may 
designate from time to time.
6. Request for Comment
    The Commission requests comment on all aspects of the proposed 
amendments to Sec.  49.17, and particularly invites comments on:
    1. Whether commenters believe there are more cost-effective methods 
of notification and recordkeeping that would still provide the 
Commission with access to the information necessary for it to perform 
its regulatory functions in a manner consistent with CEA section 
21(c)(7); and
    2. Whether a phase-in process is necessary to decrease the 
likelihood that a large number of new demands on SDRs' systems from 
ADRs and AFRs seeking access to swap data will decrease SDR systems 
reliability, efficiency or speed.

D. CEA Section 21(d) Confidentiality Agreements: Proposed Amendments to 
Sec.  49.18

    CEA section 21(d), as amended, requires that, prior to providing 
swap data to a 21(c)(7) entity, an SDR ``shall

[[Page 8376]]

receive a written agreement from each entity stating that the entity 
shall abide by the confidentiality requirements described in CEA 
section 8 relating to the information on swap transactions that is 
provided.'' \44\ As originally adopted, the part 49 rules required that 
such confidentiality agreements be executed between the SDR and the 
21(c)(7) entity.\45\ The Commission proposes to add a new Sec.  
49.18(a) to require that a confidentiality arrangement be executed by 
and between the ADR or AFR and the Commission.\46\ Once the ADR or AFR 
and the Commission have executed a confidentiality arrangement, the ADR 
or AFR may present the executed document to any SDR from which it 
requests access to swap data in satisfaction of CEA section 21(d).
---------------------------------------------------------------------------

    \44\ See CEA section 21(d). 7 U.S.C. 24a(d) as amended by the 
FAST Act.
    \45\ See current Sec.  49.17(d)(6) and 49.18(b).
    \46\ See proposed Sec.  49.18(a) (requiring that an SDR received 
``an executed confidentiality arrangement between the Commission and 
the [ADR] or [AFR] . . . .''). The Commission notes that the SEC has 
implemented a similar approach with respect to the execution of the 
required agreement. See Access to Data Obtained by Security-Based 
Swap Data Repositories, 81 FR 60585 at 60591 and 60608 (Sept. 2, 
2016) (SEC rule 13n-4(b)(10), 17 CFR 240.13n-4(b)(10), and 
associated preamble text).
---------------------------------------------------------------------------

    The Commission recognizes that its proposed amendments to Sec.  
49.18 represent a change in approach from the part 49 rules as adopted. 
Based on its experience with SDRs and swap data access since the 
adoption of part 49 in 2011, and further consideration of the 
relationship between CEA sections 21 and 8, however, the Commission 
believes this change is consistent with the statutory framework 
established by Congress in CEA section 21(d) and 21(c)(7). Moreover, in 
the Commission's view a confidentiality arrangement between the 
Commission and the regulator more directly supports the confidentiality 
mandate of CEA section 8. Finally, the Commission believes that the 
proposed requirement will promote regulatory efficiency and reduce 
costs to SDRs, ADRs and AFRs while ensuring the confidentiality of SDR 
swap data by giving full effect to the strictures of CEA section 8(e).
    To further promote regulatory efficiency, the Commission is 
proposing to provide a form of confidentiality arrangement as Appendix 
B to Part 49, for use by ADRs and AFRs. The Commission would expect its 
use by ADRs and AFRs to reduce significantly the need for these 
entities to negotiate separate confidentiality arrangements with the 
Commission. This proposed change also would eliminate the costs and 
potential inefficiencies to SDRs inherent in requiring them to 
negotiate confidentiality agreements with a potentially large number of 
ADRs and AFRs. Finally, while its use is not required, the Commission 
believes that the proposed form of confidentiality arrangement in 
Appendix B to Part 49 can be expected to conserve its limited staff 
resources by eliminating in many cases the need for the Commission and 
its staff to develop individualized confidentiality arrangements with 
multiple ADRs or AFRs seeking access to SDR swap data.
1. Current Sec.  49.18
    The Commission adopted Sec.  49.18 to implement CEA section 
21(d)(1) and (2) as originally enacted. Accordingly, the current rule 
sets forth the obligation for SDRs to execute a ``Confidentiality and 
Indemnification Agreement'' before providing SDR swap data to an ADR or 
AFR. Congress has repealed the indemnification requirement, and the 
Commission proposes to make conforming amendments to Sec.  49.18 to 
remove references to indemnification.
    Separately, the Commission is proposing revisions to Sec.  49.18 to 
modify the substantive requirements of the confidentiality arrangement 
and the parties to the confidentiality arrangement, to establish 
conditions for restricting or revoking access to SDR swap data, and to 
clarify the confidentiality obligations of ADRs and AFRs with 
regulatory responsibility over an SDR.
2. Proposed Amendments to Sec.  49.18(a)--Confidentiality Arrangement 
Required Prior to Disclosure of Swap Data
    The Commission proposes to remove current Sec.  49.18(a) \47\ and 
add a new Sec.  49.18(a) requiring that an SDR receive a 
confidentiality arrangement, executed by the Commission and the ADR or 
AFR seeking access to the swap data maintained by the SDR, that, at a 
minimum, contains all elements described in proposed Sec.  49.18(b).
---------------------------------------------------------------------------

    \47\ Current Sec.  49.18(a) describes the purpose of Sec.  
49.18.
---------------------------------------------------------------------------

3. Proposed Amendments to Sec.  49.18(b)--Required Elements of the 
Confidentiality Arrangement
    The Commission proposes to replace the text of current Sec.  
49.18(b) \48\ with a requirement that the confidentiality arrangement 
required pursuant to Sec.  49.18(a) shall, at a minimum, include all 
elements included in the form of confidentiality arrangement set forth 
in proposed Appendix B to part 49. Paragraph 5 of the confidentiality 
arrangement would require the ADR or AFR to undertake that it will be 
acting within the scope of its jurisdiction each time it requests swap 
data from an SDR, and to promptly notify the Commission and each 
relevant SDR if the scope of the ADR's or AFR's jurisdiction changes. 
Paragraph 5 of the confidentiality arrangement also would require ADRs 
and AFRs to employ procedures to maintain the confidentiality of swap 
data and any information and analyses derived therefrom (the swap data 
and such information are referred to collectively as the ``Confidential 
Information'').
---------------------------------------------------------------------------

    \48\ Current Sec.  49.18(b) requires an SDR to receive a 
confidentiality agreement from a 21(c)(7) entity before granting the 
21(c)(7) entity access to swap data maintained by the SDR. As 
discussed above, the Commission proposes to address in proposed 
Sec.  49.18(a) the confidentiality arrangement condition to swap 
data access.
---------------------------------------------------------------------------

    Paragraph 6 of the confidentiality arrangement would require ADR 
and AFR signatories to employ the following safeguards to maintain the 
confidentiality of the Confidential Information:
     To the maximum extent practicable, maintain Confidential 
Information received from SDRs separately from other data and 
information; \49\
---------------------------------------------------------------------------

    \49\ ADRs and AFRs seeking useful guidance for Confidential 
Information segregation can look to the data segregation standards 
contained in the National Institute of Standards and Technology 
(``NIST'') Special Publication 800-53, Revision 4, Security and 
Privacy Controls for Federal Information Systems and Organizations 
(April 2013), available at http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf or in the Federal 
Information Security Management Act of 2002, as amended (``FISMA''). 
44 U.S.C. 3541. As the Commission has previously noted in a 
different context, FISMA ``is a source of cybersecurity best 
practices and also establishes legal requirements for federal 
government agencies . . . .'' System Safeguards Testing 
Requirements, 80 FR 80139, 80142 (Dec. 23, 2015) (``Registered 
Entity Cyber NPRM''). The Commission recently adopted final rules 
based on the Registered Entity Cyber NPRM. See System Safeguards 
Testing Requirements, 81 FR 64271 (Sept. 19, 2016) (``Final 
Registered Entity Cyber Rules'').
---------------------------------------------------------------------------

     Protect such Confidential Information from 
misappropriation and misuse; \50\
---------------------------------------------------------------------------

    \50\ This should include cybersecurity measures. As the 
Commission detailed in a different context in the Final Registered 
Entity Cyber Rules, ``cyber threats to the financial sector continue 
to expand.'' See Final Registered Entity Cyber Rules at 64272. See 
also System also Safeguards Testing Requirements for Derivatives 
Clearing Organizations, 80 FR 80113, 80114-80115 (Dec. 23, 2015) 
(describing escalating and evolving cybersecurity threats); 
Registered Entity Cyber NPRM at 80140-80141 (Dec. 23, 2015) 
(describing, inter alia, the current cybersecurity threat 
environment).
---------------------------------------------------------------------------

     Ensure that only ADR or AFR personnel with a need to 
access particular Confidential Information to perform their job 
functions related to such Confidential Information have access thereto 
and that such access is

[[Page 8377]]

permitted only to the minimum extent necessary to perform such job 
functions; \51\
---------------------------------------------------------------------------

    \51\ One basic principle of data security is that only those 
with a need to access data to perform their work should be granted 
access to such data. See, e.g., Framework for Improving Critical 
Infrastructure Cybersecurity at 23 (Feb. 12, 2014), available at 
http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf (characterizing the ``Protect'' element of a core 
cybersecurity framework as one where ``[a]ccess to assets and 
associated facilities is limited to authorized users, processes, or 
devices, and to authorized activities and transactions.'').
---------------------------------------------------------------------------

     Except as provided in paragraph 8 of the confidentiality 
arrangement, prevent disclosure of Confidential Information unless 
sufficiently aggregated and anonymized to prevent identification, 
through disaggregation or otherwise, of a market participant's business 
transactions, trade data, market positions, customers or 
counterparties; \52\
---------------------------------------------------------------------------

    \52\ The Commission understands that ADRs and AFRs may want to 
use aggregated and anonymized information derived from SDR swap data 
in analyses that may be made public. Cf. U.S. Gov't Accountability 
Office, GAO-16-175, Financial Regulation: Complex and Fragmented 
Structure Could Be Streamlined To Improve Effectiveness 71-75 (2016) 
(``GAO Report''), available at http://www.gao.gov/assets/680/675400.pdf (discussing the OFR's Financial Stability Monitor and 
related confidentiality issues and protections surrounding sharing 
aggregated and disaggregated information provided by other 
agencies). The Commission believes that, when properly aggregated 
and anonymized, information derived from SDR swap data generally can 
be disclosed without violating the requirement in CEA section 21(d) 
that a recipient of swap data agree, with respect to the information 
on swap transactions that is provided by an SDR, to abide by the 
confidentiality requirements described in CEA section 8. Cf. Sec.  
49.16(c) (stating that ``[s]ubject to Section 8 of the Act, [SDRs] 
may disclose aggregated swap data on a voluntary basis or as 
requested[ ] in the form and manner[ ] prescribed by the 
Commission.''); SDR Final Rules at 54551 (stating that ``the 
Commission believes that it is permissible under the Dodd-Frank Act 
and part 49 of the Commission's regulations for an SDR to disclose, 
for non-commercial purposes, data on an aggregated basis such that 
the disclosed data reasonably cannot be attributed to individual 
transactions or market participants.''). In certain cases, however, 
even aggregated information may enable a reader to determine a 
market participant's business transactions, trade secrets (e.g., 
algorithms) or positions. Thus, the proposed form of confidentiality 
arrangement requires ADRs and AFRs to implement safeguards designed 
to appropriately limit the use of information that has been 
aggregated from SDR swap data and to prevent disaggregation or other 
derivations of a market participant's business transactions, trade 
data or market positions. ADRs and AFRs can look to Sec.  
43.4(d)(1), (d)(4) and (g) for guidance on anonymization principles.
---------------------------------------------------------------------------

     Prohibit the use of Confidential Information by ADR or AFR 
personnel for any improper purpose; and
     Monitor compliance with the confidentiality safeguards and 
ensure prompt notification of the CFTC and each relevant SDR of any 
violation of the safeguards or failure to fulfill the terms of the 
confidentiality arrangement.
    Paragraph 7 of the confidentiality arrangement also would preclude, 
with limited exceptions, ADRs and AFRs from disclosing any Confidential 
Information, via onward sharing \53\ or otherwise. The only permitted 
disclosures would be (1) in actions, adjudicatory actions or 
proceedings, as applicable, described in CEA section 8(e), the 
operative language of which is included in paragraph 8 of the 
confidentiality arrangement and (2) aggregated SDR swap data that is 
anonymized to prevent identification (through disaggregation or 
otherwise) of a market participant's business transactions, trade data, 
market positions, customers or counterparties.
---------------------------------------------------------------------------

    \53\ The Commission interprets the restrictions on disclosure 
contained in CEA section 8 that are incorporated in CEA section 
21(c)(7) and 21(d) as prohibiting an ADR or AFR from onward sharing 
swap data it obtains from an SDR.
---------------------------------------------------------------------------

    Paragraph 9 of the confidentiality arrangement contains certain 
provisions requiring ADRs and AFRs to notify the Commission, and take 
certain protective actions, prior to disclosing SDR swap data even 
where an ADR or AFR receives a legally enforceable demand to disclose 
Confidential Information.
    Paragraph 11 of the confidentiality arrangement would require ADRs 
and AFRs accessing swap data from SDRs to comply with all security-
related requirements imposed by SDRs in connection with access to such 
swap data, as such requirements may be revised from time to time. 
Because, subject to specified conditions, CEA sections 21(c)(7) and 
21(d) require SDRs to provide ADRs and AFRs access to swap data, the 
Commission expects that SDRs will not impose security-related access 
requirements beyond those that are necessary to ensure the privacy and 
confidentiality of SDR swap data. The Commission further expects that 
SDRs' security-related access requirements for ADRs and AFRs would be 
akin, if not identical, to the requirements SDRs impose on others 
(e.g., the Commission, reporting counterparties) to whom SDRs provide 
swap data access.
    To further protect the confidentiality of SDR swap data, paragraph 
12 of the confidentiality arrangement would require ADR and AFR 
signatories to promptly destroy all Confidential Information for which 
they no longer have a need or which no longer falls within their scope 
of jurisdiction.\54\ While it may be the case that ADRs or AFRs will 
use some or all Confidential Information in perpetuity, if they no 
longer have a need for Confidential Information, they should destroy 
such Confidential Information to prevent its misuse. Similarly, it is 
possible that an SDR may inadvertently provide swap data outside the 
scope of an ADR or AFR's jurisdiction. In such circumstances, such swap 
data also should be destroyed immediately after the ADR or AFR 
discovers that such swap data is outside the scope of its jurisdiction.
---------------------------------------------------------------------------

    \54\ Paragraph 12 of the confidentiality arrangement would also 
require ADR and AFR signatories to certify to the CFTC, upon 
request, that they have destroyed such swap data.
---------------------------------------------------------------------------

    The proposed rule would require that the confidentiality 
arrangement must include an exhibit (Exhibit A) specifying the scope of 
jurisdiction of the ADR or AFR signatory. If such signatory is not an 
Enumerated ADR, the ADR or AFR would attach the Commission 
Determination Order described in Sec.  49.17(h) as Exhibit A to the 
confidentiality arrangement. If such signatory is an Enumerated ADR, it 
would attach, as Exhibit A to the confidentiality arrangement, a 
detailed description of its scope of jurisdiction as it relates to the 
swap data maintained by SDRs that the ADR would seek pursuant to the 
confidentiality arrangement. This requirement is designed to assist 
SDRs in determining that the scope of each swap data request is within 
the scope of the requesting entity's jurisdiction.
    While the Commission would impose certain obligations on ADRs and 
AFRs, with respect to swap data received from an SDR, in the proposed 
confidentiality arrangement, ADRs and AFRs retain the discretion to 
determine how to comply with those obligations. Additionally, to the 
extent that neither the proposal nor commenters address a relevant 
confidentiality issue that arises after an ADR or AFR commences 
accessing swap data, the Commission expects affected ADRs and AFRs to 
take appropriate measures to safeguard affected swap data and advise 
the Commission of such issue promptly so that the Commission may 
consider appropriate action.
4. Removal of Sec.  49.18(c)--ADRs and AFRs With Regulatory 
Responsibility Over an SDR
    The Commission proposes to remove current Sec.  49.18(c), which 
provides that the indemnification and confidentiality requirements 
established in Sec.  49.18(b) do not apply to certain ADRs and AFRs 
with regulatory jurisdiction or supervisory responsibilities over an 
SDR, but requires such regulators to comply with CEA section 8 and 
``any other relevant statutory confidentiality authorities.'' As noted 
above in section II.B. relating to Sec.  49.17(d)(2) and (3), the 
Commission believes that those domestic and foreign regulators that 
have regulatory responsibility over an

[[Page 8378]]

SDR should be able to access SDR data reported to such SDR pursuant to 
such other regulator's regulatory regime, without limitation. 
Therefore, the Commission submits that Sec.  49.18(c) is not 
appropriate because it requires these domestic and foreign regulators 
with regulatory responsibility over SDRs to comply with CEA section 8 
and any other relevant statutory confidentiality authorities. In 
addition, Sec.  49.17(d)(2) and (3) already provide that the 
confidentiality and indemnification requirements of Sec.  49.18(b) do 
not apply to these domestic and foreign regulators with regulatory 
responsibility over SDRs. However, insofar as a regulator sought swap 
data that was not reported to the SDR pursuant to that regulator's 
regulatory regime, the exclusions set forth within Sec.  49.17(d)(2) 
and (3) would not apply.
    The Commission accordingly submits that current Sec.  49.18(c) is 
inappropriate and unnecessary, and therefore, should be eliminated.
5. Failure to Fulfill the Terms of a Confidentiality Arrangement: 
Proposed Sec.  49.18(c) and (d)
    The Commission proposes in new Sec.  49.18(c) to require SDRs to 
promptly report to the Commission any known failure to fulfill the 
terms of a confidentiality arrangement that they receive pursuant to 
Sec.  49.18(a). Proposed new Sec.  49.18(d) would authorize the 
Commission to direct an SDR to limit, suspend or revoke an AFR's or 
ADR's access to swap data, if the Commission determines that the AFR or 
ADR has failed to fulfill the terms of its confidentiality arrangement 
with the Commission.\55\
---------------------------------------------------------------------------

    \55\ Proposed Sec.  49.18(d) provides that, if an ADR or AFR 
fails to fulfill the terms of a confidentiality arrangement under 
paragraph (a) of proposed Sec.  49.18, the Commission may direct 
each registered SDR to limit, suspend or revoke the ADR's or AFR's 
access to swap data held by the SDR Similarly, proposed Sec.  
49.17(d)(5) would require an SDR, as directed by the Commission, to 
limit, suspend or revoke an ADR's or AFR's swap data access should 
the Commission revoke the appropriateness determination for such ADR 
or AFR or otherwise direct the SDR to suspend or revoke such access.
---------------------------------------------------------------------------

6. Proposed Sec.  49.18(e)--Delegation of Authority
    The Commission is proposing to add Sec.  49.18(e)(1) to delegate to 
the Director of the Division of Market Oversight, and to such staff 
acting under his or her direction as he or she may designate from time 
to time, all functions reserved to the Commission in Sec.  49.18. 
Proposed Sec.  49.18(e)(2) would reserve to the Director of the 
Division of Market Oversight the authority to submit to the Commission 
for its consideration any matter which has been delegated to the 
Director under proposed Sec.  49.18(e)(1). The Commission proposes in 
Sec.  49.18(e)(3) to expressly permit the Commission, at its election, 
to exercise the authority delegated to the Director of the Division of 
Market Oversight under proposed Sec.  49.18(e)(1).
    This delegation is intended to conserve Commission resources and 
increase the effectiveness and efficiency of the Commission's oversight 
and supervision of SDR swap data access. The Commission anticipates 
that the delegation of authority will help facilitate timely access to 
SDR swap data by ADRs and AFRs consistent with the requirements set 
forth in part 49 of the Commission's regulations. However, the Division 
of Market Oversight may submit matters to the Commission for its 
consideration, as it deems appropriate.
7. Conforming Changes
    As a result of the FAST Act Amendments, the Commission proposes 
conforming changes to Sec.  49.17(d)(6), to delete references to an 
Indemnification Agreement. As a result of the proposed changes to Sec.  
49.18, and in particular, Sec.  49.18(a), the Commission proposes 
conforming changes to Sec.  49.22(d)(4) relating to chief compliance 
officer compliance responsibilities and duties so that the appropriate 
section reflecting the confidentiality arrangement is referenced.
8. Request for Comment
    1. The Commission requests comment on all aspects of the proposed 
amendments to Sec.  49.18. Commenters are particularly invited to 
address the proposed amendments to Sec.  49.18 relating to the 
confidentiality provisions of CEA sections 21(c)(7) and 21(d), whether 
the Commission should prescribe specific processes to govern ADR and 
AFR requests for swap data access from an SDR; and whether the 
Commission should prescribe a process to govern an SDR's treatment of 
requests for swap data access.
    2. In addition, commenters are invited to address the proposed 
rules implementing the notification requirement. In this regard, is 
there an alternative to requiring SDRs to maintain copies of all data 
they provide in connection with the data access provisions that would 
still permit the Commission to assess the SDR's ongoing compliance with 
those provisions? For example, are alternative approaches available 
such that the Commission need not require SDRs to maintain actual 
copies of all information provided pursuant to the data access 
provisions? Would such an alternative approach reduce the burdens on 
SDRs while still permitting the Commission to assess ongoing 
compliance?

E. Other Changes

    In addition to those changes discussed throughout this release, the 
Commission is proposing other changes to part 49, including a number of 
ministerial changes. The Commission proposes to amend Sec.  49.9(a)(9) 
to change the reference in Sec.  49.9(a)(9) from ``certain appropriate 
domestic regulators and foreign regulators'' to ``Appropriate Domestic 
Regulators and Appropriate Foreign Regulators'' to make clear that an 
SDR is required to provide access to swap data, pursuant to Sec.  
49.17, only to ADRs and AFRs. The Commission is proposing to make a 
number of other changes to part 49 to more consistently refer to the 
defined term ``swap data''. The Commission is proposing to modify the 
references in existing Sec. Sec.  49.9(a)(9) and 49.17(b)(2)(i) to 
``swap data or information''; the reference in existing Sec.  
49.17(d)(4)(i) to ``swaps transaction data''; and the reference in 
existing Sec.  49.17(d)(6) to ``requested data,'' to be references to 
``swap data'' as that term is defined in Sec.  49.2(a)(15). The 
Commission is proposing these changes to eliminate confusion and to 
conform part 49 to the FAST Act's amendment of CEA section 21(c)(7) to 
refer to ``swap data.''
    The Commission is also proposing to replace the reference in Sec.  
49.17(a) to ``swaps data'' with a reference to ``swap data'' and to 
replace the reference in Sec.  49.17(a) to ``Regulation'' with a 
reference to ``Sec.  49.17'' to match the format of the reference in 
Sec.  49.17(b). The Commission does not intend to effect any 
substantive changes with these proposed amendments.
    The Commission is proposing to change the references to ``swap 
transaction data'' and ``swaps transaction data'' in Sec.  49.17(c)(2) 
and 49.17(c)(3) to ``swap data'' as defined in Sec.  49.2(a)(15). The 
Commission is also proposing to change the references to ``data'' in 
Sec.  49.17(d)(5), (d)(6), (e), and (e)(1) to ``swap data'' in order to 
clarify the Commission's intent to refer to ``swap data'' within the 
meaning of Sec.  49.2(a)(15). For the same reason, the Commission is 
also proposing to add ``swap data and'' before ``information'' in Sec.  
49.17(e)(2) to conform it to Sec.  49.17(e)(1), as proposed to be 
amended.\56\ The Commission also

[[Page 8379]]

proposes to add the term ``and information'' after the term ``swap 
data'' in the second sentence of Sec.  49.17(e) so that such sentence 
is consistent with the first sentence of Sec.  49.17(e), which permits 
access by third parties to both swap data and information maintained by 
a registered SDR, subject to certain conditions.
---------------------------------------------------------------------------

    \56\ Although Sec.  49.17(e) uses the terms ``data'' and ``swap 
data'' interchangeably, the Commission intended those paragraphs to 
reference the definition of ``swap data'' and, consequently, 
believes that these do not represent a change to the Commission's 
original intent in promulgating Sec.  49.17(e). However, the term 
``swap data'' is narrower than the terms ``data'' and 
``information.'' Consequently, changing ``data'' to ``swap data'' 
arguably would narrow the scope of the confidentiality procedures 
and confidentiality arrangement required by Sec.  49.17(e)(1) and 
(2).
---------------------------------------------------------------------------

    In Sec.  49.17(f)(2), the Commission is proposing to change both 
references to ``[d]ata and information'' to ``[S]wap data and 
information'' in order to clarify, in each case, that the intended 
reference is to ``swap data'' as defined in Sec.  49.2(a)(15).
    In addition to those changes related to references to swap data, 
the Commission is also proposing to amend Sec.  49.17(b)(1)(vii) to 
change ``[a]ny other person the Commission deems appropriate[ ]'' to 
``[a]ny other person the Commission determines to be appropriate 
pursuant to the process set forth in Sec.  49.17(h)'' to match the 
language in CEA section 21(c)(7).
    Commission regulation 49.17(f)(1) currently states, ``Access of 
swap data maintained by the registered swap data repository to market 
participants is generally prohibited.'' The Commission is proposing to 
amend Sec.  49.17(f)(1) to state, ``Access by market participants to 
swap data maintained by the registered swap data repository is 
prohibited other than as set forth in Sec.  49.17(f)(2)'' in order to 
clarify its meaning. The Commission does not intend this to be a 
substantive change to Sec.  49.17(f)(1).
    Finally, the Commission is proposing several minor clarifying 
changes to Sec.  49.18(b).\57\ These changes include replacing ``the 
swap data'' with ``swap data''; replacing the ``with any Appropriate 
Domestic Regulator or Appropriate Foreign Regulator'' reference with 
``to any Appropriate Domestic Regulator or Appropriate Foreign 
Regulator''; and adding ``each'' before ``as defined in Sec.  
49.17(b)'' to reflect that both ``Appropriate Domestic Regulator'' and 
``Appropriate Foreign Regulator'' are defined terms in Sec.  49.17(b).
---------------------------------------------------------------------------

    \57\ These proposed changes appear in proposed Sec.  49.18(a).
---------------------------------------------------------------------------

III. Request for Comment

    In addition to the specific questions set forth in various sections 
above, the Commission requests comment on all aspects of the proposal, 
and particularly invites comment on the questions set forth below.
    (1) What, if any, impediments exist to accurately and cost-
effectively determining whether swap data access requests are within 
the scope of an ADR's/AFR's jurisdiction?
    (2) Are there any particular elements the Commission has proposed 
to include in the confidentiality arrangement that are unnecessary? Has 
the Commission omitted particular element(s) that should be included in 
a confidentiality arrangement?
    (3) Do SDRs maintain swap data in a manner that permits accurate 
reproduction at a later date of the results of an ADR's/AFR's request 
for swap data? If so, is it necessary for the Commission to require 
that SDRs maintain records of the results of such requests, as opposed 
to merely maintaining the details of the request?

IV. Related Matters

A. Regulatory Flexibility Act

    The Regulatory Flexibility Act (``RFA'') requires federal agencies, 
in promulgating rules, to consider the impact of those rules on small 
entities.\58\ The rules proposed herein will have a direct effect on 
the operations of SDRs and certain domestic and foreign regulators 
seeking access to swap data reported to, and maintained, by SDRs.
---------------------------------------------------------------------------

    \58\ See 5 U.S.C. 601 et seq.
---------------------------------------------------------------------------

    The Commission has previously established certain definitions of 
``small entities'' to be used by the Commission in evaluating the 
impact of its rules on small entities in accordance with the RFA.\59\ 
The Commission has previously determined that SDRs are not small 
entities for purpose of the RFA.\60\ For purposes of the Regulatory 
Flexibility Act, the definition of ``small entity'' also encompasses 
``small governmental jurisdictions,'' which in relevant part means 
governments of locales with a population of less than fifty 
thousand.\61\ Although the Commission anticipates that this proposal 
may be expected to have an economic impact on various governmental 
entities that access data pursuant to Dodd-Frank's data access 
provisions, the Commission does not anticipate that any of those 
governmental entities would be small governmental jurisdictions. 
Therefore, the Commission does not believe that this proposal will have 
a significant economic impact on a substantial number of small 
entities. Therefore, the Chairman, on behalf of the Commission, 
pursuant to 5 U.S.C. 605(b), hereby certifies that the proposed rules 
will not have a significant economic impact on a substantial number of 
small entities.
---------------------------------------------------------------------------

    \59\ See Policy Statement and Establishment of ``Small 
Entities'' for purposes of the Regulatory Flexibility Act, 47 FR 
18618 (Apr. 30, 1982) at 18618-21.
    \60\ See Part 49 Adopting Release at 54575 and Notice of 
Proposed Rulemaking: Swap Data Repositories, 75 FR 80898 (Dec. 23, 
2010) at 80926.
    \61\ 5 U.S.C. 601(5), (6).
---------------------------------------------------------------------------

B. Paperwork Reduction Act

    The proposed amendments to part 49 would result in new ``collection 
of information'' requirements within the meaning of the Paperwork 
Reduction Act of 1995 (``PRA'').\62\ An agency may not conduct or 
sponsor, and a person is not required to respond to, a collection of 
information unless it displays a currently valid Office of Management 
and Budget (``OMB'') control number. The OMB control number for the 
information collection associated with part 49 swap reporting is 3038-
0086.\63\ The Commission is seeking to revise Information Collection 
3038-0086 because the rule amendments proposed herein will impose 
information collection requirements that require approval from OMB 
under the PRA. The Commission is therefore submitting this proposal to 
OMB for review in accordance with 44 U.S.C. 3507(d) and 5 CFR 1320.11.
---------------------------------------------------------------------------

    \62\ 44 U.S.C. 3501 et seq.
    \63\ See OMB Control Number 3038-0086 (``Information Collection 
3038-0086''). The most recent revision to OMB Control Number 3038-
0086 was approved November 30, 2015 and is available at: http://www.reginfo.gov/public/do/PRAOMBHistory?ombControlNumber=3038-0086.
---------------------------------------------------------------------------

1. Summary of the Proposed Requirements
    The proposed modifications to part 49 would require SDRs to make 
swap data available to requesting entities if certain conditions are 
satisfied. These conditions include the requesting entity executing a 
confidentiality arrangement and, in some cases, receiving a 
determination order from the Commission that it is an appropriate 
entity to receive SDR swap data. The proposed modifications would also 
require SDRs to report failures to fulfill the terms of confidentiality 
arrangements to the Commission.
2. Collection of Information
    Currently, OMB Control Number 3038-0086 sets out burden estimates 
relating to a broad range of SDR obligations associated with 
registration requirements, reporting requirements, recordkeeping 
requirements, and disclosure requirements. Where the information 
collection associated with those obligations would be modified by this 
proposed rule, the Commission is proposing to revise Information

[[Page 8380]]

Collection 3038-0086 accordingly. To the extent the proposed 
modifications to part 49 introduce new information collections that 
were not previously incorporated into Information Collection 3038-0086, 
the Commission is proposing to revise Information Collection 3038-0086 
to account for the new information collections. Finally, many of the 
information collections discussed in Information Collection 3038-0086 
are not implicated or modified by the Commission's proposed revisions 
to part 49 in this release. The Commission, therefore, is not proposing 
to revise the estimated burdens associated with such information 
collections. New or revised information collections contained in these 
proposed revisions to part 49 will affect SDRs as well as entities that 
request access to SDR swap data pursuant to these provisions.
    As discussed above, the proposed modifications to part 49 set out 
in this release are intended to provide a process by which other 
authorities may obtain access to SDR swap data. The information 
collections associated with this process are intended to ensure that 
SDR swap data is only accessed by appropriate entities and that the 
confidentiality of any accessed SDR swap data is adequately protected. 
The ultimate result of this process is intended to provide other 
authorities with information to assist with the oversight of the global 
swaps market and market participants.
    ADR/AFRs. As discussed throughout this release, certain conditions 
must be satisfied before a requesting entity is permitted to access SDR 
swap data. These conditions may implicate various PRA collections and 
burdens as discussed below.
    Pursuant to Sec.  49.18(a), every requesting entity seeking access 
to SDR swap data must execute a confidentiality arrangement with the 
Commission prior to receiving access. This requirement applies to both 
those entities that are specifically enumerated as appropriate in Sec.  
49.17(b)(1) and those entities that require a determination from the 
Commission that they are appropriate entities to receive access to SDR 
swap data, regardless of whether the requesting entity is a domestic or 
foreign entity.
    In addition to executing a confidentiality arrangement, requesting 
entities that are not Enumerated ADRs will be required to seek a 
Determination Order from the Commission to have access to SDR swap 
data. Such Determination Orders will describe SDR swap data that is 
appropriate for the entity to access, based on the requesting entity's 
scope of jurisdiction. For Enumerated ADRs, the Commission is proposing 
to require that the confidentiality arrangement describe the requesting 
entity's scope of jurisdiction. The Commission believes the use of the 
form of confidentiality arrangement set out in Appendix B to part 49 
will provide an efficient means to satisfy the requirements of Sec.  
49.18(a).
    The Commission, for PRA purposes, believes that it is reasonable to 
assume that 300 total entities will seek access to SDR swap data. This 
estimate is based on the Commission's experience in receiving data 
requests from other regulators and its experience in coordinating and 
cooperating with other regulators.\64\ For PRA purposes, the Commission 
assumes there are four SDRs, which is the number of SDRs that are 
provisionally registered with the Commission. As the confidentiality 
arrangement will be between the ADR or AFR and the Commission and 
delivered to the SDR, AFRs and ADRs need not execute a separate 
confidentiality arrangement for each SDR. Accordingly, the Commission 
estimates, for PRA purposes, that the total number of confidentiality 
arrangements that will be executed under the proposed rules is 300. 
Given that the Commission will have published a form of confidentiality 
arrangement as an appendix to part 49, the Commission estimates that 
the review and execution of each confidentiality arrangement by an ADR 
or AFR will take approximately 40 hours, for a total burden of 12,000 
hours. The burden estimates associated with entering into such 
confidentiality arrangements are addressed in the proposed revised OMB 
Control Number 3038-0086.
---------------------------------------------------------------------------

    \64\ The Commission estimates that up to approximately 30 
authorities in the United States may seek to access swap data from 
SDRs. In the context of potential AFRs, the Commission believes that 
most requests will come from authorities in G20 countries, each of 
which will have no more and likely fewer than 30 authorities that 
may request swap data from SDRs. In addition, certain authorities 
from outside the G20 also may request swap data from SDRs. 
Accounting for all of these entities, the Commission estimates that 
there likely will be a total of no more than 300 relevant domestic 
and foreign authorities that may request swap data from SDRs.
---------------------------------------------------------------------------

    An entity that seeks access to SDR swap data must be considered 
appropriate by the Commission prior to that entity receiving access to 
SDR swap data. For Enumerated ADRs, there is no burden associated with 
seeking to be deemed appropriate by the Commission as they are already 
enumerated as such. Those entities that are not Enumerated ADRs will be 
required to receive a Determination Order prior to receiving access to 
SDR swap data. The process for obtaining such a Determination Order is 
set out in general terms in proposed Sec.  49.17(h) and requires the 
requesting entity to prepare and submit an application to the 
Commission. The preparation and submittal of this application 
constitutes an information collection under the PRA.
    As discussed above, the Commission believes that for PRA purposes 
it is reasonable to assume that 300 domestic and foreign entities will 
seek access to SDR swap data. Very few of these entities are 
specifically enumerated in Sec.  49.17(b)(1). The Commission estimates, 
for PRA purposes, that each such requesting entity would expend 100 
hours in connection with filing an application to receive an 
appropriateness determination, for a total initial burden of no more 
than 30,000 hours, calculated as the product of 300 domestic and 
foreign entities seeking access to SDR swap data and 100 hours per 
application). This estimate considers the relevant information that 
would be required to be provided in such an application, including 
information regarding the entity's scope of jurisdiction, mutual 
assistance provided to the Commission, and the existence of cooperation 
related to an MOU or similar information sharing arrangement with the 
Commission, as well as any other information relevant for the 
Commission's determination. This burden estimate is included in the 
Commission's proposed revisions to Information Collection 3038-0086.
    Swap Data Repositories. As discussed throughout this release, SDRs 
are required to facilitate access to SDR swap data by requesting 
entities, provided certain conditions are met. This requirement may 
implicate PRA collections and burdens, some of which are already 
addressed in the existing OMB Control Number 3038-0086, and some of 
which constitute new collections, as discussed below. Currently, the 
burden on SDRs of making data available to ADRs and AFRs is accounted 
for in OMB Control Number 3038-0086, as this is an existing obligation 
under existing Sec.  49.17(d). However, the proposed rules set out in 
this release clarify and modify the requirements imposed on SDRs in 
providing access to SDR swap data to ADRs and AFRs. Consequently the 
Commission is revising Information Collection 3038-0086 to account for 
these modifications.
    The Commission expects to limit a requesting entity's access to SDR 
swap data based on the entity's scope of jurisdiction. In connection 
with this

[[Page 8381]]

limitation, the Commission expects SDRs to incur burdens and costs 
associated with setting up access to SDR swap data that is consistent 
with an ADR or AFR's scope of jurisdiction. The Commission expects that 
each confidentiality arrangement will identify, either directly or 
through the attached Determination Order, the scope of access that is 
appropriate for a given requesting entity. The Commission expects SDRs 
to use these limitations to program their systems to reflect the scope 
of the ADR or AFR's access to SDR swap data. These limits set out in 
the confidentiality arrangement are expected to reduce the burdens on 
SDRs of assessing whether a request satisfies the relevant conditions, 
particularly with regard to whether SDR swap data relates to persons or 
activities within the requesting entity's scope of jurisdiction. The 
Commission estimates that the burden on an SDR associated with setting 
up access restrictions to match a requesting entity's scope of 
jurisdiction will include 20 hours of programmer analyst time, five 
hours of senior programming time, and one hour of attorney time, for a 
total of 26 hours. Consequently, for PRA purposes, the Commission 
estimates that each SDR would incur a total burden of 7,800 hours 
(i.e., the product of 300 entities and 26 hours of time) associated 
with setting up access for each ADR or AFR. The burdens associated with 
these permissioning requirements are addressed in proposed revised OMB 
Control Number 3038-0086.
    SDRs will also be required to provide electronic notice to the 
Commission of the first request for data from a particular requesting 
entity and promptly after receiving any request that does not comport 
with the scope of the ADR's or AFR's jurisdiction. In addition to 
notifying the Commission of the foregoing, the Commission is proposing, 
in Sec. Sec.  49.17(d)(4)(i) and (iii), to require SDRs to maintain 
records of all information related to the initial and all subsequent 
requests for data from the requesting entity. These records shall 
include, at a minimum, the identity of the requestor or person 
accessing the data; the date, time and substance of the request or 
access; and copies of all data reports or other aggregation of data 
provided in connection with the request or access. The SDR shall 
maintain this information for a period of no less than five years after 
the date of such request and shall provide this information to the 
Commission upon request.
    Currently, OMB Control Number 3038-0086 estimates burdens 
associated with various registration, reporting, recordkeeping, and 
disclosure requirements to which SDRs are subject. The proposed 
recordkeeping requirements relating to requesting entities' data 
requests constitute an information collection for PRA purposes and 
require the Commission to revise the recordkeeping burden estimates 
contained in OMB Control Number 3038-0086. The reporting and 
recordkeeping requirements proposed in this release may potentially 
impact each SDR.
    SDRs already have the ability to communicate electronically with 
the Commission and are subject to significant recordkeeping 
requirements pursuant to Sec.  49.12. Therefore, the proposed 
requirements should not result in SDRs having to incur initial costs to 
implement systems to properly notify the Commission when a requesting 
entity submits a data request for the first time that are in excess of 
what is already accounted for in OMB Control Number 3038-0086. The 
Commission estimates that initially each SDR may incur a burden of 360 
hours associated with these proposed recordkeeping requirements, for a 
total of 1,440 hours (i.e., the product of four SDRs and 360 hours). 
Additionally, the Commission estimates that each SDR would incur an 
annual burden of 280 hours associated with the recordkeeping 
requirements, for a total of 1,120 hours annually (i.e., the product of 
four SDRs and 280 hours). The burdens associated with these 
notification requirements are addressed in proposed revised Information 
Collection 3038-0086.
    Finally, current Information Collection 3038-0086 accounts for the 
costs to SDRs of executing a ``Confidentiality and Indemnification 
Agreement'' with each requesting ADR and AFR. Under the Commission's 
proposal, the SDR is no longer required to execute such an agreement 
with the ADRs or AFRs. The proposed confidentiality arrangement shall 
be between the requesting ADR or AFR and the Commission. Accordingly, 
the total burden to SDRs, as currently reflected in Information 
Collection 3038-0086, is reduced by the cost to execute such 
agreements. The reduction in burden associated with this change in the 
confidentiality agreement is addressed in proposed revised Information 
Collection 3038-0086.
3. Request for Comments on Collection
    The Commission invites the public and other Federal agencies to 
comment on any aspect of the reporting burdens discussed above. 
Pursuant to 44 U.S.C. 3506(c)(2)(B), the Commission solicits comments 
in order to: (1) Evaluate whether the proposed collection of 
information is necessary for the proper performance of the functions of 
the Commission, including whether the information will have practical 
utility; (2) evaluate the accuracy of the Commission's estimate of the 
burden of the proposed collection of information; (3) determine whether 
there are ways to enhance the quality, utility, and clarity of the 
information to be collected; and (4) minimize the burden of the 
collection of information on those who are to respond, including 
through the use of automated collection techniques or other forms of 
information technology.
    Comments may be submitted directly to the Office of Information and 
Regulatory Affairs, by fax at (202) 395-6566 or by email at 
[email protected]. Please provide the Commission with a copy 
of submitted comments so that all comments can be summarized and 
addressed in the final rule preamble. Refer to the ADDRESSES section of 
this notice of proposed rulemaking for comment submission instructions 
to the Commission. A copy of the supporting statements for the 
collections of information discussed above may be obtained by visiting 
www.RegInfo.gov. OMB is required to make a decision concerning the 
collection of information between 30 and 60 days after publication of 
this document in the Federal Register. Therefore, a comment is best 
assured of having its full effect if OMB receives it within 30 days of 
publication.

C. Cost-Benefit Considerations

1. Introduction
    As discussed in Section I, entitled ``Background and 
Introduction,'' above, Congress passed the FAST Act to facilitate 
broader access to swap data by the regulatory community. Section 
86001(b) of the FAST Act amends CEA section 21 by, among other things, 
eliminating the requirement that, as a condition of receiving 
information from SDRs, each ADR or AFR agree to indemnify the SDR and 
the Commission for any expenses arising from litigation relating to the 
information provided under CEA Section 8. The Commission is issuing 
this proposed rulemaking to enable ADRs and AFRs to access swap data, 
subject to certain safeguards designed to protect swap data from 
misappropriation or misuse, and to advise the public of the practical 
implications of the changes to the CEA made by the FAST Act. The 
Commission preliminarily believes that the proposed safeguards are 
warranted based on the incorporation by reference

[[Page 8382]]

in CEA sections 21(c)(7) and 21(d) of the strong protections of CEA 
section 8.
    CEA section 15(a) requires the Commission to consider the costs and 
benefits of its actions before promulgating a regulation under the CEA 
or issuing certain orders. CEA section 15(a) further specifies that the 
costs and benefits shall be evaluated in light of the following five 
broad areas of market and public concern: (1) Protection of market 
participants and the public; (2) efficiency, competitiveness, and 
financial integrity of futures markets; (3) price discovery; (4) sound 
risk management practices; and (5) other public interest 
considerations. The Commission considers the costs and benefits 
resulting from its discretionary determinations with respect to the CEA 
section 15(a) factors.
    As an initial matter, the Commission recognizes that there are 
benefits, discussed more fully below, for domestic and foreign 
regulators to have access to SDR swap data. Yet, there are inherent 
compromises between data access and data security. More directly, 
greater access leads to data being less secure from misappropriation or 
misuse. The Commission recognizes that there are costs associated with 
this proposed rulemaking. The Commission, however, lacks the requisite 
data and information to precisely estimate costs, in part, because the 
proposed rulemaking grants SDRs, ADRs, and AFRs discretion to implement 
the proposed regulations through alternative measures. Furthermore, the 
Commission does not know which approach SDRs, ADRs, and AFRs will take. 
As a consequence, where it is not feasible to quantify (e.g., because 
of the lack of accurate data or appropriate metrics), the Commission 
has considered the costs and benefits of this proposed rulemaking in 
qualitative terms. The Commission, nevertheless, requests that 
commenters provide any data or other information that would be useful 
in the estimation of the quantifiable costs and benefits of this 
proposed rulemaking.
2. Baseline and Proposed Rule Summary
a. Definition of Foreign Regulator--Proposed Amendment to Sec.  
49.2(a)(5)
    The status quo baseline definition for the term ``foreign 
regulator'' as defined in current Sec.  49.2(a)(5) is a ``foreign 
futures authority as defined in CEA Section 1a(26), foreign financial 
supervisors, foreign central banks and foreign ministries.'' \65\ The 
Commission is proposing to amend the term ``foreign regulator'' to add 
entities. Specifically, the Commission is adding the phrase ``other 
foreign authorities'' to the definition. This approach is consistent 
with the FAST Act's amendment to CEA section 21(c)(7)(E).
---------------------------------------------------------------------------

    \65\ 17 CFR 49.2(a)(5).
---------------------------------------------------------------------------

b. Definition of Appropriate Foreign Regulator--Proposed Amendment to 
Sec.  49.17(b)(2)
    The status quo baseline definition for the term ``Appropriate 
Foreign Regulator'' (defined in current Sec.  49.17(b)(2)) is ``those 
Foreign Regulators with an existing memorandum of understanding or 
other similar type of information sharing arrangement executed with the 
Commission and/or Foreign Regulators without an MOU as determined on a 
case-by-case basis by the Commission.'' \66\
---------------------------------------------------------------------------

    \66\ 17 CFR 49.17(b)(2).
---------------------------------------------------------------------------

    The Commission is proposing to amend current Sec.  49.17(b)(2) to 
require all ``foreign regulators'' to file an application with the 
Commission to become ``Appropriate Foreign Regulators.'' The existence 
of a current MOU or other information sharing arrangement with the 
Commission will not be dispositive to a determination of 
appropriateness. The proposed amendment would require the Commission to 
issue an order finding each foreign regulator ``appropriate.'' In this 
manner, the Commission will ensure that each ``Appropriate Foreign 
Regulator'' is acting within its scope of jurisdiction as mandated 
under CEA section 21(c)(7) through incorporation by reference of CEA 
section 8(e). The Commission believes that this proposal will provide 
greater control over the process by which foreign regulators obtain 
access to SDR swap data; specifically, it will help to ensure that only 
those foreign regulators who have a regulatory interest in SDR swap 
data can access such swap data. The limitation on swap data access 
proposed in this recommendation is expected to help reduce the risk of 
unauthorized disclosure, misappropriation or the misuse of swap data.
c. Duties of Registered SDRs--Proposed Amendments to Sec.  49.9(a)(9)
    The Commission has proposed conforming language changes to current 
Sec.  49.9(a)(9).\67\ There are no substantive changes with respect to 
costs and benefits.
---------------------------------------------------------------------------

    \67\ 17 CFR 49.9(a)(9).
---------------------------------------------------------------------------

d. Purpose of Access to SDR Data--Proposed Amendment to Sec.  49.17(a)
    The Commission has proposed conforming language changes to current 
Sec.  49.17(a).\68\ There are no substantive changes with respect to 
costs and benefits.
---------------------------------------------------------------------------

    \68\ 17 CFR 49.17(a).
---------------------------------------------------------------------------

e. Appropriate Domestic Regulator--Proposed Amendment to Sec.  
49.17(b)(vii)
    The Commission has proposed conforming language changes to current 
Sec.  49.17(b)(vii) to cross-reference the process under Sec.  
49.17(h).\69\ There are no substantive changes with respect to costs 
and benefits in proposed Sec.  49.17(b)(vii). If there are any costs or 
benefits associated with the changes in Sec.  49.17(b)(vii), they will 
be discussed in regards to the process defined under proposed Sec.  
49.17(h), which is the appropriateness-determination process.
---------------------------------------------------------------------------

    \69\ 17 CFR 49.17(b)(vii).
---------------------------------------------------------------------------

f. Domestic Regulator With Regulatory Responsibility--Proposed 
Amendment to Sec.  49.17(d)(2)
    By way of this proposed rulemaking, the Commission has explained 
that if a domestic regulator receives swap data pursuant to its 
regulatory regime, that access is not subject to CEA sections 21(c)(7) 
or 21(d), or Commission regulations Sec.  49.17(d) or Sec.  49.18.
g. Foreign Regulator With Regulatory Responsibility--Proposed Amendment 
to Sec.  49.17(d)(3)
    Foreign Regulators require data in order to fulfill their 
regulatory responsibilities. In proposed Sec.  49.17(d)(3) the 
Commission has explained that, if a foreign regulator receives swap 
data pursuant to its regulatory regime, that access is not subject to 
CEA sections 21(c)(7) or 21(d), or Sec. Sec.  49.17(d) or 49.18.
h. SDR Notification Requirement--Proposed Amendment to Sec.  
49.17(d)(4)(i) to (iv)
    Current Sec.  49.17(d)(4)(i) requires an SDR to promptly notify the 
Commission regarding any request for swap data received by Appropriate 
Domestic or Foreign Regulators.\70\ SDRs under this current regulation 
are required to notify the Commission for each and every request of an 
Appropriate Domestic or Foreign Regulator (including ongoing swap data 
requests).
---------------------------------------------------------------------------

    \70\ 17 CFR 49.17(d)(4)(i).
---------------------------------------------------------------------------

    The Commission proposes to amend current Sec.  49.17(d)(4)(i)-(ii) 
to provide that SDRs notify the Commission at the time that such SDR 
receives the initial request for swap data from a particular

[[Page 8383]]

ADR or AFR and promptly after receiving any request that does not 
comport with the scope of the ADR's or AFR's jurisdiction. Consistent 
with current recordkeeping requirements set forth in Sec.  49.12, SDRs 
are required to maintain books and records of all information related 
to the initial and any subsequent requests for swap data from an 
Appropriate Domestic or Foreign Regulator. The Commission also proposed 
electronic notification similar to the current rule requirement. In 
addition, the Commission placed a few obligations on SDRs under 
proposed Sec.  49.17(d)(4)(iii) and (iv) regarding data access to ADRs 
and AFRs, and determining an ADR's or AFR's jurisdiction.
    In addition, proposed Sec.  49.17(d)(4)(iii) requires SDRs to 
limit, suspend, or revoke an ADR's or AFR's swap data access if the 
ADR's or AFR's scope of jurisdiction changes and the Commission directs 
the ADR or AFR to limit, suspend, or revoke an ADR's or AFR's swap data 
access.
i. Timing; Limitation, Suspension or Revocation of Access--Proposed 
Amendments to Sec.  49.17(d)(5)
    The changes to the rule text in current Sec.  49.17(d)(5) make 
clear that SDRs must notify the Commission of an ADR or AFR access 
request and the receipt of a confidentiality arrangement, among other 
things. In addition, proposed Sec.  49.17(d)(5) requires SDRs to limit, 
suspend, or revoke an ADR's or AFR's swap data access if the Commission 
limits, suspends or revokes the ADR's or AFR's appropriateness 
determination or otherwise directs the ADR or AFR to limit, suspend, or 
revoke an ADR's or AFR's swap data access.
j. Confidentiality Agreement--Proposed Amendments to Sec. Sec.  
49.17(d)(6) and 49.18(a)-(f)
    Current Sec. Sec.  49.17(d)(6) and 49.18, adopted as part of the 
original part 49 rules, provide that SDRs execute a ``Confidentiality 
and Indemnification Agreement'' with a CEA section 21(c)(7) entity, 
prior to sharing swap transaction data and information.\71\ This 
Agreement is required to state that the other regulator will abide by 
the confidentiality provisions of CEA section 8 and agree to indemnify 
both the SDR and the Commission against any litigation expenses 
relating to information provided under CEA section 8. However, through 
the passage of the FAST Act, Congress has eliminated the requirement 
that certain domestic and foreign regulators execute the 
``Confidentiality and Indemnification Agreement'' prior to obtaining 
SDR swap data. More specifically, Congress amended CEA section 21(d) to 
require only the execution of a written agreement by domestic and 
foreign regulators prior to receipt of swap data from SDRs so that 
these regulators will abide by the confidentiality requirements 
described in CEA section 8.
---------------------------------------------------------------------------

    \71\ See 17 CFR 49.17(d)(6) and 49.18.
---------------------------------------------------------------------------

    The Commission proposes to amend current Sec. Sec.  49.17(d)(6) and 
49.18 to (i) reflect the FAST Act amendments to CEA sections 21(c)(7) 
and (d), and (ii) require SDRs to receive a confidentiality arrangement 
from a 21(c)(7) entity, before sharing swap data, to satisfy the 
requirements of CEA section 21(d). Unlike the current regulations, this 
confidentiality arrangement will not be executed by the SDR with the 
21(c)(7) entity, but instead would be executed by the Commission and 
the 21(c)(7) entity. The Commission proposes to provide a form of 
confidentiality arrangement attached as Appendix B to part 49. Use of 
the form would not be mandatory but would provide an efficient and 
expeditious means of fulfilling the confidentiality requirement of 
21(d) and Sec. Sec.  49.17(d) and 49.18.
k. Third-Party Service Providers--Proposed Amendments to Sec.  49.17(e)
    The Commission modified the text in current Sec.  49.17(e) for 
clarity. There are no substantive cost or benefit implications.
l. Access by Market Participants Barred--Proposed Amendment to Sec.  
49.17(f)
    The Commission modified the text in current Sec.  49.17(f) for 
clarity. There are no substantive cost or benefit implications.
m. Filing Requirements for Applicants To Be Determined Appropriate--
Proposed Amendments to Sec.  49.17(h)
    In this proposed rulemaking, the Commission has added proposed 
Sec.  49.17(h) to describe the application process for persons seeking 
an appropriateness determination. In sub-paragraph (2), the Commission 
explains that the applicant must provide sufficient detail to explain 
its jurisdiction and its confidentiality safeguards. Proposed Sec.  
49.17(h)(3) also outlines the standards by which the Commission will 
issue an appropriateness determination. Finally, the Commission 
explains in proposed Sec.  49.17(h)(4) that it reserves the right to 
``revisit, reassess, limit, suspend or revoke'' an appropriateness 
determination.
n. Delegation of Authority--Addition of Proposed Sec. Sec.  49.17(i) 
and 49.18(e)
    Current Sec. Sec.  49.17 and 49.18 do not have delegation of 
authority provisions. The Commission proposes to amend Sec. Sec.  49.17 
and 49.18 to add a delegation of authority to the Director of the 
Division of Market Oversight (``DMO'') and the Director's designee(s) 
of functions reserved to the Commission in Sec. Sec.  49.17 and 49.18. 
The delegation of Commission authority would make the process more 
effective and efficient.
o. SDR Chief Compliance Officer Duties--Proposed Amendment to Sec.  
49.22(d)(4)
    The change to current Sec.  49.22(d)(4) is the removal of the word 
``indemnification'' from the rule text. This is a conforming change to 
make the rule consistent with the FAST Act amendments.
3. Benefits
    At a high level regarding benefits, the rulemaking is expected to 
assist regulators in performing their supervisory and regulatory 
functions by providing them access to swap data, which would help 
regulators better understand the risks their regulated entities are 
assuming and the impact of such risks on the broader markets. These 
supervisory and regulatory functions may include: Monitoring and 
mitigation of systemic risk; ensuring financial stability; registration 
and oversight of financial market infrastructures; registration and 
oversight of trading venues; registration and oversight of market 
participants; central bank activities; prudential supervision; 
restructuring or resolution of infrastructures and firms; and 
regulation of cash markets, in some of which swap counterparties are 
active.
    A more granular benefit to regulators flows from the Commission's 
proposal to resolve a conflict or potential conflict between the 
Commission's Interpretative Statement and current Sec.  49.18(c). In 
the Interpretative Statement, the Commission took the view that other 
regulators who access swap data based on their own authority over SDRs 
are not subject to the swap data access-related provisions of the CEA. 
On the other hand, current Sec.  49.18(c) provides that such regulators 
are required to comply with CEA section 8 and any other relevant 
statutory confidentiality provisions. The Commission proposes to delete 
the statement in current Sec.  49.18(c) providing that other regulators 
are required to comply with CEA section 8 and any other relevant 
statutory

[[Page 8384]]

confidentiality provisions even when they access swap data based on 
their own authority over SDRs.\72\ Other regulators will benefit both 
from the clarity this action provides and by the greater ease of access 
to swap data within their jurisdiction.
---------------------------------------------------------------------------

    \72\ 17 CFR 49.18(c).
---------------------------------------------------------------------------

4. Costs
    The Commission recognizes that there are different types of costs 
associated with this proposed rulemaking. One cost is the potential 
harm to market participants and the public if swap data is misused--for 
example, inappropriately disclosed by ADRs and AFRs. Or, another 
harmful scenario might involve misappropriated data where hackers 
pilfer swap data from ADRs and AFRs to learn the positions of market 
participants so that the hackers, or other interested parties who may 
even pay for such information, scam the market. Such bad actors might 
be able to anticipate such market participants' trades and trade in 
front of them, raising swap trading costs to market participants, 
thereby reducing their profits.\73\ If the aforementioned scenario 
occurred frequently enough this might induce swap dealers to widen 
their spreads, making hedging more expensive. In turn, this might lead 
to sub-optimal business and investment strategies, as parties would be 
less willing to participate in swap markets, because it would be more 
costly. Further, the scenario posed could cause market participants to 
be concerned that their business strategies might be tipped to their 
competitors, because with stolen data, somebody might be able to infer 
their strategies from knowing their swap positions and how these 
positions change in response to relevant economic events.\74\ Such 
concerns could lead some market participants to withdraw to some extent 
from swap markets, reducing liquidity and potentially inducing them to 
use less effective hedging instruments or trading strategies in other 
markets.
---------------------------------------------------------------------------

    \73\ See, e.g., Registered Entity Cyber proposed rulemaking at 
80141 (observing that ``there has . . . been a rise in attacks by . 
. . hacktivists . . . aimed at . . . [, among other things,] theft 
of data or intellectual property . . . .''); Id. at 80189 
(Concurring Statement of Commissioner Bowen) (stating that ``our 
firms are facing an unrelenting onslaught of attacks from hackers 
with a number of motives ranging from petty fraud to international 
cyberwarfare.'').
    \74\ While the same risks of misuse and misappropriation exist 
with respect to swap data maintained at SDRs, SDRs are regulated, 
and subject to sanctions, by the Commission, whereas ADRs and AFRs 
are not.
---------------------------------------------------------------------------

    At a high level regarding costs to ADRs and AFRs, the less access 
to swap data granted to ADRs and AFRs, the less such swap data would 
help in performing ADRs' and AFRs' supervisory and other regulatory 
functions. Similarly, the more impediments to swap data access, the 
longer it would take ADRs and AFRs to use, or the less use ADRs and 
AFRs could make of, such swap data.
    At a more granular level, the Commission is proposing several new 
obligations applicable to foreign regulators and certain domestic 
regulators that will trigger costs for such regulators. The obligation 
for foreign regulators and unenumerated domestic regulators to apply 
for a Determination Order conferring AFR or ADR status so that such 
foreign regulators and unenumerated domestic regulators can receive 
access to SDR swap data will, at a minimum, require such applicants to 
dedicate personnel to drafting the application. Some applicants for ADR 
and AFR status may choose to retain outside counsel or another third 
party to draft the application, thereby incurring related costs. There 
also may be an additional cost associated with the complexity of the 
application because applicants for ADR and AFR status will have to 
explain their jurisdiction and link it to the sought swap data so that 
the Commission can provide swap data access parameters to SDRs in the 
Determination Orders.\75\ While applicants will need to expend 
resources developing their ``appropriateness'' applications, the 
Commission expects that the requirements and guidance it has provided 
in the proposed rulemaking should reduce such expenditures to a certain 
extent. Nonetheless, such expenditures will depend on the particulars 
of a given applicant. Because the Commission lacks sufficient knowledge 
of the specific characteristics of the applicants, among other things, 
the Commission is unable to quantify these expenditures at this time.
---------------------------------------------------------------------------

    \75\ Enumerated domestic regulators also will have to 
demonstrate to the Commission the scope of their jurisdiction so 
that SDRs will know the contours of the swap data access they can 
provide to enumerated domestic regulators.
---------------------------------------------------------------------------

    The proposed requirement in Sec.  49.18(a) that SDRs receive an 
executed confidentiality arrangement from an ADR or AFR before the SDR 
can provide the ADR or AFR swap data is based on a corresponding 
requirement set forth in CEA section 21(d) and will generate costs to 
ADRs and AFRs. CEA section 21(d) does not specify any details of the 
required written agreement other than that it must state that the ADR 
or AFR shall abide by CEA section 8's confidentiality requirements. The 
Commission, however, is proposing, in Appendix B to this part 49, to 
specify required elements as well as a form of confidentiality 
arrangement providing for ADRs and AFRs to implement a number of 
safeguards that would impose burdens on ADRs and AFRs. The 
confidentiality arrangement would include safeguards that:
     To the maximum extent practicable, maintain Confidential 
Information separately from other data and information;
     Protect Confidential Information from misappropriation and 
misuse;
     Ensure that only ADR or AFR personnel with a need to 
access particular Confidential Information to perform their job 
functions related to such Confidential Information have access thereto 
and that such access is permitted only to the minimum extent necessary 
to perform such job functions;
     Prevent disclosure of aggregated Confidential Information 
unless anonymized to prevent identification, through disaggregation or 
otherwise, of a market participant's business transactions, trade data, 
market positions, customers or counterparties;
     Prohibit the use of Confidential Information by ADR or AFR 
personnel for any improper purpose, including in connection with 
trading for their personal benefit or for the benefit of others or with 
respect to any commercial or business purpose;
     Monitor compliance with the confidentiality safeguards and 
ensure prompt notification of the CFTC and each relevant SDR of any 
violation of the safeguards or failure to fulfill the terms of the 
confidentiality arrangement;
     Prohibit the onward sharing or disclosing of Confidential 
Information unless exempted in paragraphs 6(d) or 8 of the 
confidentiality arrangement;
     Notify the CFTC in writing prior to complying with any 
legally enforceable demand for Confidential Information and assert all 
available appropriate legal exemptions or privileges with respect to 
such Confidential Information, and use its best efforts to protect the 
confidentiality of the Confidential Information; and
     Promptly destroy all Confidential Information for which an 
ADR or AFR no longer has a need or for which the information no longer 
falls within the scope of its jurisdiction, and certify to the CFTC, 
upon request, that the ADR or AFR has destroyed such Confidential 
Information.
    The Commission preliminarily believes that the monetary costs of 
these burdens would be minor, and the other costs of complying with 
these burdens, such as the costs to develop policies,

[[Page 8385]]

procedures and safeguards, are within the scope of ADRs' and AFRs' 
expertise.\76\ Given that ADRs and AFRs can elect not to seek access to 
swap data from SDRs and that ADRs and AFRs who do seek such access have 
some control over the manner in which they seek to access such swap 
data, ADRs and AFRs themselves can influence to some degree the costs 
they impose on themselves by seeking access to swap data from SDRs.
---------------------------------------------------------------------------

    \76\ The Commission believes that potential ADRs and AFRs would 
likely have established safeguards to protect sensitive data other 
than swap data and that such safeguards could be adapted to address 
the requirements of the proposed form of confidentiality arrangement 
without great cost.
---------------------------------------------------------------------------

    The proposed rulemaking would prohibit ADRs and AFRs from onward 
sharing Confidential Information with other parties. This could impose 
some costs in that ADRs and AFRs would not be able to freely share swap 
data among themselves. This could reduce the utility of the swap data 
to ADRs and AFRs, possibly reducing the effectiveness thereof. In 
addition, the fact that the Commission is proposing not to specify a 
particular means of ADRs and AFRs accessing swap data could result in 
SDRs providing a means of access other than a means preferred by ADRs 
and AFRs. This might impose additional costs to ADRs and AFRs relative 
to the potentially lesser costs of their preferred means of access. 
Because of these uncertainties, the Commission is unable to quantify 
these costs but is able to identify such costs generally.
    For SDRs, providing swap data access to so many potential ADRs and 
AFRs may be expensive. For example, SDRs may be forced to purchase new 
servers, hire new system administrators to oversee the new swap data/
system usage and troubleshoot related problems that may arise. New 
recordkeeping requirements would require more system resources. The 
proposed requirement to limit the swap data provided to ADRs and AFRs 
to only swap data that is within the scope of ADRs' and AFRs' 
jurisdiction may cause SDRs to elect to create new methods for parsing 
swap data to comply with the proposed requirement to so limit swap 
data. The proposed reporting obligations also will increase SDRs' 
costs, although to the extent that such reporting obligations are not 
triggered, such cost increases would be tempered accordingly. 
Nevertheless, SDRs presumably would need to incur some costs to develop 
policies and procedures, and build out systems, to monitor potential 
events that would trigger the proposed new reporting requirements.
    Other SDR costs will include those related to SDRs verifying that 
each access request by an ADR or AFR is within the scope of the ADR's 
or AFR's jurisdiction. This will require SDRs to expend resources to 
ensure that they do not improperly disclose to an ADR or AFR swap data 
that such ADR or AFR is not entitled to see, in violation of CEA 
section 21(c)(7)'s requirement that SDRs disclose swap data to ADRs and 
AFRs ``on a confidential basis pursuant to [CEA] section 8 . . . .'' 
\77\ By stating that SDRs shall not provide ADRs or AFRs with swap data 
access unless such swap data is within the scope of a requesting ADR's 
or AFR's jurisdiction as described and appended to the confidentiality 
arrangement required by proposed Sec.  49.18(a), proposed Sec.  
49.17(d)(4)(iii) would narrow the scope of the sources SDRs must 
consult to determine the ADR's or AFR's scope of jurisdiction. The 
Commission anticipates that narrowing the scope of the sources that 
SDRs must review to determine an ADR's or AFR's scope of jurisdiction 
would limit the resources SDRs must expend to verify the scope of an 
ADR's or AFR's jurisdiction. The Commission also anticipates that lists 
of ADRs' and AFRs' regulated entities' legal entity identifiers 
(``LEIs'') and uniform product identifiers (``UPIs'') of swaps within 
the scope of ADRs' and AFRs' jurisdiction would limit the resources 
SDRs must expend to verify whether swap data access requests are within 
the scope of an ADR's or AFR's jurisdiction--if ADRs and AFRs choose to 
develop such lists--which the Commission anticipates they would.
---------------------------------------------------------------------------

    \77\ The need for these resource expenditures would flow from 
proposed Sec.  49.17(d)(4)(iii), which would preclude SDRs from 
granting ADRs or AFRs access to swap data unless the SDR has 
determined that such swap data is within the then-current scope of 
such ADRs' or AFRs' jurisdiction.
---------------------------------------------------------------------------

    The Commission understands that there are some blank data entries 
in LEI fields, however, despite the Commission having designated an LEI 
system in 2012, and masked LEIs in a number of cases to reflect certain 
other jurisdictions' privacy law limits on disclosure.\78\ In addition, 
UPIs are still evolving for many swap contracts. Specifically, UPIs are 
in widespread use for standardized swaps but less so for other swaps. 
In cases where there is no UPI for a class of swaps, Sec.  45.7(c)(2) 
requires SDRs to create a UPI for such class and requires SDRs, all 
other registered entities and swap counterparties to use such SDR UPI-
equivalent contract identifiers to classify swaps. In such cases, ADRs 
and AFRs could use SDRs' UPI-equivalents to identify swaps within the 
scope of ADRs' and AFRs' jurisdiction.
---------------------------------------------------------------------------

    \78\ See, e.g., DMO No-Action Letter 16-03 (Jan. 15, 2016), 
available at http://www.cftc.gov/idc/groups/public/@lrlettergeneral/documents/letter/16-03.pdf, for further information regarding such 
privacy law restrictions.
---------------------------------------------------------------------------

    In general, the blank or masked LEI data fields and UPI limits 
discussed above would raise the costs for SDRs and potentially for ADRs 
and AFRs. Inadequate data fields and UPIs hinder SDRs' abilities to 
identify transactions and determine whether such transactions, in 
particular swap data, are within an ADR's or AFR's jurisdictional scope 
and interest. Even though the Commission believes these obstacles would 
increase costs, the Commission also believes that such costs are 
difficult to quantify at this time. The Commission specifically 
requests comment on this concern. Commenters are encouraged to quantify 
such costs, if practical. The Commission understands that lists of LEIs 
of ADRs' and AFRs' regulated entities and lists of UPIs or UPI-
equivalents of swaps within ADRs' and AFRs' jurisdiction may have to be 
updated from time to time as regulated entities move in and out of 
ADRs' and AFRs' jurisdiction, ADRs' and AFRs' jurisdiction expands or 
contracts, swaps evolve, and new swaps are developed. In these cases, 
for example, an ADR or AFR likely would have to modify periodically the 
list of LEIs and UPIs it gives to SDRs.
    The proposal would further mitigate the costs to SDRs by permitting 
them to verify the scope of an ADR's or AFR's jurisdiction just once 
for a recurring request the details of which do not change. SDRs might 
incur additional costs, however, if the scope of jurisdiction changes 
for an ADR or AFR. Such additional costs include some fraction of the 
above costs as well as the cost to notify the Commission of the change 
in jurisdiction for the ADR or AFR.
    The Commission is proposing Appendix B to Part 49 to provide a form 
of confidentiality arrangement for execution by the Commission and by 
ADRs and AFRs seeking swap data access maintained by SDRs so that ADRs 
and AFRs can satisfy the confidentiality agreement requirement set 
forth in CEA Sec.  21(d). The Commission believes that this form would 
eliminate SDRs' costs and reduce ADRs' and AFRs' costs to negotiate the 
terms of such an arrangement relative to an alternative of negotiating 
and signing confidentiality arrangements with four separate SDRs. 
Otherwise, confidentiality arrangement costs could be substantial in 
terms of management

[[Page 8386]]

attention and expenditures.\79\ The Commission expects that reviewing 
and signing a confidentiality arrangement would not require substantial 
expenditures, but request public comments on such costs.\80\ Commenters 
are encouraged to quantify where practical.
---------------------------------------------------------------------------

    \79\ Nevertheless, proposed Sec.  49.18(a) would allow ADRs and 
AFRs to negotiate an alternative to the proposed form, provided that 
such alternative contains the elements required in proposed Sec.  
49.18(b), which, in turn, requires that such alternative contain all 
the elements of the proposed form.
    \80\ The Commission has on occasion used the SIFMA Report on 
Management and Professional Earnings in the Securities Industry to 
estimate these kinds of costs. For instance, on page 279 of the 
SIFMA Report for 2013, the mean salary for a compliance attorney is 
$100,840 with an average bonus of $26,666. This gives $127,506 in 
average total compensation for a compliance attorney. This number is 
divided by 1,800 hours and multiplied by 5.35 to account for 
overhead to get approximately $379 per hour. Next, multiplying by 
12,000 burden hours (from the Paperwork Reduction Act section of 
this release) results in approximately $4,500,000 in estimated 
costs.
---------------------------------------------------------------------------

    The Commission is proposing to permit SDRs to determine the means 
by which they will provide access to swap data to ADRs and AFRs. The 
Commission notes that SDRs already provide the Commission and the 
National Futures Association with data. Providing incremental access to 
ADRs and AFRs may permit SDRs to take advantage of economies of scale, 
thus mitigating SDRs' costs. The proposal would also mitigate SDRs' 
costs by permitting them to choose the means by which they will provide 
access to swap data to ADRs and AFRs. The Commission expects that SDRs 
would choose the lowest cost means of access consistent with their 
statutory obligation to provide ADRs and AFRs access to swap data and 
other constraints. The Commission cannot forecast what these costs 
would be at this time, however, because it depends on particulars of 
each SDR that the Commission does not know. Consequently, the 
Commission welcomes public comments on this requirement and how SDRs 
might satisfy this requirement. Commenters are encouraged to quantify 
where practical.
    CEA section 21(c)(7) requires SDRs to notify the Commission of 
requests for data from a particular ADR or AFR. Proposed Sec.  
49.17(d)(4)(i) would reduce that burden by permitting SDRs to notify 
the Commission only of the first such request by each ADR or AFR and 
promptly after receiving any request that does not comport with the 
scope of the ADR's or AFR's jurisdiction. In addition to the foregoing, 
the Commission is proposing to amend current Sec.  49.17(d)(4)(i) to 
require SDRs to maintain records of all information related to the 
initial and all subsequent requests for data from the requesting 
entity. The SDR would have to maintain this information for the same 
period required for other SDR records. Although these costs may be 
relatively small, the Commission anticipates using such data to, for 
example, monitor ADRs' and AFRs' access requests from time to time to 
ensure that they remain within the scope of their jurisdiction and, 
relatedly, to ensure that SDRs have been monitoring this access issue.
    As one alternative to proposing comprehensive swap data safeguards, 
the Commission instead could have chosen to merely delete the 
indemnification references in its regulations. While that approach 
could have avoided imposing many of the costs to ADRs, AFRs, and SDRs 
related to protection of confidentiality discussed herein, it would 
have dramatically increased the risk of imposing on market participants 
and the public the costs discussed above in the first paragraph of this 
section IV.C.4. and below in section IV.C.5.a.-c., which the Commission 
preliminarily believes is inconsistent with the historical importance 
Congress and the Commission have placed on protecting information 
covered by CEA section 8. Consequently, the Commission has determined 
to take the proposed approach.
5. Consideration of CEA Section 15(a) Factors
a. Protection of Market Participants and the Public
    The Commission is proposing a number of safeguards to prevent 
market participants' swap data maintained at SDRs from being 
misappropriated or misused, as discussed above. Those proposed 
safeguards include: Modifying the requirements for being an AFR; 
requiring both ADRs and AFRs to demonstrate the scope of their swap-
data jurisdiction as a limit on the swap data to which an ADR or AFR 
may have access; having the Commission issue Determination Orders; 
imposing on ADRs and AFRs seeking access to swap data maintained by 
SDRs a number of required confidentiality safeguards; barring onward 
sharing of swap data; certain recordkeeping and reporting requirements; 
and ensuring the Commission's ability to revoke an ADR's or AFR's swap 
data access. Some market participants, and the public, could be harmed 
if market participants' proprietary swap data were misappropriated or 
misused. As detailed above in the ``Cost'' discussion, there is the 
potential harm that misappropriated swap data could be used to front 
run market participants whose swap data were misappropriated, raising 
their costs of completing swap transactions. More specifically, spreads 
could widen, which could deter some market participants from engaging 
in swap transactions trading and prevent prices from adjusting as 
quickly. Another possible misuse of market participants' swap data is 
if those who obtained misappropriated swap data were to reverse 
engineer the trading strategies of the market participants whose data 
were misappropriated and use such strategies, potentially undermining 
their efficacy.
b. Efficiency, Competitiveness, and Financial Integrity of Futures 
Markets
    The Commission believes that there will be little effect on 
efficiency, competiveness, and financial integrity of futures markets 
if swap data is properly protected from being misappropriated or 
misused. If swap data is not properly protected, however, competition 
might be affected, in that market participants might be less willing to 
engage in swap transactions if parties are trading in front of them, 
raising their costs, or misappropriating their trading strategies, 
lowering such strategies' effectiveness. This could induce some swap 
dealers to charge higher fees (explicitly or implicitly) for their 
services and otherwise reduce profits. Such concerns may also encourage 
market participants to increase their use of futures contracts relative 
to swaps, because futures position data may be better protected.
c. Price Discovery
    The Commission believes that price discovery would not be affected 
by this proposed rulemaking. There may be some indirect effects on 
price discovery if the safeguards in this proposed rulemaking prove 
ineffective, however. Price discovery could be negatively impacted if 
position data is misappropriated or misused to the disadvantage of some 
participants. For instance, as previously explained, some market 
participants might withdraw from swaps markets if they fear that their 
position data will be misappropriated or misused. This could lead to 
less frequent trading as well as reduced liquidity in swap markets. 
Furthermore, spreads could widen due to front-running concerns, which 
could make prices more volatile and harm price discovery.

[[Page 8387]]

d. Sound Risk Management Practices
    This proposed rulemaking will help regulators better understand the 
risks posed by their regulated entities. Without swaps data, it is 
impossible to comprehensively supervise entities that engage in swap 
trading. In this way, the proposed rulemaking helps to mitigate 
systemic risk. Allowing more ADRs and AFRs to access SDR swap data 
establishes the potential to improve SDR data by potentially 
facilitating research and analysis that ultimately leads to better risk 
management by market participants. This can occur through academic 
research that influences market participants to improve their risk 
management based on the research, or by ADRs and AFRs asserting their 
authority over their regulated entities to compel them to improve their 
swap data reporting and risk management.
e. Other Public Interest Considerations
    The Commission does not believe that there are any other public 
interest considerations with respect to this proposed rulemaking.
6. Request for Comment
    The Commission requests comment on all aspects of its cost and 
benefit considerations. Commenters are encouraged to quantify their 
comments, if practical.

D. Antitrust Considerations

    CEA section 15(b) requires the Commission to take into 
consideration the public interest to be protected by the antitrust laws 
and endeavor to take the least anticompetitive means of achieving the 
objectives of the CEA, in issuing any order or adopting any Commission 
rule or regulation.
    The Commission does not anticipate that the proposed amendments to 
part 49 will result in anticompetitive behavior. However, because the 
proposed amendments affect existing SDR procedures relating to data 
reporting validation and data accuracy, the Commission encourages 
comments from the public on any aspect of the proposal that may have 
the potential to be inconsistent with the antitrust laws or be 
anticompetitive in nature.

List of Subjects in 17 CFR Part 49

    Access to swap data; Commodity Exchange Act section 8; 
Confidentiality; Registration and regulatory requirements; Swap data 
repositories.

    For the reasons stated in the preamble, the Commodity Futures 
Trading Commission proposes to amend 17 CFR part 49 as set forth below:

PART 49--SWAP DATA REPOSITORIES

0
1. The authority citation for part 49 is revised to read as follows:

    Authority:  7 U.S.C. 12a and 24a, unless otherwise noted.

0
2. In Sec.  49.2, revise paragraph (a)(5) to read as follows:


Sec.  49.2  Definitions.

    (a) * * *
    (5) Foreign Regulator. The term ``foreign regulator'' means a 
foreign futures authority as defined in Section 1a(26) of the Act, 
foreign financial supervisors, foreign central banks, foreign 
ministries and other foreign authorities.
* * * * *
0
3. In Sec.  49.9, revise paragraph (a)(9) to read as follows:


Sec.  49.9  Duties of registered swap data repositories.

    (a) * * *
    (9) Upon request of Appropriate Domestic Regulators and Appropriate 
Foreign Regulators, provide access to swap data held and maintained by 
the swap data repository, as prescribed in Sec.  49.17;
* * * * *
0
4. Amend Sec.  49.17 as follows:
0
a. Revise paragraphs (a), (b)(1)(vii), (b)(2), (c)(2) and (c)(3), 
(d)(2) through (d)(6), and (e) and (f); and
0
b. Add paragraphs (h) and (i).
    The revisions and additions to read as follows:


Sec.  49.17  Access to SDR data.

    (a) Purpose. This section provides a procedure by which the 
Commission, other domestic regulators and foreign regulators may obtain 
access to the swap data held and maintained by registered swap data 
repositories. Except as specifically set forth in this section, the 
Commission's duties and obligations regarding the confidentiality of 
business transactions or market positions of any person and trade 
secrets or names of customers identified in Section 8 of the Act are 
not affected.
    (b) * * *
    (1) * * *
    (vii) Any other person the Commission determines to be appropriate 
pursuant to the process set forth in Sec.  49.17(h).
    (2) Appropriate Foreign Regulator. The term ``Appropriate Foreign 
Regulator'' shall mean those Foreign Regulators the Commission 
determines to be appropriate pursuant to the process set forth in Sec.  
49.17(h).
* * * * *
    (c) * * *
    (2) Monitoring tools. A registered swap data repository is required 
to provide the Commission with proper tools for the monitoring, 
screening and analyzing of swap data, including, but not limited to, 
Web-based services, services that provide automated transfer of data to 
Commission systems, various software and access to the staff of the 
swap data repository and/or third-party service providers or agents 
familiar with the operations of the registered swap data repository, 
which can provide assistance to the Commission regarding data structure 
and content. These monitoring tools shall be substantially similar in 
analytical capability as those provided to the compliance staff and the 
Chief Compliance Officer of the swap data repository.
    (3) Authorized users. The swap data provided to the Commission by a 
registered swap data repository shall be accessible only by authorized 
users. The swap data repository shall maintain and provide a list of 
authorized users in the manner and frequency determined by the 
Commission.
    (d) * * *
    (2) Domestic regulator with regulatory responsibility over a swap 
data repository. When a swap data repository that is registered with 
the Commission pursuant to this chapter is also registered with a 
domestic regulator pursuant to a separate statutory authority, and such 
domestic regulator seeks access to swap data that has been reported to 
such swap data repository pursuant to the domestic regulator's 
regulatory regime, such access is not subject to the requirements of 
sections 21(c)(7) or 21(d) of the Act, or of Sec. Sec.  49.17(d) or 
49.18.
    (3) Foreign Regulator with regulatory responsibility over a swap 
data repository. When a swap data repository that is registered with 
the Commission pursuant to this chapter is also registered with, or 
recognized or otherwise authorized by, a Foreign Regulator that has 
supervisory authority over such swap data repository pursuant to 
foreign law and/or regulation, and such Foreign Regulator seeks access 
to swap data that has been reported to such swap data repository 
pursuant to the Foreign Regulator's regulatory regime, such access is 
not subject to the requirements of sections 21(c)(7) or 21(d) of the 
Act, or of Sec. Sec.  49.17(d) or 49.18.
    (4) Obligations of the registered swap data repository in 
connection with appropriate domestic regulator or appropriate foreign 
regulator requests for data access. (i) A registered swap data 
repository shall notify the

[[Page 8388]]

Commission promptly after receiving an initial request from an 
Appropriate Domestic Regulator or Appropriate Foreign Regulator to gain 
access to swap data maintained by such swap data repository and 
promptly after receiving any request that does not comport with the 
scope of the ADR's or AFR's jurisdiction, as described and appended to 
the confidentiality arrangement required by Sec.  49.18(a). Each 
registered swap data repository shall maintain records thereafter, 
pursuant to Sec.  49.12, of the details of such initial request and of 
all subsequent requests by such Appropriate Domestic Regulator or 
Appropriate Foreign Regulator for such access.
    (ii) The registered swap data repository shall notify the 
Commission electronically, in a format specified by the Secretary of 
the Commission, of the receipt of a request specified in Sec.  
49.17(d)(4)(i).
    (iii) The registered swap data repository shall not provide an 
Appropriate Domestic Regulator or Appropriate Foreign Regulator access 
to swap data maintained by the swap data repository unless the swap 
data repository has determined that the swap data to which the 
Appropriate Domestic Regulator or Appropriate Foreign Regulator seeks 
access is within the then-current scope of such Appropriate Domestic 
Regulator's or Appropriate Foreign Regulator's jurisdiction, as 
described and appended to the confidentiality arrangement required by 
Sec.  49.18(a). An Appropriate Domestic Regulator or Appropriate 
Foreign Regulator that has executed a confidentiality arrangement with 
the Commission pursuant to Sec.  49.18(a) and provided such 
confidentiality arrangement to one or more swap data repositories shall 
notify the Commission and each such swap data repository of any change 
to such Appropriate Domestic Regulator's or Appropriate Foreign 
Regulator's scope of jurisdiction as described in such confidentiality 
arrangement. The Commission may direct a swap data repository to 
suspend, limit, or revoke access to swap data maintained by such swap 
data repository based on any such change to such Appropriate Domestic 
Regulator's or Appropriate Foreign Regulator's scope of jurisdiction, 
and, if so directed, such swap data repository shall so suspend, limit, 
or revoke such access.
    (iv) The registered swap data repository need not make the 
determination required pursuant to Sec.  49.17(d)(4)(iii) more than 
once with respect to a recurring swap data request. If such request 
changes, the swap data repository must make a new determination 
pursuant to Sec.  49.17(d)(4)(iii).
    (5) Timing; limitation, suspension or revocation of swap data 
access. Once a registered swap data repository has--
    (i) Notified the Commission, pursuant to Sec.  49.17(d)(4)(i) and 
(ii), of an initial request for swap data access by an Appropriate 
Domestic Regulator or Appropriate Foreign Regulator, as applicable, 
that was submitted pursuant to Sec.  49.17(d)(1);
    (ii) Received from such Appropriate Domestic Regulator or 
Appropriate Foreign Regulator a confidentiality arrangement executed by 
the Commission and such Appropriate Domestic Regulator or Appropriate 
Foreign Regulator as required by Sec.  49.18(a); and
    (iii) Satisfied its obligations under Sec.  49.17(d)(4)(iii), such 
swap data repository shall provide access to the requested swap data; 
provided, however, that such swap data repository shall, as directed by 
the Commission, limit, suspend or revoke such access should the 
Commission limit, suspend or revoke the appropriateness determination 
for such Appropriate Domestic Regulator or Appropriate Foreign 
Regulator or otherwise direct the swap data repository to limit, 
suspend or revoke such access.
    (6) Confidentiality arrangement. Consistent with Sec.  49.18(a), 
the Appropriate Domestic Regulator or Appropriate Foreign Regulator 
shall, prior to receiving access to any requested swap data, execute a 
confidentiality arrangement with the Commission consistent with the 
requirements set forth in Sec.  49.18(b).
    (e) Third-party service providers to a registered swap data 
repository. Access to the swap data and information maintained by a 
registered swap data repository may be necessary for certain third 
parties that provide various technology and data-related services to a 
registered swap data repository. Third-party access to the swap data 
and information maintained by a swap data repository is permissible 
subject to the following conditions:
    (1) Both the registered swap data repository and the third party 
service provider shall have strict confidentiality procedures that 
protect swap data and information from improper disclosure.
    (2) Prior to a registered swap data repository granting access to 
swap data or information to a third-party service provider, the third-
party service provider and the registered swap data repository shall 
execute a confidentiality agreement setting forth minimum 
confidentiality procedures and permissible uses of the swap data and 
information maintained by the swap data repository that are equivalent 
to the privacy procedures for swap data repositories outlined in Sec.  
49.16.
    (f) Access by market participants--(1) General. Access by market 
participants to swap data maintained by the registered swap data 
repository is prohibited other than as set forth in Sec.  49.17(f)(2).
    (2) Exception. Swap data and information related to a particular 
swap that is maintained by the registered swap data repository may be 
accessed by either counterparty to that particular swap. However, the 
swap data and information maintained by the registered swap data 
repository that may be accessed by either counterparty to a particular 
swap shall not include the identity or the legal entity identifier (as 
such term is used in part 45 of this chapter) of the other counterparty 
to the swap, or the other counterparty's clearing member for the swap, 
if the swap is executed anonymously on a swap execution facility or 
designated contract market, and cleared in accordance with Commission 
regulations in Sec. Sec.  1.74, 23.610, and 37.12(b)(7) of this 
chapter.
* * * * *
    (h) Appropriateness determination process. (1) Each person seeking 
an appropriateness determination pursuant to this paragraph shall file 
an application with the Commission.
    (2) Each applicant seeking an appropriateness determination shall 
provide sufficient detail in its application to permit the Commission 
to analyze whether the applicant is acting within the scope of its 
jurisdiction in seeking access to swap data maintained by a registered 
swap data repository, and whether the applicant employs appropriate 
confidentiality safeguards to ensure that any swap data such applicant 
receives from a registered swap data repository will not, except as 
allowed for in the form of confidentiality arrangement set forth in 
Appendix B of this part, be disclosed.
    (3) If the Commission determines that an applicant pursuant to this 
paragraph is, conditionally or unconditionally, appropriate for 
purposes of CEA section 21(c)(7), the Commission shall issue an order 
setting forth its appropriateness determination. The Commission shall 
not determine that an applicant pursuant to this paragraph is 
appropriate unless the Commission is satisfied that--
    (i) The applicant employs appropriate confidentiality safeguards to 
ensure that any swap data such applicant receives from a registered 
swap data repository

[[Page 8389]]

will not be disclosed, except as allowed for in the form of 
confidentiality arrangement set forth in Appendix B of this part and
    (ii) Such applicant is acting within the scope of its jurisdiction 
in seeking access to swap data from a registered swap data repository.
    (4) The Commission reserves the right, in connection with any 
appropriateness determination with respect to an Appropriate Domestic 
Regulator or Appropriate Foreign Regulator, to revisit, reassess, 
limit, suspend or revoke such determination consistent with the Act.
    (i) Delegation of authority relating to certain matters in this 
section. (1) The Commission hereby delegates, until such time as the 
Commission orders otherwise, the following functions to the Director of 
the Division of Market Oversight and to such members of the 
Commission's staff acting under his or her direction as he or she may 
designate from time to time: All functions reserved to the Commission 
in this section.
    (2) The Director of the Division of Market Oversight may submit any 
matter which has been delegated under paragraph (i)(1) of this section 
to the Commission for its consideration.
    (3) Nothing in this section may prohibit the Commission, at its 
election, from exercising the authority delegated under paragraph 
(i)(1) of this section.
0
5. Revise Sec.  49.18 to read as follows:


Sec.  49.18  Confidentiality arrangement.

    (a) Confidentiality arrangement required prior to disclosure of 
swap data by a registered swap data repository to an Appropriate 
Domestic Regulator or Appropriate Foreign Regulator. Prior to a 
registered swap data repository providing access to swap data to any 
Appropriate Domestic Regulator or Appropriate Foreign Regulator, each 
as defined in Sec.  49.17(b), the swap data repository shall receive, 
pursuant to Section 21(d) of the Act, an executed confidentiality 
arrangement between the Commission and the Appropriate Domestic 
Regulator or Appropriate Foreign Regulator, as applicable, in the form 
set forth in Appendix B of this part or, at a minimum, containing the 
elements required in paragraph (b) of this section, from such 
Appropriate Domestic Regulator or Appropriate Foreign Regulator. Such 
confidentiality arrangement must include, either as Exhibit A to the 
form set forth in Appendix B of this part or similarly appended, a 
description of the Appropriate Domestic Regulator's or Appropriate 
Foreign Regulator's jurisdiction. Once a registered swap data 
repository is notified that a confidentiality arrangement received from 
an Appropriate Domestic Regulator or Appropriate Foreign Regulator no 
longer is in effect, the swap data repository shall not provide access 
to swap data to such Appropriate Domestic Regulator or Appropriate 
Foreign Regulator.
    (b) Elements of confidentiality arrangement. The confidentiality 
arrangement required pursuant to paragraph (a) of this section shall, 
at a minimum, include all elements included in the form of 
confidentiality arrangement set forth in Appendix B of this part.
    (c) Reporting failures to fulfill the terms of a confidentiality 
arrangement. A registered swap data repository shall immediately report 
to the Commission any known failure to fulfill the terms of a 
confidentiality arrangement that it receives pursuant to paragraph (a) 
of this section.
    (d) Failures to fulfill the terms of the confidentiality 
arrangement. The Commission may, if an Appropriate Domestic Regulator 
or Appropriate Foreign Regulator fails to fulfill the terms of a 
confidentiality arrangement described in paragraph (a) of this section, 
direct each registered swap data repository to limit, suspend or revoke 
such Appropriate Domestic Regulator's or Appropriate Foreign 
Regulator's access to swap data held by such swap data repository.
    (e) Delegation of authority relating to certain matters in this 
section. (1) The Commission hereby delegates, until such time as the 
Commission orders otherwise, the following functions to the Director of 
the Division of Market Oversight and to such members of the 
Commission's staff acting under his or her direction as he or she may 
designate from time to time: All functions reserved to the Commission 
in this section.
    (2) The Director of the Division of Market Oversight may submit any 
matter which has been delegated under paragraph (e)(1) of this section 
to the Commission for its consideration.
    (3) Nothing in this section may prohibit the Commission, at its 
election, from exercising the authority delegated under paragraph 
(e)(1) of this section.
0
6. In Sec.  49.22, revise paragraph (d)(4) to read as follows:


Sec.  49.22  Chief compliance officer.

* * * * *
    (d) * * *
    (4) Taking reasonable steps to ensure compliance with the Act and 
Commission regulations in this chapter relating to agreements, 
contracts, or transactions, and with Commission regulations in this 
chapter under Section 21 of the Act, including confidentiality 
arrangements received by the chief compliance officer's registered swap 
depository pursuant to Sec.  49.18(a);
* * * * *
0
7. Add Appendix B to part 49, to read as follows:

Appendix B to Part 49--Confidentiality Arrangement for Appropriate 
Domestic Regulators and Appropriate Foreign Regulators To Obtain Access 
To Swap Data Maintained by Registered Swap Data Repositories Pursuant 
to Sec. Sec.  49.17(d)(6) and 49.18(a)

[[Page 8390]]

[GRAPHIC] [TIFF OMITTED] TP25JA17.088

The U.S. Commodity Futures Trading Commission (``CFTC'') and the 
[name of foreign/domestic regulator (``ABC'')] (each an 
``Authority'' and collectively the ``Authorities'') have entered 
into this Confidentiality Arrangement (``Arrangement'') in 
connection with [whichever is applicable] [CFTC Regulation 
49.17(b)(1)[(i)-(vi)]/the determination order issued by the CFTC to 
[ABC] (``Order'')] and any request for swap data by [ABC] to any 
swap data repository (``SDR'') registered with the CFTC.

Article One: General Provisions

    1. ABC is permitted to request and receive swap data directly 
from a registered SDR (``Swap Data'') on the terms and subject to 
the conditions of this Arrangement.
    2. This Arrangement is entered into to fulfill the requirements 
under Section 21(d) of the Commodity Exchange Act (``Act'') and CFTC 
Regulation 49.18. Upon receipt by a registered SDR, this Arrangement 
will satisfy the requirement for a written agreement pursuant to 
Section 21(d) of the Act and CFTC Regulation 49.17(d)(6). This 
Arrangement does not apply to information that is [reported to a 
registered SDR pursuant to [ABC]'s regulatory regime where the SDR 
also is registered with [ABC] pursuant to separate statutory 
authority, even if such information also is reported pursuant to the 
Act and CFTC regulations][reported to a registered SDR pursuant to 
[ABC]'s regulatory regime where the SDR also is registered with, or 
recognized or otherwise authorized by, [ABC], which has supervisory 
authority over the repository pursuant to foreign law and/or 
regulation, even if such information also is reported pursuant to 
the Act and CFTC regulations.] \1\
---------------------------------------------------------------------------

    \1\ The first bracketed paragraph will be used for ADRs; the 
second will be used for AFRs. The inapplicable paragraph will be 
deleted.
---------------------------------------------------------------------------

    3. This Arrangement is not intended to limit or condition the 
discretion of an Authority in any way in the discharge of its 
regulatory responsibilities or to prejudice the individual 
responsibilities or autonomy of any Authority.
    4. This Arrangement does not alter the terms and conditions of 
any existing arrangements.

Article Two: Confidentiality of Swap Data

    5. ABC will be acting within the scope of its jurisdiction in 
requesting Swap Data and employs procedures to maintain the 
confidentiality of Swap Data and any information and analyses 
derived therefrom (collectively, the ``Confidential Information''). 
ABC undertakes to notify the CFTC and each relevant SDR promptly of 
any change to ABC's scope of jurisdiction.
    6. ABC undertakes to treat Confidential Information as 
confidential and will employ safeguards that:
    a. To the maximum extent practicable, identify the Confidential 
Information and maintain it separately from other data and 
information;
    b. Protect the Confidential Information from misappropriation 
and misuse;
    c. Ensure that only authorized ABC personnel with a need to 
access particular Confidential Information to perform their job 
functions related to such Confidential Information have access 
thereto, and that such access is permitted only to the extent 
necessary to perform their job functions related to such particular 
Confidential Information;
    d. Prevent the disclosure of aggregated Confidential 
Information; provided, however, that ABC is permitted to disclose 
any sufficiently aggregated Confidential Information that is 
anonymized to prevent identification, through disaggregation or 
otherwise, of a market participant's business transactions, trade 
data, market positions, customers or counterparties;
    e. Prohibit use of the Confidential Information by ABC personnel 
for any improper purpose, including in connection with trading for 
their personal benefit or for the benefit of others or with respect 
to any commercial or business purpose; and
    f. Include a process for monitoring compliance with the 
confidentiality safeguards described herein and for promptly 
notifying the CFTC, and each SDR from which ABC has received Swap 
Data, of any violation of such safeguards or failure to fulfill the 
terms of this Arrangement.
    7. Except as provided in Paragraphs 6.d. and 8, ABC will not 
onward share or otherwise disclose any Confidential Information.
    8. ABC undertakes that:
    a. If a department, central bank, or agency of the Government of 
the United States, it will not disclose Confidential Information 
except in an action or proceeding under the laws of the United 
States to which it, the CFTC, or the United States is a party;
    b. If a department or agency of a State or political subdivision 
thereof, it will not disclose Confidential Information except in 
connection with an adjudicatory action or proceeding brought under 
the Act or the laws of [name of either the State or the State and 
political subdivision] to which it is a party; or
    c. If a foreign futures authority or a department, central bank, 
ministry, or agency of a foreign government or subdivision thereof, 
or any other Foreign Regulator, as defined in Commission Regulation 
49.2(a)(5), it will not disclose Confidential Information except in 
connection with an adjudicatory action or proceeding brought under 
the laws of [name of country, political subdivision, or (if a 
supranational organization) supranational lawmaking body] to which 
it is a party.
    9. Prior to complying with any legally enforceable demand for 
Confidential Information, ABC will notify the CFTC of such demand in 
writing, assert all available appropriate legal exemptions or 
privileges with respect to such Confidential Information, and use 
its best efforts to protect the confidentiality of the Confidential 
Information.
    10. ABC acknowledges that, if it does not fulfill the terms of 
this Arrangement, the CFTC may direct any registered SDR to suspend 
or revoke ABC's access to Swap Data.
    11. ABC will comply with all applicable security-related 
requirements imposed by an SDR in connection with access to Swap 
Data maintained by the SDR, as such requirements may be revised from 
time to time.
    12. ABC will promptly destroy all Confidential Information for 
which it no longer has a need or which no longer falls within the 
scope of its jurisdiction, and will certify to the CFTC, upon 
request, that ABC has destroyed such Confidential Information.

Article Three: Administrative Provisions

    13. This Arrangement may be amended with the written consent of 
the Authorities.
    14. The text of this Arrangement will be executed in English, 
and may be made available to the public.
    15. On the date this Arrangement is signed by the Authorities, 
it will become effective and may be provided to any registered SDR 
that holds and maintains Swap Data that falls within the scope of 
ABC's jurisdiction.

[[Page 8391]]

    16. This Arrangement will expire 30 days after any Authority 
gives written notice to the other Authority of its intention to 
terminate the Arrangement. In the event of termination of this 
Arrangement, Confidential Information will continue to remain 
confidential and will continue to be covered by this Arrangement.
    This Arrangement is executed in duplicate, this ___day of ___.
-----------------------------------------------------------------------

[name of Chairman]
Chairman
U.S. Commodity Futures Trading Commission

-----------------------------------------------------------------------
[name of signatory]
[title]
[name of foreign/domestic regulator]

[Exhibit A: Description of Scope of Jurisdiction. If ABC is not 
enumerated in Commission Regulations 49.17(b)(1)(i)-(vi), it must 
attach the Determination Order received from the Commission pursuant 
to Commission Regulation 49.17(h). If ABC is enumerated in 
Commission Regulations 49.17(b)(1)(i)-(vi), it must attach a 
sufficiently detailed description of the scope of ABC's jurisdiction 
as it relates to Swap Data maintained by SDRs.]

    Issued in Washington, DC, on January 13, 2017, by the 
Commission.
Christopher J. Kirkpatrick,
Secretary of the Commission.

    Note:  The following appendices will not appear in the Code of 
Federal Regulations.

Appendices to Proposed Amendments to the Swap Data Access Provisions of 
Part 49 and Certain Other Matters--Commission Voting Summary and 
Chairman's Statement

Appendix 1--Commission Voting Summary

    On this matter, Chairman Massad and Commissioners Bowen and 
Giancarlo voted in the affirmative. No Commissioner voted in the 
negative.

Appendix 2--Statement of Chairman Timothy G. Massad

    The increased reporting of data on swaps transactions is an 
important reform of the derivatives markets agreed to by the G20 
leaders in 2009. Today, thanks to this reporting, regulators across the 
globe are in a better position to assess exposures and risks related to 
this market. Because of the global nature of the market, it is critical 
for regulators to be able to share information, subject to appropriate 
confidentiality and other protections.
    That's why I am pleased we are issuing this proposal, which will 
make it easier for other regulators, both domestic and foreign, to gain 
access to swap data repository (SDR) swap data. The proposal would 
conform our rules to various changes Congress made in the law and 
provide a process for sharing of information. Among other things, 
Congress removed a requirement that another regulator must indemnify 
both the Commission and the swap data repository for expenses related 
to litigation before data could be shared. To date, no domestic or 
foreign regulator has provided such an indemnification. Today's 
proposal removes this requirement in the CFTC's own rules, makes other 
changes consistent with Congressional action, and creates a process for 
when and how other regulators gain access to SDR information that will 
protect confidentiality.
    I thank my fellow Commissioners Bowen and Giancarlo for their 
unanimous support for this proposal. I also thank the hardworking CFTC 
staff for all their efforts.
[FR Doc. 2017-01287 Filed 1-24-17; 8:45 am]
BILLING CODE 6351-01-P