The CFTC Office of the Inspector General ("OIG") highlighted deficiencies in the agency's Data Governance program and advised the CFTC to improve its Integrated Surveillance System ("ISS") platform or transfer to a better platform.

In its report, the OIG acknowledged that the program is working toward an "improved Data Governance framework with benchmark attributes," but currently "shows declining usefulness to CFTC operations." Specifically, the OIG found that (i) the program's ISS data collection and maintenance procedures are costly and subject to errors, and (ii) ISS database application does not meet certain cybersecurity standards and is, therefore, a target to hackers.

The OIG advised the CFTC to:

  1. create a timeframe in which to (i) fully implement its Data Governance framework plans and (ii) harmonize its operations with the goals outlined in the Federal Data Strategy and Open Data Government Act requirements;
  2. update business requirements for ISS and incorporate stakeholder expectations;
  3. modernize the ISS to enhance the traceability, efficiency and error handling of "ETL" (i.e., extracting, transferring and loading data) processes;
  4. reassess its practices to ensure compliance with current federal security standards; and
  5. review security risks of other legacy applications to ensure compliance.

In response, the CFTC agreed to:

  • establish a data governance framework;
  • address stakeholder business requirements;
  • update data transmission standards and improve its ETL practices; and
  • increase security compliance.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.