CFTC committee discusses technology and cyber issues 

Technology Advisory Committee explores third-party vendor risk, AI and more 

19 July 2023


The US Commodity Futures Trading Commission held a meeting of its Technology Advisory Committee (TAC) on 18 July, touching on topics including the use of artificial intelligence, decentralized finance, and cyber resilience for financial markets.  

"With artificial intelligence at the forefront of public discussion, significant movements in digital asset markets to decentralized finance after the collapse of unregistered centralized exchanges and several enforcement actions, as well as escalated and persistent cyber threats, I look forward to presentations and discussion from recognized technology experts who serve on the TAC," said CFTC Commissioner Christy Goldsmith Romero, sponsor of the TAC, in her opening remarks.  

While this advisory committee has no formal rulemaking authority, the committee is formed of public policy experts and market participants including exchanges and clearing firms to help guide work at the agency. 

Discussion at the event touched on the following areas: 

Cyber risk: In the cybersecurity portion of the meeting, the TAC discussed the nature of third-party relationships across the financial sector. This included a review of a 2021 document jointly published by the US Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency as well as OCC Bulletin 2023-17 published in June of this year that clarifies some of the guidance of the agencies. There was agreement that third-party relationships are always unique, but there are commonalities including the importance of sound risk-management practices and control structures relative to the size or complexities of an institution. 

Artificial intelligence: The TAC discussed the recent efforts by President Biden to develop a blueprint for an AI Bill of Rights, and the importance of considering the potential risks and biases of AI. Travis Hall of the National Telecommunications and Information Administration also offered details on the NTIA's recent request for comment on AI accountability policies that garnered 1,400 responses. The committee also discussed the use of AI as it relates to cyber risks, namely the ability to identify or exploit security vulnerabilities as technology evolves. 

Decentralized finance: The TAC explored regulatory Issues related to DeFi, specifically digging into a recent CFTC enforcement action against Ooki DAO – a Decentralized Autonomous Organization, where there is no specific person or group to hold accountable. 

Digital assets: In the area of crypto assets, the TAC discussion primarily focused on market stability issues, security challenges and the regulatory implications for an evolving digital assets marketplace. 

Official statements and documents 

  • MarketVoice
  • Digital Assets
  • Industry Operations
  • News & Commentary