CFTC’s Enforcement Sprint Ends With $8.3 Million in Penalties & a Signal of What Comes Next

Key Takeaways

• $8.3 Million in Penalties: The CFTC settled six enforcement actions against 10 firms under its enforcement sprint initiative.
• UBS Hit Hardest: UBS will pay $5 million for surveillance supervision failures spanning nearly a decade.
• Cooperation Pays: Citi’s $1.5 million penalty and other fines were significantly reduced thanks to self-reporting and exemplary cooperation.
• Regulatory Shift: The sprint reflects a move to close technical compliance cases more quickly and redirect resources toward fraud and market abuse.

Deep Dive

The Commodity Futures Trading Commission (CFTC) has wrapped up what Acting Chairman Caroline D. Pham dubbed an “enforcement sprint,” issuing six simultaneous orders against 10 financial firms and securing $8.325 million in penalties. The initiative, unveiled in March, was designed to clear a backlog of long-running compliance cases that had consumed enforcement bandwidth for years.

Instead of fraud or market manipulation, the matters targeted operational missteps: recordkeeping, reporting, and supervisory failures—issues that, while technical in nature, have historically tied up CFTC staff for nearly a decade in some instances. Pham defended the sprint as a way to reset priorities, telling firms the Commission wanted these cases “resolved fairly and efficiently” so enforcement could refocus on “fighting fraud and helping victims.”

The firms penalized included some of the industry’s biggest names. UBS paid the largest fine, $5 million, after the regulator found that its surveillance systems left gaps across asset classes from 2015 to 2024. Citigroup Global Markets Inc. was fined $1.5 million, though the penalty was heavily reduced thanks to what the CFTC described as “exemplary” self-reporting and cooperation after discovering a programming error that led to inaccurate trader reports.

Other orders touched on familiar regulatory themes. Several firms, including Santander, BNY Mellon, and SMBC Capital Markets, were penalized for employees’ use of unapproved messaging apps and personal texts, each case resulting in a $500,000 penalty. These firms also committed to remedial measures such as independent compliance reviews and internal audits. U.S. Bank, meanwhile, was fined $325,000 for swap reporting errors stemming from valuation methodology flaws.

Charles Marvine, Acting Chief of the CFTC’s Retail Fraud and General Enforcement Task Force, called the sprint “a success,” noting that it helped clean up the enforcement docket and freed resources to pursue fraudsters. For compliance officers and risk managers, regulators are rewarding firms that self-report, cooperate, and remediate swiftly, while showing less tolerance for years-long delays in fixing systemic gaps.

The sprint may be over, but its legacy could extend beyond the six matters announced last week. If replicated, it could signal a new enforcement model: one that channels regulatory energy away from technical violations and toward misconduct that undermines market integrity.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.