Jan Michael Dervish
Loyola University School of Law, JD 2020
Joseph Adamczyk, ’01 is the Senior Vice President and Chief Compliance Officer at OCC (Options Clearing Corporation). OCC is the world’s largest equity derivatives clearing organization, and works to promote stability and financial integrity in the marketplace. Mr. Adamczyk holds a J.D. from Loyola University Chicago School of Law, an MBA from the University of Chicago, and a B.S. in Business Administration from DePaul University.
For readers who aren’t familiar with the Options Clearing Corporation (OCC), can you describe what your organization does?
OCC is the only central counterparty (CCP) for all U.S. exchange-listed options trades – something we have been doing for more than 45 years. We work to manage risk for those involved in options trading by being the buyer to every seller and the seller to every buyer. By providing this stability and market integrity, we ensure confidence in the financial markets and the broader economy. We also are the leading provider of online, unbiased educational content for users of these markets, whether it is individual investors who want to learn the basics or knowledgeable investors who want o use more complex options trading strategies. So OCC plays an important role in the global economy.
As a CCP for these markets, OCC operates as the go-between for parties that are trading options or other U.S. financial instruments such as futures. In general, when one party looks to trade (i.e., buy or sell) an option contract or other financial instrument from another party, they execute the trades through an exchange such as the New York Stock Exchange or the Chicago Board Options Exchange (Cboe). That trade is then “cleared” by a CCP such as OCC.
Exchange trading is mostly anonymous, so that parties do not know who they are trading with. The anonymity allows for greater price transparency in the markets, but also introduces risk to those parties because they do not know who the specific party is on the other side of their transaction. That limits their ability to assess the financial well-being of their counterparty in the transaction, meaning they are susceptible to counterparty failure and inability to make good on the agreement. CCPs like OCC help mitigate that risk by clearing, settling and guaranteeing the trades.
Through a legal process called novation, OCC stands between the parties to a trade and represents to each party that we will make good on the trade (i.e., pay any monies due or transfer underlying securities) in the very rare instance should another party fail to do so. OCC has never had to do this in its history, but it has occurred in other markets, most recently a few months ago in European energy markets. OCC also settles the trades by confirming the monies and securities that need to change hands as a result of the trade. Finally, and very important, we provide substantial financial risk management services to help manage the aforementioned default and credit risks by collecting margin from participants and establishing a guarantee fund and other services.
As you might imagine given the complexity, criticality, and significance of the services that we provide, OCC is a highly regulated organization. We are subject to oversight by the Securities and Exchange Commission (SEC) and the U.S. Commodities Futures Trading Commission (CFTC). In 2012, as a result of the Dodd-Frank legislation, we were designated as a systemically-important financial market utility (SIFMU) by the U.S. Financial Stability Oversight Council. We are one of eight U.S. CCPs designated as a SIFMU, and this designation recognizes that we are a critical piece of the U.S. financial industry. With this elevated designation comes even greater regulatory scrutiny, including heightened regulatory requirements surrounding reporting, risk management, and day-to-day operations. It also means that OCC is subject to the regulatory oversight of the Federal Reserve in addition to the SEC and CFTC.
At OCC I lead a staff of 36 compliance professionals who are responsible for providing oversight and guidance to the entire organization as it navigates the extensive set of regulatory requirements promulgated by Congress and further enhanced by the regulatory agencies.
You previously held legal department positions at both OCC and CME Group. How did that prior experience impact how you approach the CCO role?
I originally started my career in private practice, doing both litigation work as well as work for CME Group as outside counsel. This provided me with exposure to CME Group (an operator of both exchanges and CCPs in the U.S. and Europe) and the futures industry, the world of self-regulatory organizations [such as OCC and CME Group], and the role that self-regulatory organizations play in the broader financial framework in the United States. The legal frameworks promulgated by Congress that govern the securities and futures markets include a somewhat novel feature whereby exchanges and CCPs operate as quasi-regulators and as such are required to perform certain surveillance, risk management, and other operating responsibilities on behalf of the regulators.
After about eight years in private practice, I joined CME Group, heading up their enforcement division. As a self-regulatory organization, CME Group is responsible for maintaining rules that govern trading parties’ activities in those markets, such as market manipulation. I started off prosecuting market participants for rule violations and worked cases in conjunction with federal authorities, including the CFTC, FBI and DOJ. This work gave me a lot of exposure to the various regulatory agencies, and their expectations for self-regulatory organizations. I gained a lot of insight into how markets operate, as well as how regulators think, act, and function.
This experience carried over to my next role at CME Group, in their internal legal department. While my enforcement role was largely outward facing (involving the activities of market participants), this role was mostly inward facing. I had a lot of oversight over CME Group’s domestic and international regulatory affairs. I was very focused on helping to ensure CME Group was meeting its own regulatory requirements around the world. I was fortunate to be able to interact with regulators around the world – including Europe, APAC, EMEA.
My positions at CME Group provided a lot of exposure to how regulators around the world go about their work, including the similarities and differences in how the U.S. approaches regulation compared to other countries. I gained some great insight that is very valuable in my current role at OCC. In particular, I am able to leverage my earlier experience dealing with the SEC to help OCC in its ongoing regulatory relationship with that agency. I learned a lot about their expectations and requirements, as well as how to enhance the manner in which we go about meeting, monitoring, and reporting on regulatory compliance efforts.
Finally, at CME Group I learned a lot about developing good relationships and rapport across the organization, as well as the importance of building a good rapport with the board of directors. In my role it’s critical to be able to escalate information both horizontally across the organization and upward when needed.
What challenges has OCC’s SIFMU designation presented to you as the CCO, and to your team?
For me, as CCO, the challenges are primarily related to understanding all the various requirements that come with a SIFMU designation. It triggers oversight not just with the SEC and CFTC, but with the Federal Reserve as well. They have additional oversight over us now, and it can be challenging to understand what their expectations are, and how they are different or heightened relative to the SEC and CFTC.
One of the biggest challenges is navigating the various relationships both with and across these regulators. Although they all work for the government, and are broadly working to protect investors, they go about their work differently. To an extent, they have different expectations and requirements, and this can make it challenging for both myself and the organization to understand what all those expectations are and how they interrelate with one another.
Being a regulated entity and meeting regulatory responsibilities is not as black and white as saying “you can do this” or “you can’t do that.” There is a lot of nuance and ambiguity, and the markets operate mostly in the gray areas where things aren’t so black and white. This requires a lot of experience, a lot of interaction, and a lot of discussion in order to meet our responsibilities.
It can also be challenging at times to work with our business counterparts in helping them understand their regulatory requirements, but it is our goal to be a good business partner and support them. They are subject matter experts in their respective domains, whether it’s programming code, developing sophisticated financial risk models or executing operations; they are not lawyers or compliance experts by trade and therefore may not be experienced in reviewing and analyzing complex regulations, let alone translating them into business requirements. The ability to do that across many different business areas and disciplines within the organization is very challenging – and takes a lot of time, effort, and coordination across teams.
This extends to my entire department. We’re responsible for providing oversight and guidance back to the business, and we all interact with the business. The Compliance team needs to be able to understand how the business operates, what the regulatory and non-regulatory compliance requirements are, and be able to work with our colleagues to configure and implement those requirements. The work requires a pretty vast mix of technical, interpersonal, and business capabilities and skillsets to be able to do this effectively.
How would you say that the role of a CCO has changed over the last decade?
To me, one of the biggest changes has been learning to understand and manage the proliferation of digital information. It has impacted the way people communicate and interact with one another, execute activities at work and at home, expectations for behavior, and so on. Learning how to deal with all the evolution of communications, from a compliance perspective, is a challenge.
Financial regulated entities in the U.S. are required to retain certain information for an extended period of time, and so a very tangible example of this dilemma in the compliance environment is that OCC and other regulated entities have to continue to find ways to meet with these retention requirements as the format of information changes and the requirements governing them also change. You can imagine that as companies continually embrace greater amounts of digital information – from email to other forms of social media; at ever-increasing speeds – it is a challenge to manage those requirements. There are other compliance implications as well, such as managing and monitoring disclosures on conflicts, trading restrictions, payments, and so on.
Thus, CCOs have to develop and evolve processes and capabilities over time in order to allow them to manage the pace of innovation.
CCOs also need to be thinking about the resources they need to bring to the table. There’s the human resource component – what types of people and skillsets do I need to do this analysis/work – but there’s also a technological component. In the information age you have to leverage technology to assimilate data and information in such a way that you can efficiently and effectively carry out your compliance responsibilities. CCOs need to continually keep abreast of these shifting dynamics. We need to be thinking about how we work with our IT colleagues to identify new challenges and risks, and then how we can work together to mitigate them.
What advice would you have as a CCO for law students or attorneys who are looking to break into compliance?
I would advise really thinking about the skill-sets or capabilities you need to develop to be successful in a role where you are dealing with compliance or regulatory considerations.
From entry level analyst to CCO – every position requires the development of an array of skills and capabilities in order to be really successful. A law background is an excellent starting point, but it’s very likely that you’ll need more than that to reach your highest potential. On the flip side, I’ve also seen many successful compliance professionals who did not have a law school education, or who have not explicitly practiced law.
Being effective in compliance is more than having an understanding of legal requirements. While it’s beneficial when it comes to analyzing and understanding requirements, you also have to be a good communicator, and you have to have an understanding of how the business works.
It’s virtually impossible to be effective in a compliance role if you don’t have an understanding of what the business is, and why it’s doing what it’s doing. Compliance is very much applying a framework: there is no one size fits all. You have to be comfortable dealing with ambiguity but at the same time adept at deriving a workable framework that is the right fit for your organization. You have to first understand the work, and then apply the compliance framework.
You also have to be able to build relationships. In this day and age, it is essential that you maintain strong working relationships with your chief security officer, chief information officer, and the head of HR, general counsel, and many others. There is quite a lot of inter-connectedness in the work we do – you have to be able to recognize where things overlap, and work to build and maintain those relationships.