Commodity Futures Trading Commission

On March 2, 2020, the Payment Integrity Information Act of 2019 (PIIA) repealed the Improper Payments Information Act of 2002 (IPIA), the Improper Payments Elimination and Recovery Act of 2010 (IPERA), the Improper Payments Elimination and Recovery Improvement Act of 2012 (IPERIA), and the Fraud Reduction and Data Analytics Act of 2015 (FRDA). PIIA is comprehensive payment integrity legislation that incorporates all prior payment integrity legislation into one Act. PIIA is implemented by OMB Circular A-123, Appendix C, Requirements for Payment Integrity Improvement. Appendix C requires Federal agencies to perform a risk assessment and review of each low-risk program and activity at least once every three years to identify programs that may be susceptible to significant improper payments, perform statistically valid testing of programs considered high risk, and develop and implement corrective action plans for high-risk programs.
The Commission has identified two programs—Operations and Administration and Whistleblower Payments—that have annual outlays exceeding $10 million. The Commission performs a risk assessment for both of its major programs every three years as required by OMB Circular A-123, Appendix C. The last risk assessment was completed for both programs in October 2025 covering FY 2025 outlays for the period October 1, 2024, to September 30, 2025.
As part of each risk assessment, the Commission reviews the risk factors for improper payments and completes a Risk Score Card for each program. The risk factors considered by the Commission include how long the program has been in operation; the complexity and volume of disbursements transactions; source of payment eligibility decisions; recent major changes in program funding, authorities, practices, or procedures; level, experience, and quality of training for personnel responsible for making program eligibility determinations or certifying that payments are accurate; and whether there have been any significant deficiencies disclosed in the audit reports of the Commission.
Each of these risk factors are evaluated against the Commission’s internal controls and assessed by testing key internal controls as part of the Commission’s robust Federal Managers’ Financial Integrity Act of 1982 (FMFIA) internal controls process. A score of High, Moderate, or Low risk is assigned to the overall risk for each program as well as the likelihood and impact of an improper payment. In the risk assessment, both the Operations and Administration and Whistleblower Payments programs were identified as having a low risk of making an improper payment. Although, some payment decisions for the Operations and Administration program are delegated to regional offices, along with the high level of training required for personnel in both programs, the overall risk assessment scored low due to the low risk associated with the complexity of the program, and the low volume of payments made annually.
For FY 2025, CFTC’s most significant payments were for payroll and benefits for its employees, which are administered by the U.S. Department of Agriculture’s National Finance Center (NFC) and the Office of Personnel Management (OPM), and payments to vendors for goods and services used during normal operations. CFTC’s other most significant payments are for monetary awards to eligible whistleblowers who voluntarily provided the CFTC with original information about violations of the CEA that led the CFTC to bring enforcement actions that resulted in monetary sanctions exceeding $1 million.
Significant erroneous payments are defined as annual erroneous payments in the program exceeding both $10 million and 1.5 percent, or $100 million of total annual program payments. Although the Commission disbursed $14.3 million in whistleblower payments during FY 2025, the review of each individual award by the Commission’s Claims Review Staff as well as multiple approval levels limits the likelihood that the whistleblower award program would be susceptible to significant improper payments. In addition, based on the results of transaction testing applied to a sample of FY 2025 vendor payments, consideration of risk factors, and reliance on the internal controls in place over the payment and disbursement processes, the Commission has determined that its programs and activities carried out in the normal course of business have a low risk of being susceptible to significant improper payments at or above the threshold levels set by OMB.
Appendix C of Circular A-123 states that the Commission is not required to determine a statistically valid estimate of erroneous payments or develop a corrective action plan if the program is not susceptible to significant improper payments. Appendix C also states that if a low-risk program experiences a significant change in legislation and/or a significant increase in its funding level, agencies are required to re-assess the program’s risk susceptibility during the next annual cycle, even if it is less than three years from the last risk assessment. The Commission regularly reviews any changes to its programs in between preparing formal risk assessments to identify whether a new risk assessment should be conducted.