EvilCorporations.com • CFTC Docket No. 24-18 • 20 min read

The World’s Largest Custody Bank Hid Five Million Trades From Regulators. They Did It Twice.

The Bank of New York Mellon spent five years misreporting millions of swap transactions to federal regulators, violated a prior CFTC order requiring them to stop, and left non-English-speaking employees completely unsupervised. The fine: $5 million. BNY Mellon’s assets under custody: $49 trillion.

The Non-Financial Ledger: What Five Million Bad Trades Actually Mean

Start with the number. Five million. That is how many swap transactions the Bank of New York Mellon reported incorrectly to federal regulators over five years. It’s a figure so large it stops feeling real, which is exactly how the financial industry likes it. Abstract the harm behind enough zeros and people stop asking who got hurt.

So let’s make it concrete. Swap reporting rules exist because of what happened in 2008. The derivatives market, a sprawling shadow system of bets between banks, was almost entirely invisible to regulators. No one knew who owed what to whom. When it collapsed, it nearly took the entire global economy with it. The Dodd-Frank Act was supposed to fix that by requiring every swap transaction to be reported to a regulated database so the government could actually see the risk building in the system. That is the reporting system BNYM broke. For five years.

This is not a paperwork story. When the data in those repositories is wrong, regulators cannot accurately measure how much risk is piling up in the financial system. They cannot see if a bank is over-leveraged. They cannot spot a crisis forming. The whole point of the post-2008 reform architecture is early warning. BNYM corrupted that warning system for half a decade.

And the public is supposed to have access to this data too. Swap reporting rules require that transaction data be publicly published so that ordinary people, journalists, academics, and advocates can see what is happening in the derivatives market. The data BNYM submitted was wrong. The public record was wrong. For five years.

The bank also had traders who were not being monitored at all. A substantial percentage of BNYM’s Associated Persons, the traders and brokers conducting its swap dealer business, were based outside the US and UK and communicated in languages other than English. The bank had no written policies, no foreign-language monitoring tools, nothing in place to supervise those communications. That means deals could have been made, terms could have been set, and nobody in compliance would have known. There is no finding in this order that those unmonitored traders did anything wrong. But the whole reason you supervise is so you find out before something catastrophic happens. BNYM skipped that step entirely.

Then there is the repeat offender problem. In 2019, the CFTC explicitly ordered BNYM to stop misreporting swaps and fined them $750,000. The bank paid the fine, signed the consent order, and then kept misreporting, on millions of occasions, for four more years. The 2024 order is blunt about this: many of the violations in this new case also constitute a direct violation of that 2019 order. A federal regulatory order. Violated. Repeatedly. For years. The consequence was a $5 million civil penalty. No executives were named. No licenses were revoked. No trading was suspended. The world’s largest custody bank paid the equivalent of what it likely earns in fees in a single hour and walked away.

Who pays when the warning system fails? Not BNYM’s executives. Not its shareholders in any meaningful sense. The people who pay are the ones who have no seat at the table when the next crisis hits. Workers whose pensions are tied up in markets regulators cannot properly see. Homeowners whose credit depends on a stable financial system. Communities that get crushed when banks blow up and governments are forced to choose between bailouts and austerity. The $5 million fine does not compensate any of them. It goes to the government. And next time the same scenario plays out, BNYM will have the same financial incentive structure it has today: the cost of getting caught is trivially small compared to the cost of building a compliance system that actually works.

Legal Receipts: What the CFTC Order Actually Says

These are direct quotes from CFTC Docket No. 24-18, signed August 26, 2024. BNYM admitted all findings as a condition of settlement.

“During the Relevant Period, which spanned an approximately five-year period, BNYM: (i) repeatedly failed to correctly report millions of swap transactions to a registered Swap Data Repository (‘SDR’); and (ii) failed to properly supervise its swap dealer business as required by the Act and Regulations.”

• This is BNYM’s own admission, not an allegation. They consented to this language as part of the settlement. “Millions of swap transactions” and “repeatedly” are the operative words. This was systemic and chronic, not accidental and isolated.
• The twin failures, bad reporting and inadequate supervision, are legally distinct violations. The CFTC found both, meaning the reporting failures were not just a technology glitch but evidence that the entire supervisory architecture was broken.

“Many of BNYM’s significant reporting failures also constituted a violation of the Commission’s order against BNYM issued on September 30, 2019… which ordered BNYM to cease and desist from further violating Sections 2(a)(13)(G) and 4r(a)(3) of the Act.”

• BNYM was already under a federal cease-and-desist order when these violations were occurring. Violating a CFTC order is a separate legal offense layered on top of the underlying violations. This is confirmed in the findings section of the 2024 order.
• The 2019 order covered the period from December 2012 through 2018. The 2024 order covers 2018 through 2023. There is no gap. The violations are continuous, spanning over a decade total.

“BNYM had no written policies or procedures to: (i) monitor the voice communications of its Associated Persons (‘APs’); and (ii) monitor the e-communications of its APs that communicated in languages other than English, in order to ensure its APs were complying with the Act and Regulations.”

• Not “inadequate” policies. No policies. For voice calls, there was nothing written down. For non-English communications, there was nothing written down. This is a swap dealer with global operations and no documented process for supervising a substantial percentage of its own workforce.
• The CFTC notes that a “substantial percentage” of BNYM’s Associated Persons were based outside the US and UK and communicated in languages other than English. The bank’s compliance infrastructure was, in practice, English-only, in a business with international reach.

“From at least April 2019 through February 2023, BNYM reported more than 7,000 FX bunched trades as FX forwards, notwithstanding that the trades were security conversion transactions that should have been excluded from reporting.”

• This is not a data entry typo. These transactions were of the wrong category entirely. For nearly four years, thousands of trades were misclassified and reported under the wrong regulatory framework. This type of error distorts regulators’ understanding of market composition and risk exposure.

“BNYM failed to fully monitor the e-communications of a small number of APs who were mistakenly placed in a surveillance queue in a jurisdiction other than their home jurisdiction which prevented their communications from being flagged for surveillance by the APs’ supervisors.”

• Traders were assigned to the wrong monitoring system. Their messages went to a compliance queue that their own supervisors never reviewed. This is the kind of structural gap that, in a worst-case scenario, lets misconduct go undetected for years. The order does not allege that those specific traders did anything wrong, but the absence of oversight means there is no confirmed answer either way.

What You Were Told vs. What Was Actually Happening

Post-2008 financial reform rested on a specific promise: derivatives markets would be transparent, reported, and regulatable. Here is what that promise looked like against what BNYM delivered.

Societal Impact Mapping

Public Health of the Financial System

Swap reporting is post-crisis infrastructure. Every failure degrades the system designed to prevent another 2008. Here is what the documented failures mean in concrete terms.

• Regulators rely on swap repository data to monitor systemic risk in real time. With five million transactions misreported, the CFTC’s risk surveillance picture was distorted for a five-year stretch by data from the world’s largest custody bank.
• Valuation data failures, specifically the use of the wrong discount methodology for all FX trades from 2018 through 2023, mean that the mark-to-market values submitted to the federal repository were systematically inaccurate. Regulators watching for over-leveraged positions would have been reading the wrong numbers.
• The “U.S. Person” indicator failures, affecting hundreds of thousands of FX transactions and approximately 60% of IR swap transactions, matter because U.S. person status determines which regulatory rules apply to a given trade. Wrong indicators mean wrong jurisdictional assignments, undermining cross-border regulatory oversight.
• The public reporting provisions of the Dodd-Frank Act, written specifically so ordinary people can see derivatives market activity, were fed corrupted data for the duration of the Relevant Period. Anyone using that public data for research, journalism, or policy analysis was working with a false picture of BNYM’s swap market activity.
• The supervision failures, particularly the complete absence of policies for monitoring voice calls and non-English communications, represent a structural gap that existed across the full five-year period. There is no way to know what was communicated through those unsupervised channels because no one was required to look.

Economic Inequality: Who Bears the Cost

The fine is paid by BNYM’s shareholders and customers. The risk created by broken reporting falls on everyone else.

• The $5 million penalty represents a fraction of a percent of any reasonable estimate of BNYM’s revenue or fee income. For a bank holding custody of approximately $49 trillion in assets, this is not a deterrent. It is a line item.
• The original 2019 fine was $750,000. The 2024 fine is $5 million. Measured against the scale of repeat violations, the fine increased by less than the inflation rate on a per-violation basis. The financial industry’s calculation that non-compliance is cheaper than compliance is reinforced, not challenged, by this enforcement outcome.
• No individual at BNYM was charged, fined, suspended, or named in the order. The institutional penalty is borne diffusely by shareholders, while the compliance officers, managers, and executives who oversaw a decade of violations face zero personal accountability.
• The populations most exposed to systemic financial risk, working-class people with no financial cushion, renters, hourly workers, communities of color with less accumulated wealth, have the least ability to absorb the damage from a financial crisis that a functional reporting system is supposed to help prevent. BNYM’s broken reporting made that prevention harder for five years.
• BNYM’s non-English-speaking Associated Persons, the traders who were conducting the bank’s swap dealer business in languages other than English, were themselves the ones left unmonitored. The compliance failure falls hardest on the part of the workforce the institution built its global business on but apparently did not invest in adequately supervising.

The “Cost of a Life” Metric

No One Was Watching: How the Supervision System Failed

The CFTC’s order describes three distinct supervision failures running in parallel. Together, they left a significant portion of BNYM’s swap dealer operations effectively unmonitored.

What Now? Who to Watch and What to Demand

BNYM is back under a new cease-and-desist order, now has an independent compliance consultant reviewing its systems, and must report back to the CFTC within 180 days of the August 2024 order. Here is who is responsible and what pressure looks like.

Who Runs This Institution

• The order names no individual executives. Per CFTC Docket No. 24-18, the responsible corporate entity is The Bank of New York Mellon, the world’s largest custody bank and asset servicing company, with swap dealer activity centered in its Markets Group.
• The order requires BNYM’s Chief Compliance Officer and another senior officer to personally certify the remediation report submitted to the CFTC within 180 days of August 26, 2024. Those names are not disclosed in the source material: [REDACTED – Not in Source]. The certification requirement is the one mechanism for individual accountability in this order.

Watchlist: Regulatory Bodies with Jurisdiction

• CFTC (Commodity Futures Trading Commission): Primary enforcer. Issued both the 2019 and 2024 orders. Has ongoing jurisdiction over BNYM’s swap dealer registration, reporting compliance, and fulfillment of the 180-day remediation report requirement. Contact and complaint portal: cftc.gov.
• DOJ (Department of Justice): Has authority to bring criminal charges for financial fraud. The CFTC order is civil only. No criminal referral is mentioned in the source material. The repeated nature of these violations and the scale of the 2019 order violation are the kind of facts that support a call for DOJ review.
• SEC (Securities and Exchange Commission): BNYM is also a registered investment advisor and custodian for mutual funds, ETFs, and pensions. Swap reporting failures that distort valuations have implications for securities law. The SEC’s examination and enforcement divisions have independent jurisdiction over BNYM’s investment management activities.
• OCC (Office of the Comptroller of the Currency): The OCC charters and supervises BNYM as a national bank. Systemic compliance failures at a bank of this scale are within OCC’s supervisory mandate.
• Federal Reserve: BNYM is a systemically important financial institution (SIFI). The Fed has supervisory authority over BHCs and is responsible for assessing systemic risk. A decade of corrupted swap reporting data at the world’s largest custody bank is a systemic risk concern.

Grassroots Resistance and Mutual Aid

• Demand named accountability. Contact your Congressional representatives and ask them to push for legislation requiring that executives who sign off on compliance certifications face personal liability when those certifications prove false. The CFTC’s current framework fines the institution. Individual managers walk away whole.
• Follow the 180-day clock. By late February 2025, BNYM was required to submit its remediation report to the CFTC. Use FOIA (Freedom of Information Act) requests to the CFTC to obtain that report when it becomes available. Demand it is made public.
• Support financial reform organizations doing the legal and policy work to close the deterrence gap: Americans for Financial Reform (AFR), Better Markets, and the Project on Government Oversight (POGO) all track financial industry enforcement and lobby for stronger penalties.
• If you work in financial services, know that the CFTC operates a whistleblower program that awards between 10% and 30% of sanctions over $1 million to people who provide original information about violations. BNYM’s compliance gaps may not end with what is documented in this order. The CFTC Whistleblower Office is at cftc.gov/whistleblower.
• Pension holders and union members whose funds are custodied at or managed through BNY Mellon should raise these findings with their fund trustees and demand to know what due diligence the fund conducts on its custodian’s regulatory compliance record.