For years, firms operating in CFTC (and SEC) regulated markets have faced an enforcement environment defined as much by optics as by outcomes. Large, headline-grabbing penalties (often tied to technical or recordkeeping breaches) have shaped compliance priorities, sometimes blurring the line between meaningful misconduct and procedural missteps.
That era is now, by the CFTC’s own admission, over.
In remarks delivered on March 13, 2026, the newly appointed Director of Enforcement, David Miller, confirmed the decisive shift in regulatory philosophy: away from broad, policy-setting enforcement actions and back toward the Division’s core mandate — policing fraud, manipulation and abuse.
This is not deregulation. It is refocusing — and, in many ways, a raising of the bar.
A Return to First Principles
Miller’s message is clear: enforcement will prioritize conduct that undermines market integrity, not technical breaches that, while important, do not in themselves distort markets or harm participants.
To that end, the Division has outlined five priority areas:
- Insider trading (including in prediction markets)
- Market manipulation
- Market abuse and disruptive trading practices
- Retail fraud
- Willful breaches of AML and KYC obligations
At a glance, this looks familiar, almost orthodox. And that is precisely the point. The CFTC is reasserting its role as a conduct regulator, not a policymaker through enforcement.
For firms, this shift places renewed emphasis on the ability to demonstrate effective oversight, showing not just that controls exist, but that they are capable of identifying genuinely harmful behavior, and that decisions and actions taken can be clearly evidenced.
Insider Trading: Reframed for Modern Markets
Perhaps the most notable clarification lies in how the CFTC intends to approach insider trading, particularly in prediction markets. Unlike equities markets, CFTC-regulated markets are not disclosure-based. There are no “insiders” in the traditional sense. Instead, enforcement hinges on the misappropriation of material non-public information.
In practical terms, this means:
- Trading on information you legitimately possess is permissible
- Trading on information in a breach of duty to the source is not permissible
This distinction becomes especially relevant in prediction markets, where participants may have the ability not only to anticipate outcomes, but to influence them.
Miller directly addressed what he described as a persistent myth — that insider trading laws do not apply in these markets. They do. And the CFTC intends to enforce them.
From a surveillance perspective, this introduces a more nuanced challenge: detecting not just unusual trading, but the context in which information is obtained and used. Increasingly, that requires connecting trading activity with communications, behaviors and access to other information. In essence, bringing together multiple data sources to form a coherent picture of risk.
At the same time, the boundaries are subtle. A participant who trades based on their own knowledge or actions may not fall foul of insider trading rules. But, if they subsequently act to create the outcome they have traded on, the conduct may instead constitute market manipulation.
Manipulation, Abuse and the Mechanics of Markets
The second and third priorities (market manipulation and market abuse) reinforce a long-standing regulatory focus, but with renewed emphasis.
Manipulation, particularly in energy markets, is singled out as uniquely harmful due to its broader economic impact. Price distortions in these markets do not remain contained; they ripple across supply chains and into inflation in the wider economy.
Alongside this, traditional forms of market abuse (spoofing, wash trading, disruptive trading practices) remain firmly in scope. These behaviors may be technical in execution, but their impact is anything but: they erode trust, distort price signals and undermine the efficiency of markets.
For firms, the implication is straightforward: detecting these behaviors consistently requires more than static, rules-based approaches. It increasingly depends on the ability to identify patterns, anomalies and intent across large volumes of activity (often through more adaptive, data-driven surveillance capabilities).
Old Frauds, New Tools
Retail fraud, the fourth priority, reflects a different kind of evolution.
As Miller noted, the underlying schemes are not new. But the tools are. AI-generated content, highly targeted social engineering and increasingly sophisticated digital impersonation tactics are amplifying both the scale and credibility of fraud.
The implication is clear: while the nature of misconduct may remain constant, the detection challenge is becoming significantly more complex.
For firms, this means moving beyond traditional typologies toward approaches that combine transaction monitoring, behavioral insights and broader contextual signals to identify suspicious activity earlier and more accurately, particularly as fraud spans multiple channels and touchpoints.
AML and KYC: From Technical Breaches to Intent
The fifth priority marks a subtle but important shift.
The CFTC has not deprioritized AML and KYC obligations. But it has reframed how breaches will be assessed. Isolated or technical failures are unlikely to attract the same enforcement focus as before. Instead, attention will center on willful or repeated violations.
This distinction matters. It suggests a move away from penalizing imperfection, towards targeting intent and systemic weakness.
But it would be a mistake to interpret this as leniency. Firms that demonstrate recklessness, or indifference to compliance obligations, should expect scrutiny (and sanction) to follow.
In practice, this places greater importance on maintaining a holistic view of customer risk and activity over time, ensuring that red flags are not just identified, but consistently escalated, investigated and addressed.
Cooperation: A New Incentive Structure
Alongside these priorities, Miller also previewed a revised cooperation framework, one that introduces a clearer, and more demanding, pathway to declination.
The principle is simple: self-report promptly, cooperate fully, remediate completely, and absent aggravating factors, a declination is within reach.
The reality is more exacting. Cooperation is described as binary: firms are either “all in” or not cooperating at all. Partial engagement will not suffice.
For organizations, this raises the stakes around internal detection and decision-making. The window for self-reporting closes quickly (often before all facts are known), and the commitment required once engaged is significant.
This, in turn, reinforces the need for timely escalation frameworks, clear audit trails and the ability to investigate potential issues quickly and with confidence, supported by well-structured case management and documentation processes.
This approach is consistent with revised self-reporting and cooperation policies recently issued by the SEC and the Department of Justice.
What This Means in Practice
Taken together, these developments point to a more focused (but not lighter) enforcement environment.
For compliance and surveillance teams, the implications are twofold. First, the fundamentals matter again, arguably more than ever. This “back to basics” approach will feel familiar, and in many ways welcome, to experienced compliance professionals. But it also demands greater precision in identifying the behaviors that truly matter.
Second, technology is no longer optional. Miller’s remarks implicitly recognize that as fraud and market abuse become more sophisticated, so too must the tools used to detect them. Firms that can bring together trading surveillance, communications monitoring and financial crime controls into a more unified, intelligence-led framework will be better positioned, not only to detect risks earlier, but to demonstrate effective oversight when it matters most.
A Quiet Rebalancing
The end of “regulation by enforcement” does not signal a retreat by the CFTC. Rather, it reflects a rebalancing — away from using enforcement to shape policy, and towards using it to uphold market integrity.
For firms, this should bring greater clarity, but not complacency. The rules have not become simpler. But the priorities have become clearer.
And in a landscape where misconduct is evolving as quickly as the technologies used to detect it, that clarity ultimately raises a single, defining question: can you identify, and act on, the risks that truly matter?
Interested in what this could mean for your organization? Speak with NICE Actimize regulatory experts to explore how evolving enforcement expectations may impact your surveillance, compliance, and risk frameworks.