This topic provides an overview of CME’s Australian Trade Repository (ATR) which is a licensed trade repository under the Corporations Act 2001 (Cth). It details supporting functions, workflows, message flows, and interfaces to allow registered Users to submit and retrieve swap data to with the ATR. The ATR leverages the existing CME repository and clearing services connectivity, functionality and processes in order to accept, store and report swap data.

Revision History

DateVersionDescription
November 1, 20151.0Initial publication
April 23, 20192.0

Replaced PDF with wiki.

Added FAQ and sFTP details.

Prerequisites

This topic assumes that the user has basic trade repository workflow knowledge. For more information, please refer to the relevant Australian derivatives regulations.

Access to the CME ATR

Registering for ATR Test Environment Access

To assist clients with preparation for Australian reporting requirements, CME ATR has created a Test Environment. Access to the Test Environment can be granted prior to execution of the CME ATR User Agreement by completion of an informational form located at cmegroup.com/ATR.

Production Environment access may only be granted to Users and Service Providers with completed registrations and Legal Agreements. A full ATR User registration also includes access to Test Environment. Service Providers do not have a Test Environment-only option, and must sign the full Service Provider Agreement, which includes test environment access.

Steps for CME ATR Test Environment access include:

  1. Complete the ATR User Agreement or Test Environment form (single form to gain access to any of CME’s Global Trade Repositories) at www.cmegorup.com/ATR. Fill out the registration form electronically (do not print and complete).
  2. Upon completing the registration; use the forms’ submit button and your system’s default email program will prepare an email to the ATR Registration If you prefer a different email program to send in the form, you may copy the email attachment and email address into that preferred program.
  3. Once the form has been received, CME will process the Upon completion, CME ATR will send an e-mail to the administrator contact confirming the registration and provide information on how to get started.
The URL (atruinr.cmegroup.com) for the test environment is different than that of the production environment.

For assistance during or following the registration process; please contact CME Global Repository Client Services at repositorysupport@cmegroup.com.

Registering for ATR Production Environment Access 

Production Environment access is only granted to fully registered Users and Authorized Service Providers. The following steps outline the registration process required to submit and to access derivative data to CME ATR for Australian reporting compliance.

  1. Obtain a Legal Entity Identifier (LEI)
    1. A LEI is strictly required at the time of full A LEI is required for each separate legal entity for who data will be submitted or retrieved for from the CME ATR. Users may acquire a LEI through one of the authorized LEI issuers listed at http://www.leiroc.org. A LEI obtained previously for a legal entity to satisfy other business purposes (including trade reporting in a different global jurisdiction) may be used in the CME ATR registration so long as the issuer is recognized on the LEI ROC website.

      CME Central Counterparty (CCP) LEI’s provided for reference:

Chicago Mercantile Exchange Inc. (US Clearing House)

CME LEI: SNZ2OJLFK8MNNCLQOF39 
CME UTI Namespace: 1010000023

2. Execute the CME Repository Services User Agreement (User Agreement or Service Provider Agreement)

User Agreement – Entered into by a party to a derivatives transaction; the Agreement enables the Registered User to (1) submit (2) analyse/filter (3) extract and (4) authorize their counterparty or service provider (not a party to the transaction) to view its derivative data stored in CME ATR. In order to execute the CME ATR User Agreement:

  • Download the agreement from the CME ATR website www.cmegroup.com/ATR. Complete the user agreement and click the send button to electronically submit the agreement (via the SUBMIT button at the form end) to the CME ATR Registration team.
  • The User Agreement will be processed by CME ATR Registration. A notification of receipt of the submission is provided and a subsequent notification is sent when the registration has been completed. In the registration complete email, instructions are provided on how to contact the CME registration team to receive the login information over the phone (for security reasons). A required form as part of CME ATR Firms are required to specify at least one Verification Officer upon registration. The Verification Officer will act as the account administrator, approving any new requests or access modifications, etc. In addition to a Verification Officer regular Users can also be requested. Verification Officers have a choice of admin roles or view only roles. Admin roles allow users to upload, amend and view while a View Only role allows for read only access to the ATR.

Service Provider Agreement – Applies to entities which are not party to the trade and are providing services to facilitate the trade report in some capacity on behalf of one or both of the obligated counterparties to the reportable derivatives trade. Parties interested in a Service Provider registration should contact CME ATR at repository@cmegroup.com.

Additional User Access Requests

Once registered, accounts may authorize additional users to access the data (i.e. internal staff, fund administrators, other intra-group entities, etc. Please follow the instructions on the additional user access request form located at cmegroup.com/ATR.

Access Levels

CME ATR Administrator:

  • Rights to create, modify and remove user accounts
  • Rights to view data for all accounts
  • Rights to upload data for all accounts
  • Rights to run all reports and download the results for all accounts

CME ATR Full Access:

  • Rights to view data for accounts
  • Rights to upload data for accounts
  • Rights to run all reports and download the results for accounts

CME ATR View Only Access:

  • Rights to view data for accounts

Trade Submissions to CME ATR

Swaps may be submitted to CME ATR via the following methods:

Format

Transport

CSV File

Website upload

CSV File

HTTPS web services

CSV File

sFTP

Transport Overview

Web User Interface

Users or service providers may use the CME ATR secure web User Interface (UI) to upload CSV formatted files. On-screen confirmations are provided on acceptance or identify required corrective actions. Full documentation on this option (including the asset class specific CSV templates and samples) are available online.

Web Services

CME ATR allows programmatic submissions, cancellations, and amendments via secure https web services. This web service submission facilitates connection to the CME ATR via the internet, removing the need for any other type of connectivity infrastructure (such as MQ). CSV formatted data may be passed via this transport method. Full technical details are available below:

Authentication TokenRefer to Generate Authentication Token
Data Capture Generate

Contact repositorysupport@cmegroup.com

Importing Certificate in Local Java KeystoreRefer to Importing Certificate in Local Java Keystore
Submitting CSV Message FileRefer to CSV Specs here

URLs

SFTP

Secure File Transfer Protocol (SFTP), is a method of transferring data between to end points using strong encryption and authentication.  We utilize this to allow confidential and easy transfer of files between our clients and our CME Repositories. 

Getting Access to SFTP

New Client

For any client who wishes to use CME for their TR needs they will need to complete a User Agreement,  within this agreement they will be presented the below question to which you must select “Secure FTP CSV” (to note you can select as many methods as you like or specify none for view only access if someone is reporting on your behalf)

 Fig.1 Taken from ATR User Agreement

 Once onboarding is complete Client Services with provide your chosen Verification Officer the folder Username & Password.

Existing Client

Please have your Verification Officer reach out to  repositorysupport@cmegroup.com with your request to have an SFTP folder and then someone will reach back out to your Verification Officer with the folder Username & Password.  Note, if your firm has a pre-existing SFTP folder for other CME business services, another SFTP account will still need to be created specifically for your firms CME Repository submissions.

Technical Set-Up Information

CME supports file transfer through Secure FTP available via Wide Area Network connection as well as via the Internet. Please have your IT Staff facilitate the below connectivity and provide access through your firewall for our IPs as required.

SFTP via CME WAN connectivity

This requires firms to have direct access to the CME network via circuit.

Production IP: 167.204.41.33 (port 22)

Disaster Recovery: Same as Production IP address above.
CME will whitelist IP addresses connecting via this method. A gateway range will have been provided to a contact within your firm when direct circuit access to CME was established.
In the event of a DR situation, the failover will not require firms to switch access or manage additional entries to their firewall.

SFTP via Internet

Web based without a direct connection to CME.

 When using SFTP, SSH encrypted software is required for the connection.
CME does not require firms to enter the internet based SFTP IP address into their firewall to access the site. CME only require users to utilize an sftp tool and a valid CME provided SFTP account and password.

Environment

IP

DNS

Port

Production

164.74.122.33

sftpng.cmegroup.com

22

Disaster Recovery

204.10.15.24

sftpng.cmegroup.com

22

UAT (testing)

164.74.123.120

sftpcert.cmegroup.com

22

CME Public Key Installation

CME allows the use of public/private key authentication. (SSH Public Key File format RFC4716).  Firms who require the use of public keys are responsible for the installation themselves.

Please note:  Public key may not be required as it is dependant of the connection method you use

CME uses SSH Public Key File Format (RFC4716)

The location of your public key should be installed to: 
“YOUR_CME_SFTPNG_HOMEDIR”/.ssh/”USERNAME”

Example, where username is “USERNAME”:
sftp> ls .ssh
.ssh/USERNAME

If you already have an RFC4716 Public Key file yet installed at CME
Here’s the steps, you’ll need to update the Public Key named “USERNAME” at CME:

1. Sftp to the site
2. Run the command, sftp> get .ssh/”USERNAME” where “USERNAME” is your login name.
3. Append new key(s) to the Public key file.
4. Put the key file up, sftp> put .ssh/”USERNAME” where “USERNAME” is your login name.

If you don’t have an RFC4716 Public Key file yet installed at CME
Here are the steps, you’ll need to have the Public Key file named “USERNAME” which contains the keys in the local directory on your source host in order for these steps to work:

1. ssh-keygen –t rsa –b 2048 –f id_rsa –N ‘’ && ssh-keygen –e –f id_rsa > USERNAME
2. sftp to the site
3. Put the key file up, sftp> put .ssh/”USERNAME” where “USERNAME” is your login name.
    NIST expects that a 2048 key size will be secure until 2030
    (http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf). You can opt for 4096, but it is not required.
    More about RFC 4716 https://tools.ietf.org/html/rfc4716

CME SFTP Directory and Path Structure

Regardless how firms connect to their CME sftp account, there are 3 default directories that each firm is provided when their sftp account is added. Each folder is utilized for a specific purpose as outlined below including the directory path, note that 123 represents the firm’s sftp account ID:

cme/ftp/123/Incoming (with upper case I)
cme/ftp/123/Outgoing (with upper case O)
cme/ftp/123/PUB (all upper case)

When a user logs into their sftp account, the default maps to the user account root directory where the above 3 folders securely accessed by the account. Firms then can navigate between the folders and sub-folders based on their data upload or download requests.

Incoming: Used for confidential data files submitted by firms to CME. Firms will upload the required files to the Incoming directory as required by CME.
Outgoing: Used for confidential files that CME makes available for firms. Firms will be able to download files when they are ready to be retrieved.
PUB: Used for shared files that CME makes available for firms into specific sub-directories. Firms will be able to download files when they are ready to be retrieved from the sub-directories.

Submitting Files to SFTP

The folder will have two sections: Incoming and Outgoing. Files must be dropped for upload into the incoming section, and reports can be pulled from the outgoing section. There will be a response file in the outgoing file which is prefixed with ‘res_’ to the data file.  There is an acknowledgment for each file; if the data is successful the response file will simply contain ‘success’.  If there are errors the response file will be larger and will contain ‘error’ and give a detailed message explaining the failure.  Duplicate submitted records are rejected with an appropriate error message and for every 1 file submitted into incoming there will be 2 files in outgoing (the original file submitted and the results file).  Files dropped in the incoming folder to upload in the TR should be asset class specific.

  • All submitted files must be in .csv format.
  • All response files will be in .txt format.
File Naming Convention for CSV files

Each file submission must begin with the asset class prefix as shown below, then any free text is allowed to follow to help clients identify their submission activity more effectively.  E.g. trade, position, amendments, date etc.

<<AssetClass>>_<<Free Text>>.csv

Examples:

IRS_CLC01_NEWTRD_20190331183400.csv (for Interest Rates)
FX_CLC01_NEWTRD_20190331183400.csv (for FX)
CDS_CLC01_NEWTRD_20190331183400.csv (for Credit)
CMDTY_CLC01_NEWTRD_20190331183400.csv (for Commodity)
EQUITY_CLC01_NEWTRD_20190331183400.csv (for Equity)
COLL_CLC01_NEWTRD_20190331183400.csv (for Collateral)

Generate Authentication Token

1. Login to https://atrui.cmegroup.com with your CME Group Login ID and password
2. Navigate to Submit>Generate Token menu as shown in screen shot below:


3. Enter your username and password and click “Generate Token”. It should give you your authentication code for using web service in Token text field. You will have to use valid username and password which is authorized by CME Repository Support Group during Registration. (Make sure you have already changed the temporary password provided during registration. You can use https://atruinr.cmegroup.com/atrui/ to change your temporary password. It will prompt you to change the password when you login first time)


4. You are ready to use this token for your web service client code to submit CSV messages to CME ATR. This token will be used as a value for http header name “Authorization” (Please refer to DataCaptureWSClient.java code ). 

Importing Certificate in Local Java Keystore

1. Open https://atrws.cmegroup.com/datacapture-ws/atr/submitCSV/CMDTY URL in IE.
2. Click on Lock image and click on View Certificate. You will see following dialog box

3. Open Certificate Path Tab and select VeriSign as shown in image below.

4. Select Details tab and click “Copy to File” and Click Next 


5. Select first format option of “DER encoded binary X.509 (.CER) on “Certificate Export Wizard” dialog and click Next as shown in below screen shot 

6. Specify file name and local path to store the certificate on your local machine (e.g C:/atrwsnr.cer)
7. Click Next and Finish. It will save the certificate locally on your machine in C:/etrwsnr.cer file which we will import to your local java keystore. 
8. Open DOS command window
9. Type following command at DOS prompt to create and import the certificate in local keystore.

keytool -import -trustcacerts -alias root -file c:/etrwsnr.cer -keystore c:/atrwsnr.jks
Hit Enter Key

10. It will prompt you for password for your keystore. Enter any password which you will be passing later to your Web Service client along with path to the keystore you will be creating (e.g password “trwsnrclient”). Hit enter key. Retype same password and hit enter key again. 
11. Type “yes” for Trust this certificate? [no]. Hit enter key. You should see last line as “Certificate was added to keystore” as shown in following screen shot. 

Additional Resources

See also: cmegroup.com/ATR

FAQs

1. Do I get a username for each person who wants to access to sFTP folder?

No, only one username is provided for the entire folder. This can be disseminated by the Verification Officer at their discretion

2. My Verification Officer has left the company, how do we assign a new one?

Please reach out to repositorysupport@cmegroup.com so that they can provide you the most up to date documentation to allow a new Verification Officer to be assigned in the absence of a previously appointed Verification Officer/

 3. How do I log into UAT/Testing environment?

You will use the same Username and password, but you will need to use the following Host:
sftpcert.cmegroup.com

 4. Why has our submitted file not moved from our firms ‘Incoming’ folder? 

Files and the resulting records in our SFTP directories will be processed in First in, First out (FIFO) order. The time of submission will determine file order written to the CME server. It is not uncommon for files to remain unprocessed for several hours during busy periods when there are lengthier file queues but if you have any concerns about how long your file has been unprocessed, please contact: repositorysupport@cmegroup.com

Contact Information

ATR Business Team - repository@cmegroup.com
ATR Support Team - repositorysupport@cmegroup.com
Chicago +1 312 580 5352
London +44 (0) 203 379 3180
Singapore +65 6593 5592

  • No labels