The main US derivatives watchdog wants new cybersecurity rules as a recent attack on software firm ION Trading UK continues to rock the industry.
Rostin Behnam, chairman of the Commodity Futures Trading Commission, said recent events have underscored the need for more regulation. He added that information security threats were “a major and increasingly urgent problem.”
Over the past week, some in the derivatives industry had to manually settle trades and calculate margin requirements after the attack, which was blamed on the Russian Lockbit ransomware gang.
Ting Shen/Photographer: Ting Shen/Bloomber
The CFTC has said it is in close contact with the affected companies and announced it will delay a weekly staff report on aggregate holdings in different futures markets.
“As recent events have made clear, the industry’s increasing and necessary reliance on third-party service providers creates a significant source of risk for participants in our markets, a risk that only promises to increase with growth in access. virtual reality and cloud computing, Behnam said in prepared comments for a conference on Friday.
He added that the CFTC will begin work on regulations that could require futures and swaps traders to exercise increased due diligence and oversight of the third-party service providers they work with. The rule would be designed “to preserve the integrity, availability and confidentiality of critical systems and information,” Behnam said.
The ION system is used to settle derivatives trades around the world, particularly in the US, UK and Europe. The technology allows clients of banks and stockbrokers to trade in a semi-automated manner.
Like ION, Bloomberg LP, the parent company of Bloomberg News, also provides financial institutions with execution management solutions, connectivity to electronic marketplaces, and trading tools.
UK regulatory actions
The Financial Conduct Authority, the UK’s main regulator of markets, has indicated it wants a more direct reach into cybersecurity from some third-party software and service providers.
Legislation introduced last year in parliament would give the FCA new powers to supervise third-party service providers trusted by financial firms and financial market infrastructure providers.
Currently, the regulator cannot directly supervise service providers like ION, but it does regulate many of its clients, who must submit detailed contingency plans to ensure resilience in the event of cyberattacks.
“We are aware of this incident and will continue to work with our partners and the companies affected,” the FCA said in a statement.
cryptocurrency trading
During the speech on Friday, Behnam also said that the agency is considering new restrictions against insider trading for crypto markets on CFTC-registered exchanges.
The agency is considering whether exchanges that list crypto derivative contracts or are affiliated with crypto markets should adopt policies to restrict their employees from trading in certain cases.
CFTC staff recently spoke with exchanges to gather information on the limitations currently in place, he said.
— With the assistance of Katherine Doherty and Isis Almeida.
