Hong Kong brokerages rush to comply with new SFC rules on cyber risks

Maria Nikolova

As the deadline for implementing 2FA approaches, brokers rush to inform their clients of the changes.

A growing number of Hong Kong online trading companies are seeking to comply with the new rules outlined by the Securities and Futures Commission (SFC) on cyber risks.

Brokers like Monex Boom and Z.com have informed their clients of the coming changes that wil make “Two-factor authentication” (2FA) mandatory.

Monex Boom Securities (H.K.) Ltd., a part of Monex Group, Inc. (TYO:8698), said on its website that “Two-factor authentication” account login will be launched on April 21, 2018. All clients will need to provide the One-time Password (OTP) along with the current login password for account login. Clients can set up the “MONEX BOOM Authenticator” App to get their OTP.

Guotai Junan International Hold. Limited (HKG:1788) has also informed its customers about the new requirements. Starting from 23 April 2018, the clients of the broker are required to receive “One-Time Password (OTP)” through registered mobile phone number or email address for the implementation of two-factor authentication, in response to the guidelines of cybersecurity announced by the Securities and Futures Commission of Hong Kong. Clients must enter valid account number, login password and OTP when login to an account.

Phillip Securities (HK) Ltd is also complying with the new rules by offering its clients to make use of PHK Key, a security code generator developed by the company to provide two-factor authentication for online trading. The PHK Key further enhances security and fulfills mandatory requirement by regulators on 2FA.

GMO-Z.com Forex HK Limited has also published a notice on its website about the changes. The company will implement 2FA from April 21, 2018. In order to enforce preventive measures against hackers, 2FA token generated by Google Authenticator app installed on one’s smartphone (i.e., “what you have” factor) is required when logging in to the broker’s FX trading platform.

Other Hong Kong-focused brokers like Rakuten Securities have also informed their clients of the pending changes.

The mandatory requirement for 2FA applies to companies engaged in:

  • Type 1 regulated activity (dealing in securities);
  • Type 2 regulated activity (dealing in futures contracts);
  • Type 3 regulated activity (leveraged foreign exchange trading);
  • Type 9 regulated activity (asset management).

The 2FA requirement is set to come into effect on April 27, 2018. There are other rules too but they will be implemented a bit later – on July 27, 2018.

The new rules concern data encryption of sensitive information such as client login credentials (ie, user ID and password) and trade data during transmission between internal networks and client devices.

A licensed or registered person should also establish and implement effective policies and procedures to ensure that a client login password is generated and delivered to a client in a secure manner during the account activation and password reset processes. The entities should have in place stringent password policies and session timeout controls and should deploy a secure network infrastructure.

The rules also require from online trading companies to outline contingency plans for cyber incidents. The companies should make all reasonable efforts to cover possible cyber-attack scenarios such as DDoS attacks and total loss of business records and client data resulting from cyber-attacks (eg, ransomware) in the contingency plan and crisis management procedures.

Read this next

Digital Assets

Masa and LayerZero: Bridging Blockchains for Data Sovereignty

Masa Network is poised to revolutionize the personal data landscape with its upcoming launch as a cross-chain platform, making it accessible on a variety of blockchains right from the start.

Digital Assets

Big Time Generates over $100M in Revenue since Preseason

Innovative game developer Big Time Studios announces that its highly anticipated free-to-play multiplayer action/MMO RPG Big Time, has generated $100M in revenue. According to the team, players transacted a total volume of over $230M, without selling a single token.

Digital Assets

Centralized exchanges are 10 times more popular than DEXs in Western Europe

Western European traders are found to prefer centralized exchanges over decentralized ones as CEX traffic outpaces DEXs by a factor of ten.

Market News

Stock Market Analysis: Is NVDA Losing Its Leadership?

Since the beginning of the week, the S&P 500 Index (US500) has seen a modest increase of about 0.58%, whereas NVDA’s share price has experienced a decline of approximately 3.8%. This recent divergence raises concerns among Nvidia stock investors — could it signify a loss of NVDA’s market leadership?

Industry News

ESG: Australian regulator wins first greenwashing court case against Vanguard

Vanguard admitted that a notable portion of the securities within both the Index and the Fund did not undergo the promised ESG scrutiny.

Fintech, Uncategorized

BitMEX integrates HALO from Solidus Labs for cross-market surveillance

“The recent approval of the Spot Bitcoin ETF has piqued the market’s interest. As a result of price volatility, the trading volumes for crypto derivatives have gone up substantially. HALO, with its advanced technology and crypto-native detection architecture, will enable BitMEX to smoothly and safely scale trade surveillance across its increased trading volumes and provide the necessary safeguards for new product launches.”

Reviews

IUX Broker Review

IUX, recently rebranded from IUX Markets, stands as a multi-asset Forex broker recognized for its regulatory compliance across various jurisdictions.

Industry News

Horizon Software rebrands to Horizon Trading Solutions

“Horizon Trading Solutions has seen accelerated global growth over the past year to meet the rising demand for our trading solutions and built-for-purpose technology offering. The choice to rebrand represents a key part of this development, while maintaining our heritage and history in the industry.”

Market News

USDJPY has surged to levels last witnessed in 2022. Should we consider opening a short position?

The recent resurgence of the US dollar has propelled USD/JPY to new heights, touching levels not seen since 2022. This surge comes against the backdrop of stable short-term yields and ongoing economic data that fails to signal a significant slowdown, prompting questions about the extent of current monetary easing measures.

<