Hong Kong regulator outlines new cyber security requirements for online trading firms

Maria Nikolova

The measures proposed include two-factor authentication for clients, as well as stringent password policies, after study shows a steep rise in cyber security incidents.

Cyber security is one of the issues on the agenda of financial market regulators, with the latest example provided by the Hong Kong Securities and Futures Commission (SFC), which has earlier today published a Consultation Paper on enhanced cyber security requirements for Internet trading brokers. The proposed requirements concern securities dealers, futures dealers and/or leveraged foreign exchange traders, and seek to reduce hacking risks associated with Internet trading.

The baseline requirements, which include 20 cyber security control practices, concern three main areas:

  • Protection of clients’ Internet trading accounts;
  • Infrastructure security management;
  • Cyber security management and supervision.

For instance, brokers have to implement stringent password policies and session timeout controls in their internet trading systems. Also, they will have to introduce two-factor authentication for their clients, as well as rigid surveillance mechanisms to prevent unauthorized access to accounts.

Since hacking of Internet trading accounts, corporate websites and trading systems is the most serious cyber security risk faced by licensed corporations in Hong Kong, the SFC conducted a thematic review of the resilience to hacking risks of brokers engaged in Internet trading with the assistance of an external cyber security expert in late 2016. The review helped the regulator identify basic cyber security controls.

The consultation paper proposes to include these controls into guidelines to be issued under the Securities and Futures Ordinance (SFO).

Comments on the proposals are expected no later than July 7, 2017.

The proposals are released as data shows that the number of cyber security incidents handled by the Hong Kong Computer Emergency Response Team Coordination Centre of the Hong Kong Productivity Council reached 6,058 in 2016, up 23% from 2015. For the 18 months ended March 31, 2017, 12 licensed corporations (LCs) reported 27 cyber security incidents, with the bulk of them involving hackers getting access to customers’ Internet-based trading accounts with securities brokers. This unauthorized access has resulted in unauthorised trades totalling more than $110 million.

Read this next

Digital Assets

Binance executives sue Nigerian authorities over rights violation

Two senior executives from Binance have filed a lawsuit against against Nigeria’s national security adviser’s office and its anti-corruption agency, alleging violations of their fundamental rights.

Retail FX

Banxso announces 8.7% interest rate on deposits in South Africa

“With Banxso, they can enjoy the benefits of both worlds – earning competitive interest and having the freedom to trade, all within the same platform.”

Industry News

FINRA to publish transaction details in U.S. Treasury securities

“Consistent with our longstanding practice, FINRA is introducing greater transparency in a calibrated and careful manner, benefiting liquidity and resilience in this critical market while also mitigating potential information leakage concerns.”

Institutional FX

OpenYield launches “cheap and easy” fixed income trading for brokers

“We’re on a mission to make bonds cheap and easy to trade, and are excited about the opportunity to build generational capital markets infrastructure.”

Digital Assets

Sumsub and Mercuryo publish a guide for VASPs: “Mastering Travel Rule Compliance”

“At Sumsub, we’ve concentrated our efforts on filling the gap in understanding the complexity of Travel Rule regulation and helping organizations find the best solution to stay safe and compliant while minimizing costs and avoiding potential risks of non-compliance. This guide we created with Mercuryo, our trusted partner, is the ultimate navigation tool all VASPs can consult.”

Digital Assets

Bitget Wallet Leads with Record Swap Volume & New Crypto Innovations

This week, Bitget Wallet achieved a milestone by surpassing Metamask with a record 388,757 Swap order transactions, securing the global lead. The significant 7-day trading volume, almost 68,000 more than its rival, underscores its liquidity and user trust. This robust activity signals Bitget Wallet’s prominent role and reliability in the dynamic crypto market.

Digital Assets

Embarking on a Digital Currency Journey

Imagine you’ve stumbled upon a treasure map, leading you to untold riches hidden in the vastness of the internet. Instead of gold coins and jewel-encrusted goblets, this treasure comes in the form of digital currencies, the modern-day loot coveted by many.

Reviews

Traders Union Experts Share The Trading Analyst Review For 2024

Navigating options trading in rapidly shifting markets poses a considerable challenge. This is where options trading alert services become invaluable. They aid traders in keeping abreast of evolving opportunities and market trends. In this assessment, Traders Union experts scrutinize The Trading Analyst alert service to ascertain its efficacy. 

Digital Assets

BlockDAG’s Presale Achieves $9.9M: Aiming For A 5000-Fold ROI As Cardano’s Price Rises And Fantom Launches Sonic

Explore Cardano’s surge, Sonic’s efficiency, and why BlockDAG’s growth makes it the top crypto choice. A deep dive into the future of blockchain investments.

<