Hong Kong SFC Launches Security Review of Forex & Futures Brokers After Unauthorized Trading Tops $100 Million

The Hong Kong Securities and Futures Commission (SFC) has announced a review program to ascertain the “cybersecurity preparedness” of securities brokers. The SFC was spurred into action following multiple incidents of unauthorized securities transactions taking place on compromised trading accounts:
“In the past 12 months, 16 incidents were reported involving seven securities brokers and total unauthorized trades in excess of $100 million. These cases are under police investigation.”
The agency has issued a circular on how licensed securities brokers can deploy additional security procedures to thwart attacks on mobile and online trading infrastructure. As part of the review, the SFC will be issuing a questionnaire to small and medium equity, futures and forex brokers & traders.

Additionally, onsite inspections at certain brokerages will be carried out by the SFC to examine trading IT infrastructure and fraud prevention systems.

The SFC circular states:
“Special focus will be placed on protection of customer online trading accounts covering, inter alia, authentication, password policy and associated controls and training to staff and clients.”
Part of the review will also compare existing financial regulations in Hong Kong against those of other financial centers and jurisdictions. The finding of the review will be shared by the SFC in workshops and industry conferences.

While the SFC will be focusing on regulated financial entities in the legacy financial system, the agency’s initiative comes two months after one of the biggest thefts took place at Hong Kong-based BitFinex, a digital currency exchange, which lost close to $70 million worth of customers’ Bitcoin when its servers were breached by hackers.