U.S. Derivatives Regulator Adopts Cybersecurity Rules

Sept. 8 — U.S. derivatives regulators are expanding cybersecurity requirements for platforms that execute and clear swaps as part of a broader effort to protect markets against meltdowns.

Commodity Futures Trading Commission members voted Sept. 8 to approve new testing requirements for derivatives clearing organizations and some designated contract markets, as well as the swap execution facilities and data repositories that were created to boost transparency after the 2008 financial crisis.

As use of clearinghouses has grown, firms from JPMorgan Chase & Co. to BlackRock Inc. have said that more needs to be done to ensure that the clearinghouses don’t pose systemic risks. Cyberthreats may be the biggest danger to markets, CFTC Chairman Timothy Massad said in a statement before the vote in Washington.

“Instances of cyberattacks are all too familiar both inside and outside the financial sector,” Massad said. “They often are motivated not just by those with a desire to profit, but by those with a desire deliberately to disrupt or destabilize orderly operations.”

The CFTC’s move is the latest example of U.S. financial regulators’ efforts to thwart cyberthreats to the financial system. Under the agency’s rules, regulated entities will be required to test periodically for vulnerabilities, penetration, controls, response planning and risk assessment. They’ll also have to do a written assessment of enterprise technology risks.

Source:U.S. Derivatives Regulator Adopts Cybersecurity Rules