The Last Look…
Posted by Colin Lambert. Last updated: October 10, 2023
Redundancy of technology has been a big part of the FX industry’s thinking for decades now – why was EBS created? To provide competition and redundancy for then-Reuters D2002 (Matching) – but in the post-trade space it has been less of a high-profile issue. This needs to change, and the signs are that it is, but will we actually achieve real redundancy and minimise Single Point of Failure (SPoF) risk?
It has never been easy to build an alternative to the major post-trade infrastructures in FX, for many years the post-trade was seen as a utility, therefore only really in need of one service provider. Post-trade didn’t make money, therefore why waste time, resources and money connecting to an alternative provider? Let the competition stay in the front office where it could help realise dollars – either in savings or revenues.
While there have been some visionaries who saw the need for redundancy in the post-trade space, and started developing services, it seems to have been a real struggle – but all that changed with the ION hack earlier this year. Suddenly, operations teams – and, importantly, front office managers – were obsessed with the type of SPoF risks so worryingly demonstrated by that hack.
Last week, ahead of The Full FX conference in Chicago, I attended the first day of FIA Expo – the conference on the sidelines of which, our event took place – and this gave me a chance to compare notes with people in the futures industry about that hack. It is clear that the scars from that fiasco are taking a long time to heal – and just as clear that other markets need to heed the lesson from that sorry episode.
As we report in our story, Cobalt FX is launching a competitor to Osttra’s messaging network, and competition is clearly going to be supported in this area, but it is not only about messaging and give-ups – what about areas like settlement?
Like Osttra, CLS takes its cyber security extremely seriously, and there is no suggestion here of any weakness, but nervousness remains about the consequences of what is still a very long-odds events taking place. CLS thoroughly deserved all the credit it got after the collapse of Lehmans, and it continues to do an important job efficiently, but since the ION hack people have started to think the unthinkable. What happens if CLS is breached?
The incumbents have commercial interests they need to protect…sometimes, however, the needs of the industry must over-ride that
Before we think, that is an extremely unlikely event; yes, it is, but as multiple people pointed out to me at FIA Expo, ION took its cyber security just as seriously, but somehow hackers found their way in and caused mayhem. One attendee at the event told me their company had to “clean” all of their systems, not just the ones connected with the hack, and that it took the best part of a month for the business to feel comfortable enough to bring their market participation back to previous levels.
Other comments associated with the hack were, “complete nightmare”, “a total mess”, “expensive”, and “a business killer”. One person observed that one of the benefits of automation – lower staffing requirements – becomes a threat to the business if the systems fail for an extended period of time.
There seems to be a growing feeling in the derivatives industry that it needs both competition and a degree of inter-operability in its post-trade operations, and it is hard to argue that will not also be needed in FX. The challenge is the incumbents, quite rightly to some degree, have commercial interests they need to protect. Sometimes, however, the needs of the industry must over-ride that.
Of course, while inter-operability with other providers could allow an easy switch over in case of a hack or similar loss of service, before any such framework is put in place, we would need to know that one event could not spill over to the competitors! Sometimes isolation is a good thing.
It can be hard to get traders’ attention if you not in the market itself, taking away their ability to trade solves that problem
I have noted many times previously that during my trading career, the post-trade (and I came up through those ranks many, many years ago) was of little consequence and rarely thought of – it just worked. In a connected world, however, the circumstances are vastly different. It was interesting to speak to traders in the derivatives world last week about their experience during the ION hack and to a person, they all said it gave them a healthy respect for not only how efficient the post-trade normally is, but how vitally important it was to their business.
It can be hard to get traders’ attention if you not in the market itself, taking away their ability to trade solves that problem, but it’s not how you want to do it.
This column rarely, if ever, promotes a single initiative by one business (and before the commercial teams at various fintechs get excited and swarm over me, it is very unlikely to ever happen again), but it seems to me the FX industry needs to get behind the Cobalt FX initiative as well as those seeking to provide alternatives in the settlement space. This is not to diminish the importance of the incumbents, rather to recognise that for all of their great work and services, there is a risk to the industry that dwarfs those concerns.
We live in an increasing online, connected, world; the FX industry needs to reflect the security measures taken in other walks of life – and that means multiple providers of critical services. Since 1993, both what are now EBS Market and LSEG FX Matching have had technical issues that have seen them halt trading – but never at the same time. There was always an alternative (and the voice brokers) if required.
As our recent report on the Bank of America analysis of the latest trading halt at one of those venues points out, the impact on market functioning now is minimal, that is because alternatives have been created and gained traction.
What has worked in the front office needs to be translated to the back – for as the ION hack proved, one doesn’t function without the other.