Business has yet to return to normal in global derivatives trading, three weeks after a cyber attack on Ion Markets, underlining the financial technology group’s significant role in the plumbing of the $1tn market.
Little-known Ion was targeted by attackers at the end of January, who disabled part of its derivatives systems and forced many trading desks to manually keep track of their data on spreadsheets.
The Dublin-based company is aiming to restore business as usual and transfer all clients to clean systems this week, according to a person familiar with the matter. Ion declined to comment.
The disruption has rattled the global futures market, which has relied on automated software produced by companies such as Ion to process trades ever since the boisterous paper-littered trading pits gave way to electronic systems.
Ion is one of the few companies that handles the complex but critical job of matching and reconciling brokers’ trades.
The hack has left exchanges and markets regulators unable to compile weekly reports of derivatives trading activity and scrambling for workarounds to log their daily activity in one of the world’s biggest financial markets. There were just over $1tn of equity, commodity and interest rate futures open in December, according to data from the Futures Industry Association.
“This was a high-profile attack,” said John Rapa, chief executive of derivatives industry consultancy Tellefsen. “This is a large, critical vendor, who many participants in the business use.”
As Ion rebuilds its software on to new hardware and moves customers to clean systems, the three-week delay has resulted in trading firms and regulators paying greater attention to the risks to daily trading operations of a single point of failure.
Ion was founded in 1999 and has built an empire by scooping up dozens of specialist trading technology groups through a series of debt-fuelled acquisitions. Its founder and chief executive, Andrea Pignataro, a former bond trader at Salomon Brothers, avoids the spotlight.
On January 31, Ion confirmed market rumours that it had suffered a cyber attack in a part of its business where futures trades are matched and margin is calculated — the insurance that backs a derivatives trade — according to people familiar with the matter.
“It’s made things a lot more manual . . . checking everything line by line,” said one person familiar with the situatIon.
RBC, UBS and Macquarie were among the firms affected, according to people familiar with the matter. RBC declined to comment. UBS and Macquarie did not respond to requests for comment.
“The impact is huge because the recovery time is usually not quick,” said Martin Greenfield, chief executive of cyber security company Quod Orbis. “In most banking terms that is a complete nightmare scenario,” he said, adding that “the whole supply chain and third-party risk element is quite difficult to be dealt with”.
The disruption has rippled out to regulators too. The Commodity Futures Trading Commission, the main US derivatives regulator, has been unable to publish its weekly Commitments of Traders report, which shows the contracts that customers have been buying and selling. While it expects to resume on Friday, the report will be three weeks in arrears.
Atlanta-based Intercontinental Exchange has been unable to produce its weekly report on futures positions, as required by European rules. European exchange operator Euronext has resumed publishing its weekly commodity derivatives report, but it is also in arrears.