Barclays flags Treasuries central clearing cybersecurity risks after ICBC hack

investing.com:

By Davide Barbuscia

NEW YORK (Reuters) — A key reform proposed by the U.S. Securities and Exchange Commission to boost the use of central clearing for U.S. Treasuries could leave the market more exposed to cybersecurity risks, Barclays said, referring to the cyber hack of Industrial and Commercial Bank of China's U.S. broker-dealer last week.

The SEC central clearing rule, first proposed in September last year, would apply to the cash Treasury and repurchase agreements (repo) markets, where banks and other players such as hedge funds borrow short-term loans backed by Treasuries.

Under the rule, more trades would be sent to a clearing house, requiring counterparties to put up cash to guarantee execution in the event of defaults.

Because the Fixed Income Clearing Corporation (FICC), a subsidiary of the Depository Trust & Clearing Corporation (DTCC), is currently the only central clearing platform for repo and Treasuries, activity on the FICC platform will more than double with the proposed reform, Joseph Abate, a strategist at Barclays, said in a note on Tuesday.

«This creates a potential single-point of failure risk as recent events illustrate,» he said, referring to the ICBC hack.

«That has potential systemic consequences,» he said.

ICBC' U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Nov. 9 and left the bank temporarily owing BNY Mellon (NYSE:BK) $9 billion for unsettled trades, Reuters reported.

Abate also flagged cybersecurity risks for direct members of the FICC, as well as clients they sponsor to access the clearing platform, saying mandatory central clearing could make FICC «a fortress with many doors.»

DTCC said on Wednesday its systems were not impacted by the ICBC