Security overlooked in rush to comply with EU financial directive

Experts warn that security could be an afterthought as companies try to comply with new European financial markets directive.

Experts are warning that as companies rush to comply with EU rulings over financial markets, they may overlook security risks in doing so.

The EU's Markets in Financial Instruments Directive (MiFID) comes into effect on 1 November. The directive replaces the existing Investment Services Directive (ISD) and introduces a single market and regulatory regime for investment services across the 30 member states of the European Economic Area (EEA).

But some experts said that implementation of the directive is complex and only a handful of firms will be on track to meet the November deadline and could unearth security problems within organisations.

"As firms get to grips with identifying and storing the vast amounts of information required by MiFID, they need to be mindful that it will expose existing flaws in their security, as well as introduce new threats that they will now have to manage," said Phil Higgins, executive partner at business consultants Brookcourt Solutions.

Higgins said that the cost of MiFID IT implementation, in the UK alone, is set to surpass 1bn, with UK investment banks spending upwards of 10m each.

According to Higgins, firms that do not tackle security issues raised by MiFID will substantially raise their risk profile and leave themselves open to both damage to their reputation and legal action.

Financial Services industry think-tank JWG-IT chief executive PJ Di Giammarino said that with only six months left until the rules come into force, firms are only now waking up to the profound implications MiFID has on business processes and supporting infrastructure. "While it's important to implement compliant processes and systems, these also need to be secure," he said.

Analysts said that the main beneficiaries of the new rules would be security and storage vendors as it would provide a major market opportunity.

"The main requirements lie in the area of secure, long-term and high-volume storage of information, with a rich layer of audit and reporting functionality built on top of it to allow MiFID compliance to be demonstrated," said Graham Titterington, principal analyst at Ovum. "There is a particular challenge in providing this across a fast moving domain with multiple players - such as the financial trading environment."

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

How to encrypt files and folders in Windows 10
encryption

How to encrypt files and folders in Windows 10

9 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Evidence suggests REvil behind Harris Federation ransomware attack
ransomware

Evidence suggests REvil behind Harris Federation ransomware attack

9 Apr 2021
Fujitsu taps Trend Micro to secure private 5G networks in smart factories
5G

Fujitsu taps Trend Micro to secure private 5G networks in smart factories

8 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021