More or less since the Commodity Futures Trading Commission began demanding more and more (and more and more up-to-the-minute) information from derivatives traders on their precise derivatives trade, the better, it hoped, to prevent new derivatives-based global financial crises, derivatives traders and their representatives have had some concerns about the security of the highly secretive and proprietary information they were providing the CFTC, concerns which have persisted through the years. And, apparently, with good reason: For not only are the CFTC’s systems unable to do the things that the CFTC is collecting this information to do, but even an agency less chronically underfunded than the CFTC is unable to protect such data. And, to no one’s surprise, neither is the CFTC, according to the CFTC.

The Commodity Futures Trading Commission needs to correct “numerous weaknesses” in the way it manages and stores data, the inspector general’s office said in an audit report released late last week. The review also said the CFTC needs to rebuild or replace a key, but antiquated, database of confidential trading positions that it uses to police futures and options markets…. The two decade-old system must be updated or replaced by “a more modern and efficient technical solution,” the report said....

“I agree that the CFTC should review the security risks of ISS and other legacy systems to assure compliance with current information security standards,” Commissioner Rostin Behnam, who leads the agency’s Market Risk Advisory Committee, said in an email statement. “I am concerned that without additional resources, we will not be able to meet these critical standards.”

A Watchdog Says Hedge-Fund Secrets Kept by the CFTC Are Vulnerable to Hacking [Bloomberg]