Yesix Group counts its profits in millions, but the financial channels it controls move billions. Its operations, which include the Spanish and Swiss stock exchanges, count as critical national infrastructure and this gives it a close relationship with governments and regulators in Madrid and Zurich.
Those relationships are critical in an era when digital warfare makes financial infrastructure a prime target for hackers linked to hostile states. Jos Dijsselhof, the Dutch chief executive of the Swiss-based stock exchange group, is open about the magnitude of the challenge. "I employ a lot of hackers," he says, slamming the table sharply. "Sometimes you need to know one."
He hack earlier this month The Wall Street arm of China's largest bank, ICBC Financial Services, has put cybersecurity back at the forefront of economic security debates. The move disrupted the US Treasury market by forcing ICBC FS clients to divert trades. and some were resolved by couriering the details across Manhattan on a USB stick.
ICBC FS said it managed to contain the incident by disconnecting and isolating the affected systems, and completed all necessary operations. Still, the scale and nature of the ransomware attack – the same type of attack that led to the closure of money transfer service Travelex in 2020 – underscores the evolving risk these companies face.
Six Group has invested in three tranches of cybersecurity, says Dijsselhof: walls to keep people out; containment systems in case they enter; and recovery functions for when someone “holds hostage” any part of the business.
“The attacks are increasingly sophisticated at the phishing level. Additionally, I see more and more attempts to use phone numbers, WhatsApp, etc., but also large mechanical attacks on our systems, where several parties are attacked at once and then we receive a demand for payment after they find a vulnerability. " he says.
“We are in a race where attackers are constantly improving and defenders are always improving. We have to make sure our defenses are high enough. The other thing you have to do is invest everywhere. Your standards should be the same everywhere in your business.”
Six Group has four main business activities: trading on its exchanges; listings; post-trade clearing and transaction processing; and data services. Its growing data business makes it a target for broader corporate espionage as well as cyberattacks.
After "Social engineering" Attempts to use personal data to attack staff were discovered, credentials no longer carry surnames, clean desk policies are enforced much more strictly and the processing and communication of sensitive information is now subject to higher standards of mandatory training regular.
The business is small compared to its competitors, the EU-focused London Stock Exchange Group and Euronext, but it still caused discomfort in the European Commission when it managed to buy the Spanish foreign exchange operator, Bolsas y Mercados Españoles (BME), for 2,800 millions of euros. in 2020.
The purchase ran counter to the EU's plans to put more of the bloc's financial infrastructure in the hands of EU members, a long-term effort to "localize" financial services. Euronext, based in Amsterdam and Paris, has been the focal point of such efforts, purchasing a variety of financial infrastructure.
Switzerland is not a member of the EU and had to fight against this competitor. "We did it almost secretly," says Dijsselhof. “It's almost not about the price; In fact, when it comes to a country's critical national infrastructure, price is secondary.
“They are the leading force in our plans for the EU. And they knew that the Spanish stock market would not be absorbed by Paris, Frankfurt or London.”
Six's new London offices, near the Gherkin in the City, still smell of fresh paint. On the contrary, the economic context seems tired: high inflation, higher interest rates and low or no growth.
“I have never seen OPI [initial public offerings] “It is the lowest level I have seen this year,” says Dijsselhof. “Trading is also very low: although there are some moments of volatility, there are still many people on the sidelines. From a trading standpoint, we had one of the slowest years in history.
“But post-trade, where we do clearing, settlement and custody, both in Spain and Switzerland, and internationally, where people hold balances with us, we benefit from higher interest rates. And then there is the data business, which I think is really a diamond in our crown.”
This mixed business model helps offset the impact of a slow economy. Data services, as banks and other financial institutions increasingly need more data to train artificial intelligence programs, offer a path for growth even in an economic downturn.
Dijisselhof remains pessimistic about the economic outlook and the prospect of new conflicts in the Middle East, as well as in Ukraine. He expects inflation to be "sticky" in the coming months with a longer period of stagflation than many had predicted. Growing conflicts in sensitive regions will also keep energy prices high, he believes: it will be a bumpy road.
