Establishing appropriate controls for Order Management on Instant Messaging channels

By CTO Vincent Caldeira 


Recently the Securities and Future Commission (SFC) in Hong Kong issued a circular to Financial Intermediaries (FIs) regarding the key controls and procedures expected to be in place when using Instant Messaging (IM) applications to receive client orders. This is not a new business practice, but I believe the wide discrepancy on how these risks are being assessed and addressed has called for some level of standardization across the financial markets.

While using IM applications introduce several challenges in terms of specific technology, information security, and operational and regulatory risks, such tools are still being widely used by clients and FIs to communicate. This is because they provide a direct channel to distribute relevant and actionable information on a timely basis, while allowing to introduce process efficiency in the interaction between customers and the bankers. As such, we at Bondlinc have enabled IM channels as an inherent part of our solution. Our platform integrates natively with the FIs' clients’ chosen channels (such as Facebook Messenger or WeChat) while providing all the appropriate controls that would be expected of a secure and compliant banking solution.

Secure login to request for a quotation

Secure login to request for a quotation

This article describes some of the key measures and controls implemented in the solution to meet the requirements described in the SFC Circular.

Centralized Record Keeping

·        The solution provides one central point of interaction for the bank’s employees (Relationship Manager, Dealer) to interact with customers using multiple IM applications. Our solution achieves this with Identity Brokering and User Federation components implemented using some of the most popular security standards for Web single sign-on (SSO) such as SAML 2.0, OpenID Connect and OAuth 2.0. This enables integration with 3rd-party Identity Providers from the FIs as well as leading IM solutions as identity sources.  

·        All order records and contextual information for the order (chat between the institution and its clients) are transmitted and stored for future reference using industry-accepted cryptography standards, in a form that cannot be altered or tampered with.

·        Data retention for all order management data can be specified and managed according to the FI’s internal policies and regulatory requirements.

Security and Reliability

·        The solution manages step-up authentication with an ability to use zero, one or two-factor authentication where appropriate. For example, public information such as details about a new bond issue can be viewed by a customer, without requiring an additional mobile application download or client login. However, access to indicative quotes would require a simple, one-factor authentication. Furthermore, any transaction confirmation will require step up to a second factor of authentication to complete the final transaction. This allows validating the identity of the client at the appropriate time along the transaction process and getting an authenticated digital acknowledgement for audit trail purposes.

Appropriate zero, one, and two factor authentication requirements

Appropriate zero, one, and two factor authentication requirements

·        Transport security (SSL) is used to protect the communication channel between the IM application and Bondlinc services. This ensures that the end-to-end transmission of order messages is safe.

·        Message-level security is used to ensure confidentiality by digitally encrypting the message itself, authenticating the originating entity using X509 certificates, and enforcing integrity by using digital signatures.

Secure communication relay between the customers' and the banks' IM applications

Secure communication relay between the customers' and the banks' IM applications

Compliance Monitoring

·        All messages and order information are securely routed to our central event management pipeline. This allows Compliance to perform real-time monitoring against a set of pre-configured rules (including unusual trading patterns, specific restricted keywords used in conversations with the Relationship Manager or Dealer, etc…), and securely store the information in a data warehouse for reporting, reviewing and auditing purposes.

·        A specific module for Compliance officers allows reviewing of all historical order conversations and messages. To support any required investigations, dynamic search criteria can be used to search through a specific period of time or particular clients’ accounts.



Bondlinc’s solution natively provides critical controls for our customers to efficiently manage the specific technology, information security, operational and regulatory risks that trading bonds over IM channels entail. For more information or for a demonstration, do not hesitate to contact me at vc@bondlinc.com.

As the CTO Bondlinc, Vincent oversees the technology design and development of the company’s Software-As-A-Service bond trading platform. The comprehensive solution aims to standardise, improve and automate the traditional bond trading workflow.