Thursday, February 18, 2016

security begins as a state of mind: NSA employee's security manual

Security Guidelines
 
This handbook is designed to introduce you to some of the basic
security principles and procedures with which all NSA employees must comply.
It highlights some of your security responsibilities, and provides guidelines
for answering questions you may be asked concerning your association with this
Agency.  Although you will be busy during the forthcoming weeks learning your
job, meeting co-workers, and becoming accustomed to a new work environment, you
are urged to become familiar with the security information contained in this
handbook.  Please note that a listing of telephone numbers is provided at the
end of this handbook should you have any questions or concerns.

Introduction
In joining NSA you have been given an opportunity to participate in the activities of one of the most important intelligence organizations of the United States Government. At the same time, you have also assumed a trust which carries with it a most important individual responsibility--the safeguarding of sensitive information vital to the security of our nation.
While it is impossible to estimate in actual dollars and cents the value of the work being conducted by this Agency, the information to which you will have access at NSA is without question critically important to the defense of the United States. Since this information may be useful only if it is kept secret, it requires a very special measure of protection. The specific nature of this protection is set forth in various Agency security regulations and directives. The total NSA Security Program, however, extends beyond these regulations. It is based upon the concept that security begins as a state of mind. The program is designed to develop an appreciation of the need to protect information vital to the national defense, and to foster the development of a level of awareness which will make security more than routine compliance with regulations.
At times, security practices and procedures cause personal inconvenience. They take time and effort and on occasion may make it necessary for you to voluntarily forego some of your usual personal perogatives. But your compensation for the inconvenience is the knowledge that the work you are accomplishing at NSA, within a framework of sound security practices, contributes significantly to the defense and continued security of the United States of America.
I extend to you my very best wishes as you enter upon your chosen career or assignment with NSA.
Philip T. Pease
Director of Security

INITIAL SECURITY RESPONSIBILITIES
Anonymity
Perhaps one of the first security practices with which new NSA personnel should become acquainted is the practice of anonymity. In an open society such as ours, this practice is necessary because information which is generally available to the public is available also to hostile intelligence. Therefore, the Agency mission is best accomplished apart from public attention. Basically, anonymity means that NSA personnel are encouraged not to draw attention to themselves nor to their association with this Agency. NSA personnel are also cautioned neither to confirm nor deny any specific questions about NSA activities directed to them by individuals not affiliated with the Agency.
The ramifications of the practice of anonymity are rather far reaching, and its success depends on the cooperation of all Agency personnel. Described below you will find some examples of situations that you may encounter concerning your employment and how you should cope with them. Beyond the situations cited, your judgement and discretion will become the deciding factors in how you respond to questions about your employment.
Answering Questions About Your Employment
Certainly, you may tell your family and friends that you are employed at or assigned to the National Security Agency. There is no valid reason to deny them this information. However, you may not disclose to them any information concerning specific aspects of the Agency's mission, activities, and organization. You should also ask them not to publicize your association with NSA.
Should strangers or casual acquaintances question you about your place of employment, an appropriate reply would be that you work for the Department of Defense. If questioned further as to where you are employed within the Department of Defense, you may reply, "NSA." When you inform someone that you work for NSA (or the Department of Defense) you may expect that the next question will be, "What do you do?" It is a good idea to anticipate this question and to formulate an appropriate answer. Do not act mysteriously about your employment, as that would only succeed in drawing more attention to yourself.
If you are employed as a secretary, engineer, computer scientist, or in a clerical, administrative, technical, or other capacity identifiable by a general title which in no way indicates how your talents are being applied to the mission of the Agency, it is suggested that you state this general title. If you are employed as a linguist, you may say that you are a linguist, if necessary. However, you should not indicate the specific language(s) with which you are involved.
The use of service specialty titles which tend to suggest or reveal the nature of the Agency's mission or specific aspects of their work. These professional titles, such as cryptanalyst, signals collection officer, and intelligence research analyst, if given verbatim to an outsider, would likely generate further questions which may touch upon the classified aspects of your work. Therefore, in conversation with outsiders, it is suggested that such job titles be generalized. For example, you might indicate that you are a "research analyst." You may not, however, discuss the specific nature of your analytic work.
Answering Questions About Your Agency Training
During your career or assignment at NSA, there is a good chance that you will receive some type of job-related training. In many instances the nature of the training is not classified. However, in some situations the specialized training you receive will relate directly to sensitive Agency functions. In such cases, the nature of this training may not be discussed with persons outside of this Agency.
If your training at the Agency includes language training, your explanation for the source of your linguistic knowledge should be that you obtained it while working for the Department of Defense.
You Should not draw undue attention to your language abilities, and you may not discuss how you apply your language skill at the Agency.
If you are considering part-time employment which requires the use of language or technical skills similar to those required for the performance of your NSA assigned duties, you must report (in advance) the anticipated part-time work through your Staff Security Officer (SSO) to the Office of Security's Clearance Division (M55).
Verifying Your Employment
On occasion, personnel must provide information concerning their employment to credit institutions in connection with various types of applications for credit. In such situations you may state, if you are a civilian employee, that you are employed by NSA and indicate your pay grade or salary. Once again, generalize your job title. If any further information is desired by persons or firms with whom you may be dealing, instruct them to request such information by correspondence addressed to: Director of Civilian Personnel, National Security Agency, Fort George G. Meade, Maryland 20755-6000. Military personnel should use their support group designator and address when indicating their current assignment.
If you contemplate leaving NSA for employment elsewhere, you may be required to submit a resume/job application, or to participate in extensive employment interviews. In such circumstances, you should have your resume reviewed by the Classification Advisory Officer (CAO) assigned to your organization. Your CAO will ensure that any classified operational details of your duties have been excluded and will provide you with an unclassified job description. Should you leave the Agency before preparing such a resume, you may develop one and send it by registered mail to the NSA/CSS Information Policy Division (Q43) for review. Remember, your obligation to protect sensitive Agency information extends beyond your employment at NSA.
The Agency And Public News Media
>From time to time you may find that the agency is the topic of reports or articles appearing in public news media--newspapers, magazines, books, radio and TV. The NSA/CSS Information Policy Division (Q43) represents the Agency in matters involving the press and other media. This office serves at the Agency's official media center and is the Director's liaison office for public relations, both in the community and with other government agencies. The Information Policy Division must approve the release of all information for and about NSA, its mission, activities, and personnel. In order to protect the aspects of Agency operations, NSA personnel must refrain from either confirming or denying any information concerning the Agency or its activities which may appear in the public media. If you are asked about the activities of NSA, the best response is "no comment." You should the notify Q43 of the attempted inquiry. For the most part, public references to NSA are based upon educated guesses. The Agency does not normally make a practice of issuing public statements about its activities.
GENERAL RESPONSIBILITIES
Espionage And Terrorism
During your security indoctrination and throughout your NSA career you will become increasingly aware of the espionage and terrorist threat to the United States. Your vigilance is the best single defense in protecting NSA information, operations, facilities and people. Any information that comes to your attention that suggests to you the existence of, or potential for, espionage or terrorism against the U.S. or its allies must be promptly reported by you to the Office of Security.
There should be no doubt in your mind about the reality of the threats. You are now affiliated with the most sensitive agency in government and are expected to exercise vigilance and common sense to protect NSA against these threats.
Classification
Originators of correspondence, communications, equipment, or documents within the Agency are responsible for ensuring that the proper classification, downgrading information and, when appropriate, proper caveat notations are assigned to such material. (This includes any handwritten notes which contain classified information). The three levels of classification are Confidential, Secret and Top Secret. The NSA Classification Manual should be used as guidance in determining proper classification. If after review of this document you need assistance, contact the Classification Advisory Officer (CAO) assigned to your organization, or the Information Policy Division (Q43).
Need-To-Know
Classified information is disseminated only on a strict "need-to-know" basis. The "need-to-know" policy means that classified information will be disseminated only to those individuals who, in addition to possessing a proper clearance, have a requirement to know this information in order to perform their official duties (need-to-know). No person is entitled to classified information solely by virtue of office, position, rank, or security clearance.
All NSA personnel have the responsibility to assert the "need-to-know" policy as part of their responsibility to protect sensitive information. Determination of "need-to-know" is a supervisory responsibility. This means that if there is any doubt in your mind as to an individual's "need-to-know," you should always check with your supervisor before releasing any classified material under your control.
For Official Use Only
Separate from classified information is information or material marked "FOR OFFICIAL USE ONLY" (such as this handbook). This designation is used to identify that official information or material which, although unclassified, is exempt from the requirement for public disclosure of information concerning government activities and which, for a significant reason, should not be given general circulation. Each holder of "FOR OFFICAL USE ONLY" (FOUO) information or material is authorized to disclose such information or material to persons in other departments or agencies of the Executive and Judicial branches when it is determined that the information or material is required to carry our a government function. The recipient must be advised that the information or material is not to be disclosed to the general public. Material which bears the "FOR OFFICIAL USE ONLY" caveat does not come under the regulations governing the protection of classified information. The unauthorized disclosure of information marked "FOR OFFICIAL USE ONLY" does not constitute an unauthorized disclosure of classified defense information. However, Department of Defense and NSA regulations prohibit the unauthorized disclosure of information designated "FOR OFFICIAL USE ONLY." Appropriate administrative action will be taken to determine responsibility and to apply corrective and/or disciplinary measures in cases of unauthorized disclosure of information which bears the "FOR OFFICIAL USE ONLY" caveat. Reasonable care must be exercised in limiting the dissemination of "FOR OFFICIAL USE ONLY" information. While you may take this handbook home for further study, remember that is does contain "FOR OFFICIAL USE ONLY" information which should be protected.
Prepublication Review
All NSA personnel (employees, military assignees, and contractors) must submit for review any planned articles, books, speeches, resumes, or public statements that may contain classified, classifiable, NSA-derived, or unclassified protected information, e.g., information relating to the organization, mission, functions, or activities of NSA. Your obligation to protect this sensitive information is a lifetime one. Even when you resign, retire, or otherwise end your affiliation with NSA, you must submit this type of material for prepublication review. For additional details, contact the Information Policy Division (Q43) for an explanation of prepublication review procedures.
Personnel Security Responsibilities
Perhaps you an recall your initial impression upon entering an NSA facility. Like most people, you probably noticed the elaborate physical security safeguards--fences, concrete barriers, Security Protective Officers, identification badges, etc. While these measures provide a substantial degree of protection for the information housed within our buildings, they represent only a portion of the overall Agency security program. In fact, vast amounts of information leave our facilities daily in the minds of NSA personnel, and this is where our greatest vulnerability lies. Experience has indicated that because of the vital information we work with at NSA, Agency personnel may become potential targets for hostile intelligence efforts. Special safeguards are therefore necessary to protect our personnel.
Accordingly, the Agency has an extensive personnel security program which establishes internal policies and guidelines governing employee conduct and activities. These policies cover a variety of topics, all of which are designed to protect both you and the sensitive information you will gain through your work at NSA.
Association With Foreign Nationals
As a member of the U.S. Intelligence Community and by virtue of your access to sensitive information, you are a potential target for hostile intelligence activities carried out by or on behalf of citizens of foreign countries. A policy concerning association with foreign nationals has been established by the Agency to minimize the likelihood that its personnel might become subject to undue influence or duress or targets of hostile activities through foreign relationships.
As an NSA affiliate, you are prohibited from initiating or maintaining associations (regardless of the nature and degree) with citizens or officials of communist-controlled, or other countries which pose a significant threat to the security of the United States and its interests. A comprehensive list of these designated countries is available from your Staff Security Officer or the Security Awareness Division. Any contact with citizens of these countries, no matter how brief or seemingly innocuous, must be reported as soon as possible to your Staff Security Officer (SSO). (Individuals designated as Staff Security Officers are assigned to every organization; a listing of Staff Security Officers can be found at the back of this handbook).
Additionally, close and continuing associations with any non-U.S. citizens which are characterized by ties of kinship, obligation, or affection are prohibited. A waiver to this policy may be granted only under the most exceptional circumstances when there is a truly compelling need for an individual's services or skills and the security risk is negligible.
In particular, a waiver must be granted in advance of a marriage to or cohabitation with a foreign national in order to retain one's access to NSA information. Accordingly, any intent to cohabitate with or marry a non-U.S. citizen must be reported immediately to your Staff Security Officer. If a waiver is granted, future reassignments both at headquarters and overseas may be affected.
The marriage or intended marriage of an immediate family member (parents, siblings, children) to a foreign national must also be reported through your SSO to the Clearance Division (M55).
Casual social associations with foreign nationals (other than those of the designated countries mentioned above) which arise from normal living and working arrangements in the community usually do not have to be reported. During the course of these casual social associations, you are encouraged to extend the usual social amenities. Do not act mysteriously or draw attention to yourself (and possibly to NSA) by displaying an unusually wary attitude.
Naturally, your affiliation with the Agency and the nature of your work should not be discussed. Again, you should be careful not to allow these associations to become close and continuing to the extent that they are characterized by ties of kinship, obligation, or affection.
If at any time you feel that a "casual" association is in any way suspicious, you should report this to your Staff Security Officer immediately. Whenever any doubt exists as to whether or not a situation should be reported or made a matter of record, you should decided in favor of reporting it. In this way, the situation can be evaluated on its own merits, and you can be advised as to your future course of action.
Correspondence With Foreign Nationals
NSA personnel are discouraged from initiating correspondence with individuals who are citizens of foreign countries. Correspondence with citizens of communist-controlled or other designated countries is prohibited. Casual social correspondence, including the "penpal" variety, with other foreign acquaintances is acceptable and need not be reported. If, however, this correspondence should escalate in its frequency or nature, you should report that through your Staff Security Officer to the Clearance Division (M55).
Embassy Visits
Since a significant percentage of all espionage activity is known to be conducted through foreign embassies, consulates, etc., Agency policy discourages visits to embassies, consulates or other official establishments of a foreign government. Each case, however, must be judged on the circumstances involved. Therefore, if you plan to visit a foreign embassy for any reason (even to obtain a visa), you must consult with, and obtain the prior approval of, your immediate supervisor and the Security Awareness Division (M56).
Amateur Radio Activities
Amateur radio (ham radio) activities are known to be exploited by hostile intelligence services to identify individuals with access to classified information; therefore, all licensed operators are expected to be familiar with NSA/CSS Regulation 100-1, "Operation of Amateur Radio Stations" (23 October 1986). The specific limitations on contacts with operators from communist and designated countries are of particular importance. If you are an amateur radio operator you should advise the Security Awareness Division (M56) of your amateur radio activities so that detailed guidance may be furnished to you.
Unofficial Foreign Travel
In order to further protect sensitive information from possible compromise resulting from terrorism, coercion, interrogation or capture of Agency personnel by hostile nations and/or terrorist groups, the Agency has established certain policies and procedures concerning unofficial foreign travel.
All Agency personnel (civilian employees, military assignees, and contractors) who are planning unofficial foreign travel must have that travel approved by submitting a proposed itinerary to the Security Awareness Division (M56) at least 30 working days prior to their planned departure from the United States. Your itinerary should be submitted on Form K2579 (Unofficial Foreign Travel Request). This form provides space for noting the countries to be visited, mode of travel, and dates of departure and return. Your immediate supervisor must sign this form to indicate whether or not your proposed travel poses a risk to the sensitive information, activities, or projects of which you may have knowledge due to your current assignment.
After your supervisor's assessment is made, this form should be forwarded to the Security Awareness Director (M56). Your itinerary will then be reviewed in light of the existing situation in the country or countries to be visited, and a decision for approval or disapproval will be based on this assessment. The purpose of this policy is to limit the risk of travel to areas of the world where a threat may exist to you and to your knowledge of classified Agency activities.
In this context, travel to communist-controlled and other hazardous activity areas is prohibited. A listing of these hazardous activity areas is prohibited. A listing of these hazardous activity areas can be found in Annex A of NSA/CSS Regulation No. 30-31, "Security Requirements for Foreign Travel" (12 June 1987). From time to time, travel may also be prohibited to certain areas where the threat from hostile intelligence services, terrorism, criminal activity or insurgency poses an unacceptable risk to Agency employees and to the sensitive information they possess. Advance travel deposits made without prior agency approval of the proposed travel may result in financial losses by the employee should the travel be disapproved, so it is important to obtain approval prior to committing yourself financially. Questions regarding which areas of the world currently pose a threat should be directed to the Security Awareness Division (M56).
Unofficial foreign travel to Canada, the Bahamas, Bermuda, and Mexico does not require prior approval, however, this travel must still be reported using Form K2579. Travel to these areas may be reported after the fact.
While you do not have to report your foreign travel once you have ended your affiliation with the Agency, you should be aware that the risk incurred in travelling to certain areas, from a personal safety and/or counterintelligence standpoint, remains high. The requirement to protect the classified information to which you have had access is a lifetime obligation.
Membership In Organizations
Within the United States there are numerous organizations with memberships ranging from a few to tens of thousands. While you may certainly participate in the activities of any reputable organization, membership in any international club or professional organization/activity with foreign members should be reported through your Staff Security Officer to the Clearance Division (M55). In most cases there are no security concerns or threats to our employees or affiliates. However, the Office of Security needs the opportunity to research the organization and to assess any possible risk to you and the information to which you have access.
In addition to exercising prudence in your choice of organizational affiliations, you should endeavor to avoid participation in public activities of a conspicuously controversial nature because such activities could focus undesirable attention upon you and the Agency. NSA employees may, however, participate in bona fide public affairs such as local politics, so long as such activities do not violate the provisions of the statutes and regulations which govern the political activities of all federal employees. Additional information may be obtained from your Personnel Representative.
Changes In Marital Status/Cohabitation/Names
All personnel, either employed by or assigned to NSA, must advise the Office of Security of any changes in their marital status (either marriage or divorce), cohabitation arrangements, or legal name changes. Such changes should be reported by completing NSA Form G1982 (Report of Marriage/Marital Status Change/Name Change), and following the instructions printed on the form.
Use And Abuse Of Drugs
It is the policy of the National Security Agency to prevent and eliminate the improper use of drugs by Agency employees and other personnel associated with the Agency. The term "drugs" includes all controlled drugs or substances identified and listed in the Controlled Substances Act of 1970, as amended, which includes but is not limited to: narcotics, depressants, stimulants, cocaine, hallucinogens ad cannabis (marijuana, hashish, and hashish oil). The use of illegal drugs or the abuse of prescription drugs by persons employed by, assigned or detailed to the Agency may adversely affect the national security; may have a serious damaging effect on the safety and the safety of others; and may lead to criminal prosecution. Such use of drugs either within or outside Agency controlled facilities is prohibited.
Physical Security Policies
The physical security program at NSA provides protection for classified material and operations and ensures that only persons authorized access to the Agency's spaces and classified material are permitted such access. This program is concerned not only with the Agency's physical plant and facilities, but also with the internal and external procedures for safeguarding the Agency's classified material and activities. Therefore, physical security safeguards include Security Protective Officers, fences, concrete barriers, access control points, identification badges, safes, and the compartmentalization of physical spaces. While any one of these safeguards represents only a delay factor against attempts to gain unauthorized access to NSA spaces and material, the total combination of all these safeguards represents a formidable barrier against physical penetration of NSA. Working together with personnel security policies, they provide "security in depth."
The physical security program depends on interlocking procedures. The responsibility for carrying out many of these procedures rests with the individual. This means you, and every person employed by, assign, or detailed to the Agency, must assume the responsibility for protecting classified material. Included in your responsibilities are: challenging visitors in operational areas; determining "need-to-know;" limiting classified conversations to approved areas; following established locking and checking procedures; properly using the secure and non-secure telephone systems; correctly wrapping and packaging classified data for transmittal; and placing classified waste in burn bags.
The NSA Badge
Even before you enter an NSA facility, you have a constant reminder of security--the NSA badge. Every person who enters an NSA installation is required to wear an authorized badge. To enter most NSA facilities your badge must be inserted into an Access Control Terminal at a building entrance and you must enter your Personal Identification Number (PIN) on the terminal keyboard. In the absence of an Access Control Terminal, or when passing an internal security checkpoint, the badge should be held up for viewing by a Security Protective Officer. The badge must be displayed at all times while the individual remains within any NSA installation.
NSA Badges must be clipped to a beaded neck chain. If necessary for the safety of those working in the area of electrical equipment or machinery, rubber tubing may be used to insulate the badge chain. For those Agency personnel working in proximity to other machinery or equipment, the clip may be used to attach the badge to the wearer's clothing, but it must also remain attached to the chain.
After you leave an NSA installation, remove your badge from public view, thus avoiding publicizing your NSA affiliation. Your badge should be kept in a safe place which is convenient enough to ensure that you will be reminded to bring it with you to work. A good rule of thumb is to afford your badge the same protection you give your wallet or your credit cards. DO NOT write your Personal Identification Number on your badge.
If you plan to be away from the Agency for a period of more than 30 days, your badge should be left at the main Visitor Control Center which services your facility.
Should you lose your badge, you must report the facts and circumstances immediately to the Security Operations Center (SOC) (963-3371s/688-6911b) so that your badge PIN can be deactivated in the Access Control Terminals. In the event that you forget your badge when reporting for duty, you may obtain a "non-retention" Temporary Badge at the main Visitor Control Center which serves your facility after a co-worker personally identifies your and your clearance has been verified.
Your badge is to be used as identification only within NSA facilities or other government installations where the NSA badge is recognized. Your badge should never be used outside of the NSA or other government facilities for the purpose of personal identification. You should obtain a Department of Defense identification card from the Civilian Welfare Fund (CWF) if you need to identify yourself as a government employee when applying for "government discounts" offered at various commercial establishments.
Your badge color indicates your particular affiliation with NSA and your level of clearance. Listed below are explanations of the badge colors you are most likely to see:
Green (*) Fully cleared NSA employees and certain military assignees.
Orange (*) (or Gold) Fully cleared representative of other government agencies.
Black (*) Fully cleared contractors or consultants.
Blue Employees who are cleared to the SECRET level while awaiting completion of their processing for full (TS/SI) clearance. These Limited Interim Clearance (LIC) employees are restricted to certain activities while inside a secure area.
Red Clearance level is not specified, so assume the holder is uncleared.
* - Fully cleared status means that the person has been cleared to the Top Secret (TS) level and indoctrinated for Special Intelligence (SI).
All badges with solid color backgrounds (permanent badges) are kept by individuals until their NSA employment or assignment ends. Striped badges ("non-retention" badges) are generally issued to visitors and are returned to the Security Protective Officer upon departure from an NSA facility.
Area Control
Within NSA installations there are generally two types of areas, Administrative and Secure. An Administrative Area is one in which storage of classified information is not authorized, and in which discussions of a classified nature are forbidden. This type of area would include the corridors, restrooms, cafeterias, visitor control areas, credit union, barber shop, and drugstore. Since uncleared, non-NSA personnel are often present in these areas, all Agency personnel must ensure that no classified information is discussed in an Administrative Area.
Classified information being transported within Agency facilities must be placed within envelopes, folders, briefcases, etc. to ensure that its contents or classification markings are not disclosed to unauthorized persons, or that materials are not inadvertently dropped enroute.
The normal operational work spaces within an NSA facility are designated Secure Areas. These areas are approved for classified discussions and for the storage of classified material. Escorts must be provided if it is necessary for uncleared personnel (repairmen, etc.) to enter Secure Areas, an all personnel within the areas must be made aware of the presence of uncleared individuals. All unknown, unescorted visitors to Secure Areas should be immediately challenged by the personnel within the area, regardless of the visitors' clearance level (as indicated by their badge color).
The corridor doors of these areas must be locked with a deadbolt and all classified information in the area must be properly secured after normal working hours or whenever the area is unoccupied. When storing classified material, the most sensitive material must be stored in the most secure containers. Deadbolt keys for doors to these areas must be returned to the key desk at the end of the workday.
For further information regarding Secure Areas, consult the Physical Security Division (M51) or your staff Security Officer.
Items Treated As Classified
For purposes of transportation, storage and destruction, there are certain types of items which must be treated as classified even though they may not contain classified information. Such items include carbon paper, vu-graphs, punched machine processing cards, punched paper tape, magnetic tape, computer floppy disks, film, and used typewriter ribbons. This special treatment is necessary since a visual examination does not readily reveal whether the items contain classified information.
Prohibited Items
Because of the potential security or safety hazards, certain items are prohibited under normal circumstances from being brought into or removed from any NSA installation. These items have been groped into two general classes. Class I prohibited items are those which constitute a threat to the safety and security of NSA/CSS personnel and facilities. Items in this category include:
a. Firearms and ammunition b. Explosives, incendiary substances, radioactive materials, highly volatile materials, or other hazardous materials c. Contraband or other illegal substances d. Personally owned photographic or electronic equipment including microcomputers, reproduction or recording devices, televisions or radios.
Prescribed electronic medical equipment is normally not prohibited, but requires coordination with the Physical Security Division (M51) prior to being brought into any NSA building.
Class II prohibited items are those owned by the government or contractors which constitute a threat to physical, technical, or TEMPEST security. Approval by designated organizational officials is required before these items can be brought into or removed from NSA facilities. Examples are:
a. Transmitting and receiving equipment b. Recording equipment and media c. Telephone equipment and attachments d. Computing devices and terminals e. Photographic equipment and film
A more detailed listing of examples of Prohibited Items may be obtained from your Staff Security Officer or the Physical Security Division (M51).
Additionally, you may realize that other seemingly innocuous items are also restricted and should not be brought into any NSA facility. Some of these items pose a technical threat; others must be treated as restricted since a visual inspection does not readily reveal whether they are classified. These items include:
a. Negatives from processed film; slides; vu-graphs b. Magnetic media such as floppy disks, cassette tapes, and VCR videotapes c. Remote control devices for telephone answering machines d. Pagers
Exit Inspection
As you depart NSA facilities, you will note another physical security safeguard--the inspection of the materials you are carrying. This inspection of your materials, conducted by Security Protective Officers, is designed to preclude the inadvertent removal of classified material. It is limited to any articles that you are carrying out of the facility and may include letters, briefcases, newspapers, notebooks, magazines, gym bags, and other such items. Although this practice may involve some inconvenience, it is conducted in your best interest, as well as being a sound security practice. The inconvenience can be considerably reduced if you keep to a minimum the number of personal articles that you remove from the Agency.
Removal Of Material From NSA Spaces
The Agency maintains strict controls regarding the removal of material from its installations, particularly in the case of classified material.
Only under a very limited and official circumstances classified material be removed from Agency spaces. When deemed necessary, specific authorization is required to permit an individual to hand carry classified material out of an NSA building to another Secure Area. Depending on the material and circumstances involved, there are several ways to accomplish this.
A Courier Badge authorizes the wearer, for official purposes, to transport classified material, magnetic media, or Class II prohibited items between NSA facilities. These badges, which are strictly controlled, are made available by the Physical Security Division (M51) only to those offices which have specific requirements justifying their use.
An Annual Security Pass may be issued to individuals whose official duties require that they transport printed classified materials, information storage media, or Class II prohibited items to secure locations within the local area. Materials carried by an individual who displays this pass are subject to spot inspection by Security Protective Officers or other personnel from the Office of Security. It is not permissible to use an Annual Security Pass for personal convenience to circumvent inspection of your personal property by perimeter Security Protective Officers.
If you do not have access to a Courier Badge and you have not been issued an Annual Security Pass, you may obtain a One-Time Security Pass to remove classified materials/magnetic media or admit or remove prohibited items from an NSA installation. These passes may be obtained from designated personnel in your work element who have been given authority to issue them. The issuing official must also contact the Security Operations Center (SOC) to obtain approval for the admission or removal of a Class I prohibited item.
When there is an official need to remove government property which is not magnetic media, or a prohibited or classified item, a One-Time Property Pass is used. This type of pass (which is not a Security Pass) may be obtained from your element custodial property officer. A Property Pass is also to be used when an individual is removing personal property which might be reasonably be mistaken for unclassified Government property. This pass is surrendered to the Security Protective Officer at the post where the material is being removed. Use of this pass does not preclude inspection of the item at the perimeter control point by the Security Protective Officer or Security professionals to ensure that the pass is being used correctly.
External Protection Of Classified Information
On those occasions when an individual must personally transport classified material between locations outside of NSA facilities, the individual who is acting as the courier must ensure that the material receives adequate protection. Protective measures must include double wrapping and packaging of classified information, keeping the material under constant control, ensuring the presence of a second appropriately cleared person when necessary, and delivering the material to authorized persons only. If you are designated as a courier outside the local area, contact the Security Awareness Division (M56) for your courier briefing.
Even more basic than these procedures is the individual security responsibility to confine classified conversations to secure areas. Your home, car pool, and public places are not authorized areas to conduct classified discussions--even if everyone involved in he discussion possesses a proper clearance and "need-to-know." The possibility that a conversation could be overheard by unauthorized persons dictates the need to guard against classified discussions in non-secure areas.
Classified information acquired during the course of your career or assignment to NSA may not be mentioned directly, indirectly, or by suggestion in personal diaries, records, or memoirs.
Reporting Loss Or Disclosure Of Classified Information
The extraordinary sensitivity of the NSA mission requires the prompt reporting of any known, suspected, or possible unauthorized disclosure of classified information, or the discovery that classified information may be lost, or is not being afforded proper protection. Any information coming to your attention concerning the loss or unauthorized disclosure of classified information should be reported immediately to your supervisor, your Staff Security Officer, or the Security Operations Center (SOC).
Use Of Secure And Non-Secure Telephones
Two separate telephone systems have been installed in NSA facilities for use in the conduct of official Agency business: the secure telephone system (gray telephone) and the outside, non-secure telephone system (black telephone). All NSA personnel must ensure that use of either telephone system does not jeopardize the security of classified information.
The secure telephone system is authorized for discussion of classified information. Personnel receiving calls on the secure telephone may assume that the caller is authorized to use the system. However, you must ensure that the caller has a "need-to-know" the information you will be discussing.
The outside telephone system is only authorized for unclassified official Agency business calls. The discussion of classified information is not permitted on this system. Do not attempt to use "double-talk" in order to discuss classified information over the non-secure telephone system.
In order to guard against the inadvertent transmission of classified information over a non-secure telephone, and individual using the black telephone in an area where classified activities are being conducted must caution other personnel in the area that the non-secure telephone is in use. Likewise, you should avoid using the non-secure telephone in the vicinity of a secure telephone which is also in use.
HELPFUL INFORMATION
Security Resources
In the fulfillment of your security responsibilities, you should be aware that there are many resources available to assist you. If you have any questions or concerns regarding security at NSA or your individual security responsibilities, your supervisor should be consulted. Additionally, Staff Security Officers are appointed to the designated Agency elements to assist these organizations in carrying out their security responsibilities. There is a Staff Security Officer assigned to each organization; their phone numbers are listed at the back of this handbook. Staff Security Officers also provide guidance to and monitor the activities of Security Coordinators and Advisors (individuals who, in addition to their operational duties within their respective elements, assist element supervisors or managers in discharging security responsibilities).
Within the Office of Security, the Physical Security Division (M51) will offer you assistance in matters such as access control, security passes, clearance verification, combination locks, keys, identification badges, technical security, and the Security Protective Force. The Security Awareness Division (M56) provides security guidance and briefings regarding unofficial foreign travel, couriers, special access, TDY/PCS, and amateur radio activities. The Industrial and Field Security Division (M52) is available to provide security guidance concerning NSA contractor and field site matters.
The Security Operations Center (SOC) is operated by two Security Duty Officers (SDOs), 24 hours a day, 7 days a week. The SDO, representing the Office of Security, provides a complete range of security services to include direct communications with fire and rescue personnel for all Agency area facilities. The SDO is available to handle any physical or personnel problems that may arise, and if necessary, can direct your to the appropriate security office that can assist you. After normal business hours, weekends, and holidays, the SOC is the focal point for all security matters for all Agency personnel and facilities (to include Agency field sites and contractors). The SOC is located in Room 2A0120, OPS 2A building and the phone numbers are 688-6911(b), 963-3371(s).
However, keep in mind that you may contact any individual or any division within the Office of Security directly. Do not hesitate to report any information which may affect the security of the Agency's mission, information, facilities or personnel.
Security-Related Services
In addition to Office of Security resources, there are a number of professional, security-related services available for assistance in answering your questions or providing the services which you require.
The Installations and Logistics Organization (L) maintains the system for the collection and destruction of classified waste, and is also responsible for the movement and scheduling of material via NSA couriers and the Defense Courier Service (DCS). Additionally, L monitors the proper addressing, marking, and packaging of classified material being transmitted outside of NSA; maintains records pertaining to receipt and transmission of controlled mail; and issues property passes for the removal of unclassified property.
The NSA Office of Medical Services (M7) has a staff of physicians, clinical psychologists and an alcoholism counselor. All are well trained to help individuals help themselves in dealing with their problems. Counseling services, with referrals to private mental health professionals when appropriate, are all available to NSA personnel. Appointments can be obtained by contacting M7 directly. When an individual refers himself/herself, the information discussed in the counseling sessions is regarded as privileged medical information and is retained exclusively in M7 unless it pertains to the national security.
Counselling interviews are conducted by the Office of Civilian Personnel (M3) with any civilian employee regarding both on and off-the-job problems. M3 is also available to assist all personnel with the personal problems seriously affecting themselves or members of their families. In cases of serious physical or emotional illness, injury, hospitalization, or other personal emergencies, M3 informs concerned Agency elements and maintains liaison with family members in order to provide possible assistance. Similar counselling services are available to military assignees through Military Personnel (M2).
GUIDE TO SECURITY
M51 PHYSICAL SECURITY 963-6651s/688-8293b (FMHQ) 968-8101s/859-6411b (FANX)
CONFIRM and badges Prohibited Items (963-6611s/688-7411b) Locks, keys, safes and alarms SOC (963-3371s/688-6911b) Security/vehicle passes NSA facility protection and compliance Visitor Control Inspections Red/blue seal areas New Construction Pass Clearances (963-4780s/688-6759b)
M52 INDUSTRIAL AND FIELD SECURITY 982-7918s/859-6255b
Security at contractor field site facilities Verification of classified mailing addresses for contractor facilities
M53 INVESTIGATIONS 982-7914s/859-6464b
Personnel Interview Program (PIP) Reinvestigations Military Interview Program (MIP) Special investigations
M54 COUNTERINTELLIGENCE 982-7832s/859-6424b
Security counterintelligence analysis Security compromises
M55 CLEARANCES 982-7900s/859-4747b
Privacy Act Officer (For review of security files) Continued SCI access Contractor/applicant processing Military access
M56 SECURITY AWARENESS 963-3273s/688-6535b
Security indoctrinations/debriefings Embassy visits Associations with foreign nationals Briefings (foreign travel, Security Week ham radio, courier, Security posters, brochures, etc. LIC, PCS, TDY, special access, etc.) Foreign travel approval Military contractor orientation Special Access Office (963-5466s/688-6353b)
M57 POLYGRAPH 982-7844s/859-6363b
Polygraph interviews
M509 MANAGEMENT AND POLICY STAFF 982-7885s/859-6350b
STAFF SECURITY OFFICERS (SSOs)
Element Room Secure/Non-Secure A 2A0852B 963-4650/688-7044 B 3W099 963-4559/688-7141 D/Q/J/N/U 2B8066G 963-4496/688-6614 E/M D3B17 968-8050/859-6669 G 9A195 963-5033/688-7902 K 2B5136 963-1978/688-5052 L SAB4 977-7230/688-6194 P 2W091 963-5302/688-7303 R B6B710 968-4073/859-4736 S/V/Y/C/X C2A55 972-2144/688-7549 T 2B5040 963-4543/688-7364 W 1C181 963-5970/688-7061
GUIDE TO SECURITY-RELATED SERVICES
Agency Anonymity 968-8251/859-4381 Alcohol Rehabilitation Program 963-5420/688-7312 Cipher Lock Repair 963-1221/688-7119 Courier Schedules (local) 977-7197/688-7403 Defense Courier Service 977-7117/688-7826 Disposal of Classified Waste - Paper only 972-2150/688-6593 - Plastics, Metal, Film, etc 963-4103/688-7062 Locksmith 963-3585/688-7233 Mail Dissemination and Packaging 977-7117/688-7826 Medical Center (Fort Meade) 963-5429/688-7263 (FANX) 968-8960/859-6667 (Airport Square) 982-7800/859-6155 NSA/CSS Information Policy Division 963-5825/688-6527 Personnel Assistance - Civilian 982-7835/859-6577 - Air Force 963-3239/688-7980 - Army 963-3739/688-6393 - Navy 963-3439/688-7325 Property Passes (unclassified material) 977-7263/688-7800 Psychological Services 963-5429/688-7311
FREQUENTLY USED ACRONYMS/DESIGNATORS
ARFCOS Armed Forces Courier Service (now known as DCS) AWOL Absent Without Leave CAO Classification Advisory Officer COB Close of Business CWF Civilian Welfare Fund DCS Defense Courier Service (formerly known as ARFCOS) DoD Department of Defense EOD Enter on Duty FOUO For Official Use Only M2 Office of Military Personnel M3 Office of Civilian Personnel M5 Office of Security M7 Office of Medical Services NCS National Cryptologic School PCS Permanent Change of Station PIN Personal Identification Number Q43 Information Policy Division SDO Security Duty Officer SOC Security Operations Center SPO Security Protective Officer SSO Staff Security Officer TDY Temporary Duty UFT Unofficial Foreign Travel
A FINAL NOTE
The information you have just read is designed to serve as a guide to assist you in the conduct of your security responsibilities. However, it by no means describes the extent of your obligation to protect information vital to the defense of our nation. Your knowledge of specific security regulations is part of a continuing process of education and experience. This handbook is designed to provide the foundation of this knowledge and serve as a guide to the development of an attitude of security awareness.
In the final analysis, security is an individual responsibility. As a participant in the activities of the National Security Agency organization, you are urged to be always mindful of the importance of the work being accomplished by NSA and of the unique sensitivity of the Agency's operations.
-- Grady Ward | | 'finger' me for information and live +1 707 826 7715 | | samples of Moby lexicons: Moby Words, (voice/24hr FAX) | 15E2ADD3D1C6F3FC | Hyphenator, Part-of-Speech, Pronunciator, grady@netcom.com | 58ACF73D4F011E2F | Thesaurus and Language; all royalty free.

Tuesday, February 16, 2016

Russian Hackers Illegally Manipulated $400 Million Of Dollar/Ruble Trades In February 2015

A new report by cybersecurity company Group IB reveals a massive successful cyberattack on Russian trading systems in February 2015. According to the report, the cybercriminals used a Trojan virus to gain access to trading systems and perform $400 million of unauthorized trades.
The criminals focused on making dollar/ruble forex trades on behalf of a bank. The attack reportedly lasted just 14 minutes but cause a huge spike in volatility.
“The hacker attack provoked abnormal volatility which lasted 6 minutes and enabled buying dollars for 590660 rubles per dollar and in 51 seconds selling dollars for 623490 rubles per dollar,” Group IB explains. With this small of a trade, the firm speculates that the hackers likely had coconspirators and access to “a huge amount of money.”
“To conduct the attack criminals used the Corkow malware, also known as Metel, containing specific modules designed to conduct thefts from trading systems, such as QUIK operated by ARQA Technologies and TRANSAQ from ZAO ‘Screen market systems’,” the report reads. Group IB believes this attack could have been a test in anticipation of much larger or more prolonged attacks in the future.
Group IB says that the Corkow Trojan was also used in an August 2015 attack on about 250 banks.
Cybersecurity stocks have been hammered so far in 2016, with shares of Cyberark Software Ltd CYBR 5.16%FireEye Inc FEYE 10.08% and the PureFunds ISE Cyber Security ETF HACK 3.14% down more than 25 percent year-to-date.

Read more: http://www.benzinga.com/analyst-ratings/analyst-color/16/02/6248774/russian-hackers-illegally-manipulated-400-million-of-dol#ixzz40NkKb9XZ

The Fed’s interest payments to banks

Editor's note: This post was coauthored with Don Kohn
At Janet Yellen’s recent hearing before the House Financial Services Committee, a few representatives expressed concern that the Federal Reserve is making interest payments to banks. Specifically, the Fed uses authority granted by Congress in 2008 to pay interest on the reserves that banks hold with it. Total payments to banks last year were about $7 billion. Why is the Fed paying such sums to banks? Are they “giveaways” to the financial sector, as some have implied? We’ll argue in this post that the interest payments the Fed is making are well-justified. In particular, they are essential to prudent monetary policy in current circumstances and do not unduly subsidize banks.

Why is the Fed paying interest on bank reserves?

Reserves are deposits banks have at the Federal Reserve; some are required by law to be held against checking deposits, but banks also hold reserves at the Fed in excess of requirements. Importantly, the amount of Fed deposits held by the banking system as a whole is determined by Federal Reserve open market operations, not by the banks themselves.
Before the Fed paid interest on reserves, banks engaged in wasteful and inefficient efforts to avoid holding non-interest-bearing reserves instead of interest-bearing assets, such as loans. For example, many banks set up mechanisms for moving funds at the end of the business day from accounts which bore higher reserve requirements to accounts which had lower or no reserve requirements. By paying interest on reserves, the Fed made such efforts unnecessary.
More importantly, in recent years the Fed’s ability to pay interest on reserves has become essential to the smooth implementation of monetary policy. The Fed influences the economy by raising and lowering its target for the federal funds rate, the interest rate at which banks lend reserves to each other overnight. Changes in the federal funds rate in turn influence other interest rates and asset prices. In the past, the Fed achieved the desired level of the federal funds rate through market operations that affected the amount of bank reserves in the system. By making bank reserves more scarce, the Fed pushed up the price of reserves—the federal funds rate. By making reserves more plentiful, it pushed down the funds rate.
However, as a consequence of the large-scale asset purchases that the Fed undertook between 2008 and 2014 to help support the US recovery—purchases that were financed by the creation of bank reserves—the quantity of reserves in the system is now very large. Because banks are essentially satiated with reserves, modest changes in the supply of reserves will no longer have much influence on the federal funds rate. Rather than varying the supply of reserves, the Fed now manages the federal funds rate by changing the rate of interest it pays on reserves (as well as the interest rate it offers in so-called reverse repo transactions with money market funds and other private-sector institutions). These changes influence the federal funds rate and other short-term funding rates, and thus financial conditions more generally. As part of its decision to increase rates in December, the Fed increased the interest rate paid on reserves from one-quarter to one-half percent; short-term interest rates in financial markets rose in parallel as expected.
This basic approach, moving the interest rate paid on bank reserves to influence short-term market rates, is used by the European Central Bank, the Bank of England, the Bank of Japan, and many other central banks. In current circumstances, without the ability to pay interest to banks and other private counterparties, the Fed would likely have to implement any tightening of monetary policy by rapidly selling assets it holds. This would have difficult-to-predict effects and would likely prove highly disruptive to financial markets, to say the least.

Where does the money come from to pay the interest on reserves?

To answer this question, keep in mind both sides of the Fed’s balance sheet. The reserves in the banking system (which are liabilities of the Fed) were created when the Fed made large-scale purchases of interest-bearing securities (the corresponding Fed assets). The interest received by the Fed has thus far been much greater than the interest it has paid out. The difference between interest received by the Fed and the interest paid to banks—over $550 billion since 2009—is turned over to the US Treasury.

Does paying interest on reserves prevent banks from lending?

This claim, made even by some good economists, is puzzling. Before December, the Fed paid banks one-quarter of one percent on their reserves. If the Fed had not paid interest, the return to reserves would have been zero. Accordingly, the only potential loans that would have been affected by the Fed’s payment of interest are those with risk-adjusted short-term returns between precisely zero and one-quarter percent—surely a tiny fraction of the total. In fact, over the last four years bank lending has increased at about a 5 percent annual pace(including around a 7 percent annual rate the past two years), with only residential mortgage lending lagging in the aftermath of the housing bust.

Does paying interest on reserves subsidize banks?

Reserves are an asset on banks’ balance sheets, and, like any bank asset, they must be funded by corresponding liabilities. The federal funds rate, which is what banks pay to borrow from other banks, is one reasonable measure of the marginal cost of funds to banks. Since the Fed’s action to raise rates in December, the funds rate has generally fluctuated around 37 basis points (a basis point is .01 percentage points). Consequently, we can safely say that the subsidy to banks implicit in the Fed’s interest payments can be no greater than the difference between the 50 basis points (one-half percentage point) the Fed now pays on reserves and the 37 basis points or so that banks must pay to finance their reserve holdings—that is, about 13 basis points (13/100 of one percent).
From an economic point of view, however, even 13 basis points is probably an overstatement of any subsidy. Here’s why: If the full marginal cost to banks of adding reserves was simply the funding cost, then a bank could borrow in the market at the fed funds rate, deposit that money at the Fed, and earn the higher rate of interest on reserves while taking no risk. In principle, this activity should lead the market-determined federal funds rate to be very close to the interest rate paid on reserves—indeed, that’s what many at the Fed expected to happen when Congress authorized payments of interest. The fact that there is a persistent differential between banks’ funding costs and the interest rate they receive on reserves suggests that there may be additional costs to banks of holding reserves, above the explicit marginal cost of funding.
It is not difficult to identify such costs. For example, banks are required to hold capital against even very safe assets, including reserves at the Fed, because of the so-called leverage ratio. Because equity capital is relatively more expensive for banks, these requirements increase the effective marginal cost of funding reserves. Similarly, the premiums charged banks by the Federal Deposit Insurance Corporation for insuring deposits are tied to the level of bank assets, including reserves; the extra premiums are another cost of increased reserve holdings. In short, the absence of bank efforts to obtain additional reserves at current interest rates suggests that much of the difference between the interest rate banks receive on reserves and their explicit marginal cost of funds is eaten up by other costs tied to holding reserves.

Doesn’t the Fed’s writing checks to bank create a perception problem?

Yes, unfortunately. Although the payment of interest on reserves provides no meaningful subsidy, the Fed does face an appearance problem from the fact that it is writing checks to banks. This problem will likely get worse if the Fed raises short-term interest rates further, because that would require raising the interest rate it pays on bank reserves as well. Of course, misplaced criticism is no reason not to do the right thing with monetary policy. But the Fed will need to make good economic arguments to explain why paying interest to banks is necessary.
A couple of factors may reduce the appearance problem over time. First, the Fed has already announced that, at some point, it will stop reinvesting the proceeds from maturing securities, thereby allowing its balance sheet to shrink to something approximating its pre-crisis size. As the balance sheet shrinks, so will the quantity of outstanding bank reserves. The Fed could therefore emphasize that it expects that the need to make substantial interest payments to banks is temporary, and that those payments will shrink as the balance sheet normalizes and the Fed returns to its more traditional approaches to managing interest rates. Moreover, at that point, the interest rate on reserves is likely to be at or below market interest rates and thus at best a wash for banks.
Second, the Fed is currently targeting a 25-basis-point range for the federal funds rate, with the interest rate on reserves at the top end of that range. With experience, the Fed should be able to shrink its target range, with the effect that the federal funds rate will draw even closer to the interest rate paid on reserves. It should then be easier to explain why banks are not receiving a subsidy from the Fed, as it will be evident that they are earning about the same on their reserves as they could receive in the open market.  Of course, while its communications challenges are real, the Fed’s first priority must always be to put in place the right monetary policy for our economy.

Saturday, February 13, 2016

Tech and Banking Giants Ditch Bitcoin for Their Own Blockchain

SEVERAL MAJOR COMPANIES from across both the technology and financial industries—including IBM, Intel, and Cisco as well as the London Stock Exchange Group and big-name banks JP Morgan, Wells Fargo, and State Street—have joined forces to create an alternative to the blockchain, the global online ledger that underpins the bitcoin digital currency.
Overseen by the not-for-profit Linux Foundation, this open source project aims to build blockchain-like technology that can bring a new level of automation and transparency to a wide range of services in the business world, including stock exchanges and other financial markets.

Dubbed the Open Ledger Project, this effort is a re-imagining of several big ideas. The blockchain is essentiallya database that runs across a worldwide network of independent machines—a database that’s controlled by no single entity but can still reliably track the exchange of assets, thanks to some nifty mathematics. With bitcoin, the blockchain tracks the exchange of money. But it can also track the exchange of anything else that carries value—including stocks, bonds, and other financial securities, as well as assets like houses and car titles. And in recent months, several projects have seized on many of these possibilities.“The current blockchain is a great design pattern,” says Jerry Cuomo, vice president and chief technology officer of IBM’s software group. “Now, how do we make that real for business? What are the key attributes needed to make that happen? That’s what this organization is about.”
Nasdaq OMX—the company behind the Nasdaq stock exchange—is using the blockchain to oversee the exchange of private stock, while online retailer Overstock—through a subsidiary called TØ—has built a system that will allow businesses to issue and even borrow securities via the blockchain. Just last week, the Securities and Exchange Commission approved Overstock’s blockchain stock plan.
IBM and a startup called Digital Asset Holdings, or DAH, led by former JP Morgan exec Blythe Masters, have been exploring similar technology, and both are now part of the rather large group that has agreed to participate in the Open Ledger Project. Other participants include tech companies Fujitsu and VMware; Japanese financial outfit Mitsubishi UFJ Financial Group; and SWIFT, a company that builds technology for securely driving financial applications. IBM apparently led the creation of this group effort. Earlier in the year, the tech giant said it would open source the code for its bitcoin project, and this code will provide part of the foundation for the Open Ledger Project.

Their Own Blockchain

The promise of blockchain technology is that it can provide a more secure, more reliable, more transparent, and more automatic way of exchanging money, securities, and other assets. It lets you trade assets as easily as you trade emails today—and you can trade them without putting your trust in any one person or organization. This could eliminate many of the slower technologies and expensive middlemen that clog up today’s markets, says Marley Gray, who oversees blockchain work at Microsoft. People like Gray and Overstock CEO Patrick Byrne believe the blockchain can also close loopholes in the market that allow traders to game the current system on Wall Street. All this could potentially apply to the Open Ledger Project. Cuomo says its technology could streamline the exchange of car titles, track supply chains, and oversee vast amounts of data from environmental censors.

Indeed, some companies involved in the project may feel threatened by existing efforts to reinvent the financial markets with the blockchain. State Street bank, for instance, stands to lose if companies start using Overstock’s technology to borrow stock. In the US, the stock loan business is a $954 billion market; State Street, known as an agent lender, is a big part of that. Its future depends on getting ahead of the game.It’s notable, however, that IBM and its cohorts ar creating a new distributed ledger—rather than embracing the blockchain itself. In backing a new project, they can exert more control over how it’s built and how it is used. Like the Open Ledger Project, the bitcoin blockchain is open source, meaning the code is freely available to the world at large and anyone can potentially contribute to the project. But in creating a new open source effort, giants like IBM can put themselves at the center of things. Open source is about giving stuff away. But there’s sometimes a self-interest driving the magnanimity. One open source project can battle another or refine its ideas or take those ideas in new directions.

Keeping the Blockchain Open

All that said, IBM and its collaborators are not building a proprietary blockchain. And no one company is trying to run the project. A large group of companies has set up the project at the Linux Foundation, which has long overseen the Linux open source operating system. The foundation is widely respected in the tech world as an organization that knows how to run truly open projects—projects where many participants have a say.
At this point, only IBM and DAH have vowed to contribute existing code (DAH has also contributed the name “Hyperledger,” which could be used to brand the effort in the future). But Jim Zemlin, who heads the Linux Foundation, reiterates that this project is fundamentally designed for widespread collaboration. “We have a lot of confidence in this process,” he says.
IBM’s Cuomo says there’s plenty of room to use this code to create something that is like the blockchain but separate. “We are very excited about blockchain, less as a once-and-only-once implementation of an idea, but as an idea that can be implemented and extended in ways that are consistent but enhanced,” he says. It’s unclear how, specifically, these companies hope to enhance the idea. But Cuomo believes that the project may also end up dovetailing with other distributed ledgers.
“Like with the web, there is no one thing to rule them all,” he says. “There is no one blockchain to rule them all. There will be multiple implementations of the blockchain. And it will be a sin if they don’t interoperate and work together.”

More Than One Party

It’s important not only that the Open Ledger Project is open source, but also that this group aims to create a ledger that’s distributed—a ledger that spans machines controlled not by one organization but many organizations. For Microsoft’s Gray, this is what makes the blockchain so powerful, and why it could be so useful in the world of financial trading. “A blockchain is basically worthless within a single work organization. There is no reason to have this trustless environment within your own corporation,” Gray says. “You have to have parties that are not yourself.”
Certainly, IBM isn’t the first to take this kind of approach. Others, including Ripple, have created alternative blockchains in the past as a way of taking the idea in new directions. Many believe that multiple blockchains can actually enhance the distributed nature of the idea. Though these projects are separate, Ripple is already leading an effort to create a central protocol that would allow for communication between multiple ledgers.
In a way, the Open Ledger Project competes with the existing blockchain—and existing blockchain-based technologies like the system built by Patrick Byrne and Overstock. But in other ways, it doesn’t. Judging from what IBM and others have said about the project, Byrne applauds its arrival. He’s been worried that the big Wall Street banks would “circle the wagons,” creating tech that locks everyone else out. But because IBM’s new project is open source—because anyone can use it and contribute to it—he’s pleased. He believes in more than a single technology. He believes in a big idea. “I’m not wed to bitcoin’s blockchain,” he says. “I’m blockchain agnostic.”

Thursday, February 11, 2016

Sweden Slides Further Into NIRP, Cuts Rates To -0.50%

Ever since the BoJ took the plunge into NIRP late last month analysts and commentators alike have begun to express a high degree of skepticism about the wisdom of adopting negative interest rates.
Once seen as a kind of peculiar policy experiment confined to Switzerland, Denmark, and Sweden, NIRP has escaped the lab so to speak and now that Kuroda is negative and Draghi is contemplating another depo rate cut in March, people are starting to realize that the entire developed world might be about to go Keynesian crazy. Even the US.
Indeed it was just yesterday that we brought you the latest from JP Morgan, where analysts made the following rather shocking predictions about how low rates could go under tiered implementation system:
As we’ve explained on a number of occasions, this is becoming a never-ending race to the bottom. It’s an all-out currency war and when one central bank eases, so too must the others or risk seeing their inflation targets jeopardized. That’s especially true for Sweden where governor Stefan Ingves is concerned about what the Riksbank sees as excessive krona strength and still sluggish inflation.
On Thursday, in an effort to get out ahead of the ECB, the Riksbank cut again, taking the repo rates by 15bps to -0.50% in a move that Nordea calls “a bit more than expected.” QE will continue as planned and the Riksbank “will reinvest maturities and coupons from the government bond portfolio until further notice.”
“Uncertainty regarding global developments is still high, with low inflation and several central banks pursuing more expansionary monetary policy,” the bank continued. “Swedish monetary policy must relate to this. Otherwise the krona exchange rate is at risk of strengthening at a faster rate than in the forecast, which would make it harder to push up inflation and stabilize it around 2 percent.” Here was the move in the krona:
The bank also reiterated that it's prepared to intervene directly in the FX market to curb krona strength if necessary and contended that there's still more room to cut rates further. "So far, at least in this economy, these things have worked actually pretty much the way one would expect," Ingves said, addressing the effect deeply negative rates have on Swedish banks. “When it comes to Swedish banks, their profit level is very, very good so at this level that’s not an issue."
Analysts are divided on how things play out from here. Here's some commentary (via Bloomberg):
From Standard Bank: 
  • After Riksbank cut its key rate to -0.5%, European central banks’ dive into deeper rates will continue, Steven Barrow, analyst at Standard Bank, says in e-mailed comments.
  • Riksbankoutcome is a bit more dovish than market expected and so weighs on SEK and yields
  • This is of significance because European banks are acting as a guide to how negative rates can go
  • Should the likes ofRiksbankand SNB lower rates further, that could offer more clues as to where the real lower bound is on rates
From Nordea:
  • Interpret the comment on the operational framework as a potential move toward a tiered-rates system in Sweden, as seen in Denmark, Switzerland and Japan, Martin Enlund, analyst at Nordea writes in e-mailed comment.
  • Says comment is very dovish and could wreak havoc with Swedish money-market rates
  • ECB likely to decide how much the Riksbank will do in the rates space, and some market participants are now looking for ECB to cut 20bps in March and another 20bps in June; would almost surely pushRiksbankinto a tiered-rates system later this year
  • Overall dovish surprise; Nordea would be a bit hesitant in buying SEK until dust settles, which could take a day; the normal pattern is that EUR/SEK drops 1% in the 2 wks after a softRiksbankdecision
From Danske:
  • Swedish central bank will probably have to ease monetary policy further as inflation forecasts are still too optimistic, says Michael Grahn, an analyst at Danske Bank.
  • PredictsRiksbankwill expand government bond purchases beyond June; doesn’t exclude more repo rate cuts
From Swedbank: 
  • Riksbank’s decision to cut its repo rate to -0.50% was expected but there’s now increased disagreement among board members, Anna Breman, chief economist at Swedbank AB, says by phone.
  • “Interesting” that two board members entered reservations against the rate cut and Floden against extension of FX intervention delegation mandate
  • Repo rate path indicates possible further rate cuts
  • Says that Riksbank further move into negative will lead to “big discussion”on mon. policy and the inflation target, as negative rates will remain below zero for a long period
From SEB:
  • SEB sees 40% likelihood that Riksbank will ease monetary policy further, mainly due to downside risks in world economy, says Olle Holmgren, an SEB analyst.
  • Riksbankinflation forecasts are still too optimistic
  • Further rate cut, expanded QE most likely stimulus tools
  • Still, reservations against today’s cut by two of six board members may suggest repo rate is starting to near bottom
  • FX interventions remain an option if SEK strengthens to 9-9.10 against EUR; uncertainties about scope ofRiksbank’s intervention mandate decreases likelihood of intervention
Your move Draghi.

Kyle Bass Steps Up Attack on China’s Currency

Investor Kyle Bass said Wednesday that China’s liquid foreign reserves are “already below a critical level,” intensifying a debate over China’s ability to keep its currency from falling.
Mr. Bass, whose Hayman Capital Management LP has a multibillion-dollar bet that the yuan and Hong Kong dollar will fall, told clients in a letter that his firm estimates that China’s liquid foreign reserves are $2.2 trillion at most. That compares with the $3.23 trillion reported by the People’s Bank of China, the central bank, for the end of January.
The comments from the Dallas hedge-fund manager highlight mounting investor unease about the degree to which the official Chinese number reflects reserves the nation can quickly use to prop up the value of its currency.
Market sentiment about China has turned sharply negative in recent months amid a torrent of capital outflows from the world’s most populous nation. Investors fear that development presages a sharp devaluation of the yuan that could threaten to intensify the currency wars encircling the globe and send a wave of deflation that would further enfeeble economic growth. China devalued the yuan in August, but officials have said they would like to maintain it at a stable level.
China hasn’t fully disclosed the composition of its foreign reserves, making it a contentious point between bulls and bears. Official data showed that China’s foreign reserves had dropped 19% from its peak in mid-2014. But questions have been raised as to what comprises the reserves and how quickly China can liquidate the assets, if needed, to meet the demand for foreign currencies.
“The view that China has years of reserves to burn through is misinformed,” Mr. Bass wrote. “China’s back is completely up against the wall today, which is one of the primary reasons why the government is hypersensitive to any comments regarding its reserve levels or a hard landing.”Mr. Bass said in his letter that some of China’s reserves already are tied up in institutions such as policy banks and one of its sovereign-wealth funds.
Last month, a spokeswoman of the State Administration of Foreign Exchange said China has ample foreign-exchange reserves as measured by the absolute amount and against other adequacy ratios such as imports and external debt.
“It’s a robust foundation for the country to withstand any external shocks,” said Wang Chunying, the spokeswoman.
China’s reserve holdings include U.S. securities—government bonds, agency debt and stocks—that totaled $1.76 trillion as of last October. China also held about $100 billion in bonds in Japan and $60 billion in German securities, according to Goldman Sachs GroupInc.
Beyond that it isn’t clear whether China’s total includes capital injected into China’s policy banks, foreign-currency loans to other countries and its commitments for multilateral initiatives, such as the Asian Infrastructure Investment Bank.
It also isn’t known whether China’s sovereign-wealth fund, China Investment Corp., is counted. In 2007, China’s Finance Ministry issued 1.55 trillion yuan in specialty treasury bonds and used the proceeds to purchase $200 billion in foreign-exchange reserves, which was injected into CIC. Though the initial capital infusion came from a reduction in the reported reserves at the time, it is unclear whether any of the subsequent injections were taken from the same source. Total assets at CIC were at $652.7 billion as of 2014, according to the company.
The letter from Mr. Bass marks the latest effort by hedge funds and other investors to raise doubts about the underlying health of the Chinese economy, which has slowed sharply in recent years amid a global commodity bust, and whether officials in China will be able to avoid devaluing their currency, the yuan.
The 11-page letter, Mr. Bass’s first to his investors in more than two years, contains some of his most-detailed comments yet on the thinking behind his fund’s China short. Hayman, starting last year, sold off the bulk of its investments in stocks, commodities and bonds to focus on shorting Asian currencies in the biggest concentrated wager it has made since its profitable bet years ago against the U.S. housing market, The Wall Street Journal reported last month.
Hayman began repositioning its portfolio after studying China’s banking system and being stunned at its rapid expansion of debt. The firm’s analysis suggested that past-due loans would rise sharply and eventually require a huge injection by the central government to recapitalize the banks.
In the letter, Mr. Bass wrote that the assets in China’s banking system are equivalent to 340% of the country’s gross domestic product and that the PBOC would need to print more than $10 trillion worth of yuan to recapitalize its banks. The magnitude of losses by China’s banking system “could exceed 400% of the U.S. banking losses incurred during the subprime crisis,” he wrote.
China has several levers to pull, including cutting interest rates to zero and using reserves to recapitalize its banks, the letter said, but “ultimately a large devaluation will be a centerpiece of the response.”
Other investors say they are more focused on the speed of reserve drainage. “The number we’d look at is more the pace than the absolute level. If we have many more months of $100 billion-plus outflows, that starts to become worrying,” said Maziar Minovi, a managing director at Goldman Sachs.