The great carbon credit heist -- Will E-Thievery bring down cap-and-trade?


Last month, an Eastern European criminal band pulled off a roughly $60 million heist with no masks and no guns. How'd they do it? Well, the bandits were hackers, and the goods they stole -- carbon credits -- only exist electronically. The culprits penetrated registries in five European Union countries, prompting the European Commission to suspend spot trading at all 30 of the region's national registries until it could track down the missing credits. Spot trading resumed at several registries earlier this month, but some of the largest exchanges remain inactive and volumes are thin. While the feat highlights the kinks in the relatively new carbon market, as well as the growing importance of cyber security as more and more of the (especially clean) energy landscape goes digital, it won't slow the EU's cap-and-trade program.

The market for E.U. Emissions Trading System (ETS) credits has steadily grown in value from its inception in 2005, reaching $118.5 billion in 2009. The ETS is now the world's largest compliance emissions trading program. That expansion and the scheme's weak IT standards likely made it an attractive target for the engineers of this latest attack, who reportedly sold the credits they'd snatched. The January theft follows a scandal last March, in which used credits were re-traded, prompting a temporary halt to spot trades on two exchanges. As the European Union continues to pursue a low-carbon future, establishing more stringent IT security measures will be essential. Smart grids, crucial for the use of renewable energy and electric vehicles, are also vulnerable to hackers.

Part of the challenge for the ETS is the nature of carbon credits themselves. Unlike markets for traditional commodities such as wheat and oil, markets for pollution allowances aren't based on hard assets. The credits are essentially a measure of avoided emissions -- established by government decree and identified by a numerical code -- so settling a trade doesn't involve the delivery of a physical product. Cap-and-trade naysayers in the US have used terms like "subprime carbon" to highlight the risk that these allowances could create a vast new commodities bubble. And tracking down stolen credits can certainly be trickier than locating lost barrels of oil.

But is the ETS in danger of losing political and public backing? Not at all. The actual disruption to trading was limited, as the spot trade only accounts for about a fifth of the total market. And the European Union remains committed to its program, so regulatory responses will be restricted primarily to cyber security. In particular, the European Commission is pushing for a centralized clearinghouse for emissions allowances rather than the current system of national registries run by individual member states. (As with all harmonization in the European Union, though, the process will be slow moving and could be held up over opposition from even one member state.)

The potentially bigger ripple effect could be felt in the United States. While the last nail has effectively been hammered into the U.S. cap-and-trade coffin, if and when the debate resurfaces, the theft could provide additional ammunition to skeptics.

Divya Reddy is an analyst in Eurasia Group's Global Energy and Natural Resources practice.