CCPs, handling default, and cyber risk

Lehman’s ghost: how three CCPs anchor models to crash

The Lehman crash still haunts the margin models of LCH, CME and Eurex, albeit in different ways

Spotlight on auction in €114m Nasdaq clearing blow-up

Four-member auction may have turned 39% margin breach into huge default fund loss

Cyber security begins a shift to the risk department

Normally the province of IT, cyber defence is increasingly seen as a critical part of operational risk

COMMENTARY: A world without rules and controls, without borders or boundaries

This week has brought news that major banks are still far from reaching a consensus on how cyber risk needs to be handled. Some, such as Goldman Sachs, are putting it high up the agenda of their op risk department, while others feel it should sit within the domain of the IT or technology department. All, however, still warn that modelling cyber risk is a highly uncertain task – the field is evolving rapidly, and still lacks widely accepted definitions, key risk indicators and modelling methodologies.

In many ways, the situation hasn’t improved since last year, when delegates at OpRisk conferences in London and New York admitted they were deeply worried by cyber risk and fundamentally unsure how to assess the threat. In another important way, the situation has got worse. It is now clear that the Bangladesh Bank theft in 2016, which saw hackers (still not apprehended) lift $81 million using faked Swift messages, was not a one-off; in fact, there have been at least eight such attacks in the past three years. The attacks exploit poor security at a small bank, often in a developing-world nation where cyber security awareness is low, to gain access to the Swift system, and send forged payment instructions to steal millions of dollars.

We should expect these attacks – and cyber attacks more generally – to continue; Swift’s own anti-fraud precautions have so far not proved any more effective than the member banks’ attempts to keep their credentials safe, and a wholesale overhaul of the network structure seems unlikely at least in the short term. Evidence of North Korean state involvement in the Bangladesh Bank theft, meanwhile, is an example of another equally worrying trend: the use of cyber attacks as a semi-covert tool of national policy.

North Korea is not the only state to act this way. A series of attacks on targets in Ukraine and beyond have been linked to state-sponsored hackers in Russia, including the 2017 NotPetya attack, which caused billions of dollars of disruption worldwide. Many of these attacks target the infrastructure that underpins the entire financial system. This should be a cause for acute concern at banks all round the world – in our networked world, none are more than a step away from the next compromised Swift ID.

STAT OF THE WEEK

JP Morgan cut its operational risk-weighted assets (RWAs) in the second quarter of this year, for the first time since banks started reporting the measure in 2014. The US lender shed $12.5 billion worth of operational RWAs, or 3.1%, from $400 billion, bringing its Pillar 1 total to $387.5 billion.

QUOTE OF THE WEEK

“In an environment like this where you have attempts by certain politicians to hamper free trade, you have an impact on the trade itself. Then if you have a slowdown of trade you have less requirement of the financing to service trade, such as letters of credit, and this is for anything from goods to raw materials” – Georgi Slavov, Marex Spectron