Articles by Tom Osborn
US cyber cops: report hacks without fear of sanction
Risk Live: Cyber incident reports won’t automatically be referred to regulators, investigators say
Banks must loosen up on ChatGPT use – risk chiefs
Risk Live: ’Shadow use’ and inability to attract new hires mean restricting access to GPTs is untenable
On geopolitical risk, G-Sibs choose their battles
Conflicts – both existing and threatened – raise concern among banks, but many are still grappling to weave the risk into their frameworks
For G-Sibs managing cyber outages, confidence makes the difference
IT disruption drops among top G-Sib concerns this year, as banks revamp models and retool risk indicators
Information security: mind the first-line gap
G-Sibs’ second-line cyber teams still growing, survey shows; others are overhauling KRIs and switching vendors
Cyber insurance costs still rising, say big banks
Op Risk Benchmarking: Cost of covering same exposure as last year now “somewhat” or “significantly” higher
Top 10 op risks: AI fears drive cyber risk to record high
External fraud re-enters top 10; change management now a top five concern
Iosco gears up for ‘intensive work’ on AI regulation
Watchdogs risk ‘falling behind the curve’, secretary-general warns; FSB also working on guidance
On cyber, FMIs seek to avoid being weapons of mass disruption
Controls focus on basic cyber hygiene, but communicating the risk remains a challenge
FMIs look to resilience planning to keep the lights on
Wary of customer and supervisory scrutiny, bourses are pouring resources into scenario planning and controls
Information security: too important to leave to the experts?
Holding a trove of sensitive data, FMIs seek greater safety through shared oversight and smarter reporting
Regulators pushing CCPs and exchanges on op risk
Op Risk Benchmarking: In latest batch of data, FMIs report growing scrutiny, plus watchdog asks for stress tests, monitoring and more
Execution & process errors: banks try to get beyond blunderdome
Mistakes mean more data for reporting, models and scenarios. But do banks learn from them?
On cyber risk, regionals have no appetite for disruption
Smaller lenders fear outages and other IT bungles, as do regulators. So, what are they doing about it?
Maximum insecurity: banks tool up to meet cyber threat
Lenders confront “existential” threat of data leaks with bigger teams and better controls
Op Risk Benchmarking, round II: helping lenders borrow
From KRIs to four-eye checks, how do op risk frameworks at regional and domestic banks stack up?
New threats, old foibles prompt banks to switch GRC vendors
Op Risk Benchmarking: more than half of participants are reviewing or switching systems
Bread-and-butter op risks at the top table
As G-Sibs are forced to do more, how can they avoid doing more wrong?
Sizing cyber: banks split on who owns and measures hack threats
G-Sibs split on risk modelling and management for IT disruption and infosec
Op Risk Benchmarking: Inside the G-Sibs
New initiative scrutinises op risk measurement and management practices at the world’s largest banks
Banks frequently breach appetite for top op risks
Op Risk Benchmarking: Five G-Sibs breached appetite in past year across four risk types, new research reveals
FCA may offer its market data to surveillance tech start-ups
Risk Live: Regulator concerned rapid AI adoption will favour incumbent vendors; aims to launch sandbox
Baruch topples Princeton in Risk.net’s quant master’s rankings
US schools cement top five dominance as graduate salaries soar
Fed preps new white paper on cyber incident reporting
New proposals due on data capture after Fed dumps bid to use DFAST submissions