Cyber risk
Cyber insurance costs expected to rise as loss ratios worsen
Recent ransomware and tech failure events could feed through into higher premiums this year
Top 10 op risks: Why cyber risk looms larger than its losses
Fast-moving threat landscape and increased supplier concentration keep infosec top of the table
Top 10 operational risks for 2025
The biggest op risks as chosen by senior practitioners – and what they’re doing about them
Top 10 op risks: cyber still top, but change management surges
AI-enhanced threats permeate this year’s top operational risks for financial firms, from infosec to geopolitics
Dora and cyber resilience: risk migration strategy and regulatory compliance
How Dora’s requirements influence organisations, the implications for cross-border compliance and best practices for strengthening cyber resilience
Op risk data: Crypto hack bites Bybit; fat-finger flurry at Citi
Also: OKX gets AML scold, UK motor finance fiasco revs up. Data by ORX News
Technology risk management: detection to protection
From simple risk detection to comprehensive protection by expanding your vision, capabilities and influence
BoE warns over risk of system-wide cyber attack
Senior policy official Carolyn Wilkins also expresses concern over global fragmentation of bank regulation
Strengthening technology resilience and risk controls against multidomain disruption
The consequences of multidomain disruption and best practice strategies to enhance digital resilience
Op risk data: Mastercard schooled in £200m class action
Also: Mitsubishi copper crunch, TD tops 2024 op risk loss table. Data by ORX News
SGX suffered five-hour op failure from CrowdStrike outage
First major service disruption at CCP’s Central Depository service in nine years
As supplier risk grows, banks check their third-party guest lists
Dora forces rethink of KRI and appetite frameworks amid reappraisal of what constitutes a key counterparty
Dora flood pitches banks against vendors
Firms ask vendors for late addendums sometimes unrelated to resiliency, requiring renegotiation
Public enemy number one: the threat to information security
Nearly half of domestic and regional banks report risk appetite breaches amid heightened sense of insecurity
CFTC weighs third-party risk rules for CCPs
Clearing houses could be required to formally identify and monitor critical vendors
Banks feel regulatory heat on op resilience
Op Risk Benchmarking: supervisors dial up reporting expectations and on-site inspections
Cyber risk can be modelled like credit risk, says Richmond Fed
US supervisors may begin to use historical datasets to assess risk at banks and system-wide
Cyber risk assessment model for information assets: a tailored approach for the financial and banking sector
The authors present a novel model risk assessment model designed specifically for cyber risks and information assets.
FSB promotes convergence on operational incident reporting
As global body proposes common reporting format, official says there may be an optimum time window
US cyber cops: report hacks without fear of sanction
Risk Live: Cyber incident reports won’t automatically be referred to regulators, investigators say
Rough patch: CrowdStrike sparks an auto-update debate
Automating software updates helps keep hackers at bay but can introduce op risk; banks balance the two