Cyber risk
BoE warns over risk of system-wide cyber attack
Senior policy official Carolyn Wilkins also expresses concern over global fragmentation of bank regulation
As supplier risk grows, banks check their third-party guest lists
Dora forces rethink of KRI and appetite frameworks amid reappraisal of what constitutes a key counterparty
Dora flood pitches banks against vendors
Firms ask vendors for late addendums sometimes unrelated to resiliency, requiring renegotiation
Public enemy number one: the threat to information security
Nearly half of domestic and regional banks report risk appetite breaches amid heightened sense of insecurity
CFTC weighs third-party risk rules for CCPs
Clearing houses could be required to formally identify and monitor critical vendors
Banks feel regulatory heat on op resilience
Op Risk Benchmarking: supervisors dial up reporting expectations and on-site inspections
Cyber risk can be modelled like credit risk, says Richmond Fed
US supervisors may begin to use historical datasets to assess risk at banks and system-wide
Cyber risk assessment model for information assets: a tailored approach for the financial and banking sector
The authors present a novel model risk assessment model designed specifically for cyber risks and information assets.
FSB promotes convergence on operational incident reporting
As global body proposes common reporting format, official says there may be an optimum time window
US cyber cops: report hacks without fear of sanction
Risk Live: Cyber incident reports won’t automatically be referred to regulators, investigators say
Rough patch: CrowdStrike sparks an auto-update debate
Automating software updates helps keep hackers at bay but can introduce op risk; banks balance the two
People: Masters moves into FNZ, Two Sigma founders step back, and more
Latest job changes across the industry
Should banks risk lightning hitting twice for CrowdStrike?
Bank tech teams divided on whether to give security vendor a second chance after update crash
Risk management overhauls juggle speed and independence
Some banks say the 1.5 line of defence responds faster to risk, but supervisors are still divided
CrowdStrike outage spurs rethink on ‘critical’ vendors
Some want US regulators to designate tech firms that pose risks to financial stability
Between the lines: why banks are rethinking risk management
Lloyds is not the only bank wanting to reshuffle the three lines of defence as tech risks grow
For G-Sibs managing cyber outages, confidence makes the difference
IT disruption drops among top G-Sib concerns this year, as banks revamp models and retool risk indicators
Information security: mind the first-line gap
G-Sibs’ second-line cyber teams still growing, survey shows; others are overhauling KRIs and switching vendors
Insurers deny cyber premiums are rising
Contrary to banks’ complaints, underwriters and brokers claim current market for policies is soft
Derivatives trading halved amid CrowdStrike tech outage
With broker screens offline, G3 rates derivatives volumes plunged versus a normal Friday
Op Risk Benchmarking 2024: the G-Sibs
Eleven large banks feature in round II, with new data points on first-line risk teams, taxonomies and AI adoption