Banks
Banks curb frequency of GRC vendor reviews
Data shows drop in plans to pitch or switch vendors, amid tighter third-party rules – but TPRM bucks the trend
Regulators zero in on third-party risk, resilience
In latest survey, 35% of banks say watchdogs have “significantly increased” focus on third-party risk, with reports of arduous inspections and growing resource strain
More than one-quarter of banks overhaul third-party KRIs
Op Risk Benchmarking data shows more flux – and less confidence – in indicators tracking vendors versus other risks
Ninety-one per cent of banks have specialist teams for resilience risk
Latest survey shows regulatory pressure is driving broader framing of resilience, beyond IT and cyber
More than half of banks manage change as an operational risk
Others are moving to incorporate it into risk taxonomies, although some now treat it as a cause, citing supervisory guidance
Risk appetite breaches test development banks
MDBs also more likely to change services or strategy to reduce risk exposure, survey shows
Algos shrugged: AI uptake still lagging in bank op risk
Risk managers acknowledge transformative potential of artificial intelligence – most, from a safe distance
On resilience risk, banks prepare to let the bad times roll
Lenders bolster first-line teams and upskill boards as compliance with new rules bites
For banks, change risk is inevitable; managing it, optional
Regional bank survey shows steady growth of dedicated change risk functions and adoption of leading indicators
As supplier risk grows, banks check their third-party guest lists
Dora forces rethink of KRI and appetite frameworks amid reappraisal of what constitutes a key counterparty
Regionals built first-line defences pre-CrowdStrike
In-business risk teams vary in size and reporting lines, but outage fears are a constant
Public enemy number one: the threat to information security
Nearly half of domestic and regional banks report risk appetite breaches amid heightened sense of insecurity
Op Risk Benchmarking 2024: the banks
As threats grow and regulators bore down, focus shifts to the first line
Banks feel regulatory heat on op resilience
Op Risk Benchmarking: supervisors dial up reporting expectations and on-site inspections
Barking bank watchdogs don’t need to bite
Regional banks add staff, layer up controls to mitigate compliance risks
Execution & process errors: banks try to get beyond blunderdome
Mistakes mean more data for reporting, models and scenarios. But do banks learn from them?
Up to their necks in it: banks wrestle with change management
Banks recognise risks in transformation, but struggle to measure them
On cyber risk, regionals have no appetite for disruption
Smaller lenders fear outages and other IT bungles, as do regulators. So, what are they doing about it?
Maximum insecurity: banks tool up to meet cyber threat
Lenders confront “existential” threat of data leaks with bigger teams and better controls
Op Risk Benchmarking, round II: helping lenders borrow
From KRIs to four-eye checks, how do op risk frameworks at regional and domestic banks stack up?
New threats, old foibles prompt banks to switch GRC vendors
Op Risk Benchmarking: more than half of participants are reviewing or switching systems