Cyber risk
EBA supports global op risk taxonomy, but it won’t happen soon
New EU framework designed to ease adoption by banks; other jurisdictions have different priorities
EU single portal faces battle to unify cyber incident reporting
Digital omnibus package accused of lacking ambition to truly streamline notification requirements
Treasury market urged to beef up operational resilience plans
NY Fed panel warns about impact of AI and reliance on critical third parties
How conflict sharpened Israel’s role in cyber security
Recent growth in offshoring of infosec comes despite regulatory focus on supply-chain resilience
Op risk data: For Yes Bank, no mercy over insider fraud
Also: Cracking Brazil’s Pix hacks, Macquarie fund fumble, and taxing time for Crédit Agricole. Data by ORX News
Quantum-readiness for the financial system: a road map
This paper provides a framework to support the financial system in the transition to quantum-safe cryptographic infrastructures, emphasising the need to start the transition today.
Cyber risk triggers alarm bells for credit portfolio managers
Attack on Jaguar Land Rover highlights difficulties modelling unpredictable impact of outages
First line of defence dominates third-party risk management
1LoD survey finds 86% of control functions think they have sole responsibility for vendors
Op risk data: 1MDB scandal still haunts Wall Street
Also: Woodford in hot water, Salesforce voice phishing hooks multiple firms. Data by ORX News
Dora delay leaves EU banks fighting for their audit rights
Regulation requires firms to expand scrutiny of critical vendors that haven’t yet been identified
CFTC operational resilience rules have ‘no chance’ of revival
Commissioner Johnson touts framework as response to Ion hack, but lawyers say it misses target
Op risk data: Santander takes hefty historic hit over PPI mis-selling
Also: Brazil’s cyber screw-up, Barclays’ AML mishap, and MAS metes out more AML fines. Data by ORX News
Regional banks favour scenario analysis over op risk modelling
Domestic and smaller regional players favour scenarios to gauge tail exposure; G-Sibs stick to modelling, for now
Ninety-one per cent of banks have specialist teams for resilience risk
Latest survey shows regulatory pressure is driving broader framing of resilience, beyond IT and cyber
Glass houses: US agencies urged to shore up cyber defences
Email hack at OCC raises concerns over more widespread frailty at regulators
Op risk data: GVA and Nobitex in geopolitical risk strikes
Also: UBS chief a target of third-party data hack, internal bank frauds in Asia. Data by ORX News
Regulators urged to use Dora reporting to track systemic risk
Risk Live: Bankers and regulator say governance requirements for new rules are complex to implement
Op risk data: Rates bait and switch incurs Capital One punishment
Also: Crypto firms suffer cyber setbacks, Umpqua in Ponzi play, and QSuper premium palaver. Data by ORX News
SEC faces debate over possible cull of cyber security rules
Lobby groups pushing for regulator to roll back disclosures, but investors take a different view
Are EU banks buying cloud from Lidl’s middle aisle?
As European banks seek to diversify from US cloud hyperscalers, a supermarket group is becoming an unlikely new supplier
Taking the sting out: exchanges and CCPs bolster scenario toolkits
As cyber threats ramp up, the world’s largest exchanges re-assume the worst