Information security
FMIs create culture club for op risk
Exchanges and clearing houses seek to build risk resilience among front-line business, amid concerns of overreliance on second line of defence
Technology is a double-edged sword for FMIs
Exchanges and clearing houses rely on third-party vendors for vital systems, but outsourcing can also lead to duplication and waste
Evalueserve tames GenAI to boost client’s cyber underwriting
Firm’s insurance client adopts machine learning to interrogate risk posed by hackers
Cyber insurance costs expected to rise as loss ratios worsen
Recent ransomware and tech failure events could feed through into higher premiums this year
Top 10 op risks: Why cyber risk looms larger than its losses
Fast-moving threat landscape and increased supplier concentration keep infosec top of the table
Top 10 operational risks for 2025
The biggest op risks as chosen by senior practitioners – and what they’re doing about them
Top 10 op risks: cyber still top, but change management surges
AI-enhanced threats permeate this year’s top operational risks for financial firms, from infosec to geopolitics
Op risk data: Crypto hack bites Bybit; fat-finger flurry at Citi
Also: OKX gets AML scold, UK motor finance fiasco revs up. Data by ORX News
Op risk data: Mastercard schooled in £200m class action
Also: Mitsubishi copper crunch, TD tops 2024 op risk loss table. Data by ORX News
Regionals built first-line defences pre-CrowdStrike
In-business risk teams vary in size and reporting lines, but outage fears are a constant
Public enemy number one: the threat to information security
Nearly half of domestic and regional banks report risk appetite breaches amid heightened sense of insecurity
Op Risk Benchmarking 2024: the banks
As threats grow and regulators bore down, focus shifts to the first line
CFTC weighs third-party risk rules for CCPs
Clearing houses could be required to formally identify and monitor critical vendors
Banks feel regulatory heat on op resilience
Op Risk Benchmarking: supervisors dial up reporting expectations and on-site inspections
FSB promotes convergence on operational incident reporting
As global body proposes common reporting format, official says there may be an optimum time window
US cyber cops: report hacks without fear of sanction
Risk Live: Cyber incident reports won’t automatically be referred to regulators, investigators say
Banks must loosen up on ChatGPT use – risk chiefs
Risk Live: ’Shadow use’ and inability to attract new hires mean restricting access to GPTs is untenable
Should banks risk lightning hitting twice for CrowdStrike?
Bank tech teams divided on whether to give security vendor a second chance after update crash
Information security: mind the first-line gap
G-Sibs’ second-line cyber teams still growing, survey shows; others are overhauling KRIs and switching vendors
Insurers deny cyber premiums are rising
Contrary to banks’ complaints, underwriters and brokers claim current market for policies is soft
Op Risk Benchmarking 2024: the G-Sibs
Eleven large banks feature in round II, with new data points on first-line risk teams, taxonomies and AI adoption
AI hack threat forcing banks to review cyber controls
Risk Live: AI lowers barriers to entry for phishing, say firms; more common controls needed
Bank of America’s Kris Fador elected FS-ISAC board chair
Industry consortium for cyber security also adds new board directors from Swift, PNC, Truist and CME
Top 10 op risks: deepfakes drive rise in fraud fears
External fraud re-enters top 10 as artificial intelligence provides new tools for criminals